add global QC check deactivation for testing

author: Thomas Lenz <tlenz@iaik.tugraz.at> 2014-03-21 13:16:38 +0100
committer: Thomas Lenz <tlenz@iaik.tugraz.at> 2014-03-21 13:16:38 +0100
commit: 05212e955f2c44bd3150b47d9d534c5a73eb71d1 (patch)
tree: 134bb2660d9af4bf749da3a5f4af22716bf0645a /id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator
parent: 902bfea4afd98046fd1327942b8f5de96edaceb3 (diff)
download: moa-id-spss-05212e955f2c44bd3150b47d9d534c5a73eb71d1.tar.gz
moa-id-spss-05212e955f2c44bd3150b47d9d534c5a73eb71d1.tar.bz2
moa-id-spss-05212e955f2c44bd3150b47d9d534c5a73eb71d1.zip
1 files changed, 8 insertions, 3 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java
index 5f39abf73..ccaa7bbbb 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java
@@ -60,6 +60,8 @@ import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
 import at.gv.egovernment.moa.id.auth.data.IdentityLink;
 import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse;
 import at.gv.egovernment.moa.id.auth.exception.ValidateException;
+import at.gv.egovernment.moa.id.config.ConfigurationException;
+import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
 import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
 import at.gv.egovernment.moa.logging.Logger;
 
@@ -101,12 +103,13 @@ public class VerifyXMLSignatureResponseValidator {
    *                                       manifest has to be ignored (identityLink validation if
    *                                       the OA is a business service) or not
    * @throws ValidateException on any validation error
+ * @throws ConfigurationException 
    */
   public void validate(VerifyXMLSignatureResponse verifyXMLSignatureResponse,
                        List<String> identityLinkSignersSubjectDNNames, 
                        String whatToCheck,
                        boolean ignoreManifestValidationResult)
-    throws ValidateException {
+    throws ValidateException, ConfigurationException {
 
     if (verifyXMLSignatureResponse.getSignatureCheckCode() != 0)
       throw new ValidateException("validator.06", null);
@@ -130,8 +133,10 @@ public class VerifyXMLSignatureResponseValidator {
         throw new ValidateException("validator.19", new Object[] { checkFailedReason } );
     }
     
-    //check QC
-    if (!verifyXMLSignatureResponse.isQualifiedCertificate())
+    //check QC 
+    if (AuthConfigurationProvider.getInstance().isCertifiacteQCActive() &&
+    		!whatToCheck.equals(CHECK_IDENTITY_LINK) &&
+    		!verifyXMLSignatureResponse.isQualifiedCertificate())
         throw new ValidateException("validator.71", null);
     
     if (ignoreManifestValidationResult) {
author	Thomas Lenz <tlenz@iaik.tugraz.at>	2014-03-21 13:16:38 +0100
committer	Thomas Lenz <tlenz@iaik.tugraz.at>	2014-03-21 13:16:38 +0100
commit	05212e955f2c44bd3150b47d9d534c5a73eb71d1 (patch)
tree	134bb2660d9af4bf749da3a5f4af22716bf0645a /id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator
parent	902bfea4afd98046fd1327942b8f5de96edaceb3 (diff)
download	moa-id-spss-05212e955f2c44bd3150b47d9d534c5a73eb71d1.tar.gz moa-id-spss-05212e955f2c44bd3150b47d9d534c5a73eb71d1.tar.bz2 moa-id-spss-05212e955f2c44bd3150b47d9d534c5a73eb71d1.zip