1 files changed, 14 insertions, 1 deletions

diff --git a/eidas_modules/authmodule-eIDAS-v2/checks/spotbugs-exclude.xml b/eidas_modules/authmodule-eIDAS-v2/checks/spotbugs-exclude.xml
index 375f73f4..15d62521 100644
--- a/eidas_modules/authmodule-eIDAS-v2/checks/spotbugs-exclude.xml
+++ b/eidas_modules/authmodule-eIDAS-v2/checks/spotbugs-exclude.xml
@@ -2,6 +2,13 @@
 <FindBugsFilter>
     <Match>
       <!-- Do not check code generated by Apache CXF framework -->
+      <Or>
+        <Class name="~szrservices.SZRException"/>
+        <Package name="~at[.]gv[.]bmi[.]namespace[.]zmr_su.*?" />
+      </Or>
+    </Match>
+    <Match>
+      <!-- Do not check code generated by Apache CXF framework -->
       <Class name="~szrservices.SZRException"/>
     </Match>
     <Match>
@@ -12,6 +19,12 @@
     </Match>
     <Match>
       <!-- CSFR protection is implemented by pendingRequestId that is an one-time token -->
+      <Class name="at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.controller.IdAustriaClientAuthSignalController" />
+      <Method name="performAuthentication" />
+      <Bug pattern="SPRING_CSRF_UNRESTRICTED_REQUEST_MAPPING" />               
+    </Match>
+    <Match>
+      <!-- CSFR protection is implemented by pendingRequestId that is an one-time token -->
       <Class name="at.asitplus.eidas.specific.modules.auth.eidas.v2.EidasSignalServlet" />
       <Method name="restoreEidasAuthProcess" />
       <Bug pattern="SPRING_CSRF_UNRESTRICTED_REQUEST_MAPPING" />               
@@ -25,7 +38,7 @@
     <Match>
       <!-- Redirect URL is only loaded from configuration -->
       <Class name="at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.GenerateAuthnRequestTask" />
-      <Method name="execute" />
+      <Method name="sendRedirect" />
       <Bug pattern="UNVALIDATED_REDIRECT" />               
     </Match>  
 </FindBugsFilter>