aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--spss.server/history.txt4
-rw-r--r--spss.server/src/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java13
2 files changed, 17 insertions, 0 deletions
diff --git a/spss.server/history.txt b/spss.server/history.txt
index 42930a943..cae539a6a 100644
--- a/spss.server/history.txt
+++ b/spss.server/history.txt
@@ -2,6 +2,10 @@
Current
##############
+- MOA SS Webservice Clients, die sich mit einem Zertifikat ausweisen, können nun
+ auch auf die Key-Groups des anonymen Key-Group-Mappings zugreifen.
+ Siehe https://forge.cio.gv.at/bugzilla/show_bug.cgi?id=224.
+
- MOA SS fit für Mehrfachsignaturen, d.h. mehrere XML-Signaturen in einem XML-
Dokument gemacht. Bisher scheiterte das an den fix vergebenen Id-Attributen
innerhalb der dsig:Signature-Struktur.
diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java b/spss.server/src/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java
index c3ba9fe23..4927bb9b0 100644
--- a/spss.server/src/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java
+++ b/spss.server/src/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java
@@ -496,6 +496,19 @@ public class ConfigurationProvider {
return keyGroup.getKeyGroupEntries();
}
}
+
+ // If no key group is available for a client identified by a certificate,
+ // try to find a key group in the anonymous key group mapping
+ if (issuer != null || serial != null)
+ {
+ mapping = (Map) keyGroupMappings.get(ANONYMOUS_ISSUER_SERIAL);
+ if (mapping != null)
+ {
+ KeyGroup keyGroup = (KeyGroup) mapping.get(keyGroupId);
+ if (keyGroup != null) return keyGroup.getKeyGroupEntries();
+ }
+ }
+
return null;
}