aboutsummaryrefslogtreecommitdiff
path: root/id/ConfigWebTool/src/main
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2014-02-03 08:06:55 +0100
committerThomas Lenz <tlenz@iaik.tugraz.at>2014-02-03 08:06:55 +0100
commit04ba04826a5f88e0459b7a47a55118933d929cc6 (patch)
tree7f5083300ac4026bbf06b51ac8c3ba01423bbd29 /id/ConfigWebTool/src/main
parent080e499cc22a0065ea7f47e04b6c0f336533e21e (diff)
parent3c1884ee275350e7b2a78256342d9610b1766898 (diff)
downloadmoa-id-spss-04ba04826a5f88e0459b7a47a55118933d929cc6.tar.gz
moa-id-spss-04ba04826a5f88e0459b7a47a55118933d929cc6.tar.bz2
moa-id-spss-04ba04826a5f88e0459b7a47a55118933d929cc6.zip
Merge remote-tracking branch 'remotes/origin/outgoingstork' into moa2_0_tlenz
Conflicts: id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/StorkAttributes.java id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/BuildMetadata.java id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKAuthnRequestProcessor.java id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/SZRGWClient.java id/server/idserverlib/src/main/resources/resources/templates/loginFormFull.html
Diffstat (limited to 'id/ConfigWebTool/src/main')
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java75
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/AttributeHelper.java60
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java102
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java36
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java27
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java18
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java89
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java19
-rw-r--r--id/ConfigWebTool/src/main/resources/applicationResources.properties22
-rw-r--r--id/ConfigWebTool/src/main/webapp/js/common.js25
-rw-r--r--id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp29
-rw-r--r--id/ConfigWebTool/src/main/webapp/jsp/editOAGeneral.jsp28
12 files changed, 498 insertions, 32 deletions
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java
index f21be44ba..980aa4731 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java
@@ -22,6 +22,81 @@
*******************************************************************************/
package at.gv.egovernment.moa.id.configuration.data;
+import java.util.ArrayList;
+import java.util.List;
+
+import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentGeneral;
+import at.gv.egovernment.moa.id.commons.db.dao.config.CPEPS;
+import at.gv.egovernment.moa.id.commons.db.dao.config.ForeignIdentities;
+import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration;
+import at.gv.egovernment.moa.id.commons.db.dao.config.STORK;
+import at.gv.egovernment.moa.id.commons.db.dao.config.StorkAttribute;
+
public class GeneralStorkConfig {
+ private List<CPEPS> cpepslist;
+ private List<StorkAttribute> attributes;
+ private int qaa;
+
+ public void parse(MOAIDConfiguration config) {
+
+ if (config != null) {
+ AuthComponentGeneral auth = config.getAuthComponentGeneral();
+
+ if (auth != null) {
+ ForeignIdentities foreign = auth.getForeignIdentities();
+
+ if (foreign != null) {
+ STORK stork = foreign.getSTORK();
+ if (stork != null) {
+ // deep clone all the things
+ // to foreclose lazyloading session timeouts
+ cpepslist = new ArrayList<CPEPS>();
+ for(CPEPS current : stork.getCPEPS()) {
+ cpepslist.add(current);
+ }
+
+ List<StorkAttribute> tmp = stork.getAttributes();
+ if(null != tmp) {
+ attributes = new ArrayList<StorkAttribute>();
+ for(StorkAttribute current : tmp)
+ attributes.add(current);
+ }
+ if(attributes.isEmpty())
+ attributes.add(new StorkAttribute());
+
+ try {
+ qaa = stork.getQualityAuthenticationAssuranceLevel();
+ } catch(NullPointerException e) {
+ qaa = 4;
+ }
+ }
+ }
+ }
+ }
+ }
+
+ public List<CPEPS> getCpepslist() {
+ return cpepslist;
+ }
+
+ public void setCpepslist(List<CPEPS> list) {
+ cpepslist = list;
+ }
+
+ public List<StorkAttribute> getAttributes() {
+ return attributes;
+ }
+
+ public void setAttributes(List<StorkAttribute> attributes) {
+ this.attributes = attributes;
+ }
+
+ public int getDefaultQaa() {
+ return qaa;
+ }
+
+ public void setDefaultQaa(int qaa) {
+ this.qaa = qaa;
+ }
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/AttributeHelper.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/AttributeHelper.java
new file mode 100644
index 000000000..349f3bf4a
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/AttributeHelper.java
@@ -0,0 +1,60 @@
+package at.gv.egovernment.moa.id.configuration.data.oa;
+
+import at.gv.egovernment.moa.id.commons.db.dao.config.OAStorkAttribute;
+import at.gv.egovernment.moa.id.commons.db.dao.config.StorkAttribute;
+
+public class AttributeHelper {
+ private boolean isUsed = false;
+ private String name;
+ private boolean mandatory;
+ private boolean readonly;
+
+ public AttributeHelper() {
+ // TODO Auto-generated constructor stub
+ }
+
+ public AttributeHelper(OAStorkAttribute attribute) {
+ isUsed = true;
+ name = attribute.getName();
+ mandatory = attribute.isMandatory();
+ }
+
+ public AttributeHelper(StorkAttribute attribute) {
+ name = attribute.getName();
+ mandatory = false;
+ readonly = attribute.isMandatory();
+ isUsed = readonly;
+ }
+
+ public boolean isUsed() {
+ return isUsed;
+ }
+
+ public void setUsed(boolean used) {
+ isUsed = used;
+ }
+
+ public String getName() {
+ return name;
+ }
+
+ public void setName(String newname) {
+ name = newname;
+ }
+
+ public boolean isMandatory() {
+ return mandatory;
+ }
+
+ public void setMandatory(boolean value) {
+ mandatory = value;
+ }
+
+ public boolean isReadOnly() {
+ return readonly;
+ }
+
+ public void setReadOnly(boolean value) {
+ // we do not allow setting the readonly field
+ }
+} \ No newline at end of file
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java
index d7c71105d..da07b10b0 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java
@@ -22,6 +22,108 @@
*******************************************************************************/
package at.gv.egovernment.moa.id.configuration.data.oa;
+import java.util.ArrayList;
+import java.util.List;
+
+import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead;
+import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA;
+import at.gv.egovernment.moa.id.commons.db.dao.config.OASTORK;
+import at.gv.egovernment.moa.id.commons.db.dao.config.OAStorkAttribute;
+import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
+import at.gv.egovernment.moa.id.commons.db.dao.config.StorkAttribute;
+
public class OASTORKConfig {
+ private boolean isStorkLogonEnabled = false;
+ private int qaa;
+
+ private List<AttributeHelper> attributes;
+
+ public OASTORKConfig() {
+
+ }
+
+ /**
+ * Parses the OA config for stork entities.
+ *
+ * @param dbOAConfig
+ * the db oa config
+ */
+ public void parse(OnlineApplication dbOAConfig) {
+ AuthComponentOA authdata = dbOAConfig.getAuthComponentOA();
+ if (authdata != null) {
+ OASTORK config = authdata.getOASTORK();
+ if(config != null) {
+ setStorkLogonEnabled(config.isStorkLogonEnabled());
+
+ try {
+ setQaa(config.getQaa());
+ } catch(NullPointerException e) {
+ // if there is no configuration available for the OA, get the default qaa level
+ setQaa(ConfigurationDBRead.getMOAIDConfiguration().getAuthComponentGeneral().getForeignIdentities().getSTORK().getQualityAuthenticationAssuranceLevel());
+ }
+
+ // prepare attribute helper list
+ attributes = new ArrayList<AttributeHelper>();
+ for(StorkAttribute current : ConfigurationDBRead.getMOAIDConfiguration().getAuthComponentGeneral().getForeignIdentities().getSTORK().getAttributes()) {
+ AttributeHelper tmp = null;
+
+ for(OAStorkAttribute sepp : config.getOAAttributes())
+ if(sepp.getName().equals(current.getName()))
+ tmp = new AttributeHelper(sepp);
+
+ if(null == tmp)
+ tmp = new AttributeHelper(current);
+
+ attributes.add(tmp);
+ }
+ }
+ }
+ }
+
+ public boolean isStorkLogonEnabled() {
+ return isStorkLogonEnabled;
+ }
+
+ public void setStorkLogonEnabled(boolean enabled) {
+ this.isStorkLogonEnabled = enabled;
+ }
+
+ public int getQaa() {
+ return qaa;
+ }
+
+ public void setQaa(int qaa) {
+ this.qaa = qaa;
+ }
+
+ public List<OAStorkAttribute> getAttributes() {
+ List<OAStorkAttribute> result = new ArrayList<OAStorkAttribute>();
+
+ if(null == getHelperAttributes())
+ return result;
+
+ for(AttributeHelper current : getHelperAttributes()) {
+ for(StorkAttribute currentAttribute : ConfigurationDBRead.getMOAIDConfiguration().getAuthComponentGeneral().getForeignIdentities().getSTORK().getAttributes())
+ if(currentAttribute.getName().equals(current.getName())) {
+ if(current.isUsed() || currentAttribute.isMandatory()) {
+ OAStorkAttribute tmp = new OAStorkAttribute();
+ tmp.setName(current.getName());
+ tmp.setMandatory(current.isMandatory());
+ result.add(tmp);
+ }
+ break;
+ }
+ }
+
+ return result;
+ }
+
+ public List<AttributeHelper> getHelperAttributes() {
+ return attributes;
+ }
+
+ public void setHelperAttributes(List<AttributeHelper> attributes) {
+ this.attributes = attributes;
+ }
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java
index 362579c9f..3c8c0e18d 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java
@@ -72,8 +72,10 @@ import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
import at.gv.egovernment.moa.id.configuration.Constants;
import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
import at.gv.egovernment.moa.id.configuration.data.GeneralMOAIDConfig;
+import at.gv.egovernment.moa.id.configuration.data.GeneralStorkConfig;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
import at.gv.egovernment.moa.id.configuration.validation.moaconfig.MOAConfigValidator;
+import at.gv.egovernment.moa.id.configuration.validation.moaconfig.StorkConfigValidator;
import at.gv.egovernment.moa.id.util.Random;
import at.gv.egovernment.moa.util.MiscUtil;
@@ -89,7 +91,8 @@ public class EditGeneralConfigAction extends ActionSupport
private AuthenticatedUser authUser;
private GeneralMOAIDConfig moaconfig;
-
+ private GeneralStorkConfig storkconfig;
+
private String formID;
public String loadConfig() {
@@ -108,6 +111,8 @@ public class EditGeneralConfigAction extends ActionSupport
moaconfig = new GeneralMOAIDConfig();
moaconfig.parse(dbconfig);
+ storkconfig = new GeneralStorkConfig();
+ storkconfig.parse(dbconfig);
ConfigurationDBUtils.closeSession();
@@ -152,6 +157,8 @@ public class EditGeneralConfigAction extends ActionSupport
MOAConfigValidator validator = new MOAConfigValidator();
List<String> errors = validator.validate(moaconfig);
+
+ errors.addAll(new StorkConfigValidator().validate(storkconfig));
if (errors.size() > 0) {
log.info("General MOA-ID configuration has some erros.");
@@ -429,10 +436,15 @@ public class EditGeneralConfigAction extends ActionSupport
if (oldforeign != null) {
STORK oldstork = oldforeign.getSTORK();
if (oldstork != null)
- dbforeign.setSTORK(oldstork);
+ oldstork = new STORK();
+
+ oldstork.setQualityAuthenticationAssuranceLevel(storkconfig.getDefaultQaa());
+ oldstork.setAttributes(storkconfig.getAttributes());
+ oldstork.setCPEPS(storkconfig.getCpepslist());
+ dbforeign.setSTORK(oldstork);
}
}
-
+
if (MiscUtil.isNotEmpty(moaconfig.getMandateURL())) {
OnlineMandates dbmandate = dbauth.getOnlineMandates();
if (dbmandate == null) {
@@ -572,6 +584,24 @@ public class EditGeneralConfigAction extends ActionSupport
public void setMoaconfig(GeneralMOAIDConfig moaconfig) {
this.moaconfig = moaconfig;
}
+
+ /**
+ * Gets the storkconfig.
+ *
+ * @return the storkconfig
+ */
+ public GeneralStorkConfig getStorkconfig() {
+ return storkconfig;
+ }
+
+ /**
+ * Sets the storkconfig.
+ *
+ * @param storkconfig the new storkconfig
+ */
+ public void setStorkconfig(GeneralStorkConfig storkconfig) {
+ this.storkconfig = storkconfig;
+ }
/**
* @return the formID
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java
index 5366aff23..775443689 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java
@@ -60,6 +60,7 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.OAOAUTH20;
import at.gv.egovernment.moa.id.commons.db.dao.config.OAPVP2;
import at.gv.egovernment.moa.id.commons.db.dao.config.OASAML1;
import at.gv.egovernment.moa.id.commons.db.dao.config.OASSO;
+import at.gv.egovernment.moa.id.commons.db.dao.config.OASTORK;
import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplicationType;
import at.gv.egovernment.moa.id.commons.db.dao.config.STORK;
@@ -123,7 +124,7 @@ public class EditOAAction extends ActionSupport implements ServletRequestAware,
private OASAML1Config saml1OA = new OASAML1Config();
private OASSOConfig ssoOA = new OASSOConfig();
private OAOAuth20Config oauth20OA = new OAOAuth20Config();
- private OASTORKConfig storkOA;
+ private OASTORKConfig storkOA = new OASTORKConfig();
private FormularCustomization formOA = new FormularCustomization();
private InputStream stream;
@@ -182,6 +183,8 @@ public class EditOAAction extends ActionSupport implements ServletRequestAware,
saml1OA.parse(onlineapplication);
oauth20OA.parse(onlineapplication);
session.setAttribute(Constants.SESSION_OAUTH20SECRET, this.oauth20OA.getClientSecret());
+
+ storkOA.parse(onlineapplication);
Map<String, String> map = new HashMap<String, String>();
map.putAll(FormBuildUtils.getDefaultMap());
@@ -698,7 +701,7 @@ public class EditOAAction extends ActionSupport implements ServletRequestAware,
}
}
}
- preview = FormBuildUtils.customiceLayoutBKUSelection(preview, true, false, map);
+ preview = FormBuildUtils.customiceLayoutBKUSelection(preview, true, false, map, true);
}
} else {
@@ -948,12 +951,6 @@ public class EditOAAction extends ActionSupport implements ServletRequestAware,
sso.setSingleLogOutURL(ssoOA.getSingleLogOutURL());
- STORK stork = authoa.getSTORK();
- if (stork == null) {
- // TODO: make stork configurable
-
- }
-
if (oauth20OA != null) {
log.debug("Saving OAuth 2.0 configuration:");
OAOAUTH20 oaOAuth20 = authoa.getOAOAUTH20();
@@ -974,6 +971,20 @@ public class EditOAAction extends ActionSupport implements ServletRequestAware,
}
+
+ // fetch stork configuration from database model
+ OASTORK stork = authoa.getOASTORK();
+ if (stork == null) {
+ // if there is none, create a new one with default values.
+ stork = new OASTORK();
+ authoa.setOASTORK(stork);
+ stork.setStorkLogonEnabled(false);
+ }
+ // transfer the incoming data to the database model
+ stork.setStorkLogonEnabled(storkOA.isStorkLogonEnabled());
+ stork.setQaa(storkOA.getQaa());
+ stork.setOAAttributes(storkOA.getAttributes());
+
try {
if (newentry) {
ConfigurationDBUtils.save(dboa);
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java
index 9fa58ca1e..3bc2d4ac5 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java
@@ -56,8 +56,6 @@ import at.gv.egovernment.moa.id.util.Random;
import com.opensymphony.xwork2.ActionSupport;
-import eu.stork.vidp.messages.common.STORKBootstrap;
-
public class ImportExportAction extends ActionSupport
implements ServletRequestAware, ServletResponseAware {
@@ -136,21 +134,7 @@ implements ServletRequestAware, ServletResponseAware {
session.setAttribute(Constants.SESSION_FORMID, formID);
return Constants.STRUTS_ERROR_VALIDATION;
}
-
- //Initialize OpenSAML for STORK
- log.info("Starting initialization of OpenSAML...");
- try {
- STORKBootstrap.bootstrap();
-
- } catch (org.opensaml.xml.ConfigurationException e1) {
- log.info("Legacy configuration has an Import Error", e1);
- addActionError(LanguageHelper.getErrorString("errors.importexport.legacyimport", new Object[] {e1.getMessage()}));
-
- formID = Random.nextRandom();
- session.setAttribute(Constants.SESSION_FORMID, formID);
- return Constants.STRUTS_ERROR_VALIDATION;
- }
- log.debug("OpenSAML successfully initialized");
+
try {
MOAIDConfiguration moaidconfig = ConfigurationDBRead.getMOAIDConfiguration();
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java
new file mode 100644
index 000000000..318b3b3e7
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java
@@ -0,0 +1,89 @@
+package at.gv.egovernment.moa.id.configuration.validation.moaconfig;
+
+import java.util.ArrayList;
+import java.util.List;
+import org.apache.log4j.Logger;
+
+import at.gv.egovernment.moa.id.commons.db.dao.config.CPEPS;
+import at.gv.egovernment.moa.id.commons.db.dao.config.StorkAttribute;
+import at.gv.egovernment.moa.id.configuration.data.GeneralStorkConfig;
+import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
+import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+public class StorkConfigValidator {
+
+ private static final Logger log = Logger.getLogger(StorkConfigValidator.class);
+
+ public List<String> validate(GeneralStorkConfig form) {
+
+ List<String> errors = new ArrayList<String>();
+
+ log.debug("Validate general STORK configuration");
+
+ // check peps list
+ for(CPEPS current : form.getCpepslist()) {
+ // check country code
+ String check = current.getCountryCode();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ log.warn("CPEPS config countrycode contains potentail XSS characters: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.cc",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+ }
+ if(!check.toLowerCase().matches("^[a-z][a-z]$")) {
+ log.warn("CPEPS config countrycode does not comply to ISO 3166-2 : " + check);
+ errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.cc",
+ new Object[] {check} ));
+ }
+ } else {
+ log.warn("CPEPS config countrycode is empty : " + check);
+ errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.empty",
+ new Object[] {check} ));
+ }
+
+ // check url
+ check = current.getURL();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!ValidationHelper.validateURL(check)) {
+ log.info("CPEPS config URL is invalid : " + check);
+ errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.url"));
+ }
+ } else {
+ log.warn("CPEPS config url is empty : " + check);
+ errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.empty",
+ new Object[] {check} ));
+ }
+ }
+
+ // check qaa
+ int qaa = form.getDefaultQaa();
+ if(1 > qaa && 4 < qaa) {
+ log.warn("QAA is out of range : " + qaa);
+ errors.add(LanguageHelper.getErrorString("validation.stork.qaa.outofrange",
+ new Object[] {qaa} ));
+ }
+
+ // check attributes
+ if (MiscUtil.isNotEmpty(form.getAttributes())) {
+ for(StorkAttribute check : form.getAttributes()) {
+ if (ValidationHelper.containsPotentialCSSCharacter(check.getName(), true)) {
+ log.warn("default attributes contains potentail XSS characters: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.stork.requestedattributes",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(true)} ));
+ }
+ if(!check.getName().toLowerCase().matches("^[a-z0-9]*$")) {
+ log.warn("default attributes do not match the requested format : " + check);
+ errors.add(LanguageHelper.getErrorString("validation.stork.requestedattributes",
+ new Object[] {check} ));
+ }
+ }
+ } else {
+ log.warn("no attributes specified");
+ errors.add(LanguageHelper.getErrorString("validation.stork.attributes.empty",
+ new Object[] {} ));
+ }
+
+ return errors;
+ }
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java
index def5aa5ed..f72999020 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java
@@ -25,14 +25,27 @@ package at.gv.egovernment.moa.id.configuration.validation.oa;
import java.util.ArrayList;
import java.util.List;
+import org.apache.log4j.Logger;
+
import at.gv.egovernment.moa.id.configuration.data.oa.OASTORKConfig;
+import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
public class OASTORKConfigValidation {
+
+ private static final Logger log = Logger.getLogger(OASTORKConfigValidation.class);
+
public List<String> validate(OASTORKConfig oageneral) {
-
+
List<String> errors = new ArrayList<String>();
-
-
+
+ // check qaa
+ int qaa = oageneral.getQaa();
+ if(1 > qaa && 4 < qaa) {
+ log.warn("QAA is out of range : " + qaa);
+ errors.add(LanguageHelper.getErrorString("validation.stork.qaa.outofrange",
+ new Object[] {qaa} ));
+ }
+
return errors;
}
}
diff --git a/id/ConfigWebTool/src/main/resources/applicationResources.properties b/id/ConfigWebTool/src/main/resources/applicationResources.properties
index 454175125..d82855616 100644
--- a/id/ConfigWebTool/src/main/resources/applicationResources.properties
+++ b/id/ConfigWebTool/src/main/resources/applicationResources.properties
@@ -224,6 +224,19 @@ webpages.oaconfig.sso.singlelogouturl=Single Log-Out URL
webpages.oaconfig.sso.useauthdataframe=Zus\u00E4tzliche Userabfrage
webpages.oaconfig.sso.usesso=Single Sign-On verwenden
+webpages.oaconfig.stork.header=Secure idenTity acrOss boRders linKed
+webpages.oaconfig.stork.usestork=STORK Logon aktivieren
+webpages.moaconfig.stork.pepslist=C-PEPS Konfiguration
+webpages.moaconfig.stork.newpeps=Neuen PEPS konfigurieren
+webpages.moaconfig.stork.removepeps=l\u00F6schen
+webpages.moaconfig.stork.qaa.default=Standard QAA-Level ausw\u00E4hlen
+webpages.moaconfig.stork.attributes.heading=Attributkonfiguration
+webpages.moaconfig.stork.attributes.new=Neues Attribut hinzuf\u00FCgen
+webpages.moaconfig.stork.attributes.heading.name=Attributname
+webpages.moaconfig.stork.attributes.heading.mandatory=zwingend
+webpages.moaconfig.stork.attributes.remove=l\u00F6schen
+webpages.moaconfig.stork.qaa=Mindest-QAA-Level f\u00FCr diese OA ausw\u00E4hlen
+
webpages.oaconfig.protocols.saml1.header=SAML1 Konfiguration
webpages.oaconfig.saml1.isActice=SAML1 aktivieren
webpages.oaconfig.saml1.provideStammZahl=Stammzahl \u00FCbertragen
@@ -366,6 +379,13 @@ validation.general.oaidentifier.empty=Es wurde kein eindeutiger Identifier f\u00
validation.general.oaidentifier.valid=Der eindeutige Identifier f\u00FCr die Online-Applikation ist keine g\u00FCltige URL.
validation.general.oaidentifier.notunique=Der gew\u00E4hlte eindeutige Identifier ist bereits vorhanden. Eine Eintragung der Online-Applikation ist nicht m\u00F6glich.
+validation.stork.cpeps.cc=CPEPS L\u00E4ndercode folgt nicht ISO 3166-2
+validation.stork.cpeps.empty=CPEPS Konfiguration ist unvollst\u00E4ndig
+validation.stork.cpeps.url=CPEPS URL ist ung\u00FCltig
+validation.stork.requestedattributes=STORK Attribute sind fehlerhaft. Bsp.: attr1, attr2
+validation.stork.qaa.outofrange=Gültige QAA Werte sind 1, 2, 3, und 4
+validation.stork.attributes.empty=Es muss mindestens ein Attribut definiert sein
+
validation.pvp2.metadataurl.empty=Keine Metadaten URL angegeben.
validation.pvp2.metadataurl.valid=Die Metadaten URL wei\u00DFt kein g\u00FCltiges URL Format auf.
validation.pvp2.metadataurl.read=Unter der angegebenen Metadaten URL konnten keine Informationen abgerufen werden.
@@ -389,4 +409,4 @@ validation.general.form.button.color.back.focus=Die Hintergrundfarbe f\\u00FCr F
validation.general.form.button.color.back=Die Hintergrundfarbe der BKU-Auswahlbuttons enth\\u00E4lt keinen g\\u00FCltigen Hexadezimalwert. (z.B. \\\#FFFFFF)
validation.general.form.button.color.front=Die Vordergrundfarbe der BKU-Auswahlbuttons enth\\u00E4lt keinen g\\u00FCltigen Hexadezimalwert. (z.B. \\\#FFFFFF)
validation.general.form.appletredirecttarget=Der RedirectTarget beinhaltet einen ung\\u00FCltiten Wert.
-validation.general.form.fonttype=Der BKU-Auswahl Schrifttyp enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0} \ No newline at end of file
+validation.general.form.fonttype=Der BKU-Auswahl Schrifttyp enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
diff --git a/id/ConfigWebTool/src/main/webapp/js/common.js b/id/ConfigWebTool/src/main/webapp/js/common.js
index 11fc0b2be..384e40509 100644
--- a/id/ConfigWebTool/src/main/webapp/js/common.js
+++ b/id/ConfigWebTool/src/main/webapp/js/common.js
@@ -44,6 +44,13 @@ function oaSSOService() {
}
}
+function oaStork() {
+ if ($('#OAuseSTORKLogon').attr('checked') == 'checked') {
+ $('#stork_block').css('display', "block");
+ } else {
+ $('#stork_block').css('display', "none");
+ }
+}
function oaSAML1() {
if ($('#oa_saml1_area').css('display') == "block") {
$('#oa_saml1_area').css('display', "none");
@@ -199,4 +206,22 @@ function oaOnLoad() {
);
return true;
+}
+function newPeps() {
+ var target = $(document.getElementById("stork_pepslist").getElementsByTagName("tr")).last()[0];
+ var clone = target.cloneNode(true);
+ var lastindex = parseInt(clone.innerHTML.match(/name="storkconfig.cpepslist\[(\d)/)[1]);
+ var nextindex = lastindex + 1;
+ clone.innerHTML = clone.innerHTML.replace(/name="storkconfig.cpepslist\[\d/g, 'name="storkconfig.cpepslist[' + nextindex);
+ clone.innerHTML = clone.innerHTML.replace(/(.*" value=").*?(".*)/g, '$1$2');
+ target.parentNode.appendChild(clone);
+}
+function newStorkAttribute() {
+ var target = $(document.getElementById("stork_attributelist").getElementsByTagName("tr")).last()[0];
+ var clone = target.cloneNode(true);
+ var lastindex = parseInt(clone.innerHTML.match(/name="storkconfig.attributes\[(\d)/)[1]);
+ var nextindex = lastindex + 1;
+ clone.innerHTML = clone.innerHTML.replace(/name="storkconfig.attributes\[\d/g, 'name="storkconfig.attributes[' + nextindex);
+ clone.innerHTML = clone.innerHTML.replace(/(.*" value=").*?(".*)/g, '$1$2');
+ target.parentNode.appendChild(clone);
} \ No newline at end of file
diff --git a/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp b/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp
index de2548535..41702cbbb 100644
--- a/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp
+++ b/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp
@@ -227,6 +227,35 @@
</div>
<div class="oa_config_block">
+ <h3><%=LanguageHelper.getGUIString("webpages.oaconfig.stork.header", request) %></h3>
+ <s:select list="#{1:'1', 2:'2', 3:'3', 4:'4'}"
+ value="#{storkconfig.defaultQaa}"
+ name="storkconfig.defaultQaa"
+ key="webpages.moaconfig.stork.qaa.default"
+ labelposition="left" />
+ <h4><%=LanguageHelper.getGUIString("webpages.moaconfig.stork.pepslist", request) %></h4>
+ <table id="stork_pepslist">
+ <tr><th>Country Shortcode</th><th>PEPS URL</th>
+ <s:iterator value="storkconfig.cpepslist" status="stat">
+ <tr><td><s:textfield name="storkconfig.cpepslist[%{#stat.index}].countryCode" value="%{countryCode}" cssClass="textfield_short"/></td>
+ <td><s:textfield name="storkconfig.cpepslist[%{#stat.index}].URL" value="%{URL}" cssClass="textfield_long"/></td>
+ <td><input type="button" value="<%=LanguageHelper.getGUIString("webpages.moaconfig.stork.removepeps", request) %>" onclick='this.parentNode.parentNode.parentNode.removeChild(this.parentNode.parentNode);'/></td></tr>
+ </s:iterator>
+ </table>
+ <input type="button" value="<%=LanguageHelper.getGUIString("webpages.moaconfig.stork.newpeps", request) %>" onclick='newPeps();' />
+ <h4><%=LanguageHelper.getGUIString("webpages.moaconfig.stork.attributes.heading", request) %></h4>
+ <table id="stork_attributelist">
+ <tr><th><%=LanguageHelper.getGUIString("webpages.moaconfig.stork.attributes.heading.name", request) %></th><th><%=LanguageHelper.getGUIString("webpages.moaconfig.stork.attributes.heading.mandatory", request) %></th></tr>
+ <s:iterator value="storkconfig.attributes" status="stat">
+ <tr><td><s:textfield name="storkconfig.attributes[%{#stat.index}].name" value="%{name}"/></td>
+ <td><s:checkbox name="storkconfig.attributes[%{#stat.index}].mandatory" value="%{mandatory}" /></td>
+ <td><input type="button" value="<%=LanguageHelper.getGUIString("webpages.moaconfig.stork.attributes.remove", request) %>" onclick='this.parentNode.parentNode.parentNode.removeChild(this.parentNode.parentNode);'/></td></tr>
+ </s:iterator>
+ </table>
+ <input type="button" value="<%=LanguageHelper.getGUIString("webpages.moaconfig.stork.attributes.new", request) %>" onclick='newStorkAttribute();' />
+ </div>
+
+ <div class="oa_config_block">
<h3><%=LanguageHelper.getGUIString("webpages.moaconfig.protocols.header", request) %></h3>
<div id="moageneral_active_protocol" class="moageneral_protocol_area">
diff --git a/id/ConfigWebTool/src/main/webapp/jsp/editOAGeneral.jsp b/id/ConfigWebTool/src/main/webapp/jsp/editOAGeneral.jsp
index 97f0d01c2..b58b997ec 100644
--- a/id/ConfigWebTool/src/main/webapp/jsp/editOAGeneral.jsp
+++ b/id/ConfigWebTool/src/main/webapp/jsp/editOAGeneral.jsp
@@ -303,6 +303,34 @@
</div>
<div class="oa_config_block">
+ <h3><%=LanguageHelper.getGUIString("webpages.oaconfig.stork.header", request) %></h3>
+
+ <s:checkbox name="storkOA.storkLogonEnabled"
+ value="%{storkOA.storkLogonEnabled}"
+ labelposition="left"
+ key="webpages.oaconfig.stork.usestork"
+ cssClass="checkbox"
+ onclick="oaStork();"
+ id="OAuseSTORKLogon" />
+ <div id="stork_block">
+ <s:select list="#{1:'1', 2:'2', 3:'3', 4:'4'}"
+ value="#{storkOA.qaa}"
+ name="storkOA.qaa"
+ key="webpages.moaconfig.stork.qaa"
+ labelposition="left" />
+ <h4>Attributes</h4>
+ <table>
+ <tr><th>verwendet</th><th>Attributname</th><th>mandatory</th></tr>
+ <s:iterator value="storkOA.helperAttributes" status="stat">
+ <tr><td><s:checkbox name="storkOA.helperAttributes[%{#stat.index}].used" value="%{used}" disabled="%{readOnly}" /></td>
+ <td><s:property value="%{name}" /><s:hidden name="storkOA.helperAttributes[%{#stat.index}].name" value="%{name}" /></td>
+ <td><s:checkbox name="storkOA.helperAttributes[%{#stat.index}].mandatory" value="%{mandatory}" /></td></tr>
+ </s:iterator>
+ </table>
+ </div>
+ </div>
+
+ <div class="oa_config_block">
<h3><%=LanguageHelper.getGUIString("webpages.oaconfig.protocols.header", request) %></h3>
<s:if test="authUser.isAdmin() || saml1OA.isActive()">