From 7e854376747e199ba45d28de1c645bf5eb369117 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Mon, 30 Jan 2017 15:24:37 +0100
Subject: small change in VelocityProvider

---
 .../auth/frontend/velocity/VelocityProvider.java   | 32 +++++++++++++---------
 1 file changed, 19 insertions(+), 13 deletions(-)

(limited to 'id/server')

diff --git a/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/velocity/VelocityProvider.java b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/velocity/VelocityProvider.java
index 21fe110ca..015d8e321 100644
--- a/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/velocity/VelocityProvider.java
+++ b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/velocity/VelocityProvider.java
@@ -62,19 +62,22 @@ import org.apache.velocity.runtime.RuntimeConstants;
  */
 public class VelocityProvider {
 
+	private static VelocityEngine velocityEngine = null;
+	
 	/**
 	 * Gets velocityEngine from Classpath
 	 * @return VelocityEngine
 	 * @throws Exception
 	 */
 	public static VelocityEngine getClassPathVelocityEngine() throws Exception {
-		VelocityEngine velocityEngine = getBaseVelocityEngine();
-        velocityEngine.setProperty(RuntimeConstants.RESOURCE_LOADER, "classpath");
-        velocityEngine.setProperty("classpath.resource.loader.class",
-                "org.apache.velocity.runtime.resource.loader.ClasspathResourceLoader");
-        
-        
-		velocityEngine.init();
+		if (velocityEngine == null) {
+			velocityEngine = getBaseVelocityEngine();
+			velocityEngine.setProperty(RuntimeConstants.RESOURCE_LOADER, "classpath");
+			velocityEngine.setProperty("classpath.resource.loader.class",
+					"org.apache.velocity.runtime.resource.loader.ClasspathResourceLoader");                
+			velocityEngine.init();
+			
+		}
 		
 		return velocityEngine;
 	}
@@ -86,13 +89,16 @@ public class VelocityProvider {
 	 * @throws Exception
 	 */
 	public static VelocityEngine getFileVelocityEngine(String rootPath) throws Exception {
-		VelocityEngine velocityEngine = getBaseVelocityEngine();
-        velocityEngine.setProperty(RuntimeConstants.RESOURCE_LOADER, "file");
-        velocityEngine.setProperty("file.resource.loader.class",
-                "org.apache.velocity.runtime.resource.loader.FileResourceLoader");
-        velocityEngine.setProperty("file.resource.loader.path", rootPath);
+		if (velocityEngine == null) {
+			velocityEngine = getBaseVelocityEngine();
+			velocityEngine.setProperty(RuntimeConstants.RESOURCE_LOADER, "file");
+			velocityEngine.setProperty("file.resource.loader.class",
+					"org.apache.velocity.runtime.resource.loader.FileResourceLoader");
+			velocityEngine.setProperty("file.resource.loader.path", rootPath);
         
-		velocityEngine.init();
+			velocityEngine.init();
+			
+		}
 		
 		return velocityEngine;
 	}
-- 
cgit v1.2.3


From d0804f617695cc2ee1bb1c1e86fcef8cda98d7b9 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Tue, 31 Jan 2017 10:01:31 +0100
Subject: fix problem with selection of authentication process and eIDAS
 authentication

---
 .../id/auth/modules/internal/DefaultCitizenCardAuthModuleImpl.java   | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

(limited to 'id/server')

diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/DefaultCitizenCardAuthModuleImpl.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/DefaultCitizenCardAuthModuleImpl.java
index b0efb100a..7caf2f5a1 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/DefaultCitizenCardAuthModuleImpl.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/DefaultCitizenCardAuthModuleImpl.java
@@ -26,8 +26,9 @@ public class DefaultCitizenCardAuthModuleImpl implements AuthModule {
 		if (performBKUSelectionObj != null && performBKUSelectionObj instanceof Boolean)
 			performBKUSelection = (boolean) performBKUSelectionObj;
 		
-		if (StringUtils.isBlank((String) context.get("ccc")) && 
-				StringUtils.isNotBlank((String) context.get(MOAIDAuthConstants.PARAM_BKU)) &&
+		if ( (StringUtils.isBlank((String) context.get("ccc")) && 
+				StringUtils.isBlank((String) context.get("CCC")) ) && 
+					StringUtils.isNotBlank((String) context.get(MOAIDAuthConstants.PARAM_BKU)) &&
 				 	!performBKUSelection)
 			return "DefaultAuthentication";
 		
-- 
cgit v1.2.3


From 7d9c2ec8e170df74fa544cdb83d8967c3d654ed2 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Tue, 31 Jan 2017 13:18:30 +0100
Subject: fix problem with iaik pki-module and worker threads

---
 .../moa/id/commons/utils/ssl/SSLUtils.java         | 27 ++++++++++++++++++++--
 1 file changed, 25 insertions(+), 2 deletions(-)

(limited to 'id/server')

diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/SSLUtils.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/SSLUtils.java
index 4ecda435d..109390132 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/SSLUtils.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/SSLUtils.java
@@ -61,6 +61,8 @@ import javax.net.ssl.TrustManager;
 
 import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.KeyStoreUtils;
+import at.gv.egovernment.moaspss.logging.LoggingContext;
+import at.gv.egovernment.moaspss.logging.LoggingContextManager;
 import iaik.pki.DefaultPKIConfiguration;
 import iaik.pki.PKIException;
 import iaik.pki.PKIFactory;
@@ -94,6 +96,21 @@ public class SSLUtils {
     
   }
 
+  /**
+   * IAIK PKI module and MOA-SIG uses a ThreadLocal variable for logging
+   * check if current thread has set this variable and set loggingcontext otherwise
+   * 
+   * @param url transactionID for logging
+   */
+  private static void checkMoaSigLoggingContext(String url) {
+	  LoggingContextManager logMgr = LoggingContextManager.getInstance();  
+	  if (logMgr.getLoggingContext() == null) {
+		  LoggingContext ctx = new LoggingContext(url);
+	      logMgr.setLoggingContext(ctx);
+	        
+	  }	  
+  }
+  
   public static SSLSocketFactory getSSLSocketFactory(
 		  String url, 
 		  String certStoreRootDirParam, 
@@ -111,8 +128,11 @@ public class SSLUtils {
     Logger.debug("Get SSLSocketFactory for " + url);
     // retrieve SSLSocketFactory if already created
     SSLSocketFactory ssf = (SSLSocketFactory)sslSocketFactories.get(url);
-    if (ssf != null) 
-      return ssf;
+    if (ssf != null) {
+    	checkMoaSigLoggingContext(url);    	
+    	return ssf;
+    	
+    }
         
     TrustManager[] tms = getTrustManagers(
     		 certStoreRootDirParam,
@@ -129,6 +149,9 @@ public class SSLUtils {
     ssf = ctx.getSocketFactory();
     // store SSLSocketFactory
     sslSocketFactories.put(url, ssf);
+    
+    checkMoaSigLoggingContext(url); 
+    
     return ssf;
   }
   
-- 
cgit v1.2.3


From 6f8fabef2ee6abaef940d6a2a64cd6ec79de0542 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Tue, 21 Feb 2017 15:30:11 +0100
Subject: update javadoc

---
 .../java/at/gv/egovernment/moa/id/commons/api/AuthConfiguration.java    | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'id/server')

diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/AuthConfiguration.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/AuthConfiguration.java
index d2c827d55..fcf4c3ffa 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/AuthConfiguration.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/AuthConfiguration.java
@@ -32,7 +32,7 @@ public interface AuthConfiguration extends ConfigurationProvider{
 	 * Get a configuration value from basic file based MOA-ID configuration
 	 * 
 	 * @param key configuration key 
-	 * @return configuration value 
+	 * @return configuration value or null if it is not found
 	 */
 	public String getBasicMOAIDConfiguration(final String key);
 	
-- 
cgit v1.2.3


From 27933ddff7201ea229e1f9572c88eecba47304c7 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Fri, 10 Mar 2017 16:02:16 +0100
Subject: fix possible DoS Bug

---
 .../src/main/java/at/gv/egovernment/moa/util/DOMUtils.java | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

(limited to 'id/server')

diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/DOMUtils.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/DOMUtils.java
index fed968443..62a168ac8 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/DOMUtils.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/DOMUtils.java
@@ -28,6 +28,7 @@ import java.io.ByteArrayInputStream;
 import java.io.ByteArrayOutputStream;
 import java.io.IOException;
 import java.io.InputStream;
+import java.util.Collections;
 import java.util.HashMap;
 import java.util.HashSet;
 import java.util.Iterator;
@@ -542,6 +543,7 @@ public class DOMUtils {
   
   /**
    * A convenience method to parse an XML document non validating.
+   * This method disallow DocType declarations 
    * 
    * @param inputStream The <code>InputStream</code> containing the XML
    * document.
@@ -552,10 +554,16 @@ public class DOMUtils {
    * parser.
    */
   public static Element parseXmlNonValidating(InputStream inputStream)
-    throws ParserConfigurationException, SAXException, IOException {
+    throws ParserConfigurationException, SAXException, IOException {	  
     return DOMUtils
-      .parseDocument(inputStream, false, Constants.ALL_SCHEMA_LOCATIONS, null, null)
-      .getDocumentElement();
+      .parseDocument(inputStream, false, Constants.ALL_SCHEMA_LOCATIONS, null, 
+    		  Collections.unmodifiableMap(new HashMap<String, Object>() {
+    			  private static final long serialVersionUID = 1L;
+    			  {	
+    				  put(DOMUtils.DISALLOW_DOCTYPE_FEATURE, true);
+				
+    			  }
+    		  })).getDocumentElement();
   }
 
   /**
-- 
cgit v1.2.3


From a3f328d74992d6f706a2ec7f719f15f3c35164ab Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Mon, 13 Mar 2017 10:49:05 +0100
Subject: update build process to support current JDK version

---
 id/server/moa-id-commons/pom.xml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'id/server')

diff --git a/id/server/moa-id-commons/pom.xml b/id/server/moa-id-commons/pom.xml
index d8d2e0d3d..51cb6d5af 100644
--- a/id/server/moa-id-commons/pom.xml
+++ b/id/server/moa-id-commons/pom.xml
@@ -317,7 +317,7 @@
              <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-compiler-plugin</artifactId>
-                <version>2.0.2</version>
+                <version>3.6.1</version>
                 <configuration>
                     <source>1.7</source>
                     <target>1.7</target>
@@ -375,7 +375,7 @@
     </executions>
   </plugin>
 
-            <plugin>
+             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-jar-plugin</artifactId>
                 <configuration>
-- 
cgit v1.2.3


From 583b352de3eda9dd57f427c9d59aa1c395f182a2 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Tue, 14 Mar 2017 08:35:56 +0100
Subject: workaround to fix possible problem with OpenSAML
 SecureRandomIdentifierGenerator in combination with JDK 8.121 and IAIK_JCE
 that cause in a java.lang.ArrayIndexOutOfBoundsException

---
 .../moa/id/protocols/pvp2x/utils/SAML2Utils.java         | 16 +++++++++++++++-
 .../main/java/at/gv/egovernment/moa/id/util/Random.java  | 12 +++++++++++-
 2 files changed, 26 insertions(+), 2 deletions(-)

(limited to 'id/server')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/SAML2Utils.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/SAML2Utils.java
index 9d57c2bae..28a85b4af 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/SAML2Utils.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/SAML2Utils.java
@@ -46,6 +46,8 @@ import org.opensaml.xml.io.Marshaller;
 import org.opensaml.xml.io.MarshallingException;
 import org.w3c.dom.Document;
 
+import at.gv.egovernment.moa.id.util.Random;
+
 public class SAML2Utils {
 
 	public static <T> T createSAMLObject(final Class<T> clazz) {
@@ -66,7 +68,19 @@ public class SAML2Utils {
 	}
 
 	public static String getSecureIdentifier() {
-		return idGenerator.generateIdentifier();
+		return "_".concat(Random.nextHexRandom16());
+		
+		/*Bug-Fix: There are open problems with RandomNumberGenerator via Java SPI and Java JDK 8.121 
+		*          Generation of a 16bit Random identifier FAILES with an  Caused by: java.lang.ArrayIndexOutOfBoundsException
+		*          Caused by: java.lang.ArrayIndexOutOfBoundsException
+							  at iaik.security.random.o.engineNextBytes(Unknown Source)
+							  at iaik.security.random.SecRandomSpi.engineNextBytes(Unknown Source)
+						      at java.security.SecureRandom.nextBytes(SecureRandom.java:468)
+						      at org.opensaml.common.impl.SecureRandomIdentifierGenerator.generateIdentifier(SecureRandomIdentifierGenerator.java:62)
+						      at org.opensaml.common.impl.SecureRandomIdentifierGenerator.generateIdentifier(SecureRandomIdentifierGenerator.java:56)
+						      at at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils.getSecureIdentifier(SAML2Utils.java:69)        
+		*/		
+		//return idGenerator.generateIdentifier();
 	}
 	
 	private static SecureRandomIdentifierGenerator idGenerator;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/Random.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/Random.java
index ba45a3679..1f9050a31 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/Random.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/Random.java
@@ -114,9 +114,19 @@ public class Random {
 	 * 
 	 * @return random hex encoded value [256bit]
 	 */
-	public static String nextHexRandom() {
+	public static String nextHexRandom32() {
 		return new String(Hex.encodeHex(nextByteRandom(32))); // 32 bytes = 256 bits
 		
+	}
+	
+	/**
+	 * Creates a new random number [128bit], and encode it as hex value.
+	 * 
+	 * @return random hex encoded value [128bit]
+	 */
+	public static String nextHexRandom16() {
+		return new String(Hex.encodeHex(nextByteRandom(16))); // 16 bytes = 128 bits
+		
 	}
 	
 	  /**
-- 
cgit v1.2.3


From 60e6b93ead4df30f24dc08d92ddcf4e0c04a8ec4 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Wed, 15 Mar 2017 22:20:39 +0100
Subject: Fix bug in statistic logger that broke the authentication process on
 some protocols if database persist operation failes

---
 .../moa/id/advancedlogging/StatisticLogger.java    | 27 ++++++++++++++++++----
 1 file changed, 22 insertions(+), 5 deletions(-)

(limited to 'id/server')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java
index 5b0f5115d..dfea14a72 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java
@@ -205,8 +205,14 @@ public class StatisticLogger implements IStatisticLogger{
 					}
 				}		
 			}
-						
-			entityManager.persist(dblog);
+			
+			try {
+				entityManager.persist(dblog);
+				
+			} catch (Exception e) {
+				Logger.warn("Write 'success' statisticLog to database FAILED.", e);
+				
+			}
 			
 		}	
 	}
@@ -227,8 +233,13 @@ public class StatisticLogger implements IStatisticLogger{
 			}
 			
 
-			
-			entityManager.persist(dblog);
+			try {
+				entityManager.persist(dblog);
+				
+			} catch (Exception e) {
+				Logger.warn("Write 'error' statisticLog to database FAILED.", e);
+				
+			}
 			
 		}
 		
@@ -282,7 +293,13 @@ public class StatisticLogger implements IStatisticLogger{
 				
 				generateErrorLogFormThrowable(throwable, dblog);
 				
-				entityManager.persist(dblog);
+				try {
+					entityManager.persist(dblog);
+						
+				} catch (Exception e) {
+					Logger.warn("Write 'error' statisticLog to database FAILED.", e);
+					
+				}
 
 			}
 		}
-- 
cgit v1.2.3


From dcd4734b89908ad91bf9a537bdb5c3d615537fc2 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Thu, 16 Mar 2017 06:07:06 +0100
Subject: make nextByteRandom synchronized to additionally prevent problems
 with IAIK_JCE and Java JDK => 8u111

---
 .../idserverlib/src/main/java/at/gv/egovernment/moa/id/util/Random.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'id/server')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/Random.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/Random.java
index 1f9050a31..ac2b3c415 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/Random.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/Random.java
@@ -168,7 +168,7 @@ public class Random {
    * @param size Size of random number in bits
    * @return
    */
-  private static byte[] nextByteRandom(int size) {
+  private static synchronized byte[] nextByteRandom(int size) {
 	  byte[] b = new byte[size];
 	  random.nextBytes(b);			 
 	  return b;
-- 
cgit v1.2.3


From 05646346f18cf24471d05f1124f61d80feb1e69e Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Thu, 16 Mar 2017 06:27:23 +0100
Subject: limit length of some logged identifier to max length of 254
 characters

---
 .../moa/id/advancedlogging/StatisticLogger.java    | 27 ++++++++++++++--------
 1 file changed, 18 insertions(+), 9 deletions(-)

(limited to 'id/server')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java
index dfea14a72..6f700d1cb 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java
@@ -74,6 +74,7 @@ public class StatisticLogger implements IStatisticLogger{
 	private static final String MANTATORTYPE_NAT = "nat";
 	
 	private static final int MAXERRORLENGTH = 200;
+	private static final int MAXOAIDENTIFIER_LENGTH = 254;
 	
 	private static final String ERRORTYPE_UNKNOWN = "unkown";
 	private static final String ERRORTYPE_BKU = "bku";
@@ -119,7 +120,7 @@ public class StatisticLogger implements IStatisticLogger{
 			//dblog.setOaID(dbOA.getHjid());
 			
 			//log basic AuthInformation
-			dblog.setOaurlprefix(protocolRequest.getOAURL());
+			dblog.setOaurlprefix(getMessageWithMaxLength(dbOA.getPublicURLPrefix(), MAXOAIDENTIFIER_LENGTH));
 			dblog.setOafriendlyName(dbOA.getFriendlyName());
 			
 			boolean isbusinessservice = isBusinessService(dbOA);
@@ -254,12 +255,15 @@ public class StatisticLogger implements IStatisticLogger{
 			dblog.setTimestamp(new Date());
 			
 			
-			dblog.setOaurlprefix(errorRequest.getOAURL());
+			dblog.setOaurlprefix(getMessageWithMaxLength(errorRequest.getOAURL(), MAXOAIDENTIFIER_LENGTH));
 			dblog.setProtocoltype(errorRequest.requestedModule());
 			dblog.setProtocolsubtype(errorRequest.requestedAction());
 			
+			generateErrorLogFormThrowable(throwable, dblog);
+			
 			IOAAuthParameters dbOA = errorRequest.getOnlineApplicationConfiguration();
 			if (dbOA != null) {
+				dblog.setOaurlprefix(getMessageWithMaxLength(dbOA.getPublicURLPrefix(), MAXOAIDENTIFIER_LENGTH));
 				dblog.setOafriendlyName(dbOA.getFriendlyName());
 				dblog.setOatarget(dbOA.getTarget());
 				//dblog.setOaID(dbOA.getHjid());
@@ -291,17 +295,18 @@ public class StatisticLogger implements IStatisticLogger{
 					dblog.setMandatelogin(moasession.isMandateUsed());
 				}
 				
-				generateErrorLogFormThrowable(throwable, dblog);
 				
-				try {
-					entityManager.persist(dblog);
+				
+			}
 						
-				} catch (Exception e) {
-					Logger.warn("Write 'error' statisticLog to database FAILED.", e);
+			try {
+				entityManager.persist(dblog);
 					
-				}
-
+			} catch (Exception e) {
+				Logger.warn("Write 'error' statisticLog to database FAILED.", e);
+				
 			}
+			
 		}
 	}
 	
@@ -313,6 +318,10 @@ public class StatisticLogger implements IStatisticLogger{
 			return false;
 	}
 	
+	private String getMessageWithMaxLength(String msg, int maxlength) {
+		return getErrorMessageWithMaxLength(msg, maxlength);
+		
+	}
 	
 	private String getErrorMessageWithMaxLength(String error, int maxlength) {
 		if (error != null) {
-- 
cgit v1.2.3