aboutsummaryrefslogtreecommitdiff
path: root/id/server/modules
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2019-03-05 09:06:52 +0100
committerThomas Lenz <tlenz@iaik.tugraz.at>2019-03-05 09:06:52 +0100
commitd0ea99676485e559445df05e937bf899a50308bc (patch)
tree5fcb27d2b869bbfed0185283098d312febda2249 /id/server/modules
parent378e00b2039eca7139733c99d9ef4dc618f041f1 (diff)
downloadmoa-id-spss-d0ea99676485e559445df05e937bf899a50308bc.tar.gz
moa-id-spss-d0ea99676485e559445df05e937bf899a50308bc.tar.bz2
moa-id-spss-d0ea99676485e559445df05e937bf899a50308bc.zip
fix attribute escaping problem in IdentityLinkAssertionParser and move the escaping into SL1.0 AuthBlock builder and validator
this fix can be deactivated by property: 'configuration.bugfix.enable.idl.escaping' to get backward compatibility
Diffstat (limited to 'id/server/modules')
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java5
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilder.java1
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java4
-rw-r--r--id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java3
4 files changed, 9 insertions, 4 deletions
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
index a77ba45a5..a500a7c93 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
@@ -536,7 +536,10 @@ public class AuthenticationServer extends BaseAuthenticationServer {
IOAAuthParameters oaParam, IRequest pendingReq) throws BuildException, ConfigurationException, EAAFBuilderException {
IIdentityLink identityLink = session.getIdentityLink();
- String issuer = identityLink.getName();
+ String issuer = identityLink.getName();
+ // replace ' in name with &#39;
+ issuer = issuer.replaceAll("'", "&#39;");
+
String gebDat = identityLink.getDateOfBirth();
String identificationValue = null;
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilder.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilder.java
index fb65bac04..d2429e63b 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilder.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilder.java
@@ -93,6 +93,7 @@ public class PersonDataBuilder {
prIdentification.getFirstChild().setNodeValue("");
}
String xmlString = DOMUtils.serializeNode(prPerson);
+
return xmlString;
}
catch (Exception ex) {
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java
index ab9be7163..78d999971 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java
@@ -161,7 +161,7 @@ public class CreateXMLSignatureResponseValidator {
}
// replace ' in name with &#39;
issuer = issuer.replaceAll("'", "&#39;");
- if (!issuer.equals(identityLink.getName()))
+ if (!issuer.equals(identityLink.getName().replaceAll("'", "&#39;")))
throw new ValidateException("validator.33", new Object[] {issuer, identityLink.getName()});
@@ -467,7 +467,7 @@ public class CreateXMLSignatureResponseValidator {
throw new ValidateException("validator.39", new Object[] {issueInstant, session.getIssueInstant()});
}
- String name = identityLink.getName();
+ String name = identityLink.getName().replaceAll("'", "&#39;");
if (!issuer.equals(name)) {
throw new ValidateException("validator.33", new Object[] {issuer, name});
diff --git a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java
index 64a4bae63..7a9557baf 100644
--- a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java
+++ b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java
@@ -294,10 +294,11 @@ public class SAML1AuthenticationServer extends AuthenticationServer {
familyName.setPrimary("undefined");
name.getGivenName().add(authData.getGivenName());
person.setDateOfBirth(authData.getFormatedDateOfBirth());
-
+
JAXBContext jc = JAXBContext.newInstance("at.gv.util.xsd.persondata");
Marshaller m = jc.createMarshaller();
m.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, Boolean.TRUE);
+ m.setProperty(Marshaller.JAXB_ENCODING, "UTF-8");
// m.setProperty("com.sun.xml.bind.namespacePrefixMapper", new NamespacePrefixMapper() {
// public String getPreferredPrefix(String arg0, String arg1, boolean arg2) {