diff options
-rw-r--r-- | spss.server/history.txt | 4 | ||||
-rw-r--r-- | spss.server/src/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java | 13 |
2 files changed, 17 insertions, 0 deletions
diff --git a/spss.server/history.txt b/spss.server/history.txt index 42930a943..cae539a6a 100644 --- a/spss.server/history.txt +++ b/spss.server/history.txt @@ -2,6 +2,10 @@ Current ############## +- MOA SS Webservice Clients, die sich mit einem Zertifikat ausweisen, können nun + auch auf die Key-Groups des anonymen Key-Group-Mappings zugreifen. + Siehe https://forge.cio.gv.at/bugzilla/show_bug.cgi?id=224. + - MOA SS fit für Mehrfachsignaturen, d.h. mehrere XML-Signaturen in einem XML- Dokument gemacht. Bisher scheiterte das an den fix vergebenen Id-Attributen innerhalb der dsig:Signature-Struktur. diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java b/spss.server/src/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java index c3ba9fe23..4927bb9b0 100644 --- a/spss.server/src/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java +++ b/spss.server/src/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java @@ -496,6 +496,19 @@ public class ConfigurationProvider { return keyGroup.getKeyGroupEntries(); } } + + // If no key group is available for a client identified by a certificate, + // try to find a key group in the anonymous key group mapping + if (issuer != null || serial != null) + { + mapping = (Map) keyGroupMappings.get(ANONYMOUS_ISSUER_SERIAL); + if (mapping != null) + { + KeyGroup keyGroup = (KeyGroup) mapping.get(keyGroupId); + if (keyGroup != null) return keyGroup.getKeyGroupEntries(); + } + } + return null; } |