summaryrefslogtreecommitdiff
path: root/eaaf_core/src
diff options
context:
space:
mode:
Diffstat (limited to 'eaaf_core/src')
-rw-r--r--eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/validation/CookieBasedRequestValidator.java6
1 files changed, 4 insertions, 2 deletions
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/validation/CookieBasedRequestValidator.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/validation/CookieBasedRequestValidator.java
index 98da0c46..4b69d17b 100644
--- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/validation/CookieBasedRequestValidator.java
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/validation/CookieBasedRequestValidator.java
@@ -46,12 +46,14 @@ public class CookieBasedRequestValidator implements IHttpRequestValidator {
if (StringUtils.isNotEmpty(storedAuthProcessIdentifier)) {
Cookie authProcessIdentifier = WebUtils.getCookie(httpReq, HTTP_COOKIE_SEC);
- if (storedAuthProcessIdentifier.equals(authProcessIdentifier.getValue())) {
+ if (authProcessIdentifier != null
+ && storedAuthProcessIdentifier.equals(authProcessIdentifier.getValue())) {
log.trace("Stored authentication-process HTTP cookie matches. Resume process ... ");
} else {
log.info("Stored authentication-process-Id:{} does not match to Id from HTTP cookie:{}",
- storedAuthProcessIdentifier, authProcessIdentifier);
+ storedAuthProcessIdentifier,
+ authProcessIdentifier != null ? authProcessIdentifier.toString() : " ---no cookie---");
throw new EaafSecurityException("process.80");
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-13 11:26:40 +0000