From 1848868d2d5a139696c4a6ae25a5c6b528354b4c Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Tue, 2 Feb 2016 14:48:18 +0100
Subject: add missing log message in PVP authentication-protocol preprocessing

---
 .../java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java    | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
index ee5685e5f..c0ec086ed 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
@@ -296,6 +296,8 @@ public class PVP2XProtocol extends MOAIDAuthConstants implements IModulInfo  {
 			}
 			
 		} catch (PVP2Exception e) {
+			String samlRequest = request.getParameter("SAMLRequest");			
+			Logger.warn("Receive INVALID protocol request: " + samlRequest, e);
 			throw e;
 		
 		} catch (SecurityPolicyException e) {
-- 
cgit v1.2.3


From 10b6016ef4d5830dd157f13f24230c712790d789 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Mon, 8 Feb 2016 10:04:28 +0100
Subject: fix possible NullPointerException if pendingRequest is not found any
 more

---
 .../id/auth/modules/internal/tasks/FinalizeAuthenticationTask.java  | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/FinalizeAuthenticationTask.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/FinalizeAuthenticationTask.java
index 8add03da7..712ebb731 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/FinalizeAuthenticationTask.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/FinalizeAuthenticationTask.java
@@ -59,6 +59,12 @@ public class FinalizeAuthenticationTask extends AbstractAuthServletTask {
 			IRequest pendingReq = RequestStorage.getPendingRequest(
 					(String) executionContext.get("pendingRequestID"));	
 		
+			if (pendingReq == null) {
+				Logger.info("No PendingRequest with Id: " + executionContext.get("pendingRequestID") + " Maybe, a transaction timeout occure.");
+				throw new MOAIDException("auth.28", new Object[]{executionContext.get("pendingRequestID")});
+				
+			}
+			
 			//get Session from context
 			String moasessionid = (String) executionContext.get(PARAM_SESSIONID);
 			AuthenticationSession session = null;				
-- 
cgit v1.2.3