set "https.cipherSuites" only if they are not set in user configuration

1 files changed, 12 insertions, 3 deletions

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java
index e1086bbd1..0c99d5ed4 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java
@@ -32,6 +32,7 @@ import at.gv.egovernment.moa.logging.LoggingContextManager;
 import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
 import at.gv.egovernment.moa.spss.server.iaik.config.IaikConfigurator;
 import at.gv.egovernment.moa.util.Constants;
+import at.gv.egovernment.moa.util.MiscUtil;
 
 /**
  * Web application initializer
@@ -99,9 +100,17 @@ public class MOAIDAuthInitializer {
 //        EDH-DSS-DES-CBC3-SHA		- 
 //        DES-CBC3-SHA				SSL_RSA_WITH_3DES_EDE_CBC_SHA
 
-        System.setProperty(
-              "https.cipherSuites",
-        	  "TLS_DH_anon_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,SSL_DH_anon_WITH_3DES_EDE_CBC_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA");
+        if (MiscUtil.isEmpty(System.getProperty("https.cipherSuites")))        
+        	System.setProperty(
+        			"https.cipherSuites",
+        			"TLS_DH_anon_WITH_AES_128_CBC_SHA" +
+        					",TLS_DHE_RSA_WITH_AES_128_CBC_SHA" +
+        					",TLS_DHE_DSS_WITH_AES_128_CBC_SHA" +
+        					",TLS_RSA_WITH_AES_128_CBC_SHA" +
+        					",TLS_RSA_WITH_AES_256_CBC_SHA" + 
+        					",SSL_DH_anon_WITH_3DES_EDE_CBC_SHA" +
+        					",SSL_RSA_WITH_3DES_EDE_CBC_SHA"
+        					);