From bcd104763e91e1bfd759de4e83fdbd565747cbf7 Mon Sep 17 00:00:00 2001 From: Josh Cummings Date: Mon, 23 May 2022 16:00:15 -0600 Subject: [PATCH] Remove duplicate check Closes gh-11192 --- .../servlet/filter/Saml2WebSsoAuthenticationFilter.java | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/servlet/filter/Saml2WebSsoAuthenticationFilter.java b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/servlet/filter/Saml2WebSsoAuthenticationFilter.java index 708af40cb6..801444b978 100644 --- a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/servlet/filter/Saml2WebSsoAuthenticationFilter.java +++ b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/servlet/filter/Saml2WebSsoAuthenticationFilter.java @@ -24,7 +24,6 @@ import org.springframework.security.core.Authentication; import org.springframework.security.core.AuthenticationException; import org.springframework.security.saml2.core.Saml2Error; import org.springframework.security.saml2.core.Saml2ErrorCodes; -import org.springframework.security.saml2.core.Saml2ParameterNames; import org.springframework.security.saml2.provider.service.authentication.AbstractSaml2AuthenticationRequest; import org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationException; import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository; @@ -37,7 +36,6 @@ import org.springframework.security.web.authentication.AbstractAuthenticationPro import org.springframework.security.web.authentication.AuthenticationConverter; import org.springframework.security.web.authentication.session.ChangeSessionIdAuthenticationStrategy; import org.springframework.util.Assert; -import org.springframework.util.StringUtils; /** * @since 5.2 @@ -95,8 +93,7 @@ public class Saml2WebSsoAuthenticationFilter extends AbstractAuthenticationProce @Override protected boolean requiresAuthentication(HttpServletRequest request, HttpServletResponse response) { - return (super.requiresAuthentication(request, response) - && StringUtils.hasText(request.getParameter(Saml2ParameterNames.SAML_RESPONSE))); + return super.requiresAuthentication(request, response); } @Override