diff options
| author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2017-10-03 16:21:55 +0200 | 
|---|---|---|
| committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2017-10-03 16:21:55 +0200 | 
| commit | 103aa707a18f80f4fa811ccbf917e7274f020ef7 (patch) | |
| tree | 71eff66f368e944c1908945ff61219687ec64b80 /id/server/idserverlib | |
| parent | a2f3140358be730c86acac9d77ff4df282cbf1e4 (diff) | |
| download | moa-id-spss-103aa707a18f80f4fa811ccbf917e7274f020ef7.tar.gz moa-id-spss-103aa707a18f80f4fa811ccbf917e7274f020ef7.tar.bz2 moa-id-spss-103aa707a18f80f4fa811ccbf917e7274f020ef7.zip | |
add functionality to put additional parameters on executioncontext
Diffstat (limited to 'id/server/idserverlib')
| -rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java | 32 | 
1 files changed, 27 insertions, 5 deletions
| diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java index 7c581d470..aff2c83ad 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java @@ -23,6 +23,7 @@  package at.gv.egovernment.moa.id.moduls;  import java.io.IOException; +import java.security.cert.X509Certificate;  import java.util.ArrayList;  import java.util.Collection;  import java.util.Enumeration; @@ -90,6 +91,7 @@ import at.gv.egovernment.moa.util.MiscUtil;  @Service("MOAID_AuthenticationManager")  public class AuthenticationManager extends MOAIDAuthConstants { +	private static List<String> reqParameterWhiteListeForModules = new ArrayList<String>();  	public static final String MOA_SESSION = "MoaAuthenticationSession";  	public static final String MOA_AUTHENTICATED = "MoaAuthenticated"; @@ -309,6 +311,18 @@ public class AuthenticationManager extends MOAIDAuthConstants {  	}  	/** +	 * Add a request parameter to whitelist. All parameters that are part of the white list are added into {@link ExecutionContext}  +	 *  +	 * @param httpReqParam http parameter name, but never null +	 */ +	public void addParameterNameToWhiteList(String httpReqParam) { +		if (MiscUtil.isNotEmpty(httpReqParam)) +			reqParameterWhiteListeForModules.add(httpReqParam); +		 +	} +	 +	 +	/**  	 * Checks if a authenticated MOASession already exists and if {protocolRequest} is authenticated  	 *   	 * @param protocolRequest Authentication request which is actually in process @@ -386,17 +400,25 @@ public class AuthenticationManager extends MOAIDAuthConstants {  		executionContext.put(MOAIDAuthConstants.PROCESSCONTEXT_ISLEGACYREQUEST, leagacyMode);  		executionContext.put(MOAIDAuthConstants.PROCESSCONTEXT_PERFORM_BKUSELECTION, !leagacyMode   				&& MiscUtil.isEmpty(pendingReq.getGenericData(RequestImpl.DATAID_INTERFEDERATIOIDP_URL, String.class))); +		 +		//add X509 SSL client certificate if exist +		if (httpReq.getAttribute("javax.servlet.request.X509Certificate") != null) { +			Logger.debug("Find SSL-client-certificate on request --> Add it to context"); +			executionContext.put(MOAIDAuthConstants.PROCESSCONTEXT_SSL_CLIENT_CERTIFICATE,  +					((X509Certificate[])httpReq.getAttribute("javax.servlet.request.X509Certificate"))); +			 +		} -		//add leagcy parameters to context -		if (leagacyMode) { +		//add additional http request parameter to context +		if (!reqParameterWhiteListeForModules.isEmpty() || leagacyMode) {  			Enumeration<String> reqParamNames = httpReq.getParameterNames();  			while(reqParamNames.hasMoreElements()) {  				String paramName = reqParamNames.nextElement();  				if (MiscUtil.isNotEmpty(paramName) &&  -						MOAIDAuthConstants.LEGACYPARAMETERWHITELIST.contains(paramName)) +						( MOAIDAuthConstants.LEGACYPARAMETERWHITELIST.contains(paramName)  +								|| reqParameterWhiteListeForModules.contains(paramName) ))  					executionContext.put(paramName,  -							StringEscapeUtils.escapeHtml(httpReq.getParameter(paramName))); -				 +							StringEscapeUtils.escapeHtml(httpReq.getParameter(paramName)));				  			}			  		} | 
