aboutsummaryrefslogtreecommitdiff
path: root/id.server/src/at/gv/egovernment/moa/id/proxy
diff options
context:
space:
mode:
authorrudolf <rudolf@d688527b-c9ab-4aba-bd8d-4036d912da1d>2004-06-14 20:44:38 +0000
committerrudolf <rudolf@d688527b-c9ab-4aba-bd8d-4036d912da1d>2004-06-14 20:44:38 +0000
commit12af8872e91507b37027b6796a2ba7ec03c09d61 (patch)
tree400c52d4a034edd6e61ac57722d8b651b5bf40d6 /id.server/src/at/gv/egovernment/moa/id/proxy
parentaf993b557302ea75d781f987c17c84ff9954c3b1 (diff)
downloadmoa-id-spss-12af8872e91507b37027b6796a2ba7ec03c09d61.tar.gz
moa-id-spss-12af8872e91507b37027b6796a2ba7ec03c09d61.tar.bz2
moa-id-spss-12af8872e91507b37027b6796a2ba7ec03c09d61.zip
some small changes (RSCH)
git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/trunk@126 d688527b-c9ab-4aba-bd8d-4036d912da1d
Diffstat (limited to 'id.server/src/at/gv/egovernment/moa/id/proxy')
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/proxy/LoginParameterResolver.java7
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/proxy/LoginParameterResolverFactory.java4
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/proxy/XMLLoginParameterResolver.java483
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/proxy/XMLLoginParameterResolverEncryptedData.java655
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/proxy/XMLLoginParameterResolverPlainData.java (renamed from id.server/src/at/gv/egovernment/moa/id/proxy/OldXMLLoginParameterResolver.java)249
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ProxyServlet.java4
6 files changed, 820 insertions, 582 deletions
diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/LoginParameterResolver.java b/id.server/src/at/gv/egovernment/moa/id/proxy/LoginParameterResolver.java
index c391fc16f..f43bbd9e4 100644
--- a/id.server/src/at/gv/egovernment/moa/id/proxy/LoginParameterResolver.java
+++ b/id.server/src/at/gv/egovernment/moa/id/proxy/LoginParameterResolver.java
@@ -29,8 +29,7 @@ public interface LoginParameterResolver {
/** Constant used in <code>MOAIDConfiguration-1.2.xsd</code>, type <code>MOAAuthDataType</code> */
public static final String MOABKZ = "MOABKZ";
/** Constant used in <code>MOAIDConfiguration-1.2.xsd</code>, type <code>MOAAuthDataType</code> */
- public static final String MOAQualifiedCertificate =
- "MOAQualifiedCertificate";
+ public static final String MOAQualifiedCertificate = "MOAQualifiedCertificate";
/** Constant used in <code>MOAIDConfiguration-1.2.xsd</code>, type <code>MOAAuthDataType</code> */
public static final String MOAStammzahl = "MOAStammzahl";
/** Constant used in <code>MOAIDConfiguration-1.2.xsd</code>, type <code>MOAAuthDataType</code> */
@@ -70,8 +69,8 @@ public interface LoginParameterResolver {
public Map getAuthenticationParameters(
OAConfiguration oaConf,
AuthenticationData authData,
- String clientIPAddress) throws LoginParameterResolverException;
+ String clientIPAddress) throws LoginParameterResolverException, NotAllowedException;
- public void configure(String configuration) throws LoginParameterResolverException, NotAllowedException;
+ public void configure(String configuration) throws LoginParameterResolverException;
}
diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/LoginParameterResolverFactory.java b/id.server/src/at/gv/egovernment/moa/id/proxy/LoginParameterResolverFactory.java
index 0db7f66fe..856afe74c 100644
--- a/id.server/src/at/gv/egovernment/moa/id/proxy/LoginParameterResolverFactory.java
+++ b/id.server/src/at/gv/egovernment/moa/id/proxy/LoginParameterResolverFactory.java
@@ -1,5 +1,6 @@
package at.gv.egovernment.moa.id.proxy;
+import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.util.HashMap;
import java.util.Map;
@@ -53,10 +54,9 @@ public class LoginParameterResolverFactory {
Object[] arguments = { new String(configuration) };
confMethod.invoke( lpr, arguments );
- lpr.configure(configuration);
loginParameterResolverMap.put(publicURLPrefix, lpr);
}
- catch (LoginParameterResolverException lpex) {
+ catch (InvocationTargetException lpex) {
throw new ConfigurationException("config.11", new Object[] {className}, lpex);
}
catch (Throwable ex) {
diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/XMLLoginParameterResolver.java b/id.server/src/at/gv/egovernment/moa/id/proxy/XMLLoginParameterResolver.java
deleted file mode 100644
index 3958bb206..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/proxy/XMLLoginParameterResolver.java
+++ /dev/null
@@ -1,483 +0,0 @@
-package at.gv.egovernment.moa.id.proxy;
-
-import java.io.File;
-import at.gv.egovernment.moa.id.config.proxy.OAConfiguration;
-import at.gv.egovernment.moa.id.data.AuthenticationData;
-import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.util.Base64Utils;
-import java.io.IOException;
-import java.util.*;
-//import org.apache.xerces.parsers.AbstractDOMParser;
-import org.apache.xerces.parsers.DOMParser;
-import org.w3c.dom.*;
-
-/**
- * XMLLoginParameterResolver an implementation of implementation of interface
- * <code>LoginParameterResolver</code>
- * This implementation used to map identities stored in an XML file to parameters
- * which are given to OAs.
- *
- * @author Rudolf Schamberger
- * @version $Id$
- */
-public class XMLLoginParameterResolver implements LoginParameterResolver {
-
- //file which is parsed and interpreted for paremeter resolving.
- private String identityFile;
-
- /**
- * inner class used to store mapped parameters
- */
- class LPRParams {
-
- /**
- * getter method for parameter Enabled.
- * Parameter Enabled decides if mapped parameters should be used by XMLLoginParameterResolver
- */
- public boolean getEnabled() {
- return enabled.booleanValue();
- }
-
- /**
- * getter method for parameter UN (username)
- * @return Parameter UN or <code>null</code> not set.
- */
- public String getUN() {
- return UN;
- }
-
- /**
- * getter method for parameter PW (password)
- * @return Parameter PW or <code>null</code> not set.
- */
- public String getPW() {
- return PW;
- }
-
- /**
- * getter method for parameter Param1
- * @return Parameter Param1 or <code>null</code> not set.
- */
- public String getParam1() {
- return Param1;
- }
-
- /**
- * getter method for parameter Param2
- * @return Parameter Param2 or <code>null</code> not set.
- */
- public String getParam2() {
- return Param2;
- }
-
- /**
- * getter method for parameter Param3
- * @return Parameter Param3 or <code>null</code> not set.
- */
- public String getParam3() {
- return Param3;
- }
-
- /**
- * Returns a string representation of LPRParams
- *
- * @return a <code>String</code> representation of this object.
- * @see XMLLoginParameterResolver.LPRParams
- */
- public String toString() {
- return "Enabled: "
- + enabled.toString()
- + "UN: '"
- + UN
- + "' PW: '"
- + PW
- + "' Param1: '"
- + Param1
- + "' Param2: '"
- + Param2
- + "' Param3: '"
- + Param3
- + "'\n";
- }
-
- //private member variables used
- private Boolean enabled = null;
- private String UN = null;
- private String PW = null;
- private String Param1 = null;
- private String Param2 = null;
- private String Param3 = null;
-
- /**
- * Constructs a newly allocated <code>XMLLoginParameterResolver.LPRParams</code> object.
- *
- * @param enabled enable user mapping to parameter set for the parameter set.
- * @param UN username used in HTTP 401 - BasicAuthentication
- * @param PW password used in HTTP 401 - BasicAuthentication
- * @param Param1 parameter1 used in HeaderAuthentication and ParameterAuthentication
- * @param Param2 parameter2 used in HeaderAuthentication and ParameterAuthentication
- * @param Param3 parameter3 used in HeaderAuthentication and ParameterAuthentication
- **/
- LPRParams(boolean enabled, String UN, String PW, String Param1, String Param2, String Param3) {
- this.enabled = new Boolean(enabled);
- this.UN = UN;
- this.PW = PW;
- this.Param1 = Param1;
- this.Param1 = Param2;
- this.Param1 = Param3;
- }
-
- /**
- * Constructs a newly allocated <code>XMLLoginParameterResolver.LPRParams</code> object.
- *
- * @param enabled enable user mapping to parameter set for the parameter set.
- * @param UN username used in HTTP 401 - BasicAuthentication
- * @param PW password used in HTTP 401 - BasicAuthentication
- **/
- LPRParams(boolean enabled, String UN, String PW) {
- this(enabled, UN, PW, null, null, null);
- }
- }
-
- /**
- * Constructs a newly allocated <code>XMLLoginParameterResolver</code> object.
- **/
- public XMLLoginParameterResolver() {
- bPKMap = new HashMap();
- namedMap = new HashMap();
- }
-
- /**
- * configuration method
- * @param configuration enabled enable user mapping to parameter set for the parameter set.
- */
- public void configure(String configuration) throws LoginParameterResolverException {
- File idFile;
- this.identityFile = configuration;
-
- try {
- if (null == identityFile || false == (idFile = new File(identityFile)).canRead()) {
- Logger.error("XMLLoginParameterResolver could not read '"
- + identityFile
- + "' " );
- return;
- }
- Document doc = readXMLFile(identityFile);
- buildInfo(doc);
- } catch (Throwable ex) {
- throw new LoginParameterResolverException("config.11", new Object[] {identityFile}, ex);
- }
- isConfigured = true;
- }
-
- public Map getAuthenticationHeaders(
- OAConfiguration oaConf,
- AuthenticationData authData,
- String clientIPAddress) throws LoginParameterResolverException {
- Map result = new HashMap();
-
- if (!isConfigured) {
- throw new LoginParameterResolverException("XMLLoginParameterResolver with configuration '" +
- identityFile + "' is not configured!", null);
- }
-
- String famName = resolveValue("MOAFamilyName", authData, clientIPAddress);
- String givenName = resolveValue("MOAGivenName", authData, clientIPAddress);
- String dateOfBirth = resolveValue("MOADateOfBirth", authData, clientIPAddress);
- String bPK = resolveValue("MOABPK", authData, clientIPAddress);
- String userid = "";
- String password = "";
- LPRParams params = null;
- boolean userFound = false;
-
- //try bPK and named search
- userFound = bPKIdentitySearch(bPK, params);
-
- if(false == userFound)
- namedIdentitySearch(famName, givenName, dateOfBirth, params);
-
- if(false == userFound)
- return result;
-
- //HTTP 401 - Basic Authentication
- if (oaConf.getAuthType().equals("basic")) {
- userid = params.getUN();
- password = params.getPW();
-
- try {
- String userIDPassword = userid + ":" + password;
- String credentials = Base64Utils.encode(userIDPassword.getBytes());
- Logger.debug("XMLLoginParameterResolver: calculated credentials: " + credentials);
- result.put("Authorization", "Basic " + credentials);
- } catch (IOException ignore) {
- }
- return result;
- }
- if (oaConf.getAuthType().equals("header")) {
- String key;
- String resolvedValue;
- result.put("Param1", params.getParam1());
- result.put("Param2", params.getParam2());
- result.put("Param3", params.getParam3());
- return result;
- /* for (Iterator iter = oaConf.getHeaderAuthMapping().keySet().iterator();
- iter.hasNext();
- result.put(key, resolvedValue)) {
- key = (String) iter.next();
- String predicate = (String) oaConf.getHeaderAuthMapping().get(key);
- resolvedValue = resolveValue(predicate, authData, clientIPAddress);
- }
- */
- }
- return result;
- }
-
- public Map getAuthenticationParameters(
- OAConfiguration oaConf,
- AuthenticationData authData,
- String clientIPAddress) {
-
- Map result = new HashMap();
-
- if (!isConfigured) {
- Logger.warn("XMLLoginParameterResolver with configuration '" + identityFile + " is not configured");
- return result;
- }
-
- String famName = resolveValue("MOAFamilyName", authData, clientIPAddress);
- String givenName = resolveValue("MOAGivenName", authData, clientIPAddress);
- String dateOfBirth = resolveValue("MOADateOfBirth", authData, clientIPAddress);
- String bPK = resolveValue("MOABPK", authData, clientIPAddress);
- String userid = "";
- String password = "";
- LPRParams params = null;
- boolean userFound = false;
-
- //try bPK and named search
- userFound = bPKIdentitySearch(bPK, params);
-
- if (false == userFound)
- namedIdentitySearch(famName, givenName, dateOfBirth, params);
-
- if (false == userFound)
- return result;
-
- if (oaConf.getAuthType().equals("param")) {
- result.put("Param1", params.getParam1());
- result.put("Param2", params.getParam2());
- result.put("Param3", params.getParam3());
- return result;
- /*
- String key;
- String resolvedValue;
- for (Iterator iter = oaConf.getParamAuthMapping().keySet().iterator();
- iter.hasNext();
- result.put(key, resolvedValue)) {
- key = (String) iter.next();
- String predicate = (String) oaConf.getParamAuthMapping().get(key);
- resolvedValue = resolveValue(predicate, authData, clientIPAddress);
- }
- */
-
- }
- return result;
- }
-
- private static String resolveValue(
- String predicate,
- AuthenticationData authData,
- String clientIPAddress) {
- if (predicate.equals("MOAGivenName"))
- return authData.getGivenName();
- if (predicate.equals("MOAFamilyName"))
- return authData.getFamilyName();
- if (predicate.equals("MOADateOfBirth"))
- return authData.getDateOfBirth();
- if (predicate.equals("MOABPK"))
- return authData.getPBK();
- if (predicate.equals("MOAPublicAuthority"))
- if (authData.isPublicAuthority())
- return "true";
- else
- return "false";
- if (predicate.equals("MOABKZ"))
- return authData.getPublicAuthorityCode();
- if (predicate.equals("MOAQualifiedCertificate"))
- if (authData.isQualifiedCertificate())
- return "true";
- else
- return "false";
- if (predicate.equals("MOAStammzahl"))
- return authData.getIdentificationValue();
- if (predicate.equals(MOAIdentificationValueType))
- return authData.getIdentificationType();
- if (predicate.equals("MOAIPAddress"))
- return clientIPAddress;
- else
- return null;
- }
-
- private Document readXMLFile(String fileName) {
- Logger.info("XMLLoginParameterResolver: Loading MOA-OA configuration " + fileName);
- DOMParser parser = new DOMParser();
- try {
- parser.setFeature("http://xml.org/sax/features/validation", true);
- parser.setFeature("http://apache.org/xml/features/validation/schema", true);
- parser.parse(fileName);
- return parser.getDocument();
- } catch (Exception e) {
- String msg = e.toString();
- Logger.error("XMLLoginParameterResolver: Error parsing file" + fileName + "\n" + msg);
- return null;
- }
- }
-
- private void buildInfo(Document doc) {
- Element root = doc.getDocumentElement();
- NodeList idList = root.getElementsByTagName(XSD_IDELEM);
- NodeList paramList = root.getElementsByTagName("Parameters");
- for (int i = 0; i < idList.getLength(); i++)
- Logger.debug("XMLLoginParameterResolver: LocalName idList: " + idList.item(i).getLocalName());
-
- for (int i = 0; i < paramList.getLength(); i++)
- Logger.debug(
- "XMLLoginParameterResolver: LocalName paramList: " + paramList.item(i).getLocalName());
-
- for (int i = 0; i < idList.getLength(); i++) {
- Element tmpElem = (Element) idList.item(i);
- NodeList tmpList = tmpElem.getElementsByTagName("NamedIdentity");
- for (int j = 0; j < tmpList.getLength(); j++)
- Logger.debug("XMLLoginParameterResolver: LocalName tmp: " + tmpList.item(j).getLocalName());
-
- if (1 == tmpList.getLength()) {
- tmpElem = (Element) tmpList.item(0);
- String tmpStr = tmpElem.getAttribute("SurName") + "," + tmpElem.getAttribute("GivenName");
- boolean tmpBool = false;
- if (tmpElem.getFirstChild() != null
- && "1".compareTo(tmpElem.getFirstChild().getNodeValue()) == 0)
- tmpBool = true;
- Logger.debug(
- "XMLLoginParameterResolver: tmpStr: "
- + tmpStr
- + " value: "
- + (new Boolean(tmpBool)).toString());
- tmpElem = (Element) paramList.item(i);
- Logger.debug(
- "XMLLoginParameterResolver: attribute UN: "
- + tmpElem.getAttribute("UN")
- + " attribute PW: "
- + tmpElem.getAttribute("PW"));
- namedMap.put(
- tmpStr,
- new LPRParams(tmpBool, tmpElem.getAttribute("UN"), tmpElem.getAttribute("PW")));
- } else {
- tmpList = tmpElem.getElementsByTagName("bPKIdentity");
- if (1 == tmpList.getLength()) {
- tmpElem = (Element) tmpList.item(0);
- String tmpStr = tmpElem.getAttribute("bPK");
- boolean tmpBool = false;
- if (tmpElem.getFirstChild() != null
- && "1".compareTo(tmpElem.getFirstChild().getNodeValue()) == 0)
- tmpBool = true;
- Logger.debug(
- "XMLLoginParameterResolver: tmpStr: "
- + tmpStr
- + " value: "
- + (new Boolean(tmpBool)).toString());
- tmpElem = (Element) paramList.item(i);
- Logger.debug(
- "XMLLoginParameterResolver: attribute UN: "
- + tmpElem.getAttribute("UN")
- + " attribute PW: "
- + tmpElem.getAttribute("PW")
- + " attribute Param1: "
- + tmpElem.getAttribute("Param1"));
- bPKMap.put(
- tmpStr,
- new LPRParams(tmpBool, tmpElem.getAttribute("UN"), tmpElem.getAttribute("PW")));
- } else {
- Logger.warn(
- "XMLLoginParameterResolver: wrong format no NamedIdentity or bPKIdentity found");
- }
- }
- }
-
- Logger.debug("namedMap:" + namedMap.toString());
- Logger.debug("bPKMap:" + bPKMap.toString());
- }
-
- private void buildIdentityInfo(Document doc) {
-
- }
-
-
- boolean bPKIdentitySearch(String bPK, LPRParams params) {
- //search for mapping with bPK of the user
- Logger.info("XMLLoginParameterResolver: search for login data mapped to bPK:" + bPK);
- params = (LPRParams) bPKMap.get(bPK);
- if (null == params) {
- Logger.info("XMLLoginParameterResolver: params for bPK: " + bPK + " not found!");
- return false;
- } else if (params.getEnabled()) {
- Logger.info("XMLLoginParameterResolver: bPK: " + bPK + "found in list; user is enabled");
- Logger.debug("XMLLoginParameterResolver: using: " + params.toString());
- return true;
- }
- Logger.info("XMLLoginParameterResolver: bPK: " + bPK + "found in list but user is NOT enabled");
- return false;
- }
-
- boolean namedIdentitySearch(
- String famName,
- String givenName,
- String dateOfBirth,
- LPRParams params) {
- Logger.info(
- "XMLLoginParameterResolver: search for login data for SurName:"
- + famName
- + " GivenName: "
- + givenName);
-
- params = (LPRParams) namedMap.get(famName + "," + givenName);
- if (null == params) {
-
- Logger.info(
- "XMLLoginParameterResolver: params for Surname: "
- + famName
- + " GivenName: "
- + givenName
- + " not found!");
- return false;
- }
-
- if (params.getEnabled()) {
- Logger.info(
- "XMLLoginParameterResolver: SurName:"
- + famName
- + " GivenName: "
- + givenName
- + "found in list; user is enabled");
- Logger.debug("XMLLoginParameterResolver: using: " + params.toString());
- return true;
- }
- Logger.info(
- "XMLLoginParameterResolver: SurName:"
- + famName
- + " GivenName: "
- + givenName
- + "found in list; user is NOT enabled");
- return false;
- }
-
- public static final String XSD_MAPPING = "Mapping";
-
- public static final String XSD_DOCELEM = "MOAIdentities";
- public static final String XSD_IDELEM = "Identity";
- public static final String XSD_NAMEDIDELEM = "NamedIdentity";
- public static final String XSD_BPKIDELEM = "bPKIdentity";
- public static final String XSD_PARAMELEM = "Parameters";
- public static final String XML_LPR_CONFIG_PROPERTY_NAME = "moa.id.xmllpr.configuration";
- private Map bPKMap;
- private Map namedMap;
- private boolean isConfigured = false;
-} \ No newline at end of file
diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/XMLLoginParameterResolverEncryptedData.java b/id.server/src/at/gv/egovernment/moa/id/proxy/XMLLoginParameterResolverEncryptedData.java
new file mode 100644
index 000000000..ab0845dc9
--- /dev/null
+++ b/id.server/src/at/gv/egovernment/moa/id/proxy/XMLLoginParameterResolverEncryptedData.java
@@ -0,0 +1,655 @@
+package at.gv.egovernment.moa.id.proxy;
+
+import iaik.security.provider.IAIK;
+
+import java.io.BufferedInputStream;
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.InputStream;
+import java.io.UnsupportedEncodingException;
+
+import javax.crypto.Cipher;
+import javax.crypto.BadPaddingException;
+import javax.crypto.IllegalBlockSizeException;
+import javax.crypto.NoSuchPaddingException;
+import javax.crypto.spec.IvParameterSpec;
+
+import java.security.InvalidAlgorithmParameterException;
+import java.security.Key;
+import java.security.InvalidKeyException;
+import java.security.NoSuchAlgorithmException;
+import java.security.NoSuchProviderException;
+import java.security.Security;
+
+
+
+import at.gv.egovernment.moa.id.config.proxy.OAConfiguration;
+import at.gv.egovernment.moa.id.data.AuthenticationData;
+import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.util.Base64Utils;
+import at.gv.egovernment.moa.util.Constants;
+import at.gv.egovernment.moa.util.DOMUtils;
+import at.gv.egovernment.moa.util.FileUtils;
+import at.gv.egovernment.moa.util.URLEncoder;
+import at.gv.egovernment.moa.id.config.ConfigurationProvider;
+
+import java.io.IOException;
+import java.util.*;
+
+import javax.xml.parsers.ParserConfigurationException;
+import org.w3c.dom.*;
+import org.xml.sax.SAXException;
+
+/**
+ * XMLLoginParameterResolver an implementation of implementation of interface
+ * <code>LoginParameterResolver</code>
+ * This implementation used to map identities stored in an XML file to parameters
+ * which are given to OAs.
+ *
+ * @author Rudolf Schamberger
+ * @version $Id$
+ */
+public class XMLLoginParameterResolverEncryptedData implements LoginParameterResolver {
+
+ //file which is parsed and interpreted for paremeter resolving.
+ private String identityFile;
+
+ private Cipher blowfishCipher;
+ private Key key;
+ /**
+ * inner class used to store mapped parameters
+ */
+ class LPRParams {
+
+ /**
+ * getter method for parameter Enabled.
+ * Parameter Enabled decides if mapped parameters should be used by XMLLoginParameterResolver
+ */
+ public boolean getEnabled() {
+ return enabled.booleanValue();
+ }
+
+ /**
+ * getter method for parameter UN (username)
+ * @return Parameter UN or <code>null</code> not set.
+ */
+ public String getUN() {
+ return UN;
+ }
+
+ /**
+ * getter method for parameter UN (username)
+ * @return Parameter UN or <code>null</code> not set.
+ */
+ //TODO XMLLPR decrypt
+ public String getPlainUN() {
+ //Security.addProvider();
+
+
+ return UN;
+ }
+
+
+ /**
+ * getter method for parameter PW (password)
+ * @return Parameter PW or <code>null</code> not set.
+ */
+ public String getPW() {
+ return PW;
+ }
+
+ /**
+ * getter method for generic parameter Param1
+ * @return Parameter Param1 or <code>null</code> not set.
+ */
+ public String getParam1() {
+ return Param1;
+ }
+
+ /**
+ * getter method for generic parameter Param2
+ * @return Parameter Param2 or <code>null</code> not set.
+ */
+ public String getParam2() {
+ return Param2;
+ }
+
+ /**
+ * getter method for generic parameter Param3
+ * @return Parameter Param3 or <code>null</code> not set.
+ */
+ public String getParam3() {
+ return Param3;
+ }
+
+ /**
+ * Returns a string representation of LPRParams
+ *
+ * @return a <code>String</code> representation of this object.
+ * @see XMLLoginParameterResolver.LPRParams
+ */
+ public String toString() {
+ return "Enabled: "
+ + enabled.toString()
+ + "UN: '"
+ + UN
+ + "' PW: '"
+ + PW
+ + "' Param1: '"
+ + Param1
+ + "' Param2: '"
+ + Param2
+ + "' Param3: '"
+ + Param3
+ + "'\n";
+ }
+
+ //private member variables used to store the parameters
+ private Boolean enabled = null;
+ private String UN = null;
+ private String PW = null;
+ private String Param1 = null;
+ private String Param2 = null;
+ private String Param3 = null;
+
+ /**
+ * Constructs a newly allocated <code>XMLLoginParameterResolver.LPRParams</code> object.
+ *
+ * @param enabled enable user mapping to parameter set for the parameter set.
+ * @param UN username used in HTTP 401 - BasicAuthentication
+ * @param PW password used in HTTP 401 - BasicAuthentication
+ * @param Param1 generic parameter1 used in HeaderAuthentication and ParameterAuthentication
+ * @param Param2 generic parameter2 used in HeaderAuthentication and ParameterAuthentication
+ * @param Param3 generic parameter3 used in HeaderAuthentication and ParameterAuthentication
+ **/
+ LPRParams(boolean enabled, String UN, String PW, String Param1, String Param2, String Param3) {
+ this.enabled = new Boolean(enabled);
+ this.UN = UN;
+ this.PW = PW;
+ this.Param1 = Param1;
+ this.Param1 = Param2;
+ this.Param1 = Param3;
+ }
+
+ /**
+ * Constructs a newly allocated <code>XMLLoginParameterResolver.LPRParams</code> object.
+ *
+ * @param enabled enable user mapping to parameter set for the parameter set.
+ * @param UN username used in HTTP 401 - BasicAuthentication
+ * @param PW password used in HTTP 401 - BasicAuthentication
+ **/
+ LPRParams(boolean enabled, String UN, String PW) {
+ this(enabled, UN, PW, null, null, null);
+ }
+ }
+
+ /**
+ * Constructs a newly allocated <code>XMLLoginParameterResolver</code> object.
+ **/
+ public XMLLoginParameterResolverEncryptedData() {
+ bPKMap = new HashMap();
+ namedMap = new HashMap();
+ }
+
+ /**
+ * configuration method
+ * @param configuration enabled enable user mapping to parameter set for the parameter set.
+ */
+ public void configure(String configuration) throws LoginParameterResolverException {
+ File idFile;
+ Element rootElement;
+
+ Security.addProvider(new IAIK());
+ try {
+ blowfishCipher = Cipher.getInstance("Blowfish/CBC/PKCS5Padding", "IAIK");
+
+ } catch (NoSuchPaddingException e) {
+ throw new LoginParameterResolverException("config.11",
+ new Object[] { "XMLLoginParameterResolver: NoSuchPaddingException \n" + e.toString()});
+ } catch (NoSuchProviderException e) {
+ throw new LoginParameterResolverException("config.11",
+ new Object[] { "XMLLoginParameterResolver: NoSuchProviderException \n" + e.toString()});
+ } catch (NoSuchAlgorithmException e) {
+ throw new LoginParameterResolverException("config.11",
+ new Object[] { "XMLLoginParameterResolver: NoSuchAlgorithmException \n" + e.toString()});
+ }
+
+ String plaintext = "start";
+ String encrypted = encryptData(plaintext, "1234567890123456", "123hochgeheim");
+ String decrypted = decryptData(encrypted, "1234567890123456", "123hochgeheim");
+ Logger.debug("plaintext: " + plaintext);
+ Logger.debug("encrypted: " + encrypted);
+ Logger.debug("decrypted: " + decrypted);
+
+ //make file name absolut (if it is relative to main config file)
+ //TODO MOAID XMLLPR check
+ String moaIDConfigFileName = System.getProperty(ConfigurationProvider.CONFIG_PROPERTY_NAME);
+ String rootConfigFileDir = new File(moaIDConfigFileName).getParent();
+ this.identityFile = FileUtils.makeAbsoluteURL(configuration, rootConfigFileDir);
+
+ if (null == identityFile || false == (idFile = new File(identityFile)).canRead()) {
+ throw new LoginParameterResolverException("config.11",
+ new Object[] { "XMLLoginParameterResolver: could not read '" + identityFile + "' " });
+ }
+ try {
+ rootElement = readXMLFile(identityFile);
+ } catch (IOException lex) {
+ Logger.error(lex.toString());
+ throw new LoginParameterResolverException("config.11",
+ new Object[] { "XMLLoginParameterResolver: could not read '" + identityFile + "' " });
+
+ } catch (SAXException sex) {
+ Logger.error(sex.toString());
+ throw new LoginParameterResolverException("config.11",
+ new Object[] { "XMLLoginParameterResolver: parsing problem in file:'" + identityFile + "' ", sex.toString() });
+ } catch (ParserConfigurationException e) {
+ // TODO Auto-generated catch block
+ Logger.error(e.toString());
+ throw new LoginParameterResolverException("config.11",
+ new Object[] { "XMLLoginParameterResolver: parsing problem in file:'" + identityFile + "' ", e.toString() });
+ }
+ buildInfo(rootElement);
+ isConfigured = true;
+ }
+
+ /**
+ * encryptData method uses parameters masterSecret and bPK as key information to encrypt plaintext
+ * @param plaintext
+ * @param bPK
+ * @param masterSecret
+ * @returns encrypted data (blowfish encrypted, base64 encoded)
+ * @throws LoginParameterResolverException
+ */
+ public String encryptData(String plaintext, String bPK, String masterSecret) throws LoginParameterResolverException
+ {
+ try {
+ String keyString = bPK + masterSecret;
+ key = new iaik.security.cipher.SecretKey(keyString.getBytes("UTF-8"), "Blowfish");
+ IvParameterSpec param = new IvParameterSpec(new byte [] {0,0,0,0,0,0,0,0});
+
+ blowfishCipher.init(Cipher.ENCRYPT_MODE, key, param);
+ byte [] cipherText = blowfishCipher.doFinal(plaintext.getBytes("UTF-8"));
+ return Base64Utils.encode(cipherText);
+ } catch (UnsupportedEncodingException e) {
+ throw new LoginParameterResolverException("config.14", new Object [] {"Blowfish: " + e.toString()});
+ } catch (InvalidKeyException e) {
+ throw new LoginParameterResolverException("config.14", new Object [] {"Blowfish: " + e.toString()});
+ } catch (BadPaddingException e) {
+ throw new LoginParameterResolverException("config.14", new Object [] {"Blowfish: " + e.toString()});
+ } catch (IllegalBlockSizeException e) {
+ throw new LoginParameterResolverException("config.14", new Object [] {"Blowfish: " + e.toString()});
+ } catch (IllegalStateException e) {
+ throw new LoginParameterResolverException("config.14", new Object [] {"Blowfish: " + e.toString()});
+ } catch (InvalidAlgorithmParameterException e) {
+ throw new LoginParameterResolverException("config.14", new Object [] {"Blowfish: " + e.toString()});
+ } catch (IOException e) {
+ throw new LoginParameterResolverException("config.14", new Object [] {"Blowfish: " + e.toString()});
+ }
+ }
+
+
+ /**
+ * encryptData method uses parameters masterSecret and bPK as key information to decrypt ciphertext
+ * @param ciphertext (blowfish encrypted, base64encoded)
+ * @param bPK
+ * @param masterSecret
+ * @returns decrypted Data (plaintext)
+ * @throws LoginParameterResolverException
+ */
+ public String decryptData(String ciphertext, String bPK, String masterSecret) throws LoginParameterResolverException
+ {
+ try {
+ String keyString = bPK + masterSecret;
+ key = new iaik.security.cipher.SecretKey(keyString.getBytes("UTF-8"), "Blowfish");
+ IvParameterSpec param = new IvParameterSpec(new byte [] {0,0,0,0,0,0,0,0});
+ blowfishCipher.init(Cipher.DECRYPT_MODE, key, param);
+ byte [] plaintext = blowfishCipher.doFinal(Base64Utils.decode(ciphertext, true));
+ return new String(plaintext);
+ } catch (UnsupportedEncodingException e) {
+ throw new LoginParameterResolverException("config.14", new Object [] {"Blowfish: " + e.toString()});
+ } catch (InvalidKeyException e) {
+ throw new LoginParameterResolverException("config.14", new Object [] {"Blowfish: " + e.toString()});
+ } catch (BadPaddingException e) {
+ throw new LoginParameterResolverException("config.14", new Object [] {"Blowfish: " + e.toString()});
+ } catch (IllegalBlockSizeException e) {
+ throw new LoginParameterResolverException("config.14", new Object [] {"Blowfish: " + e.toString()});
+ } catch (IllegalStateException e) {
+ throw new LoginParameterResolverException("config.14", new Object [] {"Blowfish: " + e.toString()});
+ } catch (InvalidAlgorithmParameterException e) {
+ throw new LoginParameterResolverException("config.14", new Object [] {"Blowfish: " + e.toString()});
+ } catch (IOException e) {
+ throw new LoginParameterResolverException("config.14", new Object [] {"Blowfish: " + e.toString()});
+ }
+ }
+
+
+
+ /**
+ * @see at.gv.egovernment.moa.id.proxy.LoginParameterResolver#getAuthenticationHeaders(at.gv.egovernment.moa.id.config.proxy.OAConfiguration, at.gv.egovernment.moa.id.auth.data.AuthenticationData, java.lang.String)
+ */
+ public Map getAuthenticationHeaders(
+ OAConfiguration oaConf,
+ AuthenticationData authData,
+ String clientIPAddress) throws LoginParameterResolverException, NotAllowedException {
+ Map result = new HashMap();
+
+ if (!isConfigured) {
+ //TODO XMLLPR
+ throw new LoginParameterResolverException("XMLLoginParameterResolver with configuration '" +
+ identityFile + "' is not configured!", null);
+ }
+
+ //get the Identity of the user
+ String famName = resolveValue("MOAFamilyName", authData, clientIPAddress);
+ String givenName = resolveValue("MOAGivenName", authData, clientIPAddress);
+ String dateOfBirth = resolveValue("MOADateOfBirth", authData, clientIPAddress);
+ String bPK = resolveValue("MOABPK", authData, clientIPAddress);
+ String userid = "";
+ String password = "";
+ LPRParams params = null;
+ boolean userFound = false;
+
+ //try bPK and named search
+ params = bPKIdentitySearch(bPK);
+
+ if (null == params)
+ params = namedIdentitySearch(famName, givenName, dateOfBirth);
+
+ //if both searches failed, report error.
+ if(null == params)
+ throw new NotAllowedException("User:_bPK:'" +bPK+ ", " + famName + ", " + givenName + "' not authorized.", null);
+
+ //HTTP 401 - Basic Authentication
+ if (oaConf.getAuthType().equals("basic")) {
+ userid = (null != params.getUN()) ? params.getUN() : "";
+ password = (null != params.getPW()) ? params.getPW() : "";
+
+ try {
+ String userIDPassword = userid + ":" + password;
+ String credentials = Base64Utils.encode(userIDPassword.getBytes("UTF-8"));
+ Logger.debug("XMLLoginParameterResolver: calculated credentials: " + credentials);
+ result.put("Authorization", "Basic " + credentials);
+ } catch (IOException ignore) {
+ throw new LoginParameterResolverException("config.14", new Object[] {"internal error while encoding in Base64"});
+ }
+ } else if (oaConf.getAuthType().equals("header")) { //HTTP Authentication
+ String key;
+ String resolvedValue;
+ //TODO MOAID XMLLoginParameterResolver select value through OA-ConfigFile;
+ if(null != params.getUN()) result.put("UN", params.getUN());
+ if(null != params.getPW()) result.put("UN", params.getPW());
+ if(null != params.getParam1()) result.put("UN", params.getParam1());
+ if(null != params.getParam2()) result.put("UN", params.getParam2());
+ if(null != params.getParam3()) result.put("UN", params.getParam3());
+
+ } else {
+ throw new LoginParameterResolverException("config.14", new Object[] {"AuthType not supported"});
+ }
+
+ return result;
+ }
+
+ /**
+ * @see at.gv.egovernment.moa.id.proxy.LoginParameterResolver#getAuthenticationParameters(at.gv.egovernment.moa.id.config.proxy.OAConfiguration, at.gv.egovernment.moa.id.auth.data.AuthenticationData, java.lang.String)
+ */
+ public Map getAuthenticationParameters(
+ OAConfiguration oaConf,
+ AuthenticationData authData,
+ String clientIPAddress) throws LoginParameterResolverException, NotAllowedException {
+
+ Map result = new HashMap();
+
+ if (!isConfigured) {
+ Logger.warn("XMLLoginParameterResolver with configuration '" + identityFile + " is not configured");
+ return result;
+ }
+
+ String famName = resolveValue("MOAFamilyName", authData, clientIPAddress);
+ String givenName = resolveValue("MOAGivenName", authData, clientIPAddress);
+ String dateOfBirth = resolveValue("MOADateOfBirth", authData, clientIPAddress);
+ String bPK = resolveValue("MOABPK", authData, clientIPAddress);
+ String userid = "";
+ String password = "";
+ LPRParams params = null;
+
+ //try bPK and named search
+ params = bPKIdentitySearch(bPK);
+
+ if (null == params)
+ params = namedIdentitySearch(famName, givenName, dateOfBirth);
+
+ //if both searches failed, report error.
+ if(null == params)
+ throw new NotAllowedException("User:_bPK:'" +bPK+ ", " + famName + ", " + givenName + "' not authorized.", null);
+
+ //TODO MOAID XMLLoginParameterResolver URLEncoder.encode
+ if (oaConf.getAuthType().equals("param")) {
+ try {
+ if(null != params.getUN()) result.put(XSD_UNATTR, URLEncoder.encode(params.getUN(),"ISO-8859-1"));
+ if(null != params.getPW()) result.put(XSD_PWATTR, URLEncoder.encode(params.getPW(),"ISO-8859-1"));
+ if(null != params.getParam1()) result.put(XSD_PARAM1ATTR, URLEncoder.encode(params.getParam1(),"ISO-8859-1"));
+ if(null != params.getParam2()) result.put(XSD_PARAM2ATTR, URLEncoder.encode(params.getParam2(),"ISO-8859-1"));
+ if(null != params.getParam3()) result.put(XSD_PARAM3ATTR, URLEncoder.encode(params.getParam3(),"ISO-8859-1"));
+ } catch (UnsupportedEncodingException e) {
+ // ISO-8859-1 is supported
+ throw new LoginParameterResolverException("URLEncoder error", null);
+ }
+ } else {
+ throw new LoginParameterResolverException("AuthType not supported", null);
+ }
+ return result;
+ }
+
+ /**
+ * Resolves a login header or parameter value.
+ * @param predicate header or parameter predicate name from online application configuration
+ * @param authData authentication data for current login
+ * @param clientIPAddress client IP address
+ * @return header or parameter value resolved; <code>null</code> if unknown name is given
+ */
+ private static String resolveValue(
+ String predicate,
+ AuthenticationData authData,
+ String clientIPAddress) {
+ if (predicate.equals("MOAGivenName"))
+ return authData.getGivenName();
+ if (predicate.equals("MOAFamilyName"))
+ return authData.getFamilyName();
+ if (predicate.equals("MOADateOfBirth"))
+ return authData.getDateOfBirth();
+ if (predicate.equals("MOABPK"))
+ return authData.getPBK();
+ if (predicate.equals("MOAPublicAuthority"))
+ if (authData.isPublicAuthority())
+ return "true";
+ else
+ return "false";
+ if (predicate.equals("MOABKZ"))
+ return authData.getPublicAuthorityCode();
+ if (predicate.equals("MOAQualifiedCertificate"))
+ if (authData.isQualifiedCertificate())
+ return "true";
+ else
+ return "false";
+ if (predicate.equals("MOAStammzahl"))
+ return authData.getIdentificationValue();
+ if (predicate.equals(MOAIdentificationValueType))
+ return authData.getIdentificationType();
+ if (predicate.equals("MOAIPAddress"))
+ return clientIPAddress;
+ else
+ return null;
+ }
+
+ /**
+ * reads, parses the configuration file of XMLLoginParameterResolver and returns the document element.
+ * @param fileName of the configuration file.
+ */
+ private Element readXMLFile(String fileName) throws ParserConfigurationException, SAXException, IOException {
+ Logger.info("XMLLoginParameterResolver: Loading and parsing XMLPLoginParameterConfiguration configuration: " + fileName);
+
+ InputStream stream = null;
+ Element configElem;
+
+ stream = new BufferedInputStream(new FileInputStream(fileName));
+ configElem = DOMUtils.parseDocument(stream, true, Constants.ALL_SCHEMA_LOCATIONS, null).getDocumentElement();
+ return configElem;
+ }
+
+ /**
+ * buildInfo builds up the internal data mapping between the "Identities" and the "Parameters" from the parsed XML file.
+ * @param root document root element.
+ */
+ private void buildInfo(Element root) {
+ NodeList idList = root.getElementsByTagName(XSD_IDELEM);
+ NodeList paramList = root.getElementsByTagName(XSD_PARAMELEM);
+ for (int i = 0; i < idList.getLength(); i++)
+ Logger.debug("XMLLoginParameterResolver: LocalName idList: " + idList.item(i).getLocalName());
+
+ for (int i = 0; i < paramList.getLength(); i++)
+ Logger.debug("XMLLoginParameterResolver: LocalName paramList: " + paramList.item(i).getLocalName());
+
+ for (int i = 0; i < idList.getLength(); i++) {
+ Element tmpElem = (Element) idList.item(i);
+ NodeList tmpList = tmpElem.getElementsByTagName(XSD_NAMEDIDELEM);
+ for (int j = 0; j < tmpList.getLength(); j++)
+ Logger.debug("XMLLoginParameterResolver: LocalName tmp: " + tmpList.item(j).getLocalName());
+
+ //Search for NamedIdentity Elements
+ if (1 == tmpList.getLength()) {
+ tmpElem = (Element) tmpList.item(0);
+ String tmpStr = tmpElem.getAttribute(XSD_SURNAMEATTR) + "," +
+ tmpElem.getAttribute(XSD_GIVENNAMEATTR) + "," +
+ tmpElem.getAttribute(XSD_BIRTHDATEATTR);
+ boolean tmpBool = false;
+ if (tmpElem.getFirstChild() != null
+ && "1".compareTo(tmpElem.getFirstChild().getNodeValue()) == 0)
+ tmpBool = true;
+ //TODO XMLLPR remove
+ Logger.debug("XMLLoginParameterResolver: tmpStr: " + tmpStr + " value: " + (new Boolean(tmpBool)).toString());
+ tmpElem = (Element) paramList.item(i);
+ Logger.debug("XMLLoginParameterResolver: attribute UN: " + tmpElem.getAttribute(XSD_UNATTR) +
+ " attribute PW: " + tmpElem.getAttribute(XSD_PWATTR) +
+ " attribute Param1: " + tmpElem.getAttribute(XSD_PARAM1ATTR) +
+ " attribute Param2: " + tmpElem.getAttribute(XSD_PARAM2ATTR) +
+ " attribute Param3: " + tmpElem.getAttribute(XSD_PARAM3ATTR) );
+ namedMap.put(tmpStr, new LPRParams(tmpBool, tmpElem.getAttribute(XSD_UNATTR), tmpElem.getAttribute(XSD_PWATTR),
+ tmpElem.getAttribute(XSD_PARAM1ATTR), tmpElem.getAttribute(XSD_PARAM2ATTR),
+ tmpElem.getAttribute(XSD_PARAM3ATTR)) );
+ } else { //bPKIdentity Elements
+
+ tmpList = tmpElem.getElementsByTagName(XSD_BPKIDELEM);
+ if (1 == tmpList.getLength()) {
+ tmpElem = (Element) tmpList.item(0);
+ String tmpStr = tmpElem.getAttribute(XSD_BPKATTR);
+ boolean tmpBool = false;
+ if (tmpElem.getFirstChild() != null
+ && "1".compareTo(tmpElem.getFirstChild().getNodeValue()) == 0)
+ tmpBool = true;
+ Logger.debug("XMLLoginParameterResolver: tmpStr: " + tmpStr + " value: " + (new Boolean(tmpBool)).toString());
+ tmpElem = (Element) paramList.item(i);
+ Logger.debug("XMLLoginParameterResolver: attribute UN: " + tmpElem.getAttribute(XSD_UNATTR) +
+ " attribute PW: " + tmpElem.getAttribute(XSD_PWATTR) +
+ " attribute Param1: " + tmpElem.getAttribute(XSD_PARAM1ATTR) +
+ " attribute Param2: " + tmpElem.getAttribute(XSD_PARAM2ATTR) +
+ " attribute Param3: " + tmpElem.getAttribute(XSD_PARAM3ATTR) );
+ namedMap.put(tmpStr, new LPRParams(tmpBool, tmpElem.getAttribute(XSD_UNATTR), tmpElem.getAttribute(XSD_PWATTR),
+ tmpElem.getAttribute(XSD_PARAM1ATTR), tmpElem.getAttribute(XSD_PARAM2ATTR),
+ tmpElem.getAttribute(XSD_PARAM3ATTR)) );
+ } else {
+ Logger.warn(
+ "XMLLoginParameterResolver: wrong format no Elements " + XSD_NAMEDIDELEM + " or " + XSD_BPKIDELEM + " found");
+ }
+ }
+ }
+
+ Logger.debug("namedMap:" + namedMap.toString());
+ Logger.debug("bPKMap:" + bPKMap.toString());
+ }
+
+ /**
+ * searches for a given bPK and returns the appropriate LPRParams structure
+ * @param bPK search argument
+ * @returns LPRParams if bPK could be found in internal mappings or null otherwise.
+ */
+ LPRParams bPKIdentitySearch(String bPK) {
+ //search for mapping with bPK of the user
+ Logger.info("XMLLoginParameterResolver: search for login data mapped to bPK:" + bPK);
+ LPRParams params = (LPRParams) bPKMap.get(bPK);
+ if (null == params) {
+ Logger.info("XMLLoginParameterResolver: params for bPK: " + bPK + " not found!");
+ return null;
+ } else if (params.getEnabled()) {
+ Logger.info("XMLLoginParameterResolver: bPK: " + bPK + "found in list; user is enabled");
+ Logger.debug("XMLLoginParameterResolver: using: " + params.toString());
+ return params;
+ }
+ Logger.info("XMLLoginParameterResolver: bPK: " + bPK + "found in list but user is NOT enabled");
+ return null;
+ }
+
+ /**
+ * searches for a given namedIdentity and returns the appropriate LPRParams structure
+ * @param surName surname search argument
+ * @param givenName givenname search argument
+ * @param dateOfBirth dateofbirth search argument
+ * @returns LPRParams if bPK could be found in internal mappings or null otherwise.
+ */
+ LPRParams namedIdentitySearch(String surName, String givenName, String dateOfBirth) {
+ Logger.info("XMLLoginParameterResolver: search for login data for SurName:" + surName +
+ " GivenName: " + givenName +
+ " DateOfBirth" + dateOfBirth);
+
+ //try first a search with surname, givenname and birthdate
+ LPRParams params = (LPRParams) namedMap.get(surName + "," + givenName + "," + dateOfBirth);
+ if (null == params) {
+ Logger.debug("XMLLoginParameterResolver: params for Surname: " + surName + " GivenName: " +
+ givenName + "BirthDate: " + dateOfBirth + " not found!");
+
+ //try a search with surname, givenname only
+ params = (LPRParams) namedMap.get(surName + "," + givenName + "," + XSD_BIRTHDATEBLANKATTR);
+ if(null == params) {
+ Logger.debug("XMLLoginParameterResolver: params for Surname: " + surName + " GivenName: " +
+ givenName + " not found!");
+ return null;
+ }
+ }
+
+ if (params.getEnabled()) {
+ Logger.info("XMLLoginParameterResolver: Surname:" + surName
+ + " GivenName: "
+ + givenName
+ + " found in list; user is enabled");
+ Logger.debug("XMLLoginParameterResolver: using: " + params.toString());
+ return params;
+ }
+ Logger.info(
+ "XMLLoginParameterResolver: SurName:"
+ + surName
+ + " GivenName: "
+ + givenName
+ + "found in list; user is NOT enabled");
+ return null;
+ }
+
+ //public static final String XSD_MAPPING = "Mapping";
+
+ //public static final String XSD_DOCELEM = "MOAIdentities";
+ public static final String XSD_IDELEM = "Identity";
+ public static final String XSD_NAMEDIDELEM = "NamedIdentity";
+ public static final String XSD_BPKIDELEM = "bPKIdentity";
+ public static final String XSD_PARAMELEM = "Parameters";
+ public static final String XSD_SURNAMEATTR = "SurName";
+ public static final String XSD_GIVENNAMEATTR = "GivenName";
+ public static final String XSD_BIRTHDATEATTR = "BirthDate";
+ public static final String XSD_BIRTHDATEBLANKATTR = "any";
+ public static final String XSD_BPKATTR = "bPK";
+ public static final String XSD_UNATTR = "UN";
+ public static final String XSD_PWATTR = "PW";
+ public static final String XSD_PARAM1ATTR = "Param1";
+ public static final String XSD_PARAM2ATTR = "Param2";
+ public static final String XSD_PARAM3ATTR = "Param3";
+ private Map bPKMap;
+ private Map namedMap;
+ private boolean isConfigured = false;
+} \ No newline at end of file
diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/OldXMLLoginParameterResolver.java b/id.server/src/at/gv/egovernment/moa/id/proxy/XMLLoginParameterResolverPlainData.java
index 9766ef57b..61172a699 100644
--- a/id.server/src/at/gv/egovernment/moa/id/proxy/OldXMLLoginParameterResolver.java
+++ b/id.server/src/at/gv/egovernment/moa/id/proxy/XMLLoginParameterResolverPlainData.java
@@ -10,81 +10,138 @@ import org.apache.xerces.parsers.DOMParser;
import org.w3c.dom.*;
// Referenced classes of package at.gv.egovernment.moa.id.proxy:
-// LoginParameterResolver
-// Old Implementation of XMLLoginParameterResolver
//
-// TODO MOA-ID CIO internal: migrate this to XMLLoginParameterResolver
+// TODO MOA-ID CIO internal: test full functionality
-
-public class OldXMLLoginParameterResolver
+public class XMLLoginParameterResolverPlainData
implements LoginParameterResolver
{
private String configuration;
- class LPRParams
- {
-
- public boolean getEnabled()
- {
- return enabled.booleanValue();
- }
-
- public String getUN()
- {
- return UN;
- }
-
- public String getPW()
- {
- return PW;
- }
-
- public String getParam1()
- {
- return Param1;
- }
-
- public String getParam2()
- {
- return Param2;
- }
-
- public String getParam3()
- {
- return Param3;
- }
-
- public String toString()
- {
- return "Enabled:" + enabled.toString() + "UN: '" + UN + "' PW: '" + PW + "' Param1: '" + Param1 + "' Param2: '" + Param2 + "' Param3: '" + Param3 + "'\n";
- }
-
- private Boolean enabled;
- private String UN;
- private String PW;
- private String Param1;
- private String Param2;
- private String Param3;
-
- LPRParams(boolean enabled, String UN, String PW, String Param1, String Param2, String Param3)
- {
- this.enabled = new Boolean(enabled);
- this.UN = UN;
- this.PW = PW;
- this.Param1 = Param1;
- this.Param1 = Param2;
- this.Param1 = Param3;
- }
-
- LPRParams(boolean enabled, String UN, String PW)
- {
- this(enabled, UN, PW, null, null, null);
- }
+ /**
+ * inner class used to store mapped parameters
+ */
+ class LPRParams {
+
+ /**
+ * getter method for parameter Enabled.
+ * Parameter Enabled decides if mapped parameters should be used by XMLLoginParameterResolver
+ */
+ public boolean getEnabled() {
+ return enabled.booleanValue();
+ }
+
+ /**
+ * getter method for parameter UN (username)
+ * @return Parameter UN or <code>null</code> not set.
+ */
+ public String getUN() {
+ return UN;
+ }
+
+ /**
+ * getter method for parameter UN (username)
+ * @return Parameter UN or <code>null</code> not set.
+ */
+ public String getPlainUN() {
+ return UN;
+ }
+
+
+ /**
+ * getter method for parameter PW (password)
+ * @return Parameter PW or <code>null</code> not set.
+ */
+ public String getPW() {
+ return PW;
+ }
+
+ /**
+ * getter method for generic parameter Param1
+ * @return Parameter Param1 or <code>null</code> not set.
+ */
+ public String getParam1() {
+ return Param1;
+ }
+
+ /**
+ * getter method for generic parameter Param2
+ * @return Parameter Param2 or <code>null</code> not set.
+ */
+ public String getParam2() {
+ return Param2;
+ }
+
+ /**
+ * getter method for generic parameter Param3
+ * @return Parameter Param3 or <code>null</code> not set.
+ */
+ public String getParam3() {
+ return Param3;
+ }
+
+ /**
+ * Returns a string representation of LPRParams
+ *
+ * @return a <code>String</code> representation of this object.
+ * @see XMLLoginParameterResolver.LPRParams
+ */
+ public String toString() {
+ return "Enabled: "
+ + enabled.toString()
+ + "UN: '"
+ + UN
+ + "' PW: '"
+ + PW
+ + "' Param1: '"
+ + Param1
+ + "' Param2: '"
+ + Param2
+ + "' Param3: '"
+ + Param3
+ + "'\n";
+ }
+
+ //private member variables used to store the parameters
+ private Boolean enabled = null;
+ private String UN = null;
+ private String PW = null;
+ private String Param1 = null;
+ private String Param2 = null;
+ private String Param3 = null;
+
+ /**
+ * Constructs a newly allocated <code>XMLLoginParameterResolver.LPRParams</code> object.
+ *
+ * @param enabled enable user mapping to parameter set for the parameter set.
+ * @param UN username used in HTTP 401 - BasicAuthentication
+ * @param PW password used in HTTP 401 - BasicAuthentication
+ * @param Param1 generic parameter1 used in HeaderAuthentication and ParameterAuthentication
+ * @param Param2 generic parameter2 used in HeaderAuthentication and ParameterAuthentication
+ * @param Param3 generic parameter3 used in HeaderAuthentication and ParameterAuthentication
+ **/
+ LPRParams(boolean enabled, String UN, String PW, String Param1, String Param2, String Param3) {
+ this.enabled = new Boolean(enabled);
+ this.UN = UN;
+ this.PW = PW;
+ this.Param1 = Param1;
+ this.Param1 = Param2;
+ this.Param1 = Param3;
+ }
+
+ /**
+ * Constructs a newly allocated <code>XMLLoginParameterResolver.LPRParams</code> object.
+ *
+ * @param enabled enable user mapping to parameter set for the parameter set.
+ * @param UN username used in HTTP 401 - BasicAuthentication
+ * @param PW password used in HTTP 401 - BasicAuthentication
+ **/
+ LPRParams(boolean enabled, String UN, String PW) {
+ this(enabled, UN, PW, null, null, null);
+ }
}
-
-
- public OldXMLLoginParameterResolver()
+ public XMLLoginParameterResolverPlainData()
{
bPKMap = new HashMap();
namedMap = new HashMap();
@@ -101,53 +158,63 @@ public class OldXMLLoginParameterResolver
String bPK = resolveValue("MOABPK", authData, clientIPAddress);
String userid = "";
String password = "";
+ String param1 = "";
+ String param2 = "";
+ String param3 = "";
+
LPRParams params = null;
boolean userFound = false;
- Logger.debug("OldXMLLoginParameterResolver: search for automatic login data for bPK:" + bPK);
+ Logger.debug("XMLLoginParameterResolverPlainData: search for automatic login data for bPK:" + bPK);
params = (LPRParams)bPKMap.get(bPK);
if(params == null)
- Logger.debug("OldXMLLoginParameterResolver: params for bPK: " + bPK + " not found!");
+ Logger.debug("XMLLoginParameterResolverPlainData: params for bPK: " + bPK + " not found!");
else
if(params.getEnabled())
{
- Logger.debug("OldXMLLoginParameterResolver: bPK: " + bPK + "found in list; user is enabled");
- Logger.debug("OldXMLLoginParameterResolver: using: " + params.toString());
+ Logger.debug("XMLLoginParameterResolverPlainData: bPK: " + bPK + "found in list; user is enabled");
+ Logger.debug("XMLLoginParameterResolverPlainData: using: " + params.toString());
userid = params.getUN();
password = params.getPW();
+ param1 = params.getParam1();
+ param2 = params.getParam2();
+ param3 = params.getParam3();
userFound = true;
} else
{
- Logger.info("OldXMLLoginParameterResolver: bPK: " + bPK + "found in list; user is NOT enabled");
+ Logger.info("XMLLoginParameterResolverPlainData: bPK: " + bPK + "found in list; user is NOT enabled");
}
if(!userFound)
{
- Logger.debug("OldXMLLoginParameterResolver: search for automatic login data for SurName:" + famName + " GivenName: " + givenName);
+ Logger.debug("XMLLoginParameterResolverPlainData: search for automatic login data for SurName:" + famName + " GivenName: " + givenName);
params = (LPRParams)namedMap.get(famName + "," + givenName);
if(params == null)
- Logger.debug("OldXMLLoginParameterResolver: params for Surname: " + famName + " GivenName: " + givenName + " not found!");
+ Logger.debug("XMLLoginParameterResolverPlainData: params for Surname: " + famName + " GivenName: " + givenName + " not found!");
else
if(params.getEnabled())
{
- Logger.debug("OldXMLLoginParameterResolver: SurName:" + famName + " GivenName: " + givenName + "found in list; user is enabled");
- Logger.debug("OldXMLLoginParameterResolver: using: " + params.toString());
+ Logger.debug("XMLLoginParameterResolverPlainData: SurName:" + famName + " GivenName: " + givenName + "found in list; user is enabled");
+ Logger.debug("XMLLoginParameterResolverPlainData: using: " + params.toString());
userid = params.getUN();
password = params.getPW();
+ param1 = params.getParam1();
+ param2 = params.getParam2();
+ param3 = params.getParam3();
userFound = true;
} else
{
- Logger.info("OldXMLLoginParameterResolver: SurName:" + famName + " GivenName: " + givenName + "found in list; user is NOT enabled");
+ Logger.info("XMLLoginParameterResolverPlainData: SurName:" + famName + " GivenName: " + givenName + "found in list; user is NOT enabled");
}
}
if(!userFound)
{
- Logger.info("OldXMLLoginParameterResolver: Person is not allowed No automatic login");
+ Logger.info("XMLLoginParameterResolverPlainData: Person is not allowed No automatic login");
return result;
}
try
{
String userIDPassword = userid + ":" + password;
String credentials = Base64Utils.encode(userIDPassword.getBytes());
- Logger.debug("OldXMLLoginParameterResolver: calculated credentials: " + credentials);
+ Logger.debug("XMLLoginParameterResolverPlainData: calculated credentials: " + credentials);
result.put("Authorization", "Basic " + credentials);
}
catch(IOException ignore) { }
@@ -219,7 +286,7 @@ public class OldXMLLoginParameterResolver
private Document readXMLFile(String fileName)
{
- Logger.info("OldXMLLoginParameterResolver: Loading MOA-OA configuration " + fileName);
+ Logger.info("XMLLoginParameterResolverPlainData: Loading MOA-OA configuration " + fileName);
DOMParser parser = new DOMParser();
try
{
@@ -231,7 +298,7 @@ public class OldXMLLoginParameterResolver
catch(Exception e)
{
String msg = e.toString();
- Logger.error("OldXMLLoginParameterResolver: Error parsing file" + fileName + "\n" + msg);
+ Logger.error("XMLLoginParameterResolverPlainData: Error parsing file" + fileName + "\n" + msg);
return null;
}
}
@@ -242,17 +309,17 @@ public class OldXMLLoginParameterResolver
NodeList idList = root.getElementsByTagName("Identity");
NodeList paramList = root.getElementsByTagName("Parameters");
for(int i = 0; i < idList.getLength(); i++)
- Logger.debug("OldXMLLoginParameterResolver: LocalName idList: " + idList.item(i).getLocalName());
+ Logger.debug("XMLLoginParameterResolverPlainData: LocalName idList: " + idList.item(i).getLocalName());
for(int i = 0; i < paramList.getLength(); i++)
- Logger.debug("OldXMLLoginParameterResolver: LocalName paramList: " + paramList.item(i).getLocalName());
+ Logger.debug("XMLLoginParameterResolverPlainData: LocalName paramList: " + paramList.item(i).getLocalName());
for(int i = 0; i < idList.getLength(); i++)
{
Element tmpElem = (Element)idList.item(i);
NodeList tmpList = tmpElem.getElementsByTagName("NamedIdentity");
for(int j = 0; j < tmpList.getLength(); j++)
- Logger.debug("OldXMLLoginParameterResolver: LocalName tmp: " + tmpList.item(j).getLocalName());
+ Logger.debug("XMLLoginParameterResolverPlainData: LocalName tmp: " + tmpList.item(j).getLocalName());
if(1 == tmpList.getLength())
{
@@ -261,9 +328,9 @@ public class OldXMLLoginParameterResolver
boolean tmpBool = false;
if(tmpElem.getFirstChild() != null && "1".compareTo(tmpElem.getFirstChild().getNodeValue()) == 0)
tmpBool = true;
- Logger.debug("OldXMLLoginParameterResolver: tmpStr: " + tmpStr + " value: " + (new Boolean(tmpBool)).toString());
+ Logger.debug("XMLLoginParameterResolverPlainData: tmpStr: " + tmpStr + " value: " + (new Boolean(tmpBool)).toString());
tmpElem = (Element)paramList.item(i);
- Logger.debug("OldXMLLoginParameterResolver: attribute UN: " + tmpElem.getAttribute("UN") + " attribute PW: " + tmpElem.getAttribute("PW"));
+ Logger.debug("XMLLoginParameterResolverPlainData: attribute UN: " + tmpElem.getAttribute("UN") + " attribute PW: " + tmpElem.getAttribute("PW"));
namedMap.put(tmpStr, new LPRParams(tmpBool, tmpElem.getAttribute("UN"), tmpElem.getAttribute("PW")));
} else
{
@@ -275,13 +342,13 @@ public class OldXMLLoginParameterResolver
boolean tmpBool = false;
if(tmpElem.getFirstChild() != null && "1".compareTo(tmpElem.getFirstChild().getNodeValue()) == 0)
tmpBool = true;
- Logger.debug("OldXMLLoginParameterResolver: tmpStr: " + tmpStr + " value: " + (new Boolean(tmpBool)).toString());
+ Logger.debug("XMLLoginParameterResolverPlainData: tmpStr: " + tmpStr + " value: " + (new Boolean(tmpBool)).toString());
tmpElem = (Element)paramList.item(i);
- Logger.debug("OldXMLLoginParameterResolver: attribute UN: " + tmpElem.getAttribute("UN") + " attribute PW: " + tmpElem.getAttribute("PW") + " attribute Param1: " + tmpElem.getAttribute("Param1"));
+ Logger.debug("XMLLoginParameterResolverPlainData: attribute UN: " + tmpElem.getAttribute("UN") + " attribute PW: " + tmpElem.getAttribute("PW") + " attribute Param1: " + tmpElem.getAttribute("Param1"));
bPKMap.put(tmpStr, new LPRParams(tmpBool, tmpElem.getAttribute("UN"), tmpElem.getAttribute("PW")));
} else
{
- Logger.warn("OldXMLLoginParameterResolver: wrong format no NamedIdentity or bPKIdentity found");
+ Logger.warn("XMLLoginParameterResolverPlainData: wrong format no NamedIdentity or bPKIdentity found");
}
}
}
@@ -301,12 +368,12 @@ public class OldXMLLoginParameterResolver
public void configure(String configuration) throws LoginParameterResolverException {
- Logger.info("OldXMLLoginParameterResolver: initialization string: " + configuration);
+ Logger.info("XMLLoginParameterResolverPlainData: initialization string: " + configuration);
this.configuration = configuration;
String fileName = configuration;
if(fileName == null) {
fileName = "file:conf/moa-id/Identities.xml";
- Logger.info("OldXMLLoginParameterResolver: used file name string: " + fileName);
+ Logger.info("XMLLoginParameterResolverPlainData: used file name string: " + fileName);
}
Document doc = readXMLFile(fileName);
buildInfo(doc);
diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ProxyServlet.java b/id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ProxyServlet.java
index 7980778d9..f82ad93ed 100644
--- a/id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ProxyServlet.java
+++ b/id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ProxyServlet.java
@@ -129,9 +129,9 @@ public class ProxyServlet extends HttpServlet {
try {
authData = new GetAuthenticationDataInvoker().getAuthenticationData(samlArtifact);
} catch (ServiceException ex) {
- throw new ProxyException("proxy.14", new Object[] {ex});
+ throw new ProxyException("proxy.14", new Object[] {ex.getMessage()}, ex);
} catch (ProxyException ex) {
- throw new ProxyException("proxy.14", new Object[] {ex});
+ throw new ProxyException("proxy.14", new Object[] {ex.getMessage()}, ex);
}
String urlRequested = req.getRequestURL().toString();