BugFixes:

 >>PVP2 Metadata:
   - Load OA only if Authentication is required
   - Load Metadata enityID from Database
 >>LegacyConfigParser
   - Solve problems if no OnlineMandate or STORK config is included
   - try to load DefaultBKUURLs from TrustedBKUs
   - if old MOA-ID 2.x config exists, use this DefaultBKUs to import OnlineApplications
 >> ConfigurationTool
  - change LayOut

3 files changed, 54 insertions, 33 deletions

diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java
index a58b20214..d90e6f9b1 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java
@@ -1,6 +1,7 @@
 package at.gv.egovernment.moa.id.configuration.filter;
 
 import java.io.IOException;
+import java.io.PrintWriter;
 import java.util.ArrayList;
 import java.util.StringTokenizer;
 import java.util.regex.Pattern;
@@ -173,8 +174,19 @@ public class AuthenticationFilter implements Filter{
 
 			}
 		}
+		try {	
+			filterchain.doFilter(req, resp);
 			
-		filterchain.doFilter(req, resp);
+		} catch (Exception e) {
+			
+			String redirectURL = "./index.action";
+			HttpServletResponse httpResp = (HttpServletResponse) resp;
+			redirectURL = httpResp.encodeRedirectURL(redirectURL);
+			resp.setContentType("text/html");
+			((HttpServletResponse) resp).setStatus(302);
+			httpResp.addHeader("Location", redirectURL);
+			log.warn("A Filter Error occurs -> Redirect to Login-Form");
+		}
 		
 	}
 
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java
index 96918d37c..7be62d362 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java
@@ -178,6 +178,8 @@ ServletResponseAware {
 			errors.add(LanguageHelper.getErrorString("validation.general.oaidentifier.empty"));
 			
 		} else {
+			
+			//TODO: oaidentifier has to be a URL according to PVP2.1 specification
 			if (ValidationHelper.isValidOAIdentifier(oaidentifier)) {
 				log.warn("IdentificationNumber contains potentail XSS characters: " + oaidentifier);
 				errors.add(LanguageHelper.getErrorString("validation.general.oaidentifier.valid", 
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java
index a8992e6b8..b683a95f9 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java
@@ -103,34 +103,42 @@ implements ServletRequestAware, ServletResponseAware {
 					return Constants.STRUTS_ERROR_VALIDATION;
 				}
 				log.debug("OpenSAML successfully initialized");
-				
-			
-				MOAIDConfiguration moaconfig;
 				try {
-					log.warn("WARNING! The legacy import deletes the hole old config");
-					
-					List<OnlineApplication> oas = ConfigurationDBRead.getAllOnlineApplications();
-					if (oas != null && oas.size() > 0) {
-						for (OnlineApplication oa : oas)
-							ConfigurationDBUtils.delete(oa);
-					}
+			
+					MOAIDConfiguration moaidconfig = ConfigurationDBRead.getMOAIDConfiguration();
 					
-
-					moaconfig = BuildFromLegacyConfig.build(fileUpload, "");
+					MOAIDConfiguration moaconfig;
+					try {
+						log.warn("WARNING! The legacy import deletes the hole old config");
+				
+						moaconfig = BuildFromLegacyConfig.build(fileUpload, "", moaidconfig);
 					
-				} catch (ConfigurationException e) {
-					log.info("Legacy configuration has an Import Error", e);
-					addActionError(LanguageHelper.getErrorString("errors.importexport.legacyimport", new Object[] {e.getMessage()}));
-					return Constants.STRUTS_ERROR_VALIDATION;
-				}
+					} catch (ConfigurationException e) {
+						log.info("Legacy configuration has an Import Error", e);
+						addActionError(LanguageHelper.getErrorString("errors.importexport.legacyimport", new Object[] {e.getMessage()}));
+						ConfigurationDBUtils.closeSession();
+						return Constants.STRUTS_ERROR_VALIDATION;
+					}
 					
 				//check if XML config should be use
 				log.warn("WARNING! MOA-ID 2.0 is started with XML configuration. This setup overstrike the actual configuration in the Database!");
-				try {
-					MOAIDConfiguration moaidconfig = ConfigurationDBRead.getMOAIDConfiguration();
+				
+					
 					if (moaidconfig != null)
 						ConfigurationDBUtils.delete(moaidconfig);
+					
+					List<OnlineApplication> oas = ConfigurationDBRead.getAllOnlineApplications();
+					if (oas != null && oas.size() > 0) {
+						for (OnlineApplication oa : oas)
+							ConfigurationDBUtils.delete(oa);
+					}
 			
+					
+					oas = moaconfig.getOnlineApplication();
+					for (OnlineApplication oa : oas)
+						ConfigurationDBUtils.save(oa);
+
+					moaconfig.setOnlineApplication(null);					
 					ConfigurationDBUtils.save(moaconfig);
 					
 				} catch (MOADatabaseException e) {
@@ -227,19 +235,7 @@ implements ServletRequestAware, ServletResponseAware {
 					addActionError(LanguageHelper.getErrorString("errors.importexport.nofile"));
 					return Constants.STRUTS_ERROR_VALIDATION;
 				}
-				
-				log.warn("WARNING! The XML import deletes the hole old config");
-				
-				List<OnlineApplication> oas = ConfigurationDBRead.getAllOnlineApplications();
-				if (oas != null && oas.size() > 0) {
-					for (OnlineApplication oa : oas)
-						ConfigurationDBUtils.delete(oa);
-				}				
-				MOAIDConfiguration moaidconfig = ConfigurationDBRead.getMOAIDConfiguration();
-				if (moaidconfig != null)
-					ConfigurationDBUtils.delete(moaidconfig);
-				
-
+			
 				log.info("Load configuration from MOA-ID 2.x XML configuration");
 				
 				try {
@@ -247,6 +243,17 @@ implements ServletRequestAware, ServletResponseAware {
 					Unmarshaller m = jc.createUnmarshaller(); 
 					MOAIDConfiguration moaconfig = (MOAIDConfiguration) m.unmarshal(fileUpload);
 
+					
+					log.warn("WARNING! The XML import deletes the hole old config");
+					List<OnlineApplication> oas = ConfigurationDBRead.getAllOnlineApplications();
+					if (oas != null && oas.size() > 0) {
+						for (OnlineApplication oa : oas)
+							ConfigurationDBUtils.delete(oa);
+					}				
+					MOAIDConfiguration moaidconfig = ConfigurationDBRead.getMOAIDConfiguration();
+					if (moaidconfig != null)
+						ConfigurationDBUtils.delete(moaidconfig);
+					
 					List<OnlineApplication> importoas = moaconfig.getOnlineApplication();
 					for (OnlineApplication importoa : importoas) {
 						ConfigurationDBUtils.saveOrUpdate(importoa);