aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2016-02-10 16:25:06 +0100
committerThomas Lenz <tlenz@iaik.tugraz.at>2016-02-10 16:25:06 +0100
commitd0e4e457b349e7d4ffc7b9eb146d79c8100f9781 (patch)
treeb6e502abcc1a4716f6486782f1983799c9c0704d /id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java
parent8b29eb9a19c4dcf6e30e34e41b8c6db61a21adb6 (diff)
downloadmoa-id-spss-d0e4e457b349e7d4ffc7b9eb146d79c8100f9781.tar.gz
moa-id-spss-d0e4e457b349e7d4ffc7b9eb146d79c8100f9781.tar.bz2
moa-id-spss-d0e4e457b349e7d4ffc7b9eb146d79c8100f9781.zip
switch to Spring based application initializer
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java201
1 files changed, 151 insertions, 50 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java
index 038a35d42..efd8248f4 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java
@@ -3,21 +3,31 @@
package at.gv.egovernment.moa.id.auth;
-import iaik.pki.PKIException;
-import iaik.security.ecc.provider.ECCProvider;
-import iaik.security.provider.IAIK;
-
import java.io.IOException;
import java.security.GeneralSecurityException;
import javax.activation.CommandMap;
import javax.activation.MailcapCommandMap;
+import javax.servlet.ServletContext;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRegistration;
+
+import org.springframework.beans.factory.config.BeanDefinition;
+import org.springframework.beans.factory.support.BeanDefinitionRegistry;
+import org.springframework.beans.factory.xml.XmlBeanDefinitionReader;
+import org.springframework.context.support.GenericApplicationContext;
+import org.springframework.web.WebApplicationInitializer;
+import org.springframework.web.context.ContextLoaderListener;
+import org.springframework.web.context.request.RequestContextListener;
+import org.springframework.web.context.support.GenericWebApplicationContext;
+import org.springframework.web.context.support.ServletContextResource;
+import org.springframework.web.servlet.DispatcherServlet;
+import at.gv.egiz.components.spring.api.SpringLoader;
import at.gv.egovernment.moa.id.config.ConfigurationException;
import at.gv.egovernment.moa.id.config.auth.AuthConfiguration;
import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
import at.gv.egovernment.moa.id.config.auth.MOAGarbageCollector;
-import at.gv.egovernment.moa.id.util.AxisSecureSocketFactory;
import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
import at.gv.egovernment.moa.id.util.SSLUtils;
import at.gv.egovernment.moa.logging.Logger;
@@ -27,6 +37,9 @@ import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
import at.gv.egovernment.moa.spss.server.iaik.config.IaikConfigurator;
import at.gv.egovernment.moa.util.Constants;
import at.gv.egovernment.moa.util.MiscUtil;
+import iaik.pki.PKIException;
+import iaik.security.ecc.provider.ECCProvider;
+import iaik.security.provider.IAIK;
/**
* Web application initializer
@@ -34,66 +47,136 @@ import at.gv.egovernment.moa.util.MiscUtil;
* @author Paul Ivancsics
* @version $Id$
*/
-public class MOAIDAuthInitializer {
+public class MOAIDAuthInitializer implements WebApplicationInitializer {
+
+ private String[] rootServletContexts = null;
+
+ private String[] servletContexts = null;
+
+ private String[] activeProfiles = null;
+
+ public MOAIDAuthInitializer() {
+ this.rootServletContexts = null;
+ this.servletContexts = new String[] {
+ "/WEB-INF/applicationContext.xml",
+
+ };
+ this.activeProfiles = null;
+ }
+
+
+ /* (non-Javadoc)
+ * @see org.springframework.web.WebApplicationInitializer#onStartup(javax.servlet.ServletContext)
+ */
+ @Override
+ public void onStartup(ServletContext servletContext) throws ServletException {
+ try {
+ Logger.info("=============== Loading Root Context! ===============");
+ GenericWebApplicationContext rootContext = new GenericWebApplicationContext();
+ rootContext.setServletContext(servletContext);
+
+ Logger.info("=============== Setting active profiles! ===============");
+ if (this.activeProfiles != null) {
+ for (String profile : this.activeProfiles) {
+ rootContext.getEnvironment().addActiveProfile(profile);
+ }
+ }
+
+ Logger.info("=============== Loading Local Contexts! ===============");
+ XmlBeanDefinitionReader xmlReader = new XmlBeanDefinitionReader(
+ rootContext);
+ if (rootServletContexts != null) {
+ for (String rootServletContext : rootServletContexts) {
+ Logger.debug("Loading: "+ rootServletContext);
+ xmlReader.loadBeanDefinitions(new ServletContextResource(
+ servletContext, rootServletContext));
+ }
+ }
+ // Manage the lifecycle of the root application context
+ servletContext.addListener(new ContextLoaderListener(rootContext));
+
+ // logger.debug("Beans after logAMQP in {}", rootContext);
+ // dumpBeanDefinitions(rootContext);
+
+ Logger.info("=============== Loading SPI Context! ===============");
+ // logger.debug("Startup with context {}", rootContext);
+ if (rootContext instanceof BeanDefinitionRegistry) {
+ Logger.debug("Loading EGIZ components");
+ SpringLoader
+ .loadSpringServices(rootContext);
+ } else {
+ Logger.warn("Failed to load external Spring since no BeanDefinitionRegistry");
+ }
+
+ Logger.trace("Beans after SPI in "+ rootContext);
+ dumpBeanDefinitions(rootContext);
- /** a boolean identifying if the MOAIDAuthInitializer has been startet */
- public static boolean initialized = false;
+ Logger.debug("Loading servlet config in "+ rootContext);
+ if (servletContexts != null) {
+ for (String servletContextString : servletContexts) {
+ xmlReader.loadBeanDefinitions(new ServletContextResource(
+ servletContext, servletContextString));
+ }
+ }
+ Logger.debug("Refreshing context "+ rootContext);
+ rootContext.refresh();
+ Logger.info("=============== Register Dispatcher Servlet! ===============");
+
+ Logger.trace("Final Beans in "+ rootContext);
+ dumpBeanDefinitions(rootContext);
+
+
+ Logger.info("Registering dispatcher configuration");
+ ServletRegistration.Dynamic dispatcher = servletContext.addServlet(
+ "dispatcher", new DispatcherServlet(rootContext));
+ if (dispatcher != null) {
+ dispatcher.setLoadOnStartup(1);
+ dispatcher.addMapping("/*");
+ dispatcher.setAsyncSupported(true);
+ } else {
+ Logger.error("Failed to register dispatcher server in servlet context!");
+ }
+
+ Logger.info("=============== Register RequestContextListener! ===============");
+ servletContext.addListener(new RequestContextListener());
+
+ Logger.info("Basic Context initalisation finished --> Start MOA-ID-Auth initialisation process ...");
+ MOAIDAuthInitializer.initialize(rootContext);
+ Logger.info(MOAIDMessageProvider.getInstance().getMessage(
+ "init.00", null));
+ Logger.info("MOA-ID-Auth initialization finished.");
+
+
+ } catch (Throwable e) {
+ Logger.fatal(
+ MOAIDMessageProvider.getInstance().getMessage("init.02",
+ null), e);
+
+ }
+
+ }
+
+
+
/**
* Initializes the web application components which need initialization:
* logging, JSSE, MOA-ID Auth configuration, Axis, session cleaner.
+ * @param rootContext
*/
- public static void initialize() throws ConfigurationException,
+ public static void initialize(GenericWebApplicationContext rootContext) throws ConfigurationException,
PKIException, IOException, GeneralSecurityException {
- if (initialized) return;
- initialized = true;
Logger.setHierarchy("moa.id.auth");
Logger.info("Default java file.encoding: "
+ System.getProperty("file.encoding"));
-
- Logger.info("Loading security providers.");
- IAIK.addAsProvider();
-
-
-// Security.insertProviderAt(new IAIK(), 1);
-// Security.insertProviderAt(new ECCProvider(), 1);
-
+
//JDK bug workaround according to:
// http://jce.iaik.tugraz.at/products/03_cms/faq/index.php#JarVerifier
// register content data handlers for S/MIME types
MailcapCommandMap mc = new MailcapCommandMap();
CommandMap.setDefaultCommandMap(mc);
- // create some properties and get the default Session
-// Properties props = new Properties();
-// props.put("mail.smtp.host", "localhost");
-// Session session = Session.getDefaultInstance(props, null);
-
- // Restricts TLS cipher suites
-// System.setProperty(
-// "https.cipherSuites",
-// "SSL_RSA_WITH_RC4_128_SHA,SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_3DES_EDE_CBC_SHA");
-//
- // actual HIGH cipher suites from OpenSSL
-// Mapping OpenSSL - Java
-// OpenSSL Java
-// http://www.openssl.org/docs/apps/ciphers.html http://docs.oracle.com/javase/6/docs/technotes/guides/security/SunProviders.html
-// via !openssl ciphers -tls1 HIGH !v!
-//
-// ADH-AES256-SHA TLS_DH_anon_WITH_AES_256_CBC_SHA
-// DHE-RSA-AES256-SHA TLS_DHE_RSA_WITH_AES_256_CBC_SHA
-// DHE-DSS-AES256-SHA TLS_DHE_DSS_WITH_AES_256_CBC_SHA
-// AES256-SHA TLS_RSA_WITH_AES_256_CBC_SHA
-// ADH-AES128-SHA TLS_DH_anon_WITH_AES_128_CBC_SHA
-// DHE-RSA-AES128-SHA TLS_DHE_RSA_WITH_AES_128_CBC_SHA
-// DHE-DSS-AES128-SHA TLS_DHE_DSS_WITH_AES_128_CBC_SHA
-// AES128-SHA TLS_RSA_WITH_AES_128_CBC_SHA
-// ADH-DES-CBC3-SHA SSL_DH_anon_WITH_3DES_EDE_CBC_SHA
-// EDH-RSA-DES-CBC3-SHA -
-// EDH-DSS-DES-CBC3-SHA -
-// DES-CBC3-SHA SSL_RSA_WITH_3DES_EDE_CBC_SHA
-
if (MiscUtil.isEmpty(System.getProperty("https.cipherSuites")))
System.setProperty(
"https.cipherSuites",
@@ -122,9 +205,11 @@ public class MOAIDAuthInitializer {
"init.01", null), e);
}
+ Logger.info("Loading security providers.");
IAIK.addAsProvider();
ECCProvider.addAsProvider();
+
// Initializes SSLSocketFactory store
SSLUtils.initialize();
@@ -134,12 +219,15 @@ public class MOAIDAuthInitializer {
"http://www.w3.org/2001/04/xmldsig-more#");
Constants.nSMap.put(Constants.DSIG_PREFIX, Constants.DSIG_NS_URI);
+
// Initialize configuration provider
- AuthConfiguration authConf = AuthConfigurationProviderFactory.reload();
+ AuthConfiguration authConf = AuthConfigurationProviderFactory.reload(rootContext);
- //test, if MOA-ID is already configured
+
+ //test, if MOA-ID is already configured
authConf.getPublicURLPrefix();
+
// Initialize MOA-SP
//MOA-SP is only use by API calls since MOA-ID 3.0.0
try {
@@ -161,4 +249,17 @@ public class MOAIDAuthInitializer {
MOAGarbageCollector.start();
}
+ private void dumpBeanDefinitions(GenericApplicationContext context) {
+ Logger.trace("Registered Bean in context " + context.toString());
+
+ String[] registeredBeans = context.getBeanDefinitionNames();
+ for (String registeredBean : registeredBeans) {
+ BeanDefinition beanDefinition = context
+ .getBeanDefinition(registeredBean);
+ Logger.trace(registeredBean + " -> " + beanDefinition.getBeanClassName());
+
+ }
+
+ Logger.trace("Registered Bean in context --"+ context);
+ }
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-23 09:15:19 +0000