check SAML2 metadata URL against publicService flag

1 files changed, 10 insertions, 2 deletions

diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java
index 98d500526..62fc83ab9 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java
@@ -30,6 +30,7 @@ import java.util.ArrayList;
 import java.util.List;
 import java.util.Timer;
 
+import javax.net.ssl.SSLHandshakeException;
 import javax.servlet.http.HttpServletRequest;
 
 import org.apache.commons.httpclient.MOAHttpClient;
@@ -142,8 +143,15 @@ public class OAPVP2ConfigValidation {
 			errors.add(LanguageHelper.getErrorString("validation.pvp2.metadataurl.read", request));
 			
 		} catch (MetadataProviderException e) {
-			log.info("MetaDate verification failed");
-			errors.add(LanguageHelper.getErrorString("validation.pvp2.metadata.verify", request));
+			
+			if (e.getCause() != null && e.getCause().getCause() instanceof SSLHandshakeException) {
+				log.info("SSL Server certificate not trusted.", e);
+				errors.add(LanguageHelper.getErrorString("validation.pvp2.metadata.ssl", request));
+				
+			} else {			
+				log.info("MetaDate verification failed", e);
+				errors.add(LanguageHelper.getErrorString("validation.pvp2.metadata.verify", request));
+			}
 			
 		} finally {			
 			if (httpProvider != null)