aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib/src/main/java/at/gv/egovernment
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2014-07-02 12:44:45 +0200
committerThomas Lenz <tlenz@iaik.tugraz.at>2014-07-02 12:44:45 +0200
commit37ffa16c121e5be8ad3c060b007ed200359007ea (patch)
tree003d47d4e6fb14141ac2237f304bb8357a035fb9 /id/server/idserverlib/src/main/java/at/gv/egovernment
parent7886beb95d7aeeb6439d81c09f297f0c4fceeb8c (diff)
downloadmoa-id-spss-37ffa16c121e5be8ad3c060b007ed200359007ea.tar.gz
moa-id-spss-37ffa16c121e5be8ad3c060b007ed200359007ea.tar.bz2
moa-id-spss-37ffa16c121e5be8ad3c060b007ed200359007ea.zip
actually, STORK response processing does not verify the signature of signedDoc attribute
--> check if signature verification response exists.
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java18
1 files changed, 13 insertions, 5 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
index c0e1dd3ca..9af2f5ee5 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
@@ -478,11 +478,19 @@ public class AuthenticationDataBuilder implements MOAIDAuthConstants {
authData.setGivenName(identityLink.getGivenName());
authData.setFamilyName(identityLink.getFamilyName());
authData.setDateOfBirth(identityLink.getDateOfBirth());
- authData.setQualifiedCertificate(verifyXMLSigResp
- .isQualifiedCertificate());
- authData.setPublicAuthority(verifyXMLSigResp.isPublicAuthority());
- authData.setPublicAuthorityCode(verifyXMLSigResp
- .getPublicAuthorityCode());
+
+ if (verifyXMLSigResp != null) {
+ authData.setQualifiedCertificate(verifyXMLSigResp
+ .isQualifiedCertificate());
+ authData.setPublicAuthority(verifyXMLSigResp.isPublicAuthority());
+ authData.setPublicAuthorityCode(verifyXMLSigResp
+ .getPublicAuthorityCode());
+
+ } else {
+ Logger.warn("No signature verfication response found!");
+
+ }
+
authData.setBkuURL(session.getBkuURL());
authData.setStorkAttributes(session.getStorkAttributes());