aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
diff options
context:
space:
mode:
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java7
1 files changed, 5 insertions, 2 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
index 89da2b7af..0ea828931 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
@@ -73,7 +73,6 @@ public class DispatcherServlet extends AuthServlet{
protected void processRequest(HttpServletRequest req,
HttpServletResponse resp) throws ServletException, IOException {
-
boolean isValidSSOSession = false;
boolean useSSOOA = false;
String protocolRequestID = null;
@@ -267,7 +266,7 @@ public class DispatcherServlet extends AuthServlet{
for (String el : mapkeys) {
IRequest value = protocolRequests.get(el);
- if (value.getOAURL() != null && value.getOAURL().equals(protocolRequest.getOAURL())) {
+ if (value.getOAURL().equals(protocolRequest.getOAURL())) {
if(!AuthenticationSessionStoreage.deleteSessionWithPendingRequestID(el)) {
Logger.warn(DispatcherServlet.class.getName()+": NO MOASession with PendingRequestID " + el + " found. Delete all user sessions!");
@@ -354,6 +353,7 @@ public class DispatcherServlet extends AuthServlet{
isValidSSOSession = ssomanager.isValidSSOSession(ssoId, req);
useSSOOA = oaParam.useSSO();
+
//if a legacy request is used SSO should not be allowed, actually
boolean isUseMandateRequested = LegacyHelper.isUseMandateRequested(req);
@@ -427,6 +427,9 @@ public class DispatcherServlet extends AuthServlet{
moasession = AuthenticationSessionStoreage.getSession(moasessionID);
moasessionID = AuthenticationSessionStoreage.changeSessionID(moasession);
}
+
+
+
}
String assertionID = moduleAction.processRequest(protocolRequest, req, resp, moasession);
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-12 20:28:09 +0000