diff options
author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2013-09-04 07:25:09 +0200 |
---|---|---|
committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2013-09-04 07:25:09 +0200 |
commit | 61362f940ca679fe215de34b1683e1110fea8d3e (patch) | |
tree | 0857aa21842a33d6e6e52d27b058c1af9831cb6b /id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java | |
parent | 8854b5c2c1e342b891271a04face4f4479653d46 (diff) | |
download | moa-id-spss-61362f940ca679fe215de34b1683e1110fea8d3e.tar.gz moa-id-spss-61362f940ca679fe215de34b1683e1110fea8d3e.tar.bz2 moa-id-spss-61362f940ca679fe215de34b1683e1110fea8d3e.zip |
MOA-ID Updates and Bugfixes
-- OW BPK calculation
-- OA specific SL-Templates
-- update MOA-ID configuration XML
-- PVP2: QA Level and BPK calculation updated
-- PVP2: add two attribute builder
-- MOA-ID BKU selection: bugfix local BKU selection
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java')
-rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java | 44 |
1 files changed, 21 insertions, 23 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java index 58cea2926..58194361c 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java @@ -1,5 +1,7 @@ package at.gv.egovernment.moa.id.auth.parser; +import java.io.UnsupportedEncodingException; + import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; @@ -19,7 +21,9 @@ import at.gv.egovernment.moa.id.protocols.saml1.SAML1Protocol; import at.gv.egovernment.moa.id.util.ParamValidatorUtils; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.BoolUtils; +import at.gv.egovernment.moa.util.MiscUtil; import at.gv.egovernment.moa.util.StringUtils; +import at.gv.egovernment.moa.util.URLEncoder; public class StartAuthentificationParameterParser implements MOAIDAuthConstants{ @@ -39,15 +43,14 @@ public class StartAuthentificationParameterParser implements MOAIDAuthConstants{ // String sso = req.getParameter(PARAM_SSO); // escape parameter strings - //TODO: use URLEncoder.encode!! - target = StringEscapeUtils.escapeHtml(target); - oaURL = StringEscapeUtils.escapeHtml(oaURL); - bkuURL = StringEscapeUtils.escapeHtml(bkuURL); - templateURL = StringEscapeUtils.escapeHtml(templateURL); - useMandate = StringEscapeUtils.escapeHtml(useMandate); - ccc = StringEscapeUtils.escapeHtml(ccc); -// sso = StringEscapeUtils.escapeHtml(sso); - + target = StringEscapeUtils.escapeHtml(target); + oaURL = StringEscapeUtils.escapeHtml(oaURL); + bkuURL = StringEscapeUtils.escapeHtml(bkuURL); + templateURL = StringEscapeUtils.escapeHtml(templateURL); + useMandate = StringEscapeUtils.escapeHtml(useMandate); + ccc = StringEscapeUtils.escapeHtml(ccc); + // sso = StringEscapeUtils.escapeHtml(sso); + // check parameter //pvp2.x can use general identifier (equals oaURL in SAML1) @@ -153,7 +156,6 @@ public class StartAuthentificationParameterParser implements MOAIDAuthConstants{ moasession.setPublicOAURLPrefix(oaParam.getPublicURLPrefix()); - //TODO: check for SSO moasession.setTarget(target); moasession.setBusinessService(oaParam.getBusinessService()); moasession.setTargetFriendlyName(targetFriendlyName); @@ -193,9 +195,12 @@ public class StartAuthentificationParameterParser implements MOAIDAuthConstants{ moasession.setAuthURL(authURL); -// //check and set SourceID -// if (sourceID != null) -// moasession.setSourceID(sourceID); + //check and set SourceID + if (oaParam.getSAML1Parameter() != null) { + String sourceID = oaParam.getSAML1Parameter().getSourceID(); + if (MiscUtil.isNotEmpty(sourceID)) + moasession.setSourceID(sourceID); + } // BKU URL has not been set yet, even if session already exists if (bkuURL == null) { @@ -208,14 +213,10 @@ public class StartAuthentificationParameterParser implements MOAIDAuthConstants{ moasession.setBkuURL(bkuURL); - if (!ParamValidatorUtils.isValidTemplate(req, templateURL)) + if (!ParamValidatorUtils.isValidTemplate(req, templateURL, oaParam.getTemplateURL())) throw new WrongParametersException("StartAuthentication", PARAM_TEMPLATE, "auth.12"); - - // override template url by url from configuration file - if (oaParam.getTemplateURL() != null) { - templateURL = oaParam.getTemplateURL(); - } moasession.setTemplateURL(templateURL); + moasession.setCcc(ccc); } @@ -223,10 +224,7 @@ public class StartAuthentificationParameterParser implements MOAIDAuthConstants{ public static void parse(HttpServletRequest req, HttpServletResponse resp, AuthenticationSession moasession, IRequest request) throws WrongParametersException, MOAIDException { -// //check Module and Action -// HttpSession httpSession = req.getSession(); -// IRequest request = RequestStorage.getPendingRequest(httpSession); - + String modul = request.requestedModule();//req.getParameter(PARAM_MODUL); String action = request.requestedAction();//req.getParameter(PARAM_ACTION); |