1 files changed, 6 insertions, 7 deletions

diff --git a/eaaf_core/checks/spotbugs-exclude.xml b/eaaf_core/checks/spotbugs-exclude.xml
index aa11a955..70f27b81 100644
--- a/eaaf_core/checks/spotbugs-exclude.xml
+++ b/eaaf_core/checks/spotbugs-exclude.xml
@@ -1,13 +1,6 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <FindBugsFilter>
     <Match>
-      <!-- bPK requires SHA1 from specification -->
-      <Class name="at.gv.egiz.eaaf.core.impl.idp.auth.builder.BpkBuilder" />
-      <OR>
-        <Bug pattern="WEAK_MESSAGE_DIGEST_SHA1" />        
-      </OR>        
-    </Match>
-    <Match>
       <!-- only redirects to internal addresses -->
       <Class name="at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask"/>
       <Method name="performRedirectToItself" />
@@ -26,6 +19,12 @@
       <Bug pattern="SPRING_CSRF_UNRESTRICTED_REQUEST_MAPPING" />
     </Match>
     <Match>
+      <!-- the ErrorToken is only single-used as same as a CSRF token -->
+      <Class name="at.gv.egiz.eaaf.core.impl.idp.controller.ProtocolFinalizationController"/>
+      <Method name="errorRedirect" />
+      <Bug pattern="SPRING_CSRF_UNRESTRICTED_REQUEST_MAPPING" />
+    </Match>
+    <Match>
       <!-- Only used to evaluate expressions from pre-compiled process-flows -->
       <OR>
         <Class name="at.gv.egiz.eaaf.core.impl.idp.process.springweb.SpringWebExpressionEvaluator"/>