summaryrefslogtreecommitdiff
path: root/id/server/idserverlib/src/main/java
diff options
context:
space:
mode:
Diffstat (limited to 'id/server/idserverlib/src/main/java')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/proxy/servlet/ProxyServlet.java34
1 files changed, 25 insertions, 9 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/proxy/servlet/ProxyServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/proxy/servlet/ProxyServlet.java
index d4edc4298..d7e8ae686 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/proxy/servlet/ProxyServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/proxy/servlet/ProxyServlet.java
@@ -648,15 +648,31 @@ private int tunnelRequest(HttpServletRequest req, HttpServletResponse resp, Map
String loginType = (String) req.getSession().getAttribute(ATT_OA_LOGINTYPE);
while ((headerKey = conn.getHeaderFieldKey(i)) != null) {
String headerValue = conn.getHeaderField(i);
- // Überschrift im Browser-Passworteingabedialog setzen (sonst ist der reale host eingetragen)
- if (headerKey.equalsIgnoreCase("WWW-Authenticate") && headerValue.startsWith("Basic realm=\"")) {
- headerValue = "Basic realm=\"" + publicURLPrefix + "\"";
- if (OAConfiguration.BINDUNG_USERNAME.equals(originBinding) || OAConfiguration.BINDUNG_NOMATCH.equals(originBinding)) {
- headerValue = "Basic realm=\"Bitte Passwort eingeben\"";
- } else if (OAConfiguration.BINDUNG_NONE.equals(originBinding)) {
- headerValue = "Basic realm=\"Bitte Benutzername und Passwort eingeben\"";
- }
- }
+
+ if (headerKey.equalsIgnoreCase("WWW-Authenticate")) {
+ int start = headerValue.indexOf("Basic realm=\"");
+ boolean requestsBasicAuth = headerValue.substring(start).startsWith("Basic realm=\"");
+ if (requestsBasicAuth) {
+ headerValue = "Basic realm=\"" + publicURLPrefix + "\"";
+
+ if ( OAConfiguration.BINDUNG_USERNAME.equals(originBinding) || OAConfiguration.BINDUNG_NOMATCH.equals(originBinding))
+ headerValue = "Basic realm=\"Bitte Passwort eingeben\"";
+ else if ("none".equals(originBinding)) {
+ headerValue = "Basic realm=\"Bitte Benutzername und Passwort eingeben\"";
+ }
+ }
+ }
+
+// // Überschrift im Browser-Passworteingabedialog setzen (sonst ist der reale host eingetragen)
+// if (headerKey.equalsIgnoreCase("WWW-Authenticate") && headerValue.startsWith("Basic realm=\"")) {
+// headerValue = "Basic realm=\"" + publicURLPrefix + "\"";
+// if (OAConfiguration.BINDUNG_USERNAME.equals(originBinding) || OAConfiguration.BINDUNG_NOMATCH.equals(originBinding)) {
+// headerValue = "Basic realm=\"Bitte Passwort eingeben\"";
+// } else if (OAConfiguration.BINDUNG_NONE.equals(originBinding)) {
+// headerValue = "Basic realm=\"Bitte Benutzername und Passwort eingeben\"";
+// }
+// }
+
String respHeader[] = new String[2];
if ((conn.getResponseCode()==HttpURLConnection.HTTP_UNAUTHORIZED) && headerKey.equalsIgnoreCase("content-length")) {
//alter the unauthorized message with template for login
generated by cgit v1.2.3 (git 2.39.1) at 2025-10-30 15:00:50 +0000