aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib
diff options
context:
space:
mode:
authorkstranacher <kstranacher@d688527b-c9ab-4aba-bd8d-4036d912da1d>2012-02-10 16:21:09 +0000
committerkstranacher <kstranacher@d688527b-c9ab-4aba-bd8d-4036d912da1d>2012-02-10 16:21:09 +0000
commit583d95af8f722f60cf848e603f12f6c0be0e9a59 (patch)
tree9dc0b16193bef244e0c31ff181e48caf7bdc6f74 /id/server/idserverlib
parent8038e84084386965fb44ca4492f666dd27af186e (diff)
downloadmoa-id-spss-583d95af8f722f60cf848e603f12f6c0be0e9a59.tar.gz
moa-id-spss-583d95af8f722f60cf848e603f12f6c0be0e9a59.tar.bz2
moa-id-spss-583d95af8f722f60cf848e603f12f6c0be0e9a59.zip
* Ausbau MOASecurityManager (nicht anwendbar da SecurityManager nur systemweit gesetzt werden kann)
* Update ExternalURIResolver mit ExternalURIVerifier der gegen Blackliste checkt git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/trunk@1238 d688527b-c9ab-4aba-bd8d-4036d912da1d
Diffstat (limited to 'id/server/idserverlib')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java2
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java139
2 files changed, 71 insertions, 70 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
index b8fa4f412..355918f2d 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
@@ -419,7 +419,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
templateURL = session.getTemplateURL();
}
if (templateURL != null) {
- try {
+ try {
template = new String(FileUtils.readURL(templateURL));
} catch (IOException ex) {
throw new AuthenticationException(
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java
index 5ae508358..a51fa483f 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java
@@ -225,12 +225,13 @@ public class VerifyAuthenticationBlockServlet extends AuthServlet {
} else {
redirectURL = new DataURLBuilder().buildDataURL(session.getAuthURL(), AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, session.getSessionID());
}
-
+
resp.setContentType("text/html");
resp.setStatus(302);
- resp.addHeader("Location", redirectURL);
- Logger.debug("REDIRECT TO: " + redirectURL);
+ resp.addHeader("Location", redirectURL);
+ Logger.debug("REDIRECT TO: " + redirectURL);
+
}
}
@@ -254,72 +255,72 @@ public class VerifyAuthenticationBlockServlet extends AuthServlet {
* @param session
* @throws IOException
*/
- private void callMISService(AuthenticationSession session, HttpServletRequest req, HttpServletResponse resp) throws IOException {
-
- try {
- AuthConfigurationProvider authConf= AuthConfigurationProvider.getInstance();
- ConnectionParameter connectionParameters = authConf.getOnlineMandatesConnectionParameter();
- SSLSocketFactory sslFactory = SSLUtils.getSSLSocketFactory(AuthConfigurationProvider.getInstance(), connectionParameters);
-
- // get identitity link as byte[]
- Element elem = session.getIdentityLink().getSamlAssertion();
- String s = DOMUtils.serializeNode(elem);
-
- System.out.println("IDL: " + s);
-
- byte[] idl = s.getBytes();
-
- // redirect url
- // build redirect(to the GetMISSessionIdSerlvet)
- String redirectURL =
- new DataURLBuilder().buildDataURL(
- session.getAuthURL(),
- GET_MIS_SESSIONID,
- session.getSessionID());
-
- String oaURL = session.getOAURLRequested();
- OAAuthParameter oaParam = authConf.getOnlineApplicationParameter(oaURL);
- String profiles = oaParam.getMandateProfiles();
-
- if (profiles == null) {
- Logger.error("No Mandate/Profile for OA configured.");
- throw new AuthenticationException("auth.16", new Object[] { GET_MIS_SESSIONID});
- }
-
- String profilesArray[] = profiles.split(",");
- for(int i = 0; i < profilesArray.length; i++) {
- profilesArray[i] = profilesArray[i].trim();
- }
-
- String oaFriendlyName = oaParam.getFriendlyName();
- String mandateReferenceValue = session.getMandateReferenceValue();
- X509Certificate cert = session.getSignerCertificate();
- MISSessionId misSessionID = MISSimpleClient.sendSessionIdRequest(connectionParameters.getUrl(), idl, cert.getEncoded(), oaFriendlyName, redirectURL, mandateReferenceValue, profilesArray, sslFactory);
- String redirectMISGUI = misSessionID.getRedirectURL();
-
- if (misSessionID == null) {
- Logger.error("Fehler bei Anfrage an Vollmachten Service. MIS Session ID ist null.");
- throw new MISSimpleClientException("Fehler bei Anfrage an Vollmachten Service.");
- }
-
- session.setMISSessionID(misSessionID.getSessiondId());
-
- resp.setStatus(302);
- resp.addHeader("Location", redirectMISGUI);
- Logger.debug("REDIRECT TO: " + redirectURL);
- }
- catch (MOAIDException ex) {
- handleError(null, ex, req, resp);
- } catch (GeneralSecurityException ex) {
- handleError(null, ex, req, resp);
- } catch (PKIException e) {
- handleError(null, e, req, resp);
- } catch (MISSimpleClientException e) {
- handleError(null, e, req, resp);
- } catch (TransformerException e) {
- handleError(null, e, req, resp);
- }
- }
+// private void callMISService(AuthenticationSession session, HttpServletRequest req, HttpServletResponse resp) throws IOException {
+//
+// try {
+// AuthConfigurationProvider authConf= AuthConfigurationProvider.getInstance();
+// ConnectionParameter connectionParameters = authConf.getOnlineMandatesConnectionParameter();
+// SSLSocketFactory sslFactory = SSLUtils.getSSLSocketFactory(AuthConfigurationProvider.getInstance(), connectionParameters);
+//
+// // get identitity link as byte[]
+// Element elem = session.getIdentityLink().getSamlAssertion();
+// String s = DOMUtils.serializeNode(elem);
+//
+// System.out.println("IDL: " + s);
+//
+// byte[] idl = s.getBytes();
+//
+// // redirect url
+// // build redirect(to the GetMISSessionIdSerlvet)
+// String redirectURL =
+// new DataURLBuilder().buildDataURL(
+// session.getAuthURL(),
+// GET_MIS_SESSIONID,
+// session.getSessionID());
+//
+// String oaURL = session.getOAURLRequested();
+// OAAuthParameter oaParam = authConf.getOnlineApplicationParameter(oaURL);
+// String profiles = oaParam.getMandateProfiles();
+//
+// if (profiles == null) {
+// Logger.error("No Mandate/Profile for OA configured.");
+// throw new AuthenticationException("auth.16", new Object[] { GET_MIS_SESSIONID});
+// }
+//
+// String profilesArray[] = profiles.split(",");
+// for(int i = 0; i < profilesArray.length; i++) {
+// profilesArray[i] = profilesArray[i].trim();
+// }
+//
+// String oaFriendlyName = oaParam.getFriendlyName();
+// String mandateReferenceValue = session.getMandateReferenceValue();
+// X509Certificate cert = session.getSignerCertificate();
+// MISSessionId misSessionID = MISSimpleClient.sendSessionIdRequest(connectionParameters.getUrl(), idl, cert.getEncoded(), oaFriendlyName, redirectURL, mandateReferenceValue, profilesArray, sslFactory);
+// String redirectMISGUI = misSessionID.getRedirectURL();
+//
+// if (misSessionID == null) {
+// Logger.error("Fehler bei Anfrage an Vollmachten Service. MIS Session ID ist null.");
+// throw new MISSimpleClientException("Fehler bei Anfrage an Vollmachten Service.");
+// }
+//
+// session.setMISSessionID(misSessionID.getSessiondId());
+//
+// resp.setStatus(302);
+// resp.addHeader("Location", redirectMISGUI);
+// Logger.debug("REDIRECT TO: " + redirectURL);
+// }
+// catch (MOAIDException ex) {
+// handleError(null, ex, req, resp);
+// } catch (GeneralSecurityException ex) {
+// handleError(null, ex, req, resp);
+// } catch (PKIException e) {
+// handleError(null, e, req, resp);
+// } catch (MISSimpleClientException e) {
+// handleError(null, e, req, resp);
+// } catch (TransformerException e) {
+// handleError(null, e, req, resp);
+// }
+// }
/**
* Adds a parameter to a URL.
* @param url the URL