diff options
Diffstat (limited to 'id/server')
| -rw-r--r-- | id/server/auth/src/main/webapp/index.html | 1 | ||||
| -rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/proxy/servlet/ProxyServlet.java | 34 | 
2 files changed, 26 insertions, 9 deletions
| diff --git a/id/server/auth/src/main/webapp/index.html b/id/server/auth/src/main/webapp/index.html index 6e60ae433..cdf96e5b7 100644 --- a/id/server/auth/src/main/webapp/index.html +++ b/id/server/auth/src/main/webapp/index.html @@ -192,6 +192,7 @@                          <p>
                          	Diese Musterseite erfüllt die Richtlinie für barrierefreie Webinhalte 2.0 (WCAG 2.0 des W3C) Stufe AA. Das Prüfprotokoll hierzu finden Sie hier: <a href="WCAG-Pruefprotokoll.pdf" target="_blank">Pruefprotokoll.pdf (PDF, 705kB)</a>.
                          </p>
 +                        
     	            	</div>
                  </div>
              </div>
 diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/proxy/servlet/ProxyServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/proxy/servlet/ProxyServlet.java index d4edc4298..d7e8ae686 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/proxy/servlet/ProxyServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/proxy/servlet/ProxyServlet.java @@ -648,15 +648,31 @@ private int tunnelRequest(HttpServletRequest req, HttpServletResponse resp, Map    String loginType = (String) req.getSession().getAttribute(ATT_OA_LOGINTYPE);    while ((headerKey = conn.getHeaderFieldKey(i)) != null) {      String headerValue = conn.getHeaderField(i); -    // Überschrift im Browser-Passworteingabedialog setzen (sonst ist der reale host eingetragen) -    if (headerKey.equalsIgnoreCase("WWW-Authenticate") && headerValue.startsWith("Basic realm=\"")) { -      headerValue = "Basic realm=\"" + publicURLPrefix + "\""; -      if (OAConfiguration.BINDUNG_USERNAME.equals(originBinding) || OAConfiguration.BINDUNG_NOMATCH.equals(originBinding)) { -    	  headerValue = "Basic realm=\"Bitte Passwort eingeben\""; -      } else if (OAConfiguration.BINDUNG_NONE.equals(originBinding)) { -    	  headerValue = "Basic realm=\"Bitte Benutzername und Passwort eingeben\""; -      } -    }	 + +    if (headerKey.equalsIgnoreCase("WWW-Authenticate")) { +    	int start = headerValue.indexOf("Basic realm=\""); +    	boolean requestsBasicAuth = headerValue.substring(start).startsWith("Basic realm=\""); +    	if (requestsBasicAuth) { +    		headerValue = "Basic realm=\"" + publicURLPrefix + "\""; +    		 +    		if ( OAConfiguration.BINDUNG_USERNAME.equals(originBinding) || OAConfiguration.BINDUNG_NOMATCH.equals(originBinding))    		 +    			headerValue = "Basic realm=\"Bitte Passwort eingeben\""; +    		else if ("none".equals(originBinding)) { +    			headerValue = "Basic realm=\"Bitte Benutzername und Passwort eingeben\""; +    		} +    	} +    } +     +//    // Überschrift im Browser-Passworteingabedialog setzen (sonst ist der reale host eingetragen) +//    if (headerKey.equalsIgnoreCase("WWW-Authenticate") && headerValue.startsWith("Basic realm=\"")) { +//      headerValue = "Basic realm=\"" + publicURLPrefix + "\""; +//      if (OAConfiguration.BINDUNG_USERNAME.equals(originBinding) || OAConfiguration.BINDUNG_NOMATCH.equals(originBinding)) { +//    	  headerValue = "Basic realm=\"Bitte Passwort eingeben\""; +//      } else if (OAConfiguration.BINDUNG_NONE.equals(originBinding)) { +//    	  headerValue = "Basic realm=\"Bitte Benutzername und Passwort eingeben\""; +//      } +//    } +          String respHeader[] = new String[2];      if ((conn.getResponseCode()==HttpURLConnection.HTTP_UNAUTHORIZED) && headerKey.equalsIgnoreCase("content-length")) {        //alter the unauthorized message with template for login  | 
