diff options
author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2014-11-04 07:30:10 +0100 |
---|---|---|
committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2014-11-04 07:30:10 +0100 |
commit | a777e9ba26db80ca30ed97a4910e3003aaae8b46 (patch) | |
tree | 45809beeaadfc6e9fbcf05f8d1025654f86fa3e9 /id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation | |
parent | 1fbff5f5a86733bc6a75c8ae901153baa0963441 (diff) | |
download | moa-id-spss-a777e9ba26db80ca30ed97a4910e3003aaae8b46.tar.gz moa-id-spss-a777e9ba26db80ca30ed97a4910e3003aaae8b46.tar.bz2 moa-id-spss-a777e9ba26db80ca30ed97a4910e3003aaae8b46.zip |
add metadata schema validation filters
Diffstat (limited to 'id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation')
-rw-r--r-- | id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java | 17 |
1 files changed, 16 insertions, 1 deletions
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java index 40e243d0b..a64a0eaf1 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java @@ -36,8 +36,10 @@ import javax.servlet.http.HttpServletRequest; import org.apache.commons.httpclient.MOAHttpClient; import org.apache.log4j.Logger; import org.opensaml.Configuration; +import org.opensaml.common.xml.SAMLSchemaBuilder; import org.opensaml.saml2.metadata.provider.HTTPMetadataProvider; import org.opensaml.saml2.metadata.provider.MetadataFilter; +import org.opensaml.saml2.metadata.provider.MetadataFilterChain; import org.opensaml.saml2.metadata.provider.MetadataProviderException; import org.opensaml.xml.io.Marshaller; import org.opensaml.xml.io.MarshallerFactory; @@ -58,6 +60,7 @@ import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider; import at.gv.egovernment.moa.id.configuration.data.oa.OAPVP2Config; import at.gv.egovernment.moa.id.configuration.exception.ConfigurationException; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; +import at.gv.egovernment.moa.id.protocols.pvp2x.verification.metadata.SchemaValidationFilter; import at.gv.egovernment.moa.util.MiscUtil; public class OAPVP2ConfigValidation { @@ -127,16 +130,28 @@ public class OAPVP2ConfigValidation { log.info("No MOA specific SSL-TrustStore configured. Use default Java TrustStore.", e); } + + List<MetadataFilter> filterList = new ArrayList<MetadataFilter>(); + filterList.add(new MetaDataVerificationFilter(credential)); + filterList.add(new SchemaValidationFilter()); + MetadataFilterChain filter = new MetadataFilterChain(); + filter.setFilters(filterList); httpProvider = new HTTPMetadataProvider(timer, httpClient, form.getMetaDataURL()); httpProvider.setParserPool(new BasicParserPool()); httpProvider.setRequireValidMetadata(true); - httpProvider.setMetadataFilter(new MetaDataVerificationFilter(credential)); + httpProvider.setMetadataFilter(filter); httpProvider.setMinRefreshDelay(1000*60*15); //15 minutes httpProvider.setMaxRefreshDelay(1000*60*60*24); //24 hours + + httpProvider.setRequireValidMetadata(true); + httpProvider.initialize(); + + + if (httpProvider.getMetadata() == null) { log.info("Metadata could be received but validation FAILED."); errors.add(LanguageHelper.getErrorString("validation.pvp2.metadata.validation", request)); |