Update zu Blacklisten

git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/trunk@1237 d688527b-c9ab-4aba-bd8d-4036d912da1d
author: kstranacher <kstranacher@d688527b-c9ab-4aba-bd8d-4036d912da1d> 2012-02-10 00:02:07 +0000
committer: kstranacher <kstranacher@d688527b-c9ab-4aba-bd8d-4036d912da1d> 2012-02-10 00:02:07 +0000
commit: 8038e84084386965fb44ca4492f666dd27af186e (patch)
tree: 67f31a96abc06c0148cb8730ea371193a14bc69d
parent: 4af2a06ad0d4dc021277b115d15bbeeede3c23b7 (diff)
download: moa-id-spss-8038e84084386965fb44ca4492f666dd27af186e.tar.gz
moa-id-spss-8038e84084386965fb44ca4492f666dd27af186e.tar.bz2
moa-id-spss-8038e84084386965fb44ca4492f666dd27af186e.zip
5 files changed, 38 insertions, 32 deletions
diff --git a/id/server/auth/.classpath b/id/server/auth/.classpath
index 6acd7de03..f724d4325 100644
--- a/id/server/auth/.classpath
+++ b/id/server/auth/.classpath
@@ -2,7 +2,7 @@
 <classpath>
 	<classpathentry excluding="**" kind="src" output="target/classes" path="src/main/resources"/>
 	<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/J2SE-1.4"/>
-	<classpathentry kind="con" path="org.eclipse.jst.server.core.container/org.eclipse.jst.server.tomcat.runtimeTarget/Apache Tomcat v5.0"/>
+	<classpathentry kind="con" path="org.eclipse.jst.server.core.container/org.eclipse.jst.server.tomcat.runtimeTarget/Apache Tomcat v6.0"/>
 	<classpathentry kind="con" path="org.maven.ide.eclipse.MAVEN2_CLASSPATH_CONTAINER">
 		<attributes>
 			<attribute name="org.eclipse.jst.component.dependency" value="/WEB-INF/lib"/>
diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/MOASecurityManagerExtended.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/MOASecurityManagerExtended.java
index ab9c01daa..42ee621e6 100644
--- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/MOASecurityManagerExtended.java
+++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/MOASecurityManagerExtended.java
@@ -1,4 +1,4 @@
-package at.gv.egovernment.moa.spss;
+package at.gv.egovernment.moa.spss.server;
 
 import java.net.InetAddress;
 import java.net.UnknownHostException;
@@ -24,21 +24,21 @@ public class MOASecurityManagerExtended extends SecurityManager {
 	 */
 	
 	public void checkConnect(String host, int port, Object context) {
-		Logger.debug("checkConnect: " + host + ":" + port);
+		// System.out.println("checkConnect: " + host + ":" + port);
 		if (!checkURI(host, port))
 			throw new SecurityException("URI not allowed (blacklisted or external URIs generally not allowed");
 		else {
-			Logger.debug("Perform checkConnect of given SecurityManager");
+			// System.out.println("Perform checkConnect of given SecurityManager");
 			super.checkConnect(host, port, context);
 		}
 	}
 	
 	public void checkConnect(String host, int port) {
-		Logger.debug("checkConnect: " + host + ":" + port);
+		// System.out.println("checkConnect: " + host + ":" + port);
 		if (!checkURI(host, port))
 			throw new SecurityException("URI not allowed (blacklisted or external URIs generally not allowed");
 		else {
-			Logger.debug("Perform checkConnect of given SecurityManager");
+			// System.out.println("Perform checkConnect of given SecurityManager");
 			super.checkConnect(host, port);
 		}	
 	}
@@ -53,7 +53,7 @@ public class MOASecurityManagerExtended extends SecurityManager {
 				if (bport == null) {
 					// check only host
 					if (bhost.equalsIgnoreCase(host)) {
-						Logger.debug("Security check: " + host + " blacklisted");
+						// System.out.println("Security check: " + host + " blacklisted");
 						return false;
 					}
 				}
@@ -61,24 +61,24 @@ public class MOASecurityManagerExtended extends SecurityManager {
 					// check host and port
 					int iport = new Integer(bport).intValue();
 					if (bhost.equalsIgnoreCase(host) && (iport == port)) {
-						Logger.debug("Security check: " + host + ":" + port + " blacklisted");
+						// System.out.println("Security check: " + host + ":" + port + " blacklisted");
 						return false;
 					}
 						
 				}
 			}
 			
-			Logger.debug("Security check: " + host + ":" + port + " allowed");
+			// System.out.println("Security check: " + host + ":" + port + " allowed");
 			return true;
 		}
 		else {			
 			String localhost = getLocalhostName();
 			if (host.equalsIgnoreCase(localhost) || host.equalsIgnoreCase("localhost") || host.equalsIgnoreCase("127.0.0.1") ) {
-				Logger.debug("Security check: localhost name allowed");
+				// System.out.println("Security check: localhost name allowed");
 				return true;
 			}
 						
-			Logger.debug("Security check: " + host + ":" + port + " not allowed (external URIs not allowed)");
+			// System.out.println("Security check: " + host + ":" + port + " not allowed (external URIs not allowed)");
 			return false;
 		}
 	}
@@ -99,7 +99,7 @@ public class MOASecurityManagerExtended extends SecurityManager {
 		
 		}
 		catch (UnknownHostException e) {
-			Logger.debug("UnknownHostExeption: Returns \"localhost\" as name for localhost");
+			// System.out.println("UnknownHostExeption: Returns \"localhost\" as name for localhost");
 			return "localhost";
 		}
 	}
diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/MOASecurityManagerSimple.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/MOASecurityManagerSimple.java
index 361a75e4c..530a27a48 100644
--- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/MOASecurityManagerSimple.java
+++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/MOASecurityManagerSimple.java
@@ -1,4 +1,5 @@
-package at.gv.egovernment.moa.spss;
+package at.gv.egovernment.moa.spss.server;
+
 
 import java.io.FileDescriptor;
 import java.net.InetAddress;
@@ -7,8 +8,6 @@ import java.security.Permission;
 import java.util.Iterator;
 import java.util.List;
 
-import at.gv.egovernment.moa.logging.Logger;
-
 public class MOASecurityManagerSimple extends SecurityManager {
 
 	private List blacklist;
@@ -25,13 +24,12 @@ public class MOASecurityManagerSimple extends SecurityManager {
 	 */
 	
 	public void checkConnect(String host, int port, Object context) {
-		//Logger.debug("checkConnect: " + host + ":" + port);
 		if (!checkURI(host, port))
 			throw new SecurityException("URI not allowed (blacklisted or external URIs generally not allowed");
 	}
 
 	public void checkConnect(String host, int port) {
-		//Logger.debug("checkConnect: " + host + ":" + port);
+		// System.out.println("checkConnect: " + host + ":" + port);
 		if (!checkURI(host, port))
 			throw new SecurityException("URI not allowed (blacklisted or external URIs generally not allowed");
 	}
@@ -46,7 +44,7 @@ public class MOASecurityManagerSimple extends SecurityManager {
 				if (bport == null) {
 					// check only host
 					if (bhost.equalsIgnoreCase(host)) {
-						//Logger.debug("Security check: " + host + " blacklisted");
+						// System.out.println("Security check: " + host + " blacklisted");
 						return false;
 					}
 				}
@@ -54,24 +52,24 @@ public class MOASecurityManagerSimple extends SecurityManager {
 					// check host and port
 					int iport = new Integer(bport).intValue();
 					if (bhost.equalsIgnoreCase(host) && (iport == port)) {
-						//Logger.debug("Security check: " + host + ":" + port + " blacklisted");
+						// System.out.println("Security check: " + host + ":" + port + " blacklisted");
 						return false;
 					}
 						
 				}
 			}
 			
-			//Logger.debug("Security check: " + host + ":" + port + " allowed");
+			// System.out.println("Security check: " + host + ":" + port + " allowed");
 			return true;
 		}
 		else {			
 			String localhost = getLocalhostName();
 			if (host.equalsIgnoreCase(localhost) || host.equalsIgnoreCase("localhost") || host.equalsIgnoreCase("127.0.0.1") ) {
-				//Logger.debug("Security check: localhost name allowed");
+				// System.out.println("Security check: localhost name allowed");
 				return true;
 			}
 						
-			//Logger.debug("Security check: " + host + ":" + port + " not allowed (external URIs not allowed)");
+			// System.out.println("Security check: " + host + ":" + port + " not allowed (external URIs not allowed)");
 			return false;
 		}
 	}
@@ -93,7 +91,7 @@ public class MOASecurityManagerSimple extends SecurityManager {
 		
 		}
 		catch (UnknownHostException e) {
-			//Logger.debug("UnknownHostExeption: Returns \"localhost\" as name for localhost");
+			// System.out.println("UnknownHostExeption: Returns \"localhost\" as name for localhost");
 			return "localhost";
 		}
 	}
diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java
index 9e0a7fd53..bcd9416b8 100644
--- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java
+++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java
@@ -48,8 +48,8 @@ import org.w3c.dom.Element;
 
 import at.gv.egovernment.moa.logging.LogMsg;
 import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.spss.MOASecurityManagerExtended;
-import at.gv.egovernment.moa.spss.MOASecurityManagerSimple;
+import at.gv.egovernment.moa.spss.server.MOASecurityManagerExtended;
+import at.gv.egovernment.moa.spss.server.MOASecurityManagerSimple;
 import at.gv.egovernment.moa.spss.util.MessageProvider;
 import at.gv.egovernment.moa.util.DOMUtils;
 
@@ -386,29 +386,30 @@ public class ConfigurationProvider
       
       // set SecurityManager for permitting/disallowing external URIs
       SecurityManager sm = System.getSecurityManager();      
+      
       if (sm == null) {
     	  // no security manager exists - create a new one
-    	  //Logger.debug(new LogMsg("Create new MOASecurityManagerSimple"));
+    	  Logger.debug(new LogMsg("Create new MOASecurityManagerSimple"));
     	  sm = new MOASecurityManagerSimple(allowExternalUris_, blackListedUris_);
     	  
     	  
-    	  //Logger.debug(new LogMsg("Set the new MOASecurityManagerSimple"));
+    	  Logger.debug(new LogMsg("Set the new MOASecurityManagerSimple"));
           System.setSecurityManager(sm);
         
       }      
       else {    	
     	  String classname = sm.getClass().getName();
-    	  if (!classname.equalsIgnoreCase("at.gv.egovernment.moa.spss.MOASecurityManagerSimple") &&
-    		  !classname.equalsIgnoreCase("at.gv.egovernment.moa.spss.MOASecurityManagerExtended")) {
+    	  if (!classname.equalsIgnoreCase("at.gv.egovernment.moa.spss.server.MOASecurityManagerSimple") &&
+    		  !classname.equalsIgnoreCase("at.gv.egovernment.moa.spss.server.MOASecurityManagerExtended")) {
     		  // if SecurityManager is not already a MOASecurityManager
     		  
-    		//  Logger.debug(new LogMsg("Create new MOASecurityManagerExtended (including existing SecurityManager)"));
+    		  Logger.debug(new LogMsg("Create new MOASecurityManagerExtended (including existing SecurityManager)"));
     		  sm = new MOASecurityManagerExtended(allowExternalUris_, blackListedUris_);
     		  
-    		  //Logger.debug(new LogMsg("Set the new MOASecurityManagerSimple"));
+    		  Logger.debug(new LogMsg("Set the new MOASecurityManagerSimple"));
     		  System.setSecurityManager(sm);
     	  }
-    	  //Logger.debug(new LogMsg("No new MOASecurityManager instantiated"));
+    	  Logger.debug(new LogMsg("No new MOASecurityManager instantiated"));
       }
 
       
diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java
index a57c807a1..a123dd4fc 100644
--- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java
+++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java
@@ -212,6 +212,10 @@ public class XMLSignatureVerificationInvoker {
 
       module.setLog(new IaikLog(loggingCtx.getNodeID()));
 
+      //@TODO
+      SecurityManager sm = System.getSecurityManager();
+      System.setSecurityManager(null);
+      
       result =
         module.verifySignature(
           xmlSignature,
@@ -219,6 +223,9 @@ public class XMLSignatureVerificationInvoker {
           profile,
           signingTime,
           new TransactionId(context.getTransactionID()));
+      
+      //@TODO
+      System.setSecurityManager(sm);
     } catch (IAIKException e) {
       MOAException moaException = IaikExceptionMapper.getInstance().map(e);
       throw moaException;
author	kstranacher <kstranacher@d688527b-c9ab-4aba-bd8d-4036d912da1d>	2012-02-10 00:02:07 +0000
committer	kstranacher <kstranacher@d688527b-c9ab-4aba-bd8d-4036d912da1d>	2012-02-10 00:02:07 +0000
commit	8038e84084386965fb44ca4492f666dd27af186e (patch)
tree	67f31a96abc06c0148cb8730ea371193a14bc69d
parent	4af2a06ad0d4dc021277b115d15bbeeede3c23b7 (diff)
download	moa-id-spss-8038e84084386965fb44ca4492f666dd27af186e.tar.gz moa-id-spss-8038e84084386965fb44ca4492f666dd27af186e.tar.bz2 moa-id-spss-8038e84084386965fb44ca4492f666dd27af186e.zip