aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib/src
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2013-09-26 08:05:52 +0200
committerThomas Lenz <tlenz@iaik.tugraz.at>2013-09-26 08:05:52 +0200
commit2c82d41a98e2617088cdcf3db72b40d9747ae292 (patch)
tree4ed7ddc991d3919cf8c17f36a53cae2d1c9c677e /id/server/idserverlib/src
parent0773942456e68cf5560655b1bd782ab792c66251 (diff)
downloadmoa-id-spss-2c82d41a98e2617088cdcf3db72b40d9747ae292.tar.gz
moa-id-spss-2c82d41a98e2617088cdcf3db72b40d9747ae292.tar.bz2
moa-id-spss-2c82d41a98e2617088cdcf3db72b40d9747ae292.zip
Features:
-- Add additional parameters to customize BKUSelectionForm and SendAssertionForm -- change Target configuration -- insert some logging Bugfixes: -- Nullpointerexceptions in combination of an old userdatabase entry and a actual configuration tool version
Diffstat (limited to 'id/server/idserverlib/src')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java93
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java17
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java36
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SelectBKUFormBuilder.java87
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SendAssertionFormBuilder.java17
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java2
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java6
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java10
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java39
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java39
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java4
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java4
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/monitoring/DatabaseTestModule.java54
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java8
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/ArtifactBinding.java7
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java4
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java27
-rw-r--r--id/server/idserverlib/src/main/resources/resources/templates/loginFormFull.html35
-rw-r--r--id/server/idserverlib/src/main/resources/resources/templates/sendAssertionFormFull.html6
-rw-r--r--id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilderTest.java4
20 files changed, 218 insertions, 281 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
index dec5b81cf..bda1e3bfc 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
@@ -25,7 +25,6 @@ package at.gv.egovernment.moa.id.auth;
import iaik.asn1.ObjectID;
import iaik.pki.PKIException;
-import iaik.x509.CertificateFactory;
import iaik.x509.X509Certificate;
import iaik.x509.X509ExtensionInitException;
@@ -39,12 +38,9 @@ import java.security.cert.CertificateException;
import java.util.ArrayList;
import java.util.Calendar;
import java.util.Date;
-import java.util.HashMap;
-import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
-import java.util.Set;
import java.util.Vector;
import javax.servlet.http.HttpServletRequest;
@@ -75,9 +71,6 @@ import at.gv.egovernment.moa.id.auth.builder.CreateXMLSignatureRequestBuilder;
import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
import at.gv.egovernment.moa.id.auth.builder.GetIdentityLinkFormBuilder;
import at.gv.egovernment.moa.id.auth.builder.InfoboxReadRequestBuilder;
-import at.gv.egovernment.moa.id.auth.builder.InfoboxValidatorParamsBuilder;
-import at.gv.egovernment.moa.id.auth.builder.PersonDataBuilder;
-import at.gv.egovernment.moa.id.auth.builder.SelectBKUFormBuilder;
import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse;
@@ -85,16 +78,12 @@ import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute;
import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttributeImpl;
import at.gv.egovernment.moa.id.auth.data.IdentityLink;
import at.gv.egovernment.moa.id.auth.data.InfoboxValidationResult;
-import at.gv.egovernment.moa.id.auth.data.InfoboxValidatorParams;
import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse;
import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker;
import at.gv.egovernment.moa.id.auth.parser.CreateXMLSignatureResponseParser;
-import at.gv.egovernment.moa.id.auth.parser.ExtendedInfoboxReadResponseParser;
import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser;
import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser;
-import at.gv.egovernment.moa.id.auth.parser.SAMLArtifactParser;
import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser;
-import at.gv.egovernment.moa.id.auth.servlet.AuthServlet;
import at.gv.egovernment.moa.id.auth.servlet.PEPSConnectorServlet;
import at.gv.egovernment.moa.id.auth.stork.STORKAuthnRequestProcessor;
import at.gv.egovernment.moa.id.auth.validator.CreateXMLSignatureResponseValidator;
@@ -111,16 +100,12 @@ import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWConstants
import at.gv.egovernment.moa.id.commons.db.dao.config.IdentificationNumber;
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
import at.gv.egovernment.moa.id.config.ConfigurationException;
-import at.gv.egovernment.moa.id.config.ConfigurationProvider;
import at.gv.egovernment.moa.id.config.ConnectionParameter;
import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
-import at.gv.egovernment.moa.id.config.auth.VerifyInfoboxParameter;
-import at.gv.egovernment.moa.id.config.auth.VerifyInfoboxParameters;
import at.gv.egovernment.moa.id.config.stork.CPEPS;
import at.gv.egovernment.moa.id.config.stork.STORKConfig;
import at.gv.egovernment.moa.id.data.AuthenticationData;
-import at.gv.egovernment.moa.id.moduls.IRequest;
import at.gv.egovernment.moa.id.storage.AssertionStorage;
import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
import at.gv.egovernment.moa.id.util.HTTPUtils;
@@ -130,8 +115,6 @@ import at.gv.egovernment.moa.id.util.SSLUtils;
import at.gv.egovernment.moa.id.util.client.mis.simple.MISMandate;
import at.gv.egovernment.moa.logging.LogMsg;
import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.util.Base64Utils;
-import at.gv.egovernment.moa.util.BoolUtils;
import at.gv.egovernment.moa.util.Constants;
import at.gv.egovernment.moa.util.DOMUtils;
import at.gv.egovernment.moa.util.DateTimeUtils;
@@ -332,32 +315,32 @@ public class AuthenticationServer implements MOAIDAuthConstants {
// }
// }
- /**
- * Method readBKUSelectTag.
- *
- * @param conf
- * the ConfigurationProvider
- * @param connParam
- * the ConnectionParameter for that connection
- * @return String
- * @throws ConfigurationException
- * on config-errors
- * @throws PKIException
- * on PKI errors
- * @throws IOException
- * on any data error
- * @throws GeneralSecurityException
- * on security errors
- */
- private String readBKUSelectTag(ConfigurationProvider conf,
- ConnectionParameter connParam) throws ConfigurationException,
- PKIException, IOException, GeneralSecurityException {
-
- if (connParam.isHTTPSURL())
- return SSLUtils.readHttpsURL(conf, connParam);
- else
- return HTTPUtils.readHttpURL(connParam.getUrl());
- }
+// /**
+// * Method readBKUSelectTag.
+// *
+// * @param conf
+// * the ConfigurationProvider
+// * @param connParam
+// * the ConnectionParameter for that connection
+// * @return String
+// * @throws ConfigurationException
+// * on config-errors
+// * @throws PKIException
+// * on PKI errors
+// * @throws IOException
+// * on any data error
+// * @throws GeneralSecurityException
+// * on security errors
+// */
+// private String readBKUSelectTag(ConfigurationProvider conf,
+// ConnectionParameter connParam) throws ConfigurationException,
+// PKIException, IOException, GeneralSecurityException {
+//
+// if (connParam.isHTTPSURL())
+// return SSLUtils.readHttpsURL(conf, connParam);
+// else
+// return HTTPUtils.readHttpURL(connParam.getUrl());
+// }
/**
* Processes the beginning of an authentication session.
@@ -472,7 +455,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
String htmlForm = new GetIdentityLinkFormBuilder().build(template,
session.getBkuURL(), infoboxReadRequest, dataURL, certInfoRequest,
- certInfoDataURL, pushInfobox);
+ certInfoDataURL, pushInfobox, oaParam);
return htmlForm;
}
@@ -608,13 +591,8 @@ public class AuthenticationServer implements MOAIDAuthConstants {
session.setIdentityLink(identityLink);
// now validate the extended infoboxes
- //TODO: check correctness
-// verifyInfoboxes(session, infoboxReadResponseParameters, !oaParam
-// .getProvideStammzahl());
verifyInfoboxes(session, infoboxReadResponseParameters, false);
-
- //TODO: make it better!!
return "found!";
}
@@ -760,22 +738,6 @@ public class AuthenticationServer implements MOAIDAuthConstants {
.getOnlineApplicationParameter(
session.getPublicOAURLPrefix());
- //TODO: CHECK!! is moved to buildAuthenticationBlock to hold the baseID in identitylink
- // if (!fromMandate) {
- // BZ.., calculate bPK for signing to be already present in AuthBlock
-// IdentityLink identityLink = session.getIdentityLink();
-// if (identityLink.getIdentificationType().equals(
-// Constants.URN_PREFIX_BASEID)) {
-// // only compute bPK if online application is a public service and we
-// // have the Stammzahl
-// String bpkBase64 = new BPKBuilder().buildBPK(identityLink
-// .getIdentificationValue(), session.getTarget());
-// identityLink.setIdentificationValue(bpkBase64);
-// identityLink.setIdentificationType(Constants.URN_PREFIX_CDID + "+" + session.getTarget());
-// }
- // ..BZ
- // }
-
// builds the AUTH-block
String authBlock = buildAuthenticationBlock(session, oaParam);
@@ -1924,7 +1886,6 @@ public class AuthenticationServer implements MOAIDAuthConstants {
null, VerifyXMLSignatureResponseValidator.CHECK_AUTH_BLOCK,
false);
- // TODO See Bug #144
// Compare AuthBlock Data with information stored in session, especially
// date and time
CreateXMLSignatureResponseValidator.getInstance().validateSigningDateTime(csresp);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java
index bd8d52031..56cb3a3db 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java
@@ -29,6 +29,8 @@ import java.io.StringReader;
import java.io.StringWriter;
import at.gv.egovernment.moa.id.BuildException;
+import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
+import at.gv.egovernment.moa.util.MiscUtil;
/**
* Builder for HTML form requesting the security layer implementation
@@ -54,6 +56,7 @@ public class GetIdentityLinkFormBuilder extends Builder {
private static final String PUSHINFOBOX_TAG = "<PushInfobox>";
/** special tag in the HTML template to be substituted for the BKU URL */
private static final String MANDATE_TAG = "<Mandate>";
+ private static final String COLOR_TAG = "<COLOR>";
/** private static int all contains the representation to replace all tags*/
private static final int ALL = -1;
@@ -112,6 +115,7 @@ public class GetIdentityLinkFormBuilder extends Builder {
* @param bkuURL URL of the "B&uuml;rgerkartenumgebung" the form will be submitted to;
* may be <code>null</code>, in this case the default URL will be used
* @param dataURL DataURL to be sent as a parameter in the form
+ * @param oaParam
*/
public String build(
String htmlTemplate,
@@ -120,7 +124,7 @@ public class GetIdentityLinkFormBuilder extends Builder {
String dataURL,
String certInfoXMLRequest,
String certInfoDataURL,
- String pushInfobox)
+ String pushInfobox, OAAuthParameter oaParam)
throws BuildException
{
String htmlForm = htmlTemplate == null ? DEFAULT_HTML_TEMPLATE : htmlTemplate;
@@ -131,6 +135,17 @@ public class GetIdentityLinkFormBuilder extends Builder {
//new:wird oben mitreplaced htmlForm = replaceTag(htmlForm, BKU_TAG, bkuURL);
htmlForm = replaceTag(htmlForm, CERTINFO_XMLREQUEST_TAG, encodeParameter(certInfoXMLRequest), true, ALL);
htmlForm = replaceTag(htmlForm, CERTINFO_DATAURL_TAG, certInfoDataURL, true, ALL);
+
+ if (oaParam != null) {
+ if (MiscUtil.isNotEmpty(oaParam.getBKUSelectionBackGroundColor()))
+ htmlForm = replaceTag(htmlForm, COLOR_TAG, oaParam.getBKUSelectionBackGroundColor(), false, ALL);
+ else
+ htmlForm = replaceTag(htmlForm, COLOR_TAG, "#DDDDDD", false, ALL);
+
+ } else
+ htmlForm = replaceTag(htmlForm, COLOR_TAG, "#DDDDDD", false, ALL);
+
+
return htmlForm;
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java
index f90634ab4..3282036b4 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java
@@ -10,17 +10,24 @@ import java.net.URI;
import org.apache.commons.io.IOUtils;
import at.gv.egovernment.moa.id.auth.servlet.GenerateIFrameTemplateServlet;
+import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
import at.gv.egovernment.moa.id.config.OAParameter;
import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
import at.gv.egovernment.moa.id.protocols.saml1.SAML1Protocol;
import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.util.MiscUtil;
public class LoginFormBuilder {
private static final String HTMLTEMPLATESDIR = "htmlTemplates/";
private static final String HTMLTEMPLATEFULL = "loginFormFull.html";
+ private static final String TEMPLATEBGCOLOR = "style=\"background-color: #COLOR#\"";
+ private static final String TEMPLATEVISIBLE = " display: none";
+ private static final String TEMPLATEDISABLED = "disabled=\"true\"";
+ private static final String TEMPLATECHECKED = "checked=\"true\"";
+
private static String AUTH_URL = "#AUTH_URL#";
private static String MODUL = "#MODUL#";
private static String ACTION = "#ACTION#";
@@ -30,6 +37,12 @@ public class LoginFormBuilder {
private static String BKU_LOCAL = "#LOCAL#";
private static String CONTEXTPATH = "#CONTEXTPATH#";
private static String MOASESSIONID = "#SESSIONID#";
+ private static String BACKGROUNDCOLOR = "#BACKGROUNDCOLOR#";
+ private static String COLOR = "#COLOR#";
+ private static String MANDATEVISIBLE = "#MANDATEVISIBLE#";
+ private static String MANDATECHECKED = "#MANDATECHECKED#";
+
+
private static String SERVLET = CONTEXTPATH+"/GenerateIframeTemplate";
@@ -79,7 +92,7 @@ public class LoginFormBuilder {
return template;
}
- public static String buildLoginForm(String modul, String action, String oaname, String contextpath, String moaSessionID) {
+ public static String buildLoginForm(String modul, String action, OAAuthParameter oaParam, String contextpath, String moaSessionID) {
String value = getTemplate();
if(value != null) {
@@ -91,9 +104,28 @@ public class LoginFormBuilder {
}
value = value.replace(MODUL, modul);
value = value.replace(ACTION, action);
- value = value.replace(OANAME, oaname);
+ value = value.replace(OANAME, oaParam.getFriendlyName());
value = value.replace(CONTEXTPATH, contextpath);
value = value.replace(MOASESSIONID, moaSessionID);
+
+ String bgcolor = oaParam.getBKUSelectionBackGroundColor();
+ if (MiscUtil.isNotEmpty(bgcolor)) {
+ value = value.replace(BACKGROUNDCOLOR, TEMPLATEBGCOLOR);
+ value = value.replace(COLOR, bgcolor);
+ } else
+ value = value.replace(BACKGROUNDCOLOR, "");
+
+ if (oaParam.isShowMandateCheckBox())
+ value = value.replace(MANDATEVISIBLE, "");
+ else
+ value = value.replace(MANDATEVISIBLE, TEMPLATEVISIBLE);
+
+ if (oaParam.isOnlyMandateAllowed()) {
+ value = value.replace(MANDATECHECKED, TEMPLATECHECKED + " " + TEMPLATEDISABLED);
+
+ } else
+ value = value.replace(MANDATECHECKED, "");
+
}
return value;
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SelectBKUFormBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SelectBKUFormBuilder.java
deleted file mode 100644
index bfc86d608..000000000
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SelectBKUFormBuilder.java
+++ /dev/null
@@ -1,87 +0,0 @@
-/*
- * Copyright 2003 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package at.gv.egovernment.moa.id.auth.builder;
-
-import at.gv.egovernment.moa.id.BuildException;
-
-/**
- * Builder for the BKU selection form requesting the user to choose
- * a BKU from a list.
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class SelectBKUFormBuilder extends Builder {
- /** private static String NL contains the NewLine representation in Java*/
- private static final String nl = "\n";
- /** special tag in the HTML template to be substituted for the form action which is
- * a URL of MOA-ID Auth */
- private static final String ACTION_TAG = "<StartAuth>";
- /** special tag in the HTML template to be substituted for the <code>&lt;select;gt;</code> tag
- * containing the BKU selection options */
- private static final String SELECT_TAG = "<BKUSelect>";
- /**
- * Template for the default html-code to be returned as security-layer-selection to be built
- */
- private static final String DEFAULT_HTML_TEMPLATE =
- "<html>" + nl +
- "<head>" + nl +
- "<meta http-equiv=\"content-type\" content=\"text/html; charset=UTF-8\">" + nl +
- "<title>Auswahl der B&uuml;rgerkartenumgebung</title>" + nl +
- "</head>" + nl +
- "<body>" + nl +
- "<form name=\"BKUSelectionForm\"" + nl +
- " action=\"" + ACTION_TAG + "\"" + nl +
- " method=\"post\">" + nl +
- SELECT_TAG + nl +
- " <input type=\"submit\" value=\"B&uuml;rgerkartenumgebung ausw&auml;hlen\"/>" + nl +
- "</form>" + nl +
- "</body>" + nl +
- "</html>";
-
- /**
- * Constructor
- */
- public SelectBKUFormBuilder() {
- super();
- }
- /**
- * Method build. Builds the form
- * @param htmlTemplate to be used
- * @param startAuthenticationURL the url where the startAuthenticationServlet can be found
- * @param bkuSelectTag if a special bku should be used
- * @return String
- * @throws BuildException on any error
- */
- public String build(String htmlTemplate, String startAuthenticationURL, String bkuSelectTag)
- throws BuildException {
-
- String htmlForm = htmlTemplate == null ? DEFAULT_HTML_TEMPLATE : htmlTemplate;
- htmlForm = replaceTag(htmlForm, ACTION_TAG, startAuthenticationURL, true, 1);
- htmlForm = replaceTag(htmlForm, SELECT_TAG, bkuSelectTag, true, 1);
- return htmlForm;
- }
-
-}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SendAssertionFormBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SendAssertionFormBuilder.java
index 3f6a7d9d6..1796af94b 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SendAssertionFormBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SendAssertionFormBuilder.java
@@ -15,18 +15,23 @@ import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
import at.gv.egovernment.moa.id.protocols.saml1.SAML1Protocol;
import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.util.MiscUtil;
public class SendAssertionFormBuilder {
private static final String HTMLTEMPLATESDIR = "htmlTemplates/";
private static final String HTMLTEMPLATEFULL = "sendAssertionFormFull.html";
+ private static final String TEMPLATEBGCOLOR = "style=\"background-color: #COLOR#\"";
+
private static String URL = "#URL#";
private static String MODUL = "#MODUL#";
private static String ACTION = "#ACTION#";
private static String ID = "#ID#";
private static String OANAME = "#OAName#";
private static String CONTEXTPATH = "#CONTEXTPATH#";
+ private static String BACKGROUNDCOLOR = "#BACKGROUNDCOLOR#";
+ private static String COLOR = "#COLOR#";
private static String SERVLET = CONTEXTPATH+"/SSOSendAssertionServlet";
@@ -69,7 +74,7 @@ public class SendAssertionFormBuilder {
return template;
}
- public static String buildForm(String modul, String action, String id, String oaname, String contextpath) {
+ public static String buildForm(String modul, String action, String id, OAAuthParameter oaParam, String contextpath) {
String value = getTemplate();
if(value != null) {
@@ -82,8 +87,16 @@ public class SendAssertionFormBuilder {
value = value.replace(MODUL, modul);
value = value.replace(ACTION, action);
value = value.replace(ID, id);
- value = value.replace(OANAME, oaname);
+ value = value.replace(OANAME, oaParam.getFriendlyName());
value = value.replace(CONTEXTPATH, contextpath);
+
+ String bgcolor = oaParam.getBKUSelectionBackGroundColor();
+ if (MiscUtil.isNotEmpty(bgcolor)) {
+ value = value.replace(BACKGROUNDCOLOR, TEMPLATEBGCOLOR);
+ value = value.replace(COLOR, bgcolor);
+ } else
+ value = value.replace(BACKGROUNDCOLOR, "");
+
}
return value;
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java
index 4560e69cf..540311231 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java
@@ -196,8 +196,6 @@ public class AuthenticationSession implements Serializable {
*/
private List extendedSAMLAttributesAUTH;
-
- //TODO: check if it is in use!
/**
* If infobox validators are needed after signing, they can be stored in
* this list.
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java
index d4484a97c..dfabfccf6 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java
@@ -98,6 +98,12 @@ public class GenerateIFrameTemplateServlet extends AuthServlet {
String bkuURL = oaParam.getBKUURL(bkuid);
String templateURL = AuthConfigurationProvider.getInstance().getSLRequestTemplates(bkuid);
+ if (oaParam.isOnlyMandateAllowed())
+ useMandate = "true";
+
+ if (!oaParam.isShowMandateCheckBox())
+ useMandate = "false";
+
//parse all OA parameters i
StartAuthentificationParameterParser.parse(moasession,
target,
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
index f2b068568..cc1a1304d 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
@@ -24,16 +24,12 @@
package at.gv.egovernment.moa.id.config.auth;
-import iaik.security.cipher.AESKeyGenerator;
-
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.math.BigInteger;
import java.net.MalformedURLException;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
import java.util.ArrayList;
import java.util.Date;
import java.util.HashMap;
@@ -41,17 +37,11 @@ import java.util.List;
import java.util.Map;
import java.util.Properties;
-import javax.crypto.Cipher;
-import javax.crypto.KeyGenerator;
-import javax.crypto.NoSuchPaddingException;
import javax.xml.bind.JAXBContext;
-import javax.xml.bind.Marshaller;
import javax.xml.bind.Unmarshaller;
-import org.apache.commons.io.CopyUtils;
import org.hibernate.cfg.Configuration;
-
import at.gv.egovernment.moa.id.auth.AuthenticationServer;
import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead;
import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
index 99d15a612..d2a70c527 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
@@ -28,6 +28,7 @@ import java.util.ArrayList;
import java.util.List;
import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA;
+import at.gv.egovernment.moa.id.commons.db.dao.config.BKUSelectionCustomizationType;
import at.gv.egovernment.moa.id.commons.db.dao.config.BKUURLS;
import at.gv.egovernment.moa.id.commons.db.dao.config.IdentificationNumber;
import at.gv.egovernment.moa.id.commons.db.dao.config.Mandates;
@@ -41,6 +42,7 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.TransformsInfoType;
import at.gv.egovernment.moa.id.config.ConfigurationUtils;
import at.gv.egovernment.moa.id.config.OAParameter;
import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.util.MiscUtil;
import eu.stork.vidp.messages.builder.STORKMessagesBuilder;
import eu.stork.vidp.messages.common.STORKConstants;
import eu.stork.vidp.messages.stork.QualityAuthenticationAssuranceLevel;
@@ -283,6 +285,43 @@ public String getIdentityLinkDomainIdentifierType() {
return null;
}
+public String getBKUSelectionBackGroundColor() {
+ TemplatesType templates = oa_auth.getTemplates();
+ if (templates != null) {
+ BKUSelectionCustomizationType bkuselection = templates.getBKUSelectionCustomization();
+ if (bkuselection != null) {
+ if (MiscUtil.isNotEmpty(bkuselection.getBackGroundColor()))
+ return bkuselection.getBackGroundColor();
+ }
+ }
+ return null;
+}
+
+
+public boolean isShowMandateCheckBox() {
+ TemplatesType templates = oa_auth.getTemplates();
+ if (templates != null) {
+ BKUSelectionCustomizationType bkuselection = templates.getBKUSelectionCustomization();
+ if (bkuselection != null) {
+ if (bkuselection.isMandateLoginButton() != null)
+ return bkuselection.isMandateLoginButton();
+ }
+ }
+ return true;
+}
+
+public boolean isOnlyMandateAllowed() {
+ TemplatesType templates = oa_auth.getTemplates();
+ if (templates != null) {
+ BKUSelectionCustomizationType bkuselection = templates.getBKUSelectionCustomization();
+ if (bkuselection != null) {
+ if (bkuselection.isOnlyMandateLoginAllowed() != null)
+ return bkuselection.isOnlyMandateLoginAllowed();
+ }
+ }
+ return false;
+}
+
/**
* @return the qaaLevel
*/
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java
index 10729e981..651690166 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java
@@ -168,21 +168,18 @@ public class BuildFromLegacyConfig {
authGeneral.setTimeOuts(timeOuts);
generalAuth.setGeneralConfiguration(authGeneral);
-
- //TODO: set Protocols!!!!
Protocols auth_protocols = new Protocols();
generalAuth.setProtocols(auth_protocols);
LegacyAllowed prot_legacy = new LegacyAllowed();
auth_protocols.setLegacyAllowed(prot_legacy);
- final List<String> PROTOCOLS_LEGACY_ALLOWED = Arrays.asList("id_saml1","id_pvp2x"); //TODO: set default values
+ final List<String> PROTOCOLS_LEGACY_ALLOWED = Arrays.asList("id_saml1","id_pvp2x");
prot_legacy.setProtocolName(PROTOCOLS_LEGACY_ALLOWED);
- //TODO: remove beta test values
PVP2 prot_pvp2 = new PVP2();
auth_protocols.setPVP2(prot_pvp2);
- prot_pvp2.setPublicURLPrefix("https://labda.iaik.tugraz.at:8443/moa-id-auth/");
- prot_pvp2.setIssuerName("MOA-ID 2.0 Demo IDP");
+ prot_pvp2.setPublicURLPrefix("https://....");
+ prot_pvp2.setIssuerName("MOA-ID 2.x IDP");
Organization pvp2_org = new Organization();
prot_pvp2.setOrganization(pvp2_org);
@@ -213,8 +210,8 @@ public class BuildFromLegacyConfig {
//SSO
SSO auth_sso = new SSO();
generalAuth.setSSO(auth_sso);
- auth_sso.setTarget("BF");
- auth_sso.setFriendlyName("EGIZ MOAID 2.0 Beta");
+ auth_sso.setTarget("");
+ auth_sso.setFriendlyName("");
//set SecurityLayer Transformations
@@ -268,7 +265,6 @@ public class BuildFromLegacyConfig {
auth_moaSP.setVerifyAuthBlock(auth_moaSP_verifyAuthBlock);
- //TODO: check correctness!!!
//set IdentityLinkSigners
IdentityLinkSigners auth_idsigners = new IdentityLinkSigners();
generalAuth.setIdentityLinkSigners(auth_idsigners);
@@ -399,7 +395,7 @@ public class BuildFromLegacyConfig {
//set general OA configuration
moa_oa.setCalculateHPI(false); //TODO: Bernd fragen warum das nicht direkt über den Bereichsidentifyer definert wird
moa_oa.setFriendlyName(oa.getFriendlyName());
- moa_oa.setKeyBoxIdentifier(MOAKeyBoxSelector.fromValue(oa.getKeyBoxIdentifier())); //TODO: check correctness
+ moa_oa.setKeyBoxIdentifier(MOAKeyBoxSelector.fromValue(oa.getKeyBoxIdentifier()));
moa_oa.setPublicURLPrefix(oa.getPublicURLPrefix());
moa_oa.setTarget(oa.getTarget());
moa_oa.setTargetFriendlyName(oa.getTargetFriendlyName());
@@ -481,22 +477,7 @@ public class BuildFromLegacyConfig {
//OA_PVP2
OAPVP2 oa_pvp2 = new OAPVP2();
oa_auth.setOAPVP2(oa_pvp2);
-
-// oa_pvp2.setMetadataURL("empty");
-//
-// //TODO: is only a workaround!!!!
-// Properties props = getGeneralPVP2ProperiesConfig(properies);
-// File dir = new File(props.getProperty("idp.truststore"));
-// File[] files = dir.listFiles();
-// if (files.length > 0) {
-// FileInputStream filestream = new FileInputStream(files[0]);
-// X509Certificate signerCertificate = new X509Certificate(filestream);
-// oa_pvp2.setCertificate(signerCertificate.getEncoded());
-//
-// } else {
-// oa_pvp2.setCertificate(null);
-// }
-
+
moa_oas.add(moa_oa);
//ConfigurationDBUtils.save(moa_oa);
}
@@ -531,11 +512,7 @@ public class BuildFromLegacyConfig {
//set trustedCACertificate path
moaIDConfig.setTrustedCACertificates(builder.getTrustedCACertificates());
-
- //TODO: move to read config functionality
- //trustedCACertificates = FileUtils.makeAbsoluteURL(trustedCACertificates, rootConfigFileDir);
-
-
+
//Not required in MOAID 2.0 config (DefaultBKUs & SLRequestTemplates)
//trustedBKUs = builder.getTrustedBKUs();
//trustedTemplateURLs = builder.getTrustedTemplateURLs();
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
index f2352e11e..76bf64f3a 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
@@ -284,7 +284,7 @@ public class AuthenticationManager extends AuthServlet {
String loginForm = LoginFormBuilder.buildLoginForm(target.requestedModule(),
- target.requestedAction(), oaParam.getFriendlyName(), request.getContextPath(), moasession.getSessionID());
+ target.requestedAction(), oaParam, request.getContextPath(), moasession.getSessionID());
//store MOASession
try {
@@ -310,7 +310,7 @@ public class AuthenticationManager extends AuthServlet {
throws ServletException, IOException, MOAIDException {
String form = SendAssertionFormBuilder.buildForm(target.requestedModule(),
- target.requestedAction(), target.getRequestID(), oaParam.getFriendlyName(), request.getContextPath());
+ target.requestedAction(), target.getRequestID(), oaParam, request.getContextPath());
response.setContentType("text/html;charset=UTF-8");
PrintWriter out = new PrintWriter(response.getOutputStream());
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java
index 18eeae58e..e8639a162 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java
@@ -37,7 +37,6 @@ public class SSOManager {
if (instance == null) {
instance = new SSOManager();
- //TODO: move to config based timeout!
try {
sso_timeout = (int) AuthConfigurationProvider.getInstance().getTimeOuts().getMOASessionUpdated().longValue();
@@ -101,7 +100,6 @@ public class SSOManager {
if (correspondingMoaSession == null) {
Logger.info("Get request with old SSO SessionID but no corresponding SSO Session is found.");
- //TODO: ist der OldSSOSessionStore zum Aufräumen?
return null;
}
@@ -159,7 +157,7 @@ public class SSOManager {
if (cookies != null) {
for (Cookie cookie : cookies) {
- //TODO: funktioniert nicht, da Cookie seltsamerweise immer unsecure übertragen wird (firefox)
+ //funktioniert nicht, da Cookie seltsamerweise immer unsecure übertragen wird (firefox)
//if (cookie.getName().equals(SSOCOOKIE) && cookie.getSecure()) {
if (cookie.getName().equals(SSOCOOKIE)) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/monitoring/DatabaseTestModule.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/monitoring/DatabaseTestModule.java
index 24261780a..84aea44a3 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/monitoring/DatabaseTestModule.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/monitoring/DatabaseTestModule.java
@@ -10,8 +10,10 @@ import org.hibernate.Session;
import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead;
import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils;
+import at.gv.egovernment.moa.id.commons.db.StatisticLogDBUtils;
import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration;
import at.gv.egovernment.moa.id.commons.db.dao.session.AssertionStore;
+import at.gv.egovernment.moa.id.commons.db.dao.statistic.StatisticLog;
import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.MiscUtil;
@@ -48,19 +50,25 @@ public class DatabaseTestModule implements TestModuleInterface{
Date expioredate = new Date(new Date().getTime() - 120);
- List<AssertionStore> results;
- Session session = MOASessionDBUtils.getCurrentSession();
-
- synchronized (session) {
- session.beginTransaction();
- Query query = session.getNamedQuery("getAssertionWithTimeOut");
- query.setTimestamp("timeout", expioredate);
- results = query.list();
- session.getTransaction().commit();
+ try {
+ List<AssertionStore> results;
+ Session session = MOASessionDBUtils.getCurrentSession();
+
+ synchronized (session) {
+ session.beginTransaction();
+ Query query = session.getNamedQuery("getAssertionWithTimeOut");
+ query.setTimestamp("timeout", expioredate);
+ results = query.list();
+ session.getTransaction().commit();
+ }
+
+ Logger.trace("Finish Test: MOASessionDatabase");
+ return null;
+
+ } catch (Throwable e) {
+ Logger.warn("Failed Test: MOASessionDatabase", e);
+ return "MOASessionDatabase: " + e.getMessage();
}
-
- Logger.trace("Finish Test: MOASessionDatabase");
- return null;
}
private String testMOAConfigurationDatabase() throws Exception{
@@ -76,8 +84,26 @@ public class DatabaseTestModule implements TestModuleInterface{
private String testMOAAdvancedLoggingDatabase() {
- //TODO: insert advanced Logging Database Tests
+ Date expioredate = new Date(new Date().getTime() - 120);
+ try {
+ Session session = StatisticLogDBUtils.getCurrentSession();
+
+ List<StatisticLog> results;
- return null;
+ synchronized (session) {
+ session.beginTransaction();
+ Query query = session.getNamedQuery("getAllEntriesNotBeforeTimeStamp");
+ query.setTimestamp("timeout", expioredate);
+ results = query.list();
+ session.getTransaction().commit();
+ }
+
+ Logger.trace("Finish Test: AdvancedLoggingDataBase");
+ return null;
+
+ } catch (Throwable e) {
+ Logger.warn("Failed Test: AdvancedLoggingDataBase", e);
+ return "AdvancedLoggingDataBase: " + e.getMessage();
+ }
}
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
index 6055484f7..d507385cd 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
@@ -49,6 +49,7 @@ import at.gv.egovernment.moa.id.protocols.pvp2x.verification.SAMLVerificationEng
import at.gv.egovernment.moa.id.protocols.pvp2x.verification.TrustEngineFactory;
import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
import at.gv.egovernment.moa.id.util.VelocityLogAdapter;
+import at.gv.egovernment.moa.logging.Logger;
public class PVP2XProtocol implements IModulInfo, MOAIDAuthConstants {
@@ -184,6 +185,8 @@ public class PVP2XProtocol implements IModulInfo, MOAIDAuthConstants {
String binding = consumerService.getBinding();
String entityID = moaRequest.getEntityMetadata().getEntityID();
+ Logger.info("Dispatch PVP2 Request: OAURL=" + oaURL + " Binding=" + binding);
+
//String oaURL = (String) request.getParameter(PARAM_OA);
oaURL = StringEscapeUtils.escapeHtml(oaURL);
// if (!ParamValidatorUtils.isValidOA(oaURL))
@@ -194,10 +197,7 @@ public class PVP2XProtocol implements IModulInfo, MOAIDAuthConstants {
config.setBinding(binding);
config.setRequest(moaRequest);
config.setConsumerURL(consumerService.getLocation());
-
- //TODO: set correct target;
- config.setTarget(PVPConfiguration.getInstance().getTargetForSP(entityID));
-
+
String useMandate = request.getParameter(PARAM_USEMANDATE);
if(useMandate != null) {
if(useMandate.equals("true")) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/ArtifactBinding.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/ArtifactBinding.java
index baea32f28..c486d3ff2 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/ArtifactBinding.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/ArtifactBinding.java
@@ -29,7 +29,6 @@ public class ArtifactBinding implements IDecoder, IEncoder {
public void encodeRequest(HttpServletRequest req, HttpServletResponse resp,
RequestAbstractType request, String targetLocation)
throws MessageEncodingException, SecurityException {
- // TODO Auto-generated method stub
}
@@ -82,19 +81,19 @@ public class ArtifactBinding implements IDecoder, IEncoder {
public MOARequest decodeRequest(HttpServletRequest req,
HttpServletResponse resp) throws MessageDecodingException,
SecurityException {
- // TODO Auto-generated method stub
+
return null;
}
public MOAResponse decodeRespone(HttpServletRequest req,
HttpServletResponse resp) throws MessageDecodingException,
SecurityException {
- // TODO Auto-generated method stub
+
return null;
}
public boolean handleDecode(String action, HttpServletRequest req) {
- // TODO Auto-generated method stub
+
return false;
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java
index f8270cf33..1444cdecf 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java
@@ -93,13 +93,16 @@ public class AuthnRequestHandler implements IRequestHandler, PVPConstants {
if (consumerService.getBinding().equals(
SAMLConstants.SAML2_REDIRECT_BINDING_URI)) {
binding = new RedirectBinding();
+
} else if (consumerService.getBinding().equals(
SAMLConstants.SAML2_ARTIFACT_BINDING_URI)) {
// TODO: not supported YET!!
binding = new ArtifactBinding();
+
} else if (consumerService.getBinding().equals(
SAMLConstants.SAML2_POST_BINDING_URI)) {
binding = new PostBinding();
+
}
if (binding == null) {
@@ -109,6 +112,7 @@ public class AuthnRequestHandler implements IRequestHandler, PVPConstants {
try {
binding.encodeRespone(req, resp, authResponse, oaURL);
// TODO add remoteSessionID to AuthSession ExternalPVPSessionStore
+
} catch (MessageEncodingException e) {
Logger.error("Message Encoding exception", e);
throw new MOAIDException("pvp2.01", null, e);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
index a310b16ff..66124df4a 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
@@ -88,6 +88,8 @@ public class SAML1Protocol implements IModulInfo, MOAIDAuthConstants {
"auth.12");
config.setOAURL(oaURL);
+ Logger.info("Dispatch SAML1 Request: OAURL=" + oaURL);
+
//load Target only from OA config
OAAuthParameter oaParam = AuthConfigurationProvider.getInstance()
.getOnlineApplicationParameter(oaURL);
@@ -97,10 +99,7 @@ public class SAML1Protocol implements IModulInfo, MOAIDAuthConstants {
new Object[] { oaURL });
config.setTarget(oaParam.getTarget());
-
-
- //TODO: set reauthenticate if OA.useSSO=false
-
+
request.getSession().setAttribute(PARAM_OA, oaURL);
request.getSession().setAttribute(PARAM_TARGET, oaParam.getTarget());
return config;
@@ -139,26 +138,6 @@ public class SAML1Protocol implements IModulInfo, MOAIDAuthConstants {
public boolean validate(HttpServletRequest request,
HttpServletResponse response, IRequest pending) {
-
- //TODO: funktioniert so nicht!!!
-
-// String oaURL = (String) request.getParameter(PARAM_OA);
-// oaURL = StringEscapeUtils.escapeHtml(oaURL);
-// String target = (String) request.getParameter(PARAM_TARGET);
-// target = StringEscapeUtils.escapeHtml(target);
-//
-// //the target parameter is used to define the OA in SAML1 standard
-// if (target.startsWith("http")) {
-// oaURL = target;
-// target = null;
-// }
-//
-// if (oaURL != null) {
-// if (oaURL.equals(pending.getOAURL()))
-// return true;
-// else
-// return false;
-// }
return true;
}
diff --git a/id/server/idserverlib/src/main/resources/resources/templates/loginFormFull.html b/id/server/idserverlib/src/main/resources/resources/templates/loginFormFull.html
index c6b98dc85..55290d05e 100644
--- a/id/server/idserverlib/src/main/resources/resources/templates/loginFormFull.html
+++ b/id/server/idserverlib/src/main/resources/resources/templates/loginFormFull.html
@@ -176,43 +176,30 @@
<h2 id="tabheader" class="dunkel">
Login mit Bürgerkarte
</h2>
- <div id="bkulogin" class="hell">
+ <div id="bkulogin" class="hell" #BACKGROUNDCOLOR#>
- <div id="mandateLogin" style="margin-top: 10px; margin-bottom: 10px">
+ <div id="mandateLogin" style="margin-bottom: 10px;#MANDATEVISIBLE#">
<table style="margin-left: auto; margin-right: auto;">
<tr>
<td><input tabindex="1" type="checkbox" name="Mandate"
- style="vertical-align: middle; margin-right: 5px"
- id="mandateCheckBox"></td>
+ style="vertical-align: middle; margin-right: 5px;"
+ id="mandateCheckBox" #MANDATECHECKED#></td>
<td><label for="mandateCheckBox">in Vertretung anmelden</label></td>
<td><a href="info_mandates.html" target="_blank"
class="infobutton" style="margin-left: 5px" tabindex="5">i</a></td>
</tr>
-<!-- <tr>
- <td><input tabindex="1" type="checkbox" name="SSO"
- style="vertical-align: middle; margin-right: 5px"
- id="SSOCheckBox"></td>
- <td><label for="SSOCheckBox">Single Sign-On</label></td>
- <td></td>
- </tr> -->
</table>
</div>
- <div id="bkukarte" class="hell">
+ <div id="bkukarte">
<button name="bkuButton" type="button" onClick="bkuOnlineClicked();">KARTE</button>
</div>
- <div id="bkuhandy" class="hell">
+ <div id="bkuhandy">
<button name="bkuButton" type="button" onClick="bkuHandyClicked();">HANDY</button>
</div>
-
- <!-- <div id="mandate">
- <input type="checkbox" name="Mandate" style="vertical-align: middle; margin-right: 5px;" id="mandateCheckBox">
- <label>in Vertretung anmelden</label>
- <a href="info_mandates.html" target="_blank" class="infobutton" style="color:#FFF">i</a>
- </div> -->
-
- <div id="localBKU" class="hell">
+
+ <div id="localBKU">
<hr>
<form method="get" id="moaidform" action="#AUTH_URL#">
<input type="hidden" name="bkuURI" value="#LOCAL#">
@@ -229,7 +216,7 @@
</p>
</div>
- <div id="stork" class="hell" align="center">
+<!-- <div id="stork" align="center">
<div id="leftcontent" style="margin-bottom:10px">
<h2 id="tabheader" class="dunkel">
Home Country Selection
@@ -253,9 +240,9 @@
<a href="info_stork.html" target="_blank" class="infobutton" style="color:#FFF">i</a>
</p>
</div>
- </div>
+ </div> -->
- <div id="metroDetected" style="display:none" class="hell">
+ <div id="metroDetected" style="display:none">
<p>
Anscheinend verwenden Sie Internet Explorer im Metro-Modus. Wählen Sie bitte "Auf dem Desktop anzeigen" aus den Optionen um die Karten-Anmeldung starten zu können.
</p>
diff --git a/id/server/idserverlib/src/main/resources/resources/templates/sendAssertionFormFull.html b/id/server/idserverlib/src/main/resources/resources/templates/sendAssertionFormFull.html
index f977b1d2e..1e5f4229c 100644
--- a/id/server/idserverlib/src/main/resources/resources/templates/sendAssertionFormFull.html
+++ b/id/server/idserverlib/src/main/resources/resources/templates/sendAssertionFormFull.html
@@ -20,13 +20,13 @@
</h2>
- <div id="selectArea" class="hell full">
+ <div id="selectArea" class="hell full" #BACKGROUNDCOLOR#>
<b>Anmeldung an:</b>
<p>#OAName#</p>
<!-- <div class="hell"> -->
- <div id="leftbutton" class="hell full">
+ <div id="leftbutton" class="full">
<form method="post" id="moaidform_yes" action="#URL#">
<input type="hidden" name="value" value="true">
<input type="hidden" name="mod" value="#MODUL#">
@@ -35,7 +35,7 @@
<input type="submit" size="400" value="Ja" class="setAssertionButton_full">
</form>
</div>
- <div id="rightbutton" class="hell full">
+ <div id="rightbutton" class="full">
<form method="post" id="moaidform_no" action="#URL#">
<input type="hidden" name="value" value="false">
<input type="hidden" name="mod" value="#MODUL#">
diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilderTest.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilderTest.java
index f8c5b565f..28f7a8504 100644
--- a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilderTest.java
+++ b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilderTest.java
@@ -77,7 +77,7 @@ public class GetIdentityLinkFormBuilderTest extends TestCase {
String dataURL = "https://1.2.3.4/auth/VerifyIdentityLink?MOASessionID=1234567";
String infoRequest = new CertInfoVerifyXMLSignatureRequestBuilder().build();
String infoDataURL = "https://1.2.3.4/auth/StartAuthentication?Target=gb&OA=https://oa.gv.at/";
- String form = new GetIdentityLinkFormBuilder().build(null, null, xmlRequest, dataURL, infoRequest, infoDataURL, null);
+ String form = new GetIdentityLinkFormBuilder().build(null, null, xmlRequest, dataURL, infoRequest, infoDataURL, null, null);
String formShould = MessageFormat.format(
FORM, new Object[] { BKU, xmlRequest, dataURL, infoRequest, infoDataURL });
assertEquals(formShould, form);
@@ -88,7 +88,7 @@ public class GetIdentityLinkFormBuilderTest extends TestCase {
String infoRequest = new CertInfoVerifyXMLSignatureRequestBuilder().build();
String infoDataURL = "https://1.2.3.4/auth/StartAuthentication?Target=gb&OA=https://oa.gv.at/";
String bkuURL = "http://bku.at/";
- String form = new GetIdentityLinkFormBuilder().build(null, bkuURL, xmlRequest, dataURL, infoRequest, infoDataURL, null);
+ String form = new GetIdentityLinkFormBuilder().build(null, bkuURL, xmlRequest, dataURL, infoRequest, infoDataURL, null, null);
String formShould = MessageFormat.format(
FORM, new Object[] { bkuURL, xmlRequest, dataURL, infoRequest, infoDataURL });
assertEquals(formShould, form);