diff options
| author | Thomas <> | 2022-01-09 12:33:21 +0100 |
|---|---|---|
| committer | Thomas <> | 2022-01-09 12:33:21 +0100 |
| commit | 6fcfe3946fb8c252f9b7a4961720dd851f720f9a (patch) | |
| tree | 3747a95cedad0f3c39e0ba6def543db608cc68ca /eaaf_modules/eaaf_module_pvp2_idp/src | |
| parent | 5bdcf4b0298da05efb06eb84acdb188e4313df75 (diff) | |
| download | EAAF-Components-6fcfe3946fb8c252f9b7a4961720dd851f720f9a.tar.gz EAAF-Components-6fcfe3946fb8c252f9b7a4961720dd851f720f9a.tar.bz2 EAAF-Components-6fcfe3946fb8c252f9b7a4961720dd851f720f9a.zip | |
refactor(core): update to latest version of Velocity engine
Diffstat (limited to 'eaaf_modules/eaaf_module_pvp2_idp/src')
| -rw-r--r-- | eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AbstractPvp2XProtocol.java | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AbstractPvp2XProtocol.java b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AbstractPvp2XProtocol.java index 2e30dcd9..63c8c99a 100644 --- a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AbstractPvp2XProtocol.java +++ b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AbstractPvp2XProtocol.java @@ -27,8 +27,8 @@ import javax.annotation.PostConstruct; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import org.apache.commons.lang.StringEscapeUtils; import org.apache.commons.lang3.StringUtils; +import org.apache.commons.text.StringEscapeUtils; import org.opensaml.saml.common.xml.SAMLConstants; import org.opensaml.saml.saml2.core.AuthnRequest; import org.opensaml.saml.saml2.core.Issuer; @@ -134,11 +134,11 @@ public abstract class AbstractPvp2XProtocol extends AbstractController implement if (e instanceof NoPassivAuthenticationException) { statusCode.setValue(StatusCode.NO_PASSIVE); - statusMessage.setMessage(StringEscapeUtils.escapeXml(e.getLocalizedMessage())); + statusMessage.setMessage(StringEscapeUtils.escapeXml11(e.getLocalizedMessage())); } else if (e instanceof NameIdFormatNotSupportedException) { statusCode.setValue(StatusCode.INVALID_NAMEID_POLICY); - statusMessage.setMessage(StringEscapeUtils.escapeXml(e.getLocalizedMessage())); + statusMessage.setMessage(StringEscapeUtils.escapeXml11(e.getLocalizedMessage())); } else if (e instanceof SloException) { // SLOExecpetions only occurs if session information is lost @@ -149,7 +149,7 @@ public abstract class AbstractPvp2XProtocol extends AbstractController implement statusCode.setValue(ex.getStatusCodeValue()); final String statusMessageValue = ex.getStatusMessageValue(); if (statusMessageValue != null) { - statusMessage.setMessage(StringEscapeUtils.escapeXml(statusMessageValue)); + statusMessage.setMessage(StringEscapeUtils.escapeXml11(statusMessageValue)); } @@ -157,7 +157,7 @@ public abstract class AbstractPvp2XProtocol extends AbstractController implement } else { statusCode.setValue(StatusCode.RESPONDER); - statusMessage.setMessage(StringEscapeUtils.escapeXml(e.getLocalizedMessage())); + statusMessage.setMessage(StringEscapeUtils.escapeXml11(e.getLocalizedMessage())); internalErrorCode = statusMessager.getResponseErrorCode(e); } @@ -531,7 +531,7 @@ public abstract class AbstractPvp2XProtocol extends AbstractController implement log.info( "Dispatch PVP2 AuthnRequest: OAURL=" + oaUrl + " Binding=" + consumerService.getBinding()); - pendingReq.setSpEntityId(StringEscapeUtils.escapeHtml(oaUrl)); + pendingReq.setSpEntityId(StringEscapeUtils.escapeHtml4(oaUrl)); pendingReq.setOnlineApplicationConfiguration( authConfig.getServiceProviderConfiguration(pendingReq.getSpEntityId())); pendingReq.setBinding(consumerService.getBinding()); |