aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2016-05-20 10:03:01 +0200
committerThomas Lenz <tlenz@iaik.tugraz.at>2016-05-20 10:03:01 +0200
commitf315d259b05c0a33461cc79108a726d93bcc2b3a (patch)
tree4232a77b4371bc5d6f7e72e857dc762a5d944cc8 /id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet
parentcdc61266b24c65b1f086d6246caa08457b2371bb (diff)
downloadmoa-id-spss-f315d259b05c0a33461cc79108a726d93bcc2b3a.tar.gz
moa-id-spss-f315d259b05c0a33461cc79108a726d93bcc2b3a.tar.bz2
moa-id-spss-f315d259b05c0a33461cc79108a726d93bcc2b3a.zip
fix problem with some SAML1 clients to request the SAML1 GetAuthenticationData SOAP service
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/interceptor/WebFrontEndSecurityInterceptor.java3
1 files changed, 2 insertions, 1 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/interceptor/WebFrontEndSecurityInterceptor.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/interceptor/WebFrontEndSecurityInterceptor.java
index 87804ea6c..9fdec9fbb 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/interceptor/WebFrontEndSecurityInterceptor.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/interceptor/WebFrontEndSecurityInterceptor.java
@@ -53,7 +53,8 @@ public class WebFrontEndSecurityInterceptor implements HandlerInterceptor {
//only for SAML1 GetAuthenticationData webService functionality
String requestedServlet = request.getServletPath();
- if (MiscUtil.isNotEmpty(requestedServlet) && requestedServlet.startsWith("/services/GetAuthenticationData")) {
+ if (MiscUtil.isNotEmpty(requestedServlet) &&
+ requestedServlet.startsWith("/services")) {
Logger.debug("SAML1 GetAuthenticationServices allow access without SSL");
return true;