diff options
| author | Alexander Marsalek <amarsalek@iaik.tugraz.at> | 2014-10-31 16:26:19 +0100 |
|---|---|---|
| committer | Alexander Marsalek <amarsalek@iaik.tugraz.at> | 2014-10-31 16:26:19 +0100 |
| commit | bce35f534b42d77cdaf1ab8e861237d1cf2f1191 (patch) | |
| tree | 4daf3b9a89647ff08ddd6414b7ccddd59db5e5d5 | |
| parent | 9c6fece57add83ce29e6ba1acc55a11d2ed89fc0 (diff) | |
| parent | 2886006ba2ca141377e66a330df5fc52797c2755 (diff) | |
| download | moa-id-spss-bce35f534b42d77cdaf1ab8e861237d1cf2f1191.tar.gz moa-id-spss-bce35f534b42d77cdaf1ab8e861237d1cf2f1191.tar.bz2 moa-id-spss-bce35f534b42d77cdaf1ab8e861237d1cf2f1191.zip | |
Merge branch 'merge' into moa-2.1-Snapshot
49 files changed, 349 insertions, 47 deletions
diff --git a/.gitignore b/.gitignore new file mode 100644 index 000000000..bb7e57f31 --- /dev/null +++ b/.gitignore @@ -0,0 +1,5 @@ +/target +/bin +.settings +.project +.classpath
\ No newline at end of file diff --git a/DocumentService/.gitignore b/DocumentService/.gitignore new file mode 100644 index 000000000..ea8c4bf7f --- /dev/null +++ b/DocumentService/.gitignore @@ -0,0 +1 @@ +/target diff --git a/common/.gitignore b/common/.gitignore new file mode 100644 index 000000000..ea8c4bf7f --- /dev/null +++ b/common/.gitignore @@ -0,0 +1 @@ +/target diff --git a/common/src/main/java/at/gv/egovernment/moa/util/DateTimeUtils.java b/common/src/main/java/at/gv/egovernment/moa/util/DateTimeUtils.java index dbc9faba6..a2e0965d4 100644 --- a/common/src/main/java/at/gv/egovernment/moa/util/DateTimeUtils.java +++ b/common/src/main/java/at/gv/egovernment/moa/util/DateTimeUtils.java @@ -491,6 +491,7 @@ public class DateTimeUtils { fmt = DateTimeFormat.forPattern("yyyyMMdd"); break; default: + fmt = DateTimeFormat.forPattern("yyyy-MM-dd"); break; } diff --git a/id/ConfigWebTool/.gitignore b/id/ConfigWebTool/.gitignore new file mode 100644 index 000000000..4dc009173 --- /dev/null +++ b/id/ConfigWebTool/.gitignore @@ -0,0 +1,2 @@ +/target +/bin diff --git a/id/ConfigWebTool/pom.xml b/id/ConfigWebTool/pom.xml index ec027b497..18bd1306b 100644 --- a/id/ConfigWebTool/pom.xml +++ b/id/ConfigWebTool/pom.xml @@ -83,16 +83,20 @@ <dependency> <groupId>at.gv.util</groupId> <artifactId>egovutils</artifactId> - <version>1.0.7</version> + <version>2.0.0</version> <exclusions> <exclusion> - <groupId>com.sun</groupId> + <groupId>org.apache.cxf</groupId> <artifactId>*</artifactId> </exclusion> <exclusion> <groupId>org.slf4j</groupId> <artifactId>*</artifactId> </exclusion> + <exclusion> + <artifactId>bcprov-jdk16</artifactId> + <groupId>bouncycastle</groupId> + </exclusion> </exclusions> </dependency> <!-- <dependency> @@ -109,6 +113,14 @@ <groupId>org.slf4j</groupId> <artifactId>log4j-over-slf4j</artifactId> </exclusion> + <exclusion> + <groupId>org.apache.xerces</groupId> + <artifactId>*</artifactId> + </exclusion> + <exclusion> + <groupId>xalan</groupId> + <artifactId>*</artifactId> + </exclusion> </exclusions> </dependency> <dependency> @@ -119,6 +131,14 @@ <groupId>org.slf4j</groupId> <artifactId>log4j-over-slf4j</artifactId> </exclusion> + <exclusion> + <groupId>org.apache.xerces</groupId> + <artifactId>*</artifactId> + </exclusion> + <exclusion> + <groupId>xalan</groupId> + <artifactId>*</artifactId> + </exclusion> </exclusions> </dependency> diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicOAAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicOAAction.java index 9c1cb90e0..5a9787069 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicOAAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicOAAction.java @@ -142,7 +142,7 @@ public class BasicOAAction extends BasicAction { session.setAttribute(Constants.SESSION_BKUFORMPREVIEW, null); } - protected OnlineApplication postProcessSaveOnlineApplication(OnlineApplication onlineapplication ) throws BasicOAActionException { + protected OnlineApplication postProcessSaveOnlineApplication(OnlineApplication onlineapplication, boolean persistOA) throws BasicOAActionException { if (onlineapplication == null) { onlineapplication = new OnlineApplication(); onlineapplication.setIsNew(true); @@ -186,7 +186,7 @@ public class BasicOAAction extends BasicAction { } //save OA configuration - String error = saveOAConfigToDatabase(onlineapplication); + String error = saveOAConfigToDatabase(onlineapplication, persistOA); if (MiscUtil.isNotEmpty(error)) { log.warn("OA configuration can not be stored!"); addActionError(error); @@ -395,15 +395,13 @@ public class BasicOAAction extends BasicAction { } } - private String saveOAConfigToDatabase(OnlineApplication dboa) { + private String saveOAConfigToDatabase(OnlineApplication dboa, boolean persistOA) { for (IOnlineApplicationData form : formList.values()) form.store(dboa, authUser, request); try { - if (dboa.isIsNew()) { - ConfigurationDBUtils.save(dboa); - + if (dboa.isIsNew()) { if (!authUser.isAdmin()) { UserDatabase user = ConfigurationDBRead.getUserWithID(authUser.getUserID()); @@ -412,9 +410,16 @@ public class BasicOAAction extends BasicAction { useroas.add(dboa); ConfigurationDBUtils.saveOrUpdate(user); + + } else { + if (persistOA) + ConfigurationDBUtils.save(dboa); + } + } else - ConfigurationDBUtils.saveOrUpdate(dboa); + if (persistOA) + ConfigurationDBUtils.saveOrUpdate(dboa); } catch (MOADatabaseException e) { log.warn("Online-Application can not be stored.", e); diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java index 1893b0f60..1da948eec 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java @@ -217,7 +217,7 @@ public class EditOAAction extends BasicOAAction { } else { try { - onlineapplication = postProcessSaveOnlineApplication(onlineapplication); + onlineapplication = postProcessSaveOnlineApplication(onlineapplication, true); } catch (BasicOAActionException e) { addActionError(e.getStrutsError()); @@ -346,8 +346,11 @@ public class EditOAAction extends BasicOAAction { ConfigurationDBUtils.saveOrUpdate(moaconfig); } + } catch (NullPointerException e) { + log.debug("Found no MetadataURL in OA-Databaseconfig"); + } catch (Throwable e) { - log.info("Found no MetadataURL in OA-Databaseconfig!", e); + log.info("Set metadata refresh flag FAILED.", e); } if (ConfigurationDBUtils.delete(onlineapplication)) { diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/InterfederationIDPAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/InterfederationIDPAction.java index 89dce3200..eead280be 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/InterfederationIDPAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/InterfederationIDPAction.java @@ -263,9 +263,10 @@ public class InterfederationIDPAction extends BasicOAAction { formID = Random.nextRandom(); session.setAttribute(Constants.SESSION_FORMID, formID); return Constants.STRUTS_ERROR_VALIDATION; - + } else { - onlineapplication = postProcessSaveOnlineApplication(onlineapplication); + onlineapplication = postProcessSaveOnlineApplication(onlineapplication, + !(this instanceof MOAIDPAction)); //set default Target interfederated nameID caluclation if (getPvp2OA() != null) { diff --git a/id/ConfigWebTool/src/main/resources/struts.xml b/id/ConfigWebTool/src/main/resources/struts.xml index 31f3889de..39c38ae43 100644 --- a/id/ConfigWebTool/src/main/resources/struts.xml +++ b/id/ConfigWebTool/src/main/resources/struts.xml @@ -155,7 +155,7 @@ <action name="newOA" method="newOA" class="at.gv.egovernment.moa.id.configuration.struts.action.EditOAAction"> <result name="editOA">/jsp/editOAGeneral.jsp</result> - <result name="success" type="chain">main</result> + <result name="success">/jsp/mainpage.jsp</result> <result name="error">/error.jsp</result> <result name="reauthentication" type="redirectAction"> <param name="actionName">logout</param> diff --git a/id/ConfigWebTool/src/main/webapp/jsp/openadminrequests.jsp b/id/ConfigWebTool/src/main/webapp/jsp/openadminrequests.jsp index 954bf9b8b..0cd861884 100644 --- a/id/ConfigWebTool/src/main/webapp/jsp/openadminrequests.jsp +++ b/id/ConfigWebTool/src/main/webapp/jsp/openadminrequests.jsp @@ -38,7 +38,9 @@ <div class="oa_config_block"> <h3><%=LanguageHelper.getGUIString("webpages.openadminrequests.oas.header", request) %></h3> - <jsp:include page="snippets/oas_list.jsp"></jsp:include> + <s:include value="snippets/oas_list.jsp"> + <s:param name="editAction">loadOA</s:param> + </s:include> </div> </s:if> diff --git a/id/oa/.gitignore b/id/oa/.gitignore new file mode 100644 index 000000000..4dc009173 --- /dev/null +++ b/id/oa/.gitignore @@ -0,0 +1,2 @@ +/target +/bin diff --git a/id/oa/pom.xml b/id/oa/pom.xml index d5b3de522..93993c8a4 100644 --- a/id/oa/pom.xml +++ b/id/oa/pom.xml @@ -79,10 +79,22 @@ <dependency> <groupId>org.opensaml</groupId> <artifactId>opensaml</artifactId> + <exclusions> + <exclusion> + <groupId>org.slf4j</groupId> + <artifactId>log4j-over-slf4j</artifactId> + </exclusion> + </exclusions> </dependency> <dependency> <groupId>org.opensaml</groupId> <artifactId>xmltooling</artifactId> + <exclusions> + <exclusion> + <groupId>org.slf4j</groupId> + <artifactId>log4j-over-slf4j</artifactId> + </exclusion> + </exclusions> </dependency> <dependency> <groupId>javax.servlet</groupId> diff --git a/id/server/auth/.gitignore b/id/server/auth/.gitignore new file mode 100644 index 000000000..4dc009173 --- /dev/null +++ b/id/server/auth/.gitignore @@ -0,0 +1,2 @@ +/target +/bin diff --git a/id/server/auth/src/main/webapp/index.html b/id/server/auth/src/main/webapp/index.html index 968f211bc..391195def 100644 --- a/id/server/auth/src/main/webapp/index.html +++ b/id/server/auth/src/main/webapp/index.html @@ -14,7 +14,7 @@ </tr>
</table>
<hr/>
- <p class="title">MOA-ID 2.1.1</p>
+ <p class="title">MOA-ID 2.1.2</p>
<hr/>
<h1>Inhalt</h1>
<ol>
diff --git a/id/server/data/deploy/conf/moa-id/moa-id.properties b/id/server/data/deploy/conf/moa-id/moa-id.properties index 4290b1985..9d1e931e9 100644 --- a/id/server/data/deploy/conf/moa-id/moa-id.properties +++ b/id/server/data/deploy/conf/moa-id/moa-id.properties @@ -125,3 +125,31 @@ advancedlogging.hibernate.c3p0.timeout=300 advancedlogging.hibernate.c3p0.max_size=20 advancedlogging.hibernate.c3p0.max_statements=0 advancedlogging.hibernate.c3p0.min_size=3 + + +################SZR Client configuration#################################### +## The SZR client is only required if MOA-ID-Auth should be +## use as STORK <-> PVP Gateway. +######## +service.egovutil.szr.test=true +service.egovutil.szr.test.url=https://pvawp.bmi.gv.at/bmi.gv.at/soap/SZ2Services-T/services/SZR +service.egovutil.szr.prod.url=https://pvawp.bmi.gv.at/bmi.gv.at/soap/SZ2Services/services/SZR +service.egovutil.szr.token.version=1.8 +service.egovutil.szr.token.participantid= +service.egovutil.szr.token.gvoudomain= +service.egovutil.szr.token.userid= +service.egovutil.szr.token.cn= +service.egovutil.szr.token.gvouid= +service.egovutil.szr.token.ou= +service.egovutil.szr.token.gvsecclass= +service.egovutil.szr.token.gvfunction= +service.egovutil.szr.token.gvgid= +service.egovutil.szr.roles= +service.egovutil.szr.ssl.keystore.file= +service.egovutil.szr.ssl.keystore.password= +service.egovutil.szr.ssl.keystore.type= +service.egovutil.szr.ssl.truststore.file= +service.egovutil.szr.ssl.truststore.password= +service.egovutil.szr.ssl.truststore.type= +service.egovutil.szr.ssl.trustall=false +service.egovutil.szr.ssl.laxhostnameverification=false
\ No newline at end of file diff --git a/id/server/doc/handbook/config/config.html b/id/server/doc/handbook/config/config.html index 2d2709bcc..9b4190035 100644 --- a/id/server/doc/handbook/config/config.html +++ b/id/server/doc/handbook/config/config.html @@ -74,6 +74,7 @@ </ol> </li> <li> <a href="#basisconfig_moa_id_auth_param_testing">Testing</a></li> + <li><a href="#basisconfig_moa_id_auth_szrclient">SZR Client für STORK <-> PVP Gateway Betrieb</a></li> </ol> </li> </ol> @@ -904,7 +905,130 @@ https://<host>:<port>/moa-id-auth/MonitoringServlet</pre> <p><strong>Defaultwert:</strong> true</p></td> </tr> </table> + <h4><a name="basisconfig_moa_id_auth_szrclient" id="uebersicht_bekanntmachung16"></a>2.2.2.6 SZR Client für STORK <-> PVP Gateway Betrieb</h4> + <p>Die Konfiguration des Stammzahlenregister (SZR) Clients ist nur erforderlich wenn das Modul MOA-ID-Auth als STORK <-> PVP Gateway betrieben wird. Da in diesem Fall die Benutzerin oder der Benutzer über ein PVP Stammportal authentifiziert wird ist eine direkte Generierung der STORK eID während des Anmeldevorgangs nicht möglich. Somit erfolgt für diese Personen einen Stammzahlenregisterabfrage zur Bestimmung der STORK eID.</p> + <p>Für den in MOA-ID-Auth verwendeten SZR Client sind folgende Konfigurationsparameter erforderlich.</p> + <table width="1247" border="1"> + <tr> + <th width="281" scope="col">Name</th> + <th width="261" scope="col">Beispielwert</th> + <th width="683" scope="col">Beschreibung</th> + </tr> + <tr> + <td>service.egovutil.szr.test</td> + <td>false</td> + <td>Definiert ob das Produktivsystem oder das Testsystem des SZR Webservice verwendet werden soll</td> + </tr> + <tr> + <td>service.egovutil.szr.test.url</td> + <td> </td> + <td>URL auf das Test SZR Webservice</td> + </tr> + <tr> + <td>service.egovutil.szr.prod.url</td> + <td> </td> + <td>URL auf das produktive SZR Webservice</td> + </tr> + <tr> + <td>service.egovutil.szr.token.version</td> + <td>1.8</td> + <td><p>Verwendete PVP Version</p> + <p><strong>Hinweis: </strong>der Client implementiert die PVP Version 1.8</p></td> + </tr> + <tr> + <td>service.egovutil.szr.token.participantid</td> + <td> </td> + <td>Org-ID des Portalverbund-Teilnehmers bei dem der Benutzer registriert ist.</td> + </tr> + <tr> + <td>service.egovutil.szr.token.gvoudomain</td> + <td> </td> + <td>Organisations-Domäne des Benutzers</td> + </tr> + <tr> + <td>service.egovutil.szr.token.userid</td> + <td> </td> + <td>UserID, mit dem der Benutzer am Stammportal authentifiziert ist</td> + </tr> + <tr> + <td>service.egovutil.szr.token.cn</td> + <td> </td> + <td>Name des Benutzers oder des System-Principals in der Form Anwendung.Subsystem</td> + </tr> + <tr> + <td>service.egovutil.szr.token.gvouid</td> + <td> </td> + <td>Stammdienststelle: Eindeutige Kennung für die Organisation des Benutzers</td> + </tr> + <tr> + <td>service.egovutil.szr.token.ou</td> + <td> </td> + <td>Stammdienststelle: Verwaltungskennzeichen der mit gvouid bezeichneten Organisation</td> + </tr> + <tr> + <td>service.egovutil.szr.token.gvsecclass</td> + <td> </td> + <td>Sicherheitsklasse</td> + </tr> + <tr> + <td>service.egovutil.szr.token.gvfunction</td> + <td> </td> + <td>Entspricht Funktion in gvPersonenFunktion.</td> + </tr> + <tr> + <td>service.egovutil.szr.token.gvgid</td> + <td> </td> + <td>Globaler Identifier des Benutzers</td> + </tr> + <tr> + <td>service.egovutil.szr.roles</td> + <td>szr-bpk-abfrage,szr-stammzahl-abfrage</td> + <td><p>PVP Rolle für den Zugriff auf das SZR</p> + <p>Hinweis: mehrere Rollen werden mittels ',' getrennt. </p></td> + </tr> + <tr> + <td>service.egovutil.szr.ssl.keystore.file</td> + <td>keys/szr-key.p12</td> + <td>Dateiname des Java Keystore oder PKCS12 Keystore zur Authentifizierung mittels Client Zertifikat am SZR Webservice.</td> + </tr> + <tr> + <td>service.egovutil.szr.ssl.keystore.password</td> + <td>password</td> + <td>Passwort für den Keystore mit dem Client Zertifikat</td> + </tr> + <tr> + <td>service.egovutil.szr.ssl.keystore.type</td> + <td>PKCS12</td> + <td>Typ des Keystore mit dem Client Zertifikat (PKCS12 oder JKS)</td> + </tr> + <tr> + <td>service.egovutil.szr.ssl.truststore.file</td> + <td>keys/truststore.jks</td> + <td>Dateiname des Truststores zur Validierung von SSL Servicerzertifikaten</td> + </tr> + <tr> + <td>service.egovutil.szr.ssl.truststore.password</td> + <td>password</td> + <td>Passwort für den Truststore</td> + </tr> + <tr> + <td>service.egovutil.szr.ssl.truststore.type</td> + <td>JKS</td> + <td>Typ des TrustStore (PKCS12 oder JKS)</td> + </tr> + <tr> + <td>service.egovutil.szr.ssl.trustall</td> + <td>false</td> + <td>Deaktiviert die SSL Serverzertifikatsvalidierung</td> + </tr> + <tr> + <td>service.egovutil.szr.ssl.laxhostnameverification</td> + <td>false</td> + <td>Deaktiviert die Validierung des Hostname mit dem SSL Serverzertifikat</td> + </tr> + </table> <p> </p> + <p><strong>Hinweis:</strong> Detaillierte Informationen zu den einzelnen PVP spezifischen Konfigurationsparametern finden Sie in der entsprechenden PVP Spezifikation.</p> <h2><a name="uebersicht_logging" id="uebersicht_logging"></a>2.3 Konfiguration des Loggings</h2> <p>Die Module MOA-ID-Auth und MOA-ID-Configuration verwendet als Framework für Logging-Information die Open Source Software <code>log4j</code>. Die Konfiguration der Logging-Information erfolgt nicht direkt durch die einzelnen Module, sondern über eine eigene Konfigurationsdatei, die der <span class="term">Java Virtual Machine</span> durch eine <span class="term">System Property </span> mitgeteilt wird. Der Name der <span class="term">System Property </span> lautet <code>log4j.configuration</code>; als Wert der <span class="term">System Property </span> ist eine URL anzugeben, die auf die <code>log4j</code>-Konfigurationsdatei verweist, z.B. </p> <pre>log4j.configuration=file:/C:/Programme/apache/tomcat-4.1.30/conf/moa-id/log4j.properties</pre> diff --git a/id/server/doc/handbook/index.html b/id/server/doc/handbook/index.html index 892a82484..c3b25b390 100644 --- a/id/server/doc/handbook/index.html +++ b/id/server/doc/handbook/index.html @@ -15,7 +15,7 @@ </table> <hr/> <p class="title">MOA-ID (Identifikation) </p> - <p class="subtitle">Übersicht zur Dokumentation der Version 2.1.1 </p> + <p class="subtitle">Übersicht zur Dokumentation der Version 2.1.2 </p> <hr/> <dl> <dt><a href="./intro/intro.html">Einführung</a></dt> diff --git a/id/server/idserverlib/.gitignore b/id/server/idserverlib/.gitignore new file mode 100644 index 000000000..ea8c4bf7f --- /dev/null +++ b/id/server/idserverlib/.gitignore @@ -0,0 +1 @@ +/target diff --git a/id/server/idserverlib/bin/.gitignore b/id/server/idserverlib/bin/.gitignore new file mode 100644 index 000000000..e2c1dc811 --- /dev/null +++ b/id/server/idserverlib/bin/.gitignore @@ -0,0 +1,2 @@ +/src +/src diff --git a/id/server/idserverlib/pom.xml b/id/server/idserverlib/pom.xml index 32c8f5705..65004490b 100644 --- a/id/server/idserverlib/pom.xml +++ b/id/server/idserverlib/pom.xml @@ -75,6 +75,10 @@ <artifactId>axis-wsdl4j</artifactId>
<groupId>axis</groupId>
</exclusion>
+ <exclusion>
+ <artifactId>jaxb-impl</artifactId>
+ <groupId>com.sun.xml.bind</groupId>
+ </exclusion>
</exclusions>
</dependency>
<dependency>
@@ -115,6 +119,14 @@ <artifactId>bcprov-jdk16</artifactId>
<groupId>bouncycastle</groupId>
</exclusion>
+ <exclusion>
+ <artifactId>jaxb-impl</artifactId>
+ <groupId>com.sun.xml.bind</groupId>
+ </exclusion>
+ <exclusion>
+ <artifactId>jaxb-core</artifactId>
+ <groupId>com.sun.xml.bind</groupId>
+ </exclusion>
</exclusions>
</dependency>
@@ -123,6 +135,14 @@ <artifactId>jaxb-api</artifactId>
</dependency>
+ <!-- Required for MOA-SPSS API access -->
+ <dependency>
+ <groupId>com.sun.xml.rpc</groupId>
+ <artifactId>jaxrpc-impl</artifactId>
+ <version>1.1.3_01</version>
+ </dependency>
+
+
<dependency>
<groupId>javax.mail</groupId>
<artifactId>mail</artifactId>
@@ -370,6 +390,10 @@ <artifactId>bcprov-jdk16</artifactId>
<groupId>org.bouncycastle</groupId>
</exclusion>
+ <exclusion>
+ <artifactId>jaxws-tools</artifactId>
+ <groupId>com.sun.xml.ws</groupId>
+ </exclusion>
</exclusions>
</dependency>
</dependencies>
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java index 48933d5c9..5c0e497a3 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java @@ -364,8 +364,28 @@ public class AuthenticationDataBuilder implements MOAIDAuthConstants { authData.setIdentificationType(extractor.getSingleAttributeValue(PVPConstants.EID_SOURCE_PIN_TYPE_NAME)); if (extractor.containsAttribute(PVPConstants.BPK_NAME)) { - String pvpbPK = extractor.getSingleAttributeValue(PVPConstants.BPK_NAME); - authData.setBPK(pvpbPK.split(":")[1]); + String pvpbPK = extractor.getSingleAttributeValue(PVPConstants.BPK_NAME); + String[] spitted = pvpbPK.split(":"); + authData.setBPK(spitted[1]); + if (MiscUtil.isEmpty(authData.getBPKType())) { + Logger.debug("PVP assertion contains NO bPK/wbPK target attribute. " + + "Starting target extraction from bPK/wbPK prefix ..."); + //exract bPK/wbPK type from bpk attribute value prefix if type is + //not transmitted as single attribute + Pattern pattern = Pattern.compile("[a-zA-Z]{2}(-[a-zA-Z]+)?"); + Matcher matcher = pattern.matcher(spitted[0]); + if (matcher.matches()) { + //find public service bPK + authData.setBPKType(Constants.URN_PREFIX_CDID + "+" + spitted[0]); + Logger.debug("Found bPK prefix. Set target to " + authData.getBPKType()); + + } else { + //find business service wbPK + authData.setBPKType(Constants.URN_PREFIX_WBPK+ "+" + spitted[0]); + Logger.debug("Found wbPK prefix. Set target to " + authData.getBPKType()); + + } + } } boolean foundEncryptedbPKForOA = false; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java index a2570ed7e..063d7d8e4 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java @@ -277,11 +277,10 @@ public class BPKBuilder { MessageDigest md = MessageDigest.getInstance("SHA-1"); byte[] hash = md.digest(basisbegriff.getBytes("ISO-8859-1")); String hashBase64 = Base64Utils.encode(hash); - Logger.debug("STORK identification defined as: " + hashBase64); return hashBase64; } catch (Exception ex) { - throw new BuildException("builder.00", new Object[]{"storkid", ex.toString()}, ex); + throw new BuildException("builder.00", new Object[]{"bPK/wbPK", ex.toString()}, ex); } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java index dbf54951f..0a8a6a581 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java @@ -194,7 +194,7 @@ public class MetadataAction implements IAction { .createSAMLObject(SPSSODescriptor.class); spSSODescriptor.setAuthnRequestsSigned(true); - spSSODescriptor.setWantAssertionsSigned(true); + spSSODescriptor.setWantAssertionsSigned(false); //Set AuthRequest Signing certificate diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/PVPAttributeBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/PVPAttributeBuilder.java index 8b6e71e6b..3d8661143 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/PVPAttributeBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/PVPAttributeBuilder.java @@ -150,14 +150,14 @@ public class PVPAttributeBuilder { } public static Attribute buildAttribute(String name, OAAuthParameter oaParam, - IAuthData authData) throws PVP2Exception { + IAuthData authData) throws PVP2Exception, AttributeException { if (builders.containsKey(name)) { try { return builders.get(name).build(oaParam, authData, generator); } catch (AttributeException e) { if (e instanceof UnavailableAttributeException) { - throw new UnprovideableAttributeException(((UnavailableAttributeException) e).getAttributeName()); + throw e; } else if (e instanceof InvalidDateFormatAttributeException) { throw new InvalidDateFormatException(); } else if (e instanceof NoMandateDataAttributeException) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java index 3b01e91ad..b301b6e5e 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java @@ -70,6 +70,8 @@ import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.data.SLOInformationImpl; import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.PVPAttributeBuilder; +import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException; +import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.UnavailableAttributeException; import at.gv.egovernment.moa.id.protocols.pvp2x.config.PVPConfiguration; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.MandateAttributesNotHandleAbleException; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.NoMandateDataAvailableException; @@ -251,10 +253,21 @@ public class PVP2AssertionBuilder implements PVPConstants { } else { attrList.add(attr); } + + } catch (UnavailableAttributeException e) { + Logger.info( + "Attribute generation for " + + reqAttribut.getFriendlyName() + " not possible."); + if (reqAttribut.isRequired()) { + throw new UnprovideableAttributeException( + reqAttribut.getName()); + } + + } catch (PVP2Exception e) { - Logger.error( + Logger.warn( "Attribute generation failed! for " - + reqAttribut.getFriendlyName(), e); + + reqAttribut.getFriendlyName()); if (reqAttribut.isRequired()) { throw new UnprovideableAttributeException( reqAttribut.getName()); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java index 7d3c72630..65e520cc3 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java @@ -36,8 +36,6 @@ import javax.xml.transform.TransformerException; import org.w3c.dom.Element; import org.xml.sax.SAXException; -import com.sun.xml.bind.marshaller.NamespacePrefixMapper; - import at.gv.egovernment.moa.id.auth.AuthenticationServer; import at.gv.egovernment.moa.id.auth.builder.AuthenticationDataAssertionBuilder; import at.gv.egovernment.moa.id.auth.builder.BPKBuilder; @@ -235,14 +233,14 @@ public class SAML1AuthenticationServer extends AuthenticationServer { Marshaller m = jc.createMarshaller(); m.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, Boolean.TRUE); - m.setProperty("com.sun.xml.bind.namespacePrefixMapper", new NamespacePrefixMapper() { - public String getPreferredPrefix(String arg0, String arg1, boolean arg2) { - if (Constants.PD_NS_URI.equals(arg0)) - return Constants.PD_PREFIX; - else - return arg1; - } - }); +// m.setProperty("com.sun.xml.bind.namespacePrefixMapper", new NamespacePrefixMapper() { +// public String getPreferredPrefix(String arg0, String arg1, boolean arg2) { +// if (Constants.PD_NS_URI.equals(arg0)) +// return Constants.PD_PREFIX; +// else +// return arg1; +// } +// }); ByteArrayOutputStream stream = new ByteArrayOutputStream(); m.marshal( diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java index 021eaee37..aaded0ce6 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java @@ -36,12 +36,17 @@ import eu.stork.peps.auth.commons.STORKStatusCode; import java.lang.reflect.InvocationTargetException; import java.lang.reflect.Method; +import java.text.DateFormat; +import java.text.SimpleDateFormat; import java.util.ArrayList; import java.util.Collections; import java.util.HashMap; import java.util.List; import java.util.Map; +import org.joda.time.format.DateTimeFormat; +import org.joda.time.format.DateTimeFormatter; + import javassist.expr.Instanceof; /** @@ -65,7 +70,7 @@ public class MOAAttributeProvider { Map<String, String> tempFunctionMap = new HashMap<String, String>(); tempFunctionMap.put("eIdentifier", "geteIdentifier"); tempFunctionMap.put("ECApplicationRole","getECApplicationRole"); - tempSimpleMap.put("dateOfBirth", "getFormatedDateOfBirth"); + tempFunctionMap.put("dateOfBirth", "getFormatedDateOfBirth"); storkAttributeFunctionMapping = Collections.unmodifiableMap(tempFunctionMap); } @@ -116,7 +121,7 @@ public class MOAAttributeProvider { private List<String> getECApplicationRole() { List<String> storkRoles = null; - if (true || authData.getAuthenticationRoles() != null + if (authData.getAuthenticationRoles() != null && authData.getAuthenticationRoles().size() > 0) { storkRoles = new ArrayList<String>(); @@ -132,9 +137,11 @@ public class MOAAttributeProvider { } private String getFormatedDateOfBirth() { - if (authData.getDateOfBirth() != null) - return authData.getFormatedDateOfBirth(); + if (authData.getDateOfBirth() != null) { + DateFormat fmt = new SimpleDateFormat("yyyyMMdd"); + return fmt.format(authData.getDateOfBirth()); + } else return null; diff --git a/id/server/idserverlib/src/main/resources/resources/properties/pvp-stork_role_mapping.properties b/id/server/idserverlib/src/main/resources/resources/properties/pvp-stork_role_mapping.properties index 5bcfc7bd2..295d381cd 100644 --- a/id/server/idserverlib/src/main/resources/resources/properties/pvp-stork_role_mapping.properties +++ b/id/server/idserverlib/src/main/resources/resources/properties/pvp-stork_role_mapping.properties @@ -1,2 +1,2 @@ -xxpvprole=CIRCABC/viewer -yypvprole=CIRCABC/admin
\ No newline at end of file +viewer=CIRCABC/viewer +CIRCABC-viewer=CIRCABC/viewer
\ No newline at end of file diff --git a/id/server/moa-id-commons/.gitignore b/id/server/moa-id-commons/.gitignore new file mode 100644 index 000000000..ea8c4bf7f --- /dev/null +++ b/id/server/moa-id-commons/.gitignore @@ -0,0 +1 @@ +/target diff --git a/id/server/proxy/.gitignore b/id/server/proxy/.gitignore new file mode 100644 index 000000000..4dc009173 --- /dev/null +++ b/id/server/proxy/.gitignore @@ -0,0 +1,2 @@ +/target +/bin diff --git a/id/server/stork2-commons/.gitignore b/id/server/stork2-commons/.gitignore new file mode 100644 index 000000000..ea8c4bf7f --- /dev/null +++ b/id/server/stork2-commons/.gitignore @@ -0,0 +1 @@ +/target diff --git a/id/server/stork2-saml-engine/.gitignore b/id/server/stork2-saml-engine/.gitignore new file mode 100644 index 000000000..ea8c4bf7f --- /dev/null +++ b/id/server/stork2-saml-engine/.gitignore @@ -0,0 +1 @@ +/target @@ -157,7 +157,7 @@ <dependency>
<groupId>axis</groupId>
<artifactId>axis</artifactId>
- <version>1.0_IAIK_1.1</version>
+ <version>1.0_IAIK_1.2</version>
<scope>compile</scope>
</dependency>
<dependency>
diff --git a/repository/at/gv/util/egovutils/2.0.0/egovutils-2.0.0.jar b/repository/at/gv/util/egovutils/2.0.0/egovutils-2.0.0.jar Binary files differindex c045d89a3..29ce1fcbf 100644 --- a/repository/at/gv/util/egovutils/2.0.0/egovutils-2.0.0.jar +++ b/repository/at/gv/util/egovutils/2.0.0/egovutils-2.0.0.jar diff --git a/repository/axis/axis/1.0_IAIK_1.2/axis-1.0_IAIK_1.1.pom b/repository/axis/axis/1.0_IAIK_1.2/axis-1.0_IAIK_1.1.pom new file mode 100644 index 000000000..6efb3d78d --- /dev/null +++ b/repository/axis/axis/1.0_IAIK_1.2/axis-1.0_IAIK_1.1.pom @@ -0,0 +1,7 @@ +<?xml version="1.0" encoding="UTF-8"?><project> + <modelVersion>4.0.0</modelVersion> + <groupId>axis</groupId> + <artifactId>axis</artifactId> + <version>1.0_IAIK_1.2</version> + <description>AXIS 1.0 patched(1.2) (XXE attacks / wsdl ressource loader)</description> +</project> diff --git a/repository/axis/axis/1.0_IAIK_1.2/axis-1.0_IAIK_1.2.jar b/repository/axis/axis/1.0_IAIK_1.2/axis-1.0_IAIK_1.2.jar Binary files differnew file mode 100644 index 000000000..3418552f4 --- /dev/null +++ b/repository/axis/axis/1.0_IAIK_1.2/axis-1.0_IAIK_1.2.jar diff --git a/spss/handbook/clients/api/.gitignore b/spss/handbook/clients/api/.gitignore new file mode 100644 index 000000000..934e0e06f --- /dev/null +++ b/spss/handbook/clients/api/.gitignore @@ -0,0 +1,2 @@ +/bin +/target diff --git a/spss/handbook/clients/referencedData/.gitignore b/spss/handbook/clients/referencedData/.gitignore new file mode 100644 index 000000000..934e0e06f --- /dev/null +++ b/spss/handbook/clients/referencedData/.gitignore @@ -0,0 +1,2 @@ +/bin +/target diff --git a/spss/handbook/clients/webservice/.gitignore b/spss/handbook/clients/webservice/.gitignore new file mode 100644 index 000000000..934e0e06f --- /dev/null +++ b/spss/handbook/clients/webservice/.gitignore @@ -0,0 +1,2 @@ +/bin +/target diff --git a/spss/server/serverlib/.gitignore b/spss/server/serverlib/.gitignore new file mode 100644 index 000000000..ea8c4bf7f --- /dev/null +++ b/spss/server/serverlib/.gitignore @@ -0,0 +1 @@ +/target diff --git a/spss/server/serverlib/pom.xml b/spss/server/serverlib/pom.xml index 7c11659e1..da78d3dc1 100644 --- a/spss/server/serverlib/pom.xml +++ b/spss/server/serverlib/pom.xml @@ -167,6 +167,12 @@ <version>2.2.11</version>
</dependency>
+ <dependency>
+ <groupId>com.sun.xml.bind</groupId>
+ <artifactId>jaxb-core</artifactId>
+ <version>2.2.11</version>
+ </dependency>
+
<!-- <dependency>
<groupId>iaik</groupId>
<artifactId>iaik_util</artifactId>
diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/tsl/utils/TSLImportFromFileContext.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/tsl/utils/TSLImportFromFileContext.java index 492d10eda..f8e8f608b 100644 --- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/tsl/utils/TSLImportFromFileContext.java +++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/tsl/utils/TSLImportFromFileContext.java @@ -726,7 +726,8 @@ public class TSLImportFromFileContext extends iaik.xml.crypto.tsl.TSLImportFromF } else if (e.getMessage().startsWith("cvc-datatype-valid.1.2.1: '") && e.getMessage().endsWith("' is not a valid value for 'NCName'.")){
- if (expectedTerritory_ == Countries.CY || expectedTerritory_ == Countries.LV){
+ if (expectedTerritory_ == Countries.CY || expectedTerritory_ == Countries.LV ||
+ expectedTerritory_ == Countries.HR || expectedTerritory_ == Countries.NL){
return new AttributeValueFixup("","Id","(.+)","x$1",e, this);
}
} else if (e.getMessage().startsWith("cvc-complex-type.2.3: Element '") && e.getMessage().endsWith("' cannot have character [children], because the type's content type is element-only.")) {
diff --git a/spss/server/serverws/.gitignore b/spss/server/serverws/.gitignore new file mode 100644 index 000000000..4dc009173 --- /dev/null +++ b/spss/server/serverws/.gitignore @@ -0,0 +1,2 @@ +/target +/bin diff --git a/spss/server/serverws/pom.xml b/spss/server/serverws/pom.xml index 79a16cbb5..bbfb3c443 100644 --- a/spss/server/serverws/pom.xml +++ b/spss/server/serverws/pom.xml @@ -50,7 +50,7 @@ <webResources> <resource> <directory>${basedir}/resources/wsdl</directory> - <targetPath>resources/schemas</targetPath> + <targetPath>WEB-INF/classes/resources/schemas</targetPath> <includes> <include>*.xsd</include> <include>*.wsdl</include> diff --git a/spss/server/serverws/resources/wsdl/MOA-SPSS-1.5.2.wsdl b/spss/server/serverws/resources/wsdl/MOA-SPSS-2.0.0.wsdl index 4f9deee38..4f9deee38 100644 --- a/spss/server/serverws/resources/wsdl/MOA-SPSS-1.5.2.wsdl +++ b/spss/server/serverws/resources/wsdl/MOA-SPSS-2.0.0.wsdl diff --git a/spss/server/serverws/resources/wsdl/MOA-SPSS-1.5.2.xsd b/spss/server/serverws/resources/wsdl/MOA-SPSS-2.0.0.xsd index cc0a7c882..cc0a7c882 100644 --- a/spss/server/serverws/resources/wsdl/MOA-SPSS-1.5.2.xsd +++ b/spss/server/serverws/resources/wsdl/MOA-SPSS-2.0.0.xsd diff --git a/spss/server/serverws/src/main/webapp/WEB-INF/server-config.wsdd b/spss/server/serverws/src/main/webapp/WEB-INF/server-config.wsdd index 9ff243e5c..43e748734 100644 --- a/spss/server/serverws/src/main/webapp/WEB-INF/server-config.wsdd +++ b/spss/server/serverws/src/main/webapp/WEB-INF/server-config.wsdd @@ -16,7 +16,7 @@ <namespace>http://reference.e-government.gv.at/namespace/moa/20020822#</namespace>
<parameter name="allowedMethods" value="CreateCMSSignatureRequest CreateXMLSignatureRequest"/>
<parameter name="className" value="at.gv.egovernment.moa.spss.server.service.SignatureCreationService"/>
- <wsdlFile>webapps/moa-spss/resources/schemas/MOA-SPSS-2.0.0.wsdl</wsdlFile>
+ <wsdlFile>/resources/schemas/MOA-SPSS-2.0.0.wsdl</wsdlFile>
<requestFlow>
<handler type="MOAHandler"/>
@@ -30,7 +30,7 @@ <namespace>http://reference.e-government.gv.at/namespace/moa/20020822#</namespace>
<parameter name="allowedMethods" value="VerifyCMSSignatureRequest VerifyXMLSignatureRequest"/>
<parameter name="className" value="at.gv.egovernment.moa.spss.server.service.SignatureVerificationService"/>
- <wsdlFile>webapps/moa-spss/resources/schemas/MOA-SPSS-2.0.0.wsdl</wsdlFile>
+ <wsdlFile>/resources/schemas/MOA-SPSS-2.0.0.wsdl</wsdlFile>
<requestFlow>
<handler type="MOAHandler"/>
</requestFlow>
diff --git a/spss/server/tools/.gitignore b/spss/server/tools/.gitignore new file mode 100644 index 000000000..ea8c4bf7f --- /dev/null +++ b/spss/server/tools/.gitignore @@ -0,0 +1 @@ +/target |