From 1564e59e94a84e6898a6e08c485f235de49d48e1 Mon Sep 17 00:00:00 2001
From: chasegawa <chasegawa@unicon.net>
Date: Wed, 9 Nov 2022 16:18:18 -0700
Subject: [PATCH] SHIBUI-2394

Fixes for websecurity not liking semicolons
---
 .../admin/ui/configuration/auto/WebSecurityConfig.java           | 1 +
 .../src/main/java/net/unicon/shibui/pac4j/WebSecurity.java       | 1 +
 2 files changed, 2 insertions(+)

diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/auto/WebSecurityConfig.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/auto/WebSecurityConfig.java
index f04f2f716..93491c72e 100644
--- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/auto/WebSecurityConfig.java
+++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/auto/WebSecurityConfig.java
@@ -67,6 +67,7 @@ private HttpFirewall allowUrlEncodedSlashHttpFirewall() {
         StrictHttpFirewall firewall = new StrictHttpFirewall();
         firewall.setAllowUrlEncodedSlash(true);
         firewall.setAllowUrlEncodedDoubleSlash(true);
+        firewall.setAllowSemicolon(true);
         return firewall;
     }
 
diff --git a/pac4j-module/src/main/java/net/unicon/shibui/pac4j/WebSecurity.java b/pac4j-module/src/main/java/net/unicon/shibui/pac4j/WebSecurity.java
index cc5ce8e25..2c6ba0099 100644
--- a/pac4j-module/src/main/java/net/unicon/shibui/pac4j/WebSecurity.java
+++ b/pac4j-module/src/main/java/net/unicon/shibui/pac4j/WebSecurity.java
@@ -116,6 +116,7 @@ public void configure(org.springframework.security.config.annotation.web.builder
             StrictHttpFirewall firewall = new StrictHttpFirewall();
             firewall.setAllowUrlEncodedSlash(true);
             firewall.setAllowUrlEncodedDoubleSlash(true);
+            firewall.setAllowSemicolon(true);
             web.httpFirewall(firewall);
    
             // These don't need to be secured