aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2014-01-17 11:50:42 +0100
committerThomas Lenz <tlenz@iaik.tugraz.at>2014-01-17 11:50:42 +0100
commitf51f447ed199dc1c3f5dc750d169462d42b2b6ad (patch)
treeee7ef41971f3589654b1a0c4632c2cf7cb261c9d
parent351f8be591412e124b6d578c1afd3f72f3c25d8f (diff)
downloadmoa-id-spss-f51f447ed199dc1c3f5dc750d169462d42b2b6ad.tar.gz
moa-id-spss-f51f447ed199dc1c3f5dc750d169462d42b2b6ad.tar.bz2
moa-id-spss-f51f447ed199dc1c3f5dc750d169462d42b2b6ad.zip
load IAIK JCE as security provider
BugFix: @MandateReferenceValue has to to been added @SessionStorage hibernate RoleBack in case of no MOASession is found
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java13
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java11
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java6
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/MandateReferenceValueAttributeBuilder.java19
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java1
5 files changed, 39 insertions, 11 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java
index 556d26c67..dbfbdad51 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java
@@ -24,11 +24,15 @@
package at.gv.egovernment.moa.id.auth;
+import iaik.cms.ecc.IaikEccProvider;
import iaik.pki.PKIException;
import iaik.pki.jsse.IAIKX509TrustManager;
+import iaik.security.ecc.provider.ECCProvider;
+import iaik.security.provider.IAIK;
import java.io.IOException;
import java.security.GeneralSecurityException;
+import java.security.Security;
import java.util.Properties;
import javax.activation.CommandMap;
@@ -74,6 +78,14 @@ public class MOAIDAuthInitializer {
Logger.info("Default java file.encoding: "
+ System.getProperty("file.encoding"));
+
+ Logger.info("Loading security providers.");
+ IAIK.addAsProvider();
+
+
+// Security.insertProviderAt(new IAIK(), 1);
+// Security.insertProviderAt(new ECCProvider(), 1);
+
//JDK bug workaround according to:
// http://jce.iaik.tugraz.at/products/03_cms/faq/index.php#JarVerifier
// register content data handlers for S/MIME types
@@ -180,5 +192,4 @@ public class MOAIDAuthInitializer {
AuthConfigLoader.start();
}
-
} \ No newline at end of file
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java
index 27ac16157..1b7b317c1 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java
@@ -23,9 +23,13 @@
package at.gv.egovernment.moa.id.auth.servlet;
+import iaik.security.ecc.provider.ECCProvider;
+import iaik.security.provider.IAIK;
+
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
+import java.security.Security;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.List;
@@ -34,6 +38,7 @@ import java.util.Map;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletConfig;
import javax.servlet.ServletContext;
+import javax.servlet.ServletContextEvent;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
@@ -351,6 +356,12 @@ public class AuthServlet extends HttpServlet implements MOAIDAuthConstants {
super.init(servletConfig);
}
+
+// public void contextDestroyed(ServletContextEvent arg0) {
+// Security.removeProvider((new IAIK()).getName());
+// Security.removeProvider((new ECCProvider()).getName());
+// }
+
/**
* Set response headers to avoid caching
*
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
index 225ecb2a2..777081da0 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
@@ -2,7 +2,11 @@ package at.gv.egovernment.moa.id.entrypoints;
+import iaik.security.ecc.provider.ECCProvider;
+import iaik.security.provider.IAIK;
+
import java.io.IOException;
+import java.security.Security;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
@@ -478,7 +482,7 @@ public class DispatcherServlet extends AuthServlet{
}
}
-
+
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp)
throws ServletException, IOException {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/MandateReferenceValueAttributeBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/MandateReferenceValueAttributeBuilder.java
index 5a50473d3..46c6ffb78 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/MandateReferenceValueAttributeBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/MandateReferenceValueAttributeBuilder.java
@@ -20,17 +20,18 @@ public class MandateReferenceValueAttributeBuilder extends BaseAttributeBuilder
public Attribute build(AuthenticationSession authSession,
OAAuthParameter oaParam, AuthenticationData authData) throws PVP2Exception {
if(authSession.getUseMandate()) {
- Element mandate = authSession.getMandate();
- if(mandate == null) {
- throw new NoMandateDataAvailableException();
- }
- Mandate mandateObject = MandateBuilder.buildMandate(mandate);
- if(mandateObject == null) {
- throw new NoMandateDataAvailableException();
- }
+
+// Element mandate = authSession.getMandate();
+// if(mandate == null) {
+// throw new NoMandateDataAvailableException();
+// }
+// Mandate mandateObject = MandateBuilder.buildMandate(mandate);
+// if(mandateObject == null) {
+// throw new NoMandateDataAvailableException();
+// }
return buildStringAttribute(MANDATE_REFERENCE_VALUE_FRIENDLY_NAME,
- MANDATE_REFERENCE_VALUE_NAME, mandateObject.getMandateID());
+ MANDATE_REFERENCE_VALUE_NAME, authSession.getMandateReferenceValue());
}
return null;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java
index e40d11128..840c3f2be 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java
@@ -209,6 +209,7 @@ public class AuthenticationSessionStoreage {
//Assertion requires an unique artifact
if (result.size() != 1) {
Logger.trace("No entries found.");
+ tx.rollback();
throw new MOADatabaseException("No session found with this sessionID");
}