Fixing issue #2

author: Andreas Fitzek <andreas.fitzek@iaik.tugraz.at> 2013-06-18 11:12:04 +0200
committer: Andreas Fitzek <andreas.fitzek@iaik.tugraz.at> 2013-06-18 11:12:04 +0200
commit: 2f0511d495a107b3a48b378084f0bbc74d7d5fb7 (patch)
tree: 8a6df12bdb6a26545d2849d008611a4c4515a479 /id/server/idserverlib/src
parent: e950948eb691581e58607e633847e6f4b93769f9 (diff)
download: moa-id-spss-2f0511d495a107b3a48b378084f0bbc74d7d5fb7.tar.gz
moa-id-spss-2f0511d495a107b3a48b378084f0bbc74d7d5fb7.tar.bz2
moa-id-spss-2f0511d495a107b3a48b378084f0bbc74d7d5fb7.zip
11 files changed, 479 insertions, 254 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java
index 16041f8cb..187cf4fdb 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java
@@ -21,7 +21,6 @@
  * that you distribute must include a readable copy of the "NOTICE" text file.
  */
 
-
 package at.gv.egovernment.moa.id.auth.servlet;
 
 import java.io.ByteArrayOutputStream;
@@ -47,228 +46,312 @@ import org.apache.commons.fileupload.disk.DiskFileItemFactory;
 import org.apache.commons.fileupload.servlet.ServletFileUpload;
 
 import at.gv.egovernment.moa.id.AuthenticationException;
-import at.gv.egovernment.moa.id.auth.AuthenticationServer;
 import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
 import at.gv.egovernment.moa.id.auth.WrongParametersException;
-import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
-import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
 import at.gv.egovernment.moa.id.config.ConfigurationException;
 import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
+import at.gv.egovernment.moa.id.storage.ExceptionStoreImpl;
+import at.gv.egovernment.moa.id.storage.IExceptionStore;
+import at.gv.egovernment.moa.id.util.ServletUtils;
 import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.BoolUtils;
 import at.gv.egovernment.moa.util.URLDecoder;
-import at.gv.egovernment.moa.util.URLEncoder;
 
 /**
- * Base class for MOA-ID Auth Servlets, providing standard error handling
- * and constant names.
+ * Base class for MOA-ID Auth Servlets, providing standard error handling and
+ * constant names.
  * 
  * @author Paul Ivancsics
  * @version $Id$
  */
 public class AuthServlet extends HttpServlet implements MOAIDAuthConstants {
 
-
-  /**
+	/**
 	 * 
 	 */
 	private static final long serialVersionUID = -6929905344382283738L;
-	
-	
 
+	protected static final String ERROR_CODE_PARAM = "errorid";
+	
 	@Override
 	protected void doGet(HttpServletRequest req, HttpServletResponse resp)
-		throws ServletException, IOException {
-		Logger.debug("GET " +  this.getServletName());
+			throws ServletException, IOException {
+		Logger.debug("GET " + this.getServletName());
 
 		this.setNoCachingHeadersInHttpRespone(req, resp);
-}
-/**
-   * Handles an error. <br>>
-   * <ul>
-   * <li>Logs the error</li>
-   * <li>Places error message and exception thrown into the request 
-   * 		 as request attributes (to be used by <code>"/errorpage-auth.jsp"</code>)</li>
-   * <li>Sets HTTP status 500 (internal server error)</li>
-   * </ul>
-   * 
-   * @param errorMessage error message
-   * @param exceptionThrown exception thrown
-   * @param req servlet request
-   * @param resp servlet response
-   */
-	protected void handleError(
-		String errorMessage, Throwable exceptionThrown, HttpServletRequest req, HttpServletResponse resp) {
+	}
 
-		
-		if(null != errorMessage) {
+	protected void handleErrorNoRedirect(String errorMessage, Throwable exceptionThrown,
+			HttpServletRequest req, HttpServletResponse resp) {
+
+		if (null != errorMessage) {
 			Logger.error(errorMessage);
-			req.setAttribute("ErrorMessage", errorMessage	);	
+			req.setAttribute("ErrorMessage", errorMessage);
 		}
-		
-		
+
 		if (null != exceptionThrown) {
-			if(null == errorMessage) errorMessage = exceptionThrown.getMessage();
+			if (null == errorMessage)
+				errorMessage = exceptionThrown.getMessage();
 			Logger.error(errorMessage, exceptionThrown);
 			req.setAttribute("ExceptionThrown", exceptionThrown);
 		}
-		
+
 		if (Logger.isDebugEnabled()) {
-		   req.setAttribute("LogLevel", "debug");
+			req.setAttribute("LogLevel", "debug");
 		}
-				
-		//forward this to errorpage-auth.jsp where the HTML error page is generated
+		
+		// forward this to errorpage-auth.jsp where the HTML error page is
+		// generated
 		ServletContext context = getServletContext();
-		RequestDispatcher dispatcher = context.getRequestDispatcher("/errorpage-auth.jsp");
-		try		{
-			
-			 resp.setHeader(MOAIDAuthConstants.HEADER_EXPIRES,MOAIDAuthConstants.HEADER_VALUE_EXPIRES);
-				resp.setHeader(MOAIDAuthConstants.HEADER_PRAGMA,MOAIDAuthConstants.HEADER_VALUE_PRAGMA);
-				resp.setHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL);
-				resp.addHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL_IE);
-			
-      dispatcher.forward(req, resp);
-    } catch (ServletException e) {
-      Logger.error(e);
-    } catch (IOException e) {
+		RequestDispatcher dispatcher = context
+				.getRequestDispatcher("/errorpage-auth.jsp");
+		try {
+
+			resp.setHeader(MOAIDAuthConstants.HEADER_EXPIRES,
+					MOAIDAuthConstants.HEADER_VALUE_EXPIRES);
+			resp.setHeader(MOAIDAuthConstants.HEADER_PRAGMA,
+					MOAIDAuthConstants.HEADER_VALUE_PRAGMA);
+			resp.setHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,
+					MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL);
+			resp.addHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,
+					MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL_IE);
+
+			dispatcher.forward(req, resp);
+		} catch (ServletException e) {
 			Logger.error(e);
-    }
-		
+		} catch (IOException e) {
+			Logger.error(e);
+		}
 	}
-  /**
-   * Handles a <code>WrongParametersException</code>.
-   * @param req servlet request
-   * @param resp servlet response
-   */
-  protected void handleWrongParameters(WrongParametersException ex, HttpServletRequest req, HttpServletResponse resp) {
-    Logger.error(ex.toString());
-    req.setAttribute("WrongParameters", ex.getMessage());
-
-    //	forward this to errorpage-auth.jsp where the HTML error page is generated 
-    ServletContext context = getServletContext();
-    RequestDispatcher dispatcher = context.getRequestDispatcher("/errorpage-auth.jsp");
-    try {
-    	resp.setHeader(MOAIDAuthConstants.HEADER_EXPIRES,MOAIDAuthConstants.HEADER_VALUE_EXPIRES);
-		resp.setHeader(MOAIDAuthConstants.HEADER_PRAGMA,MOAIDAuthConstants.HEADER_VALUE_PRAGMA);
-		resp.setHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL);
-		resp.addHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL_IE);
+	
+	/**
+	 * Handles an error. <br>>
+	 * <ul>
+	 * <li>Logs the error</li>
+	 * <li>Places error message and exception thrown into the request as request
+	 * attributes (to be used by <code>"/errorpage-auth.jsp"</code>)</li>
+	 * <li>Sets HTTP status 500 (internal server error)</li>
+	 * </ul>
+	 * 
+	 * @param errorMessage
+	 *            error message
+	 * @param exceptionThrown
+	 *            exception thrown
+	 * @param req
+	 *            servlet request
+	 * @param resp
+	 *            servlet response
+	 */
+	protected void handleError(String errorMessage, Throwable exceptionThrown,
+			HttpServletRequest req, HttpServletResponse resp) {
+
+		if (null != errorMessage) {
+			Logger.error(errorMessage);
+			req.setAttribute("ErrorMessage", errorMessage);
+		}
+
+		if (null != exceptionThrown) {
+			if (null == errorMessage)
+				errorMessage = exceptionThrown.getMessage();
+			Logger.error(errorMessage, exceptionThrown);
+			req.setAttribute("ExceptionThrown", exceptionThrown);
+		}
+
+		if (Logger.isDebugEnabled()) {
+			req.setAttribute("LogLevel", "debug");
+		}
+
+		IExceptionStore store = ExceptionStoreImpl.getStore();
+		String id = store.storeException(exceptionThrown);
+
+		String redirectURL = null;
+
+		redirectURL = ServletUtils.getBaseUrl(req);
+		redirectURL += "/dispatcher?" + ERROR_CODE_PARAM + "=" + id;
 		
-      dispatcher.forward(req, resp);
-    } catch (ServletException e) {
-      Logger.error(e);
-    } catch (IOException e) {
-      Logger.error(e);
-    }
-  }
-  
-  /**
-   * Logs all servlet parameters for debugging purposes.
-   */
-  protected void logParameters(HttpServletRequest req) {
-    for (Enumeration params = req.getParameterNames(); params.hasMoreElements(); ) {
-      String parname = (String)params.nextElement();
-      Logger.debug("Parameter " + parname + req.getParameter(parname));    
-    }
-  }
-  
-  /**
-     * Parses the request input stream for parameters, assuming parameters are encoded UTF-8
-     * (no standard exists how browsers should encode them).
-     * 
-     * @param req servlet request
-     * 
-     * @return mapping parameter name -> value
-     * 
-     * @throws IOException if parsing request parameters fails.
-     * 
-     * @throws FileUploadException if parsing request parameters fails.
-     */
-  protected Map getParameters(HttpServletRequest req) 
-    throws IOException, FileUploadException {
-    
-    Map parameters = new HashMap();
-
- 
-    if (ServletFileUpload.isMultipartContent(req))
-    {
-      // request is encoded as mulitpart/form-data
-      FileItemFactory factory = new DiskFileItemFactory();
-      ServletFileUpload upload = null;
-      upload = new ServletFileUpload(factory);
-      List items = null;
-      items = upload.parseRequest(req);
-      for (int i = 0; i < items.size(); i++)
-      {
-        FileItem item = (FileItem) items.get(i);
-        if (item.isFormField())
-        {
-          // Process only form fields - no file upload items
-          String logString =  item.getString("UTF-8");
-       
-          // TODO use RegExp
-          String startS = "<pr:Identification><pr:Value>";
-          String endS = "</pr:Value><pr:Type>urn:publicid:gv.at:baseid</pr:Type>";
-          String logWithMaskedBaseid = logString;
-          int start = logString.indexOf(startS);
-          if (start > -1) {
-             int end = logString.indexOf(endS);
-             if (end > -1) {
-                logWithMaskedBaseid = logString.substring(0, start);
-                logWithMaskedBaseid += startS;
-                logWithMaskedBaseid += "xxxxxxxxxxxxxxxxxxxxxxxx";
-                logWithMaskedBaseid += logString.substring(end, logString.length());
-             }
-          }
-          parameters.put(item.getFieldName(), item.getString("UTF-8"));
-          Logger.debug("Processed multipart/form-data request parameter: \nName: " +
-              item.getFieldName() + "\nValue: " + 
-              logWithMaskedBaseid);
-        }
-      }
-    }
-    
-    else
-    {
-      // request is encoded as application/x-www-urlencoded
-      InputStream in = req.getInputStream();
-
-      String paramName;
-      String paramValueURLEncoded;
-      do {
-        paramName = new String(readBytesUpTo(in, '='));
-        if (paramName.length() > 0) {
-          paramValueURLEncoded = readBytesUpTo(in, '&');
-          String paramValue = URLDecoder.decode(paramValueURLEncoded, "UTF-8");
-          parameters.put(paramName, paramValue);
-        }
-      }
-      while (paramName.length() > 0);
-      in.close();
-    }
-
-    return parameters;
-  }
-  
-  /**
-     * Reads bytes up to a delimiter, consuming the delimiter.
-     * @param in input stream
-     * @param delimiter delimiter character
-     * @return String constructed from the read bytes
-     * @throws IOException
-     */
-  protected String readBytesUpTo(InputStream in, char delimiter) throws IOException {
-    ByteArrayOutputStream bout = new ByteArrayOutputStream();
-    boolean done = false;
-    int b;
-    while (! done && (b = in.read()) >= 0) {
-      if (b == delimiter)
-        done = true;
-      else
-        bout.write(b);
-    }
-    return bout.toString();
-  }
+		resp.setContentType("text/html");
+		resp.setStatus(302);
 	
+		resp.addHeader("Location", redirectURL);		
+		Logger.debug("REDIRECT TO: " + redirectURL);	
+		
+		return;
+		/*
+		// forward this to errorpage-auth.jsp where the HTML error page is
+		// generated
+		ServletContext context = getServletContext();
+		RequestDispatcher dispatcher = context
+				.getRequestDispatcher("/errorpage-auth.jsp");
+		try {
+
+			resp.setHeader(MOAIDAuthConstants.HEADER_EXPIRES,
+					MOAIDAuthConstants.HEADER_VALUE_EXPIRES);
+			resp.setHeader(MOAIDAuthConstants.HEADER_PRAGMA,
+					MOAIDAuthConstants.HEADER_VALUE_PRAGMA);
+			resp.setHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,
+					MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL);
+			resp.addHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,
+					MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL_IE);
+
+			dispatcher.forward(req, resp);
+		} catch (ServletException e) {
+			Logger.error(e);
+		} catch (IOException e) {
+			Logger.error(e);
+		}
+		*/
+	}
+
+	/**
+	 * Handles a <code>WrongParametersException</code>.
+	 * 
+	 * @param req
+	 *            servlet request
+	 * @param resp
+	 *            servlet response
+	 */
+	protected void handleWrongParameters(WrongParametersException ex,
+			HttpServletRequest req, HttpServletResponse resp) {
+		Logger.error(ex.toString());
+		req.setAttribute("WrongParameters", ex.getMessage());
+
+		// forward this to errorpage-auth.jsp where the HTML error page is
+		// generated
+		ServletContext context = getServletContext();
+		RequestDispatcher dispatcher = context
+				.getRequestDispatcher("/errorpage-auth.jsp");
+		try {
+			resp.setHeader(MOAIDAuthConstants.HEADER_EXPIRES,
+					MOAIDAuthConstants.HEADER_VALUE_EXPIRES);
+			resp.setHeader(MOAIDAuthConstants.HEADER_PRAGMA,
+					MOAIDAuthConstants.HEADER_VALUE_PRAGMA);
+			resp.setHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,
+					MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL);
+			resp.addHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,
+					MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL_IE);
+
+			dispatcher.forward(req, resp);
+		} catch (ServletException e) {
+			Logger.error(e);
+		} catch (IOException e) {
+			Logger.error(e);
+		}
+	}
+
+	/**
+	 * Logs all servlet parameters for debugging purposes.
+	 */
+	protected void logParameters(HttpServletRequest req) {
+		for (Enumeration params = req.getParameterNames(); params
+				.hasMoreElements();) {
+			String parname = (String) params.nextElement();
+			Logger.debug("Parameter " + parname + req.getParameter(parname));
+		}
+	}
+
+	/**
+	 * Parses the request input stream for parameters, assuming parameters are
+	 * encoded UTF-8 (no standard exists how browsers should encode them).
+	 * 
+	 * @param req
+	 *            servlet request
+	 * 
+	 * @return mapping parameter name -> value
+	 * 
+	 * @throws IOException
+	 *             if parsing request parameters fails.
+	 * 
+	 * @throws FileUploadException
+	 *             if parsing request parameters fails.
+	 */
+	protected Map getParameters(HttpServletRequest req) throws IOException,
+			FileUploadException {
+
+		Map parameters = new HashMap();
+
+		if (ServletFileUpload.isMultipartContent(req)) {
+			// request is encoded as mulitpart/form-data
+			FileItemFactory factory = new DiskFileItemFactory();
+			ServletFileUpload upload = null;
+			upload = new ServletFileUpload(factory);
+			List items = null;
+			items = upload.parseRequest(req);
+			for (int i = 0; i < items.size(); i++) {
+				FileItem item = (FileItem) items.get(i);
+				if (item.isFormField()) {
+					// Process only form fields - no file upload items
+					String logString = item.getString("UTF-8");
+
+					// TODO use RegExp
+					String startS = "<pr:Identification><pr:Value>";
+					String endS = "</pr:Value><pr:Type>urn:publicid:gv.at:baseid</pr:Type>";
+					String logWithMaskedBaseid = logString;
+					int start = logString.indexOf(startS);
+					if (start > -1) {
+						int end = logString.indexOf(endS);
+						if (end > -1) {
+							logWithMaskedBaseid = logString.substring(0, start);
+							logWithMaskedBaseid += startS;
+							logWithMaskedBaseid += "xxxxxxxxxxxxxxxxxxxxxxxx";
+							logWithMaskedBaseid += logString.substring(end,
+									logString.length());
+						}
+					}
+					parameters
+							.put(item.getFieldName(), item.getString("UTF-8"));
+					Logger.debug("Processed multipart/form-data request parameter: \nName: "
+							+ item.getFieldName()
+							+ "\nValue: "
+							+ logWithMaskedBaseid);
+				}
+			}
+		}
+
+		else {
+			// request is encoded as application/x-www-urlencoded
+			InputStream in = req.getInputStream();
+
+			String paramName;
+			String paramValueURLEncoded;
+			do {
+				paramName = new String(readBytesUpTo(in, '='));
+				if (paramName.length() > 0) {
+					paramValueURLEncoded = readBytesUpTo(in, '&');
+					String paramValue = URLDecoder.decode(paramValueURLEncoded,
+							"UTF-8");
+					parameters.put(paramName, paramValue);
+				}
+			} while (paramName.length() > 0);
+			in.close();
+		}
+
+		return parameters;
+	}
+
+	/**
+	 * Reads bytes up to a delimiter, consuming the delimiter.
+	 * 
+	 * @param in
+	 *            input stream
+	 * @param delimiter
+	 *            delimiter character
+	 * @return String constructed from the read bytes
+	 * @throws IOException
+	 */
+	protected String readBytesUpTo(InputStream in, char delimiter)
+			throws IOException {
+		ByteArrayOutputStream bout = new ByteArrayOutputStream();
+		boolean done = false;
+		int b;
+		while (!done && (b = in.read()) >= 0) {
+			if (b == delimiter)
+				done = true;
+			else
+				bout.write(b);
+		}
+		return bout.toString();
+	}
+
 	/**
 	 * Calls the web application initializer.
 	 * 
@@ -277,51 +360,70 @@ public class AuthServlet extends HttpServlet implements MOAIDAuthConstants {
 	public void init(ServletConfig servletConfig) throws ServletException {
 		super.init(servletConfig);
 	}
-	
+
 	/**
 	 * Set response headers to avoid caching
-	 * @param request HttpServletRequest
-	 * @param response HttpServletResponse
+	 * 
+	 * @param request
+	 *            HttpServletRequest
+	 * @param response
+	 *            HttpServletResponse
 	 */
-	protected void setNoCachingHeadersInHttpRespone(HttpServletRequest request, HttpServletResponse response) {
-		response.setHeader(MOAIDAuthConstants.HEADER_EXPIRES,MOAIDAuthConstants.HEADER_VALUE_EXPIRES);
-		response.setHeader(MOAIDAuthConstants.HEADER_PRAGMA,MOAIDAuthConstants.HEADER_VALUE_PRAGMA);
-		response.setHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL);
-		response.addHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL_IE);
-		
+	protected void setNoCachingHeadersInHttpRespone(HttpServletRequest request,
+			HttpServletResponse response) {
+		response.setHeader(MOAIDAuthConstants.HEADER_EXPIRES,
+				MOAIDAuthConstants.HEADER_VALUE_EXPIRES);
+		response.setHeader(MOAIDAuthConstants.HEADER_PRAGMA,
+				MOAIDAuthConstants.HEADER_VALUE_PRAGMA);
+		response.setHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,
+				MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL);
+		response.addHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,
+				MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL_IE);
+
 	}
-	
+
+	/**
+	 * Adds a parameter to a URL.
+	 * 
+	 * @param url
+	 *            the URL
+	 * @param paramname
+	 *            parameter name
+	 * @param paramvalue
+	 *            parameter value
+	 * @return the URL with parameter added
+	 */
+	protected static String addURLParameter(String url, String paramname,
+			String paramvalue) {
+		String param = paramname + "=" + paramvalue;
+		if (url.indexOf("?") < 0)
+			return url + "?" + param;
+		else
+			return url + "&" + param;
+	}
+
 	/**
-	   * Adds a parameter to a URL.
-	   * @param url the URL
-	   * @param paramname parameter name
-	   * @param paramvalue parameter value
-	   * @return the URL with parameter added
-	   */
-	  protected static String addURLParameter(String url, String paramname, String paramvalue) {
-			String param = paramname + "=" + paramvalue;
-	  	if (url.indexOf("?") < 0)
-		  	return url + "?" + param;
-	  	else
-	  		return url + "&" + param;
-	  }
-
-	  /**
-	   * Checks if HTTP requests are allowed
-	   * @param authURL requestURL
-	   * @throws AuthenticationException if HTTP requests are not allowed
-	   * @throws ConfigurationException
-	   */
-	  protected void checkIfHTTPisAllowed(String authURL) throws AuthenticationException, ConfigurationException {
+	 * Checks if HTTP requests are allowed
+	 * 
+	 * @param authURL
+	 *            requestURL
+	 * @throws AuthenticationException
+	 *             if HTTP requests are not allowed
+	 * @throws ConfigurationException
+	 */
+	protected void checkIfHTTPisAllowed(String authURL)
+			throws AuthenticationException, ConfigurationException {
 		// check if HTTP Connection may be allowed (through
-			// FRONTEND_SERVLETS_ENABLE_HTTP_CONNECTION_PROPERTY)
-			String boolStr = AuthConfigurationProvider.getInstance().getGenericConfigurationParameter(
-							AuthConfigurationProvider.FRONTEND_SERVLETS_ENABLE_HTTP_CONNECTION_PROPERTY);
-			if ((!authURL.startsWith("https:"))
-					&& (false == BoolUtils.valueOf(boolStr)))
-				throw new AuthenticationException("auth.07",
-						new Object[] { authURL + "*" });
-			
-	  }
+		// FRONTEND_SERVLETS_ENABLE_HTTP_CONNECTION_PROPERTY)
+		String boolStr = AuthConfigurationProvider
+				.getInstance()
+				.getGenericConfigurationParameter(
+						AuthConfigurationProvider.FRONTEND_SERVLETS_ENABLE_HTTP_CONNECTION_PROPERTY);
+		if ((!authURL.startsWith("https:"))
+				&& (false == BoolUtils.valueOf(boolStr)))
+			throw new AuthenticationException("auth.07", new Object[] { authURL
+					+ "*" });
+
+	}
 
 }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
index 5fa0dfcc3..c3f835edb 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
@@ -3,13 +3,16 @@ package at.gv.egovernment.moa.id.entrypoints;
 import java.io.IOException;
 import java.util.Iterator;
 
+import javax.servlet.RequestDispatcher;
 import javax.servlet.ServletConfig;
+import javax.servlet.ServletContext;
 import javax.servlet.ServletException;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import javax.servlet.http.HttpSession;
 
 import at.gv.egovernment.moa.id.MOAIDException;
+import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
 import at.gv.egovernment.moa.id.auth.MOAIDAuthInitializer;
 import at.gv.egovernment.moa.id.auth.WrongParametersException;
 import at.gv.egovernment.moa.id.auth.servlet.AuthServlet;
@@ -20,6 +23,7 @@ import at.gv.egovernment.moa.id.moduls.IRequest;
 import at.gv.egovernment.moa.id.moduls.ModulStorage;
 import at.gv.egovernment.moa.id.moduls.NoPassivAuthenticationException;
 import at.gv.egovernment.moa.id.moduls.RequestStorage;
+import at.gv.egovernment.moa.id.storage.ExceptionStoreImpl;
 import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
 import at.gv.egovernment.moa.logging.Logger;
 
@@ -52,6 +56,46 @@ public class DispatcherServlet extends AuthServlet {
 	protected void processRequest(HttpServletRequest req,
 			HttpServletResponse resp) throws ServletException, IOException {
 		try {
+			String errorid = req.getParameter(ERROR_CODE_PARAM);
+			if (errorid != null) {
+
+				Throwable throwable = ExceptionStoreImpl.getStore()
+						.fetchException(errorid);
+				ExceptionStoreImpl.getStore().removeException(errorid);
+
+				if (throwable != null) {
+
+					IRequest errorRequest = RequestStorage
+							.getPendingRequest(req.getSession());
+					if (errorRequest != null) {
+						try {
+							IModulInfo handlingModule = ModulStorage
+									.getModuleByPath(errorRequest
+											.requestedModule());
+							if (handlingModule != null) {
+								if (handlingModule.generateErrorMessage(
+										throwable, req, resp, errorRequest)) {
+									return;
+								}
+							}
+						} catch (Throwable e) {
+							Logger.error(e);
+							handleErrorNoRedirect(throwable.getMessage(),
+									throwable, req, resp);
+						}
+					}
+					handleErrorNoRedirect(throwable.getMessage(), throwable,
+							req, resp);
+
+				} else {
+					// TODO: use better string
+					handleErrorNoRedirect("UNKOWN ERROR DETECTED!", null, req,
+							resp);
+				}
+
+				return;
+			}
+
 			Object moduleObject = req.getParameter(PARAM_TARGET_MODULE);
 			String module = null;
 			if (moduleObject != null && (moduleObject instanceof String)) {
@@ -114,8 +158,7 @@ public class DispatcherServlet extends AuthServlet {
 			HttpSession httpSession = req.getSession();
 			IRequest protocolRequest = null;
 			try {
-				protocolRequest = RequestStorage
-						.getPendingRequest(httpSession);
+				protocolRequest = RequestStorage.getPendingRequest(httpSession);
 
 				if (protocolRequest != null) {
 					// check if pending request is same protocol and action
@@ -183,11 +226,11 @@ public class DispatcherServlet extends AuthServlet {
 				}
 
 				moduleAction.processRequest(protocolRequest, req, resp);
-				
+
 				RequestStorage.removePendingRequest(httpSession);
 
 				AuthenticationManager.logout(req, resp);
-				
+
 			} catch (Throwable e) {
 				e.printStackTrace();
 				// Try handle module specific, if not possible rethrow
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
index d2a3764cd..5f38cd05a 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
@@ -14,6 +14,7 @@ import org.apache.commons.lang.StringEscapeUtils;
 import org.opensaml.common.xml.SAMLConstants;
 import org.opensaml.saml2.core.AuthnRequest;
 import org.opensaml.saml2.core.RequestAbstractType;
+import org.opensaml.saml2.core.Response;
 import org.opensaml.saml2.core.Status;
 import org.opensaml.saml2.core.StatusCode;
 import org.opensaml.saml2.core.StatusMessage;
@@ -31,12 +32,14 @@ import at.gv.egovernment.moa.id.moduls.IRequest;
 import at.gv.egovernment.moa.id.moduls.NoPassivAuthenticationException;
 import at.gv.egovernment.moa.id.moduls.ServletInfo;
 import at.gv.egovernment.moa.id.moduls.ServletType;
+import at.gv.egovernment.moa.id.protocols.pvp2x.binding.ArtifactBinding;
 import at.gv.egovernment.moa.id.protocols.pvp2x.binding.IDecoder;
 import at.gv.egovernment.moa.id.protocols.pvp2x.binding.IEncoder;
 import at.gv.egovernment.moa.id.protocols.pvp2x.binding.MOARequest;
 import at.gv.egovernment.moa.id.protocols.pvp2x.binding.PostBinding;
 import at.gv.egovernment.moa.id.protocols.pvp2x.binding.RedirectBinding;
 import at.gv.egovernment.moa.id.protocols.pvp2x.config.PVPConfiguration;
+import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.InvalidAssertionConsumerServiceException;
 import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.PVP2Exception;
 import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils;
 import at.gv.egovernment.moa.id.protocols.pvp2x.verification.SAMLVerificationEngine;
@@ -135,12 +138,10 @@ public class PVP2XProtocol implements IModulInfo, MOAIDAuthConstants {
 			//Logger.info("SAML : " + xml);
 			
 			if(!moaRequest.isVerified()) {
-				// TODO: verify samlReq
 				SAMLVerificationEngine engine = new SAMLVerificationEngine();
 				engine.verifyRequest(samlReq, TrustEngineFactory.getSignatureKnownKeysTrustEngine());
 				moaRequest.setVerified(true);
 			}
-			// TODO: OAURL is AssertionConsumerService URL from entitydescriptor ...
 			
 			if(!(samlReq instanceof AuthnRequest)) {
 				throw new MOAIDException("Unsupported request", new Object[] {});
@@ -159,7 +160,7 @@ public class PVP2XProtocol implements IModulInfo, MOAIDAuthConstants {
 			SPSSODescriptor spSSODescriptor = metadata.getSPSSODescriptor(SAMLConstants.SAML20P_NS);
 			AssertionConsumerService consumerService  = spSSODescriptor.getAssertionConsumerServices().get(idx);
 			String oaURL = consumerService.getLocation();
-			
+			String binding = consumerService.getBinding();
 			String entityID = moaRequest.getEntityMetadata().getEntityID();
 			
 			//String oaURL = (String) request.getParameter(PARAM_OA);
@@ -168,6 +169,7 @@ public class PVP2XProtocol implements IModulInfo, MOAIDAuthConstants {
 				throw new WrongParametersException("StartAuthentication",
 						PARAM_OA, "auth.12");
 			config.setOAURL(oaURL);
+			config.setBinding(binding);
 			config.setRequest(moaRequest);
 			config.setTarget(PVPConfiguration.getInstance().getTargetForSP(entityID));
 			
@@ -188,8 +190,13 @@ public class PVP2XProtocol implements IModulInfo, MOAIDAuthConstants {
 			throw e;
 		}
 		
-		StatusResponseType samlResponse = 
-				SAML2Utils.createSAMLObject(StatusResponseType.class);
+		if(!(protocolRequest instanceof PVPTargetConfiguration) ) {
+			throw e;
+		}
+		PVPTargetConfiguration pvpRequest = (PVPTargetConfiguration)protocolRequest;
+		
+		Response samlResponse = 
+				SAML2Utils.createSAMLObject(Response.class);
 		Status status = SAML2Utils.createSAMLObject(Status.class);
 		StatusCode statusCode = SAML2Utils.createSAMLObject(StatusCode.class);
 		StatusMessage statusMessage = SAML2Utils.createSAMLObject(StatusMessage.class);
@@ -213,7 +220,22 @@ public class PVP2XProtocol implements IModulInfo, MOAIDAuthConstants {
 			status.setStatusMessage(statusMessage);
 		}
 		samlResponse.setStatus(status);
-		IEncoder encoder = new RedirectBinding();
+		
+		IEncoder encoder = null;
+		
+		if(pvpRequest.getBinding().equals(SAMLConstants.SAML2_REDIRECT_BINDING_URI)) {
+			encoder = new RedirectBinding();
+		} else if(pvpRequest.getBinding().equals(SAMLConstants.SAML2_ARTIFACT_BINDING_URI)) {
+			// TODO: not supported YET!!
+			//binding = new ArtifactBinding();
+		} else if(pvpRequest.getBinding().equals(SAMLConstants.SAML2_POST_BINDING_URI))  {
+			encoder = new PostBinding();
+		}
+
+		if(encoder == null) {
+			// default to redirect binding
+			encoder = new RedirectBinding();
+		}
 
 		encoder.encodeRespone(request, response, samlResponse, protocolRequest.getOAURL());
 		return true;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPTargetConfiguration.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPTargetConfiguration.java
index 1f13cdfb5..d15c307a1 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPTargetConfiguration.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPTargetConfiguration.java
@@ -5,6 +5,7 @@ import at.gv.egovernment.moa.id.protocols.pvp2x.binding.MOARequest;
 
 public class PVPTargetConfiguration extends RequestImpl {
 	MOARequest request;
+	String binding;
 
 	public MOARequest getRequest() {
 		return request;
@@ -13,4 +14,12 @@ public class PVPTargetConfiguration extends RequestImpl {
 	public void setRequest(MOARequest request) {
 		this.request = request;
 	}
+
+	public String getBinding() {
+		return binding;
+	}
+
+	public void setBinding(String binding) {
+		this.binding = binding;
+	}
 }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java
index 1b55d4b2e..048ad8b38 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java
@@ -52,9 +52,6 @@ public class PostBinding implements IDecoder, IEncoder {
 			Credential credentials = CredentialProvider
 					.getIDPSigningCredential();
 
-			Signature signer = CredentialProvider.getIDPSignature(credentials);
-			response.setSignature(signer);
-
 			VelocityEngine engine = new VelocityEngine();
 			engine.setProperty(RuntimeConstants.ENCODING_DEFAULT, "UTF-8");
 			engine.setProperty(RuntimeConstants.OUTPUT_ENCODING, "UTF-8");
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/RedirectBinding.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/RedirectBinding.java
index a4670d3fc..d90e59c35 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/RedirectBinding.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/RedirectBinding.java
@@ -25,7 +25,6 @@ import org.opensaml.ws.transport.http.HttpServletResponseAdapter;
 import org.opensaml.xml.parse.BasicParserPool;
 import org.opensaml.xml.security.SecurityException;
 import org.opensaml.xml.security.credential.Credential;
-import org.opensaml.xml.signature.Signature;
 
 import at.gv.egovernment.moa.id.protocols.pvp2x.PVP2XProtocol;
 import at.gv.egovernment.moa.id.protocols.pvp2x.metadata.MOAMetadataProvider;
@@ -38,7 +37,7 @@ public class RedirectBinding implements IDecoder, IEncoder {
 	public void encodeRequest(HttpServletRequest req, HttpServletResponse resp,
 			RequestAbstractType request, String targetLocation)
 			throws MessageEncodingException, SecurityException {
-
+		//TODO: implement
 	}
 
 	public void encodeRespone(HttpServletRequest req, HttpServletResponse resp,
@@ -48,10 +47,6 @@ public class RedirectBinding implements IDecoder, IEncoder {
 			Credential credentials = CredentialProvider
 					.getIDPSigningCredential();
 
-			Signature signer = CredentialProvider.getIDPSignature(credentials);
-			response.setSignature(signer);
-			
-
 			HTTPRedirectDeflateEncoder encoder = new HTTPRedirectDeflateEncoder();
 			HttpServletResponseAdapter responseAdapter = new HttpServletResponseAdapter(
 					resp, true);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/SoapBinding.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/SoapBinding.java
index 558f19b4f..ced20ce9c 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/SoapBinding.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/SoapBinding.java
@@ -71,7 +71,7 @@ public class SoapBinding implements IDecoder, IEncoder {
 			StatusResponseType response, String targetLocation)
 			throws MessageEncodingException, SecurityException {
 		HTTPSOAP11Encoder encoder = new HTTPSOAP11Encoder();
-		
+		// TODO
 	}
 
 }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java
index 9e795c51c..4f778f27b 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java
@@ -7,7 +7,6 @@ import javax.servlet.http.HttpServletResponse;
 
 import org.joda.time.DateTime;
 import org.opensaml.common.xml.SAMLConstants;
-import org.opensaml.saml2.core.ArtifactResponse;
 import org.opensaml.saml2.core.Assertion;
 import org.opensaml.saml2.core.Attribute;
 import org.opensaml.saml2.core.AttributeStatement;
@@ -21,6 +20,7 @@ import org.opensaml.saml2.core.Conditions;
 import org.opensaml.saml2.core.Issuer;
 import org.opensaml.saml2.core.NameID;
 import org.opensaml.saml2.core.RequestedAuthnContext;
+import org.opensaml.saml2.core.Response;
 import org.opensaml.saml2.core.Subject;
 import org.opensaml.saml2.core.SubjectConfirmation;
 import org.opensaml.saml2.core.SubjectConfirmationData;
@@ -89,6 +89,11 @@ public class AuthnRequestHandler implements IRequestHandler, PVPConstants {
 			throw new NoAuthContextException("QAA not available Only supported QAA: " + STORK_QAA_1_4, null);
 		}
 		
+		AuthenticationSession authSession =
+				AuthenticationManager.getAuthenticationSession(req.getSession());
+		
+		//authSession.getM
+		
 		Assertion assertion = SAML2Utils.createSAMLObject(Assertion.class);
 
 		reqAuthnContextClassRefIt = reqAuthnContext.getAuthnContextClassRefs().iterator();
@@ -134,10 +139,6 @@ public class AuthnRequestHandler implements IRequestHandler, PVPConstants {
 		AttributeConsumingService attributeConsumingService =
 				spSSODescriptor.getAttributeConsumingServices().get(idx);
 		
-		
-		AuthenticationSession authSession =
-				AuthenticationManager.getAuthenticationSession(req.getSession());
-		
 		AttributeStatement attributeStatement = SAML2Utils.createSAMLObject(AttributeStatement.class);
 		
 		Iterator<RequestedAttribute> it = attributeConsumingService.getRequestAttributes().iterator();
@@ -210,14 +211,14 @@ public class AuthnRequestHandler implements IRequestHandler, PVPConstants {
 		assertion.setID(SAML2Utils.getSecureIdentifier());
 		assertion.setIssueInstant(new DateTime());
 		
-		ArtifactResponse authResponse = SAML2Utils.createSAMLObject(ArtifactResponse.class);
+		Response authResponse = SAML2Utils.createSAMLObject(Response.class);
 		
 		Issuer nissuer = SAML2Utils.createSAMLObject(Issuer.class);
 		nissuer.setValue(PVPConfiguration.getInstance().getIDPIssuerName());
 		nissuer.setFormat(NameID.ENTITY);
 		authResponse.setIssuer(nissuer);
 		authResponse.setInResponseTo(authnRequest.getID());
-		authResponse.setMessage(assertion);
+		authResponse.getAssertions().add(assertion);
 		authResponse.setStatus(SAML2Utils.getSuccessStatus());
 	
 		aIdx = authnRequest.getAssertionConsumerServiceIndex();
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/ExceptionStoreImpl.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/ExceptionStoreImpl.java
new file mode 100644
index 000000000..5ea3be837
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/ExceptionStoreImpl.java
@@ -0,0 +1,36 @@
+package at.gv.egovernment.moa.id.storage;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import at.gv.egovernment.moa.id.util.Random;
+
+public class ExceptionStoreImpl implements IExceptionStore {
+
+	// Just a quick implementation
+	private static IExceptionStore store;
+	
+	public static IExceptionStore getStore() {
+		if(store == null) {
+			store = new ExceptionStoreImpl();
+		}
+		return store;
+	}
+	
+	private Map<String, Throwable> exceptionStore = new HashMap<String, Throwable>();
+	
+	public String storeException(Throwable e) {
+		String id = Random.nextRandom();
+		exceptionStore.put(id, e);
+		return id;
+	}
+
+	public Throwable fetchException(String id) {
+		return exceptionStore.get(id);
+	}
+
+	public void removeException(String id) {
+		exceptionStore.remove(id);
+	}
+
+}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/IExceptionStore.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/IExceptionStore.java
new file mode 100644
index 000000000..5c51fff73
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/IExceptionStore.java
@@ -0,0 +1,7 @@
+package at.gv.egovernment.moa.id.storage;
+
+public interface IExceptionStore {
+	public String storeException(Throwable e);
+	public Throwable fetchException(String id);
+	public void removeException(String id);
+}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ServletUtils.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ServletUtils.java
index 2ff9e5210..db6d7aa53 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ServletUtils.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ServletUtils.java
@@ -31,6 +31,7 @@ import java.io.IOException;
 import java.io.OutputStream;
 import java.net.URLEncoder;
 
+import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
 import at.gv.egovernment.moa.id.MOAIDException;
@@ -145,5 +146,17 @@ public class ServletUtils {
       Logger.debug("Finished POST " + servletName);
     
   }
-
+
+  public static String getBaseUrl( HttpServletRequest request ) {
+	    if ( ( request.getServerPort() == 80 ) ||
+	         ( request.getServerPort() == 443 ) )
+	      return request.getScheme() + "://" +
+	             request.getServerName() +
+	             request.getContextPath();
+	    else
+	      return request.getScheme() + "://" +
+	             request.getServerName() + ":" + request.getServerPort() +
+	             request.getContextPath();
+	  }
+  
 }
author	Andreas Fitzek <andreas.fitzek@iaik.tugraz.at>	2013-06-18 11:12:04 +0200
committer	Andreas Fitzek <andreas.fitzek@iaik.tugraz.at>	2013-06-18 11:12:04 +0200
commit	2f0511d495a107b3a48b378084f0bbc74d7d5fb7 (patch)
tree	8a6df12bdb6a26545d2849d008611a4c4515a479 /id/server/idserverlib/src
parent	e950948eb691581e58607e633847e6f4b93769f9 (diff)
download	moa-id-spss-2f0511d495a107b3a48b378084f0bbc74d7d5fb7.tar.gz moa-id-spss-2f0511d495a107b3a48b378084f0bbc74d7d5fb7.tar.bz2 moa-id-spss-2f0511d495a107b3a48b378084f0bbc74d7d5fb7.zip