aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2014-03-21 13:16:38 +0100
committerThomas Lenz <tlenz@iaik.tugraz.at>2014-03-21 13:16:38 +0100
commit05212e955f2c44bd3150b47d9d534c5a73eb71d1 (patch)
tree134bb2660d9af4bf749da3a5f4af22716bf0645a /id/server/idserverlib
parent902bfea4afd98046fd1327942b8f5de96edaceb3 (diff)
downloadmoa-id-spss-05212e955f2c44bd3150b47d9d534c5a73eb71d1.tar.gz
moa-id-spss-05212e955f2c44bd3150b47d9d534c5a73eb71d1.tar.bz2
moa-id-spss-05212e955f2c44bd3150b47d9d534c5a73eb71d1.zip
add global QC check deactivation for testing
Diffstat (limited to 'id/server/idserverlib')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java11
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java5
2 files changed, 13 insertions, 3 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java
index 5f39abf73..ccaa7bbbb 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java
@@ -60,6 +60,8 @@ import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.auth.data.IdentityLink;
import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse;
import at.gv.egovernment.moa.id.auth.exception.ValidateException;
+import at.gv.egovernment.moa.id.config.ConfigurationException;
+import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
import at.gv.egovernment.moa.logging.Logger;
@@ -101,12 +103,13 @@ public class VerifyXMLSignatureResponseValidator {
* manifest has to be ignored (identityLink validation if
* the OA is a business service) or not
* @throws ValidateException on any validation error
+ * @throws ConfigurationException
*/
public void validate(VerifyXMLSignatureResponse verifyXMLSignatureResponse,
List<String> identityLinkSignersSubjectDNNames,
String whatToCheck,
boolean ignoreManifestValidationResult)
- throws ValidateException {
+ throws ValidateException, ConfigurationException {
if (verifyXMLSignatureResponse.getSignatureCheckCode() != 0)
throw new ValidateException("validator.06", null);
@@ -130,8 +133,10 @@ public class VerifyXMLSignatureResponseValidator {
throw new ValidateException("validator.19", new Object[] { checkFailedReason } );
}
- //check QC
- if (!verifyXMLSignatureResponse.isQualifiedCertificate())
+ //check QC
+ if (AuthConfigurationProvider.getInstance().isCertifiacteQCActive() &&
+ !whatToCheck.equals(CHECK_IDENTITY_LINK) &&
+ !verifyXMLSignatureResponse.isQualifiedCertificate())
throw new ValidateException("validator.71", null);
if (ignoreManifestValidationResult) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
index 8d1fc7979..8b5c8d796 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
@@ -1003,6 +1003,11 @@ public class AuthConfigurationProvider extends ConfigurationProvider {
return Boolean.valueOf(prop);
}
+ public boolean isCertifiacteQCActive() {
+ String prop = props.getProperty("configuration.validation.certificate.QC.ignore", "false");
+ return !Boolean.valueOf(prop);
+ }
+
/**
* Retruns the STORK Configuration
* @return STORK Configuration