3 files changed, 9 insertions, 12 deletions

diff --git a/lasso/id-ff/login.c b/lasso/id-ff/login.c
index 9ba1861d..96715f33 100644
--- a/lasso/id-ff/login.c
+++ b/lasso/id-ff/login.c
@@ -277,7 +277,8 @@ lasso_login_build_assertion(LassoLogin *login,
 	if (login->protocolProfile == LASSO_LOGIN_PROTOCOL_PROFILE_BRWS_POST || \
 			login->protocolProfile == LASSO_LOGIN_PROTOCOL_PROFILE_BRWS_LECP) {
 		/* only add assertion if response is an AuthnResponse */
-		LASSO_SAMLP_RESPONSE(profile->response)->Assertion = g_list_append(NULL, assertion);
+		LASSO_SAMLP_RESPONSE(profile->response)->Assertion = g_list_append(NULL,
+				g_object_ref(assertion));
 	}
 
 	lasso_login_assertion_add_discovery(login, assertion);
@@ -288,9 +289,8 @@ lasso_login_build_assertion(LassoLogin *login,
 	}
 	if (login->assertion)
 		lasso_node_destroy(LASSO_NODE(login->assertion));
-	login->assertion = LASSO_SAML_ASSERTION(g_object_ref(assertion));
-	lasso_session_add_assertion(profile->session, profile->remote_providerID,
-			g_object_ref(assertion));
+	login->assertion = LASSO_SAML_ASSERTION(assertion);
+	lasso_session_add_assertion(profile->session, profile->remote_providerID, assertion);
 
 	if (LASSO_SAMLP_REQUEST_ABSTRACT(profile->request)->MajorVersion == 1 && 
 			LASSO_SAMLP_REQUEST_ABSTRACT(profile->request)->MinorVersion < 2) {
@@ -656,8 +656,7 @@ lasso_login_accept_sso(LassoLogin *login)
 	if (assertion == NULL)
 		return LASSO_PROFILE_ERROR_MISSING_ASSERTION;
 
-	lasso_session_add_assertion(profile->session, profile->remote_providerID,
-			g_object_ref(assertion));
+	lasso_session_add_assertion(profile->session, profile->remote_providerID, assertion);
 
 	authentication_statement = LASSO_SAML_SUBJECT_STATEMENT_ABSTRACT(
 			assertion->AuthenticationStatement);
diff --git a/lasso/id-ff/session.c b/lasso/id-ff/session.c
index 82d81303..406e1217 100644
--- a/lasso/id-ff/session.c
+++ b/lasso/id-ff/session.c
@@ -63,7 +63,8 @@ lasso_session_add_assertion(LassoSession *session, char *providerID, LassoNode *
 	g_return_val_if_fail(providerID != NULL, LASSO_PARAM_ERROR_INVALID_VALUE);
 	g_return_val_if_fail(assertion != NULL, LASSO_PARAM_ERROR_INVALID_VALUE);
 
-	g_hash_table_insert(session->assertions, g_strdup(providerID), assertion);
+	g_hash_table_insert(session->assertions, g_strdup(providerID),
+			g_object_ref(assertion));
 
 	session->is_dirty = TRUE;
 
diff --git a/lasso/saml-2.0/login.c b/lasso/saml-2.0/login.c
index 551b997b..f83327da 100644
--- a/lasso/saml-2.0/login.c
+++ b/lasso/saml-2.0/login.c
@@ -858,9 +858,7 @@ lasso_saml20_login_build_assertion(LassoLogin *login,
 		profile->session = lasso_session_new();
 	}
 
-	lasso_session_add_assertion(profile->session,
-			profile->remote_providerID,
-			g_object_ref(assertion));
+	lasso_session_add_assertion(profile->session, profile->remote_providerID, assertion);
 
 	response = LASSO_SAMLP2_RESPONSE(profile->response);
 	response->Assertion = g_list_append(NULL, assertion);
@@ -1355,8 +1353,7 @@ lasso_saml20_login_accept_sso(LassoLogin *login)
 	}
 	g_list_free(previous_assertions);
 
-	lasso_session_add_assertion(profile->session, profile->remote_providerID,
-			g_object_ref(assertion));
+	lasso_session_add_assertion(profile->session, profile->remote_providerID, assertion);
 
 	if (assertion->Subject && assertion->Subject->NameID) {
 		ni = assertion->Subject->NameID;