Merge branch 'Branch_MOA-ID-3.2.1' into development_preview

# Conflicts:
#	id/server/moa-id-commons/pom.xml
#	pom.xml

5 files changed, 73 insertions, 15 deletions

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java
index 5b0f5115d..6f700d1cb 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java
@@ -74,6 +74,7 @@ public class StatisticLogger implements IStatisticLogger{
 	private static final String MANTATORTYPE_NAT = "nat";
 	
 	private static final int MAXERRORLENGTH = 200;
+	private static final int MAXOAIDENTIFIER_LENGTH = 254;
 	
 	private static final String ERRORTYPE_UNKNOWN = "unkown";
 	private static final String ERRORTYPE_BKU = "bku";
@@ -119,7 +120,7 @@ public class StatisticLogger implements IStatisticLogger{
 			//dblog.setOaID(dbOA.getHjid());
 			
 			//log basic AuthInformation
-			dblog.setOaurlprefix(protocolRequest.getOAURL());
+			dblog.setOaurlprefix(getMessageWithMaxLength(dbOA.getPublicURLPrefix(), MAXOAIDENTIFIER_LENGTH));
 			dblog.setOafriendlyName(dbOA.getFriendlyName());
 			
 			boolean isbusinessservice = isBusinessService(dbOA);
@@ -205,8 +206,14 @@ public class StatisticLogger implements IStatisticLogger{
 					}
 				}		
 			}
-						
-			entityManager.persist(dblog);
+			
+			try {
+				entityManager.persist(dblog);
+				
+			} catch (Exception e) {
+				Logger.warn("Write 'success' statisticLog to database FAILED.", e);
+				
+			}
 			
 		}	
 	}
@@ -227,8 +234,13 @@ public class StatisticLogger implements IStatisticLogger{
 			}
 			
 
-			
-			entityManager.persist(dblog);
+			try {
+				entityManager.persist(dblog);
+				
+			} catch (Exception e) {
+				Logger.warn("Write 'error' statisticLog to database FAILED.", e);
+				
+			}
 			
 		}
 		
@@ -243,12 +255,15 @@ public class StatisticLogger implements IStatisticLogger{
 			dblog.setTimestamp(new Date());
 			
 			
-			dblog.setOaurlprefix(errorRequest.getOAURL());
+			dblog.setOaurlprefix(getMessageWithMaxLength(errorRequest.getOAURL(), MAXOAIDENTIFIER_LENGTH));
 			dblog.setProtocoltype(errorRequest.requestedModule());
 			dblog.setProtocolsubtype(errorRequest.requestedAction());
 			
+			generateErrorLogFormThrowable(throwable, dblog);
+			
 			IOAAuthParameters dbOA = errorRequest.getOnlineApplicationConfiguration();
 			if (dbOA != null) {
+				dblog.setOaurlprefix(getMessageWithMaxLength(dbOA.getPublicURLPrefix(), MAXOAIDENTIFIER_LENGTH));
 				dblog.setOafriendlyName(dbOA.getFriendlyName());
 				dblog.setOatarget(dbOA.getTarget());
 				//dblog.setOaID(dbOA.getHjid());
@@ -280,11 +295,18 @@ public class StatisticLogger implements IStatisticLogger{
 					dblog.setMandatelogin(moasession.isMandateUsed());
 				}
 				
-				generateErrorLogFormThrowable(throwable, dblog);
 				
+				
+			}
+						
+			try {
 				entityManager.persist(dblog);
-
+					
+			} catch (Exception e) {
+				Logger.warn("Write 'error' statisticLog to database FAILED.", e);
+				
 			}
+			
 		}
 	}
 	
@@ -296,6 +318,10 @@ public class StatisticLogger implements IStatisticLogger{
 			return false;
 	}
 	
+	private String getMessageWithMaxLength(String msg, int maxlength) {
+		return getErrorMessageWithMaxLength(msg, maxlength);
+		
+	}
 	
 	private String getErrorMessageWithMaxLength(String error, int maxlength) {
 		if (error != null) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/SAML2Utils.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/SAML2Utils.java
index 9d57c2bae..28a85b4af 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/SAML2Utils.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/SAML2Utils.java
@@ -46,6 +46,8 @@ import org.opensaml.xml.io.Marshaller;
 import org.opensaml.xml.io.MarshallingException;
 import org.w3c.dom.Document;
 
+import at.gv.egovernment.moa.id.util.Random;
+
 public class SAML2Utils {
 
 	public static <T> T createSAMLObject(final Class<T> clazz) {
@@ -66,7 +68,19 @@ public class SAML2Utils {
 	}
 
 	public static String getSecureIdentifier() {
-		return idGenerator.generateIdentifier();
+		return "_".concat(Random.nextHexRandom16());
+		
+		/*Bug-Fix: There are open problems with RandomNumberGenerator via Java SPI and Java JDK 8.121 
+		*          Generation of a 16bit Random identifier FAILES with an  Caused by: java.lang.ArrayIndexOutOfBoundsException
+		*          Caused by: java.lang.ArrayIndexOutOfBoundsException
+							  at iaik.security.random.o.engineNextBytes(Unknown Source)
+							  at iaik.security.random.SecRandomSpi.engineNextBytes(Unknown Source)
+						      at java.security.SecureRandom.nextBytes(SecureRandom.java:468)
+						      at org.opensaml.common.impl.SecureRandomIdentifierGenerator.generateIdentifier(SecureRandomIdentifierGenerator.java:62)
+						      at org.opensaml.common.impl.SecureRandomIdentifierGenerator.generateIdentifier(SecureRandomIdentifierGenerator.java:56)
+						      at at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils.getSecureIdentifier(SAML2Utils.java:69)        
+		*/		
+		//return idGenerator.generateIdentifier();
 	}
 	
 	private static SecureRandomIdentifierGenerator idGenerator;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/Random.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/Random.java
index ba45a3679..ac2b3c415 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/Random.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/Random.java
@@ -114,11 +114,21 @@ public class Random {
 	 * 
 	 * @return random hex encoded value [256bit]
 	 */
-	public static String nextHexRandom() {
+	public static String nextHexRandom32() {
 		return new String(Hex.encodeHex(nextByteRandom(32))); // 32 bytes = 256 bits
 		
 	}
 	
+	/**
+	 * Creates a new random number [128bit], and encode it as hex value.
+	 * 
+	 * @return random hex encoded value [128bit]
+	 */
+	public static String nextHexRandom16() {
+		return new String(Hex.encodeHex(nextByteRandom(16))); // 16 bytes = 128 bits
+		
+	}
+	
 	  /**
 	   * Creates a new random number [64bit], to be used as an ID.
 	   * 
@@ -158,7 +168,7 @@ public class Random {
    * @param size Size of random number in bits
    * @return
    */
-  private static byte[] nextByteRandom(int size) {
+  private static synchronized byte[] nextByteRandom(int size) {
 	  byte[] b = new byte[size];
 	  random.nextBytes(b);			 
 	  return b;
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/AuthConfiguration.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/AuthConfiguration.java
index d2c827d55..fcf4c3ffa 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/AuthConfiguration.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/AuthConfiguration.java
@@ -32,7 +32,7 @@ public interface AuthConfiguration extends ConfigurationProvider{
 	 * Get a configuration value from basic file based MOA-ID configuration
 	 * 
 	 * @param key configuration key 
-	 * @return configuration value 
+	 * @return configuration value or null if it is not found
 	 */
 	public String getBasicMOAIDConfiguration(final String key);
 	
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/DOMUtils.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/DOMUtils.java
index fed968443..62a168ac8 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/DOMUtils.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/DOMUtils.java
@@ -28,6 +28,7 @@ import java.io.ByteArrayInputStream;
 import java.io.ByteArrayOutputStream;
 import java.io.IOException;
 import java.io.InputStream;
+import java.util.Collections;
 import java.util.HashMap;
 import java.util.HashSet;
 import java.util.Iterator;
@@ -542,6 +543,7 @@ public class DOMUtils {
   
   /**
    * A convenience method to parse an XML document non validating.
+   * This method disallow DocType declarations 
    * 
    * @param inputStream The <code>InputStream</code> containing the XML
    * document.
@@ -552,10 +554,16 @@ public class DOMUtils {
    * parser.
    */
   public static Element parseXmlNonValidating(InputStream inputStream)
-    throws ParserConfigurationException, SAXException, IOException {
+    throws ParserConfigurationException, SAXException, IOException {	  
     return DOMUtils
-      .parseDocument(inputStream, false, Constants.ALL_SCHEMA_LOCATIONS, null, null)
-      .getDocumentElement();
+      .parseDocument(inputStream, false, Constants.ALL_SCHEMA_LOCATIONS, null, 
+    		  Collections.unmodifiableMap(new HashMap<String, Object>() {
+    			  private static final long serialVersionUID = 1L;
+    			  {	
+    				  put(DOMUtils.DISALLOW_DOCTYPE_FEATURE, true);
+				
+    			  }
+    		  })).getDocumentElement();
   }
 
   /**