aboutsummaryrefslogtreecommitdiff
path: root/id/server
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2013-09-19 19:32:36 +0200
committerThomas Lenz <tlenz@iaik.tugraz.at>2013-09-19 19:32:36 +0200
commit1984a9914bb024bdd7b486ec6dd6ba4144c0c70b (patch)
tree42481e5e1d71bf24e90a6689c359af037b1b8248 /id/server
parentf52976e984450d6802067acad12a0b8143f4ce75 (diff)
downloadmoa-id-spss-1984a9914bb024bdd7b486ec6dd6ba4144c0c70b.tar.gz
moa-id-spss-1984a9914bb024bdd7b486ec6dd6ba4144c0c70b.tar.bz2
moa-id-spss-1984a9914bb024bdd7b486ec6dd6ba4144c0c70b.zip
Reload MOAMetadataProvider after config changes
Diffstat (limited to 'id/server')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigLoader.java14
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java32
-rw-r--r--id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd1
3 files changed, 43 insertions, 4 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigLoader.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigLoader.java
index 12ab3f871..92323f02b 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigLoader.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigLoader.java
@@ -1,10 +1,15 @@
package at.gv.egovernment.moa.id.config.auth;
+import iaik.util.logging.Log;
+
import java.util.Date;
+import org.bouncycastle.asn1.pkcs.Pfx;
+
import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead;
import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration;
+import at.gv.egovernment.moa.id.protocols.pvp2x.metadata.MOAMetadataProvider;
import at.gv.egovernment.moa.logging.Logger;
@@ -20,6 +25,7 @@ public class AuthConfigLoader implements Runnable {
Logger.info("check for new config.");
MOAIDConfiguration moaidconfig = ConfigurationDBRead.getMOAIDConfiguration();
Date dbdate = moaidconfig.getTimestampItem();
+ Date pvprefresh = moaidconfig.getPvp2RefreshItem();
ConfigurationDBUtils.closeSession();
Date date = AuthConfigurationProvider.getTimeStamp();
@@ -28,6 +34,14 @@ public class AuthConfigLoader implements Runnable {
AuthConfigurationProvider instance = AuthConfigurationProvider.getInstance();
instance.reloadDataBaseConfig();
}
+
+ Date pvpdate = MOAMetadataProvider.getTimeStamp();
+ if (pvprefresh != null && pvprefresh.after(pvpdate)) {
+ MOAMetadataProvider metainst = MOAMetadataProvider.getInstance();
+ metainst.reInitialize();
+ }
+
+
} catch (Throwable e) {
Logger.warn("MOA-ID Configuration is actually not loadable. Reuse old configuration.", e);
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java
index a92ac8e7f..a61633e12 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java
@@ -1,11 +1,16 @@
package at.gv.egovernment.moa.id.protocols.pvp2x.metadata;
+import iaik.util.logging.Log;
+
import java.security.cert.CertificateException;
+import java.util.Date;
import java.util.Iterator;
import java.util.List;
+import java.util.Timer;
import javax.xml.namespace.QName;
+import org.apache.commons.httpclient.HttpClient;
import org.opensaml.saml2.metadata.EntitiesDescriptor;
import org.opensaml.saml2.metadata.EntityDescriptor;
import org.opensaml.saml2.metadata.RoleDescriptor;
@@ -29,7 +34,9 @@ public class MOAMetadataProvider implements MetadataProvider {
private static MOAMetadataProvider instance = null;
private static Object mutex = new Object();
-
+ private static Date timestamp;
+
+
public static MOAMetadataProvider getInstance() {
if (instance == null) {
synchronized (mutex) {
@@ -41,6 +48,17 @@ public class MOAMetadataProvider implements MetadataProvider {
return instance;
}
+ public static Date getTimeStamp() {
+ return timestamp;
+ }
+
+ public void reInitialize() {
+ synchronized (mutex) {
+ Log.info("ReInitalize MOAMetaDataProvider.");
+ instance = new MOAMetadataProvider();
+ }
+ }
+
MetadataProvider internalProvider;
private MOAMetadataProvider() {
@@ -59,15 +77,20 @@ public class MOAMetadataProvider implements MetadataProvider {
String metadataURL = pvp2Config.getMetadataURL();
try {
// TODO: use proper SSL checking
- HTTPMetadataProvider httpProvider = new HTTPMetadataProvider(
- metadataURL, 20000);
+ HTTPMetadataProvider httpProvider =
+ new HTTPMetadataProvider(new Timer(), new HttpClient(),
+ metadataURL);
httpProvider.setParserPool(new BasicParserPool());
httpProvider.setRequireValidMetadata(true);
+ httpProvider.setMinRefreshDelay(1000*60*5); //5min
+ httpProvider.setMaxRefreshDelay(1000*60*30); //30min
+ //httpProvider.setRefreshDelayFactor(0.1F);
MetadataFilter filter = new MetadataSignatureFilter(
metadataURL, pvp2Config.getCertificate());
httpProvider.setMetadataFilter(filter);
chainProvider.addMetadataProvider(httpProvider);
httpProvider.initialize();
+
} catch (MetadataProviderException e) {
Logger.error(
"Failed to add Metadata file for "
@@ -91,8 +114,9 @@ public class MOAMetadataProvider implements MetadataProvider {
}
internalProvider = chainProvider;
+ timestamp = new Date();
}
-
+
public boolean requireValidMetadata() {
return internalProvider.requireValidMetadata();
}
diff --git a/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd b/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd
index c17a8cbd4..dd696f42f 100644
--- a/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd
+++ b/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd
@@ -272,6 +272,7 @@
</xsd:element>
</xsd:sequence>
<xsd:attribute name="timestamp" type="xsd:dateTime"/>
+ <xsd:attribute name="pvp2refresh" type="xsd:dateTime"/>
</xsd:complexType>
</xsd:element>
<xsd:complexType name="AuthComponentType">