diff options
author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2014-03-21 13:16:38 +0100 |
---|---|---|
committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2014-03-21 13:16:38 +0100 |
commit | 05212e955f2c44bd3150b47d9d534c5a73eb71d1 (patch) | |
tree | 134bb2660d9af4bf749da3a5f4af22716bf0645a /id/server/idserverlib | |
parent | 902bfea4afd98046fd1327942b8f5de96edaceb3 (diff) | |
download | moa-id-spss-05212e955f2c44bd3150b47d9d534c5a73eb71d1.tar.gz moa-id-spss-05212e955f2c44bd3150b47d9d534c5a73eb71d1.tar.bz2 moa-id-spss-05212e955f2c44bd3150b47d9d534c5a73eb71d1.zip |
add global QC check deactivation for testing
Diffstat (limited to 'id/server/idserverlib')
2 files changed, 13 insertions, 3 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java index 5f39abf73..ccaa7bbbb 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java @@ -60,6 +60,8 @@ import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; import at.gv.egovernment.moa.id.auth.data.IdentityLink; import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse; import at.gv.egovernment.moa.id.auth.exception.ValidateException; +import at.gv.egovernment.moa.id.config.ConfigurationException; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; import at.gv.egovernment.moa.id.util.MOAIDMessageProvider; import at.gv.egovernment.moa.logging.Logger; @@ -101,12 +103,13 @@ public class VerifyXMLSignatureResponseValidator { * manifest has to be ignored (identityLink validation if * the OA is a business service) or not * @throws ValidateException on any validation error + * @throws ConfigurationException */ public void validate(VerifyXMLSignatureResponse verifyXMLSignatureResponse, List<String> identityLinkSignersSubjectDNNames, String whatToCheck, boolean ignoreManifestValidationResult) - throws ValidateException { + throws ValidateException, ConfigurationException { if (verifyXMLSignatureResponse.getSignatureCheckCode() != 0) throw new ValidateException("validator.06", null); @@ -130,8 +133,10 @@ public class VerifyXMLSignatureResponseValidator { throw new ValidateException("validator.19", new Object[] { checkFailedReason } ); } - //check QC - if (!verifyXMLSignatureResponse.isQualifiedCertificate()) + //check QC + if (AuthConfigurationProvider.getInstance().isCertifiacteQCActive() && + !whatToCheck.equals(CHECK_IDENTITY_LINK) && + !verifyXMLSignatureResponse.isQualifiedCertificate()) throw new ValidateException("validator.71", null); if (ignoreManifestValidationResult) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java index 8d1fc7979..8b5c8d796 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java @@ -1003,6 +1003,11 @@ public class AuthConfigurationProvider extends ConfigurationProvider { return Boolean.valueOf(prop); } + public boolean isCertifiacteQCActive() { + String prop = props.getProperty("configuration.validation.certificate.QC.ignore", "false"); + return !Boolean.valueOf(prop); + } + /** * Retruns the STORK Configuration * @return STORK Configuration |