diff options
author | pdanner <pdanner@d688527b-c9ab-4aba-bd8d-4036d912da1d> | 2007-10-19 13:12:22 +0000 |
---|---|---|
committer | pdanner <pdanner@d688527b-c9ab-4aba-bd8d-4036d912da1d> | 2007-10-19 13:12:22 +0000 |
commit | 028be490569e4080947f7708f08782f4306503ae (patch) | |
tree | 5fbfd980c00f6369abc26a4710fda11395766ab8 /id/server/idserverlib/src/main/java/at | |
parent | e517ea48f034566c0da28c76fcf9d8b33988b69e (diff) | |
download | moa-id-spss-028be490569e4080947f7708f08782f4306503ae.tar.gz moa-id-spss-028be490569e4080947f7708f08782f4306503ae.tar.bz2 moa-id-spss-028be490569e4080947f7708f08782f4306503ae.zip |
Fixed path choice on parep validation
git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/trunk@1028 d688527b-c9ab-4aba-bd8d-4036d912da1d
Diffstat (limited to 'id/server/idserverlib/src/main/java/at')
-rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ProcessValidatorInputServlet.java | 71 |
1 files changed, 42 insertions, 29 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ProcessValidatorInputServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ProcessValidatorInputServlet.java index 89834307d..e2eda5755 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ProcessValidatorInputServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ProcessValidatorInputServlet.java @@ -124,37 +124,50 @@ public class ProcessValidatorInputServlet extends AuthServlet { String dataURL = new DataURLBuilder().buildDataURL(
session.getAuthURL(), AuthenticationServer.REQ_VERIFY_AUTH_BLOCK, sessionID);
- // Test if we have a user input form sign template
- String inputProcessorSignTemplateURL = req.getParameter(PARAM_INPUT_PROCESSOR_SIGN_TEMPLATE);
- String inputProcessorSignTemplate = null;
- OAAuthParameter oaParam =
- AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(session.getOAURLRequested());
- // override template url by url from configuration file
- if (oaParam.getInputProcessorSignTemplateURL() != null) {
- inputProcessorSignTemplateURL = oaParam.getInputProcessorSignTemplateURL();
- }
- if (inputProcessorSignTemplateURL != null) {
- try {
- inputProcessorSignTemplate = new String(FileUtils.readURL(inputProcessorSignTemplateURL));
- } catch (IOException ex) {
- throw new AuthenticationException(
- "auth.03",
- new Object[] { inputProcessorSignTemplateURL, ex.toString()},
- ex);
+ String htmlForm = null;
+
+ boolean doInputProcessorSign = false;
+ String inputProcessorSignForm = req.getParameter("Sign_Form");
+ if (inputProcessorSignForm==null) inputProcessorSignForm = (String) req.getAttribute("Sign_Form");
+ if (inputProcessorSignForm==null) inputProcessorSignForm = (String) parameters.get("Sign_Form");
+ if (inputProcessorSignForm==null) inputProcessorSignForm = (String) parameters.get("Sign_Form_");
+ if (!ParepUtils.isEmpty(inputProcessorSignForm)) doInputProcessorSign = inputProcessorSignForm.equalsIgnoreCase("true");
+ if (doInputProcessorSign) {
+ // Test if we have a user input form sign template
+ String inputProcessorSignTemplateURL = req.getParameter(PARAM_INPUT_PROCESSOR_SIGN_TEMPLATE);
+ String inputProcessorSignTemplate = null;
+ OAAuthParameter oaParam =
+ AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(session.getOAURLRequested());
+ // override template url by url from configuration file
+ if (oaParam.getInputProcessorSignTemplateURL() != null) {
+ inputProcessorSignTemplateURL = oaParam.getInputProcessorSignTemplateURL();
+ }
+ if (inputProcessorSignTemplateURL != null) {
+ try {
+ inputProcessorSignTemplate = new String(FileUtils.readURL(inputProcessorSignTemplateURL));
+ } catch (IOException ex) {
+ throw new AuthenticationException(
+ "auth.03",
+ new Object[] { inputProcessorSignTemplateURL, ex.toString()},
+ ex);
+ }
}
+
+ htmlForm = new GetVerifyAuthBlockFormBuilder().build(
+ inputProcessorSignTemplate, session.getBkuURL(), createXMLSignatureRequestOrRedirect, dataURL, session.getPushInfobox());
+ htmlForm = ParepUtils.replaceAll(htmlForm, "<BASE_href>", session.getAuthURL());
+ htmlForm = ParepUtils.replaceAll(htmlForm, "<MOASessionID>", sessionID);
+ htmlForm = ParepUtils.replaceAll(htmlForm, "<BKU>", session.getBkuURL());
+ htmlForm = ParepUtils.replaceAll(htmlForm, "<DataURL>", dataURL);
+ htmlForm = ParepUtils.replaceAll(htmlForm, "<PushInfobox>", session.getPushInfobox());
+ resp.setContentType("text/html;charset=UTF-8");
+ } else {
+ htmlForm = createXMLSignatureRequestOrRedirect;
+ resp.setStatus(307);
+ resp.addHeader("Location", dataURL);
+ //TODO test impact of explicit setting charset with older versions of BKUs (HotSign)
+ resp.setContentType("text/xml;charset=UTF-8");
}
-
-
-
- String htmlForm = new GetVerifyAuthBlockFormBuilder().build(
- inputProcessorSignTemplate, session.getBkuURL(), createXMLSignatureRequestOrRedirect, dataURL, session.getPushInfobox());
- htmlForm = ParepUtils.replaceAll(htmlForm, "<BASE_href>", session.getAuthURL());
- htmlForm = ParepUtils.replaceAll(htmlForm, "<MOASessionID>", sessionID);
- htmlForm = ParepUtils.replaceAll(htmlForm, "<BKU>", session.getBkuURL());
- htmlForm = ParepUtils.replaceAll(htmlForm, "<DataURL>", dataURL);
- htmlForm = ParepUtils.replaceAll(htmlForm, "<PushInfobox>", session.getPushInfobox());
-
- resp.setContentType("text/html;charset=UTF-8");
OutputStream out = resp.getOutputStream();
out.write(htmlForm.getBytes("UTF-8"));
|