aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2017-01-30 15:21:33 +0100
committerThomas Lenz <tlenz@iaik.tugraz.at>2017-01-30 15:21:33 +0100
commitfb723b4cb65c2b2c5834a34730cb1b81ba4b746b (patch)
tree21f53a796e71a6edd2dd0b352ae9b04ae0bcf8ca
parentf6f2512c90058f677ceee99c4aae9ddfaa54ed3a (diff)
downloadmoa-id-spss-fb723b4cb65c2b2c5834a34730cb1b81ba4b746b.tar.gz
moa-id-spss-fb723b4cb65c2b2c5834a34730cb1b81ba4b746b.tar.bz2
moa-id-spss-fb723b4cb65c2b2c5834a34730cb1b81ba4b746b.zip
enable encrypt of eIDAS assertion as default
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java11
-rw-r--r--id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/config/ModifiedEncryptionSW.java8
2 files changed, 16 insertions, 3 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java
index 8f6dff849..99e4b4cce 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java
@@ -83,10 +83,19 @@ public class STORKConfig implements IStorkConfig {
if (MiscUtil.isNotEmpty(storkCPEPSProps.get(listCounter + "." + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST_COUNTRY))) {
try {
+
+ //Assertion encryption is enabled by default
+ boolean enableAssertionEncryption = true;
+ String enableAssertionEncryptionString = storkCPEPSProps.get(listCounter + "." + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST_SUPPORT_XMLDSIG);
+ if (MiscUtil.isNotEmpty(enableAssertionEncryptionString)) {
+ enableAssertionEncryption = Boolean.parseBoolean(enableAssertionEncryptionString);
+
+ }
+
CPEPS moacpep =
new CPEPS(storkCPEPSProps.get(listCounter + "." + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST_COUNTRY),
new URL(storkCPEPSProps.get(listCounter + "." + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST_URL)),
- Boolean.valueOf(storkCPEPSProps.get(listCounter + "." + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST_SUPPORT_XMLDSIG)));
+ enableAssertionEncryption);
cpepsMap.put(moacpep.getCountryCode(), moacpep);
} catch (MalformedURLException e) {
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/config/ModifiedEncryptionSW.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/config/ModifiedEncryptionSW.java
index 9ad5f0db3..de4f3fc9c 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/config/ModifiedEncryptionSW.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/config/ModifiedEncryptionSW.java
@@ -90,17 +90,21 @@ public class ModifiedEncryptionSW extends KeyStoreSamlEngineEncryption {
*/
@Override
public boolean isEncryptionEnabled(String countryCode) {
- // - encrypt if so configured
+ //encryption is enabled by default in MOA-ID configuration object
try {
AuthConfiguration moaconfig = AuthConfigurationProviderFactory.getInstance();
Boolean useEncryption = moaconfig.getStorkConfig().getCPEPS(countryCode).isXMLSignatureSupported();
- Logger.info(useEncryption ? "using encryption" : "do not use encrpytion");
+ String logResult = useEncryption ? " using encryption" : " do not use encrpytion";
+ Logger.debug("eIDAS respone for country " + countryCode + logResult);
return useEncryption;
+
} catch(NullPointerException | ConfigurationException e) {
Logger.warn("failed to gather information about encryption for countryCode " + countryCode + " - thus, enabling encryption");
if(Logger.isDebugEnabled())
e.printStackTrace();
return true;
+
}
+
}
}