aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2016-04-07 10:44:11 +0200
committerThomas Lenz <tlenz@iaik.tugraz.at>2016-04-07 10:44:11 +0200
commit4b932484d66ef161bb547a419fdc32f04677fe57 (patch)
treea99bbc8c9357e6a55c1cff24267b244309d4a775
parent2fb3856bb3412bc825ea789f8d98177a8c527964 (diff)
downloadmoa-id-spss-4b932484d66ef161bb547a419fdc32f04677fe57.tar.gz
moa-id-spss-4b932484d66ef161bb547a419fdc32f04677fe57.tar.bz2
moa-id-spss-4b932484d66ef161bb547a419fdc32f04677fe57.zip
fix some possible problems with STORK configuration in config-GUI
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java38
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java19
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java99
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java2
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java55
-rw-r--r--id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp7
-rw-r--r--id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralMOAIDConfigurationTask.java8
-rw-r--r--id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralSTORKConfigurationTask.java54
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java2
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java10
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java14
-rw-r--r--id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferAuthenticationData.java5
12 files changed, 191 insertions, 122 deletions
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java
index d8bb0179c..e71bad299 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java
@@ -25,6 +25,8 @@ package at.gv.egovernment.moa.id.configuration.data;
import java.util.ArrayList;
import java.util.List;
+import org.apache.log4j.Logger;
+
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.AuthComponentGeneral;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.CPEPS;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.ForeignIdentities;
@@ -34,8 +36,6 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.StorkAttribute;
import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationException;
import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider;
-import org.apache.log4j.Logger;
-
public class GeneralStorkConfig {
private List<CPEPS> cpepslist;
@@ -61,7 +61,9 @@ public class GeneralStorkConfig {
public void parse(MOAIDConfiguration config) {
log.info("Initializing general Stork config");
-
+
+ cpepslist = new ArrayList<CPEPS>();
+ attributes = new ArrayList<StorkAttribute>();
if (config != null) {
AuthComponentGeneral auth = config.getAuthComponentGeneral();
@@ -71,15 +73,14 @@ public class GeneralStorkConfig {
if (foreign != null) {
STORK stork = foreign.getSTORK();
- cpepslist = new ArrayList<CPEPS>();
- attributes = new ArrayList<StorkAttribute>();
-
+
if (stork != null) {
// deep clone all the things
- // to foreclose lazyloading session timeouts
-
- for(CPEPS current : stork.getCPEPS()) {
- cpepslist.add(current);
+ // to foreclose lazyloading session timeouts
+ if (stork.getCPEPS() != null) {
+ for(CPEPS current : stork.getCPEPS()) {
+ cpepslist.add(current);
+ }
}
List<StorkAttribute> tmp = stork.getAttributes();
@@ -91,19 +92,26 @@ public class GeneralStorkConfig {
try {
qaa = stork.getQualityAuthenticationAssuranceLevel();
+
} catch(NullPointerException e) {
qaa = 4;
}
}
- if (cpepslist.isEmpty())
- cpepslist = null;
-
- if(attributes.isEmpty())
- attributes.add(new StorkAttribute());
}
}
}
+
+ if (cpepslist.isEmpty()) {
+ CPEPS defaultCPEPS = new CPEPS();
+ defaultCPEPS.setCountryCode("CC");
+ defaultCPEPS.setURL("http://");
+ defaultCPEPS.setSupportsXMLSignature(true);
+ cpepslist.add(defaultCPEPS );
+
+ }
+ if(attributes.isEmpty())
+ attributes.add(new StorkAttribute());
}
public List<CPEPS> getRawCPEPSList() {
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java
index 33277af07..c0e1eaaf7 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java
@@ -41,6 +41,7 @@ import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationException;
import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider;
import at.gv.egovernment.moa.id.configuration.validation.oa.OASTORKConfigValidation;
+import at.gv.egovernment.moa.util.MiscUtil;
//import at.gv.egovernment.moa.id.protocols.stork2.AttributeProviderFactory;
public class OASTORKConfig implements IOnlineApplicationData{
@@ -120,8 +121,10 @@ public class OASTORKConfig implements IOnlineApplicationData{
enabledCitizenCountries = new ArrayList<String>();
- for(CPEPS current : config.getCPEPS())
- enabledCitizenCountries.add(current.getCountryCode());
+ if (config.getCPEPS() != null) {
+ for(CPEPS current : config.getCPEPS())
+ enabledCitizenCountries.add(current.getCountryCode());
+ }
// prepare attribute helper list
attributes = new ArrayList<AttributeHelper>();
@@ -130,9 +133,11 @@ public class OASTORKConfig implements IOnlineApplicationData{
for(StorkAttribute current : dbconfig.getAuthComponentGeneral().getForeignIdentities().getSTORK().getAttributes()) {
AttributeHelper tmp = null;
- for(OAStorkAttribute sepp : config.getOAAttributes())
- if(sepp.getName().equals(current.getName()))
- tmp = new AttributeHelper(sepp);
+ if (config.getOAAttributes() != null) {
+ for(OAStorkAttribute sepp : config.getOAAttributes())
+ if(sepp.getName() != null && sepp.getName().equals(current.getName()))
+ tmp = new AttributeHelper(sepp);
+ }
if(null == tmp)
tmp = new AttributeHelper(current);
@@ -248,12 +253,14 @@ public class OASTORKConfig implements IOnlineApplicationData{
if (generalConfStorkAttr != null) {
for(StorkAttribute currentAttribute : generalConfStorkAttr)
- if(currentAttribute.getName().equals(current.getName())) {
+ if(MiscUtil.isNotEmpty(currentAttribute.getName()) &&
+ currentAttribute.getName().equals(current.getName())) {
if(current.isUsed() || currentAttribute.isMandatory()) {
OAStorkAttribute tmp = new OAStorkAttribute();
tmp.setName(current.getName());
tmp.setMandatory(current.isMandatory());
result.add(tmp);
+
}
break;
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java
index 504b598c0..d12c1342c 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java
@@ -542,42 +542,77 @@ public class EditGeneralConfigAction extends BasicAction {
forcon.setURL(moaconfig.getSzrgwURL());
}
- ForeignIdentities foreign = dbauth.getForeignIdentities();
- if (foreign != null) {
- STORK stork = foreign.getSTORK();
- if (stork == null) {
- stork = new STORK();
- foreign.setSTORK(stork);
-
- }
-
- try {
- log.error("QAAAA " + storkconfig.getDefaultQaa());
- stork.setQualityAuthenticationAssuranceLevel(storkconfig.getDefaultQaa());
+ ForeignIdentities foreign = dbauth.getForeignIdentities();
+ if (foreign != null) {
+ STORK stork = foreign.getSTORK();
+ if (stork == null) {
+ stork = new STORK();
+ foreign.setSTORK(stork);
- if (storkconfig.getAttributes() != null)
- stork.setAttributes(storkconfig.getAttributes());
-
- else
+ }
+
+ try {
+ log.error("QAAAA " + storkconfig.getDefaultQaa());
+ stork.setQualityAuthenticationAssuranceLevel(storkconfig.getDefaultQaa());
+
+ if (storkconfig.getAttributes() != null) {
+ List<StorkAttribute> dbStorkAttr = stork.getAttributes();
+ if (dbStorkAttr == null) {
+ dbStorkAttr = new ArrayList<StorkAttribute>();
+ stork.setAttributes(dbStorkAttr);
+
+ }
+
+ for (StorkAttribute attr : storkconfig.getAttributes()) {
+ if (attr != null && MiscUtil.isNotEmpty(attr.getName()))
+ dbStorkAttr.add(attr);
+
+ else
+ log.info("Remove null or empty STORK attribute");
+ }
+
+ } else
stork.setAttributes((List<StorkAttribute>) (new ArrayList<StorkAttribute>()));
- if (storkconfig.getCpepslist() != null)
-
- stork.setCPEPS(storkconfig.getCpepslist());
- else
- stork.setCPEPS((List<CPEPS>) (new ArrayList<CPEPS>()));
+ if (storkconfig.getCpepslist() != null) {
+ List<CPEPS> dbStorkCPEPS = stork.getCPEPS();
+ if (dbStorkCPEPS == null) {
+ dbStorkCPEPS = new ArrayList<CPEPS>();
+ stork.setCPEPS(dbStorkCPEPS);
+ }
+
+ for (CPEPS cpeps : storkconfig.getCpepslist()) {
+ if (cpeps != null && MiscUtil.isNotEmpty(cpeps.getURL()) &&
+ MiscUtil.isNotEmpty(cpeps.getCountryCode())) {
+
+ if (cpeps.getCountryCode().equals("CC") &&
+ cpeps.getURL().equals("http://"))
+ log.info("Remove dummy STORK CPEPS entry.");
+
+ else
+ dbStorkCPEPS.add(cpeps);
+
+ } else
+ log.info("Remove null or emtpy STORK CPEPS configuration");
+ }
- } catch (Exception e) {
- e.printStackTrace();
- }
-
- try{
- log.info("CPEPS LIST: " + storkconfig.getCpepslist().size() );
- log.trace("CPEPS 1:" + storkconfig.getCpepslist().get(0).getCountryCode() +storkconfig.getCpepslist().get(0).getURL());
- } catch (Exception ex) {
- log.info("CPEPS LIST is null");
- }
- }
+ } else
+ stork.setCPEPS((List<CPEPS>) (new ArrayList<CPEPS>()));
+
+ } catch (Exception e) {
+ e.printStackTrace();
+
+ }
+
+ try{
+ log.info("CPEPS LIST: " + storkconfig.getCpepslist().size() );
+ log.trace("CPEPS 1:" + storkconfig.getCpepslist().get(0).getCountryCode() +storkconfig.getCpepslist().get(0).getURL());
+
+ } catch (Exception ex) {
+ log.info("CPEPS LIST is null");
+
+ }
+ }
if (MiscUtil.isNotEmpty(moaconfig.getMandateURL())) {
OnlineMandates dbmandate = dbauth.getOnlineMandates();
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java
index d4e8e957d..617e9cf51 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java
@@ -367,7 +367,7 @@ public class MOAConfigValidator {
check = form.getSsoTarget();
if (MiscUtil.isEmpty(check)) {
log.info("Empty SSO Target");
- errors.add(LanguageHelper.getErrorString("validation.general.sso.target.empty", request));
+ //errors.add(LanguageHelper.getErrorString("validation.general.sso.target.empty", request));
} else {
if (!ValidationHelper.isValidAdminTarget(check)) {
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java
index b73859d81..6b5c51e3f 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java
@@ -47,31 +47,33 @@ public class StorkConfigValidator {
errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.cc",
new Object[] {check}, request ));
}
+
+ // check url
+ check = current.getURL();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!ValidationHelper.validateURL(check)) {
+ log.info("CPEPS config URL is invalid : " + check);
+ errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.url", request));
+ }
+ } else {
+ log.warn("CPEPS config url is empty : " + check);
+ errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.empty",
+ new Object[] {check}, request ));
+ }
+
} else {
log.warn("CPEPS config countrycode is empty : " + check);
- errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.empty",
- new Object[] {check}, request ));
+// errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.empty",
+// new Object[] {check}, request ));
}
- // check url
- check = current.getURL();
- if (MiscUtil.isNotEmpty(check)) {
- if (!ValidationHelper.validateURL(check)) {
- log.info("CPEPS config URL is invalid : " + check);
- errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.url", request));
- }
- } else {
- log.warn("CPEPS config url is empty : " + check);
- errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.empty",
- new Object[] {check}, request ));
- }
}
if (form.getCpepslist() != null) {
// ensure uniqueness of country code
for (CPEPS one : form.getCpepslist())
for (CPEPS another : form.getCpepslist())
- if (null != one && null != another)
+ if (null != one && null != another && one.getCountryCode() != null)
if (!one.equals(another) && one.getCountryCode().equals(another.getCountryCode())) {
errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.duplicate", request));
break;
@@ -90,17 +92,20 @@ public class StorkConfigValidator {
// check attributes
if (MiscUtil.isNotEmpty(form.getAttributes())) {
for(StorkAttribute check : form.getAttributes()) {
- String tmp = check.getName().replace("eidas/attributes/", ""); // since eIDaS attributes come with a "/", we need to exclude them from validation. TODO Or should we require the admin to escape them in the UI?
- if (ValidationHelper.containsPotentialCSSCharacter(tmp, true)) {
- log.warn("default attributes contains potentail XSS characters: " + check);
- errors.add(LanguageHelper.getErrorString("validation.stork.requestedattributes",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(true)}, request ));
- }
- if(!tmp.toLowerCase().matches("^[A-Za-z]*$")) {
- log.warn("default attributes do not match the requested format : " + check);
+ if (check != null && MiscUtil.isNotEmpty(check.getName())) {
+ String tmp = check.getName().replace("eidas/attributes/", ""); // since eIDaS attributes come with a "/", we need to exclude them from validation. TODO Or should we require the admin to escape them in the UI?
+ if (ValidationHelper.containsPotentialCSSCharacter(tmp, true)) {
+ log.warn("default attributes contains potentail XSS characters: " + check);
errors.add(LanguageHelper.getErrorString("validation.stork.requestedattributes",
- new Object[] {check}, request ));
- }
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(true)}, request ));
+ }
+ if(!tmp.toLowerCase().matches("^[A-Za-z]*$")) {
+ log.warn("default attributes do not match the requested format : " + check);
+ errors.add(LanguageHelper.getErrorString("validation.stork.requestedattributes",
+ new Object[] {check}, request ));
+ }
+
+ }
}
//TODO: STORK attributes check if no attribute is set
diff --git a/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp b/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp
index ac2c8de5a..45ea159e4 100644
--- a/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp
+++ b/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp
@@ -288,7 +288,12 @@
<s:iterator value="storkconfig.cpepslist" status="stat">
<tr>
<td style="display:none;"><s:textfield name="storkconfig.cpepslist[%{#stat.index}].hjid" value="%{hjid}" cssStyle="display:none;"/></td>
- <td><s:property value="%{countryCode}" /></td>
+ <s:if test="%{countryCode == 'CC'}">
+ <td><s:textfield name="storkconfig.cpepslist[%{#stat.index}].countryCode" value="%{countryCode}" cssClass="textfield_short"/></td>
+ </s:if>
+ <s:else>
+ <td><s:property value="%{countryCode}" /></td>
+ </s:else>
<td><s:textfield name="storkconfig.cpepslist[%{#stat.index}].URL" value="%{URL}" cssClass="textfield_long"/></td>
<td><s:checkbox name="storkconfig.cpepslist[%{#stat.index}].supportsXMLSignature" value="%{supportsXMLSignature}" /></td>
<td><input class="button_narrow" type="button" value="<%=LanguageHelper.getGUIString("webpages.moaconfig.stork.removepeps", request) %>" onclick='this.parentNode.parentNode.parentNode.removeChild(this.parentNode.parentNode);'/></td>
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralMOAIDConfigurationTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralMOAIDConfigurationTask.java
index 1c3e0fe13..270d0866c 100644
--- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralMOAIDConfigurationTask.java
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralMOAIDConfigurationTask.java
@@ -435,10 +435,10 @@ public class GeneralMOAIDConfigurationTask extends AbstractTaskValidator impleme
check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_SSO_TARGET, getKeyPrefix()));
if (MiscUtil.isEmpty(check)) {
log.info("Empty SSO Target");
- errors.add(new ValidationObjectIdentifier(
- MOAIDConfigurationConstants.GENERAL_AUTH_SSO_TARGET,
- "SSO - Target",
- LanguageHelper.getErrorString("validation.general.sso.target.empty")));
+// errors.add(new ValidationObjectIdentifier(
+// MOAIDConfigurationConstants.GENERAL_AUTH_SSO_TARGET,
+// "SSO - Target",
+// LanguageHelper.getErrorString("validation.general.sso.target.empty")));
} else {
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralSTORKConfigurationTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralSTORKConfigurationTask.java
index 1747e2207..8a1a2925b 100644
--- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralSTORKConfigurationTask.java
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralSTORKConfigurationTask.java
@@ -133,38 +133,40 @@ public static final List<String> KEYWHITELIST;
LanguageHelper.getErrorString("validation.stork.cpeps.cc",
new Object[] {cc})));
}
- } else {
- log.warn("CPEPS config countrycode is empty : " + cc);
- errors.add(new ValidationObjectIdentifier(
- MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST
- + "." + cpepsKey,
- "STORK - CPEPS Country",
- LanguageHelper.getErrorString("validation.stork.cpeps.empty",
- new Object[] {cc})));
- }
-
- // check url
- if (MiscUtil.isNotEmpty(url)) {
- if (!ValidationHelper.validateURL(url)) {
- log.info("CPEPS config URL is invalid : " + url);
+
+ // check url
+ if (MiscUtil.isNotEmpty(url)) {
+ if (!ValidationHelper.validateURL(url)) {
+ log.info("CPEPS config URL is invalid : " + url);
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST
+ + "." + index + "."
+ + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST_URL,
+ "STORK - CPEPS URL",
+ LanguageHelper.getErrorString("validation.stork.cpeps.url")));
+ }
+ } else {
+ log.warn("CPEPS config url is empty : " + url);
errors.add(new ValidationObjectIdentifier(
MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST
+ "." + index + "."
+ MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST_URL,
"STORK - CPEPS URL",
- LanguageHelper.getErrorString("validation.stork.cpeps.url")));
- }
+ LanguageHelper.getErrorString("validation.stork.cpeps.empty",
+ new Object[] {url})));
+
+ }
+
} else {
- log.warn("CPEPS config url is empty : " + url);
- errors.add(new ValidationObjectIdentifier(
- MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST
- + "." + index + "."
- + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST_URL,
- "STORK - CPEPS URL",
- LanguageHelper.getErrorString("validation.stork.cpeps.empty",
- new Object[] {url})));
-
- }
+ log.warn("CPEPS config countrycode is empty : " + cc);
+// errors.add(new ValidationObjectIdentifier(
+// MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST
+// + "." + cpepsKey,
+// "STORK - CPEPS Country",
+// LanguageHelper.getErrorString("validation.stork.cpeps.empty",
+// new Object[] {cc})));
+ }
+
validatedCPeps.put(cc, url);
} else {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java
index 69c155c1e..140c7aebc 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java
@@ -206,7 +206,7 @@ public class StartAuthentificationParameterParser extends MOAIDAuthConstants{
//validate SSO functionality
- String domainIdentifier = authConfig.getSSOTagetIdentifier().trim();
+ String domainIdentifier = authConfig.getSSOTagetIdentifier();
if (MiscUtil.isEmpty(domainIdentifier) && protocolReq.needSingleSignOnFunctionality()) {
//do not use SSO if no Target is set
Logger.warn("NO SSO-Target found in configuration. Single Sign-On is deaktivated!");
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java
index 210bda3e6..348b1c45a 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java
@@ -738,13 +738,17 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
*/
public String getSSOTagetIdentifier() throws ConfigurationException {
try {
- return configuration.getStringValue(
+ String value = configuration.getStringValue(
MOAIDConfigurationConstants.GENERAL_AUTH_SSO_TARGET);
-
+ if (MiscUtil.isNotEmpty(value))
+ return value.trim();
+
} catch (at.gv.egiz.components.configuration.api.ConfigurationException e) {
Logger.warn("Single Sign-On Target can not be read from configuration.", e);
- return null;
+
}
+
+ return null;
}
/**
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
index 7122c6577..f5000581c 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
@@ -167,12 +167,14 @@ public class AuthenticationServer extends BaseAuthenticationServer {
}
String infoboxReadRequest = "";
- if (pendingReq.needSingleSignOnFunctionality()) {
- Logger.info("SSO Login requested");
+ String ssoDomainIdentifier = authConfig.getSSOTagetIdentifier();
+ if (MiscUtil.isNotEmpty(ssoDomainIdentifier) &&
+ pendingReq.needSingleSignOnFunctionality()) {
+ Logger.debug("SSO Login requested");
//load identityLink with SSO Target
boolean isbuisness = false;
- String domainIdentifier = authConfig.getSSOTagetIdentifier().trim();
- if (domainIdentifier.startsWith(PREFIX_WPBK)) {
+
+ if (ssoDomainIdentifier.startsWith(PREFIX_WPBK)) {
isbuisness = true;
} else {
@@ -182,10 +184,10 @@ public class AuthenticationServer extends BaseAuthenticationServer {
//build ReadInfobox request
infoboxReadRequest = new InfoboxReadRequestBuilder().build(
- isbuisness, domainIdentifier);
+ isbuisness, ssoDomainIdentifier);
} else {
- Logger.info("Non-SSO Login requested");
+ Logger.debug("Non-SSO Login requested or SSO not allowed/possible");
//build ReadInfobox request
infoboxReadRequest = new InfoboxReadRequestBuilder().build(
oaParam.getBusinessService(), oaParam
diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferAuthenticationData.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferAuthenticationData.java
index f9cb4c636..78cbd788d 100644
--- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferAuthenticationData.java
+++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferAuthenticationData.java
@@ -49,8 +49,9 @@ public class SSOTransferAuthenticationData implements IAuthData {
public SSOTransferAuthenticationData(AuthConfiguration authConfig, AuthenticationSession authSession) throws ConfigurationException {
this.authSession = authSession;
- String domainIdentifier = authConfig.getSSOTagetIdentifier().trim();
- isIDPPrivateService = domainIdentifier.startsWith(MOAIDAuthConstants.PREFIX_WPBK);
+ String domainIdentifier = authConfig.getSSOTagetIdentifier();
+ if (domainIdentifier != null)
+ isIDPPrivateService = domainIdentifier.startsWith(MOAIDAuthConstants.PREFIX_WPBK);
}