diff options
| author | Thomas Lenz <thomas.lenz@egiz.gv.at> | 2018-07-23 08:53:53 +0200 |
|---|---|---|
| committer | Thomas Lenz <thomas.lenz@egiz.gv.at> | 2018-07-23 08:53:53 +0200 |
| commit | b3e812dbac60546daff66fa0f6c53e42030921bb (patch) | |
| tree | e33feab50eb3000aa43568b14ae066972eea56ad | |
| parent | cca12e684850ae48dabb8805bbb0699863a89e40 (diff) | |
| download | National_eIDAS_Gateway-b3e812dbac60546daff66fa0f6c53e42030921bb.tar.gz National_eIDAS_Gateway-b3e812dbac60546daff66fa0f6c53e42030921bb.tar.bz2 National_eIDAS_Gateway-b3e812dbac60546daff66fa0f6c53e42030921bb.zip | |
add flag to deactivate request URL validation. If it is disabled, the publicURLPrefix from configuration is always used
2 files changed, 12 insertions, 5 deletions
diff --git a/connector_lib/src/main/java/at/gv/egiz/eidas/specific/connector/MSeIDASNodeConstants.java b/connector_lib/src/main/java/at/gv/egiz/eidas/specific/connector/MSeIDASNodeConstants.java index 968bd3ae..68c39a53 100644 --- a/connector_lib/src/main/java/at/gv/egiz/eidas/specific/connector/MSeIDASNodeConstants.java +++ b/connector_lib/src/main/java/at/gv/egiz/eidas/specific/connector/MSeIDASNodeConstants.java @@ -8,6 +8,7 @@ public class MSeIDASNodeConstants { // ************ configuration properties ************ public static final String PROP_CONFIG_APPLICATION_PREFIX = "eidas.ms."; public static final String PROP_CONFIG_APPLICATION_PUBLIC_URL_PREFIX = "context.url.prefix"; + public static final String PROP_CONFIG_APPLICATION_PUBLIC_URL_REQUEST_VALIDATION = "context.url.request.validation"; private static final String PROP_CONFIG_PVP2_PREFIX = "pvp2."; public static final String PROP_CONFIG_PVP2_KEYSTORE_PATH = PROP_CONFIG_PVP2_PREFIX + "keystore.path"; diff --git a/connector_lib/src/main/java/at/gv/egiz/eidas/specific/connector/config/BasicConfigurationProvider.java b/connector_lib/src/main/java/at/gv/egiz/eidas/specific/connector/config/BasicConfigurationProvider.java index 4609c73a..553cebc2 100644 --- a/connector_lib/src/main/java/at/gv/egiz/eidas/specific/connector/config/BasicConfigurationProvider.java +++ b/connector_lib/src/main/java/at/gv/egiz/eidas/specific/connector/config/BasicConfigurationProvider.java @@ -92,12 +92,18 @@ public class BasicConfigurationProvider extends AbstractConfigurationImpl{ if (urlPrefixFromConfig.endsWith("/")) urlPrefixFromConfig = urlPrefixFromConfig.substring(0, urlPrefixFromConfig.length()-1); - if (url != null && url.toExternalForm().startsWith(urlPrefixFromConfig)) + if (getBasicMOAIDConfigurationBoolean( + MSeIDASNodeConstants.PROP_CONFIG_APPLICATION_PUBLIC_URL_REQUEST_VALIDATION, false)) { + if (url != null && url.toExternalForm().startsWith(urlPrefixFromConfig)) + return urlPrefixFromConfig; + + log.info("URL: " + url + " does NOT match to allowed application prefix: " + urlPrefixFromConfig); + return null; + + } else { return urlPrefixFromConfig; - - - log.info("URL: " + url + " does NOT match to allowed application prefix: " + urlPrefixFromConfig); - return null; + + } } @Override |