1 files changed, 8 insertions, 3 deletions

diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/AbstractAuthenticationManager.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/AbstractAuthenticationManager.java
index 1fb4bf6b..afadeb61 100644
--- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/AbstractAuthenticationManager.java
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/AbstractAuthenticationManager.java
@@ -256,12 +256,17 @@ public abstract class AbstractAuthenticationManager implements IAuthenticationMa
 			Enumeration<String> reqHeaderNames = httpReq.getHeaderNames();
 			while(reqHeaderNames.hasMoreElements()) { 
 				String paramName = reqHeaderNames.nextElement();
-				if (StringUtils.isNotEmpty(paramName) && reqHeaderWhiteListeForModules.contains(paramName.toLowerCase()) )
-					executionContext.put(paramName, StringEscapeUtils.escapeHtml4(httpReq.getHeader(paramName)));
+				if (StringUtils.isNotEmpty(paramName) 
+						&& at.gv.egiz.eaaf.core.impl.utils.ArrayUtils.containsCaseInsensitive(paramName, reqHeaderWhiteListeForModules) 
+						//reqHeaderWhiteListeForModules.contains(paramName.toLowerCase())
+					)
+					executionContext.put(paramName.toLowerCase(), StringEscapeUtils.escapeHtml4(httpReq.getHeader(paramName)));
 					
 			}			
 		}
 		
+
+		
 		//populate more IDP specific information to execution context
 		populateExecutionContext(executionContext, pendingReq, httpReq);
 				
@@ -269,7 +274,7 @@ public abstract class AbstractAuthenticationManager implements IAuthenticationMa
 		startProcessEngine(pendingReq, executionContext);
 		
 	}
-
+	
 	/**
 	 * 
 	 *