MOA-ID 2.x Configuration implemented

  -SSO deaktivated
  -Login with mandate and normal tested

2 files changed, 5 insertions, 15 deletions

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
index d04c0b3d5..7c2a9d533 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
@@ -2,21 +2,15 @@ package at.gv.egovernment.moa.id.moduls;
 
 import java.io.IOException;
 import java.io.PrintWriter;
-import java.util.ArrayList;
-import java.util.Arrays;
 import java.util.List;
 
-import javax.servlet.RequestDispatcher;
-import javax.servlet.ServletContext;
 import javax.servlet.ServletException;
-import javax.servlet.http.HttpServlet;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import javax.servlet.http.HttpSession;
 
 import at.gv.egovernment.moa.id.AuthenticationException;
 import at.gv.egovernment.moa.id.MOAIDException;
-import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
 import at.gv.egovernment.moa.id.auth.WrongParametersException;
 import at.gv.egovernment.moa.id.auth.builder.LoginFormBuilder;
 import at.gv.egovernment.moa.id.auth.builder.StartAuthenticationBuilder;
@@ -202,11 +196,10 @@ public class AuthenticationManager extends AuthServlet {
 
 		setNoCachingHeadersInHttpRespone(request, response);
 		
-		//TODO:move this to config!!!
-		final List<String> PROTOCOLS_LEGACY_ALLOWED = Arrays.asList("id_saml1","id_pvp2x");
+		List<String> legacyallowed_prot = AuthConfigurationProvider.getInstance().getLegacyAllowedProtocols();
 
 		//is legacy allowed
-		boolean legacyallowed = PROTOCOLS_LEGACY_ALLOWED.contains(target.requestedModule());
+		boolean legacyallowed = legacyallowed_prot.contains(target.requestedModule());
 
 		//check legacy request parameter 
 		boolean legacyparamavail = ParamValidatorUtils.areAllLegacyParametersAvailable(request);
@@ -265,12 +258,9 @@ public class AuthenticationManager extends AuthServlet {
 					.getOnlineApplicationParameter(target.getOAURL());
 			
 			if (oaParam == null) {
-				//TODO: Find a better place for this!!
-				request.getSession().invalidate();
 				throw new AuthenticationException("auth.00", new Object[] { target.getOAURL() });
 			}
-				
-			
+							
 			else {
 				
 				//check if an MOASession exists and if not create an new MOASession
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java
index eeb0afae2..1e863ec81 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java
@@ -10,7 +10,7 @@ import org.hibernate.Query;
 import org.hibernate.Session;
 
 import at.gv.egovernment.moa.id.AuthenticationException;
-import at.gv.egovernment.moa.id.commons.db.MOASessionUtil;
+import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils;
 import at.gv.egovernment.moa.id.commons.db.dao.session.AuthenticatedSessionStore;
 import at.gv.egovernment.moa.id.commons.db.dao.session.OldSSOSessionIDStore;
 import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
@@ -57,7 +57,7 @@ public class SSOManager {
 	public String existsOldSSOSession(String ssoId) {
 		
 		  Logger.trace("Check that the SSOID has already been used");
-		  Session session = MOASessionUtil.getCurrentSession();
+		  Session session = MOASessionDBUtils.getCurrentSession();
 		  
 		  List<OldSSOSessionIDStore> result;