MOA-ID version 1.1 (initial)

git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/trunk@19 d688527b-c9ab-4aba-bd8d-4036d912da1d

4 files changed, 190 insertions, 0 deletions

diff --git a/id.server/html/auth/WEB-INF/server-config.wsdd b/id.server/html/auth/WEB-INF/server-config.wsdd
new file mode 100644
index 000000000..0344f24f9
--- /dev/null
+++ b/id.server/html/auth/WEB-INF/server-config.wsdd
@@ -0,0 +1,29 @@
+<?xml version="1.0" encoding="UTF-8"?>

+<deployment name="defaultClientConfig"

+            xmlns="http://xml.apache.org/axis/wsdd/"

+            xmlns:java="http://xml.apache.org/axis/wsdd/providers/java"

+            xmlns:handler="http://xml.apache.org/axis/wsdd/providers/handler">

+

+  <handler name="URLMapper" type="java:org.apache.axis.handlers.http.URLMapper"/>

+  <handler name="MsgDispatcher" type="java:org.apache.axis.providers.java.MsgProvider"/>

+  <handler name="HTTPAuthHandler" type="java:org.apache.axis.handlers.http.HTTPAuthHandler"/>

+

+  <service name="GetAuthenticationData" provider="java:MSG">

+    <namespace>urn:oasis:names:tc:SAML:1.0:protocol</namespace>

+    <parameter name="allowedMethods" value="Request"/>

+    <parameter name="className" value="at.gv.egovernment.moa.id.auth.servlet.GetAuthenticationDataService"/>

+    <wsdlFile>/resources/wsdl/MOA-SP-SS-1.0-20020829.wsdl</wsdlFile>

+    <requestFlow>

+    </requestFlow>

+    <responseFlow>

+    </responseFlow>

+  </service>

+

+  <transport name="http">

+    <requestFlow>

+      <handler type="URLMapper"/>

+      <handler type="HTTPAuthHandler"/>

+    </requestFlow>

+  </transport>

+

+</deployment>

diff --git a/id.server/html/auth/WEB-INF/web.xml b/id.server/html/auth/WEB-INF/web.xml
new file mode 100644
index 000000000..9f713408c
--- /dev/null
+++ b/id.server/html/auth/WEB-INF/web.xml
@@ -0,0 +1,88 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE web-app PUBLIC '-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN' 'http://java.sun.com/dtd/web-app_2_3.dtd'>
+<web-app>
+	<display-name>MOA ID Auth</display-name>
+	<description>MOA ID Authentication Service</description>
+	<servlet>
+		<servlet-name>SelectBKU</servlet-name>
+		<display-name>SelectBKU</display-name>
+		<description>Select Bürgerkartenartenumgebung</description>
+		<servlet-class>at.gv.egovernment.moa.id.auth.servlet.SelectBKUServlet</servlet-class>
+	</servlet>
+	<servlet>
+		<servlet-name>StartAuthentication</servlet-name>
+		<display-name>StartAuthentication</display-name>
+		<description>Start authentication process</description>
+		<servlet-class>at.gv.egovernment.moa.id.auth.servlet.StartAuthenticationServlet</servlet-class>
+		<load-on-startup>0</load-on-startup>
+	</servlet>
+	<servlet>
+		<servlet-name>VerifyIdentityLink</servlet-name>
+		<display-name>VerifyIdentityLink</display-name>
+		<description>Verify identity link coming from security layer</description>
+		<servlet-class>at.gv.egovernment.moa.id.auth.servlet.VerifyIdentityLinkServlet</servlet-class>
+	</servlet>
+	<servlet>
+		<servlet-name>VerifyAuthBlock</servlet-name>
+		<display-name>VerifyAuthBlock</display-name>
+		<description>Verify AUTH block coming from security layer</description>
+		<servlet-class>at.gv.egovernment.moa.id.auth.servlet.VerifyAuthenticationBlockServlet</servlet-class>
+	</servlet>
+	<servlet>
+		<servlet-name>ConfigurationUpdate</servlet-name>
+		<display-name>ConfigurationUpdate</display-name>
+		<description>Update MOA-ID Auth configuration from the configuration file</description>
+		<servlet-class>at.gv.egovernment.moa.id.auth.servlet.ConfigurationServlet</servlet-class>
+	</servlet>
+	<servlet>
+		<servlet-name>AxisServlet</servlet-name>
+		<display-name>Apache-Axis Servlet</display-name>
+		<servlet-class>
+      org.apache.axis.transport.http.AxisServlet
+    </servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>SelectBKU</servlet-name>
+		<url-pattern>/SelectBKU</url-pattern>
+	</servlet-mapping>
+	<servlet-mapping>
+		<servlet-name>StartAuthentication</servlet-name>
+		<url-pattern>/StartAuthentication</url-pattern>
+	</servlet-mapping>
+	<servlet-mapping>
+		<servlet-name>VerifyIdentityLink</servlet-name>
+		<url-pattern>/VerifyIdentityLink</url-pattern>
+	</servlet-mapping>
+	<servlet-mapping>
+		<servlet-name>VerifyAuthBlock</servlet-name>
+		<url-pattern>/VerifyAuthBlock</url-pattern>
+	</servlet-mapping>
+	<servlet-mapping>
+		<servlet-name>ConfigurationUpdate</servlet-name>
+		<url-pattern>/ConfigurationUpdate</url-pattern>
+	</servlet-mapping>
+	<servlet-mapping>
+		<servlet-name>AxisServlet</servlet-name>
+		<url-pattern>/services/*</url-pattern>
+	</servlet-mapping>
+	<session-config>
+		<session-timeout>30</session-timeout>
+	</session-config>
+	<error-page>
+		<error-code>500</error-code>
+		<location>/errorpage.jsp</location>
+	</error-page>
+	<security-constraint>
+		<web-resource-collection>
+			<web-resource-name>ConfigurationUpdate</web-resource-name>
+			<url-pattern>/ConfigurationUpdate</url-pattern>
+		</web-resource-collection>
+		<auth-constraint>
+			<role-name>moa-admin</role-name>
+		</auth-constraint>
+	</security-constraint>
+	<login-config>
+		<auth-method>BASIC</auth-method>
+		<realm-name>UserDatabase</realm-name>
+	</login-config>
+</web-app>
diff --git a/id.server/html/auth/errorpage.jsp b/id.server/html/auth/errorpage.jsp
new file mode 100644
index 000000000..a5b05d60e
--- /dev/null
+++ b/id.server/html/auth/errorpage.jsp
@@ -0,0 +1,33 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">

+<html>

+<head>

+<title>Fehler</title>

+</head>

+<% Throwable exceptionThrown = (Throwable)request.getAttribute("ExceptionThrown");

+   String errorMessage = (String)request.getAttribute("ErrorMessage");

+   String wrongParameters = (String)request.getAttribute("WrongParameters");

+%>

+

+<body>

+<h1>Fehler bei der Anmeldung</h1>

+<p>Bei der Anmeldung ist ein Fehler aufgetreten.</p>

+<% if (errorMessage != null) { %>

+<p><%=errorMessage%></p>

+<% } %>

+<% if (exceptionThrown != null) { %>

+<p><%=exceptionThrown.getMessage()%></p>

+<% } %>

+<% if (wrongParameters != null) { %>

+<p>Die Angabe der Parameter ist unvollst&auml;ndig.<br>

+   Beispiele f&uuml;r korrekte Links zur MOA-ID Authentisierung sind:

+</p>

+<p>

+<tt>&lt;a href="https://&lt;MOA-URL&gt;/StartAuthentication?Target=&lt;Gesch&auml;ftsbereich&gt;&amp;OA=&lt;OA-URL&gt;&amp;Template=&lt;Template-URL&gt;&quot;&gt;</tt>

+</p>

+<p>

+<tt>&lt;a href="https://&lt;MOA-URL&gt;/SelectBKU?Target=&lt;Gesch&auml;ftsbereich&gt;&amp;OA=&lt;OA-URL&gt;&amp;Template=&lt;Template-URL&gt;&amp;BKUSelectionTemplate=&lt;BKU-Template-URL&gt;&quot;&gt;</tt>

+</p>

+<p>Die Angabe der Parameter <tt>&quot;Template&quot;</tt> und <tt>&quot;BKUSelectionTemplate&quot;</tt> ist optional.</p>

+<% } %>

+</body>

+</html>
\ No newline at end of file
diff --git a/id.server/html/auth/index.jsp b/id.server/html/auth/index.jsp
new file mode 100644
index 000000000..cb9dde3d9
--- /dev/null
+++ b/id.server/html/auth/index.jsp
@@ -0,0 +1,40 @@
+<html>

+<head>

+<title>MOA ID Auth Sample Login</title>

+</head>

+<body>

+<% 

+  String urlPath = 

+	request.getScheme() + "://" 

+	+ request.getServerName() + ":" + request.getServerPort() 

+	+ request.getContextPath() + "/";

+  String params =

+	"Target=gb&" + 

+	"OA=https://10.16.126.28:9443/moa-id-proxy/index.jsp";

+  String urlStartAuth =

+  	urlPath +

+	"StartAuthentication?" + 

+	params;

+  String templateParam =

+    "&Template=http://10.16.46.108:18080/oa/AuthTemplate.jsp";

+  String urlStartAuthCustom =

+    urlStartAuth +

+    templateParam;

+  String urlSelectBKU = 

+  	urlPath +

+  	"SelectBKU?" +

+  	params;

+  String urlSelectBKUCustom = 

+  	urlSelectBKU +

+  	templateParam +

+  	"&BKUSelectionTemplate=http://10.16.46.108:18080/oa/BKUSelectionTemplate.jsp";

+%>

+<a href="<%=urlStartAuth%>">Log in to sample application</a>

+<br>

+<a href="<%=urlStartAuthCustom%>">Log in to sample application using custom form</a>

+<br>

+<a href="<%=urlSelectBKU%>">Choose BKU (HTMLComplete or HTMLSelect) and log in</a>

+<br>

+<a href="<%=urlSelectBKUCustom%>">Choose BKU (HTMLSelect) using custom form and log in</a>

+</body>

+</html>
\ No newline at end of file