BRZ:

-add SAML1 SourceID parameter in moa-id general Bugfix: -SSO target had an error in case of business-service -OA with business-service whichout single sign-on produce an error
author: Thomas Lenz <tlenz@iaik.tugraz.at> 2014-02-06 15:42:53 +0100
committer: Thomas Lenz <tlenz@iaik.tugraz.at> 2014-02-06 15:42:53 +0100
commit: 1c567f6eb16fa10d3811fbaaf70c4ab04fb08077 (patch)
tree: 6b999ab47897622daddabfc9e4819bcc56ea00c9 /id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java
parent: f9b31bdc4781d6eca20bc2d993f08f6a4eb462f2 (diff)
download: moa-id-spss-1c567f6eb16fa10d3811fbaaf70c4ab04fb08077.tar.gz
moa-id-spss-1c567f6eb16fa10d3811fbaaf70c4ab04fb08077.tar.bz2
moa-id-spss-1c567f6eb16fa10d3811fbaaf70c4ab04fb08077.zip
1 files changed, 30 insertions, 13 deletions
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java
index 1ea51652a..d7d97e5d4 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java
@@ -32,10 +32,12 @@ import java.util.Map;
 
 import org.apache.log4j.Logger;
 
+import at.gv.egovernment.moa.id.configuration.Constants;
 import at.gv.egovernment.moa.id.configuration.data.GeneralMOAIDConfig;
 import at.gv.egovernment.moa.id.configuration.data.pvp2.ContactForm;
 import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
 import at.gv.egovernment.moa.id.configuration.helper.StringHelper;
+import at.gv.egovernment.moa.id.configuration.validation.CompanyNumberValidator;
 import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper;
 import at.gv.egovernment.moa.util.Base64Utils;
 import at.gv.egovernment.moa.util.MiscUtil;
@@ -51,11 +53,11 @@ public class MOAConfigValidator {
 		log.debug("Validate general MOA configuration");
 		
 	
-		String check = form.getAlternativeSourceID();
+		String check = form.getSaml1SourceID();
 		if (MiscUtil.isNotEmpty(check)) {
 			if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
-				log.warn("AlternativeSourceID contains potentail XSS characters: " + check);
-				errors.add(LanguageHelper.getErrorString("validation.general.AlternativeSourceID", 
+				log.warn("SAML1 SourceID contains potentail XSS characters: " + check);
+				errors.add(LanguageHelper.getErrorString("validation.general.SAML1SourceID", 
 						new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
 			}
 		}
@@ -282,14 +284,14 @@ public class MOAConfigValidator {
 			}
 		}
 		
-		check = form.getSsoIdentificationNumber();
-		if (MiscUtil.isNotEmpty(check)) {
-			if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
-				log.info("SSO IdentificationNumber is not valid: " + check);
-				errors.add(LanguageHelper.getErrorString("validation.general.sso.identificationnumber.valid", 
-						new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
-			}
-		}
+//		check = form.getSsoIdentificationNumber();
+//		if (MiscUtil.isNotEmpty(check)) {
+//			if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+//				log.info("SSO IdentificationNumber is not valid: " + check);
+//				errors.add(LanguageHelper.getErrorString("validation.general.sso.identificationnumber.valid", 
+//						new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+//			}
+//		}
 		
 		check = form.getSsoPublicUrl();
 		if (MiscUtil.isNotEmpty(check)) {
@@ -315,8 +317,23 @@ public class MOAConfigValidator {
 			
 		} else {
 			if (!ValidationHelper.isValidAdminTarget(check)) {
-				log.info("Not valid SSO Target");
-				errors.add(LanguageHelper.getErrorString("validation.general.sso.target.valid"));
+				
+				if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+					log.warn("IdentificationNumber contains potentail XSS characters: " + check);
+					errors.add(LanguageHelper.getErrorString("validation.general.sso.target.valid", 
+							new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+				}
+				
+				String num = check.replaceAll(" ", "");
+				
+				if ( !(num.startsWith(Constants.IDENIFICATIONTYPE_FN) || 
+						num.startsWith(Constants.IDENIFICATIONTYPE_ZVR) ||
+							num.startsWith(Constants.IDENIFICATIONTYPE_ERSB) ) ) {
+					
+					log.info("Not valid SSO Target");
+					errors.add(LanguageHelper.getErrorString("validation.general.sso.target.valid"));
+				}
+								
 			}
 		}
author	Thomas Lenz <tlenz@iaik.tugraz.at>	2014-02-06 15:42:53 +0100
committer	Thomas Lenz <tlenz@iaik.tugraz.at>	2014-02-06 15:42:53 +0100
commit	1c567f6eb16fa10d3811fbaaf70c4ab04fb08077 (patch)
tree	6b999ab47897622daddabfc9e4819bcc56ea00c9 /id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java
parent	f9b31bdc4781d6eca20bc2d993f08f6a4eb462f2 (diff)
download	moa-id-spss-1c567f6eb16fa10d3811fbaaf70c4ab04fb08077.tar.gz moa-id-spss-1c567f6eb16fa10d3811fbaaf70c4ab04fb08077.tar.bz2 moa-id-spss-1c567f6eb16fa10d3811fbaaf70c4ab04fb08077.zip