aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib/src/main/java/at
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2014-09-19 11:02:16 +0200
committerThomas Lenz <tlenz@iaik.tugraz.at>2014-09-19 11:02:16 +0200
commit249ded0cad445464239553f5629a59524ae785d7 (patch)
tree24c520db5feabaa36fcb795609aada38f3d47df4 /id/server/idserverlib/src/main/java/at
parent42fbebacc80981b145464287f1bbbd8441713652 (diff)
downloadmoa-id-spss-249ded0cad445464239553f5629a59524ae785d7.tar.gz
moa-id-spss-249ded0cad445464239553f5629a59524ae785d7.tar.bz2
moa-id-spss-249ded0cad445464239553f5629a59524ae785d7.zip
solve SLO frontchannel timeout problem
Diffstat (limited to 'id/server/idserverlib/src/main/java/at')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java3
1 files changed, 2 insertions, 1 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java
index 6e1811c8b..532ccb7ba 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java
@@ -33,6 +33,7 @@ import at.gv.egovernment.moa.id.auth.builder.RedirectFormBuilder;
import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead;
import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
+import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
import at.gv.egovernment.moa.id.moduls.SSOManager;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.MiscUtil;
@@ -63,7 +64,7 @@ public class RedirectServlet extends AuthServlet{
String redirectTarget = DEFAULT_REDIRECTTARGET;
try {
oa = ConfigurationDBRead.getActiveOnlineApplication(url);
- if (oa == null) {
+ if (oa == null && !url.startsWith(AuthConfigurationProvider.getInstance().getPublicURLPrefix())) {
resp.sendError(HttpServletResponse.SC_FORBIDDEN, "Parameters not valid");
return;