diff options
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet')
3 files changed, 9 insertions, 2 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java index 0285dd75b..14a2b583b 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java @@ -105,6 +105,7 @@ public class LogOutServlet { } catch (Exception e) { resp.sendError(HttpServletResponse.SC_FORBIDDEN, "Request not allowed."); + Logger.warn("Requested URL is not in PublicPrefix Configuration"); return; } finally { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java index e5a8bb739..478462adb 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java @@ -86,7 +86,8 @@ public class RedirectServlet { List<String> allowedPublicUrlPrefixes = authConfig.getPublicURLPrefix(); if ((oa == null && !checkRedirectToItself(url, allowedPublicUrlPrefixes)) - || !authConfig.getPublicURLPrefix().contains(authURL)) { + || !authConfig.getPublicURLPrefix().contains(authURL)) { + Logger.warn("Requested URL " + authURL + " is not in PublicPrefix Configuration"); resp.sendError(HttpServletResponse.SC_FORBIDDEN, "Parameters not valid"); return; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/interceptor/UniqueSessionIdentifierInterceptor.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/interceptor/UniqueSessionIdentifierInterceptor.java index 5aa3a691f..791aa51b7 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/interceptor/UniqueSessionIdentifierInterceptor.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/interceptor/UniqueSessionIdentifierInterceptor.java @@ -38,6 +38,7 @@ import at.gv.egiz.eaaf.core.impl.utils.Random; import at.gv.egiz.eaaf.core.impl.utils.TransactionIDUtils; import at.gv.egovernment.moa.id.moduls.SSOManager; import at.gv.egovernment.moa.util.MiscUtil; +import at.gv.egovernment.moaspss.logging.Logger; /** * @author tlenz @@ -58,6 +59,8 @@ public class UniqueSessionIdentifierInterceptor implements HandlerInterceptor { String uniqueSessionIdentifier = null; + Logger.trace("PreProcess req. in " + UniqueSessionIdentifierInterceptor.class.getName()); + //if SSOManager is available, search SessionIdentifier in SSO session if (ssomanager != null) { String ssoId = ssomanager.getSSOSessionID(request); @@ -78,8 +81,10 @@ public class UniqueSessionIdentifierInterceptor implements HandlerInterceptor { } //if NO SSOSession and no PendingRequest create new SessionIdentifier - if (StringUtils.isEmpty(uniqueSessionIdentifier)) + if (StringUtils.isEmpty(uniqueSessionIdentifier)) { uniqueSessionIdentifier = Random.nextHexRandom16(); + Logger.debug("Set new UniqueSessionIdentifier: " + uniqueSessionIdentifier); + } TransactionIDUtils.setSessionId(uniqueSessionIdentifier); request.setAttribute(EAAFConstants.UNIQUESESSIONIDENTIFIER, uniqueSessionIdentifier); |