diff options
author | Florian Reimair <florian.reimair@iaik.tugraz.at> | 2016-01-12 15:57:30 +0100 |
---|---|---|
committer | Florian Reimair <florian.reimair@iaik.tugraz.at> | 2016-01-12 16:12:41 +0100 |
commit | 29f01a4975f637c26fbcd0b43a9c844d7d3d2e54 (patch) | |
tree | 5b22919d9791315b039a6afd8e01da8cd8673ada /id/moa-id-webgui/src/main/java/at/gv/egovernment | |
parent | 1092129203ea1f5c17ae8a10ec43f7907140759c (diff) | |
download | moa-id-spss-29f01a4975f637c26fbcd0b43a9c844d7d3d2e54.tar.gz moa-id-spss-29f01a4975f637c26fbcd0b43a9c844d7d3d2e54.tar.bz2 moa-id-spss-29f01a4975f637c26fbcd0b43a9c844d7d3d2e54.zip |
fetch requested attributes from configuration
Diffstat (limited to 'id/moa-id-webgui/src/main/java/at/gv/egovernment')
-rw-r--r-- | id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralSTORKConfigurationTask.java | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralSTORKConfigurationTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralSTORKConfigurationTask.java index c6086583a..1747e2207 100644 --- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralSTORKConfigurationTask.java +++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralSTORKConfigurationTask.java @@ -210,6 +210,7 @@ public static final List<String> KEYWHITELIST; for(String key : attributeList.keySet()) { if (key.endsWith(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_ATTRIBUTES_LIST_NAME)) { String value = attributeList.get(key); + value = value.replace("eidas/attributes/", ""); // since eIDaS attributes come with a "/", we need to exclude them from validation. TODO Or should we require the admin to escape them in the UI? if (!validatedAttributes.contains(value)) { if (ValidationHelper.containsPotentialCSSCharacter(value, true)) { log.warn("default attributes contains potentail XSS characters: " + value); @@ -219,7 +220,7 @@ public static final List<String> KEYWHITELIST; LanguageHelper.getErrorString("validation.stork.requestedattributes", new Object[] {ValidationHelper.getPotentialCSSCharacter(true)}))); } - if(!value.toLowerCase().matches("^[a-z0-9]*$")) { + if(!value.toLowerCase().matches("^[A-Za-z]*$")) { log.warn("default attributes do not match the requested format : " + value); errors.add(new ValidationObjectIdentifier( MOAIDConfigurationConstants.GENERAL_AUTH_STORK_QAA, |