diff options
| -rw-r--r-- | eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java | 16 |
1 files changed, 12 insertions, 4 deletions
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java index 65041c92..4ec9f028 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java @@ -518,11 +518,9 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer @NonNull final HttpServletResponse httpResp, @NonNull final String msg, @NonNull final String errorCode, @Nullable final Object[] params, String externalErrorCode, IErrorService.IHandleData errorData) throws EaafException { - try { - final IGuiBuilderConfiguration config = guiConfigFactory - .getDefaultErrorGui(HttpUtils.extractAuthUrlStringFromRequest(httpReq)); - + final IGuiBuilderConfiguration config = guiConfigFactory.getDefaultErrorGui( + getValidatedAuthUrl(httpReq)); String[] errorCodeParams = null; if (params == null) { @@ -628,4 +626,14 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer } + private String getValidatedAuthUrl(HttpServletRequest httpReq) { + try { + return authConfig.validateIdpUrl(HttpUtils.extractAuthUrlFromRequest(httpReq)); + + } catch (EaafException e) { + log.warn("Request URL validation failed. Does not use it", e); + return "not://defined"; + + } + } } |