diff options
3 files changed, 21 insertions, 2 deletions
diff --git a/common/src/main/java/at/gv/egovernment/moa/logging/Logger.java b/common/src/main/java/at/gv/egovernment/moa/logging/Logger.java index 6999656ab..265ad026d 100644 --- a/common/src/main/java/at/gv/egovernment/moa/logging/Logger.java +++ b/common/src/main/java/at/gv/egovernment/moa/logging/Logger.java @@ -58,7 +58,14 @@ public class Logger { * @return the logger */ private static synchronized org.slf4j.Logger getLogger() { - String className = Thread.currentThread().getStackTrace()[3].getClassName(); + StackTraceElement[] stacktrace = Thread.currentThread().getStackTrace(); + + int i; + for(i = 2; i < stacktrace.length; i++) + if(!stacktrace[i].getClassName().equals(Logger.class.getName())) + break; + + String className = stacktrace[i].getClassName(); org.slf4j.Logger logger = instances.get(className); if (logger != null) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java index ea1526ff0..3809ec4bc 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java @@ -39,6 +39,7 @@ import javax.xml.transform.TransformerFactoryConfigurationError; import javax.xml.transform.stream.StreamSource;
import org.apache.commons.io.IOUtils;
+import org.apache.commons.lang3.StringEscapeUtils;
import at.gv.egovernment.moa.id.auth.AuthenticationServer;
import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute;
@@ -286,6 +287,12 @@ public class STORKResponseProcessor { Object attributeValue = attribute.getValue();
if (null == attributeValue)
attributeValue = attribute.getComplexValue();
+
+ // escape attributeValue
+ attributeValue = StringEscapeUtils.escapeXml10(attributeValue.toString());
+ // and remove trailing and tailing brackets. Might break something but we never saw an array with more than one entry!
+ attributeValue = ((String) attributeValue).substring(1, ((String) attributeValue).length() - 1);
+
ExtendedSAMLAttribute extendedSAMLAttribute =
new ExtendedSAMLAttributeImpl(attribute.getName(), attributeValue, Constants.STORK_NS_URI, 0);
moaExtendedSAMLAttributeList.add(extendedSAMLAttribute);
diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureCreationProfileFactory.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureCreationProfileFactory.java index d1281c1f1..6a85415f8 100644 --- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureCreationProfileFactory.java +++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureCreationProfileFactory.java @@ -145,7 +145,12 @@ public class XMLSignatureCreationProfileFactory { // get the key group id String keyGroupID = request.getKeyIdentifier(); // get digest method on key group level (if configured) - String configDigestMethodKG = config.getKeyGroup(keyGroupID).getDigestMethodAlgorithm(); + KeyGroup keygroup = config.getKeyGroup(keyGroupID); + if(null == keygroup) { + Logger.error("Could not find key group '" + keyGroupID + "'"); + throw new MOAApplicationException("2231", null); + } + String configDigestMethodKG = keygroup.getDigestMethodAlgorithm(); // get default digest method (if configured) String configDigestMethod = config.getDigestMethodAlgorithmName(); |