make reg-app compatible with Shibboleth SP

bwreg-service/src/main/java/edu/kit/scc/webreg/service/saml/SamlIdpServiceImpl.java

@@ -186,7 +186,7 @@ public class SamlIdpServiceImpl implements SamlIdpService {
 				if (matchService(serviceSamlSpEntity.getScript(), user, serviceSamlSpEntity)) {
 					logger.debug("SP matches: {}", service.getId());
 					
-					registry = registryDao.findByServiceAndUserAndStatus(service, user, RegistryStatus.ACTIVE);
+					registry = registryDao.findByServiceAndIdentityAndStatus(service, identity, RegistryStatus.ACTIVE);
 					if (registry != null) {
 						List<Object> objectList = checkRules(user, service, registry);
 						List<OverrideAccess> overrideAccessList = extractOverideAccess(objectList);
@@ -199,7 +199,7 @@ public class SamlIdpServiceImpl implements SamlIdpService {
 						filteredServiceSamlSpEntityList.add(serviceSamlSpEntity);
 					}
 					else {
-						registry = registryDao.findByServiceAndUserAndStatus(service, user, RegistryStatus.LOST_ACCESS);
+						registry = registryDao.findByServiceAndIdentityAndStatus(service, identity, RegistryStatus.LOST_ACCESS);
 						
 						if (registry != null) {
 							logger.info("Registration for user {} and service {} in state LOST_ACCESS, checking again", 
@@ -230,13 +230,16 @@ public class SamlIdpServiceImpl implements SamlIdpService {
 			
 		}
 		
+		// Redefine user to match registry
+		user = registry.getUser();
+		
 		Response samlResponse = ssoHelper.buildAuthnResponse(authnRequest, idpConfig.getEntityId());
 		
 		Assertion assertion = samlHelper.create(Assertion.class, Assertion.DEFAULT_ELEMENT_NAME);
 		assertion.setID(samlHelper.getRandomId());
 		assertion.setIssueInstant(new DateTime());
 		assertion.setIssuer(ssoHelper.buildIssuser(idpConfig.getEntityId()));
-		assertion.setSubject(ssoHelper.buildSubject(idpConfig, spMetadata, samlHelper.getRandomId(), NameID.TRANSIENT, authnRequest.getID()));
+		assertion.setSubject(ssoHelper.buildSubject(idpConfig, spMetadata, samlHelper.getRandomId(), NameID.TRANSIENT, authnRequest.getID(), authnRequest.getAssertionConsumerServiceURL()));
 		assertion.setConditions(ssoHelper.buildConditions(spMetadata));
 		assertion.getAttributeStatements().add(buildAttributeStatement(user, filteredServiceSamlSpEntityList, registry));
 		assertion.getAuthnStatements().add(ssoHelper.buildAuthnStatement((5L * 60L * 1000L)));

bwreg-service/src/main/java/edu/kit/scc/webreg/service/saml/SsoHelper.java

@@ -80,6 +80,7 @@ public class SsoHelper implements Serializable {
 		response.setInResponseTo(authnRequest.getID());
 		response.setVersion(SAMLVersion.VERSION_20);
 		response.setIssueInstant(new DateTime());
+		response.setDestination(authnRequest.getAssertionConsumerServiceURL());
 		
 		Issuer issuer = samlHelper.create(Issuer.class, Issuer.DEFAULT_ELEMENT_NAME);
 		issuer.setValue(spEntityId);
@@ -101,7 +102,7 @@ public class SsoHelper implements Serializable {
 	}
 	
 	public Subject buildSubject(SamlIdpConfigurationEntity idpConfig, SamlSpMetadataEntity spMetadata, 
-			String nameIdValue, String nameIdType, String inResponseTo) {
+			String nameIdValue, String nameIdType, String inResponseTo, String acs) {
 		NameID nameId = samlHelper.create(NameID.class, NameID.DEFAULT_ELEMENT_NAME);
 		nameId.setFormat(nameIdType);
 		nameId.setValue(nameIdValue);
@@ -111,6 +112,7 @@ public class SsoHelper implements Serializable {
 		SubjectConfirmationData scd = samlHelper.create(SubjectConfirmationData.class, SubjectConfirmationData.DEFAULT_ELEMENT_NAME);
 		scd.setNotOnOrAfter(new DateTime(System.currentTimeMillis() + (5L * 60L * 1000L)));
 		scd.setInResponseTo(inResponseTo);
+		scd.setRecipient(acs);
 		
 		SubjectConfirmation sc = samlHelper.create(SubjectConfirmation.class, SubjectConfirmation.DEFAULT_ELEMENT_NAME);
 		sc.setMethod(SubjectConfirmation.METHOD_BEARER);
@@ -160,6 +162,7 @@ public class SsoHelper implements Serializable {
 	
 	public AuthnStatement buildAuthnStatement(long validityInterval) {
 		AuthnContextClassRef accr = samlHelper.create(AuthnContextClassRef.class, AuthnContextClassRef.DEFAULT_ELEMENT_NAME);
+		accr.setAuthnContextClassRef(AuthnContext.PASSWORD_AUTHN_CTX);
 		AuthnContext ac = samlHelper.create(AuthnContext.class, AuthnContext.DEFAULT_ELEMENT_NAME);
 		ac.setAuthnContextClassRef(accr);
 		AuthnStatement as = samlHelper.create(AuthnStatement.class, AuthnStatement.DEFAULT_ELEMENT_NAME);