From 6dc744a3190a86055ec1e546f0de0a3ad198091f Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Tue, 19 Jan 2016 08:39:10 +0100 Subject: add additional virtual IDP PublicURL Prefix validation --- .../at/gv/egovernment/moa/id/moduls/RequestImpl.java | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) (limited to 'id/server/idserverlib/src') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestImpl.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestImpl.java index a7027fcf1..cdaade1bb 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestImpl.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestImpl.java @@ -32,14 +32,12 @@ import javax.servlet.http.HttpServletRequest; import org.opensaml.saml2.core.Attribute; import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.ConfigurationProvider; import at.gv.egovernment.moa.id.config.auth.AuthConfiguration; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; import at.gv.egovernment.moa.id.protocols.pvp2x.messages.MOAResponse; import at.gv.egovernment.moa.id.util.HTTPUtils; import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.MiscUtil; public abstract class RequestImpl implements IRequest, Serializable{ @@ -81,7 +79,7 @@ public abstract class RequestImpl implements IRequest, Serializable{ List configuredPublicURLPrefix = config.getPublicURLPrefix(); if (!config.isVirtualIDPsEnabled()) { - Logger.debug("Virtual IDPs are disabled. Use default IDP PublicURLPrefix from configuration: " + configuredPublicURLPrefix.get(0)); + Logger.trace("Virtual IDPs are disabled. Use default IDP PublicURLPrefix from configuration: " + configuredPublicURLPrefix.get(0)); this.authURL = configuredPublicURLPrefix.get(0); } else { @@ -91,7 +89,19 @@ public abstract class RequestImpl implements IRequest, Serializable{ for (String el : configuredPublicURLPrefix) { try { URL configuredURL = new URL(el); - if (configuredURL.getHost().equals(authURL.getHost()) && + + //get Ports from URL + int configPort = configuredURL.getPort(); + if (configPort == -1) + configPort = configuredURL.getDefaultPort(); + + int authURLPort = authURL.getPort(); + if (authURLPort == -1) + authURLPort = authURL.getDefaultPort(); + + //check AuthURL against ConfigurationURL + if (configuredURL.getHost().equals(authURL.getHost()) && + configPort == authURLPort && configuredURL.getPath().equals(authURL.getPath())) { Logger.debug("Select configurated PublicURLPrefix: " + configuredURL + " for authURL: " + authURLString); -- cgit v1.2.3