aboutsummaryrefslogtreecommitdiff
path: root/id/ConfigWebTool/src/main/java/at/gv
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2016-11-04 09:51:26 +0100
committerThomas Lenz <tlenz@iaik.tugraz.at>2016-11-04 09:51:26 +0100
commit72e86431b59c466673214d330bbd9baa295449cf (patch)
treef6e17783d0fe6250974e95c052b2c3afcf1bbd2e /id/ConfigWebTool/src/main/java/at/gv
parent518839d9ade1e97d878e494903e088a5b0cf0359 (diff)
downloadmoa-id-spss-72e86431b59c466673214d330bbd9baa295449cf.tar.gz
moa-id-spss-72e86431b59c466673214d330bbd9baa295449cf.tar.bz2
moa-id-spss-72e86431b59c466673214d330bbd9baa295449cf.zip
add hostname validation to httpclient 3.1, which is assumed by openSAML 2.x
Diffstat (limited to 'id/ConfigWebTool/src/main/java/at/gv')
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java11
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java3
2 files changed, 12 insertions, 2 deletions
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java
index c0cd971cf..05ce3344b 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java
@@ -524,6 +524,14 @@ public class ConfigurationProvider {
}
/**
+ * @return
+ */
+ private boolean isHostNameValidationEnabled() {
+ return Boolean.parseBoolean(props.getProperty("general.ssl.hostnamevalidation", "true"));
+
+ }
+
+ /**
* @return the context
*/
public ApplicationContext getContext() {
@@ -580,7 +588,8 @@ public class ConfigurationProvider {
null,
"pkix",
true,
- new String[]{"crl"});
+ new String[]{"crl"},
+ ConfigurationProvider.getInstance().isHostNameValidationEnabled());
httpClient.setCustomSSLTrustStore(metadataurl, protoSocketFactory);
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java
index 970785bdb..61a380188 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java
@@ -135,7 +135,8 @@ public class OAPVP2ConfigValidation {
null,
"pkix",
true,
- new String[]{"crl"});
+ new String[]{"crl"},
+ false);
httpClient.setCustomSSLTrustStore(
form.getMetaDataURL(),