Merge branch 'moa2_0_tlenz' of gitlab.iaik.tugraz.at:afitzek/moa-idspss into moa2_0_tlenz_bs_2

author: Bojan Suzic <bojan.suzic@iaik.tugraz.at> 2014-02-14 16:11:24 +0100
committer: Bojan Suzic <bojan.suzic@iaik.tugraz.at> 2014-02-14 16:11:24 +0100
commit: 3f038a899c59af76bd4257f95b4fe8a5aa58eadc (patch)
tree: 045fcf5b9c180f112b631394b37b1adb8b26311b
parent: 6e4f150c26b55cb2a0771e4d6c9b65cbc760c0f2 (diff)
parent: ac7a4876f15a60d02b829a49c23c6c5ed20f7be8 (diff)
download: moa-id-spss-3f038a899c59af76bd4257f95b4fe8a5aa58eadc.tar.gz
moa-id-spss-3f038a899c59af76bd4257f95b4fe8a5aa58eadc.tar.bz2
moa-id-spss-3f038a899c59af76bd4257f95b4fe8a5aa58eadc.zip
9 files changed, 68 insertions, 23 deletions
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java
index b0de196ca..fd4030937 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java
@@ -934,17 +934,20 @@ public class EditOAAction extends ActionSupport implements ServletRequestAware,
 					TemplateType el = new TemplateType();
 					el.setURL(generalOA.getSLTemplateURL1());
 					template.add(el);
-				}
+				} else
+					template.add(new TemplateType());				
 				if (MiscUtil.isNotEmpty(generalOA.getSLTemplateURL2())) {
 					TemplateType el = new TemplateType();
 					el.setURL(generalOA.getSLTemplateURL2());
 					template.add(el);
-				}
+				}else
+					template.add(new TemplateType());
 				if (MiscUtil.isNotEmpty(generalOA.getSLTemplateURL3())) {
 					TemplateType el = new TemplateType();
 					el.setURL(generalOA.getSLTemplateURL3());
 					template.add(el);
-				}
+				}else
+					template.add(new TemplateType());
 				
 			} else {
 				if (template != null && template.size() > 0) template.clear();
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/ValidationHelper.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/ValidationHelper.java
index 46d9f4db8..b0e4804a8 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/ValidationHelper.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/ValidationHelper.java
@@ -172,14 +172,14 @@ public class ValidationHelper {
 		
 		log.debug("Validate URL " + urlString);
 		
-		if (urlString.startsWith("http") || urlString.startsWith("https")) {
+		//if (urlString.startsWith("http") || urlString.startsWith("https")) {
   		  try {
 			new URL(urlString);
 			return true;
 			
   		  } catch (MalformedURLException e) {
   		  }
-		}
+		//}
 		
 		return false;
 	}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java
index d7d97e5d4..1c7da7079 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java
@@ -247,7 +247,7 @@ public class MOAConfigValidator {
 			log.info("Empty SLRequestTemplate Handy-BKU");
 			errors.add(LanguageHelper.getErrorString("validation.general.slrequest.handy.empty"));
 		} else {
-			if (!ValidationHelper.validateURL(check)) {
+			if (ValidationHelper.isNotValidIdentityLinkSigner(check)) {
 				log.info("SLRequestTemplate Handy-BKU is not valid");
 				errors.add(LanguageHelper.getErrorString("validation.general.slrequest.handy.valid"));
 			}
@@ -258,7 +258,7 @@ public class MOAConfigValidator {
 			log.info("Empty SLRequestTemplate local BKU");
 			errors.add(LanguageHelper.getErrorString("validation.general.slrequest.local.empty"));
 		} else {
-			if (!ValidationHelper.validateURL(check)) {
+			if (ValidationHelper.isNotValidIdentityLinkSigner(check)) {
 				log.info("SLRequestTemplate local BKU is not valid");
 				errors.add(LanguageHelper.getErrorString("validation.general.slrequest.local.valid"));
 			}
@@ -269,7 +269,7 @@ public class MOAConfigValidator {
 			log.info("Empty SLRequestTemplate Online-BKU");
 			errors.add(LanguageHelper.getErrorString("validation.general.slrequest.online.empty"));
 		} else {
-			if (!ValidationHelper.validateURL(check)) {
+			if (ValidationHelper.isNotValidIdentityLinkSigner(check)) {
 				log.info("SLRequestTemplate Online-BKU is not valid");
 				errors.add(LanguageHelper.getErrorString("validation.general.slrequest.online.valid"));
 			}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAGeneralConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAGeneralConfigValidation.java
index c84c44de4..d3a2241d3 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAGeneralConfigValidation.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAGeneralConfigValidation.java
@@ -133,19 +133,19 @@ public class OAGeneralConfigValidation {
 				} else {
 					check = form.getSLTemplateURL1();
 					if (MiscUtil.isNotEmpty(check) &&
-						!ValidationHelper.validateURL(check)	) {
+						ValidationHelper.isNotValidIdentityLinkSigner(check)	) {
 							log.info("First OA-specific SecurityLayer Templates is not valid");
 							errors.add(LanguageHelper.getErrorString("validation.general.sltemplate1.valid"));
 					}
 					check = form.getSLTemplateURL2();
 					if (MiscUtil.isNotEmpty(check) &&
-						!ValidationHelper.validateURL(check)	) {
+						ValidationHelper.isNotValidIdentityLinkSigner(check)	) {
 							log.info("Second OA-specific SecurityLayer Templates is not valid");
 							errors.add(LanguageHelper.getErrorString("validation.general.sltemplate2.valid"));
 					}
 					check = form.getSLTemplateURL3();
 					if (MiscUtil.isNotEmpty(check) &&
-						!ValidationHelper.validateURL(check)	) {
+						ValidationHelper.isNotValidIdentityLinkSigner(check)	) {
 							log.info("Third OA-specific SecurityLayer Templates is not valid");
 							errors.add(LanguageHelper.getErrorString("validation.general.sltemplate3.valid"));
 					}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java
index 17a5d2be9..d4b5d1c05 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java
@@ -247,8 +247,11 @@ public class StatisticLogger {
 			
 			AuthenticationSession moasession = AuthenticationSessionStoreage.getSessionWithPendingRequestID(errorRequest.getRequestID());
 			if (moasession != null) {
-				dblog.setBkuurl(moasession.getBkuURL());
-				dblog.setBkutype(findBKUType(moasession.getBkuURL(), dbOA));
+				if (MiscUtil.isNotEmpty(moasession.getBkuURL())) {
+					dblog.setBkuurl(moasession.getBkuURL());
+					dblog.setBkutype(findBKUType(moasession.getBkuURL(), dbOA));
+				}
+				
 				dblog.setMandatelogin(moasession.getUseMandate());
 			}
 			
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
index 003fdfbe9..25e73d595 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
@@ -242,6 +242,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 		String template = null;
 		if (session.getTemplateURL() != null) {
 			try {
+				
 				template = new String(FileUtils.readURL(session.getTemplateURL()));
 			} catch (IOException ex) {
 				throw new AuthenticationException("auth.03", new Object[] {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java
index 89cc1d25e..f0de8b2e3 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java
@@ -38,6 +38,7 @@ import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
 import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
 import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
 import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
+import at.gv.egovernment.moa.id.commons.db.dao.config.TemplateType;
 import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
 import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
 import at.gv.egovernment.moa.id.moduls.IRequest;
@@ -46,6 +47,7 @@ import at.gv.egovernment.moa.id.protocols.saml1.SAML1Protocol;
 import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
 import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.BoolUtils;
+import at.gv.egovernment.moa.util.FileUtils;
 import at.gv.egovernment.moa.util.MiscUtil;
 import at.gv.egovernment.moa.util.StringUtils;
 import at.gv.egovernment.moa.util.URLEncoder;
@@ -232,8 +234,21 @@ public class StartAuthentificationParameterParser implements MOAIDAuthConstants{
 		}
 		
 	    if (MiscUtil.isEmpty(templateURL)) {
-	    	templateURL = oaParam.getTemplateURL().get(0).getURL();
-	    	Log.info("No SL-Template in request, load SL-Template from OA config (URL: " + templateURL + ")");
+	    	
+	    	List<TemplateType> templateURLList = oaParam.getTemplateURL();
+	    	
+	    	if ( templateURLList != null && templateURLList.size() > 0 
+	    			&& MiscUtil.isNotEmpty(templateURLList.get(0).getURL()) ) {	    	
+	    		templateURL = FileUtils.makeAbsoluteURL(
+	    				oaParam.getTemplateURL().get(0).getURL(),
+	    				AuthConfigurationProvider.getInstance().getRootConfigFileDir());
+	    		Log.info("No SL-Template in request, load SL-Template from OA config (URL: " + templateURL + ")");
+	    		
+	    	} else {
+	    		Logger.error("NO SL-Tempalte found in OA config");
+	    		throw new WrongParametersException("StartAuthentication", PARAM_TEMPLATE, "auth.12");
+	    		
+	    	}
 	    	
 	    }
 		
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java
index d2d458e74..deec69c7f 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java
@@ -24,6 +24,7 @@ package at.gv.egovernment.moa.id.auth.servlet;
 
 import java.io.IOException;
 import java.io.PrintWriter;
+import java.util.List;
 
 import javax.servlet.ServletConfig;
 import javax.servlet.ServletException;
@@ -40,12 +41,14 @@ import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
 import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
 import at.gv.egovernment.moa.id.auth.parser.StartAuthentificationParameterParser;
 import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
+import at.gv.egovernment.moa.id.commons.db.dao.config.TemplateType;
 import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
 import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
 import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
 import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
 import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
 import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.util.FileUtils;
 import at.gv.egovernment.moa.util.MiscUtil;
 import at.gv.egovernment.moa.util.StringUtils;
 
@@ -122,7 +125,21 @@ public class GenerateIFrameTemplateServlet extends AuthServlet {
 		    		bkuURL = AuthConfigurationProvider.getInstance().getDefaultBKUURL(bkuid);
 		    	}
 		    	
-		    	String templateURL = AuthConfigurationProvider.getInstance().getSLRequestTemplates(bkuid);
+		    	//search for OA specific template
+		    	String templateURL = null;
+		    	List<TemplateType> oaTemplateURLList = oaParam.getTemplateURL();
+		    	if ( oaTemplateURLList != null && oaTemplateURLList.size() > 0
+		    			&& MiscUtil.isNotEmpty(oaTemplateURLList.get(0).getURL()) ) {
+		    		templateURL = oaTemplateURLList.get(0).getURL();
+		    		
+		    	} else {		    	
+		    		templateURL = AuthConfigurationProvider.getInstance().getSLRequestTemplates(bkuid);
+		    	}
+		    	
+		    	//make url absolut if it is a local url
+	    		if (MiscUtil.isNotEmpty(templateURL))
+	    			templateURL = FileUtils.makeAbsoluteURL(templateURL, 
+	    					AuthConfigurationProvider.getInstance().getRootConfigFileDir());
 		    	
 		    	if (oaParam.isOnlyMandateAllowed()) 
 		    		useMandate = "true";
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ParamValidatorUtils.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ParamValidatorUtils.java
index bd6514c5c..9df283965 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ParamValidatorUtils.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ParamValidatorUtils.java
@@ -68,6 +68,7 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.TemplateType;
 import at.gv.egovernment.moa.id.config.ConfigurationException;
 import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
 import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.util.FileUtils;
 import at.gv.egovernment.moa.util.MiscUtil;
 import at.gv.egovernment.moa.util.StringUtils;
 
@@ -293,7 +294,8 @@ public class ParamValidatorUtils implements MOAIDAuthConstants{
     			  //get OA specific template URLs
     			  if (oaSlTemplates != null && oaSlTemplates.size() > 0) {
     			    for (TemplateType el : oaSlTemplates)
-    			    	trustedTemplateURLs.add(el.getURL());    				  
+    			    	if (MiscUtil.isNotEmpty(el.getURL()))
+    			    		trustedTemplateURLs.add(el.getURL());    				  
     			  }
     			  
 	    		  boolean b = trustedTemplateURLs.contains(template);
@@ -308,13 +310,17 @@ public class ParamValidatorUtils implements MOAIDAuthConstants{
     			  
     		  }
     		  
+    	  } else if (template.startsWith("file")){
+ 			 new URL(template);
+			 Logger.debug("Parameter Template bzw. bkuSelectionTemplateURL erfolgreich ueberprueft");
+			 Logger.debug("Load SL-Layer Template from local filesystem " + template);
+			 return true;
+ 
+    	  }	else {
+    		 Logger.error("Fehler Ueberpruefung Parameter Template bzw. bkuSelectionTemplateURL. Paramter beginnt nicht mit http oder https.");
+    		 return false;
     	  }
-    	  else {
-    		  Logger.error("Fehler Ueberpruefung Parameter Template bzw. bkuSelectionTemplateURL. Paramter beginnt nicht mit http oder https.");
-    		  return false;
-    	  }
-    	  
-            
+    	   
       } catch (MalformedURLException e) {
     	 Logger.error("Fehler Ueberpruefung Parameter Template bzw. bkuSelectionTemplateURL.", e);
          return false;
author	Bojan Suzic <bojan.suzic@iaik.tugraz.at>	2014-02-14 16:11:24 +0100
committer	Bojan Suzic <bojan.suzic@iaik.tugraz.at>	2014-02-14 16:11:24 +0100
commit	3f038a899c59af76bd4257f95b4fe8a5aa58eadc (patch)
tree	045fcf5b9c180f112b631394b37b1adb8b26311b
parent	6e4f150c26b55cb2a0771e4d6c9b65cbc760c0f2 (diff)
parent	ac7a4876f15a60d02b829a49c23c6c5ed20f7be8 (diff)
download	moa-id-spss-3f038a899c59af76bd4257f95b4fe8a5aa58eadc.tar.gz moa-id-spss-3f038a899c59af76bd4257f95b4fe8a5aa58eadc.tar.bz2 moa-id-spss-3f038a899c59af76bd4257f95b4fe8a5aa58eadc.zip