insure sso and slo from SAML2 work even when there are active ID-FF sessions.

2 files changed, 5 insertions, 3 deletions

diff --git a/lasso/saml-2.0/login.c b/lasso/saml-2.0/login.c
index 7748c70c..63ffd323 100644
--- a/lasso/saml-2.0/login.c
+++ b/lasso/saml-2.0/login.c
@@ -1134,7 +1134,7 @@ lasso_saml20_login_accept_sso(LassoLogin *login)
 	for (t = previous_assertions; t; t = g_list_next(t)) {
 		LassoSaml2Assertion *ta;
 
-		if (! LASSO_IS_SAML2_ASSERTION(t->data)) {
+		if (LASSO_IS_SAML2_ASSERTION(t->data) == FALSE) {
 			continue;
 		}
 
diff --git a/lasso/saml-2.0/logout.c b/lasso/saml-2.0/logout.c
index f8899af6..9175ebbf 100644
--- a/lasso/saml-2.0/logout.c
+++ b/lasso/saml-2.0/logout.c
@@ -378,7 +378,7 @@ lasso_saml20_logout_validate_request(LassoLogout *logout)
 
 	/* verify authentication */
 	assertion_n = lasso_session_get_assertion(profile->session, profile->remote_providerID);
-	if (assertion_n == NULL) {
+	if (LASSO_IS_SAML2_ASSERTION(assertion_n) == FALSE) {
 		message(G_LOG_LEVEL_WARNING, "%s has no assertion", profile->remote_providerID);
 		lasso_saml20_profile_set_response_status(profile,
 				LASSO_SAML2_STATUS_CODE_REQUEST_DENIED);
@@ -473,8 +473,10 @@ check_soap_support(gchar *key, LassoProvider *provider, LassoProfile *profile)
 		return; /* original service provider (initiated logout) */
 
 	assertion_n = lasso_session_get_assertion(profile->session, provider->ProviderID);
-	if (assertion_n == NULL)
+	if (LASSO_IS_SAML2_ASSERTION(assertion_n) == FALSE) {
 		return; /* not authenticated with this provider */
+	}
+
 	assertion = LASSO_SAML2_ASSERTION(assertion_n);
 
 	supported_profiles = lasso_provider_get_metadata_list(provider,