update loggingMOA-ID-3.3.0

author: Thomas Lenz <tlenz@iaik.tugraz.at> 2017-11-29 08:13:51 +0100
committer: Thomas Lenz <tlenz@iaik.tugraz.at> 2017-11-29 08:13:51 +0100
commit: f18f6318f7233b336ea2653f183460f17d6562f0 (patch)
tree: 48818fd072163855cbb8f3e7baf66ef0722a4e66
parent: bbeef4d494f2af3b60a8093258887e4223dbe5d7 (diff)
download: moa-id-spss-f18f6318f7233b336ea2653f183460f17d6562f0.tar.gz
moa-id-spss-f18f6318f7233b336ea2653f183460f17d6562f0.tar.bz2
moa-id-spss-f18f6318f7233b336ea2653f183460f17d6562f0.zip
3 files changed, 16 insertions, 9 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
index 216d7a8b1..cdb85c563 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
@@ -259,6 +259,8 @@ public class PVP2XProtocol extends AbstractAuthProtocolModulController  {
 			throw new InvalidProtocolRequestException("pvp2.22", new Object[] {e.getMessage()});
 			
 		} catch (MOAIDException e) {
+			String samlRequest = req.getParameter("SAMLRequest");			
+			Logger.info("Receive INVALID protocol request: " + samlRequest);
 			throw e;
 						
 		} catch (Throwable e) {			
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/MetadataSignatureFilter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/MetadataSignatureFilter.java
index 679bdd10f..589713c4b 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/MetadataSignatureFilter.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/MetadataSignatureFilter.java
@@ -22,8 +22,6 @@
  *******************************************************************************/
 package at.gv.egovernment.moa.id.protocols.pvp2x.verification.metadata;
 
-import iaik.x509.X509Certificate;
-
 import java.security.cert.CertificateException;
 import java.util.ArrayList;
 import java.util.Iterator;
@@ -31,16 +29,15 @@ import java.util.List;
 
 import org.opensaml.saml2.metadata.EntitiesDescriptor;
 import org.opensaml.saml2.metadata.EntityDescriptor;
-import org.opensaml.saml2.metadata.provider.FilterException;
 import org.opensaml.saml2.metadata.provider.MetadataFilter;
 import org.opensaml.xml.XMLObject;
 import org.opensaml.xml.security.x509.BasicX509Credential;
 
 import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
-import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.NoCredentialsException;
 import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.filter.SignatureValidationException;
 import at.gv.egovernment.moa.id.protocols.pvp2x.verification.EntityVerifier;
 import at.gv.egovernment.moa.logging.Logger;
+import iaik.x509.X509Certificate;
 
 public class MetadataSignatureFilter implements MetadataFilter {
 	
@@ -87,8 +84,9 @@ public class MetadataSignatureFilter implements MetadataFilter {
 			
 			//CHECK if Entity also match MetaData signature.
 			/*This check is necessary to prepend declaration of counterfeit OA metadata!!*/
+			Logger.debug("Validate metadata for entityID: " + entityID + " ..... ");
 			byte[] entityCert = EntityVerifier.fetchSavedCredential(entityID);
-			
+						
 			if (entityCert != null) {
 			
 				X509Certificate cert;
@@ -99,8 +97,10 @@ public class MetadataSignatureFilter implements MetadataFilter {
 	
 					EntityVerifier.verify(desc, entityCrendential);
 					
-					//add entity to verified entity-list
+					//add entity to verified entity-list					
 					verifiedEntIT.add(entity);
+					Logger.debug("Metadata for entityID: " + entityID + " valid");
+					
 					
 				} catch (Exception e) {
 
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/PVPEntityCategoryFilter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/PVPEntityCategoryFilter.java
index ed96f1962..caabfea30 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/PVPEntityCategoryFilter.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/PVPEntityCategoryFilter.java
@@ -112,6 +112,7 @@ public class PVPEntityCategoryFilter implements MetadataFilter {
 		if (extensions != null) {
 			List<XMLObject> listOfExt = extensions.getUnknownXMLObjects();
 			if (listOfExt != null && !listOfExt.isEmpty()) {
+				Logger.trace("Find #" + listOfExt.size() + " 'Extension' elements ");
 				for (XMLObject el : listOfExt) {
 					Logger.trace("Find ExtensionElement: " + el.getElementQName().toString());
 					if (el instanceof EntityAttributes) {
@@ -150,9 +151,13 @@ public class PVPEntityCategoryFilter implements MetadataFilter {
 							Logger.info("Can NOT resolve EntityAttributes! Reason: Only EntityAttributes are supported!");
 						
 					}					
-				}				
-			}			
-		}
+				}
+				
+			} else
+				Logger.trace("'Extension' element is 'null' or empty");
+			
+		} else
+			Logger.trace("No 'Extension' element found");
 				
 	}
author	Thomas Lenz <tlenz@iaik.tugraz.at>	2017-11-29 08:13:51 +0100
committer	Thomas Lenz <tlenz@iaik.tugraz.at>	2017-11-29 08:13:51 +0100
commit	f18f6318f7233b336ea2653f183460f17d6562f0 (patch)
tree	48818fd072163855cbb8f3e7baf66ef0722a4e66
parent	bbeef4d494f2af3b60a8093258887e4223dbe5d7 (diff)
download	moa-id-spss-f18f6318f7233b336ea2653f183460f17d6562f0.tar.gz moa-id-spss-f18f6318f7233b336ea2653f183460f17d6562f0.tar.bz2 moa-id-spss-f18f6318f7233b336ea2653f183460f17d6562f0.zip