move BKU Authentication preprocessing into a seperate task.

The GenerateIFrameTemplateServlet only put all request parameters into process-managment context

1 files changed, 4 insertions, 3 deletions

diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/CreateStorkAuthRequestFormTask.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/CreateStorkAuthRequestFormTask.java
index a8792cd8f..ef61739f8 100644
--- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/CreateStorkAuthRequestFormTask.java
+++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/CreateStorkAuthRequestFormTask.java
@@ -116,13 +116,14 @@ public class CreateStorkAuthRequestFormTask extends AbstractAuthServletTask {
 		try {

 			setNoCachingHeaders(resp);

 

-			sessionID = StringEscapeUtils.escapeHtml(req.getParameter(PARAM_SESSIONID));

+			sessionID = (String) executionContext.get(PARAM_SESSIONID);

+			pendingRequestID = (String) executionContext.get("pendingRequestID");

+			

 			// check parameter

 			if (!ParamValidatorUtils.isValidSessionID(sessionID)) {

 				throw new WrongParametersException("CreateStorkAuthRequestFormTask", PARAM_SESSIONID, "auth.12");

 			}

-			AuthenticationSession moasession = BaseAuthenticationServer.getSession(sessionID);

-			pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(sessionID);

+			AuthenticationSession moasession = BaseAuthenticationServer.getSession(sessionID);			

 			IRequest pendingReq = RequestStorage.getPendingRequest(pendingRequestID);

 			

 			if (StringUtils.isEmpty(moasession.getCcc())) {