From 1f76d31e8e8f5a7bc6cd5694b989955ddc2ddc58 Mon Sep 17 00:00:00 2001
From: Thomas <>
Date: Thu, 31 Mar 2022 13:00:02 +0200
Subject: feature(core): add deny-list for Spring DataBinder

     This mitigates possible RCE attacked called "Spring4Shell"
---
 connector/src/main/resources/applicationContext.xml | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'connector')
diff --git a/connector/src/main/resources/applicationContext.xml b/connector/src/main/resources/applicationContext.xml
index ec8e79f4..5c5e245c 100644
--- a/connector/src/main/resources/applicationContext.xml
+++ b/connector/src/main/resources/applicationContext.xml
@@ -28,6 +28,8 @@
   <bean id="springContextClosingHandler"
         class="at.asitplus.eidas.specific.core.SpringContextCloseHandler" />
 
+  <bean class="at.asitplus.eidas.specific.core.controller.DataBinderControllerAdvice" />
+
   <beans profile="deprecatedConfig">
   <bean id="BasicMSSpecificNodeConfig"
     class="at.asitplus.eidas.specific.core.config.BasicConfigurationProvider">
-- 
cgit v1.2.3


From 9c732c794b99e1bd64efd584f5becaae76025de0 Mon Sep 17 00:00:00 2001
From: Thomas <>
Date: Thu, 31 Mar 2022 14:38:17 +0200
Subject: refactor(core): remove deprecated operations on openSAML4 API

---
 .../eidas/specific/connector/config/PvpEndPointConfiguration.java | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'connector')

diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/config/PvpEndPointConfiguration.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/config/PvpEndPointConfiguration.java
index c62cbeef..81c37bd0 100644
--- a/connector/src/main/java/at/asitplus/eidas/specific/connector/config/PvpEndPointConfiguration.java
+++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/config/PvpEndPointConfiguration.java
@@ -89,11 +89,11 @@ public class PvpEndPointConfiguration implements IPvp2BasicConfiguration {
     final SurName surname = Saml2Utils.createSamlObject(SurName.class);
     final EmailAddress emailAddress = Saml2Utils.createSamlObject(EmailAddress.class);
 
-    givenName.setName(getAndVerifyFromConfiguration(
+    givenName.setValue(getAndVerifyFromConfiguration(
         MsEidasNodeConstants.CONFIG_PROPS_METADATA_CONTACT_GIVENNAME));
-    surname.setName(getAndVerifyFromConfiguration(
+    surname.setValue(getAndVerifyFromConfiguration(
         MsEidasNodeConstants.CONFIG_PROPS_METADATA_CONTACT_SURNAME));
-    emailAddress.setAddress(getAndVerifyFromConfiguration(
+    emailAddress.setURI(getAndVerifyFromConfiguration(
         MsEidasNodeConstants.CONFIG_PROPS_METADATA_CONTACT_EMAIL));
 
     contactPerson.setType(ContactPersonTypeEnumeration.TECHNICAL);
@@ -121,7 +121,7 @@ public class PvpEndPointConfiguration implements IPvp2BasicConfiguration {
         MsEidasNodeConstants.CONFIG_PROPS_METADATA_ORGANISATION_FRIENDLYNAME));
 
     orgUrl.setXMLLang(DEFAULT_XML_LANG);
-    orgUrl.setValue(getAndVerifyFromConfiguration(
+    orgUrl.setURI(getAndVerifyFromConfiguration(
         MsEidasNodeConstants.CONFIG_PROPS_METADATA_ORGANISATION_URL));
 
 
-- 
cgit v1.2.3

