diff options
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java')
-rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java | 18 |
1 files changed, 11 insertions, 7 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java index adef74370..96914647e 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java @@ -136,6 +136,7 @@ public class VerifyAuthenticationBlockServlet extends AuthServlet { resp.setHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL); resp.addHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL_IE); + String pendingRequestID = null; Map parameters; try @@ -152,6 +153,8 @@ public class VerifyAuthenticationBlockServlet extends AuthServlet { // escape parameter strings sessionID = StringEscapeUtils.escapeHtml(sessionID); + pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(sessionID); + String redirectURL = null; try { // check parameter @@ -161,7 +164,7 @@ public class VerifyAuthenticationBlockServlet extends AuthServlet { throw new WrongParametersException("VerifyAuthenticationBlock", PARAM_XMLRESPONSE, "auth.12"); AuthenticationSession session = AuthenticationServer.getSession(sessionID); - + String samlArtifactBase64 = AuthenticationServer.getInstance().verifyAuthenticationBlock(session, createXMLSignatureResponse); @@ -252,8 +255,9 @@ public class VerifyAuthenticationBlockServlet extends AuthServlet { redirectURL = addURLParameter(redirectURL, PARAM_SAMLARTIFACT, URLEncoder.encode(samlArtifactBase64, "UTF-8")); redirectURL = resp.encodeRedirectURL(redirectURL);*/ + redirectURL = new DataURLBuilder().buildDataURL(session.getAuthURL(), - ModulUtils.buildAuthURL(session.getModul(), session.getAction()), samlArtifactBase64); + ModulUtils.buildAuthURL(session.getModul(), session.getAction(), pendingRequestID), samlArtifactBase64); } else { redirectURL = new DataURLBuilder().buildDataURL(session.getAuthURL(), AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, session.getSessionID()); @@ -270,15 +274,15 @@ public class VerifyAuthenticationBlockServlet extends AuthServlet { } catch (MOAIDException ex) { - handleError(null, ex, req, resp); + handleError(null, ex, req, resp, pendingRequestID); } catch (GeneralSecurityException e) { - handleError(null, e, req, resp); + handleError(null, e, req, resp, pendingRequestID); } catch (PKIException e) { - handleError(null, e, req, resp); + handleError(null, e, req, resp, pendingRequestID); } catch (MISSimpleClientException e) { - handleError(null, e, req, resp); + handleError(null, e, req, resp, pendingRequestID); } catch (TransformerException e) { - handleError(null, e, req, resp); + handleError(null, e, req, resp, pendingRequestID); } } |