* Update Parameterüberprüfung Templates

* Update Beispiel-Konfigurationen
* Update ContentType für InfoBoxReadRequest (Zertifikat) bei Online-Mandates

git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/trunk@1202 d688527b-c9ab-4aba-bd8d-4036d912da1d

8 files changed, 59 insertions, 19 deletions

diff --git a/id/server/data/deploy/conf/moa-id/SampleMOAIDConfiguration.xml b/id/server/data/deploy/conf/moa-id/SampleMOAIDConfiguration.xml
index 8dd49e2d7..b74956473 100644
--- a/id/server/data/deploy/conf/moa-id/SampleMOAIDConfiguration.xml
+++ b/id/server/data/deploy/conf/moa-id/SampleMOAIDConfiguration.xml
@@ -102,7 +102,7 @@
 			<!-- (siehe OnlineApplication/AuthComponent/Mandates)-->
 			<!--<Mandates>-->
 				<!-- Liste der Vollmachten-Identifikatoren, die festlegen mit welchen Vollmachtstypen man sich bei der Online-Applikation anmelden kann-->
-<!--				<Profiles>Prokura,PostvollmachtAufBasisProkura,WKOVollmachtAufBasisProkura,ZVR,ZVRMitPostvollmacht,ERsB,ErsBMitPostvollmacht,PostvollmachtBilateral,GeneralvollmachtBilateral,WKOVollmachtBilateral</Profiles>-->
+<!--				<Profiles>Zustellung,Prokura,PostvollmachtAufBasisProkura,WKOVollmachtAufBasisProkura,ZVR,ZVRMitPostvollmacht,ERsB,ErsBMitPostvollmacht,PostvollmachtBilateral,GeneralvollmachtBilateral,WKOVollmachtBilateral</Profiles>-->
 <!--			</Mandates>-->
 		</AuthComponent>
 	</OnlineApplication>
diff --git a/id/server/data/deploy/conf/moa-id/SampleMOAIDConfigurationProxy.xml b/id/server/data/deploy/conf/moa-id/SampleMOAIDConfigurationProxy.xml
index 11b794888..b2a1a3453 100644
--- a/id/server/data/deploy/conf/moa-id/SampleMOAIDConfigurationProxy.xml
+++ b/id/server/data/deploy/conf/moa-id/SampleMOAIDConfigurationProxy.xml
@@ -111,7 +111,7 @@
 			<!-- (siehe OnlineApplication/AuthComponent/Mandates)-->
 			<!--<Mandates>-->
 				<!-- Liste der Vollmachten-Identifikatoren, die festlegen mit welchen Vollmachtstypen man sich bei der Online-Applikation anmelden kann-->
-<!--				<Profiles>Prokura,PostvollmachtAufBasisProkura,WKOVollmachtAufBasisProkura,ZVR,ZVRMitPostvollmacht,ERsB,ErsBMitPostvollmacht,PostvollmachtBilateral,GeneralvollmachtBilateral,WKOVollmachtBilateral</Profiles>-->
+<!--				<Profiles>Zustellung,Prokura,PostvollmachtAufBasisProkura,WKOVollmachtAufBasisProkura,ZVR,ZVRMitPostvollmacht,ERsB,ErsBMitPostvollmacht,PostvollmachtBilateral,GeneralvollmachtBilateral,WKOVollmachtBilateral</Profiles>-->
 <!--			</Mandates>-->
 		</AuthComponent>
 		<!-- fuer MOA-ID-PROXY -->
diff --git a/id/server/data/deploy/conf/moa-id/SampleMOAIDConfiguration_withTestBKs.xml b/id/server/data/deploy/conf/moa-id/SampleMOAIDConfiguration_withTestBKs.xml
index 80c7a8dfd..35b8e19d1 100644
--- a/id/server/data/deploy/conf/moa-id/SampleMOAIDConfiguration_withTestBKs.xml
+++ b/id/server/data/deploy/conf/moa-id/SampleMOAIDConfiguration_withTestBKs.xml
@@ -101,7 +101,7 @@
 			<!-- (siehe OnlineApplication/AuthComponent/Mandates)-->
 			<!-- <Mandates> -->
 				<!-- Liste der Vollmachten-Identifikatoren, die festlegt mit welchen Vollmachtstyp man sich bei der Online-Applikation anmelden kann-->
-				<!--<Profiles>Prokura,PostvollmachtAufBasisProkura,WKOVollmachtAufBasisProkura,ZVR,ZVRMitPostvollmacht,ERsB,ErsBMitPostvollmacht,PostvollmachtBilateral,GeneralvollmachtBilateral,WKOVollmachtBilateral</Profiles>-->
+				<!--<Profiles>Zustellung,Prokura,PostvollmachtAufBasisProkura,WKOVollmachtAufBasisProkura,ZVR,ZVRMitPostvollmacht,ERsB,ErsBMitPostvollmacht,PostvollmachtBilateral,GeneralvollmachtBilateral,WKOVollmachtBilateral</Profiles>-->
 			<!--</Mandates> -->
 		</AuthComponent>
 	</OnlineApplication>
diff --git a/id/server/data/deploy/conf/moa-id/SampleMOAIDConfiguration_withTestBKsProxy.xml b/id/server/data/deploy/conf/moa-id/SampleMOAIDConfiguration_withTestBKsProxy.xml
index dd207f76d..4aa6d773b 100644
--- a/id/server/data/deploy/conf/moa-id/SampleMOAIDConfiguration_withTestBKsProxy.xml
+++ b/id/server/data/deploy/conf/moa-id/SampleMOAIDConfiguration_withTestBKsProxy.xml
@@ -112,7 +112,7 @@
 			<!-- (siehe OnlineApplication/AuthComponent/Mandates)-->
 			<!--<Mandates>-->
 				<!-- Liste der Vollmachten-Identifikatoren, die festlegen mit welchen Vollmachtstypen man sich bei der Online-Applikation anmelden kann-->
-<!--				<Profiles>Prokura,PostvollmachtAufBasisProkura,WKOVollmachtAufBasisProkura,ZVR,ZVRMitPostvollmacht,ERsB,ErsBMitPostvollmacht,PostvollmachtBilateral,GeneralvollmachtBilateral,WKOVollmachtBilateral</Profiles>-->
+<!--				<Profiles>Zustellung,Prokura,PostvollmachtAufBasisProkura,WKOVollmachtAufBasisProkura,ZVR,ZVRMitPostvollmacht,ERsB,ErsBMitPostvollmacht,PostvollmachtBilateral,GeneralvollmachtBilateral,WKOVollmachtBilateral</Profiles>-->
 <!--			</Mandates>-->
 		</AuthComponent>
 		<!-- fuer MOA-ID-PROXY -->
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyCertificateServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyCertificateServlet.java
index d101df1fa..0014d2647 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyCertificateServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyCertificateServlet.java
@@ -110,7 +110,7 @@ public class VerifyCertificateServlet extends AuthServlet {
 	    

 	    // escape parameter strings

 		sessionID = StringEscapeUtils.escapeHtml(sessionID);

-		

+				

 	    AuthenticationSession session = null;

 	    try {

 	       // check parameter

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyIdentityLinkServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyIdentityLinkServlet.java
index 23861d290..740c85942 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyIdentityLinkServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyIdentityLinkServlet.java
@@ -108,6 +108,7 @@ public class VerifyIdentityLinkServlet extends AuthServlet {
       throw new IOException(e.getMessage());
     }
     String sessionID = req.getParameter(PARAM_SESSIONID);
+       
 
     // escape parameter strings
 	sessionID = StringEscapeUtils.escapeHtml(sessionID);
@@ -178,7 +179,10 @@ public class VerifyIdentityLinkServlet extends AuthServlet {
                    session.getSessionID());
            
           
-     		   ServletUtils.writeCreateXMLSignatureRequest(resp, session, infoboxReadRequest, AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, "VerifyIdentityLink", dataurl);
+     		  //Logger.debug("ContentType set to: application/x-www-form-urlencoded (ServletUtils)");
+     		  //ServletUtils.writeCreateXMLSignatureRequestURLEncoded(resp, session, infoboxReadRequest, AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, "VerifyIdentityLink", dataurl);
+     		  Logger.debug("ContentType set to: text/xml;charset=UTF-8 (ServletUtils)");
+     		  ServletUtils.writeCreateXMLSignatureRequest(resp, session, infoboxReadRequest, AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, "VerifyIdentityLink", dataurl);
     			
     		}
     		else {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ParamValidatorUtils.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ParamValidatorUtils.java
index d35fc875d..a1e039661 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ParamValidatorUtils.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ParamValidatorUtils.java
@@ -270,8 +270,12 @@ public class ParamValidatorUtils {
     	  // check if template url starts with http or https 

     	  if (template.startsWith("http") || template.startsWith("https")) {

     	

-    		  // check if template url is from same server

-    		  if (template.contains(req.getServerName())) {

+    		  // check if template url is from same server    		  

+    		  String name = req.getServerName();

+    		  String httpName = "http://" + name;

+    		  String httpsName = "https://" + name;

+    		  

+    		  if (template.startsWith(httpName) || template.startsWith(httpsName)) {

     			 new URL(template);

     			 Logger.debug("Parameter Template bzw. bkuSelectionTemplateURL erfolgreich überprüft");

      	         return true;

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ServletUtils.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ServletUtils.java
index 24e5ff3d0..c3d548d54 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ServletUtils.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ServletUtils.java
@@ -18,16 +18,17 @@
  */

 package at.gv.egovernment.moa.id.util;

 

-import java.io.IOException;

-import java.io.OutputStream;

-

-import javax.servlet.http.HttpServletResponse;

-

-import at.gv.egovernment.moa.id.MOAIDException;

-import at.gv.egovernment.moa.id.auth.AuthenticationServer;

-import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;

-import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;

-import at.gv.egovernment.moa.logging.Logger;

+import java.io.IOException;
+import java.io.OutputStream;
+import java.net.URLEncoder;
+
+import javax.servlet.http.HttpServletResponse;
+
+import at.gv.egovernment.moa.id.MOAIDException;
+import at.gv.egovernment.moa.id.auth.AuthenticationServer;
+import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
+import at.gv.egovernment.moa.logging.Logger;
 

 /**

  * @author <a href="mailto:peter.danner@egiz.gv.at">Peter Danner</a>

@@ -96,7 +97,7 @@ public class ServletUtils {
       
       //TODO test impact of explicit setting charset with older versions of BKUs (HotSign)
       resp.setContentType("text/xml;charset=UTF-8");
-      
+            
       OutputStream out = resp.getOutputStream();
       out.write(createXMLSignatureRequestOrRedirect.getBytes("UTF-8"));
       out.flush();
@@ -104,5 +105,36 @@ public class ServletUtils {
       Logger.debug("Finished POST " + servletName);
     
   }

+
+  /**
+   * Writes out whether the CreateXMLSignatureRequest or a Redirect for form input processing 
+   * depending on the requests starting text.
+   * 
+   * @param resp The httpServletResponse
+   * @param session The current AuthenticationSession
+   * @param createXMLSignatureRequestOrRedirect The request
+   * @param servletGoal The servlet to which the redirect should happen
+   * @param servletName The servlet name for debug purposes
+   * @throws MOAIDException
+   * @throws IOException
+   */
+  public static void writeCreateXMLSignatureRequestURLEncoded(HttpServletResponse resp, AuthenticationSession session, String createXMLSignatureRequestOrRedirect, String servletGoal, String servletName, String dataURL) 
+  throws MOAIDException,
+         IOException { 
+	  resp.setStatus(200);
+	  Logger.debug("ContentType set to: application/x-www-form-urlencoded");
+	
+	  resp.setContentType("application/x-www-form-urlencoded");
+	  
+	  String content = "XMLRequest=" + URLEncoder.encode(createXMLSignatureRequestOrRedirect, "UTF-8") + "&" + 
+	  					"DataURL=" + URLEncoder.encode(dataURL, "UTF-8");
+      
+      OutputStream out = resp.getOutputStream();
+      out.write(content.getBytes("UTF-8"));
+      out.flush();
+      out.close();
+      Logger.debug("Finished POST " + servletName);
+    
+  }
 

 }