aboutsummaryrefslogtreecommitdiff
path: root/id/ConfigWebTool/src
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2015-08-27 11:32:05 +0200
committerThomas Lenz <tlenz@iaik.tugraz.at>2015-08-27 11:32:05 +0200
commitbb1b12ac5b240629e16ea1c7a50891e99f4adc14 (patch)
tree5a77e4fd20a6c22f34be8d7546c01199fe343bb9 /id/ConfigWebTool/src
parentea10821a16993913222f12e1b919fe3d48c29b30 (diff)
downloadmoa-id-spss-bb1b12ac5b240629e16ea1c7a50891e99f4adc14.tar.gz
moa-id-spss-bb1b12ac5b240629e16ea1c7a50891e99f4adc14.tar.bz2
moa-id-spss-bb1b12ac5b240629e16ea1c7a50891e99f4adc14.zip
Use test- and productive TrustStore configurations in one IDP instance
- every service configuration could select its preferred TrustStore
Diffstat (limited to 'id/ConfigWebTool/src')
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java33
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAAuthenticationData.java50
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java3
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java25
-rw-r--r--id/ConfigWebTool/src/main/resources/applicationResources_de.properties15
-rw-r--r--id/ConfigWebTool/src/main/resources/applicationResources_en.properties10
-rw-r--r--id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp15
-rw-r--r--id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/authentication.jsp15
8 files changed, 162 insertions, 4 deletions
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java
index bcf99d246..83795567c 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java
@@ -81,6 +81,9 @@ public class GeneralMOAIDConfig {
private List<String> authTransformList = null;
private String moaspssIdlTrustProfile = null;
+ private String moaspssIdlTrustProfileTest = null;
+ private String moaspssAuthTrustProfileTest = null;
+
private String mandateURL = null;
private boolean protocolActiveSAML1 = false;
@@ -184,6 +187,7 @@ public class GeneralMOAIDConfig {
VerifyAuthBlock authblock = moaspss.getVerifyAuthBlock();
if (authblock != null) {
moaspssAuthTrustProfile = authblock.getTrustProfileID();
+ moaspssAuthTrustProfileTest = authblock.getTestTrustProfileID();
List<String> list = authblock.getVerifyTransformsInfoProfileID();
if (list.size() == 1)
@@ -197,6 +201,7 @@ public class GeneralMOAIDConfig {
VerifyIdentityLink idl = moaspss.getVerifyIdentityLink();
if (idl != null) {
moaspssIdlTrustProfile = idl.getTrustProfileID();
+ moaspssIdlTrustProfileTest = idl.getTestTrustProfileID();
}
}
@@ -928,6 +933,34 @@ public class GeneralMOAIDConfig {
public void setPublicURLPrefix(String publicURLPrefix) {
this.publicURLPrefix = publicURLPrefix;
}
+
+ /**
+ * @return the moaspssIdlTrustProfileTest
+ */
+ public String getMoaspssIdlTrustProfileTest() {
+ return moaspssIdlTrustProfileTest;
+ }
+
+ /**
+ * @param moaspssIdlTrustProfileTest the moaspssIdlTrustProfileTest to set
+ */
+ public void setMoaspssIdlTrustProfileTest(String moaspssIdlTrustProfileTest) {
+ this.moaspssIdlTrustProfileTest = moaspssIdlTrustProfileTest;
+ }
+
+ /**
+ * @return the moaspssAuthTrustProfileTest
+ */
+ public String getMoaspssAuthTrustProfileTest() {
+ return moaspssAuthTrustProfileTest;
+ }
+
+ /**
+ * @param moaspssAuthTrustProfileTest the moaspssAuthTrustProfileTest to set
+ */
+ public void setMoaspssAuthTrustProfileTest(String moaspssAuthTrustProfileTest) {
+ this.moaspssAuthTrustProfileTest = moaspssAuthTrustProfileTest;
+ }
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAAuthenticationData.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAAuthenticationData.java
index 0c633f312..9b0172a24 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAAuthenticationData.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAAuthenticationData.java
@@ -70,7 +70,9 @@ public class OAAuthenticationData implements IOnlineApplicationData {
private Map<String, byte[]> transformations;
private boolean enableTestCredentials = false;
- private List<String> testCredentialOIDs = null;
+ private List<String> testCredentialOIDs = null;
+ private boolean useTestIDLValidationTrustStore = false;
+ private boolean useTestAuthblockValidationTrustStore = false;
/**
*
@@ -210,7 +212,9 @@ public class OAAuthenticationData implements IOnlineApplicationData {
enableTestCredentials = oaauth.getTestCredentials().isEnableTestCredentials();
testCredentialOIDs = new ArrayList<String>();
testCredentialOIDs.addAll(oaauth.getTestCredentials().getCredentialOID());
-
+
+ useTestAuthblockValidationTrustStore = oaauth.getTestCredentials().isUseTestAuthBlockTrustStore();
+ useTestIDLValidationTrustStore = oaauth.getTestCredentials().isUseTestIDLTrustStore();
}
return null;
@@ -332,6 +336,17 @@ public class OAAuthenticationData implements IOnlineApplicationData {
}
+ TestCredentials testing = authoa.getTestCredentials();
+ if (testing == null) {
+ testing = new TestCredentials();
+ authoa.setTestCredentials(testing);
+
+ }
+ testing.setUseTestAuthBlockTrustStore(useTestAuthblockValidationTrustStore);
+ testing.setUseTestIDLTrustStore(useTestIDLValidationTrustStore);
+
+
+
return null;
}
@@ -614,5 +629,36 @@ public class OAAuthenticationData implements IOnlineApplicationData {
this.testCredentialOIDs.add(oidList[i].trim());
}
}
+
+ /**
+ * @return the useTestIDLValidationTrustStore
+ */
+ public boolean isUseTestIDLValidationTrustStore() {
+ return useTestIDLValidationTrustStore;
+ }
+
+ /**
+ * @param useTestIDLValidationTrustStore the useTestIDLValidationTrustStore to set
+ */
+ public void setUseTestIDLValidationTrustStore(
+ boolean useTestIDLValidationTrustStore) {
+ this.useTestIDLValidationTrustStore = useTestIDLValidationTrustStore;
+ }
+
+ /**
+ * @return the useTestAuthblockValidationTrustStore
+ */
+ public boolean isUseTestAuthblockValidationTrustStore() {
+ return useTestAuthblockValidationTrustStore;
+ }
+
+ /**
+ * @param useTestAuthblockValidationTrustStore the useTestAuthblockValidationTrustStore to set
+ */
+ public void setUseTestAuthblockValidationTrustStore(
+ boolean useTestAuthblockValidationTrustStore) {
+ this.useTestAuthblockValidationTrustStore = useTestAuthblockValidationTrustStore;
+ }
+
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java
index 13256a6a0..725a2eded 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java
@@ -586,12 +586,15 @@ public class EditGeneralConfigAction extends BasicAction {
dbmoasp.setVerifyIdentityLink(moaidl);
}
moaidl.setTrustProfileID(moaconfig.getMoaspssIdlTrustProfile());
+ moaidl.setTestTrustProfileID(moaconfig.getMoaspssIdlTrustProfileTest());
+
VerifyAuthBlock moaauth = dbmoasp.getVerifyAuthBlock();
if (moaauth == null) {
moaauth = new VerifyAuthBlock();
dbmoasp.setVerifyAuthBlock(moaauth);
}
moaauth.setTrustProfileID(moaconfig.getMoaspssAuthTrustProfile());
+ moaauth.setTestTrustProfileID(moaconfig.getMoaspssAuthTrustProfileTest());
if (moaauth.getVerifyTransformsInfoProfileID() != null &&
moaauth.getVerifyTransformsInfoProfileID().size() > 0)
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java
index 73f5e098f..95502cedb 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java
@@ -207,6 +207,31 @@ public class MOAConfigValidator {
}
}
+ check = form.getMoaspssAuthTrustProfileTest();
+ if (MiscUtil.isEmpty(check)) {
+ log.info("Empty MOA-SP/SS Test-Authblock TrustProfile");
+ errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.test.empty", request));
+ } else {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ log.info("Test-Authblock TrustProfile is not valid: " +check);
+ errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.test.valid",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request ));
+ }
+ }
+
+ check = form.getMoaspssIdlTrustProfileTest();
+ if (MiscUtil.isEmpty(check)) {
+ log.info("Empty MOA-SP/SS Test-IdentityLink TrustProfile");
+ errors.add(LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.test.empty", request));
+ } else {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ log.info("Test-IdentityLink TrustProfile is not valid: " +check);
+ errors.add(LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.test.valid",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request ));
+ }
+ }
+
+
check = form.getMoaspssURL();
if (MiscUtil.isNotEmpty(check)) {
if (!ValidationHelper.validateURL(check)) {
diff --git a/id/ConfigWebTool/src/main/resources/applicationResources_de.properties b/id/ConfigWebTool/src/main/resources/applicationResources_de.properties
index 9116d6ef8..5248690d6 100644
--- a/id/ConfigWebTool/src/main/resources/applicationResources_de.properties
+++ b/id/ConfigWebTool/src/main/resources/applicationResources_de.properties
@@ -138,8 +138,10 @@ webpages.moaconfig.timeout.assertion=Anmeldedaten [sec]
webpages.moaconfig.timeout.MOASessionCreated=SSO Session authentifiziert [sec]
webpages.moaconfig.timeout.MOASessionUpdated=SSO Session letzter Zugriff [sec]
webpages.moaconfig.moasp.header=MOA-SP Konfiguration
-webpages.moaconfig.moasp.idltrustprofile=Personenbindung Trustprofil
+webpages.moaconfig.moasp.idltrustprofile=Personenbindung Trustprofil
+webpages.moaconfig.moasp.idltrustprofile.test=Test-Personenbindung Trustprofil
webpages.moaconfig.moasp.authtrustprofile=Authentfizierungsblock Trustprofil
+webpages.moaconfig.moasp.authtrustprofile.test=Test-Authentfizierungsblock Trustprofil
webpages.moaconfig.moasp.authblocktransform=Authentfizierungsblock Transformationen
webpages.moaconfig.moasp.url=URL zum MOA-SP Service
webpages.moaconfig.identitylinksigners=IdentityLinkSigners
@@ -281,6 +283,9 @@ webpages.oaconfig.general.BKUSelection.header.applet.width=Appletbreite
webpages.oaconfig.general.testing.header=Test Identit\u00E4ten
webpages.oaconfig.general.testing.usetesting=Test Identit\u00E4ten erlauben
webpages.oaconfig.general.testing.oids=OIDs f\u00FCr Test Identit\u00E4ten einschr\u00E4nken.
+webpages.oaconfig.general.testing.idltruststore=Test-Persondenbindungs TrustStore verwenden
+webpages.oaconfig.general.testing.authblocktruststore=Test-AuthBlockValidation TrustStore verwenden
+
webpages.oaconfig.sso.header=Single Sign-On
webpages.oaconfig.sso.singlelogouturl=Single Log-Out URL
@@ -378,7 +383,7 @@ validation.edituser.bpk.valid=Die BPK enth\u00E4lt nicht erlaubte Zeichen. Folge
validation.general.SAML1SourceID=Die SAML1SourceID enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
validation.general.publicURLprefix.empty=Public URL Prefix Feld ist leer.
-validation.general.publicURLprefix.valid=Public URL Prefix hat kein g\u00F6ltiges Format.
+validation.general.publicURLprefix.valid=Public URL Prefix {0} hat kein g\u00F6ltiges Format.
validation.general.certStoreDirectory.empty=CertStoreDirectory Feld ist leer.
validation.general.certStoreDirectory.valid=Das CertStoreDirectory Feld enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
validation.general.Defaultchainigmode.empty=Es wurde kein DefaultChainingMode gew\u00E4hlt.
@@ -392,6 +397,12 @@ validation.general.moasp.auth.trustprofile.empty=Das TrustProfile zur Pr\u00F6fu
validation.general.moasp.auth.trustprofile.valid=Das TrustProfile zur Pr\u00F6fung des Authentfizierungsblock enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
validation.general.moasp.idl.trustprofile.empty=Das TrustProfile zur Pr\u00F6fung der Personenbindung ist leer.
validation.general.moasp.idl.trustprofile.valid=Das TrustProfile zur Pr\u00F6fung der Personenbindung enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+
+validation.general.moasp.auth.trustprofile.test.empty=Das Test-TrustProfile zur Pr\u00F6fung des Authentfizierungsblock ist leer.
+validation.general.moasp.auth.trustprofile.test.valid=Das Test-TrustProfile zur Pr\u00F6fung des Authentfizierungsblock enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.moasp.idl.trustprofile.test.empty=Das Test-TrustProfile zur Pr\u00F6fung der Personenbindung ist leer.
+validation.general.moasp.idl.trustprofile.test.valid=Das Test-TrustProfile zur Pr\u00F6fung der Personenbindung enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+
validation.general.moaspss.url.valid=Die URL zum MOA-SP/SS Service hat kein g\u00F6ltiges Format.
validation.general.protocol.pvp2.issuername.valid=PVP2\: Service Name enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
validation.general.protocol.pvp2.org.displayname.valid=PVP2 Organisation\: Vollst\u00E4ndiger Name enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
diff --git a/id/ConfigWebTool/src/main/resources/applicationResources_en.properties b/id/ConfigWebTool/src/main/resources/applicationResources_en.properties
index 38cc6341b..22453ed2b 100644
--- a/id/ConfigWebTool/src/main/resources/applicationResources_en.properties
+++ b/id/ConfigWebTool/src/main/resources/applicationResources_en.properties
@@ -139,6 +139,8 @@ webpages.moaconfig.timeout.MOASessionUpdated=SSO Session last access[sec]
webpages.moaconfig.moasp.header=MOA-SP configuration
webpages.moaconfig.moasp.idltrustprofile=Trustprofile for IdentityLink
webpages.moaconfig.moasp.authtrustprofile=Trustprofile for authentication block
+webpages.moaconfig.moasp.idltrustprofile.test=Test Trustprofile for IdentityLink
+webpages.moaconfig.moasp.authtrustprofile.test=Test Trustprofile for authentication block
webpages.moaconfig.moasp.authblocktransform=Transformations for authentication block
webpages.moaconfig.moasp.url=URL for MOA-SP Service
webpages.moaconfig.identitylinksigners=IdentityLinkSigners
@@ -200,6 +202,8 @@ webpages.oaconfig.general.bku.sltemplate.third=SecurityLayer Template (WhiteList
webpages.oaconfig.general.testing.header=Test Credentials
webpages.oaconfig.general.testing.usetesting=Allow test credentials
webpages.oaconfig.general.testing.oids=Use special test credential OIDs
+webpages.oaconfig.general.testing.idltruststore=Use Test-IdentityLink TrustStore
+webpages.oaconfig.general.testing.authblocktruststore=Use Test-AuthBlockValidation TrustStore
webpages.oaconfig.revisionsLog.header=Revisions Logging
webpages.oaconfig.revisionsLog.active=Activ
@@ -391,6 +395,12 @@ validation.general.moasp.auth.trustprofile.empty=TrustProfile for checking of au
validation.general.moasp.auth.trustprofile.valid=TrustProfile for checking of authentication block contains forbidden characters. The following characters are not allowed\: {0}
validation.general.moasp.idl.trustprofile.empty=TrustProfile for checking of IdentityLink is blank.
validation.general.moasp.idl.trustprofile.valid=TrustProfile for checking of IdentityLink contain forbidden characters. The following characters are not allowed\: {0}
+
+validation.general.moasp.auth.trustprofile.test.empty=Test-TrustProfile for checking of authentication block is blank.
+validation.general.moasp.auth.trustprofile.test.valid=Test-TrustProfile for checking of authentication block contains forbidden characters. The following characters are not allowed\: {0}
+validation.general.moasp.idl.trustprofile.test.empty=Test-TrustProfile for checking of IdentityLink is blank.
+validation.general.moasp.idl.trustprofile.test.valid=Test-TrustProfile for checking of IdentityLink contain forbidden characters. The following characters are not allowed\: {0}
+
validation.general.moaspss.url.valid=URL for MOA-SP/SS service has invalid format.
validation.general.protocol.pvp2.issuername.valid=PVP2\: service name contains forbidden characters. The following characters are not allowed\: {0}
validation.general.protocol.pvp2.org.displayname.valid=PVP2 organization\: complete name contains forbidden characters. The following characters are not allowed\: {0}
diff --git a/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp b/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp
index 03f8a6b50..e6f07f847 100644
--- a/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp
+++ b/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp
@@ -152,6 +152,13 @@
cssClass="textfield_long">
</s:textfield>
+ <s:textfield name="moaconfig.moaspssIdlTrustProfileTest"
+ value="%{moaconfig.moaspssIdlTrustProfileTest}"
+ labelposition="left"
+ key="webpages.moaconfig.moasp.idltrustprofile.test"
+ cssClass="textfield_long">
+ </s:textfield>
+
<%-- <s:textarea name="moaconfig.identityLinkSigners"
value="%{moaconfig.identityLinkSigners}"
labelposition="left"
@@ -166,6 +173,14 @@
cssClass="textfield_long">
</s:textfield>
+ <s:textfield name="moaconfig.moaspssAuthTrustProfileTest"
+ value="%{moaconfig.moaspssAuthTrustProfileTest}"
+ labelposition="left"
+ key="webpages.moaconfig.moasp.authtrustprofile.test"
+ cssClass="textfield_long">
+ </s:textfield>
+
+
<%-- <s:textarea name="moaconfig.moaspssAuthTransformations"
value="%{moaconfig.moaspssAuthTransformations}"
labelposition="left"
diff --git a/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/authentication.jsp b/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/authentication.jsp
index 3dda0c0a4..f0b5c816a 100644
--- a/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/authentication.jsp
+++ b/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/authentication.jsp
@@ -84,6 +84,21 @@
key="webpages.oaconfig.general.testing.oids"
cssClass="textfield_long">
</s:textfield>
+
+ <s:checkbox key="webpages.oaconfig.general.testing.idltruststore"
+ labelposition="left"
+ cssClass="checkbox"
+ value="%{authOA.useTestIDLValidationTrustStore}"
+ name="authOA.useTestIDLValidationTrustStore">
+ </s:checkbox>
+
+ <s:checkbox key="webpages.oaconfig.general.testing.authblocktruststore"
+ labelposition="left"
+ cssClass="checkbox"
+ value="%{authOA.useTestAuthblockValidationTrustStore}"
+ name="authOA.useTestAuthblockValidationTrustStore">
+ </s:checkbox>
+
</div>