diff options
2 files changed, 12 insertions, 5 deletions
diff --git a/connector_lib/src/main/java/at/gv/egiz/eidas/specific/connector/MSeIDASNodeConstants.java b/connector_lib/src/main/java/at/gv/egiz/eidas/specific/connector/MSeIDASNodeConstants.java index 968bd3ae..68c39a53 100644 --- a/connector_lib/src/main/java/at/gv/egiz/eidas/specific/connector/MSeIDASNodeConstants.java +++ b/connector_lib/src/main/java/at/gv/egiz/eidas/specific/connector/MSeIDASNodeConstants.java @@ -8,6 +8,7 @@ public class MSeIDASNodeConstants { // ************ configuration properties ************ public static final String PROP_CONFIG_APPLICATION_PREFIX = "eidas.ms."; public static final String PROP_CONFIG_APPLICATION_PUBLIC_URL_PREFIX = "context.url.prefix"; + public static final String PROP_CONFIG_APPLICATION_PUBLIC_URL_REQUEST_VALIDATION = "context.url.request.validation"; private static final String PROP_CONFIG_PVP2_PREFIX = "pvp2."; public static final String PROP_CONFIG_PVP2_KEYSTORE_PATH = PROP_CONFIG_PVP2_PREFIX + "keystore.path"; diff --git a/connector_lib/src/main/java/at/gv/egiz/eidas/specific/connector/config/BasicConfigurationProvider.java b/connector_lib/src/main/java/at/gv/egiz/eidas/specific/connector/config/BasicConfigurationProvider.java index 4609c73a..553cebc2 100644 --- a/connector_lib/src/main/java/at/gv/egiz/eidas/specific/connector/config/BasicConfigurationProvider.java +++ b/connector_lib/src/main/java/at/gv/egiz/eidas/specific/connector/config/BasicConfigurationProvider.java @@ -92,12 +92,18 @@ public class BasicConfigurationProvider extends AbstractConfigurationImpl{ if (urlPrefixFromConfig.endsWith("/")) urlPrefixFromConfig = urlPrefixFromConfig.substring(0, urlPrefixFromConfig.length()-1); - if (url != null && url.toExternalForm().startsWith(urlPrefixFromConfig)) + if (getBasicMOAIDConfigurationBoolean( + MSeIDASNodeConstants.PROP_CONFIG_APPLICATION_PUBLIC_URL_REQUEST_VALIDATION, false)) { + if (url != null && url.toExternalForm().startsWith(urlPrefixFromConfig)) + return urlPrefixFromConfig; + + log.info("URL: " + url + " does NOT match to allowed application prefix: " + urlPrefixFromConfig); + return null; + + } else { return urlPrefixFromConfig; - - - log.info("URL: " + url + " does NOT match to allowed application prefix: " + urlPrefixFromConfig); - return null; + + } } @Override |