diff options
author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2014-03-11 11:53:26 +0100 |
---|---|---|
committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2014-03-11 11:53:26 +0100 |
commit | db5ee0cfc0d6456f1631c499f899113d2eda29d2 (patch) | |
tree | e92092ffca19ff375b04141cc1cf09fd2c155383 /id/server/idserverlib/src/main | |
parent | 13e14aa79a0257f791b71969c6d291aaf9ede835 (diff) | |
download | moa-id-spss-db5ee0cfc0d6456f1631c499f899113d2eda29d2.tar.gz moa-id-spss-db5ee0cfc0d6456f1631c499f899113d2eda29d2.tar.bz2 moa-id-spss-db5ee0cfc0d6456f1631c499f899113d2eda29d2.zip |
SAML1: if OA parameter is empty then return an error
Diffstat (limited to 'id/server/idserverlib/src/main')
-rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java index d82bd1496..5bfaaa899 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java @@ -22,6 +22,8 @@ *******************************************************************************/ package at.gv.egovernment.moa.id.protocols.saml1; +import iaik.util.logging.Log; + import java.util.HashMap; import javax.servlet.http.HttpServletRequest; @@ -44,6 +46,7 @@ import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.id.moduls.RequestImpl; import at.gv.egovernment.moa.id.util.ParamValidatorUtils; import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.MiscUtil; import at.gv.egovernment.moa.util.URLEncoder; public class SAML1Protocol implements IModulInfo, MOAIDAuthConstants { @@ -101,6 +104,13 @@ public class SAML1Protocol implements IModulInfo, MOAIDAuthConstants { target = null; } + if (MiscUtil.isEmpty(oaURL)) { + Logger.info("Receive SAML1 request with no OA parameter. Authentication STOPPED!"); + throw new WrongParametersException("StartAuthentication", PARAM_OA, + "auth.12"); + + } + if (!ParamValidatorUtils.isValidOA(oaURL)) throw new WrongParametersException("StartAuthentication", PARAM_OA, "auth.12"); |