git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/trunk@1173 d688527b-c9ab-4aba-bd8d-4036d912da1d

author: kstranacher <kstranacher@d688527b-c9ab-4aba-bd8d-4036d912da1d> 2010-07-14 15:17:36 +0000
committer: kstranacher <kstranacher@d688527b-c9ab-4aba-bd8d-4036d912da1d> 2010-07-14 15:17:36 +0000
commit: b6d6d65334689f60d41a4eba1a1660c12e90d580 (patch)
tree: e7718875ccec36267688e0340bbcd5866fbfdab8
parent: 13f101f89f0659aacfc642402de7c31d9eceb658 (diff)
download: moa-id-spss-b6d6d65334689f60d41a4eba1a1660c12e90d580.tar.gz
moa-id-spss-b6d6d65334689f60d41a4eba1a1660c12e90d580.tar.bz2
moa-id-spss-b6d6d65334689f60d41a4eba1a1660c12e90d580.zip
10 files changed, 50 insertions, 4 deletions
diff --git a/id/readme_1.4.7.txt b/id/readme_1.4.7.txt
index 5059c92a5..994c17a7f 100644
--- a/id/readme_1.4.7.txt
+++ b/id/readme_1.4.7.txt
@@ -11,7 +11,7 @@ erstmals in der Veröffentlichung enthalten sind (siehe auch history.txt im
 gleichen Verzeichnis):
 
 - Anbindung an Stammzahlenregister-Gateway um ausländische Bürger zu integrieren (ERnP-Eintragung 
-  gemäß)
+  gemäß E-Government Gesetz §6(5))
 - Neuer AUTH-Block mit neuen Transformationen
 - Fixed Bug #485 (https://egovlabs.gv.at/tracker/index.php?func=detail&aid=485&group_id=6&atid=105)
 - Fixed Bug #540 (https://egovlabs.gv.at/tracker/index.php?func=detail&aid=540&group_id=6&atid=105)
diff --git a/id/server/data/deploy/conf/moa-spss/profiles/MOAIDTransformAuthBlockTable_EN.xml b/id/server/data/deploy/conf/moa-spss/profiles/MOAIDTransformAuthBlockTable_EN.xml
index b9c613e2d..9a067b0ba 100644
--- a/id/server/data/deploy/conf/moa-spss/profiles/MOAIDTransformAuthBlockTable_EN.xml
+++ b/id/server/data/deploy/conf/moa-spss/profiles/MOAIDTransformAuthBlockTable_EN.xml
@@ -6,7 +6,7 @@
 				<xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml">
 					<html>
 						<head>
-							<title>Signatur der Anmeldedaten</title>
+							<title>Signing the authentication data</title>
 							<style type="text/css" media="screen">.boldstyle { font-weight: bold; } .italicstyle { font-style: italic; } .annotationstyle { font-size: small; } .graybground {background-color: #E0E0E0;}
 							.titlestyle{ text-decoration:underline; font-weight:bold; font-family: Verdana;  font-size: x-small; } 
 							.h4style{ font-family: Verdana; }
diff --git a/id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-03.20080425-20180425.SerNoĂ”Ă‡Ă„03e694(SecureSignatureKeypair).cer b/id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-03.20080425-20180425.SerNoĂ”Ă‡Ă„03e694(SecureSignatureKeypair).cer
new file mode 100644
index 000000000..ab9e0cd7d
--- /dev/null
+++ b/id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-03.20080425-20180425.SerNoĂ”Ă‡Ă„03e694(SecureSignatureKeypair).cer
diff --git a/id/server/doc/moa_id/id-admin_1.htm b/id/server/doc/moa_id/id-admin_1.htm
index 1ec90a208..a695d73b0 100644
--- a/id/server/doc/moa_id/id-admin_1.htm
+++ b/id/server/doc/moa_id/id-admin_1.htm
@@ -226,7 +226,7 @@ Um MOA-ID-AUTH in Tomcat f&uuml;r den Ablauf vorzubereiten, sind folgende Schrit
                 </li>
                 <li>Die endorsed Libraries f&uuml;r Tomcat m&uuml;ssen aus dem
                   Verzeichnis $MOA_ID_INST_AUTH/endorsed in das Tomcat-Verzeichnis
-                  $CATALINA_HOME/common/endorsed kopieren werden. Folgende Libraries
+                  $CATALINA_HOME/common/endorsed kopieren werden. F&uuml;r Tomcat 6 m&uuml;ssen die Dateien in das Verzeichnis $CATALINA_HOME/endorsed kopiert werden (das Verzeichnis endorsed ist dabei im Allgemein erst anzulegen). Folgende Libraries
                   sind f&uuml;r das Deployment im endorsed Verzeichnis vorgesehen:
                   <ul>
                     <li>xalan.jar</li>
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java
index c2de2e3e1..282d7f583 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java
@@ -9,6 +9,7 @@ import java.util.Map;
 import javax.servlet.ServletException;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
+import javax.xml.transform.TransformerException;
 
 import org.apache.commons.fileupload.FileUploadException;
 import org.w3c.dom.Document;
@@ -33,6 +34,7 @@ import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
 import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
 import at.gv.egovernment.moa.id.util.SSLUtils;
 import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.util.DOMUtils;
 import at.gv.egovernment.moa.util.URLEncoder;
 
 /**
@@ -116,11 +118,20 @@ public class GetForeignIDServlet extends AuthServlet {
 	    	// make SZR request to the identity link
 	    	CreateIdentityLinkResponse response = getIdentityLink(signature);
 	    	
+	   	    	
 	    	if (response.isError()) {	    		
 	    		throw new SZRGWClientException(response.getError());
 	    	}
 	    	else {
+	    		
 	    		Element samlAssertion = response.getAssertion();
+	    		
+	    		try {
+					System.out.println(DOMUtils.serializeNode(samlAssertion));
+				} catch (TransformerException e) {
+					// TODO Auto-generated catch block
+					e.printStackTrace();
+				}
 		    	
 		    	IdentityLinkAssertionParser ilParser = new IdentityLinkAssertionParser(samlAssertion);
 		    	IdentityLink identitylink = ilParser.parseIdentityLink();
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/SZRGWClient.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/SZRGWClient.java
index 2080118d0..9cb7c7ab4 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/SZRGWClient.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/SZRGWClient.java
@@ -18,6 +18,7 @@ package at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw;
 
 import java.io.ByteArrayInputStream;
 import java.io.ByteArrayOutputStream;
+import java.io.File;
 
 import javax.net.ssl.SSLSocketFactory;
 import javax.xml.parsers.DocumentBuilder;
@@ -27,6 +28,7 @@ import javax.xml.parsers.ParserConfigurationException;
 import org.apache.commons.httpclient.HttpClient;
 import org.apache.commons.httpclient.methods.PostMethod;
 import org.apache.commons.httpclient.protocol.Protocol;
+import org.apache.xpath.XPathAPI;
 import org.w3c.dom.Document;
 import org.w3c.dom.Element;
 import org.w3c.dom.Node;
@@ -34,6 +36,7 @@ import org.w3c.dom.NodeList;
 import org.w3c.dom.Text;
 
 import at.gv.egovernment.moa.id.auth.validator.parep.ParepUtils;
+import at.gv.egovernment.moa.util.Constants;
 import at.gv.egovernment.moa.util.DOMUtils;
 
 
@@ -196,7 +199,19 @@ public class SZRGWClient {
       }
       else {
     	  // set assertion
-    	  response.setAssertion(doc.getDocumentElement());
+    	  DocumentBuilder builder = DocumentBuilderFactory.newInstance().newDocumentBuilder();
+          Document newdoc = builder.newDocument();
+          
+          Element nameSpaceNode = newdoc.createElement("NameSpaceNode");
+          nameSpaceNode.setAttribute("xmlns:" + Constants.DSIG_PREFIX, Constants.DSIG_NS_URI);
+          nameSpaceNode.setAttribute("xmlns:" + Constants.SAML_PREFIX, Constants.SAML_NS_URI);
+          
+          Element samlAssertion = (Element)XPathAPI.selectSingleNode(doc, "//saml:Assertion[1]", nameSpaceNode);
+          
+          if (samlAssertion == null)
+        	  throw new SZRGWClientException("Could not found a saml:Assertion element in response.");
+          else
+        	  response.setAssertion(samlAssertion);
       }
     	
       return response;
diff --git a/spss/handbook/conf/moa-spss/sp.minimum.config.xml b/spss/handbook/conf/moa-spss/sp.minimum.config.xml
index 77bb8ab25..bc154ae00 100644
--- a/spss/handbook/conf/moa-spss/sp.minimum.config.xml
+++ b/spss/handbook/conf/moa-spss/sp.minimum.config.xml
@@ -38,6 +38,16 @@
 						</cfg:DatabaseArchive>
 					</cfg:Archive>
 				</cfg:Archiving>
+				<cfg:CrlRetentionIntervals>
+					<cfg:CA>
+						<cfg:X509IssuerName>CN=a-sign-Premium-Sig-01,OU=a-sign-Premium-Sig-01,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT</cfg:X509IssuerName>
+						<cfg:Interval>12775</cfg:Interval>
+					</cfg:CA>
+					<cfg:CA>
+						<cfg:X509IssuerName>CN=a-sign-Premium-Sig-02,OU=a-sign-Premium-Sig-02,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT</cfg:X509IssuerName>
+						<cfg:Interval>12775</cfg:Interval>
+					</cfg:CA>
+				</cfg:CrlRetentionIntervals>
 			</cfg:RevocationChecking>
 		</cfg:CertificateValidation>
 	</cfg:SignatureVerification>
diff --git a/spss/handbook/conf/moa-spss/spss.config.xml b/spss/handbook/conf/moa-spss/spss.config.xml
index 9f79c5a19..020939891 100644
--- a/spss/handbook/conf/moa-spss/spss.config.xml
+++ b/spss/handbook/conf/moa-spss/spss.config.xml
@@ -143,6 +143,16 @@
 						</cfg:DatabaseArchive>
 					</cfg:Archive>
 				</cfg:Archiving>
+				<cfg:CrlRetentionIntervals>
+					<cfg:CA>
+						<cfg:X509IssuerName>CN=a-sign-Premium-Sig-01,OU=a-sign-Premium-Sig-01,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT</cfg:X509IssuerName>
+						<cfg:Interval>12775</cfg:Interval>
+					</cfg:CA>
+					<cfg:CA>
+						<cfg:X509IssuerName>CN=a-sign-Premium-Sig-02,OU=a-sign-Premium-Sig-02,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT</cfg:X509IssuerName>
+						<cfg:Interval>12775</cfg:Interval>
+					</cfg:CA>
+				</cfg:CrlRetentionIntervals>
 			</cfg:RevocationChecking>
 		</cfg:CertificateValidation>
 		<cfg:PermitFileURIs>false</cfg:PermitFileURIs>
diff --git a/spss/handbook/conf/moa-spss/trustProfiles/certifiedSignature+Test/A-Trust-Qual-03.20080425-20180425.SerNoĂ”Ă‡Ă„03e694(SecureSignatureKeypair).cer b/spss/handbook/conf/moa-spss/trustProfiles/certifiedSignature+Test/A-Trust-Qual-03.20080425-20180425.SerNoĂ”Ă‡Ă„03e694(SecureSignatureKeypair).cer
new file mode 100644
index 000000000..ab9e0cd7d
--- /dev/null
+++ b/spss/handbook/conf/moa-spss/trustProfiles/certifiedSignature+Test/A-Trust-Qual-03.20080425-20180425.SerNoĂ”Ă‡Ă„03e694(SecureSignatureKeypair).cer
diff --git a/spss/handbook/conf/moa-spss/trustProfiles/certifiedSignature/A-Trust-Qual-03.20080425-20180425.SerNoĂ”Ă‡Ă„03e694(SecureSignatureKeypair).cer b/spss/handbook/conf/moa-spss/trustProfiles/certifiedSignature/A-Trust-Qual-03.20080425-20180425.SerNoĂ”Ă‡Ă„03e694(SecureSignatureKeypair).cer
new file mode 100644
index 000000000..ab9e0cd7d
--- /dev/null
+++ b/spss/handbook/conf/moa-spss/trustProfiles/certifiedSignature/A-Trust-Qual-03.20080425-20180425.SerNoĂ”Ă‡Ă„03e694(SecureSignatureKeypair).cer
author	kstranacher <kstranacher@d688527b-c9ab-4aba-bd8d-4036d912da1d>	2010-07-14 15:17:36 +0000
committer	kstranacher <kstranacher@d688527b-c9ab-4aba-bd8d-4036d912da1d>	2010-07-14 15:17:36 +0000
commit	b6d6d65334689f60d41a4eba1a1660c12e90d580 (patch)
tree	e7718875ccec36267688e0340bbcd5866fbfdab8
parent	13f101f89f0659aacfc642402de7c31d9eceb658 (diff)
download	moa-id-spss-b6d6d65334689f60d41a4eba1a1660c12e90d580.tar.gz moa-id-spss-b6d6d65334689f60d41a4eba1a1660c12e90d580.tar.bz2 moa-id-spss-b6d6d65334689f60d41a4eba1a1660c12e90d580.zip