diff options
| author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2016-04-07 10:44:11 +0200 |
|---|---|---|
| committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2016-04-07 10:44:11 +0200 |
| commit | 4b932484d66ef161bb547a419fdc32f04677fe57 (patch) | |
| tree | a99bbc8c9357e6a55c1cff24267b244309d4a775 | |
| parent | 2fb3856bb3412bc825ea789f8d98177a8c527964 (diff) | |
| download | moa-id-spss-4b932484d66ef161bb547a419fdc32f04677fe57.tar.gz moa-id-spss-4b932484d66ef161bb547a419fdc32f04677fe57.tar.bz2 moa-id-spss-4b932484d66ef161bb547a419fdc32f04677fe57.zip | |
fix some possible problems with STORK configuration in config-GUI
12 files changed, 191 insertions, 122 deletions
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java index d8bb0179c..e71bad299 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java @@ -25,6 +25,8 @@ package at.gv.egovernment.moa.id.configuration.data; import java.util.ArrayList; import java.util.List; +import org.apache.log4j.Logger; + import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.AuthComponentGeneral; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.CPEPS; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.ForeignIdentities; @@ -34,8 +36,6 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.StorkAttribute; import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationException; import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider; -import org.apache.log4j.Logger; - public class GeneralStorkConfig { private List<CPEPS> cpepslist; @@ -61,7 +61,9 @@ public class GeneralStorkConfig { public void parse(MOAIDConfiguration config) { log.info("Initializing general Stork config"); - + + cpepslist = new ArrayList<CPEPS>(); + attributes = new ArrayList<StorkAttribute>(); if (config != null) { AuthComponentGeneral auth = config.getAuthComponentGeneral(); @@ -71,15 +73,14 @@ public class GeneralStorkConfig { if (foreign != null) { STORK stork = foreign.getSTORK(); - cpepslist = new ArrayList<CPEPS>(); - attributes = new ArrayList<StorkAttribute>(); - + if (stork != null) { // deep clone all the things - // to foreclose lazyloading session timeouts - - for(CPEPS current : stork.getCPEPS()) { - cpepslist.add(current); + // to foreclose lazyloading session timeouts + if (stork.getCPEPS() != null) { + for(CPEPS current : stork.getCPEPS()) { + cpepslist.add(current); + } } List<StorkAttribute> tmp = stork.getAttributes(); @@ -91,19 +92,26 @@ public class GeneralStorkConfig { try { qaa = stork.getQualityAuthenticationAssuranceLevel(); + } catch(NullPointerException e) { qaa = 4; } } - if (cpepslist.isEmpty()) - cpepslist = null; - - if(attributes.isEmpty()) - attributes.add(new StorkAttribute()); } } } + + if (cpepslist.isEmpty()) { + CPEPS defaultCPEPS = new CPEPS(); + defaultCPEPS.setCountryCode("CC"); + defaultCPEPS.setURL("http://"); + defaultCPEPS.setSupportsXMLSignature(true); + cpepslist.add(defaultCPEPS ); + + } + if(attributes.isEmpty()) + attributes.add(new StorkAttribute()); } public List<CPEPS> getRawCPEPSList() { diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java index 33277af07..c0e1eaaf7 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java @@ -41,6 +41,7 @@ import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationException; import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser; import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider; import at.gv.egovernment.moa.id.configuration.validation.oa.OASTORKConfigValidation; +import at.gv.egovernment.moa.util.MiscUtil; //import at.gv.egovernment.moa.id.protocols.stork2.AttributeProviderFactory; public class OASTORKConfig implements IOnlineApplicationData{ @@ -120,8 +121,10 @@ public class OASTORKConfig implements IOnlineApplicationData{ enabledCitizenCountries = new ArrayList<String>(); - for(CPEPS current : config.getCPEPS()) - enabledCitizenCountries.add(current.getCountryCode()); + if (config.getCPEPS() != null) { + for(CPEPS current : config.getCPEPS()) + enabledCitizenCountries.add(current.getCountryCode()); + } // prepare attribute helper list attributes = new ArrayList<AttributeHelper>(); @@ -130,9 +133,11 @@ public class OASTORKConfig implements IOnlineApplicationData{ for(StorkAttribute current : dbconfig.getAuthComponentGeneral().getForeignIdentities().getSTORK().getAttributes()) { AttributeHelper tmp = null; - for(OAStorkAttribute sepp : config.getOAAttributes()) - if(sepp.getName().equals(current.getName())) - tmp = new AttributeHelper(sepp); + if (config.getOAAttributes() != null) { + for(OAStorkAttribute sepp : config.getOAAttributes()) + if(sepp.getName() != null && sepp.getName().equals(current.getName())) + tmp = new AttributeHelper(sepp); + } if(null == tmp) tmp = new AttributeHelper(current); @@ -248,12 +253,14 @@ public class OASTORKConfig implements IOnlineApplicationData{ if (generalConfStorkAttr != null) { for(StorkAttribute currentAttribute : generalConfStorkAttr) - if(currentAttribute.getName().equals(current.getName())) { + if(MiscUtil.isNotEmpty(currentAttribute.getName()) && + currentAttribute.getName().equals(current.getName())) { if(current.isUsed() || currentAttribute.isMandatory()) { OAStorkAttribute tmp = new OAStorkAttribute(); tmp.setName(current.getName()); tmp.setMandatory(current.isMandatory()); result.add(tmp); + } break; } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java index 504b598c0..d12c1342c 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java @@ -542,42 +542,77 @@ public class EditGeneralConfigAction extends BasicAction { forcon.setURL(moaconfig.getSzrgwURL()); } - ForeignIdentities foreign = dbauth.getForeignIdentities(); - if (foreign != null) { - STORK stork = foreign.getSTORK(); - if (stork == null) { - stork = new STORK(); - foreign.setSTORK(stork); - - } - - try { - log.error("QAAAA " + storkconfig.getDefaultQaa()); - stork.setQualityAuthenticationAssuranceLevel(storkconfig.getDefaultQaa()); + ForeignIdentities foreign = dbauth.getForeignIdentities(); + if (foreign != null) { + STORK stork = foreign.getSTORK(); + if (stork == null) { + stork = new STORK(); + foreign.setSTORK(stork); - if (storkconfig.getAttributes() != null) - stork.setAttributes(storkconfig.getAttributes()); - - else + } + + try { + log.error("QAAAA " + storkconfig.getDefaultQaa()); + stork.setQualityAuthenticationAssuranceLevel(storkconfig.getDefaultQaa()); + + if (storkconfig.getAttributes() != null) { + List<StorkAttribute> dbStorkAttr = stork.getAttributes(); + if (dbStorkAttr == null) { + dbStorkAttr = new ArrayList<StorkAttribute>(); + stork.setAttributes(dbStorkAttr); + + } + + for (StorkAttribute attr : storkconfig.getAttributes()) { + if (attr != null && MiscUtil.isNotEmpty(attr.getName())) + dbStorkAttr.add(attr); + + else + log.info("Remove null or empty STORK attribute"); + } + + } else stork.setAttributes((List<StorkAttribute>) (new ArrayList<StorkAttribute>())); - if (storkconfig.getCpepslist() != null) - - stork.setCPEPS(storkconfig.getCpepslist()); - else - stork.setCPEPS((List<CPEPS>) (new ArrayList<CPEPS>())); + if (storkconfig.getCpepslist() != null) { + List<CPEPS> dbStorkCPEPS = stork.getCPEPS(); + if (dbStorkCPEPS == null) { + dbStorkCPEPS = new ArrayList<CPEPS>(); + stork.setCPEPS(dbStorkCPEPS); + } + + for (CPEPS cpeps : storkconfig.getCpepslist()) { + if (cpeps != null && MiscUtil.isNotEmpty(cpeps.getURL()) && + MiscUtil.isNotEmpty(cpeps.getCountryCode())) { + + if (cpeps.getCountryCode().equals("CC") && + cpeps.getURL().equals("http://")) + log.info("Remove dummy STORK CPEPS entry."); + + else + dbStorkCPEPS.add(cpeps); + + } else + log.info("Remove null or emtpy STORK CPEPS configuration"); + } - } catch (Exception e) { - e.printStackTrace(); - } - - try{ - log.info("CPEPS LIST: " + storkconfig.getCpepslist().size() ); - log.trace("CPEPS 1:" + storkconfig.getCpepslist().get(0).getCountryCode() +storkconfig.getCpepslist().get(0).getURL()); - } catch (Exception ex) { - log.info("CPEPS LIST is null"); - } - } + } else + stork.setCPEPS((List<CPEPS>) (new ArrayList<CPEPS>())); + + } catch (Exception e) { + e.printStackTrace(); + + } + + try{ + log.info("CPEPS LIST: " + storkconfig.getCpepslist().size() ); + log.trace("CPEPS 1:" + storkconfig.getCpepslist().get(0).getCountryCode() +storkconfig.getCpepslist().get(0).getURL()); + + } catch (Exception ex) { + log.info("CPEPS LIST is null"); + + } + } if (MiscUtil.isNotEmpty(moaconfig.getMandateURL())) { OnlineMandates dbmandate = dbauth.getOnlineMandates(); diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java index d4e8e957d..617e9cf51 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java @@ -367,7 +367,7 @@ public class MOAConfigValidator { check = form.getSsoTarget(); if (MiscUtil.isEmpty(check)) { log.info("Empty SSO Target"); - errors.add(LanguageHelper.getErrorString("validation.general.sso.target.empty", request)); + //errors.add(LanguageHelper.getErrorString("validation.general.sso.target.empty", request)); } else { if (!ValidationHelper.isValidAdminTarget(check)) { diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java index b73859d81..6b5c51e3f 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java @@ -47,31 +47,33 @@ public class StorkConfigValidator { errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.cc", new Object[] {check}, request )); } + + // check url + check = current.getURL(); + if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.validateURL(check)) { + log.info("CPEPS config URL is invalid : " + check); + errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.url", request)); + } + } else { + log.warn("CPEPS config url is empty : " + check); + errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.empty", + new Object[] {check}, request )); + } + } else { log.warn("CPEPS config countrycode is empty : " + check); - errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.empty", - new Object[] {check}, request )); +// errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.empty", +// new Object[] {check}, request )); } - // check url - check = current.getURL(); - if (MiscUtil.isNotEmpty(check)) { - if (!ValidationHelper.validateURL(check)) { - log.info("CPEPS config URL is invalid : " + check); - errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.url", request)); - } - } else { - log.warn("CPEPS config url is empty : " + check); - errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.empty", - new Object[] {check}, request )); - } } if (form.getCpepslist() != null) { // ensure uniqueness of country code for (CPEPS one : form.getCpepslist()) for (CPEPS another : form.getCpepslist()) - if (null != one && null != another) + if (null != one && null != another && one.getCountryCode() != null) if (!one.equals(another) && one.getCountryCode().equals(another.getCountryCode())) { errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.duplicate", request)); break; @@ -90,17 +92,20 @@ public class StorkConfigValidator { // check attributes if (MiscUtil.isNotEmpty(form.getAttributes())) { for(StorkAttribute check : form.getAttributes()) { - String tmp = check.getName().replace("eidas/attributes/", ""); // since eIDaS attributes come with a "/", we need to exclude them from validation. TODO Or should we require the admin to escape them in the UI? - if (ValidationHelper.containsPotentialCSSCharacter(tmp, true)) { - log.warn("default attributes contains potentail XSS characters: " + check); - errors.add(LanguageHelper.getErrorString("validation.stork.requestedattributes", - new Object[] {ValidationHelper.getPotentialCSSCharacter(true)}, request )); - } - if(!tmp.toLowerCase().matches("^[A-Za-z]*$")) { - log.warn("default attributes do not match the requested format : " + check); + if (check != null && MiscUtil.isNotEmpty(check.getName())) { + String tmp = check.getName().replace("eidas/attributes/", ""); // since eIDaS attributes come with a "/", we need to exclude them from validation. TODO Or should we require the admin to escape them in the UI? + if (ValidationHelper.containsPotentialCSSCharacter(tmp, true)) { + log.warn("default attributes contains potentail XSS characters: " + check); errors.add(LanguageHelper.getErrorString("validation.stork.requestedattributes", - new Object[] {check}, request )); - } + new Object[] {ValidationHelper.getPotentialCSSCharacter(true)}, request )); + } + if(!tmp.toLowerCase().matches("^[A-Za-z]*$")) { + log.warn("default attributes do not match the requested format : " + check); + errors.add(LanguageHelper.getErrorString("validation.stork.requestedattributes", + new Object[] {check}, request )); + } + + } } //TODO: STORK attributes check if no attribute is set diff --git a/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp b/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp index ac2c8de5a..45ea159e4 100644 --- a/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp +++ b/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp @@ -288,7 +288,12 @@ <s:iterator value="storkconfig.cpepslist" status="stat"> <tr> <td style="display:none;"><s:textfield name="storkconfig.cpepslist[%{#stat.index}].hjid" value="%{hjid}" cssStyle="display:none;"/></td> - <td><s:property value="%{countryCode}" /></td> + <s:if test="%{countryCode == 'CC'}"> + <td><s:textfield name="storkconfig.cpepslist[%{#stat.index}].countryCode" value="%{countryCode}" cssClass="textfield_short"/></td> + </s:if> + <s:else> + <td><s:property value="%{countryCode}" /></td> + </s:else> <td><s:textfield name="storkconfig.cpepslist[%{#stat.index}].URL" value="%{URL}" cssClass="textfield_long"/></td> <td><s:checkbox name="storkconfig.cpepslist[%{#stat.index}].supportsXMLSignature" value="%{supportsXMLSignature}" /></td> <td><input class="button_narrow" type="button" value="<%=LanguageHelper.getGUIString("webpages.moaconfig.stork.removepeps", request) %>" onclick='this.parentNode.parentNode.parentNode.removeChild(this.parentNode.parentNode);'/></td> diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralMOAIDConfigurationTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralMOAIDConfigurationTask.java index 1c3e0fe13..270d0866c 100644 --- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralMOAIDConfigurationTask.java +++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralMOAIDConfigurationTask.java @@ -435,10 +435,10 @@ public class GeneralMOAIDConfigurationTask extends AbstractTaskValidator impleme check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_SSO_TARGET, getKeyPrefix())); if (MiscUtil.isEmpty(check)) { log.info("Empty SSO Target"); - errors.add(new ValidationObjectIdentifier( - MOAIDConfigurationConstants.GENERAL_AUTH_SSO_TARGET, - "SSO - Target", - LanguageHelper.getErrorString("validation.general.sso.target.empty"))); +// errors.add(new ValidationObjectIdentifier( +// MOAIDConfigurationConstants.GENERAL_AUTH_SSO_TARGET, +// "SSO - Target", +// LanguageHelper.getErrorString("validation.general.sso.target.empty"))); } else { diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralSTORKConfigurationTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralSTORKConfigurationTask.java index 1747e2207..8a1a2925b 100644 --- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralSTORKConfigurationTask.java +++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralSTORKConfigurationTask.java @@ -133,38 +133,40 @@ public static final List<String> KEYWHITELIST; LanguageHelper.getErrorString("validation.stork.cpeps.cc", new Object[] {cc}))); } - } else { - log.warn("CPEPS config countrycode is empty : " + cc); - errors.add(new ValidationObjectIdentifier( - MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST - + "." + cpepsKey, - "STORK - CPEPS Country", - LanguageHelper.getErrorString("validation.stork.cpeps.empty", - new Object[] {cc}))); - } - - // check url - if (MiscUtil.isNotEmpty(url)) { - if (!ValidationHelper.validateURL(url)) { - log.info("CPEPS config URL is invalid : " + url); + + // check url + if (MiscUtil.isNotEmpty(url)) { + if (!ValidationHelper.validateURL(url)) { + log.info("CPEPS config URL is invalid : " + url); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST + + "." + index + "." + + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST_URL, + "STORK - CPEPS URL", + LanguageHelper.getErrorString("validation.stork.cpeps.url"))); + } + } else { + log.warn("CPEPS config url is empty : " + url); errors.add(new ValidationObjectIdentifier( MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST + "." + index + "." + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST_URL, "STORK - CPEPS URL", - LanguageHelper.getErrorString("validation.stork.cpeps.url"))); - } + LanguageHelper.getErrorString("validation.stork.cpeps.empty", + new Object[] {url}))); + + } + } else { - log.warn("CPEPS config url is empty : " + url); - errors.add(new ValidationObjectIdentifier( - MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST - + "." + index + "." - + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST_URL, - "STORK - CPEPS URL", - LanguageHelper.getErrorString("validation.stork.cpeps.empty", - new Object[] {url}))); - - } + log.warn("CPEPS config countrycode is empty : " + cc); +// errors.add(new ValidationObjectIdentifier( +// MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST +// + "." + cpepsKey, +// "STORK - CPEPS Country", +// LanguageHelper.getErrorString("validation.stork.cpeps.empty", +// new Object[] {cc}))); + } + validatedCPeps.put(cc, url); } else { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java index 69c155c1e..140c7aebc 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java @@ -206,7 +206,7 @@ public class StartAuthentificationParameterParser extends MOAIDAuthConstants{ //validate SSO functionality - String domainIdentifier = authConfig.getSSOTagetIdentifier().trim(); + String domainIdentifier = authConfig.getSSOTagetIdentifier(); if (MiscUtil.isEmpty(domainIdentifier) && protocolReq.needSingleSignOnFunctionality()) { //do not use SSO if no Target is set Logger.warn("NO SSO-Target found in configuration. Single Sign-On is deaktivated!"); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java index 210bda3e6..348b1c45a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java @@ -738,13 +738,17 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide */ public String getSSOTagetIdentifier() throws ConfigurationException { try { - return configuration.getStringValue( + String value = configuration.getStringValue( MOAIDConfigurationConstants.GENERAL_AUTH_SSO_TARGET); - + if (MiscUtil.isNotEmpty(value)) + return value.trim(); + } catch (at.gv.egiz.components.configuration.api.ConfigurationException e) { Logger.warn("Single Sign-On Target can not be read from configuration.", e); - return null; + } + + return null; } /** diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java index 7122c6577..f5000581c 100644 --- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java @@ -167,12 +167,14 @@ public class AuthenticationServer extends BaseAuthenticationServer { } String infoboxReadRequest = ""; - if (pendingReq.needSingleSignOnFunctionality()) { - Logger.info("SSO Login requested"); + String ssoDomainIdentifier = authConfig.getSSOTagetIdentifier(); + if (MiscUtil.isNotEmpty(ssoDomainIdentifier) && + pendingReq.needSingleSignOnFunctionality()) { + Logger.debug("SSO Login requested"); //load identityLink with SSO Target boolean isbuisness = false; - String domainIdentifier = authConfig.getSSOTagetIdentifier().trim(); - if (domainIdentifier.startsWith(PREFIX_WPBK)) { + + if (ssoDomainIdentifier.startsWith(PREFIX_WPBK)) { isbuisness = true; } else { @@ -182,10 +184,10 @@ public class AuthenticationServer extends BaseAuthenticationServer { //build ReadInfobox request infoboxReadRequest = new InfoboxReadRequestBuilder().build( - isbuisness, domainIdentifier); + isbuisness, ssoDomainIdentifier); } else { - Logger.info("Non-SSO Login requested"); + Logger.debug("Non-SSO Login requested or SSO not allowed/possible"); //build ReadInfobox request infoboxReadRequest = new InfoboxReadRequestBuilder().build( oaParam.getBusinessService(), oaParam diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferAuthenticationData.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferAuthenticationData.java index f9cb4c636..78cbd788d 100644 --- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferAuthenticationData.java +++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferAuthenticationData.java @@ -49,8 +49,9 @@ public class SSOTransferAuthenticationData implements IAuthData { public SSOTransferAuthenticationData(AuthConfiguration authConfig, AuthenticationSession authSession) throws ConfigurationException { this.authSession = authSession; - String domainIdentifier = authConfig.getSSOTagetIdentifier().trim(); - isIDPPrivateService = domainIdentifier.startsWith(MOAIDAuthConstants.PREFIX_WPBK); + String domainIdentifier = authConfig.getSSOTagetIdentifier(); + if (domainIdentifier != null) + isIDPPrivateService = domainIdentifier.startsWith(MOAIDAuthConstants.PREFIX_WPBK); } |