aboutsummaryrefslogtreecommitdiff
path: root/id.server/src/at/gv/egovernment/moa/id/config
diff options
context:
space:
mode:
authorharald.bratko <harald.bratko@d688527b-c9ab-4aba-bd8d-4036d912da1d>2007-01-10 15:37:52 +0000
committerharald.bratko <harald.bratko@d688527b-c9ab-4aba-bd8d-4036d912da1d>2007-01-10 15:37:52 +0000
commit7bba49753c8a44fade100d3676ab0a62372d44e1 (patch)
tree2bb52651b46ea2e85ad7f08ad0759180a2057a9f /id.server/src/at/gv/egovernment/moa/id/config
parent006abfa4f5064a905b14618708768e3aa295f264 (diff)
downloadmoa-id-spss-7bba49753c8a44fade100d3676ab0a62372d44e1.tar.gz
moa-id-spss-7bba49753c8a44fade100d3676ab0a62372d44e1.tar.bz2
moa-id-spss-7bba49753c8a44fade100d3676ab0a62372d44e1.zip
Adapted for MOA-ID 1.4 (validating additional infoboxes).
git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/trunk@769 d688527b-c9ab-4aba-bd8d-4036d912da1d
Diffstat (limited to 'id.server/src/at/gv/egovernment/moa/id/config')
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/config/ConfigurationBuilder.java235
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java58
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java25
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/config/auth/VerifyInfoboxParameter.java362
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/config/auth/VerifyInfoboxParameters.java135
5 files changed, 789 insertions, 26 deletions
diff --git a/id.server/src/at/gv/egovernment/moa/id/config/ConfigurationBuilder.java b/id.server/src/at/gv/egovernment/moa/id/config/ConfigurationBuilder.java
index 7d3a6d4ab..6a9aee0ca 100644
--- a/id.server/src/at/gv/egovernment/moa/id/config/ConfigurationBuilder.java
+++ b/id.server/src/at/gv/egovernment/moa/id/config/ConfigurationBuilder.java
@@ -9,8 +9,12 @@ import java.math.BigInteger;
import java.security.Principal;
import java.util.ArrayList;
import java.util.HashMap;
+import java.util.Hashtable;
+import java.util.Iterator;
import java.util.List;
import java.util.Map;
+import java.util.Set;
+import java.util.Vector;
import org.w3c.dom.Attr;
import org.w3c.dom.Element;
@@ -18,7 +22,11 @@ import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
import org.w3c.dom.traversal.NodeIterator;
+import at.gv.egovernment.moa.id.auth.data.Schema;
+import at.gv.egovernment.moa.id.auth.data.SchemaImpl;
import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
+import at.gv.egovernment.moa.id.config.auth.VerifyInfoboxParameter;
+import at.gv.egovernment.moa.id.config.auth.VerifyInfoboxParameters;
import at.gv.egovernment.moa.id.config.proxy.OAConfiguration;
import at.gv.egovernment.moa.id.config.proxy.OAProxyParameter;
import at.gv.egovernment.moa.id.data.IssuerAndSerial;
@@ -98,8 +106,13 @@ public class ConfigurationBuilder {
ROOT + CONF + "AuthComponent/" + CONF + "MOA-SP/" + CONF + "VerifyAuthBlock/" + CONF + "VerifyTransformsInfoProfileID";
/** an XPATH-Expression */
- private static final String AUTH_IDENTITY_LINK_X509SUBJECTNAME_XPATH =
+ private static final String AUTH_IDENTITY_LINK_X509SUBJECTNAME_XPATH =
ROOT + CONF + "AuthComponent/" + CONF + "IdentityLinkSigners/" + CONF + "X509SubjectName";
+
+ /** an XPATH-Expression */
+ public static final String AUTH_VERIFY_INFOBOXES_XPATH =
+ ROOT + CONF + "AuthComponent/" + CONF + "VerifyInfoboxes";
+
/** an XPATH-Expression */
private static final String PROXY_AUTH_XPATH =
ROOT + CONF + "ProxyComponent/" + CONF + "AuthComponent";
@@ -121,6 +134,8 @@ public class ConfigurationBuilder {
/** an XPATH-Expression */
private static final String OA_AUTH_COMPONENT_TRANSFORMS_INFO_FILENAME_XPATH = CONF + "TransformsInfo/@filename";
/** an XPATH-Expression */
+ private static final String OA_AUTH_COMPONENT_VERIFY_INFOBOXES_XPATH = CONF + "VerifyInfoboxes";
+ /** an XPATH-Expression */
private static final String OA_PROXY_COMPONENT_XPATH = CONF + "ProxyComponent";
/** an XPATH-Expression */
private static final String OA_PROXY_COMPONENT_ABSOLUTE_XPATH = ROOT + CONF + "OnlineApplication/" + CONF + "ProxyComponent";
@@ -183,6 +198,15 @@ public class ConfigurationBuilder {
/** an XPATH-Expression */
private static final String TRUSTED_CA_CERTIFICATES_XPATH =
ROOT + CONF + "TrustedCACertificates";
+
+ /** an XPATH-Expression */
+ private static final String VERIFY_INFOBOXES_DEFAULT_TRUST_PROFILE_XPATH = CONF + "DefaultTrustProfile";
+ /** an XPATH-Expression */
+ private static final String VERIFY_INFOBOXES_TRUST_PROFILE_ID_XPATH = CONF + "TrustProfileID";
+ /** an XPATH-Expression */
+ private static final String VERIFY_INFOBOXES_INFOBOX_XPATH = CONF + "Infobox";
+
+
/**
@@ -386,16 +410,27 @@ public class ConfigurationBuilder {
/**
* Build an array of the OnlineApplication Parameters containing information
* about the authentication component
+ *
+ * @param defaultVerifyInfoboxParameters Default parameters for verifying additional
+ * infoboxes. Maybe <code>null</code>.
+ * @param moaSpIdentityLinkTrustProfileID The ID of the trust profile used for validating
+ * the identity link signer certificate. Needed for
+ * checking if this ID is not used for validating other
+ * infoboxes.
+ *
* @return An OAProxyParameter array containing beans
* with all relevant information for the authentication component of the online
* application
*/
- public OAAuthParameter[] buildOnlineApplicationAuthParameters() throws ConfigurationException {
+ public OAAuthParameter[] buildOnlineApplicationAuthParameters(
+ VerifyInfoboxParameters defaultVerifyInfoboxParameters, String moaSpIdentityLinkTrustProfileID)
+ throws ConfigurationException
+ {
String bkuSelectionTemplateURL =
- XPathUtils.getAttributeValue(configElem_,AUTH_BKUSELECT_TEMPLATE_XPATH,null);
+ XPathUtils.getAttributeValue(configElem_, AUTH_BKUSELECT_TEMPLATE_XPATH, null);
String templateURL =
- XPathUtils.getAttributeValue(configElem_,AUTH_TEMPLATE_XPATH,null);
+ XPathUtils.getAttributeValue(configElem_, AUTH_TEMPLATE_XPATH, null);
List OA_set = new ArrayList();
NodeList OAIter = XPathUtils.selectNodeList(configElem_, OA_XPATH);
@@ -460,7 +495,10 @@ public class ConfigurationBuilder {
oap.setTransformsInfos(loadTransformsInfos(transformsInfoFileNames));
} catch (Exception ex) {
Logger.error("Error loading transforms specified for OA \"" + publicURLPrefix + "\"; using default transforms.");
- }
+ }
+ Node verifyInfoboxParamtersNode = XPathUtils.selectSingleNode(authComponent, OA_AUTH_COMPONENT_VERIFY_INFOBOXES_XPATH);
+ oap.setVerifyInfoboxParameters(buildVerifyInfoboxParameters(
+ verifyInfoboxParamtersNode, defaultVerifyInfoboxParameters, moaSpIdentityLinkTrustProfileID));
}
OA_set.add(oap);
}
@@ -834,6 +872,190 @@ public class ConfigurationBuilder {
identityLinkDomainIdentifier.append(identificationNumber);
return identityLinkDomainIdentifier.toString();
}
+
+ /**
+ * Builds the parameters for verifying additional infoboxes (additional to the
+ * IdentityLink infobox).
+ *
+ * @param verifyInfoboxesElem The <code>VerifyInfoboxes</code> element from the
+ * config file. This maybe the global element or the
+ * elment from an Online application.
+ * @param defaultVerifyInfoboxParameters Default parameters to be used, if no
+ * <code>VerifyInfoboxes</code> element is present.
+ * This only applies to parameters
+ * of an specific online application and is set to
+ * <code>null</code> when building the global parameters.
+ * @param moaSpIdentityLinkTrustProfileID The ID of the trust profile used for validating
+ * the identity link signer certificate. Needed for
+ * checking if this ID is not used for validating other
+ * infoboxes.
+ *
+ * @return A {@link at.gv.egovernment.moa.id.config.auth.VerifyInfoboxParameters VerifyInfoboxParameters}
+ * object needed for verifying additional infoboxes.
+ *
+ * @throws ConfigurationException If the trust profile for validating the identity link
+ * signer certificate is used for validating another infobox.
+ */
+ public VerifyInfoboxParameters buildVerifyInfoboxParameters(
+ Node verifyInfoboxesElem,
+ VerifyInfoboxParameters defaultVerifyInfoboxParameters,
+ String moaSpIdentityLinkTrustProfileID)
+ throws ConfigurationException
+ {
+
+ if ((verifyInfoboxesElem == null) && (defaultVerifyInfoboxParameters == null)) {
+ return null;
+ }
+ Vector identifiers = new Vector();
+ List defaultIdentifiers = null;
+ Map defaultInfoboxParameters = null;
+ if (defaultVerifyInfoboxParameters != null) {
+ defaultIdentifiers = defaultVerifyInfoboxParameters.getIdentifiers();
+ defaultInfoboxParameters = defaultVerifyInfoboxParameters.getInfoboxParameters();
+ }
+ Hashtable infoboxParameters = new Hashtable();
+ if (verifyInfoboxesElem != null) {
+ // get the DefaultTrustProfileID
+ String defaultTrustProfileID = null;
+ Node defaultTrustProfileNode =
+ XPathUtils.selectSingleNode(verifyInfoboxesElem, VERIFY_INFOBOXES_DEFAULT_TRUST_PROFILE_XPATH);
+ if (defaultTrustProfileNode != null) {
+ Node trustProfileIDNode =
+ XPathUtils.selectSingleNode(defaultTrustProfileNode, VERIFY_INFOBOXES_TRUST_PROFILE_ID_XPATH);
+ defaultTrustProfileID = trustProfileIDNode.getFirstChild().getNodeValue();
+ if (defaultTrustProfileID.equals(moaSpIdentityLinkTrustProfileID)) {
+ throw new ConfigurationException("config.15", new Object[] {moaSpIdentityLinkTrustProfileID});
+ }
+ }
+ // get the Infoboxes
+ NodeList infoboxes =
+ XPathUtils.selectNodeList(verifyInfoboxesElem, VERIFY_INFOBOXES_INFOBOX_XPATH);
+ for (int i=0; i<infoboxes.getLength(); i++) {
+ Element infoBoxElem = (Element)infoboxes.item(i);
+ // get the identifier of the infobox
+ String identifier = infoBoxElem.getAttribute("Identifier");
+ identifiers.add(identifier);
+ VerifyInfoboxParameter verifyInfoboxParameter = new VerifyInfoboxParameter(identifier);
+ verifyInfoboxParameter.setFriendlyName(identifier);
+ // get the attributes
+ // (1) required: override global value in any case
+ verifyInfoboxParameter.setRequired(BoolUtils.valueOf(
+ infoBoxElem.getAttribute("required")));
+ // (2) provideStammzahl: override global value in any case
+ verifyInfoboxParameter.setProvideStammzahl(BoolUtils.valueOf(
+ infoBoxElem.getAttribute("provideStammzahl")));
+ // (3) proviedIdentityLink: override global value in any case
+ verifyInfoboxParameter.setProvideIdentityLink(BoolUtils.valueOf(
+ infoBoxElem.getAttribute("provideIdentityLink")));
+ // set default trustprofileID
+ if (defaultTrustProfileID != null) {
+ verifyInfoboxParameter.setTrustProfileID(defaultTrustProfileID);
+ }
+ // get the parameter elements
+ boolean localValidatorClass = false;
+ boolean localFriendlyName = false;
+ List params = DOMUtils.getChildElements(infoBoxElem);
+ Iterator it = params.iterator();
+ while (it.hasNext()) {
+ Element paramElem = (Element)it.next();
+ String paramName = paramElem.getLocalName();
+ if (paramName.equals("FriendlyName")) {
+ verifyInfoboxParameter.setFriendlyName(paramElem.getFirstChild().getNodeValue());
+ localFriendlyName = true;
+ } else if (paramName.equals("TrustProfileID")) {
+ String trustProfileID = paramElem.getFirstChild().getNodeValue();
+ if (trustProfileID != null) {
+ if (trustProfileID.equals(moaSpIdentityLinkTrustProfileID)) {
+ throw new ConfigurationException("config.15", new Object[] {moaSpIdentityLinkTrustProfileID});
+ }
+ verifyInfoboxParameter.setTrustProfileID(trustProfileID);
+ }
+ } else if (paramName.equals("ValidatorClass")) {
+ String validatorClassName = paramElem.getFirstChild().getNodeValue();
+ if (validatorClassName != null) {
+ verifyInfoboxParameter.setValidatorClassName(validatorClassName);
+ localValidatorClass = true;
+ }
+ } else if (paramName.equals("SchemaLocations")) {
+ List schemaElems = DOMUtils.getChildElements(paramElem);
+ List schemaLocations = new Vector(schemaElems.size());
+ Iterator schemaIterator = schemaElems.iterator();
+ while (schemaIterator.hasNext()) {
+ Element schemaElem = (Element)schemaIterator.next();
+ String namespace = schemaElem.getAttribute("namespace");
+ String schemaLocation = schemaElem.getAttribute("schemaLocation");
+ // avoid adding the same schema twice
+ Iterator schemaLocationIterator = schemaLocations.iterator();
+ boolean add = true;
+ while (schemaLocationIterator.hasNext()) {
+ String existingNamespace = ((Schema)schemaLocationIterator.next()).getNamespace();
+ if (namespace.equals(existingNamespace)) {
+ Logger.warn("Multiple schemas specified for namespace \"" + namespace +
+ "\"; only using the first one.");
+ add = false;
+ break;
+ }
+ }
+ if (add) {
+ schemaLocations.add(new SchemaImpl(namespace, schemaLocation));
+ }
+ }
+ verifyInfoboxParameter.setSchemaLocations(schemaLocations);
+ } else if (paramName.equals("ApplicationSpecificParameters")) {
+ verifyInfoboxParameter.setApplicationSpecificParams(paramElem);
+ }
+ }
+ // use default values for those parameters not yet set by local configuration
+ if (defaultInfoboxParameters != null) {
+ Object defaultVerifyIP = defaultInfoboxParameters.get(identifier);
+ if (defaultVerifyIP != null) {
+ VerifyInfoboxParameter defaultVerifyInfoboxParameter =
+ (VerifyInfoboxParameter)defaultVerifyIP;
+ // if no friendly is set, use default
+ if (!localFriendlyName) {
+ verifyInfoboxParameter.setFriendlyName(
+ defaultVerifyInfoboxParameter.getFriendlyName());
+ }
+ // if no TrustProfileID is set, use default, if available
+ if (verifyInfoboxParameter.getTrustProfileID() == null) {
+ verifyInfoboxParameter.setTrustProfileID(
+ defaultVerifyInfoboxParameter.getTrustProfileID());
+ }
+ // if no local validator class is set, use default
+ if (!localValidatorClass) {
+ verifyInfoboxParameter.setValidatorClassName(
+ defaultVerifyInfoboxParameter.getValidatorClassName());
+ }
+ // if no schema locations set, use default
+ if (verifyInfoboxParameter.getSchemaLocations() == null) {
+ verifyInfoboxParameter.setSchemaLocations(
+ defaultVerifyInfoboxParameter.getSchemaLocations());
+ }
+ // if no application specific parameters set, use default
+ if (verifyInfoboxParameter.getApplicationSpecificParams() == null) {
+ verifyInfoboxParameter.setApplicationSpecificParams(
+ defaultVerifyInfoboxParameter.getApplicationSpecificParams());
+ }
+ }
+ }
+ infoboxParameters.put(identifier, verifyInfoboxParameter);
+ }
+ // add the infobox identifiers not present within the local configuration to the
+ // identifier list
+ if (defaultIdentifiers != null) {
+ Iterator identifierIterator = defaultIdentifiers.iterator();
+ while (identifierIterator.hasNext()) {
+ String defaultIdentifier = (String)identifierIterator.next();
+ if (!identifiers.contains(defaultIdentifier)) {
+ identifiers.add(defaultIdentifier);
+ }
+ }
+ }
+ return new VerifyInfoboxParameters(identifiers, infoboxParameters);
+ } else {
+ return new VerifyInfoboxParameters(defaultIdentifiers, infoboxParameters);
+ }
+ }
/**
* Method warn.
@@ -856,6 +1078,5 @@ public class ConfigurationBuilder {
*/
private static void warn(String messageId, Object[] args, Throwable t) {
Logger.warn(MOAIDMessageProvider.getInstance().getMessage(messageId, args), t);
- }
-
+ }
}
diff --git a/id.server/src/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java b/id.server/src/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
index d354ba910..e45d7cba8 100644
--- a/id.server/src/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
+++ b/id.server/src/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
@@ -7,6 +7,7 @@ import java.io.IOException;
import java.io.InputStream;
import java.net.MalformedURLException;
import org.w3c.dom.Element;
+import org.w3c.dom.Node;
import at.gv.egovernment.moa.id.config.ConfigurationBuilder;
import at.gv.egovernment.moa.id.config.ConfigurationException;
@@ -15,6 +16,7 @@ import at.gv.egovernment.moa.id.config.ConnectionParameter;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.DOMUtils;
import at.gv.egovernment.moa.util.FileUtils;
+import at.gv.egovernment.moa.util.XPathUtils;
/**
* A class providing access to the Auth Part of the MOA-ID configuration data.
@@ -116,6 +118,10 @@ public class AuthConfigurationProvider extends ConfigurationProvider {
* X509 SubjectNames which will be trusted
*/
private String[] identityLinkX509SubjectNames;
+ /**
+ * default parameters for verifying additional infoboxes.
+ */
+ private VerifyInfoboxParameters defaultVerifyInfoboxParameters;
/**
* configuration parameters for online applications
@@ -133,6 +139,7 @@ public class AuthConfigurationProvider extends ConfigurationProvider {
* the bku Selection Connection Parameters
*/
private ConnectionParameter bKUConnectionParameter;
+
/**
* Return the single instance of configuration data.
*
@@ -214,24 +221,30 @@ public class AuthConfigurationProvider extends ConfigurationProvider {
throw new ConfigurationException("config.03", null, t);
}
- // build the internal datastructures
- builder = new ConfigurationBuilder(configElem, rootConfigFileDir);
- bKUConnectionParameter = builder.buildAuthBKUConnectionParameter();
- bKUSelectable = (bKUConnectionParameter!=null);
- bKUSelectionType = builder.buildAuthBKUSelectionType();
- genericConfiguration = builder.buildGenericConfiguration();
- transformsInfoFileNames = builder.buildTransformsInfoFileNames(builder.getConfigElem(), ConfigurationBuilder.AUTH_SECLAYER_TRANSFORMS_INFO_FILENAME_XPATH);
- transformsInfos = builder.loadTransformsInfos(transformsInfoFileNames);
- moaSpConnectionParameter = builder.buildMoaSpConnectionParameter();
- moaSpIdentityLinkTrustProfileID = builder.getMoaSpIdentityLinkTrustProfileID();
- moaSpAuthBlockTrustProfileID = builder.getMoaSpAuthBlockTrustProfileID();
- moaSpAuthBlockVerifyTransformsInfoIDs = builder.buildMoaSpAuthBlockVerifyTransformsInfoIDs();
- onlineApplicationAuthParameters = builder.buildOnlineApplicationAuthParameters();
- identityLinkX509SubjectNames = builder.getIdentityLink_X509SubjectNames();
- defaultChainingMode = builder.getDefaultChainingMode();
- chainingModes = builder.buildChainingModes();
- trustedCACertificates = builder.getTrustedCACertificates();
- trustedCACertificates = FileUtils.makeAbsoluteURL(trustedCACertificates, rootConfigFileDir);
+ // build the internal datastructures
+ builder = new ConfigurationBuilder(configElem, rootConfigFileDir);
+ bKUConnectionParameter = builder.buildAuthBKUConnectionParameter();
+ bKUSelectable = (bKUConnectionParameter!=null);
+ bKUSelectionType = builder.buildAuthBKUSelectionType();
+ genericConfiguration = builder.buildGenericConfiguration();
+ transformsInfoFileNames = builder.buildTransformsInfoFileNames(builder.getConfigElem(), ConfigurationBuilder.AUTH_SECLAYER_TRANSFORMS_INFO_FILENAME_XPATH);
+ transformsInfos = builder.loadTransformsInfos(transformsInfoFileNames);
+ moaSpConnectionParameter = builder.buildMoaSpConnectionParameter();
+ moaSpIdentityLinkTrustProfileID = builder.getMoaSpIdentityLinkTrustProfileID();
+ moaSpAuthBlockTrustProfileID = builder.getMoaSpAuthBlockTrustProfileID();
+ moaSpAuthBlockVerifyTransformsInfoIDs = builder.buildMoaSpAuthBlockVerifyTransformsInfoIDs();
+ defaultVerifyInfoboxParameters = null;
+ Node defaultVerifyInfoboxParamtersElem = XPathUtils.selectSingleNode(configElem, ConfigurationBuilder.AUTH_VERIFY_INFOBOXES_XPATH);
+ if (defaultVerifyInfoboxParamtersElem != null) {
+ defaultVerifyInfoboxParameters =
+ builder.buildVerifyInfoboxParameters((Element)defaultVerifyInfoboxParamtersElem, null, moaSpIdentityLinkTrustProfileID);
+ }
+ onlineApplicationAuthParameters = builder.buildOnlineApplicationAuthParameters(defaultVerifyInfoboxParameters, moaSpIdentityLinkTrustProfileID);
+ identityLinkX509SubjectNames = builder.getIdentityLink_X509SubjectNames();
+ defaultChainingMode = builder.getDefaultChainingMode();
+ chainingModes = builder.buildChainingModes();
+ trustedCACertificates = builder.getTrustedCACertificates();
+ trustedCACertificates = FileUtils.makeAbsoluteURL(trustedCACertificates, rootConfigFileDir);
} catch (Throwable t) {
throw new ConfigurationException("config.02", null, t);
@@ -387,4 +400,13 @@ public class AuthConfigurationProvider extends ConfigurationProvider {
return bKUSelectionType;
}
+ /**
+ * Returns the defaultVerifyInfoboxParameters.
+ *
+ * @return The defaultVerifyInfoboxParameters.
+ */
+ public VerifyInfoboxParameters getDefaultVerifyInfoboxParameters() {
+ return defaultVerifyInfoboxParameters;
+ }
+
} \ No newline at end of file
diff --git a/id.server/src/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java b/id.server/src/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
index 4a41f9e75..abdf13dd1 100644
--- a/id.server/src/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
+++ b/id.server/src/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
@@ -64,6 +64,10 @@ public class OAAuthParameter extends OAParameter {
* template for web page "Anmeldung mit B&uuml;rgerkarte"
*/
private String templateURL;
+ /**
+ * Parameters for verifying infoboxes.
+ */
+ private VerifyInfoboxParameters verifyInfoboxParameters;
/**
* Returns <code>true</code> if the Security Layer version is version 1.2,
@@ -157,7 +161,17 @@ public class OAAuthParameter extends OAParameter {
*/
public String getTemplateURL() {
return templateURL;
- }
+ }
+
+ /**
+ * Returns the parameters for verifying additional infoboxes.
+ *
+ * @return The parameters for verifying additional infoboxes.
+ * Maybe <code>null</code>.
+ */
+ public VerifyInfoboxParameters getVerifyInfoboxParameters() {
+ return verifyInfoboxParameters;
+ }
/**
* Sets the security layer version.
@@ -242,4 +256,13 @@ public class OAAuthParameter extends OAParameter {
public void setTemplateURL(String templateURL) {
this.templateURL = templateURL;
}
+
+ /**
+ * Sets the parameters for verifying additonal (to the identitylink infobox) infoboxes.
+ *
+ * @param verifyInfoboxParameters The verifyInfoboxParameters to set.
+ */
+ public void setVerifyInfoboxParameters(VerifyInfoboxParameters verifyInfoboxParameters) {
+ this.verifyInfoboxParameters = verifyInfoboxParameters;
+ }
}
diff --git a/id.server/src/at/gv/egovernment/moa/id/config/auth/VerifyInfoboxParameter.java b/id.server/src/at/gv/egovernment/moa/id/config/auth/VerifyInfoboxParameter.java
new file mode 100644
index 000000000..9caa9519e
--- /dev/null
+++ b/id.server/src/at/gv/egovernment/moa/id/config/auth/VerifyInfoboxParameter.java
@@ -0,0 +1,362 @@
+package at.gv.egovernment.moa.id.config.auth;
+
+import java.io.IOException;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+
+import javax.xml.transform.TransformerException;
+
+import org.w3c.dom.Element;
+
+import at.gv.egovernment.moa.id.auth.data.Schema;
+import at.gv.egovernment.moa.util.DOMUtils;
+import at.gv.egovernment.moa.util.StringUtils;
+
+/**
+ * This class is a container for parameters that maybe needed for verifying an infobox.
+ *
+ * @author Harald Bratko
+ */
+public class VerifyInfoboxParameter {
+
+ /**
+ * The default package name (first part) of a infobox validator class.
+ */
+ public static final String DEFAULT_PACKAGE_TRUNK = "at.gv.egovernment.moa.id.auth.validator.";
+
+ /**
+ * The identifier of the infobox to be verified. This identifier must exactly the
+ * identifier of the infobox returned by BKU.
+ */
+ private String identifier_;
+
+ /**
+ * The friendly name of the infobox.
+ * This name is used within browser messages, thus it should be the german equivalent of
+ * the {@link #identifier_ infobox identifier} (e.g. &quot;<code>Stellvertretungen</code>&quot;
+ * for &quot;<code>Mandates</code>&quot; or &quot;<code>GDAToken</code>&quot; for
+ * &quot;<code>EHSPToken</code>&quot;.
+ * <br>If not specified within the config file the {@link #identifier_ infobox identifier}
+ * will be used.
+ */
+ private String friendlyName_;
+
+ /**
+ * The Id of the TrustProfile to be used for validating certificates.
+ */
+ private String trustProfileID_;
+
+ /**
+ * The full name of the class to be used for verifying the infobox.
+ */
+ private String validatorClassName_;
+
+ /**
+ * Schema location URIs that may be needed by the
+ * validator to parse infobox tokens.
+ * Each entry in the list is a {@link at.gv.egovernment.moa.id.auth.data.Schema Schema}
+ * specifying the location of an XML schema.
+ */
+ private List schemaLocations_;
+
+ /**
+ * Application specific parameters that may be needed for verifying an infobox.
+ */
+ private Element applicationSpecificParams_;
+
+ /**
+ * Specifies if the infobox is be required to be returned by the BKU.
+ */
+ private boolean required_;
+
+ /**
+ * Specifies whether the <code>Stammzahl</code> should be passed to the verifying
+ * application or not.
+ */
+ private boolean provideStammzahl_;
+
+ /**
+ * Specifies whether the <code>identity link</code> should be passed to the verifying
+ * application or not.
+ */
+ private boolean provideIdentityLink_;
+
+ /**
+ * Initializes this VerifiyInfoboxParamater with the given identifier and a default
+ * validator class name.
+ *
+ * @param identifier The identifier of the infobox to be verified.
+ */
+ public VerifyInfoboxParameter(String identifier) {
+ identifier_ = identifier;
+ StringBuffer sb = new StringBuffer(DEFAULT_PACKAGE_TRUNK);
+ sb.append(identifier.toLowerCase());
+ sb.append(".");
+ sb.append(identifier.substring(0, 1).toUpperCase());
+ sb.append(identifier.substring(1));
+ sb.append("Validator");
+ validatorClassName_ = sb.toString();
+ }
+
+ /**
+ * Returns application specific parameters.
+ * Each child element of this element contains a verifying application specific parameter.
+ *
+ * @see #applicationSpecificParams_
+ *
+ * @return Application specific parameters.
+ */
+ public Element getApplicationSpecificParams() {
+ return applicationSpecificParams_;
+ }
+
+ /**
+ * Sets the application specific parameters.
+ *
+ * @see #applicationSpecificParams_
+ *
+ * @param applicationSpecificParams The application specific parameters to set.
+ */
+ public void setApplicationSpecificParams(Element applicationSpecificParams) {
+ applicationSpecificParams_ = applicationSpecificParams;
+ }
+
+ /**
+ * Returns the friendly name.
+ *
+ * @see #friendlyName_
+ *
+ * @return The friendly name.
+ */
+ public String getFriendlyName() {
+ return friendlyName_;
+ }
+
+ /**
+ * Sets the friendly name.
+ *
+ * @param friendlyName The friendly name to set.
+ */
+ public void setFriendlyName(String friendlyName) {
+ friendlyName_ = friendlyName;
+ }
+
+ /**
+ * Returns the infobox identifier.
+ *
+ * @see #identifier_
+ *
+ * @return The infobox identifier.
+ */
+ public String getIdentifier() {
+ return identifier_;
+ }
+
+ /**
+ * Sets the the infobox identifier.
+ *
+ * @see #identifier_
+ *
+ * @param identifier The infobox identifier to set.
+ */
+ public void setIdentifier(String identifier) {
+ identifier_ = identifier;
+ }
+
+ /**
+ * Specifies whether the identity link should be passed to the verifying application
+ * or not.
+ *
+ * @return <code>True</code> if the identity link should be passed to the verifying
+ * application, otherwise <code>false</code>.
+ */
+ public boolean getProvideIdentityLink() {
+ return provideIdentityLink_;
+ }
+
+ /**
+ * Sets the {@link #provideIdentityLink_} parameter.
+ *
+ * @param provideIdentityLink <code>True</code> if the identity link should be passed to
+ * the verifying application, otherwise <code>false</code>.
+ */
+ public void setProvideIdentityLink(boolean provideIdentityLink) {
+ provideIdentityLink_ = provideIdentityLink;
+ }
+
+ /**
+ * Specifies whether the <code>Stammzahl</code> should be passed to the verifying
+ * application or not.
+ *
+ * @return <code>True</code> if the <code>Stammzahl</code> should be passed to the
+ * verifying application, otherwise <code>false</code>.
+ */
+ public boolean getProvideStammzahl() {
+ return provideStammzahl_;
+ }
+
+ /**
+ * Sets the {@link provideStammzahl_} parameter.
+ *
+ * @param provideStammzahl <code>True</code> if the <code>Stammzahl</code> should be
+ * passed to the verifying application, otherwise <code>false</code>.
+ */
+ public void setProvideStammzahl(boolean provideStammzahl) {
+ provideStammzahl_ = provideStammzahl;
+ }
+
+ /**
+ * Specifies whether the infobox is required or not.
+ *
+ * @return <code>True</code> if the infobox is required to be returned by the BKU,
+ * otherwise <code>false</code>.
+ */
+ public boolean isRequired() {
+ return required_;
+ }
+
+ /**
+ * Sets the {@link required_} parameter.
+ *
+ * @param required <code>True</code> if the infobox is required to be returned by the
+ * BKU, otherwise <code>false</code>.
+ */
+ public void setRequired(boolean required) {
+ required_ = required;
+ }
+
+ /**
+ * Schema location URIs that may be needed by the
+ * validator to parse infobox tokens.
+ * Each entry in the list is a {@link at.gv.egovernment.moa.id.auth.data.Schema Schema}
+ * specifying the location of an XML schema.
+ *
+ * @return A list of {@link at.gv.egovernment.moa.id.auth.data.Schema Schema} objects
+ * each of them specifying the location of an XML schema.
+ */
+ public List getSchemaLocations() {
+ return schemaLocations_;
+ }
+
+ /**
+ * Sets the schema locations.
+ *
+ * @see #schemaLocations_
+ *
+ * @param schemaLocations The schema location list to be set.
+ */
+ public void setSchemaLocations(List schemaLocations) {
+ schemaLocations_ = schemaLocations;
+ }
+
+ /**
+ * Returns the ID of the trust profile to be used for verifying certificates.
+ *
+ * @return The ID of the trust profile to be used for verifying certificates.
+ * Maybe <code>null</code>.
+ */
+ public String getTrustProfileID() {
+ return trustProfileID_;
+ }
+
+ /**
+ * Sets the ID of the trust profile to be used for verifying certificates.
+ *
+ * @param trustProfileID The ID of the trust profile to be used for verifying certificates.
+ */
+ public void setTrustProfileID(String trustProfileID) {
+ trustProfileID_ = trustProfileID;
+ }
+
+ /**
+ * Returns the name of the class to be used for verifying this infobox.
+ *
+ * @return The name of the class to be used for verifying this infobox.
+ */
+ public String getValidatorClassName() {
+ return validatorClassName_;
+ }
+
+ /**
+ * Sets the name of the class to be used for verifying this infobox.
+ *
+ * @param validatorClassName The name of the class to be used for verifying this infobox.
+ */
+ public void setValidatorClassName(String validatorClassName) {
+ validatorClassName_ = validatorClassName;
+ }
+
+ /**
+ * Get a string representation of this object.
+ * This method is for debugging purposes only.
+ *
+ * @return A string representation of this object.
+ */
+ public String toString() {
+
+ StringBuffer buffer = new StringBuffer(1024);
+
+ buffer.append(" <Infobox Identifier=\"");
+ buffer.append(identifier_);
+ buffer.append("\" required=\"");
+ buffer.append(required_);
+ buffer.append("\" provideStammzahl=\"");
+ buffer.append(provideStammzahl_);
+ buffer.append("\" provideIdentityLink=\"");
+ buffer.append(provideIdentityLink_);
+ buffer.append("\">");
+ buffer.append("\n");
+ if (friendlyName_ != null) {
+ buffer.append(" <FriendlyName>");
+ buffer.append(friendlyName_);
+ buffer.append("</FriendlyName>");
+ buffer.append("\n");
+ }
+ if (trustProfileID_ != null) {
+ buffer.append(" <TrustProfileID>");
+ buffer.append(trustProfileID_);
+ buffer.append("</TrustProfileID>");
+ buffer.append("\n");
+ }
+ if (validatorClassName_ != null) {
+ buffer.append(" <ValidatorClass>");
+ buffer.append(validatorClassName_);
+ buffer.append("</ValidatorClass>");
+ buffer.append("\n");
+ }
+ if (schemaLocations_ != null) {
+ buffer.append(" <SchemaLocations>");
+ buffer.append("\n");
+ Iterator it = schemaLocations_.iterator();
+ while (it.hasNext()) {
+ buffer.append(" <Schema namespace=\"");
+ Schema schema = (Schema)it.next();
+ buffer.append(schema.getNamespace());
+ buffer.append("\" schemaLocation=\"");
+ buffer.append(schema.getSchemaLocation());
+ buffer.append("\"/>\n");
+ }
+ buffer.append(" </SchemaLocations>");
+ buffer.append("\n");
+ }
+ if (applicationSpecificParams_ != null) {
+ try {
+ String applicationSpecificParams = DOMUtils.serializeNode(applicationSpecificParams_);
+ buffer.append(" ");
+ buffer.append(StringUtils.removeXMLDeclaration(applicationSpecificParams));
+ buffer.append("\n");
+ } catch (TransformerException e) {
+ // do nothing
+ } catch (IOException e) {
+ // do nothing
+ }
+ }
+ buffer.append(" </Infobox>");
+
+
+ return buffer.toString() ;
+ }
+
+}
diff --git a/id.server/src/at/gv/egovernment/moa/id/config/auth/VerifyInfoboxParameters.java b/id.server/src/at/gv/egovernment/moa/id/config/auth/VerifyInfoboxParameters.java
new file mode 100644
index 000000000..b9f669196
--- /dev/null
+++ b/id.server/src/at/gv/egovernment/moa/id/config/auth/VerifyInfoboxParameters.java
@@ -0,0 +1,135 @@
+package at.gv.egovernment.moa.id.config.auth;
+
+import java.util.Hashtable;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+
+/**
+ * This class contains the parameters for verifying all the infoboxes configured for an
+ * online application.
+ *
+ * @author Harald Bratko
+ */
+public class VerifyInfoboxParameters {
+
+ /**
+ * A map of {@link VerifyInfoboxParameter} objects.
+ * Each of these objects contains parameters that maybe needed for validating an
+ * infobox.
+ */
+ private Map infoboxParameters_;
+
+ /**
+ * A list of the identifiers of the infoboxes supported by this
+ * VerifyInfoboxParameters;
+ */
+ private List identifiers_;
+
+ /**
+ * Holds the (comma separated) identifiers of those infoboxes MOA-IF is able to validate
+ * in the context of the actual online application.
+ * The string will be added as value of the <code>PushInfobox</code> parameter in the
+ * HTML form used for reading the infoboxes from the BKU.
+ */
+ private String pushInfobox_;
+
+ /**
+ * Initializes this VerifyInfoboxParameters with an empty {@link #infoboxParameters_}
+ * map.
+ */
+ public VerifyInfoboxParameters() {
+ infoboxParameters_ = new Hashtable();
+ pushInfobox_ = "";
+ }
+
+ /**
+ * Initializes this VerifyInfoboxParameters with the given
+ * <code>infoboxParameters</code> map and builds the {@link #pushInfobox_} string
+ * from the keys of the given map.
+ */
+ public VerifyInfoboxParameters(List identifiers, Map infoboxParameters) {
+ identifiers_ = identifiers;
+ infoboxParameters_ = infoboxParameters;
+ // build the pushInfobox string
+ if ((identifiers != null) && (!identifiers.isEmpty())) {
+ StringBuffer identifiersSB = new StringBuffer();
+ int identifiersNum = identifiers.size();
+ int i = 1;
+ Iterator it = identifiers.iterator();
+ while (it.hasNext()) {
+ identifiersSB.append((String)it.next());
+ if (i != identifiersNum) {
+ identifiersSB.append(",");
+ }
+ i++;
+ }
+ pushInfobox_ = identifiersSB.toString();
+ } else {
+ pushInfobox_ = "";
+ }
+ }
+
+ /**
+ * Returns the (comma separated) identifiers of the infoboxes configured for the actual
+ * online application.
+ *
+ * @see #pushInfobox_
+ *
+ * @return The (comma separated) identifiers of the infoboxes configured for the actual
+ * online application.
+ */
+ public String getPushInfobox() {
+ return pushInfobox_;
+ }
+
+ /**
+ * Sets the {@link #pushInfobox_} string.
+ *
+ * @param pushInfobox The pushInfobox string to be set.
+ */
+ public void setPushInfobox(String pushInfobox) {
+ pushInfobox_ = pushInfobox;
+ }
+
+ /**
+ * Returns map of {@link VerifyInfoboxParameter} objects.
+ * Each of these objects contains parameters that maybe needed for validating an
+ * infobox.
+ *
+ * @return The map of {@link VerifyInfoboxParameter} objects.
+ */
+ public Map getInfoboxParameters() {
+ return infoboxParameters_;
+ }
+
+ /**
+ * Sets the map of {@link VerifyInfoboxParameter} objects.
+ *
+ * @see #infoboxParameters_
+ *
+ * @param infoboxParameters The infoboxParameters to set.
+ */
+ public void setInfoboxParameters(Map infoboxParameters) {
+ infoboxParameters_ = infoboxParameters;
+ }
+
+ /**
+ * Returns the identifiers of the supported infoboxes.
+ *
+ * @return The identifiers.
+ */
+ public List getIdentifiers() {
+ return identifiers_;
+ }
+
+ /**
+ * Sets the identifiers.
+ *
+ * @param identifiers The identifiers to set.
+ */
+ public void setIdentifiers(List identifiers) {
+ identifiers_ = identifiers;
+ }
+
+}