diff options
Diffstat (limited to 'id/ConfigWebTool/src/main/java/at')
2 files changed, 19 insertions, 17 deletions
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java index 8b527aa8f..695caa3fd 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java @@ -1,7 +1,6 @@ package at.gv.egovernment.moa.id.configuration.data; import java.util.ArrayList; -import java.util.Arrays; import java.util.List; import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentGeneral; @@ -66,14 +65,12 @@ public class GeneralStorkConfig { return tmp; } - public String getDefaultAttributes() { - return Arrays.toString(attributes.toArray()).replace("[", "").replace("]", ""); + public List<String> getAttributes() { + return attributes; } - public void setDefaultAttributes(String attributes) { - this.attributes = new ArrayList<String>(); - for(String current : attributes.split(",")) - this.attributes.add(current.trim()); + public void setAttributes(List<String> attributes) { + this.attributes = attributes; } public int getDefaultQaa() { diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java index 730466e15..cc5d0f2c4 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java @@ -64,18 +64,23 @@ public class StorkConfigValidator { } // check attributes - String check = form.getDefaultAttributes(); - if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, true)) { - log.warn("default attributes contains potentail XSS characters: " + check); - errors.add(LanguageHelper.getErrorString("validation.stork.requestedattributes", - new Object[] {ValidationHelper.getPotentialCSSCharacter(true)} )); - } - if(!check.toLowerCase().matches("^[a-z0-9, ]*$")) { - log.warn("default attributes do not match the requested format : " + check); + if (MiscUtil.isNotEmpty(form.getAttributes())) { + for(String check : form.getAttributes()) { + if (ValidationHelper.containsPotentialCSSCharacter(check, true)) { + log.warn("default attributes contains potentail XSS characters: " + check); errors.add(LanguageHelper.getErrorString("validation.stork.requestedattributes", - new Object[] {check} )); + new Object[] {ValidationHelper.getPotentialCSSCharacter(true)} )); + } + if(!check.toLowerCase().matches("^[a-z0-9]*$")) { + log.warn("default attributes do not match the requested format : " + check); + errors.add(LanguageHelper.getErrorString("validation.stork.requestedattributes", + new Object[] {check} )); + } } + } else { + log.warn("no attributes specified"); + errors.add(LanguageHelper.getErrorString("validation.stork.attributes.empty", + new Object[] {} )); } return errors; |