aboutsummaryrefslogtreecommitdiff
path: root/id/server/auth/src/main
diff options
context:
space:
mode:
authorThomas Knall <t.knall@datentechnik-innovation.com>2015-01-22 12:13:07 +0100
committerThomas Knall <t.knall@datentechnik-innovation.com>2015-01-22 12:13:07 +0100
commitad40ae9233c5f2a32c983962d655e686af546677 (patch)
treebf6c2cbef9f0f6d7050b69a3d13b87d82cc500bc /id/server/auth/src/main
parenta1bb34634bf4f30fc565109358eb51bd1111dc21 (diff)
downloadmoa-id-spss-ad40ae9233c5f2a32c983962d655e686af546677.tar.gz
moa-id-spss-ad40ae9233c5f2a32c983962d655e686af546677.tar.bz2
moa-id-spss-ad40ae9233c5f2a32c983962d655e686af546677.zip
Add mandate process support (MOAID-60).
- Refactor moa-id auth web.xml -- Group the servlets with their corresponding mappings. -- Replace servlets for mappings "/GetMISSessionID", "/VerifyAuthBlock", "/VerifyCertificate" and "/VerifyIdentityLink". -- Remove disabled declarations. - Replace link http://jigsaw.w3.org/css-validator/images/vcss-blue with https://... within the internal templates (loginFormFull.html, sendAssertionFormFull.html, ...). - Set classes deprecated: GetMISSessionIDServlet, VerifyCertificateServlet - ProcessEngineSignalServlet: make GET delegate to PUT - Replace some "implements MOAIDAuthConstants" with "import static MOAIDAuthConstants.*". - Add detailed Javadoc to *Task.java. - Update DefaultAuthentication.process.xml for mandate - Add GetMISSessionIDTask and VerifyCertificateTask. - Add adapter class for iaik.IAIKRuntimeException in order to satisfy some library's bogus dependendies.
Diffstat (limited to 'id/server/auth/src/main')
-rw-r--r--id/server/auth/src/main/webapp/WEB-INF/web.xml272
1 files changed, 72 insertions, 200 deletions
diff --git a/id/server/auth/src/main/webapp/WEB-INF/web.xml b/id/server/auth/src/main/webapp/WEB-INF/web.xml
index 477cce57b..1dd3b7a40 100644
--- a/id/server/auth/src/main/webapp/WEB-INF/web.xml
+++ b/id/server/auth/src/main/webapp/WEB-INF/web.xml
@@ -36,41 +36,67 @@
<filter-name>requestContextFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
+
+ <filter>
+ <filter-name>UrlRewriteFilter</filter-name>
+ <filter-class>org.tuckey.web.filters.urlrewrite.UrlRewriteFilter</filter-class>
+ </filter>
+ <filter-mapping>
+ <filter-name>UrlRewriteFilter</filter-name>
+ <url-pattern>/*</url-pattern>
+ </filter-mapping>
-
-<!-- <servlet>
- <servlet-name>SelectBKU</servlet-name>
- <display-name>SelectBKU</display-name>
- <description>Select Bürgerkartenartenumgebung</description>
- <servlet-class>at.gv.egovernment.moa.id.auth.servlet.SelectBKUServlet</servlet-class>
- </servlet> -->
<servlet>
<description>Generate BKU Request template</description>
<display-name>GenerateIframeTemplate</display-name>
<servlet-name>GenerateIframeTemplate</servlet-name>
<servlet-class>at.gv.egovernment.moa.id.auth.servlet.GenerateIFrameTemplateServlet</servlet-class>
</servlet>
+ <servlet-mapping>
+ <servlet-name>GenerateIframeTemplate</servlet-name>
+ <url-pattern>/GenerateIframeTemplate</url-pattern>
+ </servlet-mapping>
+
<servlet>
<display-name>RedirectServlet</display-name>
<servlet-name>RedirectServlet</servlet-name>
<servlet-class>at.gv.egovernment.moa.id.auth.servlet.RedirectServlet</servlet-class>
</servlet>
+ <servlet-mapping>
+ <servlet-name>RedirectServlet</servlet-name>
+ <url-pattern>/RedirectServlet</url-pattern>
+ </servlet-mapping>
+
<servlet>
<display-name>MonitoringServlet</display-name>
<servlet-name>MonitoringServlet</servlet-name>
<servlet-class>at.gv.egovernment.moa.id.auth.servlet.MonitoringServlet</servlet-class>
</servlet>
+ <servlet-mapping>
+ <servlet-name>MonitoringServlet</servlet-name>
+ <url-pattern>/MonitoringServlet</url-pattern>
+ </servlet-mapping>
+
<servlet>
<display-name>SSOSendAssertionServlet</display-name>
<servlet-name>SSOSendAssertionServlet</servlet-name>
<servlet-class>at.gv.egovernment.moa.id.auth.servlet.SSOSendAssertionServlet</servlet-class>
- </servlet>
+ </servlet>
+ <servlet-mapping>
+ <servlet-name>SSOSendAssertionServlet</servlet-name>
+ <url-pattern>/SSOSendAssertionServlet</url-pattern>
+ </servlet-mapping>
+
<servlet>
<description>SSO LogOut</description>
<display-name>LogOut</display-name>
<servlet-name>LogOut</servlet-name>
<servlet-class>at.gv.egovernment.moa.id.auth.servlet.LogOutServlet</servlet-class>
</servlet>
+ <servlet-mapping>
+ <servlet-name>LogOut</servlet-name>
+ <url-pattern>/LogOut</url-pattern>
+ </servlet-mapping>
<servlet>
<description>IDP Single LogOut Service</description>
@@ -78,25 +104,10 @@
<servlet-name>IDPSLO</servlet-name>
<servlet-class>at.gv.egovernment.moa.id.auth.servlet.IDPSingleLogOutServlet</servlet-class>
</servlet>
-
- <servlet>
- <description>Verify identity link coming from security layer</description>
- <display-name>VerifyIdentityLink</display-name>
- <servlet-name>VerifyIdentityLink</servlet-name>
- <servlet-class>at.gv.egovernment.moa.id.auth.servlet.VerifyIdentityLinkServlet</servlet-class>
- </servlet>
- <servlet>
- <description>Verify the certificate coming from security layer</description>
- <display-name>VerifyCertificate</display-name>
- <servlet-name>VerifyCertificate</servlet-name>
- <servlet-class>at.gv.egovernment.moa.id.auth.servlet.VerifyCertificateServlet</servlet-class>
- </servlet>
- <servlet>
- <description>Get the MIS session ID coming from security layer</description>
- <display-name>GetMISSessionID</display-name>
- <servlet-name>GetMISSessionID</servlet-name>
- <servlet-class>at.gv.egovernment.moa.id.auth.servlet.GetMISSessionIDServlet</servlet-class>
- </servlet>
+ <servlet-mapping>
+ <servlet-name>IDPSLO</servlet-name>
+ <url-pattern>/idpSingleLogout</url-pattern>
+ </servlet-mapping>
<servlet>
<description>Gets the foreign eID from security layer</description>
@@ -104,223 +115,84 @@
<servlet-name>GetForeignID</servlet-name>
<servlet-class>at.gv.egovernment.moa.id.auth.servlet.GetForeignIDServlet</servlet-class>
</servlet>
-<!-- <servlet>
- <servlet-name>ProcessInput</servlet-name>
- <display-name>ProcessInput</display-name>
- <description>Process user input needed by infobox validators</description>
- <servlet-class>at.gv.egovernment.moa.id.auth.servlet.ProcessValidatorInputServlet</servlet-class>
- </servlet> -->
- <servlet>
- <description>Verify AUTH block coming from security layer</description>
- <display-name>VerifyAuthBlock</display-name>
- <servlet-name>VerifyAuthBlock</servlet-name>
- <servlet-class>at.gv.egovernment.moa.id.auth.servlet.VerifyAuthenticationBlockServlet</servlet-class>
- </servlet>
-<!-- <servlet>
- <servlet-name>ConfigurationUpdate</servlet-name>
- <display-name>ConfigurationUpdate</display-name>
- <description>Update MOA-ID Auth configuration from the configuration
- file</description>
- <servlet-class>at.gv.egovernment.moa.id.auth.servlet.ConfigurationServlet</servlet-class>
- </servlet> -->
+ <servlet-mapping>
+ <servlet-name>GetForeignID</servlet-name>
+ <url-pattern>/GetForeignID</url-pattern>
+ </servlet-mapping>
+
<servlet>
<display-name>Apache-Axis Servlet</display-name>
<servlet-name>AxisServlet</servlet-name>
<servlet-class>org.apache.axis.transport.http.AxisServlet</servlet-class>
</servlet>
+ <servlet-mapping>
+ <servlet-name>AxisServlet</servlet-name>
+ <url-pattern>/services/*</url-pattern>
+ </servlet-mapping>
- <!-- JSP servlet -->
-<!-- <servlet>
- <servlet-name>jspservlet</servlet-name>
- <servlet-class>org.apache.jasper.servlet.JspServlet</servlet-class>
- </servlet> -->
<servlet>
- <description>Servlet receiving STORK SAML Response Messages from
- different C-PEPS</description>
+ <description>Servlet receiving STORK SAML Response Messages from different C-PEPS</description>
<display-name>PEPSConnectorServlet</display-name>
<servlet-name>PEPSConnectorServlet</servlet-name>
- <servlet-class>
- at.gv.egovernment.moa.id.auth.servlet.PEPSConnectorServlet</servlet-class>
+ <servlet-class>at.gv.egovernment.moa.id.auth.servlet.PEPSConnectorServlet</servlet-class>
</servlet>
+ <servlet-mapping>
+ <servlet-name>PEPSConnectorServlet</servlet-name>
+ <url-pattern>/PEPSConnector</url-pattern>
+ </servlet-mapping>
+
<servlet>
- <description>Servlet receiving STORK SAML Response Messages from
- different C-PEPS</description>
+ <description>Servlet receiving STORK SAML Response Messages from different C-PEPS</description>
<display-name>PEPSConnectorWithLocalSigningServlet</display-name>
<servlet-name>PEPSConnectorWithLocalSigningServlet</servlet-name>
- <servlet-class>
- at.gv.egovernment.moa.id.auth.servlet.PEPSConnectorWithLocalSigningServlet</servlet-class>
+ <servlet-class>at.gv.egovernment.moa.id.auth.servlet.PEPSConnectorWithLocalSigningServlet</servlet-class>
</servlet>
-
- <!-- Dispatcher servlets
- <servlet>
- <servlet-name>AuthDispatcherServlet</servlet-name>
- <display-name>AuthDispatcher Servlet</display-name>
- <servlet-class>at.gv.egovernment.moa.id.entrypoints.AuthDispatcherServlet</servlet-class>
- <load-on-startup>1</load-on-startup>
- </servlet>-->
+ <servlet-mapping>
+ <servlet-name>PEPSConnectorWithLocalSigningServlet</servlet-name>
+ <url-pattern>/PEPSConnectorWithLocalSigning</url-pattern>
+ </servlet-mapping>
+
<servlet>
<display-name>Dispatcher Servlet</display-name>
<servlet-name>DispatcherServlet</servlet-name>
<servlet-class>at.gv.egovernment.moa.id.entrypoints.DispatcherServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
-
- <!-- Servlet Registration -->
- <servlet>
- <servlet-name>at.gv.egovernment.moa.id.protocols.saml1.GetArtifactServlet</servlet-name>
- <servlet-class>at.gv.egovernment.moa.id.protocols.saml1.GetArtifactServlet</servlet-class>
- </servlet>
+ <servlet-mapping>
+ <servlet-name>DispatcherServlet</servlet-name>
+ <url-pattern>/dispatcher</url-pattern>
+ </servlet-mapping>
<servlet>
- <description>Resumes a suspended process engine task.</description>
+ <description>Resumes a suspended process task.</description>
<display-name>ProcessEngineSignal</display-name>
<servlet-name>ProcessEngineSignal</servlet-name>
<servlet-class>at.gv.egovernment.moa.id.auth.servlet.ProcessEngineSignalServlet</servlet-class>
</servlet>
-
-
-
- <servlet-mapping>
- <servlet-name>DispatcherServlet</servlet-name>
- <url-pattern>/dispatcher</url-pattern>
- </servlet-mapping>
- <!-- servlet-mapping>
- <servlet-name>AuthDispatcherServlet</servlet-name>
- <url-pattern>/AuthDispatcher</url-pattern>
- </servlet-mapping -->
-
-
- <!-- servlet mapping for jsp pages -->
- <!-- errorpage.jsp (customizeable) -->
-<!-- <servlet-mapping>
- <servlet-name>jspservlet</servlet-name>
- <url-pattern>/errorpage-auth.jsp</url-pattern>
- </servlet-mapping>
- message.jsp (customizeable) used for non error messages (e.g. ConfigurationUpdate)
- <servlet-mapping>
- <servlet-name>jspservlet</servlet-name>
- <url-pattern>/message-auth.jsp</url-pattern>
- </servlet-mapping> -->
-
-<!-- <servlet-mapping>
- <servlet-name>SelectBKU</servlet-name>
- <url-pattern>/SelectBKU</url-pattern>
- </servlet-mapping> -->
- <servlet-mapping>
- <servlet-name>GenerateIframeTemplate</servlet-name>
- <url-pattern>/GenerateIframeTemplate</url-pattern>
- </servlet-mapping>
- <servlet-mapping>
- <servlet-name>RedirectServlet</servlet-name>
- <url-pattern>/RedirectServlet</url-pattern>
- </servlet-mapping>
- <servlet-mapping>
- <servlet-name>MonitoringServlet</servlet-name>
- <url-pattern>/MonitoringServlet</url-pattern>
- </servlet-mapping>
<servlet-mapping>
- <servlet-name>SSOSendAssertionServlet</servlet-name>
- <url-pattern>/SSOSendAssertionServlet</url-pattern>
- </servlet-mapping>
- <servlet-mapping>
- <servlet-name>LogOut</servlet-name>
- <url-pattern>/LogOut</url-pattern>
- </servlet-mapping>
- <servlet-mapping>
- <servlet-name>IDPSLO</servlet-name>
- <url-pattern>/idpSingleLogout</url-pattern>
- </servlet-mapping>
- <servlet-mapping>
- <!--
- <servlet-name>VerifyIdentityLink</servlet-name>
- -->
<servlet-name>ProcessEngineSignal</servlet-name>
- <url-pattern>/VerifyIdentityLink</url-pattern>
- </servlet-mapping>
- <servlet-mapping>
- <servlet-name>VerifyCertificate</servlet-name>
- <url-pattern>/VerifyCertificate</url-pattern>
- </servlet-mapping>
- <servlet-mapping>
- <servlet-name>GetMISSessionID</servlet-name>
<url-pattern>/GetMISSessionID</url-pattern>
- </servlet-mapping>
- <servlet-mapping>
- <servlet-name>GetForeignID</servlet-name>
- <url-pattern>/GetForeignID</url-pattern>
- </servlet-mapping>
-
-<!-- <servlet-mapping>
- <servlet-name>ProcessInput</servlet-name>
- <url-pattern>/ProcessInput</url-pattern>
- </servlet-mapping> -->
-
- <servlet-mapping>
- <!--
- <servlet-name>VerifyAuthBlock</servlet-name>
- -->
- <servlet-name>ProcessEngineSignal</servlet-name>
<url-pattern>/VerifyAuthBlock</url-pattern>
+ <url-pattern>/VerifyCertificate</url-pattern>
+ <url-pattern>/VerifyIdentityLink</url-pattern>
</servlet-mapping>
-<!-- <servlet-mapping>
- <servlet-name>ConfigurationUpdate</servlet-name>
- <url-pattern>/ConfigurationUpdate</url-pattern>
- </servlet-mapping> -->
- <servlet-mapping>
- <servlet-name>AxisServlet</servlet-name>
- <url-pattern>/services/*</url-pattern>
- </servlet-mapping>
- <servlet-mapping>
- <servlet-name>PEPSConnectorServlet</servlet-name>
- <url-pattern>/PEPSConnector</url-pattern>
- </servlet-mapping>
-<servlet-mapping>
- <servlet-name>PEPSConnectorWithLocalSigningServlet</servlet-name>
- <url-pattern>/PEPSConnectorWithLocalSigning</url-pattern>
- </servlet-mapping>
- <!-- Filters -->
- <!-- <filter> <filter-name>DispatcherDecoratorFilter</filter-name> <filter-class>at.gv.egovernment.moa.id.sso.DispatcherDecoratorFilter</filter-class>
- </filter> -->
-
- <filter>
- <filter-name>UrlRewriteFilter</filter-name>
- <filter-class>org.tuckey.web.filters.urlrewrite.UrlRewriteFilter</filter-class>
- </filter>
-
- <filter-mapping>
- <filter-name>UrlRewriteFilter</filter-name>
- <url-pattern>/*</url-pattern>
- </filter-mapping>
- <!-- <filter-mapping> <filter-name>DispatcherDecoratorFilter</filter-name>
- <url-pattern>/AuthDispatcher</url-pattern> <dispatcher>REQUEST</dispatcher>
- <dispatcher>FORWARD</dispatcher> </filter-mapping> <filter-mapping> <filter-name>DispatcherDecoratorFilter</filter-name>
- <url-pattern>/StartAuthentication</url-pattern> <dispatcher>REQUEST</dispatcher>
- <dispatcher>FORWARD</dispatcher> </filter-mapping> -->
<session-config>
<session-timeout>5</session-timeout>
</session-config>
+
<error-page>
<error-code>500</error-code>
<location>/errorpage.jsp</location>
</error-page>
-<!-- <security-constraint>
- <web-resource-collection>
- <web-resource-name>ConfigurationUpdate</web-resource-name>
- <url-pattern>/ConfigurationUpdate</url-pattern>
- </web-resource-collection>
- <auth-constraint>
- <role-name>moa-admin</role-name>
- </auth-constraint>
- </security-constraint> -->
+
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>UserDatabase</realm-name>
</login-config>
<security-role>
- <description>
- The role that is required to log in to the moa Application
- </description>
+ <description>The role that is required to log in to the moa Application</description>
<role-name>moa-admin</role-name>
</security-role>
+
</web-app>