updated for wbPK

git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/trunk@538 d688527b-c9ab-4aba-bd8d-4036d912da1d
author: peter.danner <peter.danner@d688527b-c9ab-4aba-bd8d-4036d912da1d> 2005-10-30 09:01:22 +0000
committer: peter.danner <peter.danner@d688527b-c9ab-4aba-bd8d-4036d912da1d> 2005-10-30 09:01:22 +0000
commit: fd8f60064e096b3c011cfc18e86a224308d762f7 (patch)
tree: 663148b5c7796512abed02e26d40e7d4356dc15f /id.server/src/at/gv/egovernment/moa/id/proxy/XMLLoginParameterResolverEncryptedData.java
parent: 5d0e89e2aa3b46203fe748b3d34c433afcee72cf (diff)
download: moa-id-spss-fd8f60064e096b3c011cfc18e86a224308d762f7.tar.gz
moa-id-spss-fd8f60064e096b3c011cfc18e86a224308d762f7.tar.bz2
moa-id-spss-fd8f60064e096b3c011cfc18e86a224308d762f7.zip
1 files changed, 149 insertions, 128 deletions
diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/XMLLoginParameterResolverEncryptedData.java b/id.server/src/at/gv/egovernment/moa/id/proxy/XMLLoginParameterResolverEncryptedData.java
index 8a93148bb..a0780358e 100644
--- a/id.server/src/at/gv/egovernment/moa/id/proxy/XMLLoginParameterResolverEncryptedData.java
+++ b/id.server/src/at/gv/egovernment/moa/id/proxy/XMLLoginParameterResolverEncryptedData.java
@@ -5,24 +5,30 @@ import iaik.security.provider.IAIK;
 import java.io.BufferedInputStream;
 import java.io.File;
 import java.io.FileInputStream;
+import java.io.IOException;
 import java.io.InputStream;
 import java.io.UnsupportedEncodingException;
-
-import javax.crypto.Cipher;
-import javax.crypto.BadPaddingException;
-import javax.crypto.IllegalBlockSizeException;
-import javax.crypto.NoSuchPaddingException;
-import javax.crypto.spec.IvParameterSpec;
-
 import java.security.InvalidAlgorithmParameterException;
-import java.security.Key;
 import java.security.InvalidKeyException;
+import java.security.Key;
 import java.security.NoSuchAlgorithmException;
 import java.security.NoSuchProviderException;
 import java.security.Security;
+import java.util.HashMap;
+import java.util.Map;
 
+import javax.crypto.BadPaddingException;
+import javax.crypto.Cipher;
+import javax.crypto.IllegalBlockSizeException;
+import javax.crypto.NoSuchPaddingException;
+import javax.crypto.spec.IvParameterSpec;
+import javax.xml.parsers.ParserConfigurationException;
 
+import org.w3c.dom.Element;
+import org.w3c.dom.NodeList;
+import org.xml.sax.SAXException;
 
+import at.gv.egovernment.moa.id.config.ConfigurationProvider;
 import at.gv.egovernment.moa.id.config.proxy.OAConfiguration;
 import at.gv.egovernment.moa.id.data.AuthenticationData;
 import at.gv.egovernment.moa.logging.Logger;
@@ -31,14 +37,6 @@ import at.gv.egovernment.moa.util.Constants;
 import at.gv.egovernment.moa.util.DOMUtils;
 import at.gv.egovernment.moa.util.FileUtils;
 import at.gv.egovernment.moa.util.URLEncoder;
-import at.gv.egovernment.moa.id.config.ConfigurationProvider;
-
-import java.io.IOException;
-import java.util.*;
-
-import javax.xml.parsers.ParserConfigurationException;
-import org.w3c.dom.*;
-import org.xml.sax.SAXException;
 
 /**
  * XMLLoginParameterResolver an implementation of implementation of interface 
@@ -195,8 +193,8 @@ public class XMLLoginParameterResolverEncryptedData implements LoginParameterRes
   * configuration method
   * @param   	configuration enabled 	enable user mapping to parameter set for the parameter set.
   */
-  public void configure(String configuration) throws LoginParameterResolverException {
-    File idFile;
+  public void configure(String configuration, Boolean businessService) throws LoginParameterResolverException {
+  		File idFile;
 		Element rootElement;
 		
 		Security.addProvider(new IAIK());
@@ -248,7 +246,7 @@ public class XMLLoginParameterResolverEncryptedData implements LoginParameterRes
 			throw new LoginParameterResolverException("config.11",
 				new Object[] { "XMLLoginParameterResolver: parsing problem in file:'" + identityFile + "' ", e.toString() });
     }
-    buildInfo(rootElement);
+    buildInfo(rootElement, businessService.booleanValue());
     isConfigured = true;
   }
 
@@ -330,7 +328,8 @@ public class XMLLoginParameterResolverEncryptedData implements LoginParameterRes
   public Map getAuthenticationHeaders(
     OAConfiguration oaConf,
     AuthenticationData authData,
-    String clientIPAddress) throws LoginParameterResolverException, NotAllowedException {
+    String clientIPAddress,
+    boolean businessService) throws LoginParameterResolverException, NotAllowedException {
 		Map result = new HashMap();
 			
 		if (!isConfigured) {
@@ -339,25 +338,32 @@ public class XMLLoginParameterResolverEncryptedData implements LoginParameterRes
 				identityFile + "' is not configured!", null);
 		}
     
-    //get the Identity of the user
-    String famName = resolveValue("MOAFamilyName", authData, clientIPAddress);
-    String givenName = resolveValue("MOAGivenName", authData, clientIPAddress);
-    String dateOfBirth = resolveValue("MOADateOfBirth", authData, clientIPAddress);
-    String bPK = resolveValue("MOABPK", authData, clientIPAddress);
-    String userid = "";
-    String password = "";
-    LPRParams params = null;
-    boolean userFound = false;
+	    //get the Identity of the user
+	    String famName = resolveValue("MOAFamilyName", authData, clientIPAddress);
+	    String givenName = resolveValue("MOAGivenName", authData, clientIPAddress);
+	    String dateOfBirth = resolveValue("MOADateOfBirth", authData, clientIPAddress);
+	    String bPK ="";
+	    String wType= "";
+	    if (businessService) {
+	    	bPK = resolveValue(MOAWBPK, authData, clientIPAddress);
+	    	wType = "w";
+	    } else {
+	    	bPK = resolveValue(MOABPK, authData, clientIPAddress);
+	    }
+	    String userid = "";
+	    String password = "";
+	    LPRParams params = null;
+	    boolean userFound = false;
 		
-		//try bPK and named search
-		params = bPKIdentitySearch(bPK);
+		//try (w)bPK and named search
+		params = bPKIdentitySearch(bPK, wType);
 
 		if (null == params)
 			params = namedIdentitySearch(famName, givenName, dateOfBirth);
 
 		//if both searches failed, report error.
 		if(null == params)
-			throw new NotAllowedException("User:_bPK:'" +bPK+ ", " + famName + ", " + givenName + "' not authorized.", null);
+			throw new NotAllowedException("User:_" + wType + "bPK:'" +bPK+ ", " + famName + ", " + givenName + "' not authorized.", null);
 
 		//HTTP 401 - Basic Authentication
 		if (oaConf.getAuthType().equals("basic")) {
@@ -395,34 +401,42 @@ public class XMLLoginParameterResolverEncryptedData implements LoginParameterRes
   public Map getAuthenticationParameters(
     OAConfiguration oaConf,
     AuthenticationData authData,
-    String clientIPAddress) throws LoginParameterResolverException, NotAllowedException {
-
-      Map result = new HashMap();
+    String clientIPAddress,
+    boolean businessService) throws LoginParameterResolverException, NotAllowedException {
 
-			if (!isConfigured) {
-				Logger.warn("XMLLoginParameterResolver with configuration '" + identityFile + " is not configured");
-				return result;
-			}
-            
-      String famName = resolveValue("MOAFamilyName", authData, clientIPAddress);
-      String givenName = resolveValue("MOAGivenName", authData, clientIPAddress);
-      String dateOfBirth = resolveValue("MOADateOfBirth", authData, clientIPAddress);
-      String bPK = resolveValue("MOABPK", authData, clientIPAddress);
-      String userid = "";
-      String password = "";
-      LPRParams params = null;
-      
-      //try bPK and named search
-      params = bPKIdentitySearch(bPK);
-
-      if (null == params)
-        params = namedIdentitySearch(famName, givenName, dateOfBirth);
-
-			//if both searches failed, report error.
-			if(null == params)
-				throw new NotAllowedException("User:_bPK:'" +bPK+ ", " + famName + ", " + givenName + "' not authorized.", null);
-    
-		//TODO MOAID XMLLPR URLEncoder.encode
+	Map result = new HashMap();
+	
+	if (!isConfigured) {
+		Logger.warn("XMLLoginParameterResolver with configuration '" + identityFile + " is not configured");
+		return result;
+	}
+        
+	String famName = resolveValue("MOAFamilyName", authData, clientIPAddress);
+	String givenName = resolveValue("MOAGivenName", authData, clientIPAddress);
+	String dateOfBirth = resolveValue("MOADateOfBirth", authData, clientIPAddress);
+	String bPK ="";
+	String wType= "";
+	if (businessService) {
+		bPK = resolveValue(MOAWBPK, authData, clientIPAddress);
+	    wType = "w";
+	} else {
+		bPK = resolveValue(MOABPK, authData, clientIPAddress);
+	}
+	String userid = "";
+	String password = "";
+	LPRParams params = null;
+	  
+	//try (w)bPK and named search
+	params = bPKIdentitySearch(bPK, wType);
+	
+	if (null == params)
+	  params = namedIdentitySearch(famName, givenName, dateOfBirth);
+	
+	//if both searches failed, report error.
+	if(null == params)
+		throw new NotAllowedException("User:_" + wType + "bPK:'" +bPK+ ", " + famName + ", " + givenName + "' not authorized.", null);
+
+	//TODO MOAID XMLLPR URLEncoder.encode
     if (oaConf.getAuthType().equals("param")) {
 			try {
 				if(null != params.getUN()) result.put(XSD_UNATTR, URLEncoder.encode(params.getUN(),"ISO-8859-1"));
@@ -458,7 +472,9 @@ public class XMLLoginParameterResolverEncryptedData implements LoginParameterRes
     if (predicate.equals("MOADateOfBirth"))
       return authData.getDateOfBirth();
     if (predicate.equals("MOABPK"))
-      return authData.getPBK();
+      return authData.getBPK();
+    if (predicate.equals("MOAWBPK"))
+        return authData.getWBPK();
     if (predicate.equals("MOAPublicAuthority"))
       if (authData.isPublicAuthority())
         return "true";
@@ -500,9 +516,11 @@ public class XMLLoginParameterResolverEncryptedData implements LoginParameterRes
 		* buildInfo builds up the internal data mapping between the "Identities" and the "Parameters" from the parsed XML file.
 		* @param root document root element.
 	*/
-  private void buildInfo(Element root) {
+  private void buildInfo(Element root, boolean businessService) {
     NodeList idList = root.getElementsByTagName(XSD_IDELEM);
     NodeList paramList = root.getElementsByTagName(XSD_PARAMELEM);
+	String wType ="";
+    if (businessService) wType = "w"; 
     for (int i = 0; i < idList.getLength(); i++)
       Logger.debug("XMLLoginParameterResolver: LocalName idList: " + idList.item(i).getLocalName());
 
@@ -536,12 +554,22 @@ public class XMLLoginParameterResolverEncryptedData implements LoginParameterRes
         namedMap.put(tmpStr, new LPRParams(tmpBool, tmpElem.getAttribute(XSD_UNATTR), tmpElem.getAttribute(XSD_PWATTR),
         						 tmpElem.getAttribute(XSD_PARAM1ATTR), tmpElem.getAttribute(XSD_PARAM2ATTR), 
         						 tmpElem.getAttribute(XSD_PARAM3ATTR)) );
-      } else { //bPKIdentity Elements
+      } else { 
       	
-        tmpList = tmpElem.getElementsByTagName(XSD_BPKIDELEM);
+      	//(w)bPKIdentity Elements
+      	if (businessService) {
+      		tmpList = tmpElem.getElementsByTagName(XSD_WBPKIDELEM);
+      	} else {
+      		tmpList = tmpElem.getElementsByTagName(XSD_BPKIDELEM);      		
+      	}
         if (1 == tmpList.getLength()) {
           tmpElem = (Element) tmpList.item(0);
-          String tmpStr = tmpElem.getAttribute(XSD_BPKATTR);
+          String tmpStr = "";
+          if (businessService) {
+          	tmpStr = tmpElem.getAttribute(XSD_WBPKATTR);
+          } else {
+          	tmpStr = tmpElem.getAttribute(XSD_BPKATTR);
+          }
           boolean tmpBool = false;
           if (tmpElem.getFirstChild() != null
             && "1".compareTo(tmpElem.getFirstChild().getNodeValue()) == 0)
@@ -557,99 +585,92 @@ public class XMLLoginParameterResolverEncryptedData implements LoginParameterRes
 											 tmpElem.getAttribute(XSD_PARAM1ATTR), tmpElem.getAttribute(XSD_PARAM2ATTR), 
 											 tmpElem.getAttribute(XSD_PARAM3ATTR)) );
         } else {
-          Logger.warn(
-            "XMLLoginParameterResolver: wrong format no Elements " + XSD_NAMEDIDELEM + " or " + XSD_BPKIDELEM + " found");
+	      if (businessService) {
+	        Logger.warn("XMLLoginParameterResolver: wrong format no Elements " + XSD_NAMEDIDELEM + " or " + XSD_WBPKIDELEM + " found");
+	      } else {
+	        Logger.warn("XMLLoginParameterResolver: wrong format no Elements " + XSD_NAMEDIDELEM + " or " + XSD_BPKIDELEM + " found");
+	      }
         }
       }
     }
 
     Logger.debug("namedMap:" + namedMap.toString());
-    Logger.debug("bPKMap:" + bPKMap.toString());
+    Logger.debug(wType + "bPKMap:" + bPKMap.toString());
   }
 
-	/**
-		* searches for a given bPK and returns the appropriate LPRParams structure
-		* @param bPK search argument
-		* @returns LPRParams if bPK could be found in internal mappings or null otherwise.
+  
+  
+  
+  /**
+	* searches for a given bPK and returns the appropriate LPRParams structure
+	* @param bPK search argument
+	* @returns LPRParams if bPK could be found in internal mappings or null otherwise.
 	*/
-	LPRParams bPKIdentitySearch(String bPK) {
-    //search for mapping with bPK of the user 
-    Logger.info("XMLLoginParameterResolver: search for login data mapped to bPK:" + bPK);
-		LPRParams params = (LPRParams) bPKMap.get(bPK);
-    if (null == params) {
-      Logger.info("XMLLoginParameterResolver: params for bPK: " + bPK + " not found!");
-      return null;
-    } else if (params.getEnabled()) {
-      Logger.info("XMLLoginParameterResolver: bPK: " + bPK + "found in list; user is enabled");
-      Logger.debug("XMLLoginParameterResolver: using: " + params.toString());
-      return params;
-    }
-    Logger.info("XMLLoginParameterResolver: bPK: " + bPK + "found in list but user is NOT enabled");
-    return null;
+  LPRParams bPKIdentitySearch(String bPK, String wType) {
+	//search for mapping with (w)bPK of the user 
+	Logger.info("XMLLoginParameterResolver: search for login data mapped to " + wType + "bPK:" + bPK);
+	LPRParams params = (LPRParams) bPKMap.get(bPK);
+	if (null == params) {
+	  Logger.info("XMLLoginParameterResolver: params for " + wType + "bPK: " + bPK + " not found!");
+	  return null;
+	} else if (params.getEnabled()) {
+	  Logger.info("XMLLoginParameterResolver: " + wType + "bPK: " + bPK + "found in list; user is enabled");
+	  Logger.debug("XMLLoginParameterResolver: using: " + params.toString());
+	  return params;
+	}
+	Logger.info("XMLLoginParameterResolver: " + wType + "bPK: " + bPK + "found in list but user is NOT enabled");
+	return null;
   }
 
-	/**
-		* searches for a given namedIdentity and returns the appropriate LPRParams structure
-		* @param surName surname search argument
-		* @param givenName givenname search argument
-		* @param dateOfBirth dateofbirth search argument
-		* @returns LPRParams if bPK could be found in internal mappings or null otherwise.
+  /**
+	* searches for a given namedIdentity and returns the appropriate LPRParams structure
+	* @param surName surname search argument
+	* @param givenName givenname search argument
+	* @param dateOfBirth dateofbirth search argument
+	* @returns LPRParams if (w)bPK could be found in internal mappings or null otherwise.
 	*/
-	LPRParams namedIdentitySearch(String surName, String givenName, String dateOfBirth) {
-    Logger.info("XMLLoginParameterResolver: search for login data for SurName:" + surName + 
-								" GivenName: " + givenName +
-								" DateOfBirth" + dateOfBirth);
-
-		//try first a search with surname, givenname and birthdate
+  LPRParams namedIdentitySearch(String surName, String givenName, String dateOfBirth) {
+    Logger.info("XMLLoginParameterResolver: search for login data for SurName:" + surName + " GivenName: " + givenName + " DateOfBirth" + dateOfBirth);
+	//try first a search with surname, givenname and birthdate
     LPRParams params = (LPRParams) namedMap.get(surName + "," + givenName + "," + dateOfBirth);
     if (null == params) {
-			Logger.debug("XMLLoginParameterResolver: params for Surname: " + surName + " GivenName: " + 
-									givenName + "BirthDate: " +  dateOfBirth + " not found!");
-
-			//try a search with surname, givenname only
-			params = (LPRParams) namedMap.get(surName + "," + givenName + "," + XSD_BIRTHDATEBLANKATTR);
-			if(null == params) {
-				Logger.debug("XMLLoginParameterResolver: params for Surname: " + surName + " GivenName: " + 
-										 givenName + " not found!");
-      	return null;
-    	}
+		Logger.debug("XMLLoginParameterResolver: params for Surname: " + surName + " GivenName: " + givenName + "BirthDate: " +  dateOfBirth + " not found!");
+		//try a search with surname, givenname only
+		params = (LPRParams) namedMap.get(surName + "," + givenName + "," + XSD_BIRTHDATEBLANKATTR);
+		if(null == params) {
+			Logger.debug("XMLLoginParameterResolver: params for Surname: " + surName + " GivenName: " +	 givenName + " not found!");
+			return null;
+		}
     }
 
     if (params.getEnabled()) {
-      Logger.info("XMLLoginParameterResolver: Surname:" + surName
-          + " GivenName: "
-          + givenName
-          + " found in list; user is enabled");
-      Logger.debug("XMLLoginParameterResolver: using: " + params.toString());
-      return params;
+    	Logger.info("XMLLoginParameterResolver: Surname:" + surName + " GivenName: " + givenName + " found in list; user is enabled");
+    	Logger.debug("XMLLoginParameterResolver: using: " + params.toString());
+    	return params;
     }
-    Logger.info(
-      "XMLLoginParameterResolver: SurName:"
-        + surName
-        + " GivenName: "
-        + givenName
-        + "found in list; user is NOT enabled");
+    Logger.info("XMLLoginParameterResolver: SurName:" + surName + " GivenName: " + givenName + "found in list; user is NOT enabled");
     return null;
   }
 
-	//public static final String XSD_MAPPING = "Mapping";
-
+  //public static final String XSD_MAPPING = "Mapping";
   //public static final String XSD_DOCELEM = "MOAIdentities";
   public static final String XSD_IDELEM = "Identity";
   public static final String XSD_NAMEDIDELEM = "NamedIdentity";
   public static final String XSD_BPKIDELEM = "bPKIdentity";
+  public static final String XSD_WBPKIDELEM = "wbPKIdentity";
   public static final String XSD_PARAMELEM = "Parameters";
   public static final String XSD_SURNAMEATTR = "SurName";
-	public static final String XSD_GIVENNAMEATTR = "GivenName"; 
+  public static final String XSD_GIVENNAMEATTR = "GivenName"; 
   public static final String XSD_BIRTHDATEATTR = "BirthDate";
-	public static final String XSD_BIRTHDATEBLANKATTR = "any";
+  public static final String XSD_BIRTHDATEBLANKATTR = "any";
   public static final String XSD_BPKATTR = "bPK";
+  public static final String XSD_WBPKATTR = "wbPK";
   public static final String XSD_UNATTR = "UN";
-	public static final String XSD_PWATTR = "PW";
-	public static final String XSD_PARAM1ATTR = "Param1";
-	public static final String XSD_PARAM2ATTR = "Param2";
-	public static final String XSD_PARAM3ATTR = "Param3";
+  public static final String XSD_PWATTR = "PW";
+  public static final String XSD_PARAM1ATTR = "Param1";
+  public static final String XSD_PARAM2ATTR = "Param2";
+  public static final String XSD_PARAM3ATTR = "Param3";
   private Map bPKMap;
   private Map namedMap;
-	private boolean isConfigured = false;
+  private boolean isConfigured = false;
 }
 \ No newline at end of file
author	peter.danner <peter.danner@d688527b-c9ab-4aba-bd8d-4036d912da1d>	2005-10-30 09:01:22 +0000
committer	peter.danner <peter.danner@d688527b-c9ab-4aba-bd8d-4036d912da1d>	2005-10-30 09:01:22 +0000
commit	fd8f60064e096b3c011cfc18e86a224308d762f7 (patch)
tree	663148b5c7796512abed02e26d40e7d4356dc15f /id.server/src/at/gv/egovernment/moa/id/proxy/XMLLoginParameterResolverEncryptedData.java
parent	5d0e89e2aa3b46203fe748b3d34c433afcee72cf (diff)
download	moa-id-spss-fd8f60064e096b3c011cfc18e86a224308d762f7.tar.gz moa-id-spss-fd8f60064e096b3c011cfc18e86a224308d762f7.tar.bz2 moa-id-spss-fd8f60064e096b3c011cfc18e86a224308d762f7.zip