3 files changed, 9 insertions, 2 deletions

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java
index 0285dd75b..14a2b583b 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java
@@ -105,6 +105,7 @@ public class LogOutServlet {
 		
 		} catch (Exception e) {
 			resp.sendError(HttpServletResponse.SC_FORBIDDEN, "Request not allowed.");
+			Logger.warn("Requested URL is not in PublicPrefix Configuration");
 			return;
 			
 		} finally {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java
index e5a8bb739..478462adb 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java
@@ -86,7 +86,8 @@ public class RedirectServlet {
 			List<String> allowedPublicUrlPrefixes = authConfig.getPublicURLPrefix();
 			
 			if ((oa == null && !checkRedirectToItself(url, allowedPublicUrlPrefixes)) 
-					|| !authConfig.getPublicURLPrefix().contains(authURL)) {		
+					|| !authConfig.getPublicURLPrefix().contains(authURL)) {
+				Logger.warn("Requested URL " + authURL + " is not in PublicPrefix Configuration");
 				resp.sendError(HttpServletResponse.SC_FORBIDDEN, "Parameters not valid");
 				return;
 				
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/interceptor/UniqueSessionIdentifierInterceptor.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/interceptor/UniqueSessionIdentifierInterceptor.java
index 5aa3a691f..791aa51b7 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/interceptor/UniqueSessionIdentifierInterceptor.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/interceptor/UniqueSessionIdentifierInterceptor.java
@@ -38,6 +38,7 @@ import at.gv.egiz.eaaf.core.impl.utils.Random;
 import at.gv.egiz.eaaf.core.impl.utils.TransactionIDUtils;
 import at.gv.egovernment.moa.id.moduls.SSOManager;
 import at.gv.egovernment.moa.util.MiscUtil;
+import at.gv.egovernment.moaspss.logging.Logger;
 
 /**
  * @author tlenz
@@ -58,6 +59,8 @@ public class UniqueSessionIdentifierInterceptor implements HandlerInterceptor {
 		
 		String uniqueSessionIdentifier = null;
 		
+		Logger.trace("PreProcess req. in " + UniqueSessionIdentifierInterceptor.class.getName());
+		
 		//if SSOManager is available, search SessionIdentifier in SSO session
 		if (ssomanager != null) {
 			String ssoId = ssomanager.getSSOSessionID(request);			
@@ -78,8 +81,10 @@ public class UniqueSessionIdentifierInterceptor implements HandlerInterceptor {
 		}
 		
 		//if NO SSOSession and no PendingRequest create new SessionIdentifier
-		if (StringUtils.isEmpty(uniqueSessionIdentifier))
+		if (StringUtils.isEmpty(uniqueSessionIdentifier)) {
 			uniqueSessionIdentifier = Random.nextHexRandom16();
+			Logger.debug("Set new UniqueSessionIdentifier: " + uniqueSessionIdentifier);
+		}
 		
 		TransactionIDUtils.setSessionId(uniqueSessionIdentifier);		
 		request.setAttribute(EAAFConstants.UNIQUESESSIONIDENTIFIER, uniqueSessionIdentifier);