aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib/src
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2016-03-08 11:09:04 +0100
committerThomas Lenz <tlenz@iaik.tugraz.at>2016-03-08 11:09:04 +0100
commite2d27757411fdcba586cc162f362c72ca3ae689c (patch)
tree093e26ab7b60e6d956a8bb8dac93fe317b8ea756 /id/server/idserverlib/src
parentd6a3569addaf5a7db27dd3e79a4ba4bcd27c2486 (diff)
downloadmoa-id-spss-e2d27757411fdcba586cc162f362c72ca3ae689c.tar.gz
moa-id-spss-e2d27757411fdcba586cc162f362c72ca3ae689c.tar.bz2
moa-id-spss-e2d27757411fdcba586cc162f362c72ca3ae689c.zip
move SpingWebContextInitialisation into an appropriate jar to use moa-id-lib in other Spring based web applications
Diffstat (limited to 'id/server/idserverlib/src')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java282
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthSpringResourceProvider.java66
2 files changed, 0 insertions, 348 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java
deleted file mode 100644
index ce158d7fe..000000000
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java
+++ /dev/null
@@ -1,282 +0,0 @@
-
-
-
-package at.gv.egovernment.moa.id.auth;
-
-import java.io.IOException;
-import java.security.GeneralSecurityException;
-import java.security.Provider;
-import java.security.Security;
-
-import javax.activation.CommandMap;
-import javax.activation.MailcapCommandMap;
-import javax.servlet.ServletContext;
-import javax.servlet.ServletException;
-import javax.servlet.ServletRegistration;
-
-import org.springframework.beans.factory.config.BeanDefinition;
-import org.springframework.beans.factory.support.BeanDefinitionRegistry;
-import org.springframework.beans.factory.xml.XmlBeanDefinitionReader;
-import org.springframework.context.support.GenericApplicationContext;
-import org.springframework.web.WebApplicationInitializer;
-import org.springframework.web.context.ContextLoaderListener;
-import org.springframework.web.context.request.RequestContextListener;
-import org.springframework.web.context.support.GenericWebApplicationContext;
-import org.springframework.web.context.support.ServletContextResource;
-import org.springframework.web.servlet.DispatcherServlet;
-
-import at.gv.egiz.components.spring.api.SpringLoader;
-import at.gv.egovernment.moa.id.config.ConfigurationException;
-import at.gv.egovernment.moa.id.config.auth.AuthConfiguration;
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
-import at.gv.egovernment.moa.id.config.auth.MOAGarbageCollector;
-import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
-import at.gv.egovernment.moa.id.util.SSLUtils;
-import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.logging.LoggingContext;
-import at.gv.egovernment.moa.logging.LoggingContextManager;
-import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
-import at.gv.egovernment.moa.spss.server.iaik.config.IaikConfigurator;
-import at.gv.egovernment.moa.util.Constants;
-import at.gv.egovernment.moa.util.MiscUtil;
-import iaik.pki.PKIException;
-import iaik.security.ecc.provider.ECCProvider;
-import iaik.security.provider.IAIK;
-
-/**
- * Web application initializer
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class MOAIDAuthInitializer implements WebApplicationInitializer {
-
- private String[] rootServletContexts = null;
-
- private String[] servletContexts = null;
-
- private String[] activeProfiles = null;
-
- public MOAIDAuthInitializer() {
- this.rootServletContexts = null;
- this.servletContexts = new String[] {
- "/WEB-INF/applicationContext.xml",
-
- };
- this.activeProfiles = null;
- }
-
-
- /* (non-Javadoc)
- * @see org.springframework.web.WebApplicationInitializer#onStartup(javax.servlet.ServletContext)
- */
- @Override
- public void onStartup(ServletContext servletContext) throws ServletException {
- try {
- Logger.info("=============== Loading Root Context! ===============");
- GenericWebApplicationContext rootContext = new GenericWebApplicationContext();
- rootContext.setServletContext(servletContext);
-
- Logger.info("=============== Setting active profiles! ===============");
- if (this.activeProfiles != null) {
- for (String profile : this.activeProfiles) {
- rootContext.getEnvironment().addActiveProfile(profile);
- }
- }
-
- Logger.info("=============== Loading Local Contexts! ===============");
- XmlBeanDefinitionReader xmlReader = new XmlBeanDefinitionReader(
- rootContext);
- if (rootServletContexts != null) {
- for (String rootServletContext : rootServletContexts) {
- Logger.debug("Loading: "+ rootServletContext);
- xmlReader.loadBeanDefinitions(new ServletContextResource(
- servletContext, rootServletContext));
- }
- }
- // Manage the lifecycle of the root application context
- servletContext.addListener(new ContextLoaderListener(rootContext));
-
- // logger.debug("Beans after logAMQP in {}", rootContext);
- // dumpBeanDefinitions(rootContext);
-
- Logger.info("=============== Loading SPI Context! ===============");
- // logger.debug("Startup with context {}", rootContext);
- if (rootContext instanceof BeanDefinitionRegistry) {
- Logger.debug("Loading EGIZ components");
- SpringLoader
- .loadSpringServices(rootContext);
- } else {
- Logger.warn("Failed to load external Spring since no BeanDefinitionRegistry");
- }
-
- Logger.trace("Beans after SPI in "+ rootContext);
- dumpBeanDefinitions(rootContext);
-
- Logger.debug("Loading servlet config in "+ rootContext);
- if (servletContexts != null) {
- for (String servletContextString : servletContexts) {
- xmlReader.loadBeanDefinitions(new ServletContextResource(
- servletContext, servletContextString));
- }
- }
- Logger.debug("Refreshing context "+ rootContext);
- rootContext.refresh();
-
- Logger.info("=============== Register Dispatcher Servlet! ===============");
-
- Logger.trace("Final Beans in "+ rootContext);
- dumpBeanDefinitions(rootContext);
-
-
- Logger.info("Registering dispatcher configuration");
- ServletRegistration.Dynamic dispatcher = servletContext.addServlet(
- "dispatcher", new DispatcherServlet(rootContext));
- if (dispatcher != null) {
- dispatcher.setLoadOnStartup(1);
- dispatcher.addMapping("/");
- dispatcher.setAsyncSupported(true);
- } else {
- Logger.error("Failed to register dispatcher server in servlet context!");
- }
-
- Logger.info("=============== Register RequestContextListener! ===============");
- servletContext.addListener(new RequestContextListener());
-
- Logger.info("Basic Context initalisation finished --> Start MOA-ID-Auth initialisation process ...");
- MOAIDAuthInitializer.initialize(rootContext);
- Logger.info(MOAIDMessageProvider.getInstance().getMessage(
- "init.00", null));
- Logger.info("MOA-ID-Auth initialization finished.");
-
-
- } catch (Throwable e) {
- Logger.fatal(
- MOAIDMessageProvider.getInstance().getMessage("init.02",
- null), e);
-
- }
-
- }
-
-
-
- /**
- * Initializes the web application components which need initialization:
- * logging, JSSE, MOA-ID Auth configuration, Axis, session cleaner.
- * @param rootContext
- */
- public static void initialize(GenericWebApplicationContext rootContext) throws ConfigurationException,
- PKIException, IOException, GeneralSecurityException {
- Logger.setHierarchy("moa.id.auth");
- Logger.info("Default java file.encoding: "
- + System.getProperty("file.encoding"));
-
-
- //JDK bug workaround according to:
- // http://jce.iaik.tugraz.at/products/03_cms/faq/index.php#JarVerifier
- // register content data handlers for S/MIME types
- MailcapCommandMap mc = new MailcapCommandMap();
- CommandMap.setDefaultCommandMap(mc);
-
- if (MiscUtil.isEmpty(System.getProperty("https.cipherSuites")))
- System.setProperty(
- "https.cipherSuites",
- "TLS_DH_anon_WITH_AES_128_CBC_SHA" +
- ",TLS_DHE_RSA_WITH_AES_128_CBC_SHA" +
- ",TLS_DHE_DSS_WITH_AES_128_CBC_SHA" +
- ",TLS_RSA_WITH_AES_128_CBC_SHA" +
- ",TLS_RSA_WITH_AES_256_CBC_SHA" +
- ",SSL_DH_anon_WITH_3DES_EDE_CBC_SHA" +
- ",SSL_RSA_WITH_3DES_EDE_CBC_SHA"
- );
-
-
-
- // load some jsse classes so that the integrity of the jars can be
- // verified
- // before the iaik jce is installed as the security provider
- // this workaround is only needed when sun jsse is used in conjunction
- // with
- // iaik-jce (on jdk1.3)
- ClassLoader cl = MOAIDAuthInitializer.class.getClassLoader();
- try {
- cl.loadClass("javax.security.cert.Certificate"); // from jcert.jar
- } catch (ClassNotFoundException e) {
- Logger.warn(MOAIDMessageProvider.getInstance().getMessage(
- "init.01", null), e);
- }
-
- Logger.info("Loading Java security providers.");
- IAIK.addAsProvider();
- ECCProvider.addAsProvider();
-
- // Initializes SSLSocketFactory store
- SSLUtils.initialize();
-
- // Initializes Namespace Map
- Constants.nSMap.put(Constants.SAML_PREFIX, Constants.SAML_NS_URI);
- Constants.nSMap.put(Constants.ECDSA_PREFIX,
- "http://www.w3.org/2001/04/xmldsig-more#");
- Constants.nSMap.put(Constants.DSIG_PREFIX, Constants.DSIG_NS_URI);
-
-
- // Initialize configuration provider
- AuthConfiguration authConf = AuthConfigurationProviderFactory.reload(rootContext);
-
- //test, if MOA-ID is already configured
- authConf.getPublicURLPrefix();
-
-
- // Initialize MOA-SP
- //MOA-SP is only use by API calls since MOA-ID 3.0.0
- try {
- LoggingContextManager.getInstance().setLoggingContext(
- new LoggingContext("startup"));
- ConfigurationProvider config = ConfigurationProvider
- .getInstance();
- new IaikConfigurator().configure(config);
-
- } catch (at.gv.egovernment.moa.spss.server.config.ConfigurationException ex) {
- throw new ConfigurationException("config.10", new Object[] { ex
- .toString() }, ex);
-
- }
-
-
- //IAIK.addAsProvider();
- //ECCProvider.addAsProvider();
-
- Security.insertProviderAt(IAIK.getInstance(), 0);
- Security.addProvider(new ECCProvider());
-
- if (Logger.isDebugEnabled()) {
- Logger.debug("Loaded Security Provider:");
- Provider[] providerList = Security.getProviders();
- for (int i=0; i<providerList.length; i++)
- Logger.debug(i + ": " + providerList[i].getName() + " Version " + providerList[i].getVersion());
-
- }
-
-
- // Starts the session cleaner thread to remove unpicked authentication data
- AuthenticationSessionCleaner sessioncleaner = rootContext.getBean("AuthenticationSessionCleaner", AuthenticationSessionCleaner.class);
- AuthenticationSessionCleaner.start(sessioncleaner);
-
- MOAGarbageCollector.start();
- }
-
- private void dumpBeanDefinitions(GenericApplicationContext context) {
- Logger.trace("Registered Bean in context " + context.toString());
-
- String[] registeredBeans = context.getBeanDefinitionNames();
- for (String registeredBean : registeredBeans) {
- BeanDefinition beanDefinition = context
- .getBeanDefinition(registeredBean);
- Logger.trace(registeredBean + " -> " + beanDefinition.getBeanClassName());
-
- }
-
- Logger.trace("Registered Bean in context --"+ context);
- }
-}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthSpringResourceProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthSpringResourceProvider.java
deleted file mode 100644
index a82a958db..000000000
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthSpringResourceProvider.java
+++ /dev/null
@@ -1,66 +0,0 @@
-/*
- * Copyright 2014 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-package at.gv.egovernment.moa.id.auth;
-
-import org.springframework.core.io.ClassPathResource;
-import org.springframework.core.io.Resource;
-
-import at.gv.egiz.components.spring.api.SpringResourceProvider;
-
-/**
- * @author tlenz
- *
- */
-public class MOAIDAuthSpringResourceProvider implements SpringResourceProvider {
-
- /* (non-Javadoc)
- * @see at.gv.egiz.components.spring.api.SpringResourceProvider#getResourcesToLoad()
- */
- @Override
- public Resource[] getResourcesToLoad() {
- ClassPathResource moaidauthConfig = new ClassPathResource("/moaid.configuration.beans.xml", MOAIDAuthSpringResourceProvider.class);
- ClassPathResource configurationDBConfig = new ClassPathResource("/configuration.beans.xml", MOAIDAuthSpringResourceProvider.class);
- ClassPathResource moaIdAuthBeans = new ClassPathResource("/moaid.authentication.beans.xml", MOAIDAuthSpringResourceProvider.class);
-
- return new Resource[] {configurationDBConfig, moaidauthConfig, moaIdAuthBeans};
-
- }
-
- /* (non-Javadoc)
- * @see at.gv.egiz.components.spring.api.SpringResourceProvider#getPackagesToScan()
- */
- @Override
- public String[] getPackagesToScan() {
- // TODO Auto-generated method stub
- return null;
- }
-
- /* (non-Javadoc)
- * @see at.gv.egiz.components.spring.api.SpringResourceProvider#getName()
- */
- @Override
- public String getName() {
- return "MOA-ID-Auth SpringResourceProvider";
- }
-
-}