diff options
author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2014-02-06 15:42:53 +0100 |
---|---|---|
committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2014-02-06 15:42:53 +0100 |
commit | 1c567f6eb16fa10d3811fbaaf70c4ab04fb08077 (patch) | |
tree | 6b999ab47897622daddabfc9e4819bcc56ea00c9 /id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java | |
parent | f9b31bdc4781d6eca20bc2d993f08f6a4eb462f2 (diff) | |
download | moa-id-spss-1c567f6eb16fa10d3811fbaaf70c4ab04fb08077.tar.gz moa-id-spss-1c567f6eb16fa10d3811fbaaf70c4ab04fb08077.tar.bz2 moa-id-spss-1c567f6eb16fa10d3811fbaaf70c4ab04fb08077.zip |
BRZ:
-add SAML1 SourceID parameter in moa-id general
Bugfix:
-SSO target had an error in case of business-service
-OA with business-service whichout single sign-on produce an error
Diffstat (limited to 'id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java')
-rw-r--r-- | id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java | 43 |
1 files changed, 30 insertions, 13 deletions
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java index 1ea51652a..d7d97e5d4 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java @@ -32,10 +32,12 @@ import java.util.Map; import org.apache.log4j.Logger; +import at.gv.egovernment.moa.id.configuration.Constants; import at.gv.egovernment.moa.id.configuration.data.GeneralMOAIDConfig; import at.gv.egovernment.moa.id.configuration.data.pvp2.ContactForm; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; import at.gv.egovernment.moa.id.configuration.helper.StringHelper; +import at.gv.egovernment.moa.id.configuration.validation.CompanyNumberValidator; import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper; import at.gv.egovernment.moa.util.Base64Utils; import at.gv.egovernment.moa.util.MiscUtil; @@ -51,11 +53,11 @@ public class MOAConfigValidator { log.debug("Validate general MOA configuration"); - String check = form.getAlternativeSourceID(); + String check = form.getSaml1SourceID(); if (MiscUtil.isNotEmpty(check)) { if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { - log.warn("AlternativeSourceID contains potentail XSS characters: " + check); - errors.add(LanguageHelper.getErrorString("validation.general.AlternativeSourceID", + log.warn("SAML1 SourceID contains potentail XSS characters: " + check); + errors.add(LanguageHelper.getErrorString("validation.general.SAML1SourceID", new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); } } @@ -282,14 +284,14 @@ public class MOAConfigValidator { } } - check = form.getSsoIdentificationNumber(); - if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { - log.info("SSO IdentificationNumber is not valid: " + check); - errors.add(LanguageHelper.getErrorString("validation.general.sso.identificationnumber.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); - } - } +// check = form.getSsoIdentificationNumber(); +// if (MiscUtil.isNotEmpty(check)) { +// if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { +// log.info("SSO IdentificationNumber is not valid: " + check); +// errors.add(LanguageHelper.getErrorString("validation.general.sso.identificationnumber.valid", +// new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); +// } +// } check = form.getSsoPublicUrl(); if (MiscUtil.isNotEmpty(check)) { @@ -315,8 +317,23 @@ public class MOAConfigValidator { } else { if (!ValidationHelper.isValidAdminTarget(check)) { - log.info("Not valid SSO Target"); - errors.add(LanguageHelper.getErrorString("validation.general.sso.target.valid")); + + if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + log.warn("IdentificationNumber contains potentail XSS characters: " + check); + errors.add(LanguageHelper.getErrorString("validation.general.sso.target.valid", + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + } + + String num = check.replaceAll(" ", ""); + + if ( !(num.startsWith(Constants.IDENIFICATIONTYPE_FN) || + num.startsWith(Constants.IDENIFICATIONTYPE_ZVR) || + num.startsWith(Constants.IDENIFICATIONTYPE_ERSB) ) ) { + + log.info("Not valid SSO Target"); + errors.add(LanguageHelper.getErrorString("validation.general.sso.target.valid")); + } + } } |