1 files changed, 12 insertions, 9 deletions

diff --git a/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/AppletBKUWorker.java b/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/AppletBKUWorker.java
index 3b6d007a..6ac892ec 100644
--- a/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/AppletBKUWorker.java
+++ b/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/AppletBKUWorker.java
@@ -133,16 +133,14 @@ public class AppletBKUWorker extends AbstractBKUWorker implements Runnable {
         } catch (RuntimeException ex) {
           // return ErrorResponse to server, which displays error page
           log.error(ex.getMessage());
-          Throwable cause = ex.getCause();
           ErrorResponseType err = stalObjFactory.createErrorResponseType();
-          if (cause != null) {
-            log.error("caused by: " + cause.getMessage());
-            if (cause instanceof SecurityException) {
-              err.setErrorCode(6002);
-            } else {
-              err.setErrorCode(4000);
-            }
+          if (ex instanceof SecurityException) {
+            err.setErrorCode(6002);
           } else {
+            Throwable cause = ex.getCause();
+            if (cause != null) {
+              log.error("caused by: " + cause.getMessage());
+            }
             err.setErrorCode(4000);
           }
           responses.clear();
@@ -189,6 +187,11 @@ public class AppletBKUWorker extends AbstractBKUWorker implements Runnable {
     sendRedirect();
   }
 
+  /**
+   * throws RuntimeException if requests contain InfoboxReadRequest for IdentityLink
+   * and STAL Service Endpoint is no e-Gov agency
+   * @param stalRequests
+   */
   private void checkPermission(List<STALRequest> stalRequests) {
     for (STALRequest request : stalRequests) {
       if (request instanceof at.gv.egiz.stal.InfoboxReadRequest) {
@@ -197,7 +200,7 @@ public class AppletBKUWorker extends AbstractBKUWorker implements Runnable {
         String domainId = r.getDomainIdentifier();
         if ("IdentityLink".equals(infoboxId) && domainId == null) {
           if (!InternalSSLSocketFactory.getInstance().isEgovAgency()) {
-            throw new RuntimeException(new SecurityException("Insufficient rights to execute command InfoboxReadRequest for Infobox IdentityLink"));
+            throw new SecurityException("Insufficient rights to execute command InfoboxReadRequest for Infobox IdentityLink");
           }
         }
       }