From 1f76d31e8e8f5a7bc6cd5694b989955ddc2ddc58 Mon Sep 17 00:00:00 2001
From: Thomas <>
Date: Thu, 31 Mar 2022 13:00:02 +0200
Subject: feature(core): add deny-list for Spring DataBinder
This mitigates possible RCE attacked called "Spring4Shell"
---
connector/src/main/resources/applicationContext.xml | 2 ++
1 file changed, 2 insertions(+)
(limited to 'connector/src/main/resources')
diff --git a/connector/src/main/resources/applicationContext.xml b/connector/src/main/resources/applicationContext.xml
index ec8e79f4..5c5e245c 100644
--- a/connector/src/main/resources/applicationContext.xml
+++ b/connector/src/main/resources/applicationContext.xml
@@ -28,6 +28,8 @@
+
+
--
cgit v1.2.3
From 49a945fa17ee06f38ddada441df7a1f29c58e317 Mon Sep 17 00:00:00 2001
From: Thomas <>
Date: Fri, 1 Apr 2022 21:47:48 +0200
Subject: feat(szr): add configuration property to activate/deactivate
work-around for insertErnp in case of IDA mode
---
connector/src/main/resources/application.properties | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
(limited to 'connector/src/main/resources')
diff --git a/connector/src/main/resources/application.properties b/connector/src/main/resources/application.properties
index e7437840..73a258d7 100644
--- a/connector/src/main/resources/application.properties
+++ b/connector/src/main/resources/application.properties
@@ -100,7 +100,7 @@ eidas.ms.auth.eIDAS.szrclient.eidasbind.mds.inject=false
#Raw eIDAS Id data storage
eidas.ms.auth.eIDAS.szrclient.workarounds.eidmapping.revisionlog.active=true
-
+eidas.ms.auth.eIDAS.szrclient.workarounds.use.getidentitylink.for.ida=true
eidas.ms.auth.eIDAS.szrclient.params.setPlaceOfBirthIfAvailable=true
eidas.ms.auth.eIDAS.szrclient.params.setBirthNameIfAvailable=true
--
cgit v1.2.3