diff options
author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2017-01-30 15:21:33 +0100 |
---|---|---|
committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2017-01-30 15:21:33 +0100 |
commit | fb723b4cb65c2b2c5834a34730cb1b81ba4b746b (patch) | |
tree | 21f53a796e71a6edd2dd0b352ae9b04ae0bcf8ca | |
parent | f6f2512c90058f677ceee99c4aae9ddfaa54ed3a (diff) | |
download | moa-id-spss-fb723b4cb65c2b2c5834a34730cb1b81ba4b746b.tar.gz moa-id-spss-fb723b4cb65c2b2c5834a34730cb1b81ba4b746b.tar.bz2 moa-id-spss-fb723b4cb65c2b2c5834a34730cb1b81ba4b746b.zip |
enable encrypt of eIDAS assertion as default
2 files changed, 16 insertions, 3 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java index 8f6dff849..99e4b4cce 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java @@ -83,10 +83,19 @@ public class STORKConfig implements IStorkConfig { if (MiscUtil.isNotEmpty(storkCPEPSProps.get(listCounter + "." + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST_COUNTRY))) {
try {
+
+ //Assertion encryption is enabled by default
+ boolean enableAssertionEncryption = true;
+ String enableAssertionEncryptionString = storkCPEPSProps.get(listCounter + "." + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST_SUPPORT_XMLDSIG);
+ if (MiscUtil.isNotEmpty(enableAssertionEncryptionString)) {
+ enableAssertionEncryption = Boolean.parseBoolean(enableAssertionEncryptionString);
+
+ }
+
CPEPS moacpep =
new CPEPS(storkCPEPSProps.get(listCounter + "." + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST_COUNTRY),
new URL(storkCPEPSProps.get(listCounter + "." + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST_URL)),
- Boolean.valueOf(storkCPEPSProps.get(listCounter + "." + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST_SUPPORT_XMLDSIG)));
+ enableAssertionEncryption);
cpepsMap.put(moacpep.getCountryCode(), moacpep);
} catch (MalformedURLException e) {
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/config/ModifiedEncryptionSW.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/config/ModifiedEncryptionSW.java index 9ad5f0db3..de4f3fc9c 100644 --- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/config/ModifiedEncryptionSW.java +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/config/ModifiedEncryptionSW.java @@ -90,17 +90,21 @@ public class ModifiedEncryptionSW extends KeyStoreSamlEngineEncryption { */ @Override public boolean isEncryptionEnabled(String countryCode) { - // - encrypt if so configured + //encryption is enabled by default in MOA-ID configuration object try { AuthConfiguration moaconfig = AuthConfigurationProviderFactory.getInstance(); Boolean useEncryption = moaconfig.getStorkConfig().getCPEPS(countryCode).isXMLSignatureSupported(); - Logger.info(useEncryption ? "using encryption" : "do not use encrpytion"); + String logResult = useEncryption ? " using encryption" : " do not use encrpytion"; + Logger.debug("eIDAS respone for country " + countryCode + logResult); return useEncryption; + } catch(NullPointerException | ConfigurationException e) { Logger.warn("failed to gather information about encryption for countryCode " + countryCode + " - thus, enabling encryption"); if(Logger.isDebugEnabled()) e.printStackTrace(); return true; + } + } } |