<?xml version="1.0" encoding="UTF-8"?>
<FindBugsFilter>
    <Match>
      <!-- allow SHA-1, because transient SubjectNameIDs should have the same pattern as bPKs -->
      <Class name="at.gv.egiz.eaaf.modules.pvp2.idp.impl.builder.Pvp2AssertionBuilder"/>
      <Method name="buildAssertion" />
      <Bug pattern="WEAK_MESSAGE_DIGEST_SHA1" />
    </Match>
    <Match>
      <!-- allow logging of SAML2 request parameters -->
      <Class name="at.gv.egiz.eaaf.modules.pvp2.idp.impl.AbstractPvp2XProtocol"/>
      <Bug pattern="CRLF_INJECTION_LOGS" />
    </Match>
</FindBugsFilter>