aboutsummaryrefslogtreecommitdiff
path: root/id/moa-id-webgui/src
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2016-01-13 08:36:55 +0100
committerThomas Lenz <tlenz@iaik.tugraz.at>2016-01-13 08:36:55 +0100
commitfc19526f8e32ad2de2df5ea60263f8d1c2355b88 (patch)
tree11fa54ea89f0566995a067171118078a2dbab711 /id/moa-id-webgui/src
parent05e959fac7cca57540a768afb81fb06c3a0ae121 (diff)
parent29f01a4975f637c26fbcd0b43a9c844d7d3d2e54 (diff)
downloadmoa-id-spss-fc19526f8e32ad2de2df5ea60263f8d1c2355b88.tar.gz
moa-id-spss-fc19526f8e32ad2de2df5ea60263f8d1c2355b88.tar.bz2
moa-id-spss-fc19526f8e32ad2de2df5ea60263f8d1c2355b88.zip
Merge branch 'eSense_eIDAS_development' of gitlab.iaik.tugraz.at:afitzek/moa-idspss into eSense_eIDAS_development
Diffstat (limited to 'id/moa-id-webgui/src')
-rw-r--r--id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralSTORKConfigurationTask.java3
1 files changed, 2 insertions, 1 deletions
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralSTORKConfigurationTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralSTORKConfigurationTask.java
index c6086583a..1747e2207 100644
--- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralSTORKConfigurationTask.java
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralSTORKConfigurationTask.java
@@ -210,6 +210,7 @@ public static final List<String> KEYWHITELIST;
for(String key : attributeList.keySet()) {
if (key.endsWith(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_ATTRIBUTES_LIST_NAME)) {
String value = attributeList.get(key);
+ value = value.replace("eidas/attributes/", ""); // since eIDaS attributes come with a "/", we need to exclude them from validation. TODO Or should we require the admin to escape them in the UI?
if (!validatedAttributes.contains(value)) {
if (ValidationHelper.containsPotentialCSSCharacter(value, true)) {
log.warn("default attributes contains potentail XSS characters: " + value);
@@ -219,7 +220,7 @@ public static final List<String> KEYWHITELIST;
LanguageHelper.getErrorString("validation.stork.requestedattributes",
new Object[] {ValidationHelper.getPotentialCSSCharacter(true)})));
}
- if(!value.toLowerCase().matches("^[a-z0-9]*$")) {
+ if(!value.toLowerCase().matches("^[A-Za-z]*$")) {
log.warn("default attributes do not match the requested format : " + value);
errors.add(new ValidationObjectIdentifier(
MOAIDConfigurationConstants.GENERAL_AUTH_STORK_QAA,