RSCH

git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/trunk@99 d688527b-c9ab-4aba-bd8d-4036d912da1d

2 files changed, 134 insertions, 90 deletions

diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ConfigurationServlet.java b/id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ConfigurationServlet.java
index d6ec4951b..4ab2e2cf7 100644
--- a/id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ConfigurationServlet.java
+++ b/id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ConfigurationServlet.java
@@ -1,17 +1,18 @@
 package at.gv.egovernment.moa.id.proxy.servlet;
 
 import java.io.IOException;
-import java.io.PrintWriter;
 import java.text.DateFormat;
 import java.util.Date;
 import java.util.Locale;
 
+import javax.servlet.ServletConfig;
 import javax.servlet.ServletException;
 import javax.servlet.http.HttpServlet;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
 import at.gv.egovernment.moa.id.proxy.MOAIDProxyInitializer;
+import at.gv.egovernment.moa.id.util.HTTPRequestJSPForwarder;
 import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
 import at.gv.egovernment.moa.logging.Logger;
 
@@ -22,9 +23,6 @@ import at.gv.egovernment.moa.logging.Logger;
  * @version $Id$
  */
 public class ConfigurationServlet extends HttpServlet {
-  /** The standard String for DTD Doc-type */
-  private static final String DOC_TYPE =
-    "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.0 Transitional//EN\">\n";
 
   /**
    * Handle a HTTP GET request, used to indicated that the MOA
@@ -36,13 +34,6 @@ public class ConfigurationServlet extends HttpServlet {
     throws ServletException, IOException {
 
     MOAIDMessageProvider msg = MOAIDMessageProvider.getInstance();
-    PrintWriter out;
-
-    response.setContentType("text/html");
-    out = response.getWriter();
-    out.println(DOC_TYPE);
-    out.println("<head><title>MOA configuration update</title></head>");
-    out.println("<body bgcolor=\"#FFFFFF\">");
     try {
       MOAIDProxyInitializer.initialize();
 
@@ -50,21 +41,12 @@ public class ConfigurationServlet extends HttpServlet {
 				{ DateFormat.getTimeInstance(DateFormat.MEDIUM, Locale.GERMAN).format(new Date())} );
       Logger.info(message);
 			
-			//TODO low-priority: change to ErrorPage
-      out.println("<p><b>");
-      out.println(message);
-      out.println("</b></p>");
+			HTTPRequestJSPForwarder.forwardNamed(message, "/message-proxy.jsp", getServletContext(), request, response);
     } catch (Throwable t) {
       String errorMessage = msg.getMessage("config.04", null);
       Logger.error(errorMessage, t);
-      out.println("<p><b>");
-      out.println(errorMessage);
-      out.println("</b></p>");
+			HTTPRequestJSPForwarder.forwardNamed(errorMessage, "/message-proxy.jsp", getServletContext(), request, response);
     }
-    out.println("</body>");
-
-    out.flush();
-    out.close();
   }
 
   /**
@@ -77,4 +59,13 @@ public class ConfigurationServlet extends HttpServlet {
     doGet(request, response);
   }
 	
+/**
+ * Calls the web application initializer.
+ * 
+ * @see javax.servlet.Servlet#init(ServletConfig)
+ */
+public void init(ServletConfig servletConfig) throws ServletException {
+	super.init(servletConfig);
 }
+
+}
\ No newline at end of file
diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ProxyServlet.java b/id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ProxyServlet.java
index 362849fb1..7980778d9 100644
--- a/id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ProxyServlet.java
+++ b/id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ProxyServlet.java
@@ -3,7 +3,6 @@ package at.gv.egovernment.moa.id.proxy.servlet;
 import java.io.BufferedInputStream;
 import java.io.BufferedOutputStream;
 import java.io.IOException;
-import java.io.OutputStream;
 import java.io.PrintWriter;
 import java.io.StringWriter;
 import java.net.HttpURLConnection;
@@ -14,7 +13,9 @@ import java.util.Iterator;
 import java.util.Map;
 
 import javax.net.ssl.SSLSocketFactory;
+import javax.servlet.RequestDispatcher;
 import javax.servlet.ServletConfig;
+import javax.servlet.ServletContext;
 import javax.servlet.ServletException;
 import javax.servlet.http.HttpServlet;
 import javax.servlet.http.HttpServletRequest;
@@ -39,6 +40,7 @@ import at.gv.egovernment.moa.id.proxy.LoginParameterResolver;
 import at.gv.egovernment.moa.id.proxy.LoginParameterResolverException;
 import at.gv.egovernment.moa.id.proxy.LoginParameterResolverFactory;
 import at.gv.egovernment.moa.id.proxy.MOAIDProxyInitializer;
+import at.gv.egovernment.moa.id.proxy.NotAllowedException;
 import at.gv.egovernment.moa.id.proxy.invoke.GetAuthenticationDataInvoker;
 import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
 import at.gv.egovernment.moa.id.util.SSLUtils;
@@ -67,6 +69,8 @@ public class ProxyServlet extends HttpServlet {
   private static final String ATT_LOGIN_HEADERS = "LoginHeaders";
   /** Name of the Attribute for the LoginParameters */  
   private static final String ATT_LOGIN_PARAMETERS = "LoginParameters";
+	/** Name of the Attribute for the SAMLARTIFACT */  
+	private static final String ATT_SAML_ARTIFACT = "SamlArtifact";
 
   /**
    * @see javax.servlet.http.HttpServlet#service(HttpServletRequest, HttpServletResponse)
@@ -75,17 +79,25 @@ public class ProxyServlet extends HttpServlet {
 
     Logger.debug("getRequestURL:" + req.getRequestURL().toString());
     try {
-      if (req.getParameter(PARAM_SAMLARTIFACT) != null && req.getParameter(PARAM_TARGET) != null)
-        login(req, resp);
+      if (req.getParameter(PARAM_SAMLARTIFACT) != null && req.getParameter(PARAM_TARGET) != null) {
+
+				// check if SAML Artifact was already used in this session (in case of page reload)
+				HttpSession session = req.getSession();
+				if(null != session && req.getParameter(PARAM_SAMLARTIFACT).equals(session.getAttribute(ATT_SAML_ARTIFACT))) {
+					tunnelRequest(req, resp); 
+				} else
+				// it is the first time that the SAML Artifact was used
+					login(req, resp);
+      }
       else
         tunnelRequest(req, resp);
     }
     catch (MOAIDException ex) {
-      handleError(resp, ex.toString(), ex);
+			handleError(ex.getMessage(), ex, req, resp);
     }
     catch (Throwable ex) {
-      handleError(resp, ex.toString(), ex);
-    }
+			handleError(ex.getMessage(), ex, req, resp);
+    } 
   }
 
   /**
@@ -113,8 +125,15 @@ public class ProxyServlet extends HttpServlet {
     // String target = req.getParameter(PARAM_TARGET); parameter given but not processed
 
     // get authentication data from the MOA-ID Auth component
-    AuthenticationData authData = new GetAuthenticationDataInvoker().getAuthenticationData(samlArtifact);
-
+		AuthenticationData authData;
+    try {
+    	authData = new GetAuthenticationDataInvoker().getAuthenticationData(samlArtifact);
+    } catch (ServiceException ex) {
+      throw new ProxyException("proxy.14", new Object[] {ex});
+    } catch (ProxyException ex) {
+			throw new ProxyException("proxy.14", new Object[] {ex});
+    }
+    
     String urlRequested = req.getRequestURL().toString();
 
     // read configuration data
@@ -129,29 +148,34 @@ public class ProxyServlet extends HttpServlet {
     ConnectionParameter oaConnParam = oaParam.getConnectionParameter();
     String realURLPrefix = oaConnParam.getUrl();
 
-    // resolve login parameters to be forwarded to online application
-    LoginParameterResolver lpr = LoginParameterResolverFactory.getLoginParameterResolver(publicURLPrefix);
+    // resolve login parameters to be forwarded to online application 
+    LoginParameterResolver lpr =
+      LoginParameterResolverFactory.getLoginParameterResolver(publicURLPrefix);
     String clientIPAddress = req.getRemoteAddr();
     Map loginHeaders = null;
     Map loginParameters = null;
     try {
-	if (oaConf.getAuthType().equals(OAConfiguration.PARAM_AUTH))
-	  loginParameters = lpr.getAuthenticationParameters(oaConf, authData, clientIPAddress);	
-	else
-	  loginHeaders = lpr.getAuthenticationHeaders(oaConf, authData, clientIPAddress);
-		
-	} catch (LoginParameterResolverException ex) {
-		throw new ProxyException("proxy.13", new Object[] { publicURLPrefix });		
-	}
+      if (oaConf.getAuthType().equals(OAConfiguration.PARAM_AUTH))
+        loginParameters = lpr.getAuthenticationParameters(oaConf, authData, clientIPAddress);
+      else
+        loginHeaders = lpr.getAuthenticationHeaders(oaConf, authData, clientIPAddress);
+
+    } catch (LoginParameterResolverException ex) {
+      throw new ProxyException("proxy.13", new Object[] { publicURLPrefix });
+    } catch (NotAllowedException e) {
+      throw new ProxyException("proxy.15", new Object[] { });
+    }
 
     // setup SSLSocketFactory for communication with the online application
     SSLSocketFactory ssf = null;
     if (oaConnParam.isHTTPSURL()) {
       try {
         ssf = SSLUtils.getSSLSocketFactory(proxyConf, oaConnParam);
-      }
-      catch (Throwable ex) {
-        throw new ProxyException("proxy.05", new Object[] { oaConnParam.getUrl(), ex.toString()}, ex);
+      } catch (Throwable ex) {
+        throw new ProxyException(
+          "proxy.05",
+          new Object[] { oaConnParam.getUrl(), ex.toString()},
+          ex);
       }
     }
 
@@ -160,6 +184,7 @@ public class ProxyServlet extends HttpServlet {
       String loginType = oaConf.getLoginType();
       Logger.debug("Login type: " + loginType);
       if (loginType.equals(OAConfiguration.LOGINTYPE_STATELESS)) {
+        
         HttpSession session = req.getSession();
         int sessionTimeOut = oaParam.getSessionTimeOut();
         if (sessionTimeOut == 0)
@@ -170,24 +195,40 @@ public class ProxyServlet extends HttpServlet {
         session.setAttribute(ATT_SSL_SOCKET_FACTORY, ssf);
         session.setAttribute(ATT_LOGIN_HEADERS, loginHeaders);
         session.setAttribute(ATT_LOGIN_PARAMETERS, loginParameters);
+        session.setAttribute(ATT_SAML_ARTIFACT, samlArtifact);
         Logger.debug("moa-id-proxy: HTTPSession angelegt");
       }
-
-      // tunnel request to the online application
-    int respcode = tunnelRequest(req, resp, loginHeaders, loginParameters, publicURLPrefix, realURLPrefix, ssf);
-    if (respcode == 401) 
-      {
-      Logger.debug("Got 401, trying again");
       
-      respcode = tunnelRequest(req, resp, loginHeaders, loginParameters, publicURLPrefix, realURLPrefix, ssf);
-      if (respcode == 401)
-        throw new ProxyException("proxy.12", new Object[] { realURLPrefix});
-        }
-    }
-    catch (ProxyException ex) {
-      throw new ProxyException("proxy.12", new Object[] { realURLPrefix});
-    }
-    catch (Throwable ex) {
+     
+      // tunnel request to the online application
+      int respcode =
+        tunnelRequest(
+          req,
+          resp,
+          loginHeaders,
+          loginParameters,
+          publicURLPrefix,
+          realURLPrefix,
+          ssf);
+      if (respcode == 401) {
+        Logger.debug("Got 401, trying again");
+
+        respcode =
+          tunnelRequest(
+            req,
+            resp,
+            loginHeaders,
+            loginParameters,
+            publicURLPrefix,
+            realURLPrefix,
+            ssf);
+        if (respcode == 401)
+          throw new ProxyException("proxy.12", new Object[] { realURLPrefix });
+      }
+    } catch (ProxyException ex) {
+      throw new ProxyException("proxy.12", new Object[] { realURLPrefix });
+    
+    } catch (Throwable ex) {
       throw new ProxyException("proxy.04", new Object[] { urlRequested, ex.toString()}, ex);
     }
   }
@@ -202,9 +243,15 @@ public class ProxyServlet extends HttpServlet {
 
     Logger.debug("Tunnel request (stateless)");
     HttpSession session = req.getSession(false);
+       
     if (session == null)
       throw new ProxyException("proxy.07", null);
     String publicURLPrefix = (String) session.getAttribute(ATT_PUBLIC_URLPREFIX);
+		//A sesssion is automatically created when forwarded 1st time to errorpage-proxy.jsp (with the handleError method)
+		//additional check if publicURLPrefix is OK, if not throw an Exception
+		if (publicURLPrefix == null)
+			throw new ProxyException("proxy.07", null);
+		 
     String realURLPrefix = (String) session.getAttribute(ATT_REAL_URLPREFIX);
     SSLSocketFactory ssf = (SSLSocketFactory) session.getAttribute(ATT_SSL_SOCKET_FACTORY);
     Map loginHeaders = (Map) session.getAttribute(ATT_LOGIN_HEADERS);
@@ -487,6 +534,7 @@ private boolean isTransferEncodingChunkedHeader(String headerKey, String headerV
  * @see javax.servlet.Servlet#init(ServletConfig)
  */
 public void init(ServletConfig servletConfig) throws ServletException {
+	super.init(servletConfig);
   try {
     MOAIDProxyInitializer.initialize();
     Logger.info(MOAIDMessageProvider.getInstance().getMessage("proxy.00", null));
@@ -496,42 +544,47 @@ public void init(ServletConfig servletConfig) throws ServletException {
     throw new ServletException(ex);
   }
 }
+
 /**
- * Handles an error in proxying the request.
+ * Handles an error. <br>
  * <ul>
- * <li>Logs the error.</li>
- * <li>Outputs an HTML error page.</li>
+ * <li>Logs the error</li>
+ * <li>Places error message and exception thrown into the request 
+ * 		 as request attributes (to be used by <code>"/errorpage-proxy.jsp"</code>)</li>
+ * <li>Sets HTTP status 500 (internal server error)</li>
  * </ul>
- * @param resp the HttpServletResponse
- * @param errorMessage error message to be used 
- * @param ex the exception to be logged
+ * 
+ * @param errorMessage error message
+ * @param exceptionThrown exception thrown
+ * @param req servlet request
+ * @param resp servlet response
  */
-private void handleError(HttpServletResponse resp, String errorMessage, Throwable ex) {
-  Logger.error(errorMessage, ex);  
-  String htmlCode =
-    "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.0 Transitional//EN\">"
-      + "<html><head><title>"
-      + MOAIDMessageProvider.getInstance().getMessage("proxy.10", null)
-      + "</title></head><body>"
-      + "<h1>"
-      + MOAIDMessageProvider.getInstance().getMessage("proxy.10", null)
-      + "</h1>"
-      + "<p>"
-      + MOAIDMessageProvider.getInstance().getMessage("proxy.11", null)
-      + "</p>"
-      + "<p>"
-      + errorMessage
-      + "</p>"
-      + "</body></html>";
-  resp.setContentType("text/html");
-  try {
-    OutputStream respOut = resp.getOutputStream();
-    respOut.write(htmlCode.getBytes());
-    respOut.flush();
-  }
-  catch (IOException ioex) {
-    Logger.error("", ioex);
-  }
+protected void handleError(
+	String errorMessage, Throwable exceptionThrown, HttpServletRequest req, HttpServletResponse resp) {
+
+		
+	if(null != errorMessage) {
+		Logger.error(errorMessage);
+		req.setAttribute("ErrorMessage", errorMessage	);	
+	}
+	
+	if (null != exceptionThrown) {
+		if(null == errorMessage) errorMessage = exceptionThrown.getMessage();
+		Logger.error(errorMessage, exceptionThrown);
+		//req.setAttribute("ExceptionThrown", exceptionThrown);
+	}
+				
+	//forward this to errorpage-proxy.jsp wher the HTML error page is generated
+	ServletContext context = getServletContext();
+	RequestDispatcher dispatcher = context.getRequestDispatcher("/errorpage-proxy.jsp");
+	try {
+		dispatcher.forward(req, resp);
+	} catch (ServletException e) {
+		Logger.error(e);
+	} catch (IOException e) {
+		Logger.error(e);
+	}
+		
 }
 
 }