aboutsummaryrefslogtreecommitdiff
path: root/id
diff options
context:
space:
mode:
Diffstat (limited to 'id')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java4
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java9
2 files changed, 10 insertions, 3 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java
index a123569d5..a0584e1e9 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java
@@ -212,8 +212,8 @@ public class StartAuthentificationParameterParser implements MOAIDAuthConstants{
authURL = authURL.concat(":" + req.getServerPort());
}
authURL = authURL.concat(req.getContextPath() + "/");
-
- if (!authURL.startsWith("https:"))
+ boolean auth = AuthConfigurationProvider.getInstance().isHTTPAuthAllowed();
+ if (!authURL.startsWith("https:") && !AuthConfigurationProvider.getInstance().isHTTPAuthAllowed())
throw new AuthenticationException("auth.07",
new Object[] { authURL + "*" });
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
index d33a9ea92..6a2f2db44 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
@@ -1072,7 +1072,14 @@ public class AuthConfigurationProvider extends ConfigurationProvider {
else
return null;
}
-
+
+ // allow http to be used in call, used in systems proxied on the same instance
+ public boolean isHTTPAuthAllowed() {
+ String prop = props.getProperty("configuration.localhttpallowed.active", "false");
+ return Boolean.valueOf(prop);
+ }
+
+
public boolean isAdvancedLoggingActive() {
String prop = props.getProperty("configuration.advancedlogging.active", "false");
return Boolean.valueOf(prop);