aboutsummaryrefslogtreecommitdiff
path: root/id/server
diff options
context:
space:
mode:
authorkstranacher <kstranacher@d688527b-c9ab-4aba-bd8d-4036d912da1d>2011-10-11 16:02:54 +0000
committerkstranacher <kstranacher@d688527b-c9ab-4aba-bd8d-4036d912da1d>2011-10-11 16:02:54 +0000
commit6571af05b7574f6d752890301b9743b1243a05bd (patch)
tree1d30543c7d2c68b289913b5c52ffd69b8da82cba /id/server
parente80bee764aa587ceff3db421c7f68c8fd4e2f406 (diff)
downloadmoa-id-spss-6571af05b7574f6d752890301b9743b1243a05bd.tar.gz
moa-id-spss-6571af05b7574f6d752890301b9743b1243a05bd.tar.bz2
moa-id-spss-6571af05b7574f6d752890301b9743b1243a05bd.zip
MOA-ID:
* Fixed Bug #557 * Update Konfiguration: Target via Konfig fix konfigurierbar * Update Doku Common: * DOMUtils: Parser disabled external entities git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/trunk@1219 d688527b-c9ab-4aba-bd8d-4036d912da1d
Diffstat (limited to 'id/server')
-rw-r--r--id/server/auth/src/main/webapp/iframeHandyBKU.html6
-rw-r--r--id/server/auth/src/main/webapp/iframeOnlineBKU.html11
-rw-r--r--id/server/auth/src/main/webapp/index.html14
-rw-r--r--id/server/doc/MOA-ID-Configuration-1.5.1.xsd3
-rw-r--r--id/server/doc/MOA_ID_1.5_Anhang.pdfbin0 -> 70517 bytes
-rw-r--r--id/server/doc/moa_id/id-admin_2.htm5
-rw-r--r--id/server/doc/moa_id/moa.htm5
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java16
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java11
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java40
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParser.java14
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/SelectBKUServlet.java33
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/StartAuthenticationServlet.java45
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java18
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationBuilder.java23
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/OAParameter.java40
-rw-r--r--id/server/idserverlib/src/test/java/test/abnahme/A/Test100StartAuthentication.java12
-rw-r--r--id/server/idserverlib/src/test/java/test/abnahme/AbnahmeTestCase.java1
-rw-r--r--id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/AuthenticationServerTest.java2
-rw-r--r--id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilderTest.java2
20 files changed, 233 insertions, 68 deletions
diff --git a/id/server/auth/src/main/webapp/iframeHandyBKU.html b/id/server/auth/src/main/webapp/iframeHandyBKU.html
index a7e541b85..f07b73265 100644
--- a/id/server/auth/src/main/webapp/iframeHandyBKU.html
+++ b/id/server/auth/src/main/webapp/iframeHandyBKU.html
@@ -8,13 +8,11 @@
<script type="text/javascript">
// [MUSS] Geben Sie hier die URL zum Aufruf von MOA-ID an
// z.B.: https://yoururl.at/moa-id-auth/StartAuthentication?Target=IT&OA=https://youronlineapplication.at
- // var MOA_ID_STARTAUTHENTICATION = "[MOA_ID_STARTAUTHENTICATION]";
- var MOA_ID_STARTAUTHENTICATION = "https://localhost:8443/moa-id-auth/StartAuthentication?Target=ZU&OA=https://localhost:8443/TestMOAID_OA/LoginServletExample";
+ var MOA_ID_STARTAUTHENTICATION = "[MOA_ID_STARTAUTHENTICATION]";
// [MUSS] Geben Sie hier die URL zum MOA-ID Template fuer die Handy Signatur an -->
<!-- z.B.: value="https://yoururl.at/moa-id-auth/template_handyBKU.html"-->
- //var URL_TO_HANDYSIGNATUR_TEMPLATE = "[URL_TO_HANDYSIGNATUR_TEMPLATE]";
- var URL_TO_HANDYSIGNATUR_TEMPLATE = "https://localhost:8443/moa-id-auth/template_handyBKU.html";
+ var URL_TO_HANDYSIGNATUR_TEMPLATE = "[URL_TO_HANDYSIGNATUR_TEMPLATE]";
window.onload=function() {
diff --git a/id/server/auth/src/main/webapp/iframeOnlineBKU.html b/id/server/auth/src/main/webapp/iframeOnlineBKU.html
index 60f44ace9..4873245be 100644
--- a/id/server/auth/src/main/webapp/iframeOnlineBKU.html
+++ b/id/server/auth/src/main/webapp/iframeOnlineBKU.html
@@ -8,19 +8,16 @@
<script type="text/javascript">
// [MUSS] Geben Sie hier die URL zum Aufruf von MOA-ID an
// z.B.: https://yoururl.at/moa-id-auth/StartAuthentication?Target=IT&OA=https://youronlineapplication.at
- // var MOA_ID_STARTAUTHENTICATION = "[MOA_ID_STARTAUTHENTICATION]";
- var MOA_ID_STARTAUTHENTICATION = "https://localhost:8443/moa-id-auth/StartAuthentication?Target=ZU&OA=https://localhost:8443/TestMOAID_OA/LoginServletExample";
+ var MOA_ID_STARTAUTHENTICATION = "[MOA_ID_STARTAUTHENTICATION]";
// [MUSS] Geben Sie hier die URL zum MOA-ID Template fuer die Online BKU an
// z.B.: "https://yoururl.at/moa-id-auth/template_onlineBKU.html"
- //var URL_TO_ONLINEBKU_TEMPLATE = "[URL_TO_ONLINEBKU_TEMPLATE]";
- var URL_TO_ONLINEBKU_TEMPLATE = "https://localhost:8443/moa-id-auth/template_onlineBKU.html";
-
+ var URL_TO_ONLINEBKU_TEMPLATE = "[URL_TO_ONLINEBKU_TEMPLATE]";
+
// [MUSS] Geben Sie hier die URL zur Online BKU an
// z.B.: value="https://yoururl.at/bkuonline/https-security-layer-request"
// Hinweis: Diese URL muss auch bei den vertrauenswürdigen BKUs in der MOA-ID Konfiguration angegeben werden (siehe Element MOA-IDConfiguration/TrustedBKUs/BKUURL)
- //var URL_TO_ONLINEBKU = "[URL_TO_ONLINEBKU]";
- var URL_TO_ONLINEBKU = "https://localhost:8444/bkuonline/https-security-layer-request";
+ var URL_TO_ONLINEBKU = "[URL_TO_ONLINEBKU]";
window.onload=function() {
document.getElementById('moaidform').action = MOA_ID_STARTAUTHENTICATION;
diff --git a/id/server/auth/src/main/webapp/index.html b/id/server/auth/src/main/webapp/index.html
index d78f01f2a..6e60ae433 100644
--- a/id/server/auth/src/main/webapp/index.html
+++ b/id/server/auth/src/main/webapp/index.html
@@ -11,13 +11,11 @@
<script type="text/javascript">
// [MUSS] Geben Sie hier die URL zum Aufruf von MOA-ID an
// z.B.: https://yoururl.at/moa-id-auth/StartAuthentication?Target=IT&OA=https://youronlineapplication.at
- // var MOA_ID_STARTAUTHENTICATION = "[MOA_ID_STARTAUTHENTICATION]";
- var MOA_ID_STARTAUTHENTICATION = "https://localhost:8443/moa-id-auth/StartAuthentication?Target=ZU&OA=https://localhost:8443/TestMOAID_OA/LoginServletExample";
+ var MOA_ID_STARTAUTHENTICATION = "[MOA_ID_STARTAUTHENTICATION]";
// [MUSS] Geben Sie hier die URL zum MOA-ID Template fuer die lokale BKU an
// z.B.: https://yoururl.at/moa-id-auth/template_localBKU.html
- //var URL_TO_LOKALBKU_TEMPLATE = "[URL_TO_LOKALBKU_TEMPLATE]";
- var URL_TO_LOKALBKU_TEMPLATE = "https://localhost:8443/moa-id-auth/template_localBKU.html";
+ var URL_TO_LOKALBKU_TEMPLATE = "[URL_TO_LOKALBKU_TEMPLATE]";
window.onload=function() {
@@ -137,12 +135,8 @@
<div id="localBKU" style="display:none" class="hell">
<hr>
- <!-- [MUSS] Geben Sie hier die URL zum Aufruf von MOA-ID an -->
- <!-- z.B.: action="https://yoururl.at/moa-id-auth/StartAuthentication?Target=IT&OA=https://youronlineapplication.at"-->
<form method="post" id="moaidform">
<input type="hidden" name="show" value="false">
- <!-- [MUSS] Geben Sie hier die URL zum MOA-ID Template fuer die lokale BKU an -->
- <!-- z.B.: value="https://yoururl.at/moa-id-auth/template_localBKU.html"-->
<input type="hidden" name="Template" id="Template">
<input type="hidden" name="bkuURI" value="https://localhost:3496/https-security-layer-request">
<input type="hidden" name="useMandate" id="useMandate">
@@ -178,10 +172,10 @@
<div id="rightcontent">
<p>
- <a href="http://www.buergerkarte.at/de/aktivieren/online.html" target="_blank"><img src="img/ecard_aktivieren.jpg" border="0" alt="eCard online aktivieren" width="210"></a>
+ <a href="http://www.buergerkarte.at/de/aktivieren/online.html" target="_blank"><img src="img/ecard_aktivieren.jpg" border="0" alt="eCard online aktivieren"></a>
</p>
<p>
- <a href="http://www.buergerkarte.at/de/aktivieren/mobil.html" target="_blank"><img src="img/mobilsig_aktivieren.jpg" border="0" alt="Mobile Signatur aktivieren" width="210"></a>
+ <a href="http://www.buergerkarte.at/de/aktivieren/mobil.html" target="_blank"><img src="img/mobilsig_aktivieren.jpg" border="0" alt="Handy Signatur aktivieren"></a>
</p>
</div>
diff --git a/id/server/doc/MOA-ID-Configuration-1.5.1.xsd b/id/server/doc/MOA-ID-Configuration-1.5.1.xsd
index f8c38bdd3..cc562187a 100644
--- a/id/server/doc/MOA-ID-Configuration-1.5.1.xsd
+++ b/id/server/doc/MOA-ID-Configuration-1.5.1.xsd
@@ -1,5 +1,4 @@
<?xml version="1.0" encoding="UTF-8"?>
-<!-- edited with XMLSpy v2006 sp2 U (http://www.altova.com) by Klaus Stranacher (Technische Universität Graz) -->
<xsd:schema xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" targetNamespace="http://www.buergerkarte.at/namespaces/moaconfig#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.4.3">
<!-- es werden lokale Schemas referenziert für real aufgelöste Schemas bitte ersetzen: http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd -->
<xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd"/>
@@ -137,6 +136,8 @@
</xsd:attribute>
<xsd:attribute name="calculateHPI" type="xsd:boolean" use="optional" default="false"/>
<xsd:attribute name="friendlyName" type="xsd:string" use="optional"/>
+ <xsd:attribute name="target" type="xsd:string" use="optional"/>
+ <xsd:attribute name="targetFriendlyName" type="xsd:string" use="optional"/>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
diff --git a/id/server/doc/MOA_ID_1.5_Anhang.pdf b/id/server/doc/MOA_ID_1.5_Anhang.pdf
new file mode 100644
index 000000000..454ff933a
--- /dev/null
+++ b/id/server/doc/MOA_ID_1.5_Anhang.pdf
Binary files differ
diff --git a/id/server/doc/moa_id/id-admin_2.htm b/id/server/doc/moa_id/id-admin_2.htm
index 12f71808d..ea4874edd 100644
--- a/id/server/doc/moa_id/id-admin_2.htm
+++ b/id/server/doc/moa_id/id-admin_2.htm
@@ -574,8 +574,9 @@ Hinweis: Um den Online-Vollmachten Modus f&uuml;r eine Online Applikation zu akt
<p>Mit dem Attribut <tt>OnlineApplication/@friendlyName</tt> kann eine benutzerfreundlicher Name f&uuml;r die Online-Applikation angegeben werden. Dieser Name scheint beim Login des Benutzer auf.</p>
<p>Das Attribut <tt>OnlineApplication/@keyBoxIdentifier</tt> gibt das Schl&uuml;sselpaar an, welches von der B&uuml;rgerkartenumgebung
zum Signieren des Auth Blocks verwendet wird. M&ouml;gliche
- Werte: <tt>CertifiedKeypair </tt>sowie<tt> SecureSignatureKeypair.<br>
- </tt><br />
+ Werte: <tt>CertifiedKeypair </tt>sowie<tt> SecureSignatureKeypair.</tt></p>
+ <p>Das Attribut <tt>OnlineApplication/@target</tt> gibt einen konkreten Gesch&auml;ftsbereich f&uuml;r eine Online-Applikation vor. D.h. es wird der Target-Parameter aus dem Request mit diesem Wert &uuml;berschrieben. Zus&auml;tzlich kann noch ein benutzerfreundlicher Name mittels des Attributs <tt>OnlineApplication/@targetFriendlyName</tt> f&uuml;r den Gesch&auml;ftsbereich angegeben werden. Beide Attribute k&ouml;nnen nur bei einer Online-Applikation f&uuml;r den &ouml;ffentlichen Bereich angegeben werden.<br>
+ </tt><br />
Das Element <tt>OnlineApplication</tt> hat optional
zwei Kind-Elemente: <tt>AuthComponent</tt> und <tt>ProxyComponent</tt>. </p>
<div id="OnlineApplication/AuthComponent" />
diff --git a/id/server/doc/moa_id/moa.htm b/id/server/doc/moa_id/moa.htm
index b3633736e..94f4a35ea 100644
--- a/id/server/doc/moa_id/moa.htm
+++ b/id/server/doc/moa_id/moa.htm
@@ -114,7 +114,7 @@ Diese beiden Komponenten k&ouml;nnen auf unterschiedlichen Rechnern
oder auf dem gleichen Rechner eingesetzt werden.
<br /><br />
Die Funktionalit&auml;t und der Aufbau der Schnittstelle zu MOA-ID ist in der
-<a href="../MOA_ID_1.4_20070802.pdf" target="_new">Spezifikation</a> bzw. im <a href="../MOA_ID_1.4_Anhang.pdf" target="_new">Anhang zur Spezifikation</a> detailliert beschrieben.
+<a href="../MOA_ID_1.4_20070802.pdf" target="_new">Spezifikation</a> bzw. im <a href="../MOA_ID_1.5_Anhang.pdf" target="_new">Anhang zur Spezifikation</a> detailliert beschrieben.
<br />
<br />
F&uuml;r den Betrieb von MOA-ID ist der Einsatz von MOA-Signaturpr&uuml;fung (MOA-SP) erforderlich.
@@ -130,8 +130,7 @@ F&uuml;r den Betrieb von MOA-ID ist der Einsatz von MOA-Signaturpr&uuml;fung (MO
<tr>
<td valign="top" width="30">1</td>
-<td id="block">Der Benutzer verbindet sich zu einem Web-Portal, &uuml;ber das die verf&uuml;gbaren Online-Applikationen (OA) erreichbar
-sind. Jeder Link zu einer OA verweist auf die Authentisierungs-komponente.
+<td id="block">Der Benutzer verbindet sich zu einem Web-Portal, &uuml;ber das die verf&uuml;gbaren Online-Applikationen (OA) erreichbar sind. Jeder Link zu einer OA verweist auf die Authentisierungs-komponente.
</td>
</tr>
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
index 9e15e04dd..27a2f3050 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
@@ -24,11 +24,15 @@
package at.gv.egovernment.moa.id.auth;
+import iaik.ixsil.exceptions.UtilsException;
+import iaik.ixsil.util.Utils;
import iaik.pki.PKIException;
import iaik.x509.X509Certificate;
import java.io.ByteArrayInputStream;
import java.io.File;
+import java.io.FileInputStream;
+import java.io.FileNotFoundException;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.Principal;
@@ -90,7 +94,6 @@ import at.gv.egovernment.moa.id.auth.validator.VerifyXMLSignatureResponseValidat
import at.gv.egovernment.moa.id.auth.validator.parep.ParepUtils;
import at.gv.egovernment.moa.id.auth.validator.parep.ParepValidator;
import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWConstants;
-import at.gv.egovernment.moa.id.auth.validator.parep.config.ParepConfiguration;
import at.gv.egovernment.moa.id.config.ConfigurationException;
import at.gv.egovernment.moa.id.config.ConfigurationProvider;
import at.gv.egovernment.moa.id.config.ConnectionParameter;
@@ -114,6 +117,7 @@ import at.gv.egovernment.moa.util.DateTimeUtils;
import at.gv.egovernment.moa.util.FileUtils;
import at.gv.egovernment.moa.util.StringUtils;
+
/**
* API for MOA ID Authentication Service.<br>
* {@link AuthenticationSession} is stored in a session store and retrieved
@@ -295,6 +299,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
* </ul>
* @param authURL URL of the servlet to be used as data URL
* @param target "Gesch&auml;ftsbereich" of the online application requested
+ * @param targetFriendlyName Friendly name of the target if the target is configured via configuration
* @param oaURL online application URL requested
* @param bkuURL URL of the "B&uuml;rgerkartenumgebung" to be used;
* may be <code>null</code>; in this case, the default location will be used
@@ -310,6 +315,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
public String startAuthentication(
String authURL,
String target,
+ String targetFriendlyName,
String oaURL,
String templateURL,
String bkuURL,
@@ -343,15 +349,17 @@ public class AuthenticationServer implements MOAIDAuthConstants {
AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(oaURL);
if (oaParam == null)
throw new AuthenticationException("auth.00", new Object[] { oaURL });
- if (!oaParam.getBusinessService()) {
+ if (!oaParam.getBusinessService()) {
if (isEmpty(target))
throw new WrongParametersException("StartAuthentication", PARAM_TARGET, "auth.05");
} else {
target = null;
+ targetFriendlyName = null;
}
session = newSession();
Logger.info("MOASession " + session.getSessionID() + " angelegt");
session.setTarget(target);
+ session.setTargetFriendlyName(targetFriendlyName);
session.setOAURLRequested(oaURL);
session.setPublicOAURLPrefix(oaParam.getPublicURLPrefix());
session.setAuthURL(authURL);
@@ -509,7 +517,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
// e.printStackTrace();
// }
//
-
+
// parses the <InfoboxReadResponse>
IdentityLink identityLink =
@@ -845,6 +853,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
session.setIssueInstant(issueInstant);
String authURL = session.getAuthURL();
String target = session.getTarget();
+ String targetFriendlyName = session.getTargetFriendlyName();
//Bug #485 (https://egovlabs.gv.at/tracker/index.php?func=detail&aid=485&group_id=6&atid=105)
//String oaURL = session.getPublicOAURLPrefix();
String oaURL = session.getPublicOAURLPrefix().replaceAll("&", "&amp;");
@@ -854,6 +863,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
issueInstant,
authURL,
target,
+ targetFriendlyName,
identificationValue,
identificationType,
oaURL,
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java
index 35c4244c6..db70a6111 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java
@@ -150,6 +150,7 @@ public class AuthenticationBlockAssertionBuilder extends AuthenticationAssertion
String issueInstant,
String authURL,
String target,
+ String targetFriendlyName,
String identityLinkValue,
String identityLinkType,
String oaURL,
@@ -192,7 +193,15 @@ public class AuthenticationBlockAssertionBuilder extends AuthenticationAssertion
}
} else {
// OA is a govermental application
- String sectorName = TargetToSectorNameMapper.getSectorNameViaTarget(target);
+ String sectorName = TargetToSectorNameMapper.getSectorNameViaTarget(target);
+ if (StringUtils.isEmpty(sectorName)) {
+ if (targetFriendlyName != null)
+ sectorName = targetFriendlyName;
+ }
+
+ System.out.println("targetFriendlyName: " + targetFriendlyName);
+ System.out.println("sectorName: " + sectorName);
+
//gebeORwbpk = MessageFormat.format(GESCHAEFTS_BEREICH_ATTRIBUTE, new Object[] { target });
gebeORwbpk = MessageFormat.format(GESCHAEFTS_BEREICH_ATTRIBUTE, new Object[] { target + " (" + sectorName + ")" });
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java
index 61e4cd28b..e13379bda 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java
@@ -61,6 +61,14 @@ public class AuthenticationSession {
*/
private String target;
/**
+ * Friendly name for the target, if target is configured via MOA-ID configuration
+ */
+ private String targetFriendlyName;
+ /**
+ * Indicates if target from configuration is used or not
+ */
+ private boolean useTargetFromConfig;
+ /**
* public online application URL requested
*/
private String oaURLRequested;
@@ -277,6 +285,14 @@ public class AuthenticationSession {
public String getTarget() {
return target;
}
+
+ /**
+ * Returns the target friendly name.
+ * @return String
+ */
+ public String getTargetFriendlyName() {
+ return targetFriendlyName;
+ }
/**
* Sets the oaURLRequested.
@@ -318,6 +334,13 @@ public class AuthenticationSession {
this.target = target;
}
}
+ /**
+ * Sets the target. If the target includes the target prefix, the prefix will be stripped off.
+ * @param target The target to set
+ */
+ public void setTargetFriendlyName(String targetFriendlyName) {
+ this.targetFriendlyName = targetFriendlyName;
+ }
/**
* Returns the authURL.
@@ -643,6 +666,23 @@ public class AuthenticationSession {
/**
*
+ * @param useTargetFromConfig indicates if target from config is used or not
+ */
+ public void setUseTargetFromConfig(boolean useTargetFromConfig) {
+ this.useTargetFromConfig = useTargetFromConfig;
+
+ }
+
+ /**
+ * Returns if target is used from mandate or not
+ * @return
+ */
+ public boolean getUseTargetFromConfig() {
+ return this.useTargetFromConfig;
+ }
+
+ /**
+ *
* @param misSessionID indicates the MIS session ID
*/
public void setMISSessionID(String misSessionID) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParser.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParser.java
index da787fe3f..2e20f483c 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParser.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParser.java
@@ -246,10 +246,16 @@ public class IdentityLinkAssertionParser {
XPathUtils.getElementValue(assertionElem, PERSON_IDENT_VALUE_XPATH, ""));
identityLink.setIdentificationType(
XPathUtils.getElementValue(assertionElem, PERSON_IDENT_TYPE_XPATH, ""));
- identityLink.setGivenName(
- XPathUtils.getElementValue(assertionElem, PERSON_GIVEN_NAME_XPATH, ""));
- identityLink.setFamilyName(
- XPathUtils.getElementValue(assertionElem, PERSON_FAMILY_NAME_XPATH, ""));
+
+ String givenname = XPathUtils.getElementValue(assertionElem, PERSON_GIVEN_NAME_XPATH, "");
+ String familyname = XPathUtils.getElementValue(assertionElem, PERSON_FAMILY_NAME_XPATH, "");
+
+ // replace ' in name with &#39;
+ givenname = givenname.replace("'", "&#39;");
+ familyname = familyname.replace("'", "&#39;");
+
+ identityLink.setGivenName(givenname);
+ identityLink.setFamilyName(familyname);
identityLink.setDateOfBirth(
XPathUtils.getElementValue(assertionElem, PERSON_DATE_OF_BIRTH_XPATH, ""));
NodeIterator dsigRefTransforms =
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/SelectBKUServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/SelectBKUServlet.java
index dc1cee3b2..dd8a3144a 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/SelectBKUServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/SelectBKUServlet.java
@@ -35,14 +35,17 @@ import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.StringEscapeUtils;
+import at.gv.egovernment.moa.id.AuthenticationException;
import at.gv.egovernment.moa.id.auth.AuthenticationServer;
import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.auth.MOAIDAuthInitializer;
import at.gv.egovernment.moa.id.auth.WrongParametersException;
import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
+import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.util.StringUtils;
/**
* Servlet requested for selecting a BKU.
@@ -114,8 +117,6 @@ public class SelectBKUServlet extends AuthServlet {
try {
// check parameter
- if (!ParamValidatorUtils.isValidTarget(target))
- throw new WrongParametersException("SelectBKU", PARAM_TARGET, "auth.12");
if (!ParamValidatorUtils.isValidOA(oaURL))
throw new WrongParametersException("SelectBKU", PARAM_OA, "auth.12");
if (!ParamValidatorUtils.isValidTemplate(req, templateURL))
@@ -123,9 +124,33 @@ public class SelectBKUServlet extends AuthServlet {
if (!ParamValidatorUtils.isValidTemplate(req, bkuSelectionTemplateURL))
throw new WrongParametersException("SelectBKU", PARAM_TEMPLATE, "auth.12");
+ if (!ParamValidatorUtils.isValidTarget(target))
+ throw new WrongParametersException("SelectBKU", PARAM_TARGET, "auth.12");
+
+ OAAuthParameter oaParam =
+ AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(oaURL);
+ if (oaParam == null)
+ throw new AuthenticationException("auth.00", new Object[] { oaURL });
+
+ // get target and target friendly name from config
+ String targetConfig = oaParam.getTarget();
+
+ String returnValue = null;
+ if (StringUtils.isEmpty(targetConfig)) {
+ // no target attribut is given in OA config
+ // target is used from request
+ // check parameter
+ if (!ParamValidatorUtils.isValidTarget(target))
+ throw new WrongParametersException("StartAuthentication", PARAM_TARGET, "auth.12");
+
+ returnValue = AuthenticationServer.getInstance().selectBKU(authURL, target, oaURL, bkuSelectionTemplateURL, templateURL);
+ }
+ else {
+ // use target from config
+ returnValue = AuthenticationServer.getInstance().selectBKU(authURL, targetConfig, oaURL, bkuSelectionTemplateURL, templateURL);
+ }
- String returnValue = AuthenticationServer.getInstance().selectBKU(
- authURL, target, oaURL, bkuSelectionTemplateURL, templateURL);
+
String bkuSelectionType = AuthConfigurationProvider.getInstance().getBKUSelectionType();
if (bkuSelectionType.equals(AuthConfigurationProvider.BKU_SELECTION_TYPE_HTMLCOMPLETE)) {
// bkuSelectionType==HTMLComplete
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/StartAuthenticationServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/StartAuthenticationServlet.java
index 0eed89655..ca3883dad 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/StartAuthenticationServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/StartAuthenticationServlet.java
@@ -24,14 +24,9 @@
package at.gv.egovernment.moa.id.auth.servlet;
-import iaik.pki.PKIException;
-
import java.io.IOException;
import java.io.PrintWriter;
-import java.security.GeneralSecurityException;
-import java.util.List;
-import javax.net.ssl.SSLSocketFactory;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
@@ -39,19 +34,17 @@ import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.StringEscapeUtils;
+import at.gv.egovernment.moa.id.AuthenticationException;
import at.gv.egovernment.moa.id.MOAIDException;
import at.gv.egovernment.moa.id.auth.AuthenticationServer;
import at.gv.egovernment.moa.id.auth.MOAIDAuthInitializer;
import at.gv.egovernment.moa.id.auth.WrongParametersException;
-import at.gv.egovernment.moa.id.config.ConfigurationException;
-import at.gv.egovernment.moa.id.config.ConnectionParameter;
import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
+import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
-import at.gv.egovernment.moa.id.util.SSLUtils;
-import at.gv.egovernment.moa.id.util.client.mis.simple.MISSimpleClient;
-import at.gv.egovernment.moa.id.util.client.mis.simple.MISSimpleClientException;
import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.util.StringUtils;
/**
* Servlet requested for starting a MOA ID authentication session.
@@ -109,9 +102,7 @@ public class StartAuthenticationServlet extends AuthServlet {
try {
// check parameter
- if (!ParamValidatorUtils.isValidTarget(target))
- throw new WrongParametersException("StartAuthentication", PARAM_TARGET, "auth.12");
- if (!ParamValidatorUtils.isValidOA(oaURL))
+ if (!ParamValidatorUtils.isValidOA(oaURL))
throw new WrongParametersException("StartAuthentication", PARAM_OA, "auth.12");
if (!ParamValidatorUtils.isValidBKUURI(bkuURL))
throw new WrongParametersException("StartAuthentication", PARAM_BKU, "auth.12");
@@ -122,12 +113,30 @@ public class StartAuthenticationServlet extends AuthServlet {
if (!ParamValidatorUtils.isValidUseMandate(useMandate))
throw new WrongParametersException("StartAuthentication", PARAM_USEMANDATE, "auth.12");
+ OAAuthParameter oaParam =
+ AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(oaURL);
+ if (oaParam == null)
+ throw new AuthenticationException("auth.00", new Object[] { oaURL });
+
+ // get target and target friendly name from config
+ String targetConfig = oaParam.getTarget();
+ String targetFriendlyNameConfig = oaParam.getTargetFriendlyName();
-
-
- String getIdentityLinkForm =
- AuthenticationServer.getInstance().startAuthentication(authURL, target, oaURL, templateURL, bkuURL, useMandate, sessionID, req.getScheme());
-
+ String getIdentityLinkForm = null;
+ if (StringUtils.isEmpty(targetConfig)) {
+ // no target attribut is given in OA config
+ // target is used from request
+ // check parameter
+ if (!ParamValidatorUtils.isValidTarget(target))
+ throw new WrongParametersException("StartAuthentication", PARAM_TARGET, "auth.12");
+
+ getIdentityLinkForm = AuthenticationServer.getInstance().startAuthentication(authURL, target, null, oaURL, templateURL, bkuURL, useMandate, sessionID, req.getScheme());
+ }
+ else {
+ // use target from config
+ getIdentityLinkForm = AuthenticationServer.getInstance().startAuthentication(authURL, targetConfig, targetFriendlyNameConfig, oaURL, templateURL, bkuURL, useMandate, sessionID, req.getScheme());
+ }
+
resp.setContentType("text/html;charset=UTF-8");
PrintWriter out = new PrintWriter(resp.getOutputStream());
out.print(getIdentityLinkForm);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java
index f6127eb12..d49d038fa 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java
@@ -96,12 +96,16 @@ public class CreateXMLSignatureResponseValidator {
// should not happen, because parser would dedect this
throw new ValidateException("validator.32", null);
}
+ // replace ' in name with &#39;
+ issuer = issuer.replace("'", "&#39;");
+
String issueInstant = samlAssertion.getAttribute("IssueInstant");
if (!issueInstant.equals(session.getIssueInstant())) {
throw new ValidateException("validator.39", new Object[] {issueInstant, session.getIssueInstant()});
}
String name = identityLink.getName();
+
if (!issuer.equals(name)) {
throw new ValidateException("validator.33", new Object[] {issuer, name});
}
@@ -174,10 +178,16 @@ public class CreateXMLSignatureResponseValidator {
}
}
if (samlAttribute.getNamespace().equals("http://reference.e-government.gv.at/namespace/moa/20020822#")) {
- foundGB = true;
- //BZ..
- gbTarget = gbTarget + " (" + TargetToSectorNameMapper.getSectorNameViaTarget(gbTarget) + ")";
- //..BZ
+ foundGB = true;
+ String targetFriendlyName = session.getTargetFriendlyName();
+ String sectorName = TargetToSectorNameMapper.getSectorNameViaTarget(gbTarget);
+ if (StringUtils.isEmpty(sectorName)) {
+ if (targetFriendlyName != null)
+ sectorName = targetFriendlyName;
+ }
+ gbTarget = gbTarget + " (" + sectorName + ")";
+ //gbTarget = gbTarget + " (" + TargetToSectorNameMapper.getSectorNameViaTarget(gbTarget) + ")";
+ System.out.println("Validate: " + gbTarget + " - " + samlAttribute.getValue());
if (!gbTarget.equals((String)samlAttribute.getValue())) {
throw new ValidateException("validator.13", null);
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationBuilder.java
index bdd0c3294..d81435f83 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationBuilder.java
@@ -504,6 +504,8 @@ public class ConfigurationBuilder {
oap.setPublicURLPrefix(publicURLPrefix);
oap.setKeyBoxIdentier(oAElem.getAttribute("keyBoxIdentifier"));
oap.setFriendlyName(oAElem.getAttribute("friendlyName"));
+ String targetConfig = oAElem.getAttribute("target");
+ String targetFriendlyNameConfig = oAElem.getAttribute("targetFriendlyName");
// get the type of the online application
String oaType = oAElem.getAttribute("type");
@@ -525,6 +527,17 @@ public class ConfigurationBuilder {
Logger.error("Missing \"IdentificationNumber\" for OA of type \"businessService\"");
throw new ConfigurationException("config.02", null);
}
+
+ if (!StringUtils.isEmpty(targetConfig)) {
+ Logger.error("Target attribute can not be set for OA of type \"businessService\"");
+ throw new ConfigurationException("config.02", null);
+ }
+ if (!StringUtils.isEmpty(targetFriendlyNameConfig)) {
+ Logger.error("Target friendly name attribute can not be set for OA of type \"businessService\"");
+ throw new ConfigurationException("config.02", null);
+ }
+
+
if ("false".equalsIgnoreCase(oAElem.getAttribute("calculateHPI"))) {
oap.setIdentityLinkDomainIdentifier(buildIdentityLinkDomainIdentifier(identificationNumberChild));
//BZ.., setting type of IdLinkDomainIdentifier
@@ -542,11 +555,19 @@ public class ConfigurationBuilder {
slVersion = "1.2";
} else {
-
+
+ if (StringUtils.isEmpty(targetConfig) && !StringUtils.isEmpty(targetFriendlyNameConfig)) {
+ Logger.error("Target friendly name attribute can not be set alone for OA of type \"businessService\"");
+ throw new ConfigurationException("config.02", null);
+ }
+ oap.setTarget(targetConfig);
+ oap.setTargetFriendlyName(targetFriendlyNameConfig);
+
if (authComponent!=null) {
slVersion = authComponent.getAttribute("slVersion");
}
+
}
oap.setSlVersion(slVersion);
//Check if there is an Auth-Block to read from configuration
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/OAParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/OAParameter.java
index 0c747b29f..56c97a802 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/OAParameter.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/OAParameter.java
@@ -55,6 +55,15 @@ public class OAParameter {
private String friendlyName;
/**
+ * specified a specific target for the Online Application (overwrites the target in der request)
+ */
+ private String target;
+ /**
+ * specifies a friendly name for the target
+ */
+ private String targetFriendlyName;
+
+ /**
* Returns the type of the online application.
* @return the type of the online application.
*/
@@ -119,6 +128,37 @@ public class OAParameter {
this.friendlyName = friendlyName;
}
+ /**
+ * Gets the target of the OA
+ * @return target of the OA
+ */
+ public String getTarget() {
+ return target;
+ }
+
+ /**
+ * Sets the target of the OA
+ * @param target
+ */
+ public void setTarget(String target) {
+ this.target = target;
+ }
+ /**
+ * Gets the target friendly name of the OA
+ * @return target Friendly Name of the OA
+ */
+ public String getTargetFriendlyName() {
+ return targetFriendlyName;
+ }
+
+ /**
+ * Sets the target friendly name of the OA
+ * @param targetFriendlyName
+ */
+ public void setTargetFriendlyName(String targetFriendlyName) {
+ this.targetFriendlyName = targetFriendlyName;
+ }
+
}
diff --git a/id/server/idserverlib/src/test/java/test/abnahme/A/Test100StartAuthentication.java b/id/server/idserverlib/src/test/java/test/abnahme/A/Test100StartAuthentication.java
index a1ba1b8fb..fcf7477c5 100644
--- a/id/server/idserverlib/src/test/java/test/abnahme/A/Test100StartAuthentication.java
+++ b/id/server/idserverlib/src/test/java/test/abnahme/A/Test100StartAuthentication.java
@@ -43,6 +43,7 @@ public class Test100StartAuthentication extends AbnahmeTestCase {
try {
String htmlForm = server.startAuthentication("https://localhost:8443/auth", //authURL
"gb", //target
+ null,
"http://localhost:9080/", //oaURL
"file:" + findXmldata("AuthTemplate.html"),
"http://localhost:3495/http-security-layer-request",
@@ -62,6 +63,7 @@ public class Test100StartAuthentication extends AbnahmeTestCase {
try {
String htmlForm = server.startAuthentication("https://localhost:8443/auth", //authURL
"gb", //target
+ null,
"http://localhost:9080/", //oaURL
null,
"http://localhost:3495/http-security-layer-request", null, null, null);
@@ -80,6 +82,7 @@ public class Test100StartAuthentication extends AbnahmeTestCase {
try {
String htmlForm = server.startAuthentication("https://localhost:8443/auth", //authURL
"gb", //target
+ null,
"http://localhost:9080/", //oaURL
"file:" + findXmldata("AuthTemplate.html"),
null,
@@ -101,6 +104,7 @@ public class Test100StartAuthentication extends AbnahmeTestCase {
try {
server.startAuthentication(null, //authURL
"gb", //target
+ null,
"http://localhost:9080/", //oaURL
null, null, null, null, null);
//assertEquals("",htmlForm);
@@ -121,7 +125,7 @@ public class Test100StartAuthentication extends AbnahmeTestCase {
try {
try {
server.startAuthentication("http://localhost:8080/auth", //authURL
- "gb", "http://localhost:9080/", //oaURL
+ "gb", null, "http://localhost:9080/", //oaURL
null, null, null, null, null);
System.err.println(this.getName() + " hat KEINE FEHLER geworfen");
fail(this.getName() + " hat KEINE FEHLER geworfen");
@@ -139,7 +143,7 @@ public class Test100StartAuthentication extends AbnahmeTestCase {
try {
try {
server.startAuthentication("https://localhost:8443/auth", //authURL
- "gb", "http://host_not_in_config/", //oaURL
+ "gb", null, "http://host_not_in_config/", //oaURL
null, null, null, null, null);
System.err.println(this.getName() + " hat KEINE FEHLER geworfen");
fail(this.getName() + " hat KEINE FEHLER geworfen");
@@ -158,7 +162,7 @@ public class Test100StartAuthentication extends AbnahmeTestCase {
try {
try {
server.startAuthentication("https://localhost:8443/auth", //authURL
- "gb", null, //oaURL
+ "gb", null, null, //oaURL
null, null, null, null, null);
System.err.println(this.getName() + " hat KEINE FEHLER geworfen");
fail(this.getName() + " hat KEINE FEHLER geworfen");
@@ -177,7 +181,7 @@ public class Test100StartAuthentication extends AbnahmeTestCase {
try {
try {
server.startAuthentication("https://localhost:8443/auth", //authURL
- null, "http://localhost:9080/", //oaURL
+ null, null, "http://localhost:9080/", //oaURL
null, null, null, null, null);
System.err.println(this.getName() + " hat KEINE FEHLER geworfen");
fail(this.getName() + " hat KEINE FEHLER geworfen");
diff --git a/id/server/idserverlib/src/test/java/test/abnahme/AbnahmeTestCase.java b/id/server/idserverlib/src/test/java/test/abnahme/AbnahmeTestCase.java
index 636d301bb..69f33f82c 100644
--- a/id/server/idserverlib/src/test/java/test/abnahme/AbnahmeTestCase.java
+++ b/id/server/idserverlib/src/test/java/test/abnahme/AbnahmeTestCase.java
@@ -136,6 +136,7 @@ public class AbnahmeTestCase extends MOAIDTestCase {
String htmlForm = AuthenticationServer.getInstance().startAuthentication(
"https://localhost:8443/auth",
"gb",
+ null,
oaURL,
null,
null,
diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/AuthenticationServerTest.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/AuthenticationServerTest.java
index 31c09bb01..052c1fed4 100644
--- a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/AuthenticationServerTest.java
+++ b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/AuthenticationServerTest.java
@@ -54,7 +54,7 @@ public class AuthenticationServerTest extends UnitTestCase {
public void doTest(String testdataDirectory, String authURL, String target, String oaURL, String bkuURL, String templateURL) throws Exception {
String testdataRoot = TESTDATA_ROOT + "xmldata/" + testdataDirectory + "/";
AuthenticationServer server = AuthenticationServer.getInstance();
- String htmlForm = server.startAuthentication(authURL, target, oaURL, templateURL, bkuURL, null, null, null);
+ String htmlForm = server.startAuthentication(authURL, target, null, oaURL, templateURL, bkuURL, null, null, null);
String sessionID = parseSessionIDFromForm(htmlForm);
String infoboxReadResponse = readFile(TESTDATA_ROOT + "xmldata/testperson1/" + "InfoboxReadResponse.xml");
HashMap parameters = new HashMap(1);
diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilderTest.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilderTest.java
index e79394a28..d369c39bd 100644
--- a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilderTest.java
+++ b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilderTest.java
@@ -63,7 +63,7 @@ public class AuthenticationBlockAssertionBuilderTest extends UnitTestCase {
public void testBuild() throws Exception {
AuthenticationBlockAssertionBuilder builder = new AuthenticationBlockAssertionBuilder();
- String assertionBuilt = builder.buildAuthBlock(ISSUER, ISSUE_INSTANT, AUTH_URL, TARGET, "", "", OA_URL, GEB_DAT, null, null);
+ String assertionBuilt = builder.buildAuthBlock(ISSUER, ISSUE_INSTANT, AUTH_URL, TARGET, null, "", "", OA_URL, GEB_DAT, null, null);
assertionBuilt = XML_DECL + assertionBuilt;
String assertionShould = XML_DECL + ASSERTION_SHOULD;
assertXmlEquals(assertionShould, assertionBuilt);