diff options
| author | kstranacher <kstranacher@d688527b-c9ab-4aba-bd8d-4036d912da1d> | 2012-02-16 19:03:20 +0000 |
|---|---|---|
| committer | kstranacher <kstranacher@d688527b-c9ab-4aba-bd8d-4036d912da1d> | 2012-02-16 19:03:20 +0000 |
| commit | 92709b7a3e7c18583e127d2160cfd96361ac035b (patch) | |
| tree | ef9c5b9f6e6211eb95d75d196c79d32cdbd901d8 | |
| parent | 99ecae7954643c971d8a789a196a5d246507a83e (diff) | |
| download | moa-id-spss-92709b7a3e7c18583e127d2160cfd96361ac035b.tar.gz moa-id-spss-92709b7a3e7c18583e127d2160cfd96361ac035b.tar.bz2 moa-id-spss-92709b7a3e7c18583e127d2160cfd96361ac035b.zip | |
* Update sourceID Parameter
* Blacklist-Übergabe an iaik-moa
* iaik-moa.jar zu repository hinzugefügt
git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/trunk@1250 d688527b-c9ab-4aba-bd8d-4036d912da1d
17 files changed, 100 insertions, 66 deletions
diff --git a/id/server/doc/moa_id/id-anwendung_1.htm b/id/server/doc/moa_id/id-anwendung_1.htm index ad45ff7e1..561f3f556 100644 --- a/id/server/doc/moa_id/id-anwendung_1.htm +++ b/id/server/doc/moa_id/id-anwendung_1.htm @@ -94,7 +94,7 @@ StartAuthentication?Target=<geschäftsbereich> </tr> <tr> <td id="klein2">sourceID=<sourceID></td> - <td id="klein2">optional; Gibt eine sourceID an, die (wenn sie gesetzt ist) in der SAML-Assertion aufscheint</td> + <td id="klein2">optional; Gibt eine sourceID an, die (wenn sie gesetzt ist) zur Berechnung des SAML-Artifacts herangezogen wird.</td> </tr> </tbody> </table> diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java index 5eb23cabc..093d22732 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java @@ -1538,7 +1538,6 @@ public class AuthenticationServer implements MOAIDAuthConstants { session.getBkuURL(), session.getAssertionSignerCertificateBase64(), session.getAssertionBusinessService(), - session.getSourceID(), session.getExtendedSAMLAttributesOA()); authData.setSamlAssertion(samlAssertion); @@ -1554,7 +1553,7 @@ public class AuthenticationServer implements MOAIDAuthConstants { } String samlArtifact = - new SAMLArtifactBuilder().build(session.getAuthURL(), session.getSessionID()); + new SAMLArtifactBuilder().build(session.getAuthURL(), session.getSessionID(), session.getSourceID()); storeAuthenticationData(samlArtifact, authData); // invalidates the authentication session @@ -1717,7 +1716,7 @@ public class AuthenticationServer implements MOAIDAuthConstants { } String samlArtifact = - new SAMLArtifactBuilder().build(session.getAuthURL(), session.getSessionID()); + new SAMLArtifactBuilder().build(session.getAuthURL(), session.getSessionID(), session.getSourceID()); storeAuthenticationData(samlArtifact, authData); // invalidates the authentication session @@ -1816,7 +1815,6 @@ public class AuthenticationServer implements MOAIDAuthConstants { session.getBkuURL(), session.getAssertionSignerCertificateBase64(), session.getAssertionBusinessService(), - session.getSourceID(), session.getExtendedSAMLAttributesOA()); authData.setSamlAssertion(samlAssertion); @@ -1832,7 +1830,7 @@ public class AuthenticationServer implements MOAIDAuthConstants { } String samlArtifact = - new SAMLArtifactBuilder().build(session.getAuthURL(), session.getSessionID()); + new SAMLArtifactBuilder().build(session.getAuthURL(), session.getSessionID(), session.getSourceID()); storeAuthenticationData(samlArtifact, authData); // invalidates the authentication session diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationAssertionBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationAssertionBuilder.java index 410d045f0..bcad65eed 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationAssertionBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationAssertionBuilder.java @@ -114,25 +114,5 @@ public class AuthenticationAssertionBuilder { return sb.toString(); } - /** - * Builds the SAML attributes to be appended to the AUTHBlock or to the SAML assertion - * delivered to the online application. - * The method traverses through the list of given SAML attribute objects and builds an - * XML structure (String representation) for each of the attributes. - * - * @param extendedSAMLAttributes The SAML attributes to be appended to the AUTHBlock or - * to the SAML assertion delivered to the online application. - * @return A string representation including the XML structures of - * the SAML attributes. - * - * @throws ParseException If an error occurs on serializing an SAML attribute. - */ - protected String buildSourceIDSAMLAttributes(String sourceID) throws ParseException { - StringBuffer sb = new StringBuffer(); - if (sourceID!=null) - sb.append(MessageFormat.format( SAML_ATTRIBUTE_NO_NAMESPACE, new Object[] {"SourceID", sourceID})); - - return sb.toString(); - } - + } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java index 7032e09eb..b9e44544d 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java @@ -72,7 +72,6 @@ public class AuthenticationDataAssertionBuilder extends AuthenticationAssertionB "{10}" + "{11}" + "{12}" + - "{13}" + " </saml:AttributeStatement>" + NL + "</saml:Assertion>"; @@ -107,7 +106,6 @@ public class AuthenticationDataAssertionBuilder extends AuthenticationAssertionB "{11}" + "{12}" + "{13}" + - "{14}" + " </saml:AttributeStatement>" + NL + "</saml:Assertion>"; /** @@ -158,7 +156,6 @@ public class AuthenticationDataAssertionBuilder extends AuthenticationAssertionB String bkuURL, String signerCertificateBase64, boolean businessService, - String sourceID, List extendedSAMLAttributes) throws BuildException { @@ -210,7 +207,6 @@ public class AuthenticationDataAssertionBuilder extends AuthenticationAssertionB StringUtils.removeXMLDeclaration(xmlPersonData), isQualifiedCertificate, bkuURL, - buildSourceIDSAMLAttributes(sourceID), publicAuthorityAttribute, signerCertificateAttribute, buildExtendedSAMLAttributes(extendedSAMLAttributes)}); @@ -301,7 +297,6 @@ public class AuthenticationDataAssertionBuilder extends AuthenticationAssertionB StringUtils.removeXMLDeclaration(xmlMandateData), isQualifiedCertificate, bkuURL, - buildSourceIDSAMLAttributes(sourceID), publicAuthorityAttribute, signerCertificateAttribute, buildExtendedSAMLAttributes(extendedSAMLAttributes)}); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilder.java index 41e4cd37d..145664a2b 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilder.java @@ -67,7 +67,7 @@ public class SAMLArtifactBuilder { * of <code>AssertionHandle</code> * @return the 42-byte SAML artifact, encoded BASE64 */ - public String build(String authURL, String sessionID) throws BuildException { + public String build(String authURL, String sessionID, String sourceIdParam) throws BuildException { try { MessageDigest md = MessageDigest.getInstance("SHA-1"); byte[] sourceID; @@ -77,16 +77,45 @@ public class SAMLArtifactBuilder { //System.out.println("alternativeSourceID: " + alternativeSourceID); //System.out.println("authURL: " + authURL); - if (!ParepUtils.isEmpty(alternativeSourceID)) { - // if generic config parameter "AuthenticationServer.SourceID" is given, use that sourceID instead of authURL; - sourceID = md.digest(alternativeSourceID.getBytes()); - Logger.info("Building SAMArtifact from sourceID \"" + alternativeSourceID + "\" instead of authURL \"" + authURL + "\"."); - } else { - sourceID = md.digest(authURL.getBytes()); + // if sourceID is given in GET/POST param - use this as source id + if (!ParepUtils.isEmpty(sourceIdParam)) { + // if GET/POST parameter sourceID is set, use that sourceID instead of authURL; + sourceID = md.digest(sourceIdParam.getBytes()); + Logger.info("Building SAMArtifact from sourceID \"" + sourceIdParam + "\" instead of authURL \"" + authURL + "\"."); + + byte[] assertionHandle = md.digest(sessionID.getBytes()); + ByteArrayOutputStream out = new ByteArrayOutputStream(42); + out.write(0); + out.write(1); + out.write(sourceID, 0, 20); + out.write(assertionHandle, 0, 20); + byte[] samlArtifact = out.toByteArray(); + //System.out.println("samlArtifact: " + new String(samlArtifact)); + String samlArtifactBase64 = Base64Utils.encode(samlArtifact); + //System.out.println("samlArtifact Base64: " + samlArtifactBase64); + return samlArtifactBase64; } - //System.out.println("sourceID: " + new String(sourceID)); + // if generic config parameter "AuthenticationServer.SourceID" is given, use that sourceID instead of authURL; + if (!ParepUtils.isEmpty(alternativeSourceID)) { + sourceID = md.digest(alternativeSourceID.getBytes()); + Logger.info("Building SAMArtifact from sourceID \"" + alternativeSourceID + "\" instead of authURL \"" + authURL + "\"."); + + byte[] assertionHandle = md.digest(sessionID.getBytes()); + ByteArrayOutputStream out = new ByteArrayOutputStream(42); + out.write(0); + out.write(1); + out.write(sourceID, 0, 20); + out.write(assertionHandle, 0, 20); + byte[] samlArtifact = out.toByteArray(); + System.out.println("samlArtifact: " + new String(samlArtifact)); + String samlArtifactBase64 = Base64Utils.encode(samlArtifact); + System.out.println("samlArtifact Base64: " + samlArtifactBase64); + return samlArtifactBase64; + } + // default: sourecID from authURL + sourceID = md.digest(authURL.getBytes()); byte[] assertionHandle = md.digest(sessionID.getBytes()); ByteArrayOutputStream out = new ByteArrayOutputStream(42); out.write(0); @@ -98,6 +127,10 @@ public class SAMLArtifactBuilder { String samlArtifactBase64 = Base64Utils.encode(samlArtifact); //System.out.println("samlArtifact Base64: " + samlArtifactBase64); return samlArtifactBase64; + + //System.out.println("sourceID: " + new String(sourceID)); + + } catch (Throwable ex) { throw new BuildException( diff --git a/id/server/idserverlib/src/test/java/test/abnahme/A/Test300VerifyAuthBlock.java b/id/server/idserverlib/src/test/java/test/abnahme/A/Test300VerifyAuthBlock.java index d9cd13259..a71fe0181 100644 --- a/id/server/idserverlib/src/test/java/test/abnahme/A/Test300VerifyAuthBlock.java +++ b/id/server/idserverlib/src/test/java/test/abnahme/A/Test300VerifyAuthBlock.java @@ -619,7 +619,7 @@ public class Test300VerifyAuthBlock extends AbnahmeTestCase { oaParam.getProvideIdentityLink() ? DOMUtils.serializeNode(identityLink.getSamlAssertion()) : ""; String authBlock = oaParam.getProvideAuthBlock() ? session.getAuthBlock() : ""; String samlAssertion = new AuthenticationDataAssertionBuilder().build( - authData, prPerson, authBlock, ilAssertion, session.getBkuURL(), "", false, null, null); + authData, prPerson, authBlock, ilAssertion, session.getBkuURL(), "", false, null); authData.setSamlAssertion(samlAssertion); return authData; } diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilderTest.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilderTest.java index 979a4aa24..915dc540c 100644 --- a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilderTest.java +++ b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilderTest.java @@ -51,9 +51,9 @@ public class SAMLArtifactBuilderTest extends UnitTestCase { } protected void setUp() throws Exception { builder = new SAMLArtifactBuilder(); - artifact1 = Base64Utils.decode(builder.build(AUTH_URL, SESSION_ID_1), false); - artifact2 = Base64Utils.decode(builder.build(AUTH_URL, SESSION_ID_2), false); - artifact3 = Base64Utils.decode(builder.build(AUTH_URL, SESSION_ID_3), false); + artifact1 = Base64Utils.decode(builder.build(AUTH_URL, SESSION_ID_1, null), false); + artifact2 = Base64Utils.decode(builder.build(AUTH_URL, SESSION_ID_2, null), false); + artifact3 = Base64Utils.decode(builder.build(AUTH_URL, SESSION_ID_3, null), false); } public void testBuildArtifactLength() throws BuildException { @@ -62,7 +62,7 @@ public class SAMLArtifactBuilderTest extends UnitTestCase { assertEquals(42, artifact3.length); } public void testBuildSameArtifact() throws Exception { - byte[] artifact1Clone = Base64Utils.decode(builder.build(AUTH_URL, SESSION_ID_1), false); + byte[] artifact1Clone = Base64Utils.decode(builder.build(AUTH_URL, SESSION_ID_1, null), false); assertEquals(new String(artifact1), new String(artifact1Clone)); } public void testBuildDifferentArtifacts() throws BuildException { diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParserTest.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParserTest.java index 1dab28dea..d34678f0c 100644 --- a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParserTest.java +++ b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParserTest.java @@ -44,7 +44,7 @@ public class SAMLArtifactParserTest extends UnitTestCase { public void testParseTypeCode() throws Exception { String sessionID = Random.nextRandom(); - String samlArtifact = new SAMLArtifactBuilder().build(URL1, sessionID); + String samlArtifact = new SAMLArtifactBuilder().build(URL1, sessionID, null); byte[] typeCode = new SAMLArtifactParser(samlArtifact).parseTypeCode(); assertEquals(typeCode[0], 0); assertEquals(typeCode[1], 1); @@ -52,8 +52,8 @@ public class SAMLArtifactParserTest extends UnitTestCase { public void testParseAssertionHandleSameSessionID() throws Exception { // SAML artifacts for different authURL's but same sessionID MUST give same assertion handle String sessionID = Random.nextRandom(); - String samlArtifact1 = new SAMLArtifactBuilder().build(URL1, sessionID); - String samlArtifact2 = new SAMLArtifactBuilder().build(URL2, sessionID); + String samlArtifact1 = new SAMLArtifactBuilder().build(URL1, sessionID, null); + String samlArtifact2 = new SAMLArtifactBuilder().build(URL2, sessionID, null); String assertionHandle1 = new SAMLArtifactParser(samlArtifact1).parseAssertionHandle(); String assertionHandle2 = new SAMLArtifactParser(samlArtifact2).parseAssertionHandle(); assertEquals(assertionHandle1, assertionHandle2); @@ -62,8 +62,8 @@ public class SAMLArtifactParserTest extends UnitTestCase { // SAML artifacts for same authURL but different sessionID's MUST give different assertion handles String sessionID1 = Random.nextRandom(); String sessionID2 = Random.nextRandom(); - String samlArtifact1 = new SAMLArtifactBuilder().build(URL1, sessionID1); - String samlArtifact2 = new SAMLArtifactBuilder().build(URL1, sessionID2); + String samlArtifact1 = new SAMLArtifactBuilder().build(URL1, sessionID1, null); + String samlArtifact2 = new SAMLArtifactBuilder().build(URL1, sessionID2, null); String assertionHandle1 = new SAMLArtifactParser(samlArtifact1).parseAssertionHandle(); String assertionHandle2 = new SAMLArtifactParser(samlArtifact2).parseAssertionHandle(); assertFalse(assertionHandle1.equals(assertionHandle2)); @@ -71,7 +71,7 @@ public class SAMLArtifactParserTest extends UnitTestCase { public void testParseAssertionHandleSameSAMLArtifact() throws Exception { // SAML artifact parsed twice MUST give same assertion handle each time String sessionID = Random.nextRandom(); - String samlArtifact = new SAMLArtifactBuilder().build(URL1, sessionID); + String samlArtifact = new SAMLArtifactBuilder().build(URL1, sessionID, null); String assertionHandle1 = new SAMLArtifactParser(samlArtifact).parseAssertionHandle(); String assertionHandle2 = new SAMLArtifactParser(samlArtifact).parseAssertionHandle(); assertEquals(assertionHandle1, assertionHandle2); diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/proxy/builder/SAMLRequestBuilderTest.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/proxy/builder/SAMLRequestBuilderTest.java index 73085270f..467c6520e 100644 --- a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/proxy/builder/SAMLRequestBuilderTest.java +++ b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/proxy/builder/SAMLRequestBuilderTest.java @@ -43,7 +43,7 @@ public class SAMLRequestBuilderTest extends UnitTestCase { public void testBuild() throws Exception { String requestID = "123"; - String samlArtifact = new SAMLArtifactBuilder().build("https://moa.gv.at/auth/", "12345678901234567890"); + String samlArtifact = new SAMLArtifactBuilder().build("https://moa.gv.at/auth/", "12345678901234567890", null); String REQUEST_SHOULD = "<samlp:Request xmlns:samlp=\"urn:oasis:names:tc:SAML:1.0:protocol\" RequestID=\"" + requestID + "\" MajorVersion=\"1\" MinorVersion=\"0\" IssueInstant=\"IGNORE\">" + "<samlp:AssertionArtifact>" + samlArtifact + "</samlp:AssertionArtifact>" + @@ -248,7 +248,7 @@ <dependency>
<groupId>iaik.prod</groupId>
<artifactId>iaik_moa</artifactId>
- <version>1.31</version>
+ <version>1.32</version>
<scope>compile</scope>
</dependency>
<dependency>
@@ -266,7 +266,9 @@ <dependency>
<groupId>iaik.prod</groupId>
<artifactId>iaik_ixsil</artifactId>
- <version>1.2.2.4</version>
+ <!-- <version>1.2.2.4</version> -->
+ <!-- Updated properties for blacklist -->
+ <version>1.2.2.4_prop</version>
<scope>compile</scope>
</dependency>
<dependency>
diff --git a/repository/iaik/prod/iaik_moa/1.32/iaik_moa-1.32.jar b/repository/iaik/prod/iaik_moa/1.32/iaik_moa-1.32.jar Binary files differnew file mode 100644 index 000000000..13725f801 --- /dev/null +++ b/repository/iaik/prod/iaik_moa/1.32/iaik_moa-1.32.jar diff --git a/repository/iaik/prod/iaik_moa/1.32/iaik_moa-1.32.pom b/repository/iaik/prod/iaik_moa/1.32/iaik_moa-1.32.pom new file mode 100644 index 000000000..c3de037f4 --- /dev/null +++ b/repository/iaik/prod/iaik_moa/1.32/iaik_moa-1.32.pom @@ -0,0 +1,6 @@ +<?xml version="1.0" encoding="UTF-8"?><project>
+ <modelVersion>4.0.0</modelVersion>
+ <groupId>iaik.prod</groupId>
+ <artifactId>iaik_moa</artifactId>
+ <version>1.32</version>
+</project>
\ No newline at end of file diff --git a/repository/iaik/prod/iaik_moa/maven-metadata-MOA.xml b/repository/iaik/prod/iaik_moa/maven-metadata-MOA.xml index 32e4aad37..6190bccb0 100644 --- a/repository/iaik/prod/iaik_moa/maven-metadata-MOA.xml +++ b/repository/iaik/prod/iaik_moa/maven-metadata-MOA.xml @@ -1,7 +1,7 @@ <?xml version="1.0" encoding="UTF-8"?><metadata> <groupId>iaik.prod</groupId> <artifactId>iaik_moa</artifactId> - <version>1.28</version> + <version>1.32</version> <versioning> <versions> <version>1.23</version> diff --git a/repository/iaik/prod/iaik_moa/maven-metadata-local.xml b/repository/iaik/prod/iaik_moa/maven-metadata-local.xml index ced753edc..44703a321 100644 --- a/repository/iaik/prod/iaik_moa/maven-metadata-local.xml +++ b/repository/iaik/prod/iaik_moa/maven-metadata-local.xml @@ -2,10 +2,10 @@ <metadata> <groupId>iaik.prod</groupId> <artifactId>iaik_moa</artifactId> - <version>1.29</version> + <version>1.32</version> <versioning> <versions> - <version>1.29</version> + <version>1.32</version> </versions> <lastUpdated>20100618102247</lastUpdated> </versioning> diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java index 40416f121..2a2427bbb 100644 --- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java +++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java @@ -29,6 +29,8 @@ import iaik.ixsil.exceptions.URIException; import iaik.ixsil.util.URI; import iaik.pki.pathvalidation.ChainingModes; import iaik.pki.revocation.RevocationSourceTypes; +import iaik.server.modules.xml.BlackListEntry; +import iaik.server.modules.xml.ExternalReferenceChecker; import iaik.utils.RFC2253NameParser; import iaik.utils.RFC2253NameParserException; @@ -385,11 +387,16 @@ public class ConfigurationPartsBuilder { Element permitExtUris = (Element)XPathUtils.selectSingleNode(getConfigElem(), PERMIT_EXTERNAL_URIS_XPATH); // if PermitExternalUris element does not exist - don't allow external uris - if (permitExtUris == null) - return false; - else + if (permitExtUris == null) { + // set permitExtUris for iaik-moa + ExternalReferenceChecker.setPermitExternalURLs(false); + return false; + } + else { + // set permitExtUris for iaik-moa + ExternalReferenceChecker.setPermitExternalURLs(true); return true; - + } } /** @@ -401,6 +408,7 @@ public class ConfigurationPartsBuilder { info("config.33", null); List blacklist = new ArrayList(); + List blackListIaikMoa = new ArrayList(); NodeIterator permitExtIter = XPathUtils.selectNodeIterator( getConfigElem(), @@ -411,11 +419,19 @@ public class ConfigurationPartsBuilder { String host = getElementValue(permitExtElem, CONF + "IP", null); String port = getElementValue(permitExtElem, CONF + "Port", null); - - if (port == null) + BlackListEntry entry =null; + if (port == null) { + entry = new BlackListEntry(host, -1); info("config.34", new Object[]{host}); - else + } + else { + entry = new BlackListEntry(host, new Integer(port).intValue()); info("config.34", new Object[]{host + ":" + port}); + } + + // add entry to iaik-moa blacklist + blackListIaikMoa.add(entry); + String array[] = new String[2]; array[0] = host; @@ -424,6 +440,9 @@ public class ConfigurationPartsBuilder { } + // set blacklist for iaik-moa + ExternalReferenceChecker.setBlacklist(blackListIaikMoa); + if(blacklist.isEmpty()) // no blacklisted uris given info("config.36", null); diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java index a5f861c52..cae1497d6 100644 --- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java +++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java @@ -367,7 +367,7 @@ public class ConfigurationProvider allowExternalUris_= builder.allowExternalUris(); - if (allowExternalUris_) + if (allowExternalUris_) blackListedUris_ = builder.buildPermitExternalUris(); else { info("config.35", null); @@ -375,6 +375,7 @@ public class ConfigurationProvider } + // Set set = crlRetentionIntervals.entrySet(); // Iterator i = set.iterator(); // while(i.hasNext()){ diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/IaikExceptionMapper.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/IaikExceptionMapper.java index 722d5350c..dd5436827 100644 --- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/IaikExceptionMapper.java +++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/IaikExceptionMapper.java @@ -83,7 +83,7 @@ public class IaikExceptionMapper { { iaik.server.modules.xmlverify.SignerCertificateUnavailableException.class, "2243", MOAApplicationException.class }, { iaik.server.modules.xmlverify.SupplementException.class, "2230", MOAApplicationException.class }, { iaik.server.modules.xmlverify.TransformationException.class, "2265", MOAApplicationException.class }, - { iaik.server.modules.xmlverify.TransformationParsingException.class, "2269", MOAApplicationException.class } + { iaik.server.modules.xmlverify.TransformationParsingException.class, "2269", MOAApplicationException.class }, }; /** The single instance of this class. */ |