diff options
author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2013-06-13 13:19:38 +0200 |
---|---|---|
committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2013-06-13 13:19:38 +0200 |
commit | bba86def6a69726671838ebdacb918d3ede5de16 (patch) | |
tree | 719f555d6a32a1e4a99c5603c134fb77119b733e /id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data | |
parent | f9e919720beb463aad4483f1779be12d990f6951 (diff) | |
download | moa-id-spss-bba86def6a69726671838ebdacb918d3ede5de16.tar.gz moa-id-spss-bba86def6a69726671838ebdacb918d3ede5de16.tar.bz2 moa-id-spss-bba86def6a69726671838ebdacb918d3ede5de16.zip |
+ cleanup MOAIDSession class
+ update authentication process to use new MOAIDSession class
+ move MOAIDSession to Hibernate Database
+ activate Mandates for SAML1
!!Stork authentication not tested!!
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data')
3 files changed, 264 insertions, 216 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java index 3e909ecd4..e023acafa 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java @@ -25,6 +25,9 @@ package at.gv.egovernment.moa.id.auth.data; import iaik.x509.X509Certificate; +import java.io.Serializable; +import java.security.cert.CertificateEncodingException; +import java.security.cert.CertificateException; import java.util.ArrayList; import java.util.Date; import java.util.Iterator; @@ -45,8 +48,13 @@ import eu.stork.mw.messages.saml.STORKAuthnRequest; * @author Paul Ivancsics * @version $Id$ */ -public class AuthenticationSession { +public class AuthenticationSession implements Serializable { + /** + * + */ + private static final long serialVersionUID = 1L; + private static String TARGET_PREFIX_ = Constants.URN_PREFIX_CDID + "+"; private static String REGISTERANDORDNR_PREFIX_ = Constants.URN_PREFIX_WBPK + "+"; @@ -70,10 +78,7 @@ public class AuthenticationSession { * SourceID */ private String sourceID; - /** - * Indicates if target from configuration is used or not - */ - private boolean useTargetFromConfig; + /** * public online application URL requested */ @@ -97,6 +102,13 @@ public class AuthenticationSession { private String bkuURL; /** + * Indicates whether the corresponding online application is a business + * service or not + */ + private boolean businessService; + + //Store Mandate + /** * Use mandate */ private boolean useMandate; @@ -107,65 +119,42 @@ public class AuthenticationSession { private String mandateReferenceValue; /** - * Authentication data for the assertion - */ - private AuthenticationData assertionAuthData; - - /** - * Persondata for the assertion - */ - private String assertionPrPerson; - - /** - * Authblock for the assertion - */ - private String assertionAuthBlock; - - /** - * Identitylink assertion for the (MOA) assertion - */ - private String assertionIlAssertion; - - /** - * Signer certificate (base64 encoded) for the assertion - */ - private String assertionSignerCertificateBase64; - - /** - * bussiness service for the assertion - */ - boolean assertionBusinessService; - - /** * SessionID for MIS */ private String misSessionID; + + private String mandateData; + + //store Identitylink /** * identity link read from smartcard */ private IdentityLink identityLink; - /** - * authentication block to be signed by the user - */ - private String authBlock; - /** - * timestamp logging when authentication session has been created - */ - private Date timestampStart; + /** * timestamp logging when identity link has been received */ private Date timestampIdentityLink; + + //store Authblock /** - * Indicates whether the corresponding online application is a business - * service or not + * authentication block to be signed by the user */ - private boolean businessService; + private String authBlock; + + /** + * The issuing time of the AUTH-Block SAML assertion. + */ + private String issueInstant; + //Signer certificate /** * Signer certificate of the foreign citizen or for mandate mode */ - private X509Certificate signerCertificate; + //private X509Certificate signerCertificate; + private byte[] signerCertificate; + + /** * SAML attributes from an extended infobox validation to be appended to the * SAML assertion delivered to the final online application. @@ -184,11 +173,8 @@ public class AuthenticationSession { */ private List extendedSAMLAttributesAUTH; - /** - * The issuing time of the AUTH-Block SAML assertion. - */ - private String issueInstant; - + + //TODO: check if it is in use! /** * If infobox validators are needed after signing, they can be stored in * this list. @@ -212,11 +198,61 @@ public class AuthenticationSession { */ private STORKAuthnRequest storkAuthnRequest; - private AuthenticationData authData; - private String mandateData; + private AuthenticationData authData; + + //protocol selection + private String action; private String modul; + + private boolean authenticated; + private boolean authenticatedUsed = false; + + +// /** +// * Indicates if target from configuration is used or not +// */ +// private boolean useTargetFromConfig; + +// /** +// * Authentication data for the assertion +// */ +// private AuthenticationData assertionAuthData; +// +// /** +// * Persondata for the assertion +// */ +// private String assertionPrPerson; +// +// /** +// * Authblock for the assertion +// */ +// private String assertionAuthBlock; +// +// /** +// * Identitylink assertion for the (MOA) assertion +// */ +// private String assertionIlAssertion; +// +// /** +// * Signer certificate (base64 encoded) for the assertion +// */ +// private String assertionSignerCertificateBase64; +// +// /** +// * bussiness service for the assertion +// */ +// boolean assertionBusinessService; +// +// /** +// * timestamp logging when authentication session has been created +// */ +// private Date timestampStart; +// private CreateXMLSignatureResponse XMLCreateSignatureResponse; +// private VerifyXMLSignatureResponse XMLVerifySignatureResponse; +// private String requestedProtocolURL = null; + public String getModul() { return modul; } @@ -232,8 +268,6 @@ public class AuthenticationSession { public void setAction(String action) { this.action = action; } - - private String action; public String getMandateData() { return mandateData; @@ -251,16 +285,6 @@ public class AuthenticationSession { this.authData = authData; } - private CreateXMLSignatureResponse XMLCreateSignatureResponse; - - private VerifyXMLSignatureResponse XMLVerifySignatureResponse; - - private String requestedProtocolURL = null; - - private boolean authenticated; - - private boolean authenticatedUsed = false; - public boolean isAuthenticatedUsed() { return authenticatedUsed; } @@ -278,13 +302,13 @@ public class AuthenticationSession { } - public String getRequestedProtocolURL() { - return requestedProtocolURL; - } - - public void setRequestedProtocolURL(String requestedProtocolURL) { - this.requestedProtocolURL = requestedProtocolURL; - } +// public String getRequestedProtocolURL() { +// return requestedProtocolURL; +// } +// +// public void setRequestedProtocolURL(String requestedProtocolURL) { +// this.requestedProtocolURL = requestedProtocolURL; +// } /** * Constructor for AuthenticationSession. @@ -294,16 +318,29 @@ public class AuthenticationSession { */ public AuthenticationSession(String id) { sessionID = id; - setTimestampStart(); +// setTimestampStart(); infoboxValidators = new ArrayList(); } - public X509Certificate getSignerCertificate() { - return signerCertificate; + public X509Certificate getSignerCertificate(){ + try { + return new X509Certificate(signerCertificate); + } catch (CertificateException e) { + Logger.warn("Signer certificate can not be loaded from session database!", e); + return null; + } + } + + public byte[] getEncodedSignerCertificate() { + return this.signerCertificate; } public void setSignerCertificate(X509Certificate signerCertificate) { - this.signerCertificate = signerCertificate; + try { + this.signerCertificate = signerCertificate.getEncoded(); + } catch (CertificateEncodingException e) { + Logger.warn("Signer certificate can not be stored to session database!", e); + } } /** @@ -535,14 +572,14 @@ public class AuthenticationSession { this.businessService = businessService; } - /** - * Returns the timestampStart. - * - * @return Date - */ - public Date getTimestampStart() { - return timestampStart; - } +// /** +// * Returns the timestampStart. +// * +// * @return Date +// */ +// public Date getTimestampStart() { +// return timestampStart; +// } /** * Sets the current date as timestampIdentityLink. @@ -551,12 +588,12 @@ public class AuthenticationSession { timestampIdentityLink = new Date(); } - /** - * Sets the current date as timestampStart. - */ - public void setTimestampStart() { - timestampStart = new Date(); - } +// /** +// * Sets the current date as timestampStart. +// */ +// public void setTimestampStart() { +// timestampStart = new Date(); +// } /** * @return template URL @@ -827,24 +864,24 @@ public class AuthenticationSession { return this.useMandate; } - /** - * - * @param useTargetFromConfig - * indicates if target from config is used or not - */ - public void setUseTargetFromConfig(boolean useTargetFromConfig) { - this.useTargetFromConfig = useTargetFromConfig; - - } - - /** - * Returns if target is used from mandate or not - * - * @return - */ - public boolean getUseTargetFromConfig() { - return this.useTargetFromConfig; - } +// /** +// * +// * @param useTargetFromConfig +// * indicates if target from config is used or not +// */ +// public void setUseTargetFromConfig(boolean useTargetFromConfig) { +// this.useTargetFromConfig = useTargetFromConfig; +// +// } +// +// /** +// * Returns if target is used from mandate or not +// * +// * @return +// */ +// public boolean getUseTargetFromConfig() { +// return this.useTargetFromConfig; +// } /** * @@ -864,96 +901,96 @@ public class AuthenticationSession { return this.misSessionID; } - /** - * @return the assertionAuthData - */ - public AuthenticationData getAssertionAuthData() { - return assertionAuthData; - } - - /** - * @param assertionAuthData - * the assertionAuthData to set - */ - public void setAssertionAuthData(AuthenticationData assertionAuthData) { - this.assertionAuthData = assertionAuthData; - } - - /** - * @return the assertionPrPerson - */ - public String getAssertionPrPerson() { - return assertionPrPerson; - } - - /** - * @param assertionPrPerson - * the assertionPrPerson to set - */ - public void setAssertionPrPerson(String assertionPrPerson) { - this.assertionPrPerson = assertionPrPerson; - } - - /** - * @return the assertionAuthBlock - */ - public String getAssertionAuthBlock() { - return assertionAuthBlock; - } - - /** - * @param assertionAuthBlock - * the assertionAuthBlock to set - */ - public void setAssertionAuthBlock(String assertionAuthBlock) { - this.assertionAuthBlock = assertionAuthBlock; - } - - /** - * @return the assertionIlAssertion - */ - public String getAssertionIlAssertion() { - return assertionIlAssertion; - } - - /** - * @param assertionIlAssertion - * the assertionIlAssertion to set - */ - public void setAssertionIlAssertion(String assertionIlAssertion) { - this.assertionIlAssertion = assertionIlAssertion; - } - - /** - * @return the assertionSignerCertificateBase64 - */ - public String getAssertionSignerCertificateBase64() { - return assertionSignerCertificateBase64; - } - - /** - * @param assertionSignerCertificateBase64 - * the assertionSignerCertificateBase64 to set - */ - public void setAssertionSignerCertificateBase64( - String assertionSignerCertificateBase64) { - this.assertionSignerCertificateBase64 = assertionSignerCertificateBase64; - } - - /** - * @return the assertionBusinessService - */ - public boolean getAssertionBusinessService() { - return assertionBusinessService; - } - - /** - * @param assertionBusinessService - * the assertionBusinessService to set - */ - public void setAssertionBusinessService(boolean assertionBusinessService) { - this.assertionBusinessService = assertionBusinessService; - } +// /** +// * @return the assertionAuthData +// */ +// public AuthenticationData getAssertionAuthData() { +// return assertionAuthData; +// } +// +// /** +// * @param assertionAuthData +// * the assertionAuthData to set +// */ +// public void setAssertionAuthData(AuthenticationData assertionAuthData) { +// this.assertionAuthData = assertionAuthData; +// } +// +// /** +// * @return the assertionPrPerson +// */ +// public String getAssertionPrPerson() { +// return assertionPrPerson; +// } +// +// /** +// * @param assertionPrPerson +// * the assertionPrPerson to set +// */ +// public void setAssertionPrPerson(String assertionPrPerson) { +// this.assertionPrPerson = assertionPrPerson; +// } +// +// /** +// * @return the assertionAuthBlock +// */ +// public String getAssertionAuthBlock() { +// return assertionAuthBlock; +// } +// +// /** +// * @param assertionAuthBlock +// * the assertionAuthBlock to set +// */ +// public void setAssertionAuthBlock(String assertionAuthBlock) { +// this.assertionAuthBlock = assertionAuthBlock; +// } +// +// /** +// * @return the assertionIlAssertion +// */ +// public String getAssertionIlAssertion() { +// return assertionIlAssertion; +// } +// +// /** +// * @param assertionIlAssertion +// * the assertionIlAssertion to set +// */ +// public void setAssertionIlAssertion(String assertionIlAssertion) { +// this.assertionIlAssertion = assertionIlAssertion; +// } +// +// /** +// * @return the assertionSignerCertificateBase64 +// */ +// public String getAssertionSignerCertificateBase64() { +// return assertionSignerCertificateBase64; +// } +// +// /** +// * @param assertionSignerCertificateBase64 +// * the assertionSignerCertificateBase64 to set +// */ +// public void setAssertionSignerCertificateBase64( +// String assertionSignerCertificateBase64) { +// this.assertionSignerCertificateBase64 = assertionSignerCertificateBase64; +// } +// +// /** +// * @return the assertionBusinessService +// */ +// public boolean getAssertionBusinessService() { +// return assertionBusinessService; +// } +// +// /** +// * @param assertionBusinessService +// * the assertionBusinessService to set +// */ +// public void setAssertionBusinessService(boolean assertionBusinessService) { +// this.assertionBusinessService = assertionBusinessService; +// } /** * @return the mandateReferenceValue @@ -989,20 +1026,20 @@ public class AuthenticationSession { this.storkAuthnRequest = storkAuthnRequest; } - public CreateXMLSignatureResponse getXMLCreateSignatureResponse() { - return XMLCreateSignatureResponse; - } - - public void setXMLCreateSignatureResponse(CreateXMLSignatureResponse xMLCreateSignatureResponse) { - XMLCreateSignatureResponse = xMLCreateSignatureResponse; - } - - public VerifyXMLSignatureResponse getXMLVerifySignatureResponse() { - return XMLVerifySignatureResponse; - } - - public void setXMLVerifySignatureResponse(VerifyXMLSignatureResponse xMLVerifySignatureResponse) { - XMLVerifySignatureResponse = xMLVerifySignatureResponse; - } +// public CreateXMLSignatureResponse getXMLCreateSignatureResponse() { +// return XMLCreateSignatureResponse; +// } +// +// public void setXMLCreateSignatureResponse(CreateXMLSignatureResponse xMLCreateSignatureResponse) { +// XMLCreateSignatureResponse = xMLCreateSignatureResponse; +// } + +// public VerifyXMLSignatureResponse getXMLVerifySignatureResponse() { +// return XMLVerifySignatureResponse; +// } +// +// public void setXMLVerifySignatureResponse(VerifyXMLSignatureResponse xMLVerifySignatureResponse) { +// XMLVerifySignatureResponse = xMLVerifySignatureResponse; +// } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/ExtendedSAMLAttributeImpl.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/ExtendedSAMLAttributeImpl.java index 276e6414c..7523d7eaf 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/ExtendedSAMLAttributeImpl.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/ExtendedSAMLAttributeImpl.java @@ -24,15 +24,22 @@ package at.gv.egovernment.moa.id.auth.data; +import java.io.Serializable; + /** * This class contains SAML attributes to be appended to the SAML assertion delivered to * the Online application. * * @author Harald Bratko */ -public class ExtendedSAMLAttributeImpl implements ExtendedSAMLAttribute { +public class ExtendedSAMLAttributeImpl implements ExtendedSAMLAttribute, Serializable{ /** + * + */ + private static final long serialVersionUID = 1L; + +/** * The value of this SAML attribute. Must be either of type <code>java.lang.String</code> * or <code>org.w3c.Element</code>. */ diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/IdentityLink.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/IdentityLink.java index 0d11dc4f0..b03f23ce4 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/IdentityLink.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/IdentityLink.java @@ -25,6 +25,7 @@ package at.gv.egovernment.moa.id.auth.data; import java.io.IOException; +import java.io.Serializable; import java.security.PublicKey; import javax.xml.transform.TransformerException; @@ -41,7 +42,10 @@ import at.gv.egovernment.moa.util.DOMUtils; * @author Paul Ivancsics * @version $Id$ */ -public class IdentityLink { +public class IdentityLink implements Serializable{ + + private static final long serialVersionUID = 1L; + /** * <code>"identificationValue"</code> is the translation of <code>"Stammzahl"</code>. */ |