* Update Mindestanforderung JDK für Online-Vollmachten

* Update Online-Vollmachten-Ablauf

git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/trunk@1234 d688527b-c9ab-4aba-bd8d-4036d912da1d

2 files changed, 76 insertions, 32 deletions

diff --git a/id/server/doc/moa_id/id-admin.htm b/id/server/doc/moa_id/id-admin.htm
index 7d014299e..98f1e2cd0 100644
--- a/id/server/doc/moa_id/id-admin.htm
+++ b/id/server/doc/moa_id/id-admin.htm
@@ -111,11 +111,12 @@ Die Basis-Installation stellt einerseits die minimalen Anforderungen für de
 Folgende Software ist Voraussetzung für die Basis-Installation:
 
 <ul>
-<li>JDK 1.4.0, JDK 1.4.2, JDK 1.5.0 oder JDK 1.6</li>
+<li>JDK 1.4.0, JDK 1.4.2, JDK 1.5.0 oder JDK 1.6*)</li>
 <li>Tomcat 4.1.31, Tomcat 5.0.28, Tomcat 5.5 oder Tomcat 6</li>
 <li>MOA-ID-AUTH 1.5 </li>
 <li>MOA SP/SS 1.5 oder neuer (entweder als WebService oder direkt als interne Bibliothek)</li>
 </ul>
+<p>*) F&uuml;r den Online-Vollmachten-Modus m&uuml;ssen zumindest JDK 6 Update 22, JDK 5 Update 26 oder JDK 1.4.2 Update 28 eingesetzt werden. </p>
 </div>
 <div id="block">
 Um m&ouml;glichen Versionskonflikten aus dem Weg zu gehen sollten stets die neuesten Versionen von MOA-ID als auch von MOA-SP/SS verwendet werden. <br/>
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java
index 17cbe7a3d..5ae508358 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java
@@ -161,47 +161,90 @@ public class VerifyAuthenticationBlockServlet extends AuthServlet {
 			if (samlArtifactBase64 == null) { 
 				//mandate Mode
 			
-				callMISService(session, req, resp);
-				
-				//Logger.debug("Send InfoboxReadRequest to BKU to get signer certificate.");
-    			
-     		   //String infoboxReadRequest = new InfoboxReadRequestBuilderCertificate().build(true);
+				  AuthConfigurationProvider authConf= AuthConfigurationProvider.getInstance();
+					ConnectionParameter connectionParameters = authConf.getOnlineMandatesConnectionParameter();	
+					SSLSocketFactory sslFactory = SSLUtils.getSSLSocketFactory(AuthConfigurationProvider.getInstance(), connectionParameters);
+					
+					// get identitity link as byte[]
+					Element elem = session.getIdentityLink().getSamlAssertion();
+					String s = DOMUtils.serializeNode(elem);
+					
+					//System.out.println("IDL: " + s);
+					
+					byte[] idl = s.getBytes();
+					
+					// redirect url
+					// build redirect(to the GetMISSessionIdSerlvet)
+			        redirectURL =
+			              new DataURLBuilder().buildDataURL(
+			                session.getAuthURL(),
+			                GET_MIS_SESSIONID,
+			                session.getSessionID());
+					
+			        String oaURL = session.getOAURLRequested();
+			        OAAuthParameter oaParam = authConf.getOnlineApplicationParameter(oaURL);
+			        String profiles = oaParam.getMandateProfiles();
 
-     		   // build dataurl
-//     		   String dataurl =
-//                 new DataURLBuilder().buildDataURL(
-//                   session.getAuthURL(),
-//                   REQ_VERIFY_CERTIFICATE,
-//                   session.getSessionID());
-           
-          
-     		  //Logger.debug("ContentType set to: application/x-www-form-urlencoded (ServletUtils)");
-     		  //ServletUtils.writeCreateXMLSignatureRequestURLEncoded(resp, session, infoboxReadRequest, AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, "VerifyIdentityLink", dataurl);
-     		  //Logger.debug("ContentType set to: text/xml;charset=UTF-8 (ServletUtils)");
-     		  //ServletUtils.writeCreateXMLSignatureRequest(resp, session, infoboxReadRequest, AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, "VerifyIdentityLink", dataurl);
+			        if (profiles == null) {
+			      	  Logger.error("No Mandate/Profile for OA configured.");
+			      	  throw new AuthenticationException("auth.16", new Object[] { GET_MIS_SESSIONID});
+			        }
+			        
+			        String profilesArray[] = profiles.split(",");  	 		 
+			        for(int i = 0; i < profilesArray.length; i++) {
+			      	  profilesArray[i] = profilesArray[i].trim();
+			        }
+			        
+			        String oaFriendlyName = oaParam.getFriendlyName();
+			        String mandateReferenceValue = session.getMandateReferenceValue();
+			        X509Certificate cert = session.getSignerCertificate();
+			        MISSessionId misSessionID = MISSimpleClient.sendSessionIdRequest(connectionParameters.getUrl(), idl, cert.getEncoded(), oaFriendlyName, redirectURL, mandateReferenceValue, profilesArray, sslFactory);
+			        String redirectMISGUI = misSessionID.getRedirectURL();
+			        
+			        if (misSessionID == null) {
+			      	  Logger.error("Fehler bei Anfrage an Vollmachten Service. MIS Session ID ist null.");
+			      	  throw new MISSimpleClientException("Fehler bei Anfrage an Vollmachten Service.");
+			        }
+			        
+			        session.setMISSessionID(misSessionID.getSessiondId());
 				
+			        resp.setStatus(302);
+			    	  resp.addHeader("Location", redirectMISGUI);
+			    	  Logger.debug("REDIRECT TO: " + redirectURL);
 			}
+			else {
 			
-			if (!samlArtifactBase64.equals("Redirect to Input Processor")) {
-			  redirectURL = session.getOAURLRequested();
-  			if (!session.getBusinessService()) {
-          redirectURL = addURLParameter(redirectURL, PARAM_TARGET, URLEncoder.encode(session.getTarget(), "UTF-8"));
-        }
-  			redirectURL = addURLParameter(redirectURL, PARAM_SAMLARTIFACT, URLEncoder.encode(samlArtifactBase64, "UTF-8"));
-  			redirectURL = resp.encodeRedirectURL(redirectURL);
-			} else {
-	      redirectURL = new DataURLBuilder().buildDataURL(session.getAuthURL(), AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, session.getSessionID());
-			}
-			resp.setContentType("text/html");
-			resp.setStatus(302);
+				if (!samlArtifactBase64.equals("Redirect to Input Processor")) {
+					redirectURL = session.getOAURLRequested();
+					if (!session.getBusinessService()) {
+						redirectURL = addURLParameter(redirectURL, PARAM_TARGET, URLEncoder.encode(session.getTarget(), "UTF-8"));
+	          
+					}
+					redirectURL = addURLParameter(redirectURL, PARAM_SAMLARTIFACT, URLEncoder.encode(samlArtifactBase64, "UTF-8"));
+					redirectURL = resp.encodeRedirectURL(redirectURL);
+				} else {
+					redirectURL = new DataURLBuilder().buildDataURL(session.getAuthURL(), AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, session.getSessionID());
+				}
+				
+				resp.setContentType("text/html");
+				resp.setStatus(302);
 			
-			resp.addHeader("Location", redirectURL);			
-			Logger.debug("REDIRECT TO: " + redirectURL);
+				resp.addHeader("Location", redirectURL);			
+				Logger.debug("REDIRECT TO: " + redirectURL);
+			}
 			
 		}
     
 		catch (MOAIDException ex) {
 			handleError(null, ex, req, resp);
+		} catch (GeneralSecurityException e) {
+			handleError(null, e, req, resp);
+		} catch (PKIException e) {
+			handleError(null, e, req, resp);
+		} catch (MISSimpleClientException e) {
+			handleError(null, e, req, resp);
+		} catch (TransformerException e) {
+			handleError(null, e, req, resp);
 		}
 
   }