aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
diff options
context:
space:
mode:
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java18
1 files changed, 15 insertions, 3 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
index b5e957c5a..09314ba37 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
@@ -9,9 +9,12 @@ import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.StringEscapeUtils;
+import at.gv.egovernment.moa.id.AuthenticationException;
import at.gv.egovernment.moa.id.MOAIDException;
import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.auth.WrongParametersException;
+import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
+import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
import at.gv.egovernment.moa.id.moduls.IAction;
import at.gv.egovernment.moa.id.moduls.IModulInfo;
import at.gv.egovernment.moa.id.moduls.IRequest;
@@ -67,6 +70,7 @@ public class SAML1Protocol implements IModulInfo, MOAIDAuthConstants {
RequestImpl config = new RequestImpl();
String oaURL = (String) request.getParameter(PARAM_OA);
oaURL = StringEscapeUtils.escapeHtml(oaURL);
+
String target = (String) request.getParameter(PARAM_TARGET);
target = StringEscapeUtils.escapeHtml(target);
@@ -76,15 +80,23 @@ public class SAML1Protocol implements IModulInfo, MOAIDAuthConstants {
target = null;
}
-
if (!ParamValidatorUtils.isValidOA(oaURL))
throw new WrongParametersException("StartAuthentication", PARAM_OA,
"auth.12");
config.setOAURL(oaURL);
- config.setTarget(target);
+
+ //load Target only from OA config
+ OAAuthParameter oaParam = AuthConfigurationProvider.getInstance()
+ .getOnlineApplicationParameter(oaURL);
+
+ if (oaParam == null)
+ throw new AuthenticationException("auth.00",
+ new Object[] { oaURL });
+
+ config.setTarget(oaParam.getTarget());
request.getSession().setAttribute(PARAM_OA, oaURL);
- request.getSession().setAttribute(PARAM_TARGET, target);
+ request.getSession().setAttribute(PARAM_TARGET, oaParam.getTarget());
return config;
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-01 13:28:39 +0000