aboutsummaryrefslogtreecommitdiff
path: root/id/server
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2014-03-11 11:53:26 +0100
committerThomas Lenz <tlenz@iaik.tugraz.at>2014-03-11 11:53:26 +0100
commitdb5ee0cfc0d6456f1631c499f899113d2eda29d2 (patch)
treee92092ffca19ff375b04141cc1cf09fd2c155383 /id/server
parent13e14aa79a0257f791b71969c6d291aaf9ede835 (diff)
downloadmoa-id-spss-db5ee0cfc0d6456f1631c499f899113d2eda29d2.tar.gz
moa-id-spss-db5ee0cfc0d6456f1631c499f899113d2eda29d2.tar.bz2
moa-id-spss-db5ee0cfc0d6456f1631c499f899113d2eda29d2.zip
SAML1: if OA parameter is empty then return an error
Diffstat (limited to 'id/server')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java10
1 files changed, 10 insertions, 0 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
index d82bd1496..5bfaaa899 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
@@ -22,6 +22,8 @@
*******************************************************************************/
package at.gv.egovernment.moa.id.protocols.saml1;
+import iaik.util.logging.Log;
+
import java.util.HashMap;
import javax.servlet.http.HttpServletRequest;
@@ -44,6 +46,7 @@ import at.gv.egovernment.moa.id.moduls.IRequest;
import at.gv.egovernment.moa.id.moduls.RequestImpl;
import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.util.MiscUtil;
import at.gv.egovernment.moa.util.URLEncoder;
public class SAML1Protocol implements IModulInfo, MOAIDAuthConstants {
@@ -101,6 +104,13 @@ public class SAML1Protocol implements IModulInfo, MOAIDAuthConstants {
target = null;
}
+ if (MiscUtil.isEmpty(oaURL)) {
+ Logger.info("Receive SAML1 request with no OA parameter. Authentication STOPPED!");
+ throw new WrongParametersException("StartAuthentication", PARAM_OA,
+ "auth.12");
+
+ }
+
if (!ParamValidatorUtils.isValidOA(oaURL))
throw new WrongParametersException("StartAuthentication", PARAM_OA,
"auth.12");