aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib/src
diff options
context:
space:
mode:
authorThomas Knall <t.knall@datentechnik-innovation.com>2015-02-04 15:37:10 +0100
committerThomas Knall <t.knall@datentechnik-innovation.com>2015-02-04 15:37:10 +0100
commit74a42b6128f6f8d21a65dddb9405cd52ebbc0520 (patch)
tree05d0eb7fcdf45600810102b1204217955634d110 /id/server/idserverlib/src
parenta9dc7e094a8732f9826ab77648758dd39adc7324 (diff)
downloadmoa-id-spss-74a42b6128f6f8d21a65dddb9405cd52ebbc0520.tar.gz
moa-id-spss-74a42b6128f6f8d21a65dddb9405cd52ebbc0520.tar.bz2
moa-id-spss-74a42b6128f6f8d21a65dddb9405cd52ebbc0520.zip
Create exemplary AuthServlet module (MOAID-68)
- Create new module moa-id-module-monitoring. - Move MonitoringServlet, DatabaseTestModule, IdentityLinkTestModule, TestManager and TestModuleInterface to new module. - Update pom.xml, adding new module dependency. - Update web.xml, disabling static servlet registration. - Add @WebServlet servlet registration for MonitoringServlet.
Diffstat (limited to 'id/server/idserverlib/src')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/MonitoringServlet.java126
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/monitoring/DatabaseTestModule.java142
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/monitoring/IdentityLinkTestModule.java109
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/monitoring/TestManager.java111
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/monitoring/TestModuleInterface.java34
5 files changed, 0 insertions, 522 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/MonitoringServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/MonitoringServlet.java
deleted file mode 100644
index e04f97e6e..000000000
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/MonitoringServlet.java
+++ /dev/null
@@ -1,126 +0,0 @@
-/*******************************************************************************
- * Copyright 2014 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- ******************************************************************************/
-package at.gv.egovernment.moa.id.auth.servlet;
-
-import java.io.IOException;
-import java.io.PrintWriter;
-import java.util.Arrays;
-import java.util.List;
-
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import at.gv.egovernment.moa.id.config.ConfigurationException;
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
-import at.gv.egovernment.moa.id.monitoring.TestManager;
-import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.util.MiscUtil;
-
-public class MonitoringServlet extends AuthServlet {
-
- private static final long serialVersionUID = 1L;
- private static final String REQUEST_ATTR_MODULE = "module";
-
-
- protected void doGet(HttpServletRequest req, HttpServletResponse resp)
- throws ServletException, IOException {
-
- try {
- AuthConfigurationProvider config = AuthConfigurationProvider.getInstance();
-
- if (config.isMonitoringActive()) {
- Logger.debug("Monitoring Servlet received request");
-
- TestManager tests = TestManager.getInstance();
-
- String modulename = req.getParameter(REQUEST_ATTR_MODULE);
- if (MiscUtil.isEmpty(modulename)) {
-
- List<String> error = tests.executeTests();
- if (error != null && error.size() > 0) {
- createErrorMessage(req, resp, error);
-
- } else {
- resp.setStatus(HttpServletResponse.SC_OK);
- resp.setContentType("text/html;charset=UTF-8");
- resp.getWriter().write(getHtml(config.getMonitoringMessageSuccess()));
- Logger.info("Monitoring Servlet finished without errors");
- }
-
- } else {
- if (tests.existsModule(modulename)) {
- List<String> errors = tests.executeTest(modulename);
- if (errors != null && errors.size() > 0) {
- createErrorMessage(req, resp, errors);
-
- } else {
- resp.setStatus(HttpServletResponse.SC_OK);
- resp.setContentType("text/html;charset=UTF-8");
- resp.getWriter().write(getHtml(config.getMonitoringMessageSuccess()));
- Logger.info("Monitoring Servlet finished without errors");
- }
-
- } else {
- Logger.warn("NO Testmodule exists with modulename " + modulename);
- resp.setStatus(HttpServletResponse.SC_NOT_FOUND);
- resp.setContentType("text/html;charset=UTF-8");
- PrintWriter out;
- try {
- out = new PrintWriter(resp.getOutputStream());
- out.write("NO Testmodule exists with modulename " + modulename);
- out.flush();
-
- } catch (IOException e) {
- Logger.warn("Internal Monitoring Servlet Error. ", e);
- }
- }
-
- }
- }
-
- } catch (ConfigurationException e) {
- createErrorMessage(req, resp, Arrays.asList(e.getMessage()));
- }
- }
-
- private void createErrorMessage(HttpServletRequest req, HttpServletResponse resp, List<String> errorMessage) {
- Logger.warn("Monitoring Servlet found some Error: " + errorMessage);
- resp.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
- resp.setContentType("text/html;charset=UTF-8");
- PrintWriter out;
- try {
- out = new PrintWriter(resp.getOutputStream());
- for (String error : errorMessage)
- out.write(error + "<br>");
- out.flush();
-
- } catch (IOException e) {
- Logger.warn("Internal Monitoring Servlet Error. ", e);
- }
- }
-
- private String getHtml(String text) {
- return "<html><head><title>Reponse</title></head><body>" + text +"</body></html>";
- }
-}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/monitoring/DatabaseTestModule.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/monitoring/DatabaseTestModule.java
deleted file mode 100644
index a08ef5f0c..000000000
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/monitoring/DatabaseTestModule.java
+++ /dev/null
@@ -1,142 +0,0 @@
-/*******************************************************************************
- * Copyright 2014 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-package at.gv.egovernment.moa.id.monitoring;
-
-import java.util.ArrayList;
-import java.util.Date;
-import java.util.List;
-
-import org.hibernate.Query;
-import org.hibernate.Session;
-
-import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead;
-import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
-import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils;
-import at.gv.egovernment.moa.id.commons.db.StatisticLogDBUtils;
-import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration;
-import at.gv.egovernment.moa.id.commons.db.dao.session.AssertionStore;
-import at.gv.egovernment.moa.id.commons.db.dao.statistic.StatisticLog;
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
-import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.util.MiscUtil;
-
-public class DatabaseTestModule implements TestModuleInterface{
-
- public List<String> performTests() throws Exception {
- Logger.trace("Start MOA-ID Database Test.");
-
- List<String> errors = new ArrayList<String>();
-
- AuthConfigurationProvider config = AuthConfigurationProvider.getInstance();
-
- String error = testMOAConfigurationDatabase();
- if (MiscUtil.isNotEmpty(error))
- errors.add(error);
-
- error = testMOASessionDatabase();
- if (MiscUtil.isNotEmpty(error))
- errors.add(error);
-
- if (config.isAdvancedLoggingActive()) {
- error = testMOAAdvancedLoggingDatabase();
- if (MiscUtil.isNotEmpty(error))
- errors.add(error);
- }
-
- return errors;
- }
-
-
- private String testMOASessionDatabase() throws Exception{
- Logger.trace("Start Test: MOASessionDatabase");
-
- Date expioredate = new Date(new Date().getTime() - 120);
-
- try {
- List<AssertionStore> results;
- Session session = MOASessionDBUtils.getCurrentSession();
-
- synchronized (session) {
- session.beginTransaction();
- Query query = session.getNamedQuery("getAssertionWithTimeOut");
- query.setTimestamp("timeout", expioredate);
- results = query.list();
- session.getTransaction().commit();
- }
-
- Logger.trace("Finish Test: MOASessionDatabase");
- return null;
-
- } catch (Throwable e) {
- Logger.warn("Failed Test: MOASessionDatabase", e);
- return "MOASessionDatabase: " + e.getMessage();
- }
- }
-
- private String testMOAConfigurationDatabase() throws Exception{
-
- MOAIDConfiguration moaidconfig = ConfigurationDBRead.getMOAIDConfiguration();
- ConfigurationDBUtils.closeSession();
-
- if (moaidconfig == null)
- return ("MOA-ID 2.x configuration can not be loaded from Database.");
-
- return null;
- }
-
- private String testMOAAdvancedLoggingDatabase() {
-
- Date expioredate = new Date(new Date().getTime() - 120);
- try {
- Session session = StatisticLogDBUtils.getCurrentSession();
-
- List<StatisticLog> results;
-
- synchronized (session) {
- session.beginTransaction();
- Query query = session.getNamedQuery("getAllEntriesNotBeforeTimeStamp");
- query.setTimestamp("timeout", expioredate);
- results = query.list();
- session.getTransaction().commit();
- }
-
- Logger.trace("Finish Test: AdvancedLoggingDataBase");
- return null;
-
- } catch (Throwable e) {
- Logger.warn("Failed Test: AdvancedLoggingDataBase", e);
- return "AdvancedLoggingDataBase: " + e.getMessage();
- }
- }
-
-
- public String getName() {
- return "DatabaseTest";
- }
-
-
- public void initializeTest(long delayParam, String url) throws Exception {
- // TODO Auto-generated method stub
-
- }
-}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/monitoring/IdentityLinkTestModule.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/monitoring/IdentityLinkTestModule.java
deleted file mode 100644
index b5220914c..000000000
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/monitoring/IdentityLinkTestModule.java
+++ /dev/null
@@ -1,109 +0,0 @@
-/*******************************************************************************
- * Copyright 2014 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-package at.gv.egovernment.moa.id.monitoring;
-
-import java.io.InputStream;
-import java.net.URL;
-import java.util.List;
-
-import org.w3c.dom.Element;
-
-import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder;
-import at.gv.egovernment.moa.id.auth.data.IdentityLink;
-import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse;
-import at.gv.egovernment.moa.id.auth.exception.ValidateException;
-import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker;
-import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser;
-import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser;
-import at.gv.egovernment.moa.id.auth.validator.IdentityLinkValidator;
-import at.gv.egovernment.moa.id.auth.validator.VerifyXMLSignatureResponseValidator;
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
-import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters;
-import at.gv.egovernment.moa.id.config.auth.data.DynamicOAAuthParameters;
-import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.util.MiscUtil;
-
-public class IdentityLinkTestModule implements TestModuleInterface {
-
- private static IdentityLink identityLink = null;
-
- public void initializeTest(long delayParam, String url) throws Exception{
-
- if (MiscUtil.isNotEmpty(url)) {
-
- URL keystoreURL = new URL(url);
- InputStream idlstream = keystoreURL.openStream();
- identityLink = new IdentityLinkAssertionParser(idlstream).parseIdentityLink();
- }
-
- }
-
- public List<String> performTests() throws Exception{
- Logger.trace("Start MOA-ID IdentityLink Test");
-
- AuthConfigurationProvider config = AuthConfigurationProvider.getInstance();
-
- IdentityLinkValidator.getInstance().validate(identityLink);
- // builds a <VerifyXMLSignatureRequest> for a call of MOA-SP
- Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder()
- .build(identityLink, config
- .getMoaSpIdentityLinkTrustProfileID());
-
- // invokes the call
- Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker()
- .verifyXMLSignature(domVerifyXMLSignatureRequest);
- // parses the <VerifyXMLSignatureResponse>
- try {
- VerifyXMLSignatureResponse verifyXMLSignatureResponse = new VerifyXMLSignatureResponseParser(
- domVerifyXMLSignatureResponse).parseData();
-
- DynamicOAAuthParameters oaParam = new DynamicOAAuthParameters();
- oaParam.setBusinessService(true);
-
- VerifyXMLSignatureResponseValidator.getInstance().validate(
- verifyXMLSignatureResponse,
- config.getIdentityLinkX509SubjectNames(),
- VerifyXMLSignatureResponseValidator.CHECK_IDENTITY_LINK,
- oaParam);
-
- } catch (ValidateException e) {
- //check if default Monitoring IDL is used then error is ignored
- if ("validator.07".equals(e.getMessageId())
- && e.getMessage().contains("Das Zertifikat der Personenbindung ist"))
- return null;
-
- else
- throw e;
-
- }
-
- Logger.trace("Finished MOA-ID IdentityLink Test without errors");
-
- return null;
- }
-
- public String getName() {
- return "IdentityLinkTest";
- }
-
-}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/monitoring/TestManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/monitoring/TestManager.java
deleted file mode 100644
index 84581abe8..000000000
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/monitoring/TestManager.java
+++ /dev/null
@@ -1,111 +0,0 @@
-/*******************************************************************************
- * Copyright 2014 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-package at.gv.egovernment.moa.id.monitoring;
-
-import java.util.Arrays;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-
-import at.gv.egovernment.moa.id.config.ConfigurationException;
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
-import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.util.FileUtils;
-
-public class TestManager {
-
- private static TestManager instance;
-
- private Map<String, TestModuleInterface> tests = new HashMap<String, TestModuleInterface>();
-
- public static TestManager getInstance() throws ConfigurationException {
- if (instance == null)
- instance = new TestManager();
-
- return instance;
- }
-
- private TestManager() throws ConfigurationException {
-
- AuthConfigurationProvider config = AuthConfigurationProvider.getInstance();
-
- //add Database test
- DatabaseTestModule test1 = new DatabaseTestModule();
- tests.put(test1.getName(), test1);
-
- //add IdentityLink verification test
- IdentityLinkTestModule test2 = new IdentityLinkTestModule();
- String idlurl = FileUtils.makeAbsoluteURL(config.getMonitoringTestIdentityLinkURL(), config.getRootConfigFileDir());
- try {
- test2.initializeTest(0, idlurl);
- tests.put(test2.getName(), test2);;
-
- } catch (Exception e) {
- Logger.warn("MOA-ID IdentityLink Test can not performed without IdentityLink. Insert IdentityLink file to MOA-ID configuration", e);
- }
- }
-
- public List<String> executeTests() {
- Logger.debug("Start MOA-ID-Auth testing");
-
-
- List<String> errors;
-
- for (TestModuleInterface test : tests.values()) {
- try {
- errors = test.performTests();
- if (errors != null && errors.size() > 0)
- return errors;
-
- } catch (Exception e) {
- Logger.warn("General Testing Eception during Test " + test.getClass() + ": ", e);
- return Arrays.asList(e.getMessage());
- }
- }
-
- return null;
- }
-
- public List<String> executeTest(String testname) {
-
- TestModuleInterface test = tests.get(testname);
-
- if (test != null) {
- try {
- return test.performTests();
-
- } catch (Exception e) {
- Logger.warn("General Testing Eception during Test " + test.getName() + ": ", e);
- return Arrays.asList(e.getMessage());
- }
-
- } else {
- Logger.info("TestModule with Name " + testname + " is not implemented");
- return null;
- }
- }
-
- public boolean existsModule(String modulename) {
- return tests.containsKey(modulename);
- }
-}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/monitoring/TestModuleInterface.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/monitoring/TestModuleInterface.java
deleted file mode 100644
index 4e26b1ce8..000000000
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/monitoring/TestModuleInterface.java
+++ /dev/null
@@ -1,34 +0,0 @@
-/*******************************************************************************
- * Copyright 2014 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-package at.gv.egovernment.moa.id.monitoring;
-
-import java.util.List;
-
-public interface TestModuleInterface {
-
- public List<String> performTests() throws Exception;
-
- public void initializeTest(long delayParam, String url) throws Exception;
-
- public String getName();
-}