diff options
author | mcentner <mcentner@d688527b-c9ab-4aba-bd8d-4036d912da1d> | 2010-07-02 07:14:41 +0000 |
---|---|---|
committer | mcentner <mcentner@d688527b-c9ab-4aba-bd8d-4036d912da1d> | 2010-07-02 07:14:41 +0000 |
commit | 68af85701b6f797b0d662b89b95e043ee949defd (patch) | |
tree | 070935cdd1144aeeb8ce6adddd0da34a72e6ffef /id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/StartAuthenticationServlet.java | |
parent | 3d707db8bf4ec346b8ab6185b8e5ac5403bf2b0a (diff) | |
download | moa-id-spss-68af85701b6f797b0d662b89b95e043ee949defd.tar.gz moa-id-spss-68af85701b6f797b0d662b89b95e043ee949defd.tar.bz2 moa-id-spss-68af85701b6f797b0d662b89b95e043ee949defd.zip |
Merged branch 1.4.7_MOASP_TSL back into trunk.
git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/trunk@1165 d688527b-c9ab-4aba-bd8d-4036d912da1d
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/StartAuthenticationServlet.java')
-rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/StartAuthenticationServlet.java | 25 |
1 files changed, 22 insertions, 3 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/StartAuthenticationServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/StartAuthenticationServlet.java index 961511ee7..8165f90f8 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/StartAuthenticationServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/StartAuthenticationServlet.java @@ -28,6 +28,7 @@ import at.gv.egovernment.moa.id.auth.AuthenticationServer; import at.gv.egovernment.moa.id.auth.MOAIDAuthInitializer; import at.gv.egovernment.moa.id.auth.WrongParametersException; import at.gv.egovernment.moa.id.util.MOAIDMessageProvider; +import at.gv.egovernment.moa.id.util.ParamValidatorUtils; import at.gv.egovernment.moa.logging.Logger; /** @@ -61,18 +62,36 @@ public class StartAuthenticationServlet extends AuthServlet { authURL = authURL.concat(":" + req.getServerPort()); } authURL = authURL.concat(req.getContextPath() + "/"); - String target = req.getParameter(PARAM_TARGET); - String oaURL = req.getParameter(PARAM_OA); + + String target = req.getParameter(PARAM_TARGET); + String oaURL = req.getParameter(PARAM_OA); String bkuURL = req.getParameter(PARAM_BKU); String templateURL = req.getParameter(PARAM_TEMPLATE); String sessionID = req.getParameter(PARAM_SESSIONID); + resp.setHeader(HEADER_EXPIRES,HEADER_VALUE_EXPIRES); resp.setHeader(HEADER_PRAGMA,HEADER_VALUE_PRAGMA); resp.setHeader(HEADER_CACHE_CONTROL,HEADER_VALUE_CACHE_CONTROL); resp.addHeader(HEADER_CACHE_CONTROL,HEADER_VALUE_CACHE_CONTROL_IE); - try { + + + try { + // check parameter + if (!ParamValidatorUtils.isValidTarget(target)) + throw new WrongParametersException("StartAuthentication", PARAM_TARGET, "auth.12"); + if (!ParamValidatorUtils.isValidOA(oaURL)) + throw new WrongParametersException("StartAuthentication", PARAM_OA, "auth.12"); + if (!ParamValidatorUtils.isValidBKUURI(bkuURL)) + throw new WrongParametersException("StartAuthentication", PARAM_BKU, "auth.12"); + if (!ParamValidatorUtils.isValidTemplate(templateURL)) + throw new WrongParametersException("StartAuthentication", PARAM_TEMPLATE, "auth.12"); + if (!ParamValidatorUtils.isValidSessionID(sessionID)) + throw new WrongParametersException("StartAuthentication", PARAM_SESSIONID, "auth.12"); + + String getIdentityLinkForm = AuthenticationServer.getInstance().startAuthentication(authURL, target, oaURL, templateURL, bkuURL, sessionID, req.getScheme()); + resp.setContentType("text/html;charset=UTF-8"); PrintWriter out = new PrintWriter(resp.getOutputStream()); out.print(getIdentityLinkForm); |