aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
diff options
context:
space:
mode:
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java16
1 files changed, 3 insertions, 13 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
index d04c0b3d5..7c2a9d533 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
@@ -2,21 +2,15 @@ package at.gv.egovernment.moa.id.moduls;
import java.io.IOException;
import java.io.PrintWriter;
-import java.util.ArrayList;
-import java.util.Arrays;
import java.util.List;
-import javax.servlet.RequestDispatcher;
-import javax.servlet.ServletContext;
import javax.servlet.ServletException;
-import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import at.gv.egovernment.moa.id.AuthenticationException;
import at.gv.egovernment.moa.id.MOAIDException;
-import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.auth.WrongParametersException;
import at.gv.egovernment.moa.id.auth.builder.LoginFormBuilder;
import at.gv.egovernment.moa.id.auth.builder.StartAuthenticationBuilder;
@@ -202,11 +196,10 @@ public class AuthenticationManager extends AuthServlet {
setNoCachingHeadersInHttpRespone(request, response);
- //TODO:move this to config!!!
- final List<String> PROTOCOLS_LEGACY_ALLOWED = Arrays.asList("id_saml1","id_pvp2x");
+ List<String> legacyallowed_prot = AuthConfigurationProvider.getInstance().getLegacyAllowedProtocols();
//is legacy allowed
- boolean legacyallowed = PROTOCOLS_LEGACY_ALLOWED.contains(target.requestedModule());
+ boolean legacyallowed = legacyallowed_prot.contains(target.requestedModule());
//check legacy request parameter
boolean legacyparamavail = ParamValidatorUtils.areAllLegacyParametersAvailable(request);
@@ -265,12 +258,9 @@ public class AuthenticationManager extends AuthServlet {
.getOnlineApplicationParameter(target.getOAURL());
if (oaParam == null) {
- //TODO: Find a better place for this!!
- request.getSession().invalidate();
throw new AuthenticationException("auth.00", new Object[] { target.getOAURL() });
}
-
-
+
else {
//check if an MOASession exists and if not create an new MOASession
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-25 17:30:01 +0000