diff options
author | Florian Reimair <florian.reimair@iaik.tugraz.at> | 2015-08-11 15:42:13 +0200 |
---|---|---|
committer | Florian Reimair <florian.reimair@iaik.tugraz.at> | 2015-08-11 15:42:13 +0200 |
commit | ebe02bc990d362e39a37906385d7e470235e2627 (patch) | |
tree | b5513c0ccf37f201810ecea4a7af5c21dec60739 /id/server/auth/src/main/webapp/WEB-INF | |
parent | 2ec0757b66d9e23c4c29c9ca59c94acd6a9b46c4 (diff) | |
parent | 04381eb4e2d67ced539b34747403bb06cdf36c53 (diff) | |
download | moa-id-spss-ebe02bc990d362e39a37906385d7e470235e2627.tar.gz moa-id-spss-ebe02bc990d362e39a37906385d7e470235e2627.tar.bz2 moa-id-spss-ebe02bc990d362e39a37906385d7e470235e2627.zip |
Merge branch 'samlengine_update' into moa-2.1-Snapshot
Diffstat (limited to 'id/server/auth/src/main/webapp/WEB-INF')
-rw-r--r-- | id/server/auth/src/main/webapp/WEB-INF/applicationContext.xml | 23 | ||||
-rw-r--r-- | id/server/auth/src/main/webapp/WEB-INF/urlrewrite.xml | 2 | ||||
-rw-r--r-- | id/server/auth/src/main/webapp/WEB-INF/web.xml | 333 |
3 files changed, 143 insertions, 215 deletions
diff --git a/id/server/auth/src/main/webapp/WEB-INF/applicationContext.xml b/id/server/auth/src/main/webapp/WEB-INF/applicationContext.xml new file mode 100644 index 000000000..a3f834457 --- /dev/null +++ b/id/server/auth/src/main/webapp/WEB-INF/applicationContext.xml @@ -0,0 +1,23 @@ +<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:context="http://www.springframework.org/schema/context"
+ xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd + http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd">
+
+ <context:annotation-config />
+
+ <bean id="processEngine" class="at.gv.egovernment.moa.id.process.ProcessEngineImpl">
+ <property name="transitionConditionExpressionEvaluator">
+ <bean class="at.gv.egovernment.moa.id.process.springweb.SpringWebExpressionEvaluator" />
+ </property>
+ </bean>
+
+ <bean id="authenticationManager" class="at.gv.egovernment.moa.id.moduls.AuthenticationManager" factory-method="getInstance" />
+
+ <!-- import auth modules -->
+ <import resource="classpath*:**/*.authmodule.beans.xml" />
+
+ <bean id="moduleRegistration" class="at.gv.egovernment.moa.id.auth.modules.registration.ModuleRegistration" factory-method="getInstance" />
+
+</beans>
diff --git a/id/server/auth/src/main/webapp/WEB-INF/urlrewrite.xml b/id/server/auth/src/main/webapp/WEB-INF/urlrewrite.xml index 54debca81..8f01ca22b 100644 --- a/id/server/auth/src/main/webapp/WEB-INF/urlrewrite.xml +++ b/id/server/auth/src/main/webapp/WEB-INF/urlrewrite.xml @@ -74,7 +74,7 @@ <to type="forward">/dispatcher?mod=id_stork2&action=AttributeCollector&%{query-string}</to> </rule> <rule match-type="regex"> - <from>^/stork2/CompleteAuthentication$</from> + <from>^/stork2/GetConsent$</from> <to type="forward">/dispatcher?mod=id_stork2&action=ConsentEvaluator&%{query-string}</to> </rule> <rule match-type="regex"> diff --git a/id/server/auth/src/main/webapp/WEB-INF/web.xml b/id/server/auth/src/main/webapp/WEB-INF/web.xml index 42085b01e..5afc0dee7 100644 --- a/id/server/auth/src/main/webapp/WEB-INF/web.xml +++ b/id/server/auth/src/main/webapp/WEB-INF/web.xml @@ -1,279 +1,184 @@ <?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE web-app PUBLIC '-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN' 'http://java.sun.com/dtd/web-app_2_3.dtd'> -<web-app> +<web-app xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" + version="3.0"> <display-name>MOA ID Auth</display-name> <description>MOA ID Authentication Service</description> -<!-- <servlet> - <servlet-name>SelectBKU</servlet-name> - <display-name>SelectBKU</display-name> - <description>Select Bürgerkartenartenumgebung</description> - <servlet-class>at.gv.egovernment.moa.id.auth.servlet.SelectBKUServlet</servlet-class> - </servlet> --> + + <!-- bootstrap loader for spring framework --> + <listener> + <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class> + </listener> + + <filter> + <filter-name>characterEncodingFilter</filter-name> + <filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class> + <init-param> + <param-name>encoding</param-name> + <param-value>UTF-8</param-value> + </init-param> + <init-param> + <param-name>forceEncoding</param-name> + <param-value>true</param-value> + </init-param> + </filter> + <filter-mapping> + <filter-name>characterEncodingFilter</filter-name> + <url-pattern>/*</url-pattern> + </filter-mapping> + + <!-- exposes request and response to the current thread --> + <filter> + <filter-name>requestContextFilter</filter-name> + <filter-class>org.springframework.web.filter.RequestContextFilter</filter-class> + </filter> + <filter-mapping> + <filter-name>requestContextFilter</filter-name> + <url-pattern>/*</url-pattern> + </filter-mapping> + + <filter> + <filter-name>UrlRewriteFilter</filter-name> + <filter-class>org.tuckey.web.filters.urlrewrite.UrlRewriteFilter</filter-class> + </filter> + <filter-mapping> + <filter-name>UrlRewriteFilter</filter-name> + <url-pattern>/*</url-pattern> + </filter-mapping> + <servlet> - <servlet-name>GenerateIframeTemplate</servlet-name> - <display-name>GenerateIframeTemplate</display-name> <description>Generate BKU Request template</description> + <display-name>GenerateIframeTemplate</display-name> + <servlet-name>GenerateIframeTemplate</servlet-name> <servlet-class>at.gv.egovernment.moa.id.auth.servlet.GenerateIFrameTemplateServlet</servlet-class> </servlet> + <servlet-mapping> + <servlet-name>GenerateIframeTemplate</servlet-name> + <url-pattern>/GenerateIframeTemplate</url-pattern> + </servlet-mapping> + <servlet> - <servlet-name>RedirectServlet</servlet-name> <display-name>RedirectServlet</display-name> + <servlet-name>RedirectServlet</servlet-name> <servlet-class>at.gv.egovernment.moa.id.auth.servlet.RedirectServlet</servlet-class> </servlet> + <servlet-mapping> + <servlet-name>RedirectServlet</servlet-name> + <url-pattern>/RedirectServlet</url-pattern> + </servlet-mapping> + + <!-- automatically registered by module 'moa-id-module-monitoring' using @WebServlet annotation --> + <!-- <servlet> - <servlet-name>MonitoringServlet</servlet-name> <display-name>MonitoringServlet</display-name> + <servlet-name>MonitoringServlet</servlet-name> <servlet-class>at.gv.egovernment.moa.id.auth.servlet.MonitoringServlet</servlet-class> </servlet> + <servlet-mapping> + <servlet-name>MonitoringServlet</servlet-name> + <url-pattern>/MonitoringServlet</url-pattern> + </servlet-mapping> + --> + <servlet> - <servlet-name>SSOSendAssertionServlet</servlet-name> <display-name>SSOSendAssertionServlet</display-name> + <servlet-name>SSOSendAssertionServlet</servlet-name> <servlet-class>at.gv.egovernment.moa.id.auth.servlet.SSOSendAssertionServlet</servlet-class> - </servlet> + </servlet> + <servlet-mapping> + <servlet-name>SSOSendAssertionServlet</servlet-name> + <url-pattern>/SSOSendAssertionServlet</url-pattern> + </servlet-mapping> + <servlet> - <servlet-name>LogOut</servlet-name> - <display-name>LogOut</display-name> <description>SSO LogOut</description> + <display-name>LogOut</display-name> + <servlet-name>LogOut</servlet-name> <servlet-class>at.gv.egovernment.moa.id.auth.servlet.LogOutServlet</servlet-class> </servlet> + <servlet-mapping> + <servlet-name>LogOut</servlet-name> + <url-pattern>/LogOut</url-pattern> + </servlet-mapping> <servlet> - <servlet-name>IDPSLO</servlet-name> - <display-name>IDP-SLO</display-name> <description>IDP Single LogOut Service</description> + <display-name>IDP-SLO</display-name> + <servlet-name>IDPSLO</servlet-name> <servlet-class>at.gv.egovernment.moa.id.auth.servlet.IDPSingleLogOutServlet</servlet-class> </servlet> + <servlet-mapping> + <servlet-name>IDPSLO</servlet-name> + <url-pattern>/idpSingleLogout</url-pattern> + </servlet-mapping> <servlet> - <servlet-name>VerifyIdentityLink</servlet-name> - <display-name>VerifyIdentityLink</display-name> - <description>Verify identity link coming from security layer</description> - <servlet-class>at.gv.egovernment.moa.id.auth.servlet.VerifyIdentityLinkServlet</servlet-class> - </servlet> - <servlet> - <servlet-name>VerifyCertificate</servlet-name> - <display-name>VerifyCertificate</display-name> - <description>Verify the certificate coming from security layer</description> - <servlet-class>at.gv.egovernment.moa.id.auth.servlet.VerifyCertificateServlet</servlet-class> - </servlet> - <servlet> - <servlet-name>GetMISSessionID</servlet-name> - <display-name>GetMISSessionID</display-name> - <description>Get the MIS session ID coming from security layer</description> - <servlet-class>at.gv.egovernment.moa.id.auth.servlet.GetMISSessionIDServlet</servlet-class> - </servlet> - - <servlet> - <servlet-name>GetForeignID</servlet-name> - <display-name>GetForeignID</display-name> - <description>Gets the foreign eID from security layer</description> - <servlet-class>at.gv.egovernment.moa.id.auth.servlet.GetForeignIDServlet</servlet-class> - </servlet> -<!-- <servlet> - <servlet-name>ProcessInput</servlet-name> - <display-name>ProcessInput</display-name> - <description>Process user input needed by infobox validators</description> - <servlet-class>at.gv.egovernment.moa.id.auth.servlet.ProcessValidatorInputServlet</servlet-class> - </servlet> --> - <servlet> - <servlet-name>VerifyAuthBlock</servlet-name> - <display-name>VerifyAuthBlock</display-name> - <description>Verify AUTH block coming from security layer</description> - <servlet-class>at.gv.egovernment.moa.id.auth.servlet.VerifyAuthenticationBlockServlet</servlet-class> - </servlet> -<!-- <servlet> - <servlet-name>ConfigurationUpdate</servlet-name> - <display-name>ConfigurationUpdate</display-name> - <description>Update MOA-ID Auth configuration from the configuration - file</description> - <servlet-class>at.gv.egovernment.moa.id.auth.servlet.ConfigurationServlet</servlet-class> - </servlet> --> - <servlet> - <servlet-name>AxisServlet</servlet-name> <display-name>Apache-Axis Servlet</display-name> + <servlet-name>AxisServlet</servlet-name> <servlet-class>org.apache.axis.transport.http.AxisServlet</servlet-class> </servlet> + <servlet-mapping> + <servlet-name>AxisServlet</servlet-name> + <url-pattern>/services/*</url-pattern> + </servlet-mapping> - <!-- JSP servlet --> -<!-- <servlet> - <servlet-name>jspservlet</servlet-name> - <servlet-class>org.apache.jasper.servlet.JspServlet</servlet-class> - </servlet> --> - <servlet> - <servlet-name>PEPSConnectorServlet</servlet-name> - <display-name>PEPSConnectorServlet</display-name> - <description>Servlet receiving STORK SAML Response Messages from - different C-PEPS</description> - <servlet-class> - at.gv.egovernment.moa.id.auth.servlet.PEPSConnectorServlet</servlet-class> - </servlet> - <servlet> - <servlet-name>PEPSConnectorWithLocalSigningServlet</servlet-name> - <display-name>PEPSConnectorWithLocalSigningServlet</display-name> - <description>Servlet receiving STORK SAML Response Messages from - different C-PEPS</description> - <servlet-class> - at.gv.egovernment.moa.id.auth.servlet.PEPSConnectorWithLocalSigningServlet</servlet-class> - </servlet> - - <!-- Dispatcher servlets - <servlet> - <servlet-name>AuthDispatcherServlet</servlet-name> - <display-name>AuthDispatcher Servlet</display-name> - <servlet-class>at.gv.egovernment.moa.id.entrypoints.AuthDispatcherServlet</servlet-class> - <load-on-startup>1</load-on-startup> - </servlet>--> <servlet> - <servlet-name>DispatcherServlet</servlet-name> <display-name>Dispatcher Servlet</display-name> + <servlet-name>DispatcherServlet</servlet-name> <servlet-class>at.gv.egovernment.moa.id.entrypoints.DispatcherServlet</servlet-class> <load-on-startup>1</load-on-startup> </servlet> - - <!-- Servlet Registration --> - <servlet> - <servlet-name>at.gv.egovernment.moa.id.protocols.saml1.GetArtifactServlet</servlet-name> - <servlet-class>at.gv.egovernment.moa.id.protocols.saml1.GetArtifactServlet</servlet-class> - </servlet> - - - - <servlet-mapping> <servlet-name>DispatcherServlet</servlet-name> <url-pattern>/dispatcher</url-pattern> </servlet-mapping> - <!-- servlet-mapping> - <servlet-name>AuthDispatcherServlet</servlet-name> - <url-pattern>/AuthDispatcher</url-pattern> - </servlet-mapping --> - - - <!-- servlet mapping for jsp pages --> - <!-- errorpage.jsp (customizeable) --> -<!-- <servlet-mapping> - <servlet-name>jspservlet</servlet-name> - <url-pattern>/errorpage-auth.jsp</url-pattern> - </servlet-mapping> - message.jsp (customizeable) used for non error messages (e.g. ConfigurationUpdate) - <servlet-mapping> - <servlet-name>jspservlet</servlet-name> - <url-pattern>/message-auth.jsp</url-pattern> - </servlet-mapping> --> -<!-- <servlet-mapping> - <servlet-name>SelectBKU</servlet-name> - <url-pattern>/SelectBKU</url-pattern> - </servlet-mapping> --> - <servlet-mapping> - <servlet-name>GenerateIframeTemplate</servlet-name> - <url-pattern>/GenerateIframeTemplate</url-pattern> - </servlet-mapping> - <servlet-mapping> - <servlet-name>RedirectServlet</servlet-name> - <url-pattern>/RedirectServlet</url-pattern> - </servlet-mapping> - <servlet-mapping> - <servlet-name>MonitoringServlet</servlet-name> - <url-pattern>/MonitoringServlet</url-pattern> - </servlet-mapping> - <servlet-mapping> - <servlet-name>SSOSendAssertionServlet</servlet-name> - <url-pattern>/SSOSendAssertionServlet</url-pattern> - </servlet-mapping> - <servlet-mapping> - <servlet-name>LogOut</servlet-name> - <url-pattern>/LogOut</url-pattern> - </servlet-mapping> - <servlet-mapping> - <servlet-name>IDPSLO</servlet-name> - <url-pattern>/idpSingleLogout</url-pattern> - </servlet-mapping> - <servlet-mapping> - <servlet-name>VerifyIdentityLink</servlet-name> - <url-pattern>/VerifyIdentityLink</url-pattern> - </servlet-mapping> - <servlet-mapping> - <servlet-name>VerifyCertificate</servlet-name> - <url-pattern>/VerifyCertificate</url-pattern> - </servlet-mapping> + <servlet> + <description>Resumes a suspended process task.</description> + <display-name>ProcessEngineSignal</display-name> + <servlet-name>ProcessEngineSignal</servlet-name> + <servlet-class>at.gv.egovernment.moa.id.auth.servlet.ProcessEngineSignalServlet</servlet-class> + </servlet> <servlet-mapping> - <servlet-name>GetMISSessionID</servlet-name> + <!-- do not change this servlet-name --> + <servlet-name>ProcessEngineSignal</servlet-name> + + <!-- Use this url-pattern in order to signal the next (asynchronous) task. --> + <url-pattern>/signalProcess</url-pattern> + + <!-- legacy url patterns for asynchronous tasks (internal default module/processes) --> <url-pattern>/GetMISSessionID</url-pattern> - </servlet-mapping> - <servlet-mapping> - <servlet-name>GetForeignID</servlet-name> <url-pattern>/GetForeignID</url-pattern> - </servlet-mapping> - -<!-- <servlet-mapping> - <servlet-name>ProcessInput</servlet-name> - <url-pattern>/ProcessInput</url-pattern> - </servlet-mapping> --> - - <servlet-mapping> - <servlet-name>VerifyAuthBlock</servlet-name> <url-pattern>/VerifyAuthBlock</url-pattern> - </servlet-mapping> -<!-- <servlet-mapping> - <servlet-name>ConfigurationUpdate</servlet-name> - <url-pattern>/ConfigurationUpdate</url-pattern> - </servlet-mapping> --> - <servlet-mapping> - <servlet-name>AxisServlet</servlet-name> - <url-pattern>/services/*</url-pattern> - </servlet-mapping> - <servlet-mapping> - <servlet-name>PEPSConnectorServlet</servlet-name> - <url-pattern>/PEPSConnector</url-pattern> - </servlet-mapping> -<servlet-mapping> - <servlet-name>PEPSConnectorWithLocalSigningServlet</servlet-name> + <url-pattern>/VerifyCertificate</url-pattern> + <url-pattern>/VerifyIdentityLink</url-pattern> + + <!-- + STORK servlet mappings; automatically registered by the stork module; + refer to at.gv.egovernment.moa.id.auth.modules.stork.STORKWebApplicationInitializer + --> + <!-- <url-pattern>/PEPSConnectorWithLocalSigning</url-pattern> + <url-pattern>/PEPSConnector</url-pattern> + --> </servlet-mapping> - <!-- Filters --> - <!-- <filter> <filter-name>DispatcherDecoratorFilter</filter-name> <filter-class>at.gv.egovernment.moa.id.sso.DispatcherDecoratorFilter</filter-class> - </filter> --> - - <filter> - <filter-name>UrlRewriteFilter</filter-name> - <filter-class>org.tuckey.web.filters.urlrewrite.UrlRewriteFilter</filter-class> - </filter> - - <filter-mapping> - <filter-name>UrlRewriteFilter</filter-name> - <url-pattern>/*</url-pattern> - </filter-mapping> - <!-- <filter-mapping> <filter-name>DispatcherDecoratorFilter</filter-name> - <url-pattern>/AuthDispatcher</url-pattern> <dispatcher>REQUEST</dispatcher> - <dispatcher>FORWARD</dispatcher> </filter-mapping> <filter-mapping> <filter-name>DispatcherDecoratorFilter</filter-name> - <url-pattern>/StartAuthentication</url-pattern> <dispatcher>REQUEST</dispatcher> - <dispatcher>FORWARD</dispatcher> </filter-mapping> --> <session-config> <session-timeout>5</session-timeout> </session-config> + <error-page> <error-code>500</error-code> <location>/errorpage.jsp</location> </error-page> -<!-- <security-constraint> - <web-resource-collection> - <web-resource-name>ConfigurationUpdate</web-resource-name> - <url-pattern>/ConfigurationUpdate</url-pattern> - </web-resource-collection> - <auth-constraint> - <role-name>moa-admin</role-name> - </auth-constraint> - </security-constraint> --> + <login-config> <auth-method>BASIC</auth-method> <realm-name>UserDatabase</realm-name> </login-config> <security-role> - <description> - The role that is required to log in to the moa Application - </description> + <description>The role that is required to log in to the moa Application</description> <role-name>moa-admin</role-name> </security-role> + </web-app> |