diff options
-rw-r--r-- | BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/AppletBKUWorker.java | 21 |
1 files changed, 12 insertions, 9 deletions
diff --git a/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/AppletBKUWorker.java b/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/AppletBKUWorker.java index 3b6d007a..6ac892ec 100644 --- a/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/AppletBKUWorker.java +++ b/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/AppletBKUWorker.java @@ -133,16 +133,14 @@ public class AppletBKUWorker extends AbstractBKUWorker implements Runnable { } catch (RuntimeException ex) { // return ErrorResponse to server, which displays error page log.error(ex.getMessage()); - Throwable cause = ex.getCause(); ErrorResponseType err = stalObjFactory.createErrorResponseType(); - if (cause != null) { - log.error("caused by: " + cause.getMessage()); - if (cause instanceof SecurityException) { - err.setErrorCode(6002); - } else { - err.setErrorCode(4000); - } + if (ex instanceof SecurityException) { + err.setErrorCode(6002); } else { + Throwable cause = ex.getCause(); + if (cause != null) { + log.error("caused by: " + cause.getMessage()); + } err.setErrorCode(4000); } responses.clear(); @@ -189,6 +187,11 @@ public class AppletBKUWorker extends AbstractBKUWorker implements Runnable { sendRedirect(); } + /** + * throws RuntimeException if requests contain InfoboxReadRequest for IdentityLink + * and STAL Service Endpoint is no e-Gov agency + * @param stalRequests + */ private void checkPermission(List<STALRequest> stalRequests) { for (STALRequest request : stalRequests) { if (request instanceof at.gv.egiz.stal.InfoboxReadRequest) { @@ -197,7 +200,7 @@ public class AppletBKUWorker extends AbstractBKUWorker implements Runnable { String domainId = r.getDomainIdentifier(); if ("IdentityLink".equals(infoboxId) && domainId == null) { if (!InternalSSLSocketFactory.getInstance().isEgovAgency()) { - throw new RuntimeException(new SecurityException("Insufficient rights to execute command InfoboxReadRequest for Infobox IdentityLink")); + throw new SecurityException("Insufficient rights to execute command InfoboxReadRequest for Infobox IdentityLink"); } } } |