aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java
diff options
context:
space:
mode:
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java11
1 files changed, 8 insertions, 3 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java
index 5f39abf73..ccaa7bbbb 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java
@@ -60,6 +60,8 @@ import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.auth.data.IdentityLink;
import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse;
import at.gv.egovernment.moa.id.auth.exception.ValidateException;
+import at.gv.egovernment.moa.id.config.ConfigurationException;
+import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
import at.gv.egovernment.moa.logging.Logger;
@@ -101,12 +103,13 @@ public class VerifyXMLSignatureResponseValidator {
* manifest has to be ignored (identityLink validation if
* the OA is a business service) or not
* @throws ValidateException on any validation error
+ * @throws ConfigurationException
*/
public void validate(VerifyXMLSignatureResponse verifyXMLSignatureResponse,
List<String> identityLinkSignersSubjectDNNames,
String whatToCheck,
boolean ignoreManifestValidationResult)
- throws ValidateException {
+ throws ValidateException, ConfigurationException {
if (verifyXMLSignatureResponse.getSignatureCheckCode() != 0)
throw new ValidateException("validator.06", null);
@@ -130,8 +133,10 @@ public class VerifyXMLSignatureResponseValidator {
throw new ValidateException("validator.19", new Object[] { checkFailedReason } );
}
- //check QC
- if (!verifyXMLSignatureResponse.isQualifiedCertificate())
+ //check QC
+ if (AuthConfigurationProvider.getInstance().isCertifiacteQCActive() &&
+ !whatToCheck.equals(CHECK_IDENTITY_LINK) &&
+ !verifyXMLSignatureResponse.isQualifiedCertificate())
throw new ValidateException("validator.71", null);
if (ignoreManifestValidationResult) {
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-23 03:11:56 +0000