aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
diff options
context:
space:
mode:
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java18
1 files changed, 11 insertions, 7 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
index a24683545..e093ce1e2 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
@@ -317,9 +317,10 @@ public class AuthenticationManager extends MOAIDAuthConstants {
* @param httpReqParam http parameter name, but never null
*/
public void addParameterNameToWhiteList(String httpReqParam) {
- if (MiscUtil.isNotEmpty(httpReqParam))
- reqParameterWhiteListeForModules.add(httpReqParam);
-
+ if (MiscUtil.isNotEmpty(httpReqParam)) {
+ if (!reqParameterWhiteListeForModules.contains(httpReqParam))
+ reqParameterWhiteListeForModules.add(httpReqParam);
+ }
}
/**
@@ -328,8 +329,11 @@ public class AuthenticationManager extends MOAIDAuthConstants {
* @param httpReqParam http header name, but never null
*/
public void addHeaderNameToWhiteList(String httpReqParam) {
- if (MiscUtil.isNotEmpty(httpReqParam))
- reqHeaderWhiteListeForModules.add(httpReqParam.toLowerCase());
+ if (MiscUtil.isNotEmpty(httpReqParam)) {
+ if (!reqHeaderWhiteListeForModules.contains(httpReqParam.toLowerCase()))
+ reqHeaderWhiteListeForModules.add(httpReqParam.toLowerCase());
+
+ }
}
@@ -439,8 +443,8 @@ public class AuthenticationManager extends MOAIDAuthConstants {
while(reqHeaderNames.hasMoreElements()) {
String paramName = reqHeaderNames.nextElement();
if (MiscUtil.isNotEmpty(paramName) && reqHeaderWhiteListeForModules.contains(paramName.toLowerCase()) ) {
- executionContext.put(paramName,
- StringEscapeUtils.escapeHtml(httpReq.getHeader(paramName)));
+ executionContext.put(paramName.toLowerCase(),
+ StringEscapeUtils.escapeHtml(httpReq.getHeader(paramName.toLowerCase())));
}
}
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-22 20:52:38 +0000