aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib/src/main/java/at
diff options
context:
space:
mode:
authorThomas Knall <t.knall@datentechnik-innovation.com>2015-01-16 10:19:44 +0100
committerThomas Knall <t.knall@datentechnik-innovation.com>2015-01-16 10:19:44 +0100
commit92717efaa56e3d0f7c271b91483507cf981b417b (patch)
tree679420ead233ffe9293613a400cffdb55dfc0748 /id/server/idserverlib/src/main/java/at
parent33a37cce841e6c48ab044cd153aa7ed7cfffc6cc (diff)
downloadmoa-id-spss-92717efaa56e3d0f7c271b91483507cf981b417b.tar.gz
moa-id-spss-92717efaa56e3d0f7c271b91483507cf981b417b.tar.bz2
moa-id-spss-92717efaa56e3d0f7c271b91483507cf981b417b.zip
Add minor fixes and updates.
- Fix moa-id-auth web.xml and upgrade to servlet 3.0. - Reformat loginFormFull.html in order to enhance readability. - Add some TODOs and FIXMEs. - Adding some comments to DispatcherServlet in order to ease understanding the process.
Diffstat (limited to 'id/server/idserverlib/src/main/java/at')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java2
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorWithLocalSigningServlet.java1
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java27
3 files changed, 25 insertions, 5 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java
index 9e2e845b5..20c32a3ec 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java
@@ -197,6 +197,7 @@ public class GetMISSessionIDServlet extends AuthServlet {
// for now: list contains only one element
MISMandate mandate = (MISMandate) list.get(0);
+ // TODO[tlenz]: UTF-8 ?
String sMandate = new String(mandate.getMandate());
if (sMandate == null || sMandate.compareToIgnoreCase("") == 0) {
Logger.error("Mandate is empty.");
@@ -206,6 +207,7 @@ public class GetMISSessionIDServlet extends AuthServlet {
//check if it is a parsable XML
byte[] byteMandate = mandate.getMandate();
+ // TODO[tlenz]: UTF-8 ?
String stringMandate = new String(byteMandate);
DOMUtils.parseDocument(stringMandate, false,
null, null).getDocumentElement();
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorWithLocalSigningServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorWithLocalSigningServlet.java
index 3bc79f8bd..165445ea5 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorWithLocalSigningServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorWithLocalSigningServlet.java
@@ -473,6 +473,7 @@ public class PEPSConnectorWithLocalSigningServlet extends AuthServlet {
Logger.info("Found AttributeProviderPlugin attribute:"+ap.getAttributes());
if(ap.getAttributes().equalsIgnoreCase("signedDoc"))
{
+ // FIXME[tlenz]: A servlet's class field is not thread safe.
oasisDssWebFormURL = ap.getUrl();
found = true;
Logger.info("Loaded signedDoc attribute provider url from config:"+oasisDssWebFormURL);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
index 03cb6c1c4..a4c5c938f 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
@@ -23,7 +23,6 @@
package at.gv.egovernment.moa.id.entrypoints;
import java.io.IOException;
-
import java.util.Iterator;
import javax.servlet.ServletConfig;
@@ -97,10 +96,13 @@ public class DispatcherServlet extends AuthServlet{
boolean useSSOOA = false;
String protocolRequestID = null;
-
try {
Logger.info("REQUEST: " + req.getRequestURI());
Logger.info("QUERY : " + req.getQueryString());
+
+
+// *** start of error handling ***
+
String errorid = req.getParameter(ERROR_CODE_PARAM);
if (errorid != null) {
@@ -117,7 +119,7 @@ public class DispatcherServlet extends AuthServlet{
pendingRequestID = (String) idObject;
}
- if (throwable != null) {
+ if (throwable != null) {
IRequest errorRequest = null;
if (pendingRequestID != null) {
@@ -173,6 +175,11 @@ public class DispatcherServlet extends AuthServlet{
return;
}
+// *** end of error handling ***
+
+
+// *** start of protocol specific stuff ***
+
Object moduleObject = req.getParameter(PARAM_TARGET_MODULE);
String module = null;
if (moduleObject != null && (moduleObject instanceof String)) {
@@ -357,7 +364,11 @@ public class DispatcherServlet extends AuthServlet{
}
}
-
+
+// *** end of protocol specific stuff ***
+
+// *** start handling authentication ***
+
AuthenticationManager authmanager = AuthenticationManager.getInstance();
String moasessionID = null;
@@ -473,7 +484,11 @@ public class DispatcherServlet extends AuthServlet{
//build authenticationdata from session information and OA configuration
authData = AuthenticationDataBuilder.buildAuthenticationData(protocolRequest, moasession);
}
-
+
+// *** end handling authentication ***
+
+// *** start finalizing authentication (SSO, final redirects, statistic logging etc) ***
+
SLOInformationInterface assertionID = moduleAction.processRequest(protocolRequest, req, resp, authData);
RequestStorage.removePendingRequest(protocolRequestID);
@@ -506,6 +521,8 @@ public class DispatcherServlet extends AuthServlet{
}
+// *** end finalizing authentication ***
+
} catch (Throwable e) {
Logger.warn("An authentication error occured: ", e);;
// Try handle module specific, if not possible rethrow