aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorkstranacher <kstranacher@d688527b-c9ab-4aba-bd8d-4036d912da1d>2010-07-14 15:17:36 +0000
committerkstranacher <kstranacher@d688527b-c9ab-4aba-bd8d-4036d912da1d>2010-07-14 15:17:36 +0000
commitb6d6d65334689f60d41a4eba1a1660c12e90d580 (patch)
treee7718875ccec36267688e0340bbcd5866fbfdab8
parent13f101f89f0659aacfc642402de7c31d9eceb658 (diff)
downloadmoa-id-spss-b6d6d65334689f60d41a4eba1a1660c12e90d580.tar.gz
moa-id-spss-b6d6d65334689f60d41a4eba1a1660c12e90d580.tar.bz2
moa-id-spss-b6d6d65334689f60d41a4eba1a1660c12e90d580.zip
git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/trunk@1173 d688527b-c9ab-4aba-bd8d-4036d912da1d
-rw-r--r--id/readme_1.4.7.txt2
-rw-r--r--id/server/data/deploy/conf/moa-spss/profiles/MOAIDTransformAuthBlockTable_EN.xml2
-rw-r--r--id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-03.20080425-20180425.SerNoÔÇÄ03e694(SecureSignatureKeypair).cerbin0 -> 975 bytes
-rw-r--r--id/server/doc/moa_id/id-admin_1.htm2
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java11
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/SZRGWClient.java17
-rw-r--r--spss/handbook/conf/moa-spss/sp.minimum.config.xml10
-rw-r--r--spss/handbook/conf/moa-spss/spss.config.xml10
-rw-r--r--spss/handbook/conf/moa-spss/trustProfiles/certifiedSignature+Test/A-Trust-Qual-03.20080425-20180425.SerNoÔÇÄ03e694(SecureSignatureKeypair).cerbin0 -> 975 bytes
-rw-r--r--spss/handbook/conf/moa-spss/trustProfiles/certifiedSignature/A-Trust-Qual-03.20080425-20180425.SerNoÔÇÄ03e694(SecureSignatureKeypair).cerbin0 -> 975 bytes
10 files changed, 50 insertions, 4 deletions
diff --git a/id/readme_1.4.7.txt b/id/readme_1.4.7.txt
index 5059c92a5..994c17a7f 100644
--- a/id/readme_1.4.7.txt
+++ b/id/readme_1.4.7.txt
@@ -11,7 +11,7 @@ erstmals in der Veröffentlichung enthalten sind (siehe auch history.txt im
gleichen Verzeichnis):
- Anbindung an Stammzahlenregister-Gateway um ausländische Bürger zu integrieren (ERnP-Eintragung
- gemäß)
+ gemäß E-Government Gesetz §6(5))
- Neuer AUTH-Block mit neuen Transformationen
- Fixed Bug #485 (https://egovlabs.gv.at/tracker/index.php?func=detail&aid=485&group_id=6&atid=105)
- Fixed Bug #540 (https://egovlabs.gv.at/tracker/index.php?func=detail&aid=540&group_id=6&atid=105)
diff --git a/id/server/data/deploy/conf/moa-spss/profiles/MOAIDTransformAuthBlockTable_EN.xml b/id/server/data/deploy/conf/moa-spss/profiles/MOAIDTransformAuthBlockTable_EN.xml
index b9c613e2d..9a067b0ba 100644
--- a/id/server/data/deploy/conf/moa-spss/profiles/MOAIDTransformAuthBlockTable_EN.xml
+++ b/id/server/data/deploy/conf/moa-spss/profiles/MOAIDTransformAuthBlockTable_EN.xml
@@ -6,7 +6,7 @@
<xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml">
<html>
<head>
- <title>Signatur der Anmeldedaten</title>
+ <title>Signing the authentication data</title>
<style type="text/css" media="screen">.boldstyle { font-weight: bold; } .italicstyle { font-style: italic; } .annotationstyle { font-size: small; } .graybground {background-color: #E0E0E0;}
.titlestyle{ text-decoration:underline; font-weight:bold; font-family: Verdana; font-size: x-small; }
.h4style{ font-family: Verdana; }
diff --git a/id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-03.20080425-20180425.SerNoÔÇÄ03e694(SecureSignatureKeypair).cer b/id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-03.20080425-20180425.SerNoÔÇÄ03e694(SecureSignatureKeypair).cer
new file mode 100644
index 000000000..ab9e0cd7d
--- /dev/null
+++ b/id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-03.20080425-20180425.SerNoÔÇÄ03e694(SecureSignatureKeypair).cer
Binary files differ
diff --git a/id/server/doc/moa_id/id-admin_1.htm b/id/server/doc/moa_id/id-admin_1.htm
index 1ec90a208..a695d73b0 100644
--- a/id/server/doc/moa_id/id-admin_1.htm
+++ b/id/server/doc/moa_id/id-admin_1.htm
@@ -226,7 +226,7 @@ Um MOA-ID-AUTH in Tomcat f&uuml;r den Ablauf vorzubereiten, sind folgende Schrit
</li>
<li>Die endorsed Libraries f&uuml;r Tomcat m&uuml;ssen aus dem
Verzeichnis $MOA_ID_INST_AUTH/endorsed in das Tomcat-Verzeichnis
- $CATALINA_HOME/common/endorsed kopieren werden. Folgende Libraries
+ $CATALINA_HOME/common/endorsed kopieren werden. F&uuml;r Tomcat 6 m&uuml;ssen die Dateien in das Verzeichnis $CATALINA_HOME/endorsed kopiert werden (das Verzeichnis endorsed ist dabei im Allgemein erst anzulegen). Folgende Libraries
sind f&uuml;r das Deployment im endorsed Verzeichnis vorgesehen:
<ul>
<li>xalan.jar</li>
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java
index c2de2e3e1..282d7f583 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java
@@ -9,6 +9,7 @@ import java.util.Map;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import javax.xml.transform.TransformerException;
import org.apache.commons.fileupload.FileUploadException;
import org.w3c.dom.Document;
@@ -33,6 +34,7 @@ import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
import at.gv.egovernment.moa.id.util.SSLUtils;
import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.util.DOMUtils;
import at.gv.egovernment.moa.util.URLEncoder;
/**
@@ -116,11 +118,20 @@ public class GetForeignIDServlet extends AuthServlet {
// make SZR request to the identity link
CreateIdentityLinkResponse response = getIdentityLink(signature);
+
if (response.isError()) {
throw new SZRGWClientException(response.getError());
}
else {
+
Element samlAssertion = response.getAssertion();
+
+ try {
+ System.out.println(DOMUtils.serializeNode(samlAssertion));
+ } catch (TransformerException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
IdentityLinkAssertionParser ilParser = new IdentityLinkAssertionParser(samlAssertion);
IdentityLink identitylink = ilParser.parseIdentityLink();
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/SZRGWClient.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/SZRGWClient.java
index 2080118d0..9cb7c7ab4 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/SZRGWClient.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/SZRGWClient.java
@@ -18,6 +18,7 @@ package at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
+import java.io.File;
import javax.net.ssl.SSLSocketFactory;
import javax.xml.parsers.DocumentBuilder;
@@ -27,6 +28,7 @@ import javax.xml.parsers.ParserConfigurationException;
import org.apache.commons.httpclient.HttpClient;
import org.apache.commons.httpclient.methods.PostMethod;
import org.apache.commons.httpclient.protocol.Protocol;
+import org.apache.xpath.XPathAPI;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
@@ -34,6 +36,7 @@ import org.w3c.dom.NodeList;
import org.w3c.dom.Text;
import at.gv.egovernment.moa.id.auth.validator.parep.ParepUtils;
+import at.gv.egovernment.moa.util.Constants;
import at.gv.egovernment.moa.util.DOMUtils;
@@ -196,7 +199,19 @@ public class SZRGWClient {
}
else {
// set assertion
- response.setAssertion(doc.getDocumentElement());
+ DocumentBuilder builder = DocumentBuilderFactory.newInstance().newDocumentBuilder();
+ Document newdoc = builder.newDocument();
+
+ Element nameSpaceNode = newdoc.createElement("NameSpaceNode");
+ nameSpaceNode.setAttribute("xmlns:" + Constants.DSIG_PREFIX, Constants.DSIG_NS_URI);
+ nameSpaceNode.setAttribute("xmlns:" + Constants.SAML_PREFIX, Constants.SAML_NS_URI);
+
+ Element samlAssertion = (Element)XPathAPI.selectSingleNode(doc, "//saml:Assertion[1]", nameSpaceNode);
+
+ if (samlAssertion == null)
+ throw new SZRGWClientException("Could not found a saml:Assertion element in response.");
+ else
+ response.setAssertion(samlAssertion);
}
return response;
diff --git a/spss/handbook/conf/moa-spss/sp.minimum.config.xml b/spss/handbook/conf/moa-spss/sp.minimum.config.xml
index 77bb8ab25..bc154ae00 100644
--- a/spss/handbook/conf/moa-spss/sp.minimum.config.xml
+++ b/spss/handbook/conf/moa-spss/sp.minimum.config.xml
@@ -38,6 +38,16 @@
</cfg:DatabaseArchive>
</cfg:Archive>
</cfg:Archiving>
+ <cfg:CrlRetentionIntervals>
+ <cfg:CA>
+ <cfg:X509IssuerName>CN=a-sign-Premium-Sig-01,OU=a-sign-Premium-Sig-01,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT</cfg:X509IssuerName>
+ <cfg:Interval>12775</cfg:Interval>
+ </cfg:CA>
+ <cfg:CA>
+ <cfg:X509IssuerName>CN=a-sign-Premium-Sig-02,OU=a-sign-Premium-Sig-02,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT</cfg:X509IssuerName>
+ <cfg:Interval>12775</cfg:Interval>
+ </cfg:CA>
+ </cfg:CrlRetentionIntervals>
</cfg:RevocationChecking>
</cfg:CertificateValidation>
</cfg:SignatureVerification>
diff --git a/spss/handbook/conf/moa-spss/spss.config.xml b/spss/handbook/conf/moa-spss/spss.config.xml
index 9f79c5a19..020939891 100644
--- a/spss/handbook/conf/moa-spss/spss.config.xml
+++ b/spss/handbook/conf/moa-spss/spss.config.xml
@@ -143,6 +143,16 @@
</cfg:DatabaseArchive>
</cfg:Archive>
</cfg:Archiving>
+ <cfg:CrlRetentionIntervals>
+ <cfg:CA>
+ <cfg:X509IssuerName>CN=a-sign-Premium-Sig-01,OU=a-sign-Premium-Sig-01,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT</cfg:X509IssuerName>
+ <cfg:Interval>12775</cfg:Interval>
+ </cfg:CA>
+ <cfg:CA>
+ <cfg:X509IssuerName>CN=a-sign-Premium-Sig-02,OU=a-sign-Premium-Sig-02,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT</cfg:X509IssuerName>
+ <cfg:Interval>12775</cfg:Interval>
+ </cfg:CA>
+ </cfg:CrlRetentionIntervals>
</cfg:RevocationChecking>
</cfg:CertificateValidation>
<cfg:PermitFileURIs>false</cfg:PermitFileURIs>
diff --git a/spss/handbook/conf/moa-spss/trustProfiles/certifiedSignature+Test/A-Trust-Qual-03.20080425-20180425.SerNoÔÇÄ03e694(SecureSignatureKeypair).cer b/spss/handbook/conf/moa-spss/trustProfiles/certifiedSignature+Test/A-Trust-Qual-03.20080425-20180425.SerNoÔÇÄ03e694(SecureSignatureKeypair).cer
new file mode 100644
index 000000000..ab9e0cd7d
--- /dev/null
+++ b/spss/handbook/conf/moa-spss/trustProfiles/certifiedSignature+Test/A-Trust-Qual-03.20080425-20180425.SerNoÔÇÄ03e694(SecureSignatureKeypair).cer
Binary files differ
diff --git a/spss/handbook/conf/moa-spss/trustProfiles/certifiedSignature/A-Trust-Qual-03.20080425-20180425.SerNoÔÇÄ03e694(SecureSignatureKeypair).cer b/spss/handbook/conf/moa-spss/trustProfiles/certifiedSignature/A-Trust-Qual-03.20080425-20180425.SerNoÔÇÄ03e694(SecureSignatureKeypair).cer
new file mode 100644
index 000000000..ab9e0cd7d
--- /dev/null
+++ b/spss/handbook/conf/moa-spss/trustProfiles/certifiedSignature/A-Trust-Qual-03.20080425-20180425.SerNoÔÇÄ03e694(SecureSignatureKeypair).cer
Binary files differ