diff options
Diffstat (limited to 'eaaf_core/src/main')
6 files changed, 62 insertions, 46 deletions
| diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/api/IRequest.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/api/IRequest.java index 620018ad..4c145fbc 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/api/IRequest.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/api/IRequest.java @@ -100,7 +100,7 @@ public interface IRequest {  	 * @param key The specific identifier of the request-data object  	 * @return The request-data object or null if no data is found with this key  	 */ -	public Object getGenericData(String key); +	public Object getRawData(String key);  	/**  	 * Returns a generic request-data object with is stored with a specific identifier  @@ -109,7 +109,7 @@ public interface IRequest {  	 * @param clazz The class type which is stored with this key  	 * @return The request-data object or null if no data is found with this key  	 */ -	public <T> T getGenericData(String key, final Class<T> clazz); +	public <T> T getRawData(String key, final Class<T> clazz);  	/**   	 * Store a generic data-object into pending request with a specific identifier @@ -118,7 +118,7 @@ public interface IRequest {  	 * @param object Generic data-object which should be stored. This data-object had to be implement the 'java.io.Serializable' interface  	 * @throws SessionDataStorageException Error message if the data-object can not stored to generic request-data storage  	 */ -	public void setGenericDataToSession(String key, Object object) throws EAAFStorageException; +	public void setRawDataToTransaction(String key, Object object) throws EAAFStorageException;  	/**   	 * Store generic data-objects into pending request with specific identifiers @@ -126,16 +126,15 @@ public interface IRequest {  	 * @param map Map with Identifiers and values  	 * @throws SessionDataStorageException Error message if the data-object can not stored to generic request-data storage  	 */ -	public void setGenericDataToSession(Map<String, Object> map) throws EAAFStorageException; -	 -	 -	 +	public void setRawDataToTransaction(Map<String, Object> map) throws EAAFStorageException; +		  	/** -	 * Get the internal dataStorage map +	 * Wrap the internal dataStorage map into a DAO  	 *  -	 * @return read-only map of data stored to this pending request +	 * @param wrapper DOA to access SessionData +	 * @return  	 */ -	public Map<String, Object> genericFullDataStorage(); +	public <T> T getSessionData(Class<T> wrapper);  	/**  	 * Hold the identifier of this request object.  diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/AbstractAuthenticationManager.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/AbstractAuthenticationManager.java index a4734e66..1fb4bf6b 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/AbstractAuthenticationManager.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/AbstractAuthenticationManager.java @@ -236,7 +236,7 @@ public abstract class AbstractAuthenticationManager implements IAuthenticationMa  			log.debug("Find SSL-client-certificate on request --> Add it to context");  			executionContext.put(EAAFConstants.PROCESS_ENGINE_SSL_CLIENT_CERTIFICATE,   					((X509Certificate[])httpReq.getAttribute("javax.servlet.request.X509Certificate"))); -			pendingReq.setGenericDataToSession(EAAFConstants.PROCESS_ENGINE_SSL_CLIENT_CERTIFICATE,  +			pendingReq.setRawDataToTransaction(EAAFConstants.PROCESS_ENGINE_SSL_CLIENT_CERTIFICATE,   					((X509Certificate[])httpReq.getAttribute("javax.servlet.request.X509Certificate")));  		} diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/AbstractAuthenticationDataBuilder.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/AbstractAuthenticationDataBuilder.java index 94d9a810..c095135d 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/AbstractAuthenticationDataBuilder.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/AbstractAuthenticationDataBuilder.java @@ -440,16 +440,16 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati  	 */  	private String getbPKTypeFromPVPAttribute(IAuthProcessDataContainer session) {  		String pvpbPKTypeAttr = session.getGenericDataFromSession(PVPAttributeDefinitions.EID_SECTOR_FOR_IDENTIFIER_NAME, String.class);  -		if (StringUtils.isNotEmpty(pvpbPKTypeAttr)) { -			 -			//fix a wrong bPK-Type encoding, which was used in some PVP Standardportal implementations -			if (pvpbPKTypeAttr.startsWith(EAAFConstants.URN_PREFIX_CDID) &&  -					!pvpbPKTypeAttr.substring(EAAFConstants.URN_PREFIX_CDID.length(),  -							EAAFConstants.URN_PREFIX_CDID.length() + 1).equals("+")) {				 -				log.warn("Receive uncorrect encoded bBKType attribute " + pvpbPKTypeAttr + " Starting attribute value correction ... "); -				pvpbPKTypeAttr = EAAFConstants.URN_PREFIX_CDID + "+" + pvpbPKTypeAttr.substring(EAAFConstants.URN_PREFIX_CDID.length() + 1);  -				 -			} +		 +		if (StringUtils.isNotEmpty(pvpbPKTypeAttr)) {			 +//			//fix a wrong bPK-Type encoding, which was used in some PVP Standardportal implementations +//			if (pvpbPKTypeAttr.startsWith(EAAFConstants.URN_PREFIX_CDID) &&  +//					!pvpbPKTypeAttr.substring(EAAFConstants.URN_PREFIX_CDID.length(),  +//							EAAFConstants.URN_PREFIX_CDID.length() + 1).equals("+")) {				 +//				log.warn("Receive uncorrect encoded bBKType attribute " + pvpbPKTypeAttr + " Starting attribute value correction ... "); +//				pvpbPKTypeAttr = EAAFConstants.URN_PREFIX_CDID + "+" + pvpbPKTypeAttr.substring(EAAFConstants.URN_PREFIX_CDID.length() + 1);  +//				 +//			}  			log.debug("Find PVP-Attr: " + PVPAttributeDefinitions.EID_SECTOR_FOR_IDENTIFIER_FRIENDLY_NAME);  			return pvpbPKTypeAttr;  		} diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/protocols/RequestImpl.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/protocols/RequestImpl.java index a453a8a3..7d59f043 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/protocols/RequestImpl.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/protocols/RequestImpl.java @@ -27,6 +27,7 @@  package at.gv.egiz.eaaf.core.impl.idp.controller.protocols;  import java.io.Serializable; +import java.lang.reflect.InvocationTargetException;  import java.net.MalformedURLException;  import java.net.URL;  import java.util.Date; @@ -48,6 +49,7 @@ import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;  import at.gv.egiz.eaaf.core.exceptions.EAAFAuthenticationException;  import at.gv.egiz.eaaf.core.exceptions.EAAFException;  import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException; +import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper;  import at.gv.egiz.eaaf.core.impl.utils.HTTPUtils;  import at.gv.egiz.eaaf.core.impl.utils.Random;  import at.gv.egiz.eaaf.core.impl.utils.TransactionIDUtils; @@ -141,7 +143,7 @@ public abstract class RequestImpl implements IRequest, Serializable{  		//set requester's IP address  		try { -			setGenericDataToSession(DATAID_REQUESTER_IP_ADDRESS, req.getRemoteAddr()); +			setRawDataToTransaction(DATAID_REQUESTER_IP_ADDRESS, req.getRemoteAddr());  		} catch (EAAFStorageException e) {  			log.info("Can NOT store remote IP address into 'pendingRequest'." , e); @@ -215,11 +217,31 @@ public abstract class RequestImpl implements IRequest, Serializable{  		this.internalSSOSessionId = internalSSOSessionId;  	} -	 +		  	@Override -	public final Map<String, Object> genericFullDataStorage() { -		return this.genericDataStorage; +	public final <T> T getSessionData(final Class<T> wrapper) { +		if (wrapper != null) { +			if (AuthProcessDataWrapper.class.isAssignableFrom(wrapper)) { +				try {					 +					return wrapper.getConstructor(Map.class).newInstance(this.genericDataStorage); +					 +				} catch (NoSuchMethodException | SecurityException | InstantiationException | IllegalAccessException  +						| IllegalArgumentException | InvocationTargetException e) { +					log.error("Can NOT instance wrapper: " + wrapper.getName(), e); +					 +				} +				 +			} +			 +			log.error("Can NOT wrap generic data into session data. " +					+ "Reason: Wrapper " + wrapper.getName() + " is NOT a valid wrapper"); +			throw new RuntimeException("Can NOT wrap generic data into session data. " +					+ "Reason: Wrapper " + wrapper.getName() + " is NOT a valid wrapper"); +			 +		} +		return null; +				  	}  	@Override @@ -346,7 +368,7 @@ public abstract class RequestImpl implements IRequest, Serializable{  	}  	@Override -	public final Object getGenericData(String key) { +	public final Object getRawData(String key) {  		if (StringUtils.isNotEmpty(key)) {  			return genericDataStorage.get(key); @@ -357,7 +379,7 @@ public abstract class RequestImpl implements IRequest, Serializable{  	}  	@Override -	public final <T> T getGenericData(String key, final Class<T> clazz) { +	public final <T> T getRawData(String key, final Class<T> clazz) {  		if (StringUtils.isNotEmpty(key)) {  			Object data =  genericDataStorage.get(key); @@ -383,13 +405,13 @@ public abstract class RequestImpl implements IRequest, Serializable{  	}  	@Override -	public final void setGenericDataToSession(String key, Object object) throws EAAFStorageException { +	public final void setRawDataToTransaction(String key, Object object) throws EAAFStorageException {  		if (StringUtils.isEmpty(key)) {  			log.info("Generic request-data can not be stored with a 'null' key");  			throw new EAAFStorageException("Generic request-data can not be stored with a 'null' key", null);  		} -		 +				  		if (object != null) {  			if (!Serializable.class.isInstance(object)) {  				log.warn("Generic request-data can only store objects which implements the 'Seralizable' interface"); @@ -408,7 +430,7 @@ public abstract class RequestImpl implements IRequest, Serializable{  	}  	@Override -	public final void setGenericDataToSession(Map<String, Object> map) throws EAAFStorageException { +	public final void setRawDataToTransaction(Map<String, Object> map) throws EAAFStorageException {  		if (map == null) {  			log.info("Generic request-data can not be stored with a 'null' map");  			throw new EAAFStorageException("Generic request-data can not be stored with a 'null' map", null); @@ -417,7 +439,7 @@ public abstract class RequestImpl implements IRequest, Serializable{  		//validate and store values  		for (Entry<String, Object> el : map.entrySet()) -			setGenericDataToSession(el.getKey(), el.getValue()); +			setRawDataToTransaction(el.getKey(), el.getValue());  	} diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/utils/FileUtils.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/utils/FileUtils.java index f458c142..a7bd8f81 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/utils/FileUtils.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/utils/FileUtils.java @@ -40,14 +40,13 @@ import java.net.URI;  import java.net.URL;  import org.apache.commons.lang3.StringUtils; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; -/** - * Utility for accessing files on the file system, and for reading from input streams. - * @author Paul Ivancsics - * @version $Id$ - */  public class FileUtils { -   +	private static final Logger log = LoggerFactory.getLogger(FileUtils.class); +	 +	    /**     * Reads a file, given by URL, into a byte array.     * @param urlString file URL @@ -112,6 +111,8 @@ public class FileUtils {  	public static String makeAbsoluteURL(String url, String root) {  		//if url is relative to rootConfigFileDirName make it absolute 					 +		log.trace("Making AbsoluteURL URL: " + url + " Root-Path: " + root); +		  		if (StringUtils.isEmpty(root))  			root = null; diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/utils/Random.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/utils/Random.java index b190bfba..2504d8f1 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/utils/Random.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/utils/Random.java @@ -36,6 +36,8 @@ import org.apache.commons.lang3.ArrayUtils;  import org.slf4j.Logger;  import org.slf4j.LoggerFactory; +import at.gv.egiz.eaaf.core.impl.idp.process.support.SecureRandomHolder; +  /**   * Random number generator used to generate ID's @@ -60,15 +62,7 @@ public class Random {  		} catch (NoSuchAlgorithmException e) {  			log.warn("Can NOT initialize SecureRandom with: 'SHA256PRNG-FIPS186'. Use 'StrongSecureRandom' as backup"); - -			try { -				random = SecureRandom.getInstanceStrong(); -				 -			} catch (NoSuchAlgorithmException e1) { -				log.error("Can NOT initialize SecureRandom. StartUp process FAILED!"); -				throw new RuntimeException("Can NOT initialize SecureRandom. StartUp process FAILED!", e); -				 -			} +			random = SecureRandomHolder.getInstance();  		} | 
