update libs

6 files changed, 22 insertions, 280 deletions

diff --git a/id/server/idserverlib/pom.xml b/id/server/idserverlib/pom.xml
index 1c8d89fb4..b226f01b3 100644
--- a/id/server/idserverlib/pom.xml
+++ b/id/server/idserverlib/pom.xml
@@ -182,11 +182,11 @@
 		</dependency>

 		

 		<!-- Required for MOA-SPSS API access -->

-		<dependency>

+<!-- 		<dependency>

 			<groupId>com.sun.xml.rpc</groupId>

 			<artifactId>jaxrpc-impl</artifactId>

 			<version>1.1.3_01</version>

-		</dependency>

+		</dependency> -->

 		

 		

 		<dependency>

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationProviderImpl.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationProviderImpl.java
index db6ff8d9b..395aeaadb 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationProviderImpl.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationProviderImpl.java
@@ -57,7 +57,6 @@ import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils;
 import at.gv.egovernment.moa.id.commons.db.StatisticLogDBUtils;
 import at.gv.egovernment.moa.id.commons.db.dao.session.AssertionStore;
 import at.gv.egovernment.moa.id.commons.db.dao.session.AuthenticatedSessionStore;
-import at.gv.egovernment.moa.id.commons.db.dao.session.ExceptionStore;
 import at.gv.egovernment.moa.id.commons.db.dao.session.InterfederationSessionStore;
 import at.gv.egovernment.moa.id.commons.db.dao.session.OASessionStore;
 import at.gv.egovernment.moa.id.commons.db.dao.session.OldSSOSessionIDStore;
@@ -221,7 +220,6 @@ public abstract class ConfigurationProviderImpl implements ConfigurationProvider
 					config.addAnnotatedClass(AuthenticatedSessionStore.class);
 					config.addAnnotatedClass(OASessionStore.class);
 					config.addAnnotatedClass(OldSSOSessionIDStore.class);
-					config.addAnnotatedClass(ExceptionStore.class);
 					config.addAnnotatedClass(InterfederationSessionStore.class);
 					config.addAnnotatedClass(ProcessInstanceStore.class);
 					config.addProperties(moaSessionProp);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java
index ae88f3ea4..dfe9ecb49 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java
@@ -34,6 +34,7 @@ import org.hibernate.HibernateException;
 import org.hibernate.Query;
 import org.hibernate.Session;
 import org.hibernate.Transaction;
+import org.hibernate.resource.transaction.spi.TransactionStatus;
 import org.opensaml.saml2.core.LogoutRequest;
 import org.opensaml.saml2.core.LogoutResponse;
 import org.opensaml.saml2.metadata.SingleLogoutService;
@@ -274,7 +275,7 @@ public class SingleLogOutAction implements IAction {
 					throw new AuthenticationException("pvp2.13", new Object[]{});
 
 				} finally {
-					if (tx != null && !tx.wasCommitted()) {
+					if (tx != null && !tx.getStatus().equals(TransactionStatus.COMMITTED)) {
 						tx.commit();
 						
 					}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBAuthenticationSessionStoreage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBAuthenticationSessionStoreage.java
index 43b4ecf17..094e25040 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBAuthenticationSessionStoreage.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBAuthenticationSessionStoreage.java
@@ -32,6 +32,7 @@ import org.hibernate.HibernateException;
 import org.hibernate.Query;
 import org.hibernate.Session;
 import org.hibernate.Transaction;
+import org.hibernate.resource.transaction.spi.TransactionStatus;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 
@@ -231,7 +232,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
 			  }
 			  
 		  } catch (Exception e) {
-			  if (tx != null && !tx.wasCommitted())
+			  if (tx != null && !tx.getStatus().equals(TransactionStatus.COMMITTED))
 				  tx.rollback();
 			  throw e;
 			  
@@ -321,7 +322,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
 			 
 			  }
 		  } catch (Exception e) {
-			  if (tx != null && !tx.wasCommitted())
+			  if (tx != null && !tx.getStatus().equals(TransactionStatus.COMMITTED))
 				  tx.rollback();
 			  throw e;
 		  }
@@ -371,7 +372,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
 				  return result.get(0);
 			  }
 		  } catch (Exception e) {
-			  if (tx != null && !tx.wasCommitted())
+			  if (tx != null && !tx.getStatus().equals(TransactionStatus.COMMITTED))
 				  tx.rollback();
 			  throw e;
 		  }
@@ -477,7 +478,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
 			
 		} catch(HibernateException e) {
 	  		Logger.warn("Error during database saveOrUpdate. Rollback.", e);
-	  		if (tx != null && !tx.wasCommitted())
+	  		if (tx != null && !tx.getStatus().equals(TransactionStatus.COMMITTED))
 	  			tx.rollback();
 	  		throw new AuthenticationException("SSO Session information can not be stored!  --> SSO is deactivated", null);	
 	  	}
@@ -504,7 +505,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
 			
 		} catch (Exception e) {
 			if (session != null && session.getTransaction() != null 
-					&& !session.getTransaction().wasCommitted()) {
+					&& !session.getTransaction().getStatus().equals(TransactionStatus.COMMITTED)) {
 				session.getTransaction().rollback();
 				throw e;
 				
@@ -534,7 +535,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
 			
 		} catch (Exception e) {
 			if (session != null && session.getTransaction() != null 
-					&& !session.getTransaction().wasCommitted()) {
+					&& !session.getTransaction().getStatus().equals(TransactionStatus.COMMITTED)) {
 				session.getTransaction().rollback();
 				throw e;
 				
@@ -583,7 +584,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
 			return null;
 			
 		} catch (Exception e) {
-			if (tx != null && !tx.wasCommitted())
+			if (tx != null && !tx.getStatus().equals(TransactionStatus.COMMITTED))
 				tx.rollback();
 			throw e;
 		}
@@ -626,7 +627,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
 			  return  result.get(0).getActiveOAsessions().get(0);
 			  
 		  } catch (Exception e) {
-				if (tx != null && !tx.wasCommitted())
+				if (tx != null && !tx.getStatus().equals(TransactionStatus.COMMITTED))
 					tx.rollback();
 				throw e;
 			}
@@ -665,7 +666,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
 											
 		} catch (Throwable e) {
 			Logger.warn("MOASession deserialization-exception by using MOASessionID=" + nameID);			
-			if (tx != null && !tx.wasCommitted())
+			if (tx != null && !tx.getStatus().equals(TransactionStatus.COMMITTED))
 				tx.rollback();
 			return null;
 		}
@@ -702,7 +703,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
 			  
 			  return result.get(0).getInderfederation().get(0);
 		} catch (Exception e) {
-			if (tx != null && !tx.wasCommitted())
+			if (tx != null && !tx.getStatus().equals(TransactionStatus.COMMITTED))
 				tx.rollback();
 			throw e;
 		}	
@@ -740,7 +741,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
 			  
 			  return result.get(0).getInderfederation().get(0);
 		  } catch (Exception e) {
-				if (tx != null && !tx.wasCommitted())
+				if (tx != null && !tx.getStatus().equals(TransactionStatus.COMMITTED))
 					tx.rollback();
 				throw e;
 		  }	
@@ -856,7 +857,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
 			  
 			  return result.get(0).getInderfederation().get(0);
 		} catch (Exception e) {
-			if (tx != null && !tx.wasCommitted())
+			if (tx != null && !tx.getStatus().equals(TransactionStatus.COMMITTED))
 				tx.rollback();
 			throw e;
 		}	
@@ -948,7 +949,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
 			}
 			
 		} catch (Exception e) {
-			if (tx != null && !tx.wasCommitted())
+			if (tx != null && !tx.getStatus().equals(TransactionStatus.COMMITTED))
 				tx.rollback();
 			throw e;
 		}	
@@ -1018,7 +1019,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
 			  return (AuthenticatedSessionStore) result.get(0);
 			  
 		  } catch (Exception e) {
-				if (tx != null && !tx.wasCommitted() && commit)
+				if (tx != null && !tx.getStatus().equals(TransactionStatus.COMMITTED) && commit)
 					tx.rollback();
 				throw e;
 		}	
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/AxisSecureSocketFactory.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/AxisSecureSocketFactory.java
deleted file mode 100644
index fff5fac96..000000000
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/AxisSecureSocketFactory.java
+++ /dev/null
@@ -1,258 +0,0 @@
-/*******************************************************************************
- * Copyright 2014 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- * 
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- * 
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- ******************************************************************************/
-/*
- * Copyright 2003 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package at.gv.egovernment.moa.id.util;
-
-import java.io.BufferedWriter;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.io.OutputStreamWriter;
-import java.io.PrintWriter;
-import java.net.Socket;
-import java.security.GeneralSecurityException;
-import java.util.Hashtable;
-
-import javax.net.ssl.SSLSocket;
-import javax.net.ssl.SSLSocketFactory;
-
-import org.apache.axis.components.net.BooleanHolder;
-import org.apache.axis.components.net.DefaultSocketFactory;
-import org.apache.axis.components.net.SocketFactory;
-import org.apache.axis.components.net.TransportClientProperties;
-import org.apache.axis.components.net.TransportClientPropertiesFactory;
-import org.apache.axis.utils.Messages;
-import org.apache.axis.utils.XMLUtils;
-
-import at.gv.egovernment.moa.logging.Logger;
-
-/**
- * Secure socket factory for Axis webs service clients of the MOA-ID component,
- * which are the MOA-SP calls from MOA-ID Auth, 
- * and the MOA-ID Auth calls from MOA-ID Proxy.
- * <br/>Use this initialization code:<br/>
- * <code>	// ConnectionParameter connParam = ... get from ConfigurationProvider
- * 	AxisSecureSocketFactory.initialize(connParam);</code>
- * <br/>See the Apache Axis documentation on how to configure this class
- * as the default secure socket factory to be used by Axis.
- * <br/>
- * This code has been copied from <code>JSSESocketFactory</code>, the
- * method <code>initialize()</code> has been added.
- * 
- * 
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class AxisSecureSocketFactory
-  extends DefaultSocketFactory implements SocketFactory {
-
-  /** Field sslFactory           */
-  private static SSLSocketFactory sslFactory;
-
-  /**
-   * Constructor for AxisSecureSocketFactory.
-   * @param attributes ???
-   */
-  public AxisSecureSocketFactory(Hashtable attributes) {
-    super(attributes);
-  }
-  /**
-   * Initializes the factory by setting the connection parameters to be used for
-   * setting the secure socket factory, and by setting the system property 
-   * <code>axis.socketSecureFactory</code>.
-   * @param ssf <code>SSLSocketFactory</code> to initialize with
-   */
-  public static void initialize(SSLSocketFactory ssf)
-    throws IOException, GeneralSecurityException {
-
-    Logger.debug("Initialize AxisSecureSocketFactory");
-    sslFactory = ssf;
-  }
-
-  /**
-   * creates a secure socket
-   *
-   * @param host
-   * @param port
-   * @param otherHeaders
-   * @param useFullURL
-   *
-   * @return Socket
-   * @throws Exception
-   */
-  public Socket create(
-    String host,
-    int port,
-    StringBuffer otherHeaders,
-    BooleanHolder useFullURL)
-    throws Exception {
-    if (port == -1) {
-      port = 443;
-    }
-
-    TransportClientProperties tcp =
-      TransportClientPropertiesFactory.create("https");
-
-    boolean hostInNonProxyList =
-      isHostInNonProxyList(host, tcp.getNonProxyHosts());
-
-    Socket sslSocket = null;
-    if (tcp.getProxyHost().length() == 0 || hostInNonProxyList) {
-      // direct SSL connection
-      sslSocket = sslFactory.createSocket(host, port);
-    }
-    else {
-
-      // Default proxy port is 80, even for https
-      int tunnelPort =
-        (tcp.getProxyPort().length() != 0)
-          ? Integer.parseInt(tcp.getProxyPort())
-          : 80;
-      if (tunnelPort < 0)
-        tunnelPort = 80;
-
-      // Create the regular socket connection to the proxy
-      Socket tunnel = new Socket(tcp.getProxyHost(), tunnelPort);
-
-      // The tunnel handshake method (condensed and made reflexive)
-      OutputStream tunnelOutputStream = tunnel.getOutputStream();
-      PrintWriter out =
-        new PrintWriter(
-          new BufferedWriter(new OutputStreamWriter(tunnelOutputStream)));
-
-      // More secure version... engage later?
-      // PasswordAuthentication pa =
-      // Authenticator.requestPasswordAuthentication(
-      // InetAddress.getByName(tunnelHost),
-      // tunnelPort, "SOCK", "Proxy","HTTP");
-      // if(pa == null){
-      // printDebug("No Authenticator set.");
-      // }else{
-      // printDebug("Using Authenticator.");
-      // tunnelUser = pa.getUserName();
-      // tunnelPassword = new String(pa.getPassword());
-      // }
-      out.print(
-        "CONNECT "
-          + host
-          + ":"
-          + port
-          + " HTTP/1.0\r\n"
-          + "User-Agent: AxisClient");
-      if (tcp.getProxyUser().length() != 0
-        && tcp.getProxyPassword().length() != 0) {
-
-        // add basic authentication header for the proxy
-        String encodedPassword =
-          XMLUtils.base64encode(
-            (tcp.getProxyUser() + ":" + tcp.getProxyPassword()).getBytes());
-
-        out.print("\nProxy-Authorization: Basic " + encodedPassword);
-      }
-      out.print("\nContent-Length: 0");
-      out.print("\nPragma: no-cache");
-      out.print("\r\n\r\n");
-      out.flush();
-      InputStream tunnelInputStream = tunnel.getInputStream();
-
-      if (log.isDebugEnabled()) {
-        log.debug(
-          Messages.getMessage(
-            "isNull00",
-            "tunnelInputStream",
-            "" + (tunnelInputStream == null)));
-      }
-      String replyStr = "";
-
-      // Make sure to read all the response from the proxy to prevent SSL negotiation failure
-      // Response message terminated by two sequential newlines
-      int newlinesSeen = 0;
-      boolean headerDone = false; /* Done on first newline */
-
-      while (newlinesSeen < 2) {
-        int i = tunnelInputStream.read();
-
-        if (i < 0) {
-          throw new IOException("Unexpected EOF from proxy");
-        }
-        if (i == '\n') {
-          headerDone = true;
-          ++newlinesSeen;
-        }
-        else if (i != '\r') {
-          newlinesSeen = 0;
-          if (!headerDone) {
-            replyStr += String.valueOf((char) i);
-          }
-        }
-      }
-      if (!replyStr.startsWith("HTTP/1.0 200")
-        && !replyStr.startsWith("HTTP/1.1 200")) {
-        throw new IOException(
-          Messages.getMessage(
-            "cantTunnel00",
-            new String[] { tcp.getProxyHost(), "" + tunnelPort, replyStr }));
-      }
-
-      // End of condensed reflective tunnel handshake method
-      sslSocket = sslFactory.createSocket(tunnel, host, port, true);
-      if (log.isDebugEnabled()) {
-        log.debug(
-          Messages.getMessage(
-            "setupTunnel00",
-            tcp.getProxyHost(),
-            "" + tunnelPort));
-      }
-    }
-
-    ((SSLSocket) sslSocket).startHandshake();
-    if (log.isDebugEnabled()) {
-      log.debug(Messages.getMessage("createdSSL00"));
-    }
-    return sslSocket;
-  }
-
-}
diff --git a/id/server/idserverlib/src/main/resources/moaid.configuration.beans.xml b/id/server/idserverlib/src/main/resources/moaid.configuration.beans.xml
index 5855fc766..9c27ba581 100644
--- a/id/server/idserverlib/src/main/resources/moaid.configuration.beans.xml
+++ b/id/server/idserverlib/src/main/resources/moaid.configuration.beans.xml
@@ -15,7 +15,7 @@
 		<constructor-arg value="#{systemProperties['moa.id.configuration']}"/>
 	</bean>
 	
-	<bean id="dataSource" class="org.apache.commons.dbcp.BasicDataSource" lazy-init="true" destroy-method="close">
+	<bean id="dataSource" class="org.apache.commons.dbcp2.BasicDataSource" lazy-init="true" destroy-method="close">
 		<aop:scoped-proxy/>
 		<property name="driverClassName" value="${configuration.hibernate.connection.driver_class}" />
 		<property name="url" value="${configuration.hibernate.connection.url}"/>
@@ -24,10 +24,10 @@
 				
 		<property name="connectionProperties" value="${configuration.dbcp.connectionProperties}" />
 		<property name="initialSize" value="${configuration.dbcp.initialSize}" />		
-		<property name="maxActive" value="${configuration.dbcp.maxActive}" />
+		<property name="maxTotal" value="${configuration.dbcp.maxActive}" />
 		<property name="maxIdle" value="${configuration.dbcp.maxIdle}" />
 		<property name="minIdle" value="${configuration.dbcp.minIdle}" />
-		<property name="maxWait" value="${configuration.dbcp.maxWaitMillis}" />
+		<!-- property name="maxWait" value="${configuration.dbcp.maxWaitMillis}" / -->
 		<property name="testOnBorrow" value="${configuration.dbcp.testOnBorrow}" />
 		<property name="testOnReturn" value="${configuration.dbcp.testOnReturn}" />
 		<property name="testWhileIdle" value="${configuration.dbcp.testWhileIdle}" />