1 files changed, 17 insertions, 15 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java
index 762d9af2c..bc3b30334 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java
@@ -288,15 +288,16 @@ public class CreateXMLSignatureResponseValidator {
     }
     if (samlAttribute.getNamespace().equals("http://reference.e-government.gv.at/namespace/moa/20020822#")) {
       String samlSpecialText = (String)samlAttribute.getValue();
+      samlSpecialText = samlSpecialText.replaceAll("'", "&#39;");
       
-    String text = "";
-    try {
+      String text = "";
+      try {
 		OAAuthParameter oaparam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(session.getPublicOAURLPrefix());
 		if (MiscUtil.isNotEmpty(text = oaparam.getAditionalAuthBlockText()))
 			Logger.info("Use addional AuthBlock Text from OA=" + oaparam.getPublicURLPrefix());
-	} catch (ConfigurationException e) {
-		Logger.warn("Addional AuthBlock Text can not loaded from OA!", e);
-	}
+      } catch (ConfigurationException e) {
+    	  Logger.warn("Addional AuthBlock Text can not loaded from OA!", e);
+      }
       
       
       String specialText = AuthenticationBlockAssertionBuilder.generateSpecialText(text, issuer, identityLink.getDateOfBirth(), issueInstant);
@@ -516,22 +517,23 @@ public class CreateXMLSignatureResponseValidator {
     }
     if (samlAttribute.getNamespace().equals("http://reference.e-government.gv.at/namespace/moa/20020822#")) {
       String samlSpecialText = (String)samlAttribute.getValue();
+      samlSpecialText = samlSpecialText.replaceAll("'", "&#39;");
       
-    String text = "";
-    try {
-		if (MiscUtil.isNotEmpty(text = AuthConfigurationProvider.getInstance().getSSOSpecialText()))
+      String text = "";
+      try {
+    	 if (MiscUtil.isNotEmpty(text = AuthConfigurationProvider.getInstance().getSSOSpecialText()))
 			Logger.info("Use addional AuthBlock Text from SSO=" +text);
 		else
 			text = new String();
-	} catch (ConfigurationException e) {
-		Logger.warn("Addional AuthBlock Text can not loaded from SSO!", e);
-	}
+      } catch (ConfigurationException e) {
+    	  Logger.warn("Addional AuthBlock Text can not loaded from SSO!", e);
+      }
       
       
-      String specialText = AuthenticationBlockAssertionBuilder.generateSpecialText(text, issuer, identityLink.getDateOfBirth(), issueInstant);
-      if (!samlSpecialText.equals(specialText)) {
-        throw new ValidateException("validator.67", new Object[] {samlSpecialText, specialText});
-      }
+      	String specialText = AuthenticationBlockAssertionBuilder.generateSpecialText(text, identityLink.getName(), identityLink.getDateOfBirth(), identityLink.getIssueInstant());
+      	if (!samlSpecialText.equals(specialText)) {
+      		throw new ValidateException("validator.67", new Object[] {samlSpecialText, specialText});
+      	}
     } else {
       throw new ValidateException("validator.35", null);
     }