diff options
| author | Klaus Stranacher <kstranacher@iaik.tugraz.at> | 2013-09-10 10:43:14 +0200 |
|---|---|---|
| committer | Klaus Stranacher <kstranacher@iaik.tugraz.at> | 2013-09-10 10:43:14 +0200 |
| commit | a1bf5db9320090e976bfee9620fb2de3d877a0d1 (patch) | |
| tree | 8595611fa3f2f222b55bf4ea296572aa3bc592e2 /id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyCertificateServlet.java | |
| parent | ea55b89c40e633f1bcea3ba8046a814b75370ed6 (diff) | |
| download | moa-id-spss-a1bf5db9320090e976bfee9620fb2de3d877a0d1.tar.gz moa-id-spss-a1bf5db9320090e976bfee9620fb2de3d877a0d1.tar.bz2 moa-id-spss-a1bf5db9320090e976bfee9620fb2de3d877a0d1.zip | |
Update MOA-ID Specification (appendix)
Bug fix: OA URL escape
Verify Country-Code in Foreign Identities Mode (AT login not possible)
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyCertificateServlet.java')
| -rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyCertificateServlet.java | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyCertificateServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyCertificateServlet.java index 477d99220..ec05af5a1 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyCertificateServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyCertificateServlet.java @@ -49,6 +49,7 @@ import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; import at.gv.egovernment.moa.id.util.ParamValidatorUtils; import at.gv.egovernment.moa.id.util.ServletUtils; import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.spss.util.CertificateUtils; /**
* Servlet requested for getting the foreign eID
@@ -158,8 +159,17 @@ public class VerifyCertificateServlet extends AuthServlet { ServletUtils.writeCreateXMLSignatureRequestOrRedirect(resp, session, createXMLSignatureRequestOrRedirect, AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, "VerifyCertificate");
}
else {
+
+ + String countrycode = CertificateUtils.getIssuerCountry(cert); + if (countrycode != null) { + if (countrycode.compareToIgnoreCase("AT") == 0) { + Logger.error("Certificate issuer country code is \"AT\". Login not support in foreign identities mode."); + throw new AuthenticationException("auth.22", null); + } + } + // Foreign Identities Modus
-
String createXMLSignatureRequest = AuthenticationServer.getInstance().createXMLSignatureRequestForeignID(session, cert);
// build dataurl (to the GetForeignIDSerlvet)
String dataurl =
|