From 9bd82038ef52b408231d7f9debc3722ff9a237f0 Mon Sep 17 00:00:00 2001
From: "c.heidemann" <c.heidemann@w0319063.2g.tj.rs>
Date: Tue, 7 Jun 2016 17:27:46 -0300
Subject: [PATCH] SAML Response is invalid message #1827

---
 .../idp/profile/builders/SamlProfileSamlAssertionBuilder.java   | 2 +-
 .../idp/profile/builders/SamlProfileSamlResponseBuilder.java    | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/cas-server-support-saml-idp/src/main/java/org/apereo/cas/support/saml/web/idp/profile/builders/SamlProfileSamlAssertionBuilder.java b/cas-server-support-saml-idp/src/main/java/org/apereo/cas/support/saml/web/idp/profile/builders/SamlProfileSamlAssertionBuilder.java
index e091db13c346..f9698501c5e6 100644
--- a/cas-server-support-saml-idp/src/main/java/org/apereo/cas/support/saml/web/idp/profile/builders/SamlProfileSamlAssertionBuilder.java
+++ b/cas-server-support-saml-idp/src/main/java/org/apereo/cas/support/saml/web/idp/profile/builders/SamlProfileSamlAssertionBuilder.java
@@ -68,7 +68,7 @@ public Assertion build(final AuthnRequest authnRequest, final HttpServletRequest
         statements.add(this.samlProfileSamlAttributeStatementBuilder.build(authnRequest, 
                 request, response, casAssertion, service, adaptor));
 
-        final String id = String.valueOf(Math.abs(new SecureRandom().nextLong()));
+        final String id = "_" + String.valueOf(Math.abs(new SecureRandom().nextLong()));
         final Assertion assertion = newAssertion(statements, this.entityId, ZonedDateTime.now(ZoneOffset.UTC), id);
         assertion.setSubject(this.samlProfileSamlSubjectBuilder.build(authnRequest, request, response, casAssertion, service, adaptor));
         assertion.setConditions(this.samlProfileSamlConditionsBuilder.build(authnRequest, 
diff --git a/cas-server-support-saml-idp/src/main/java/org/apereo/cas/support/saml/web/idp/profile/builders/SamlProfileSamlResponseBuilder.java b/cas-server-support-saml-idp/src/main/java/org/apereo/cas/support/saml/web/idp/profile/builders/SamlProfileSamlResponseBuilder.java
index e8f9300c54f1..6c44452d55bf 100644
--- a/cas-server-support-saml-idp/src/main/java/org/apereo/cas/support/saml/web/idp/profile/builders/SamlProfileSamlResponseBuilder.java
+++ b/cas-server-support-saml-idp/src/main/java/org/apereo/cas/support/saml/web/idp/profile/builders/SamlProfileSamlResponseBuilder.java
@@ -97,7 +97,7 @@ protected Response buildResponse(final Assertion assertion,
                                      final SamlRegisteredServiceServiceProviderMetadataFacade adaptor,
                                      final HttpServletRequest request, final HttpServletResponse response)
             throws SamlException {
-        final String id = String.valueOf(Math.abs(new SecureRandom().nextLong()));
+        final String id = "_" + String.valueOf(Math.abs(new SecureRandom().nextLong()));
         Response samlResponse = newResponse(id, ZonedDateTime.now(ZoneOffset.UTC), authnRequest.getID(), null);
         samlResponse.setVersion(SAMLVersion.VERSION_20);
         samlResponse.setIssuer(buildEntityIssuer());