diff options
author | harald.bratko <harald.bratko@d688527b-c9ab-4aba-bd8d-4036d912da1d> | 2007-01-10 15:37:52 +0000 |
---|---|---|
committer | harald.bratko <harald.bratko@d688527b-c9ab-4aba-bd8d-4036d912da1d> | 2007-01-10 15:37:52 +0000 |
commit | 7bba49753c8a44fade100d3676ab0a62372d44e1 (patch) | |
tree | 2bb52651b46ea2e85ad7f08ad0759180a2057a9f /id.server/src/at/gv/egovernment/moa/id/config | |
parent | 006abfa4f5064a905b14618708768e3aa295f264 (diff) | |
download | moa-id-spss-7bba49753c8a44fade100d3676ab0a62372d44e1.tar.gz moa-id-spss-7bba49753c8a44fade100d3676ab0a62372d44e1.tar.bz2 moa-id-spss-7bba49753c8a44fade100d3676ab0a62372d44e1.zip |
Adapted for MOA-ID 1.4 (validating additional infoboxes).
git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/trunk@769 d688527b-c9ab-4aba-bd8d-4036d912da1d
Diffstat (limited to 'id.server/src/at/gv/egovernment/moa/id/config')
5 files changed, 789 insertions, 26 deletions
diff --git a/id.server/src/at/gv/egovernment/moa/id/config/ConfigurationBuilder.java b/id.server/src/at/gv/egovernment/moa/id/config/ConfigurationBuilder.java index 7d3a6d4ab..6a9aee0ca 100644 --- a/id.server/src/at/gv/egovernment/moa/id/config/ConfigurationBuilder.java +++ b/id.server/src/at/gv/egovernment/moa/id/config/ConfigurationBuilder.java @@ -9,8 +9,12 @@ import java.math.BigInteger; import java.security.Principal; import java.util.ArrayList; import java.util.HashMap; +import java.util.Hashtable; +import java.util.Iterator; import java.util.List; import java.util.Map; +import java.util.Set; +import java.util.Vector; import org.w3c.dom.Attr; import org.w3c.dom.Element; @@ -18,7 +22,11 @@ import org.w3c.dom.Node; import org.w3c.dom.NodeList; import org.w3c.dom.traversal.NodeIterator; +import at.gv.egovernment.moa.id.auth.data.Schema; +import at.gv.egovernment.moa.id.auth.data.SchemaImpl; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; +import at.gv.egovernment.moa.id.config.auth.VerifyInfoboxParameter; +import at.gv.egovernment.moa.id.config.auth.VerifyInfoboxParameters; import at.gv.egovernment.moa.id.config.proxy.OAConfiguration; import at.gv.egovernment.moa.id.config.proxy.OAProxyParameter; import at.gv.egovernment.moa.id.data.IssuerAndSerial; @@ -98,8 +106,13 @@ public class ConfigurationBuilder { ROOT + CONF + "AuthComponent/" + CONF + "MOA-SP/" + CONF + "VerifyAuthBlock/" + CONF + "VerifyTransformsInfoProfileID"; /** an XPATH-Expression */ - private static final String AUTH_IDENTITY_LINK_X509SUBJECTNAME_XPATH = + private static final String AUTH_IDENTITY_LINK_X509SUBJECTNAME_XPATH = ROOT + CONF + "AuthComponent/" + CONF + "IdentityLinkSigners/" + CONF + "X509SubjectName"; + + /** an XPATH-Expression */ + public static final String AUTH_VERIFY_INFOBOXES_XPATH = + ROOT + CONF + "AuthComponent/" + CONF + "VerifyInfoboxes"; + /** an XPATH-Expression */ private static final String PROXY_AUTH_XPATH = ROOT + CONF + "ProxyComponent/" + CONF + "AuthComponent"; @@ -121,6 +134,8 @@ public class ConfigurationBuilder { /** an XPATH-Expression */ private static final String OA_AUTH_COMPONENT_TRANSFORMS_INFO_FILENAME_XPATH = CONF + "TransformsInfo/@filename"; /** an XPATH-Expression */ + private static final String OA_AUTH_COMPONENT_VERIFY_INFOBOXES_XPATH = CONF + "VerifyInfoboxes"; + /** an XPATH-Expression */ private static final String OA_PROXY_COMPONENT_XPATH = CONF + "ProxyComponent"; /** an XPATH-Expression */ private static final String OA_PROXY_COMPONENT_ABSOLUTE_XPATH = ROOT + CONF + "OnlineApplication/" + CONF + "ProxyComponent"; @@ -183,6 +198,15 @@ public class ConfigurationBuilder { /** an XPATH-Expression */ private static final String TRUSTED_CA_CERTIFICATES_XPATH = ROOT + CONF + "TrustedCACertificates"; + + /** an XPATH-Expression */ + private static final String VERIFY_INFOBOXES_DEFAULT_TRUST_PROFILE_XPATH = CONF + "DefaultTrustProfile"; + /** an XPATH-Expression */ + private static final String VERIFY_INFOBOXES_TRUST_PROFILE_ID_XPATH = CONF + "TrustProfileID"; + /** an XPATH-Expression */ + private static final String VERIFY_INFOBOXES_INFOBOX_XPATH = CONF + "Infobox"; + + /** @@ -386,16 +410,27 @@ public class ConfigurationBuilder { /** * Build an array of the OnlineApplication Parameters containing information * about the authentication component + * + * @param defaultVerifyInfoboxParameters Default parameters for verifying additional + * infoboxes. Maybe <code>null</code>. + * @param moaSpIdentityLinkTrustProfileID The ID of the trust profile used for validating + * the identity link signer certificate. Needed for + * checking if this ID is not used for validating other + * infoboxes. + * * @return An OAProxyParameter array containing beans * with all relevant information for the authentication component of the online * application */ - public OAAuthParameter[] buildOnlineApplicationAuthParameters() throws ConfigurationException { + public OAAuthParameter[] buildOnlineApplicationAuthParameters( + VerifyInfoboxParameters defaultVerifyInfoboxParameters, String moaSpIdentityLinkTrustProfileID) + throws ConfigurationException + { String bkuSelectionTemplateURL = - XPathUtils.getAttributeValue(configElem_,AUTH_BKUSELECT_TEMPLATE_XPATH,null); + XPathUtils.getAttributeValue(configElem_, AUTH_BKUSELECT_TEMPLATE_XPATH, null); String templateURL = - XPathUtils.getAttributeValue(configElem_,AUTH_TEMPLATE_XPATH,null); + XPathUtils.getAttributeValue(configElem_, AUTH_TEMPLATE_XPATH, null); List OA_set = new ArrayList(); NodeList OAIter = XPathUtils.selectNodeList(configElem_, OA_XPATH); @@ -460,7 +495,10 @@ public class ConfigurationBuilder { oap.setTransformsInfos(loadTransformsInfos(transformsInfoFileNames)); } catch (Exception ex) { Logger.error("Error loading transforms specified for OA \"" + publicURLPrefix + "\"; using default transforms."); - } + } + Node verifyInfoboxParamtersNode = XPathUtils.selectSingleNode(authComponent, OA_AUTH_COMPONENT_VERIFY_INFOBOXES_XPATH); + oap.setVerifyInfoboxParameters(buildVerifyInfoboxParameters( + verifyInfoboxParamtersNode, defaultVerifyInfoboxParameters, moaSpIdentityLinkTrustProfileID)); } OA_set.add(oap); } @@ -834,6 +872,190 @@ public class ConfigurationBuilder { identityLinkDomainIdentifier.append(identificationNumber); return identityLinkDomainIdentifier.toString(); } + + /** + * Builds the parameters for verifying additional infoboxes (additional to the + * IdentityLink infobox). + * + * @param verifyInfoboxesElem The <code>VerifyInfoboxes</code> element from the + * config file. This maybe the global element or the + * elment from an Online application. + * @param defaultVerifyInfoboxParameters Default parameters to be used, if no + * <code>VerifyInfoboxes</code> element is present. + * This only applies to parameters + * of an specific online application and is set to + * <code>null</code> when building the global parameters. + * @param moaSpIdentityLinkTrustProfileID The ID of the trust profile used for validating + * the identity link signer certificate. Needed for + * checking if this ID is not used for validating other + * infoboxes. + * + * @return A {@link at.gv.egovernment.moa.id.config.auth.VerifyInfoboxParameters VerifyInfoboxParameters} + * object needed for verifying additional infoboxes. + * + * @throws ConfigurationException If the trust profile for validating the identity link + * signer certificate is used for validating another infobox. + */ + public VerifyInfoboxParameters buildVerifyInfoboxParameters( + Node verifyInfoboxesElem, + VerifyInfoboxParameters defaultVerifyInfoboxParameters, + String moaSpIdentityLinkTrustProfileID) + throws ConfigurationException + { + + if ((verifyInfoboxesElem == null) && (defaultVerifyInfoboxParameters == null)) { + return null; + } + Vector identifiers = new Vector(); + List defaultIdentifiers = null; + Map defaultInfoboxParameters = null; + if (defaultVerifyInfoboxParameters != null) { + defaultIdentifiers = defaultVerifyInfoboxParameters.getIdentifiers(); + defaultInfoboxParameters = defaultVerifyInfoboxParameters.getInfoboxParameters(); + } + Hashtable infoboxParameters = new Hashtable(); + if (verifyInfoboxesElem != null) { + // get the DefaultTrustProfileID + String defaultTrustProfileID = null; + Node defaultTrustProfileNode = + XPathUtils.selectSingleNode(verifyInfoboxesElem, VERIFY_INFOBOXES_DEFAULT_TRUST_PROFILE_XPATH); + if (defaultTrustProfileNode != null) { + Node trustProfileIDNode = + XPathUtils.selectSingleNode(defaultTrustProfileNode, VERIFY_INFOBOXES_TRUST_PROFILE_ID_XPATH); + defaultTrustProfileID = trustProfileIDNode.getFirstChild().getNodeValue(); + if (defaultTrustProfileID.equals(moaSpIdentityLinkTrustProfileID)) { + throw new ConfigurationException("config.15", new Object[] {moaSpIdentityLinkTrustProfileID}); + } + } + // get the Infoboxes + NodeList infoboxes = + XPathUtils.selectNodeList(verifyInfoboxesElem, VERIFY_INFOBOXES_INFOBOX_XPATH); + for (int i=0; i<infoboxes.getLength(); i++) { + Element infoBoxElem = (Element)infoboxes.item(i); + // get the identifier of the infobox + String identifier = infoBoxElem.getAttribute("Identifier"); + identifiers.add(identifier); + VerifyInfoboxParameter verifyInfoboxParameter = new VerifyInfoboxParameter(identifier); + verifyInfoboxParameter.setFriendlyName(identifier); + // get the attributes + // (1) required: override global value in any case + verifyInfoboxParameter.setRequired(BoolUtils.valueOf( + infoBoxElem.getAttribute("required"))); + // (2) provideStammzahl: override global value in any case + verifyInfoboxParameter.setProvideStammzahl(BoolUtils.valueOf( + infoBoxElem.getAttribute("provideStammzahl"))); + // (3) proviedIdentityLink: override global value in any case + verifyInfoboxParameter.setProvideIdentityLink(BoolUtils.valueOf( + infoBoxElem.getAttribute("provideIdentityLink"))); + // set default trustprofileID + if (defaultTrustProfileID != null) { + verifyInfoboxParameter.setTrustProfileID(defaultTrustProfileID); + } + // get the parameter elements + boolean localValidatorClass = false; + boolean localFriendlyName = false; + List params = DOMUtils.getChildElements(infoBoxElem); + Iterator it = params.iterator(); + while (it.hasNext()) { + Element paramElem = (Element)it.next(); + String paramName = paramElem.getLocalName(); + if (paramName.equals("FriendlyName")) { + verifyInfoboxParameter.setFriendlyName(paramElem.getFirstChild().getNodeValue()); + localFriendlyName = true; + } else if (paramName.equals("TrustProfileID")) { + String trustProfileID = paramElem.getFirstChild().getNodeValue(); + if (trustProfileID != null) { + if (trustProfileID.equals(moaSpIdentityLinkTrustProfileID)) { + throw new ConfigurationException("config.15", new Object[] {moaSpIdentityLinkTrustProfileID}); + } + verifyInfoboxParameter.setTrustProfileID(trustProfileID); + } + } else if (paramName.equals("ValidatorClass")) { + String validatorClassName = paramElem.getFirstChild().getNodeValue(); + if (validatorClassName != null) { + verifyInfoboxParameter.setValidatorClassName(validatorClassName); + localValidatorClass = true; + } + } else if (paramName.equals("SchemaLocations")) { + List schemaElems = DOMUtils.getChildElements(paramElem); + List schemaLocations = new Vector(schemaElems.size()); + Iterator schemaIterator = schemaElems.iterator(); + while (schemaIterator.hasNext()) { + Element schemaElem = (Element)schemaIterator.next(); + String namespace = schemaElem.getAttribute("namespace"); + String schemaLocation = schemaElem.getAttribute("schemaLocation"); + // avoid adding the same schema twice + Iterator schemaLocationIterator = schemaLocations.iterator(); + boolean add = true; + while (schemaLocationIterator.hasNext()) { + String existingNamespace = ((Schema)schemaLocationIterator.next()).getNamespace(); + if (namespace.equals(existingNamespace)) { + Logger.warn("Multiple schemas specified for namespace \"" + namespace + + "\"; only using the first one."); + add = false; + break; + } + } + if (add) { + schemaLocations.add(new SchemaImpl(namespace, schemaLocation)); + } + } + verifyInfoboxParameter.setSchemaLocations(schemaLocations); + } else if (paramName.equals("ApplicationSpecificParameters")) { + verifyInfoboxParameter.setApplicationSpecificParams(paramElem); + } + } + // use default values for those parameters not yet set by local configuration + if (defaultInfoboxParameters != null) { + Object defaultVerifyIP = defaultInfoboxParameters.get(identifier); + if (defaultVerifyIP != null) { + VerifyInfoboxParameter defaultVerifyInfoboxParameter = + (VerifyInfoboxParameter)defaultVerifyIP; + // if no friendly is set, use default + if (!localFriendlyName) { + verifyInfoboxParameter.setFriendlyName( + defaultVerifyInfoboxParameter.getFriendlyName()); + } + // if no TrustProfileID is set, use default, if available + if (verifyInfoboxParameter.getTrustProfileID() == null) { + verifyInfoboxParameter.setTrustProfileID( + defaultVerifyInfoboxParameter.getTrustProfileID()); + } + // if no local validator class is set, use default + if (!localValidatorClass) { + verifyInfoboxParameter.setValidatorClassName( + defaultVerifyInfoboxParameter.getValidatorClassName()); + } + // if no schema locations set, use default + if (verifyInfoboxParameter.getSchemaLocations() == null) { + verifyInfoboxParameter.setSchemaLocations( + defaultVerifyInfoboxParameter.getSchemaLocations()); + } + // if no application specific parameters set, use default + if (verifyInfoboxParameter.getApplicationSpecificParams() == null) { + verifyInfoboxParameter.setApplicationSpecificParams( + defaultVerifyInfoboxParameter.getApplicationSpecificParams()); + } + } + } + infoboxParameters.put(identifier, verifyInfoboxParameter); + } + // add the infobox identifiers not present within the local configuration to the + // identifier list + if (defaultIdentifiers != null) { + Iterator identifierIterator = defaultIdentifiers.iterator(); + while (identifierIterator.hasNext()) { + String defaultIdentifier = (String)identifierIterator.next(); + if (!identifiers.contains(defaultIdentifier)) { + identifiers.add(defaultIdentifier); + } + } + } + return new VerifyInfoboxParameters(identifiers, infoboxParameters); + } else { + return new VerifyInfoboxParameters(defaultIdentifiers, infoboxParameters); + } + } /** * Method warn. @@ -856,6 +1078,5 @@ public class ConfigurationBuilder { */ private static void warn(String messageId, Object[] args, Throwable t) { Logger.warn(MOAIDMessageProvider.getInstance().getMessage(messageId, args), t); - } - + } } diff --git a/id.server/src/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java b/id.server/src/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java index d354ba910..e45d7cba8 100644 --- a/id.server/src/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java +++ b/id.server/src/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java @@ -7,6 +7,7 @@ import java.io.IOException; import java.io.InputStream; import java.net.MalformedURLException; import org.w3c.dom.Element; +import org.w3c.dom.Node; import at.gv.egovernment.moa.id.config.ConfigurationBuilder; import at.gv.egovernment.moa.id.config.ConfigurationException; @@ -15,6 +16,7 @@ import at.gv.egovernment.moa.id.config.ConnectionParameter; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.DOMUtils; import at.gv.egovernment.moa.util.FileUtils; +import at.gv.egovernment.moa.util.XPathUtils; /** * A class providing access to the Auth Part of the MOA-ID configuration data. @@ -116,6 +118,10 @@ public class AuthConfigurationProvider extends ConfigurationProvider { * X509 SubjectNames which will be trusted */ private String[] identityLinkX509SubjectNames; + /** + * default parameters for verifying additional infoboxes. + */ + private VerifyInfoboxParameters defaultVerifyInfoboxParameters; /** * configuration parameters for online applications @@ -133,6 +139,7 @@ public class AuthConfigurationProvider extends ConfigurationProvider { * the bku Selection Connection Parameters */ private ConnectionParameter bKUConnectionParameter; + /** * Return the single instance of configuration data. * @@ -214,24 +221,30 @@ public class AuthConfigurationProvider extends ConfigurationProvider { throw new ConfigurationException("config.03", null, t); } - // build the internal datastructures - builder = new ConfigurationBuilder(configElem, rootConfigFileDir); - bKUConnectionParameter = builder.buildAuthBKUConnectionParameter(); - bKUSelectable = (bKUConnectionParameter!=null); - bKUSelectionType = builder.buildAuthBKUSelectionType(); - genericConfiguration = builder.buildGenericConfiguration(); - transformsInfoFileNames = builder.buildTransformsInfoFileNames(builder.getConfigElem(), ConfigurationBuilder.AUTH_SECLAYER_TRANSFORMS_INFO_FILENAME_XPATH); - transformsInfos = builder.loadTransformsInfos(transformsInfoFileNames); - moaSpConnectionParameter = builder.buildMoaSpConnectionParameter(); - moaSpIdentityLinkTrustProfileID = builder.getMoaSpIdentityLinkTrustProfileID(); - moaSpAuthBlockTrustProfileID = builder.getMoaSpAuthBlockTrustProfileID(); - moaSpAuthBlockVerifyTransformsInfoIDs = builder.buildMoaSpAuthBlockVerifyTransformsInfoIDs(); - onlineApplicationAuthParameters = builder.buildOnlineApplicationAuthParameters(); - identityLinkX509SubjectNames = builder.getIdentityLink_X509SubjectNames(); - defaultChainingMode = builder.getDefaultChainingMode(); - chainingModes = builder.buildChainingModes(); - trustedCACertificates = builder.getTrustedCACertificates(); - trustedCACertificates = FileUtils.makeAbsoluteURL(trustedCACertificates, rootConfigFileDir); + // build the internal datastructures + builder = new ConfigurationBuilder(configElem, rootConfigFileDir); + bKUConnectionParameter = builder.buildAuthBKUConnectionParameter(); + bKUSelectable = (bKUConnectionParameter!=null); + bKUSelectionType = builder.buildAuthBKUSelectionType(); + genericConfiguration = builder.buildGenericConfiguration(); + transformsInfoFileNames = builder.buildTransformsInfoFileNames(builder.getConfigElem(), ConfigurationBuilder.AUTH_SECLAYER_TRANSFORMS_INFO_FILENAME_XPATH); + transformsInfos = builder.loadTransformsInfos(transformsInfoFileNames); + moaSpConnectionParameter = builder.buildMoaSpConnectionParameter(); + moaSpIdentityLinkTrustProfileID = builder.getMoaSpIdentityLinkTrustProfileID(); + moaSpAuthBlockTrustProfileID = builder.getMoaSpAuthBlockTrustProfileID(); + moaSpAuthBlockVerifyTransformsInfoIDs = builder.buildMoaSpAuthBlockVerifyTransformsInfoIDs(); + defaultVerifyInfoboxParameters = null; + Node defaultVerifyInfoboxParamtersElem = XPathUtils.selectSingleNode(configElem, ConfigurationBuilder.AUTH_VERIFY_INFOBOXES_XPATH); + if (defaultVerifyInfoboxParamtersElem != null) { + defaultVerifyInfoboxParameters = + builder.buildVerifyInfoboxParameters((Element)defaultVerifyInfoboxParamtersElem, null, moaSpIdentityLinkTrustProfileID); + } + onlineApplicationAuthParameters = builder.buildOnlineApplicationAuthParameters(defaultVerifyInfoboxParameters, moaSpIdentityLinkTrustProfileID); + identityLinkX509SubjectNames = builder.getIdentityLink_X509SubjectNames(); + defaultChainingMode = builder.getDefaultChainingMode(); + chainingModes = builder.buildChainingModes(); + trustedCACertificates = builder.getTrustedCACertificates(); + trustedCACertificates = FileUtils.makeAbsoluteURL(trustedCACertificates, rootConfigFileDir); } catch (Throwable t) { throw new ConfigurationException("config.02", null, t); @@ -387,4 +400,13 @@ public class AuthConfigurationProvider extends ConfigurationProvider { return bKUSelectionType; } + /** + * Returns the defaultVerifyInfoboxParameters. + * + * @return The defaultVerifyInfoboxParameters. + */ + public VerifyInfoboxParameters getDefaultVerifyInfoboxParameters() { + return defaultVerifyInfoboxParameters; + } + }
\ No newline at end of file diff --git a/id.server/src/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java b/id.server/src/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java index 4a41f9e75..abdf13dd1 100644 --- a/id.server/src/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java +++ b/id.server/src/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java @@ -64,6 +64,10 @@ public class OAAuthParameter extends OAParameter { * template for web page "Anmeldung mit Bürgerkarte" */ private String templateURL; + /** + * Parameters for verifying infoboxes. + */ + private VerifyInfoboxParameters verifyInfoboxParameters; /** * Returns <code>true</code> if the Security Layer version is version 1.2, @@ -157,7 +161,17 @@ public class OAAuthParameter extends OAParameter { */ public String getTemplateURL() { return templateURL; - } + } + + /** + * Returns the parameters for verifying additional infoboxes. + * + * @return The parameters for verifying additional infoboxes. + * Maybe <code>null</code>. + */ + public VerifyInfoboxParameters getVerifyInfoboxParameters() { + return verifyInfoboxParameters; + } /** * Sets the security layer version. @@ -242,4 +256,13 @@ public class OAAuthParameter extends OAParameter { public void setTemplateURL(String templateURL) { this.templateURL = templateURL; } + + /** + * Sets the parameters for verifying additonal (to the identitylink infobox) infoboxes. + * + * @param verifyInfoboxParameters The verifyInfoboxParameters to set. + */ + public void setVerifyInfoboxParameters(VerifyInfoboxParameters verifyInfoboxParameters) { + this.verifyInfoboxParameters = verifyInfoboxParameters; + } } diff --git a/id.server/src/at/gv/egovernment/moa/id/config/auth/VerifyInfoboxParameter.java b/id.server/src/at/gv/egovernment/moa/id/config/auth/VerifyInfoboxParameter.java new file mode 100644 index 000000000..9caa9519e --- /dev/null +++ b/id.server/src/at/gv/egovernment/moa/id/config/auth/VerifyInfoboxParameter.java @@ -0,0 +1,362 @@ +package at.gv.egovernment.moa.id.config.auth; + +import java.io.IOException; +import java.util.Iterator; +import java.util.List; +import java.util.Map; +import java.util.Set; + +import javax.xml.transform.TransformerException; + +import org.w3c.dom.Element; + +import at.gv.egovernment.moa.id.auth.data.Schema; +import at.gv.egovernment.moa.util.DOMUtils; +import at.gv.egovernment.moa.util.StringUtils; + +/** + * This class is a container for parameters that maybe needed for verifying an infobox. + * + * @author Harald Bratko + */ +public class VerifyInfoboxParameter { + + /** + * The default package name (first part) of a infobox validator class. + */ + public static final String DEFAULT_PACKAGE_TRUNK = "at.gv.egovernment.moa.id.auth.validator."; + + /** + * The identifier of the infobox to be verified. This identifier must exactly the + * identifier of the infobox returned by BKU. + */ + private String identifier_; + + /** + * The friendly name of the infobox. + * This name is used within browser messages, thus it should be the german equivalent of + * the {@link #identifier_ infobox identifier} (e.g. "<code>Stellvertretungen</code>" + * for "<code>Mandates</code>" or "<code>GDAToken</code>" for + * "<code>EHSPToken</code>". + * <br>If not specified within the config file the {@link #identifier_ infobox identifier} + * will be used. + */ + private String friendlyName_; + + /** + * The Id of the TrustProfile to be used for validating certificates. + */ + private String trustProfileID_; + + /** + * The full name of the class to be used for verifying the infobox. + */ + private String validatorClassName_; + + /** + * Schema location URIs that may be needed by the + * validator to parse infobox tokens. + * Each entry in the list is a {@link at.gv.egovernment.moa.id.auth.data.Schema Schema} + * specifying the location of an XML schema. + */ + private List schemaLocations_; + + /** + * Application specific parameters that may be needed for verifying an infobox. + */ + private Element applicationSpecificParams_; + + /** + * Specifies if the infobox is be required to be returned by the BKU. + */ + private boolean required_; + + /** + * Specifies whether the <code>Stammzahl</code> should be passed to the verifying + * application or not. + */ + private boolean provideStammzahl_; + + /** + * Specifies whether the <code>identity link</code> should be passed to the verifying + * application or not. + */ + private boolean provideIdentityLink_; + + /** + * Initializes this VerifiyInfoboxParamater with the given identifier and a default + * validator class name. + * + * @param identifier The identifier of the infobox to be verified. + */ + public VerifyInfoboxParameter(String identifier) { + identifier_ = identifier; + StringBuffer sb = new StringBuffer(DEFAULT_PACKAGE_TRUNK); + sb.append(identifier.toLowerCase()); + sb.append("."); + sb.append(identifier.substring(0, 1).toUpperCase()); + sb.append(identifier.substring(1)); + sb.append("Validator"); + validatorClassName_ = sb.toString(); + } + + /** + * Returns application specific parameters. + * Each child element of this element contains a verifying application specific parameter. + * + * @see #applicationSpecificParams_ + * + * @return Application specific parameters. + */ + public Element getApplicationSpecificParams() { + return applicationSpecificParams_; + } + + /** + * Sets the application specific parameters. + * + * @see #applicationSpecificParams_ + * + * @param applicationSpecificParams The application specific parameters to set. + */ + public void setApplicationSpecificParams(Element applicationSpecificParams) { + applicationSpecificParams_ = applicationSpecificParams; + } + + /** + * Returns the friendly name. + * + * @see #friendlyName_ + * + * @return The friendly name. + */ + public String getFriendlyName() { + return friendlyName_; + } + + /** + * Sets the friendly name. + * + * @param friendlyName The friendly name to set. + */ + public void setFriendlyName(String friendlyName) { + friendlyName_ = friendlyName; + } + + /** + * Returns the infobox identifier. + * + * @see #identifier_ + * + * @return The infobox identifier. + */ + public String getIdentifier() { + return identifier_; + } + + /** + * Sets the the infobox identifier. + * + * @see #identifier_ + * + * @param identifier The infobox identifier to set. + */ + public void setIdentifier(String identifier) { + identifier_ = identifier; + } + + /** + * Specifies whether the identity link should be passed to the verifying application + * or not. + * + * @return <code>True</code> if the identity link should be passed to the verifying + * application, otherwise <code>false</code>. + */ + public boolean getProvideIdentityLink() { + return provideIdentityLink_; + } + + /** + * Sets the {@link #provideIdentityLink_} parameter. + * + * @param provideIdentityLink <code>True</code> if the identity link should be passed to + * the verifying application, otherwise <code>false</code>. + */ + public void setProvideIdentityLink(boolean provideIdentityLink) { + provideIdentityLink_ = provideIdentityLink; + } + + /** + * Specifies whether the <code>Stammzahl</code> should be passed to the verifying + * application or not. + * + * @return <code>True</code> if the <code>Stammzahl</code> should be passed to the + * verifying application, otherwise <code>false</code>. + */ + public boolean getProvideStammzahl() { + return provideStammzahl_; + } + + /** + * Sets the {@link provideStammzahl_} parameter. + * + * @param provideStammzahl <code>True</code> if the <code>Stammzahl</code> should be + * passed to the verifying application, otherwise <code>false</code>. + */ + public void setProvideStammzahl(boolean provideStammzahl) { + provideStammzahl_ = provideStammzahl; + } + + /** + * Specifies whether the infobox is required or not. + * + * @return <code>True</code> if the infobox is required to be returned by the BKU, + * otherwise <code>false</code>. + */ + public boolean isRequired() { + return required_; + } + + /** + * Sets the {@link required_} parameter. + * + * @param required <code>True</code> if the infobox is required to be returned by the + * BKU, otherwise <code>false</code>. + */ + public void setRequired(boolean required) { + required_ = required; + } + + /** + * Schema location URIs that may be needed by the + * validator to parse infobox tokens. + * Each entry in the list is a {@link at.gv.egovernment.moa.id.auth.data.Schema Schema} + * specifying the location of an XML schema. + * + * @return A list of {@link at.gv.egovernment.moa.id.auth.data.Schema Schema} objects + * each of them specifying the location of an XML schema. + */ + public List getSchemaLocations() { + return schemaLocations_; + } + + /** + * Sets the schema locations. + * + * @see #schemaLocations_ + * + * @param schemaLocations The schema location list to be set. + */ + public void setSchemaLocations(List schemaLocations) { + schemaLocations_ = schemaLocations; + } + + /** + * Returns the ID of the trust profile to be used for verifying certificates. + * + * @return The ID of the trust profile to be used for verifying certificates. + * Maybe <code>null</code>. + */ + public String getTrustProfileID() { + return trustProfileID_; + } + + /** + * Sets the ID of the trust profile to be used for verifying certificates. + * + * @param trustProfileID The ID of the trust profile to be used for verifying certificates. + */ + public void setTrustProfileID(String trustProfileID) { + trustProfileID_ = trustProfileID; + } + + /** + * Returns the name of the class to be used for verifying this infobox. + * + * @return The name of the class to be used for verifying this infobox. + */ + public String getValidatorClassName() { + return validatorClassName_; + } + + /** + * Sets the name of the class to be used for verifying this infobox. + * + * @param validatorClassName The name of the class to be used for verifying this infobox. + */ + public void setValidatorClassName(String validatorClassName) { + validatorClassName_ = validatorClassName; + } + + /** + * Get a string representation of this object. + * This method is for debugging purposes only. + * + * @return A string representation of this object. + */ + public String toString() { + + StringBuffer buffer = new StringBuffer(1024); + + buffer.append(" <Infobox Identifier=\""); + buffer.append(identifier_); + buffer.append("\" required=\""); + buffer.append(required_); + buffer.append("\" provideStammzahl=\""); + buffer.append(provideStammzahl_); + buffer.append("\" provideIdentityLink=\""); + buffer.append(provideIdentityLink_); + buffer.append("\">"); + buffer.append("\n"); + if (friendlyName_ != null) { + buffer.append(" <FriendlyName>"); + buffer.append(friendlyName_); + buffer.append("</FriendlyName>"); + buffer.append("\n"); + } + if (trustProfileID_ != null) { + buffer.append(" <TrustProfileID>"); + buffer.append(trustProfileID_); + buffer.append("</TrustProfileID>"); + buffer.append("\n"); + } + if (validatorClassName_ != null) { + buffer.append(" <ValidatorClass>"); + buffer.append(validatorClassName_); + buffer.append("</ValidatorClass>"); + buffer.append("\n"); + } + if (schemaLocations_ != null) { + buffer.append(" <SchemaLocations>"); + buffer.append("\n"); + Iterator it = schemaLocations_.iterator(); + while (it.hasNext()) { + buffer.append(" <Schema namespace=\""); + Schema schema = (Schema)it.next(); + buffer.append(schema.getNamespace()); + buffer.append("\" schemaLocation=\""); + buffer.append(schema.getSchemaLocation()); + buffer.append("\"/>\n"); + } + buffer.append(" </SchemaLocations>"); + buffer.append("\n"); + } + if (applicationSpecificParams_ != null) { + try { + String applicationSpecificParams = DOMUtils.serializeNode(applicationSpecificParams_); + buffer.append(" "); + buffer.append(StringUtils.removeXMLDeclaration(applicationSpecificParams)); + buffer.append("\n"); + } catch (TransformerException e) { + // do nothing + } catch (IOException e) { + // do nothing + } + } + buffer.append(" </Infobox>"); + + + return buffer.toString() ; + } + +} diff --git a/id.server/src/at/gv/egovernment/moa/id/config/auth/VerifyInfoboxParameters.java b/id.server/src/at/gv/egovernment/moa/id/config/auth/VerifyInfoboxParameters.java new file mode 100644 index 000000000..b9f669196 --- /dev/null +++ b/id.server/src/at/gv/egovernment/moa/id/config/auth/VerifyInfoboxParameters.java @@ -0,0 +1,135 @@ +package at.gv.egovernment.moa.id.config.auth; + +import java.util.Hashtable; +import java.util.Iterator; +import java.util.List; +import java.util.Map; + +/** + * This class contains the parameters for verifying all the infoboxes configured for an + * online application. + * + * @author Harald Bratko + */ +public class VerifyInfoboxParameters { + + /** + * A map of {@link VerifyInfoboxParameter} objects. + * Each of these objects contains parameters that maybe needed for validating an + * infobox. + */ + private Map infoboxParameters_; + + /** + * A list of the identifiers of the infoboxes supported by this + * VerifyInfoboxParameters; + */ + private List identifiers_; + + /** + * Holds the (comma separated) identifiers of those infoboxes MOA-IF is able to validate + * in the context of the actual online application. + * The string will be added as value of the <code>PushInfobox</code> parameter in the + * HTML form used for reading the infoboxes from the BKU. + */ + private String pushInfobox_; + + /** + * Initializes this VerifyInfoboxParameters with an empty {@link #infoboxParameters_} + * map. + */ + public VerifyInfoboxParameters() { + infoboxParameters_ = new Hashtable(); + pushInfobox_ = ""; + } + + /** + * Initializes this VerifyInfoboxParameters with the given + * <code>infoboxParameters</code> map and builds the {@link #pushInfobox_} string + * from the keys of the given map. + */ + public VerifyInfoboxParameters(List identifiers, Map infoboxParameters) { + identifiers_ = identifiers; + infoboxParameters_ = infoboxParameters; + // build the pushInfobox string + if ((identifiers != null) && (!identifiers.isEmpty())) { + StringBuffer identifiersSB = new StringBuffer(); + int identifiersNum = identifiers.size(); + int i = 1; + Iterator it = identifiers.iterator(); + while (it.hasNext()) { + identifiersSB.append((String)it.next()); + if (i != identifiersNum) { + identifiersSB.append(","); + } + i++; + } + pushInfobox_ = identifiersSB.toString(); + } else { + pushInfobox_ = ""; + } + } + + /** + * Returns the (comma separated) identifiers of the infoboxes configured for the actual + * online application. + * + * @see #pushInfobox_ + * + * @return The (comma separated) identifiers of the infoboxes configured for the actual + * online application. + */ + public String getPushInfobox() { + return pushInfobox_; + } + + /** + * Sets the {@link #pushInfobox_} string. + * + * @param pushInfobox The pushInfobox string to be set. + */ + public void setPushInfobox(String pushInfobox) { + pushInfobox_ = pushInfobox; + } + + /** + * Returns map of {@link VerifyInfoboxParameter} objects. + * Each of these objects contains parameters that maybe needed for validating an + * infobox. + * + * @return The map of {@link VerifyInfoboxParameter} objects. + */ + public Map getInfoboxParameters() { + return infoboxParameters_; + } + + /** + * Sets the map of {@link VerifyInfoboxParameter} objects. + * + * @see #infoboxParameters_ + * + * @param infoboxParameters The infoboxParameters to set. + */ + public void setInfoboxParameters(Map infoboxParameters) { + infoboxParameters_ = infoboxParameters; + } + + /** + * Returns the identifiers of the supported infoboxes. + * + * @return The identifiers. + */ + public List getIdentifiers() { + return identifiers_; + } + + /** + * Sets the identifiers. + * + * @param identifiers The identifiers to set. + */ + public void setIdentifiers(List identifiers) { + identifiers_ = identifiers; + } + +} |