aboutsummaryrefslogtreecommitdiff
path: root/id/server
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2016-02-19 13:15:50 +0100
committerThomas Lenz <tlenz@iaik.tugraz.at>2016-02-19 13:15:50 +0100
commitf3010fd5d1d8e423ee6f2a1aaca5441ccfd3f785 (patch)
tree243717e235cc8c522495a2bdbbc320bd98dba104 /id/server
parent99676a6020efe37d4df4ba8d33c1e1d6a1c5aa78 (diff)
downloadmoa-id-spss-f3010fd5d1d8e423ee6f2a1aaca5441ccfd3f785.tar.gz
moa-id-spss-f3010fd5d1d8e423ee6f2a1aaca5441ccfd3f785.tar.bz2
moa-id-spss-f3010fd5d1d8e423ee6f2a1aaca5441ccfd3f785.zip
remove unused code and files
Diffstat (limited to 'id/server')
-rw-r--r--id/server/auth/src/main/webapp/WEB-INF/urlrewrite.xml134
-rw-r--r--id/server/auth/src/main/webapp/WEB-INF/web.xml141
-rw-r--r--id/server/auth/src/main/webapp/errorpage-auth.jsp50
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java624
4 files changed, 0 insertions, 949 deletions
diff --git a/id/server/auth/src/main/webapp/WEB-INF/urlrewrite.xml b/id/server/auth/src/main/webapp/WEB-INF/urlrewrite.xml
deleted file mode 100644
index a67549ef3..000000000
--- a/id/server/auth/src/main/webapp/WEB-INF/urlrewrite.xml
+++ /dev/null
@@ -1,134 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<!DOCTYPE urlrewrite PUBLIC "-//tuckey.org//DTD UrlRewrite 4.0//EN"
- "http://www.tuckey.org/res/dtds/urlrewrite4.0.dtd">
-
-<!-- Configuration file for UrlRewriteFilter http://www.tuckey.org/urlrewrite/ -->
-<urlrewrite>
-
- <rule>
- <note>
- The rule means that requests to /test/status/ will be redirected to
- /rewrite-status
- the url will be rewritten.
- </note>
- <from>/test/status/</from>
- <to type="redirect">%{context-path}/rewrite-status</to>
- </rule>
-
- <!-- Legacy Rules -->
- <rule match-type="regex">
- <from>^/StartAuthentication$</from>
- <to type="forward">/dispatcher?mod=id_saml1&amp;action=GetArtifact</to>
- </rule>
- <rule match-type="regex">
- <from>^/StartAuthentication\?(.*)$</from>
- <to type="forward">/dispatcher?mod=id_saml1&amp;action=GetArtifact&amp;$1</to>
- </rule>
-
- <rule match-type="regex">
- <from>^/auth/([a-zA-Z0-9]+)/([a-zA-Z0-9]+)$</from>
- <to type="forward">/dispatcher?mod=$1&amp;action=$2</to>
- </rule>
- <rule match-type="regex">
- <from>^/auth/([a-zA-Z0-9]+)/([a-zA-Z0-9]+)\?(.*)$</from>
- <to type="forward">/dispatcher?mod=$1&amp;action=$2&amp;$3</to>
- </rule>
-
-
- <rule match-type="regex">
- <from>^/pvp2/metadata$</from>
- <to type="forward">/dispatcher?mod=id_pvp2x&amp;action=Metadata&amp;%{query-string}</to>
- </rule>
- <rule match-type="regex">
- <from>^/pvp2/redirect$</from>
- <to type="forward">/dispatcher?mod=id_pvp2x&amp;action=Redirect&amp;endpointtype=idp&amp;%{query-string}</to>
- </rule>
- <rule match-type="regex">
- <from>^/pvp2/post$</from>
- <to type="forward">/dispatcher?mod=id_pvp2x&amp;action=Post&amp;endpointtype=idp&amp;%{query-string}</to>
- </rule>
- <rule match-type="regex">
- <from>^/pvp2/Soap$</from>
- <to type="forward">/dispatcher?mod=id_pvp2x&amp;action=Soap&amp;endpointtype=idp</to>
- </rule>
- <rule match-type="regex">
- <from>^/pvp2/attributequery$</from>
- <to type="forward">/dispatcher?mod=id_pvp2x&amp;action=AttributeQuery&amp;endpointtype=idp</to>
- </rule>
- <rule match-type="regex">
- <from>^/pvp2/sp/redirect$</from>
- <to type="forward">/dispatcher?mod=id_pvp2x&amp;action=Redirect&amp;endpointtype=sp&amp;%{query-string}</to>
- </rule>
- <rule match-type="regex">
- <from>^/pvp2/sp/post$</from>
- <to type="forward">/dispatcher?mod=id_pvp2x&amp;action=Post&amp;endpointtype=sp&amp;%{query-string}</to>
- </rule>
-
-
- <rule match-type="regex">
- <from>^/stork2/StartAuthentication$</from>
- <to type="forward">/dispatcher?mod=id_stork2&amp;action=AuthenticationRequest&amp;%{query-string}</to>
- </rule>
- <rule match-type="regex">
- <from>^/stork2/ResumeAuthentication$</from>
- <to type="forward">/dispatcher?mod=id_stork2&amp;action=AttributeCollector&amp;%{query-string}</to>
- </rule>
- <rule match-type="regex">
- <from>^/stork2/GetConsent$</from>
- <to type="forward">/dispatcher?mod=id_stork2&amp;action=ConsentEvaluator&amp;%{query-string}</to>
- </rule>
- <rule match-type="regex">
- <from>^/stork2/SendPEPSAuthnRequest$</from>
- <to type="forward">/dispatcher?mod=id_stork2&amp;action=AuthenticationRequest&amp;%{query-string}</to>
- </rule>
- <rule match-type="regex">
- <from>^/stork2/ServiceProvider$</from>
- <to type="forward">/dispatcher?mod=id_stork2&amp;action=AuthenticationRequest&amp;%{query-string}</to>
- </rule>
- <rule match-type="regex">
- <from>^/stork2/SendPEPSAuthnRequestWithoutSignedDoc$</from>
- <to type="forward">/dispatcher?mod=id_stork2&amp;action=AuthenticationRequest1&amp;%{query-string}</to>
- </rule>
- <rule match-type="regex">
- <from>^/stork2/RetrieveMandate$</from>
- <to type="forward">/dispatcher?mod=id_stork2&amp;action=MandateRetrievalRequest&amp;%{query-string}</to>
- </rule>
-
- <!-- eIDAS protocol -->
- <rule match-type="regex">
- <from>^/eidas/ColleagueRequest$</from>
- <to type="forward">/dispatcher?mod=eidas&amp;action=AuthenticationRequest&amp;%{query-string}</to>
- </rule>
- <rule match-type="regex">
- <from>^/eidas/metadata$</from>
- <to type="forward">/dispatcher?mod=eidas&amp;action=MetadataRequest&amp;%{query-string}</to>
- </rule>
-
-
- <rule match-type="regex">
- <from>^/oauth2/auth\\?(.*)$</from>
- <to type="forward">/dispatcher?mod=id_oauth20&amp;action=AUTH&amp;%{query-string}</to>
- </rule>
- <rule match-type="regex">
- <from>^/oauth2/token\\?(.*)$</from>
- <to type="forward">/dispatcher?mod=id_oauth20&amp;action=TOKEN&amp;%{query-string}</to>
- </rule>
-
-
- <outbound-rule>
- <note>
- The outbound-rule specifies that when response.encodeURL is called (if
- you are using JSTL c:url)
- the url /rewrite-status will be rewritten to /test/status/.
-
- The above rule and this outbound-rule means that end users should never
- see the
- url /rewrite-status only /test/status/ both in thier location bar and in
- hyperlinks
- in your pages.
- </note>
- <from>/rewrite-status</from>
- <to>/test/status/</to>
- </outbound-rule>
-
-</urlrewrite>
diff --git a/id/server/auth/src/main/webapp/WEB-INF/web.xml b/id/server/auth/src/main/webapp/WEB-INF/web.xml
index 92dcf1266..af1603621 100644
--- a/id/server/auth/src/main/webapp/WEB-INF/web.xml
+++ b/id/server/auth/src/main/webapp/WEB-INF/web.xml
@@ -5,11 +5,6 @@
<display-name>MOA ID Auth</display-name>
<description>MOA ID Authentication Service</description>
- <!-- bootstrap loader for spring framework -->
-<!-- <listener>
- <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
- </listener> -->
-
<filter>
<filter-name>characterEncodingFilter</filter-name>
<filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class>
@@ -27,142 +22,6 @@
<url-pattern>/*</url-pattern>
</filter-mapping>
- <!-- exposes request and response to the current thread -->
-<!-- <filter>
- <filter-name>requestContextFilter</filter-name>
- <filter-class>org.springframework.web.filter.RequestContextFilter</filter-class>
- </filter>
- <filter-mapping>
- <filter-name>requestContextFilter</filter-name>
- <url-pattern>/*</url-pattern>
- </filter-mapping>
-
- <filter>
- <filter-name>UrlRewriteFilter</filter-name>
- <filter-class>org.tuckey.web.filters.urlrewrite.UrlRewriteFilter</filter-class>
- </filter>
- <filter-mapping>
- <filter-name>UrlRewriteFilter</filter-name>
- <url-pattern>/*</url-pattern>
- </filter-mapping>
-
- <servlet>
- <description>Generate BKU Request template</description>
- <display-name>GenerateIframeTemplate</display-name>
- <servlet-name>GenerateIframeTemplate</servlet-name>
- <servlet-class>at.gv.egovernment.moa.id.auth.servlet.GenerateIFrameTemplateServlet</servlet-class>
- </servlet>
- <servlet-mapping>
- <servlet-name>GenerateIframeTemplate</servlet-name>
- <url-pattern>/GenerateIframeTemplate</url-pattern>
- </servlet-mapping>
-
- <servlet>
- <display-name>RedirectServlet</display-name>
- <servlet-name>RedirectServlet</servlet-name>
- <servlet-class>at.gv.egovernment.moa.id.auth.servlet.RedirectServlet</servlet-class>
- </servlet>
- <servlet-mapping>
- <servlet-name>RedirectServlet</servlet-name>
- <url-pattern>/RedirectServlet</url-pattern>
- </servlet-mapping>
-
- automatically registered by module 'moa-id-module-monitoring' using @WebServlet annotation
-
- <servlet>
- <display-name>MonitoringServlet</display-name>
- <servlet-name>MonitoringServlet</servlet-name>
- <servlet-class>at.gv.egovernment.moa.id.auth.servlet.MonitoringServlet</servlet-class>
- </servlet>
- <servlet-mapping>
- <servlet-name>MonitoringServlet</servlet-name>
- <url-pattern>/MonitoringServlet</url-pattern>
- </servlet-mapping>
-
-
- <servlet>
- <display-name>SSOSendAssertionServlet</display-name>
- <servlet-name>SSOSendAssertionServlet</servlet-name>
- <servlet-class>at.gv.egovernment.moa.id.auth.servlet.SSOSendAssertionServlet</servlet-class>
- </servlet>
- <servlet-mapping>
- <servlet-name>SSOSendAssertionServlet</servlet-name>
- <url-pattern>/SSOSendAssertionServlet</url-pattern>
- </servlet-mapping>
-
- <servlet>
- <description>SSO LogOut</description>
- <display-name>LogOut</display-name>
- <servlet-name>LogOut</servlet-name>
- <servlet-class>at.gv.egovernment.moa.id.auth.servlet.LogOutServlet</servlet-class>
- </servlet>
- <servlet-mapping>
- <servlet-name>LogOut</servlet-name>
- <url-pattern>/LogOut</url-pattern>
- </servlet-mapping>
-
- <servlet>
- <description>IDP Single LogOut Service</description>
- <display-name>IDP-SLO</display-name>
- <servlet-name>IDPSLO</servlet-name>
- <servlet-class>at.gv.egovernment.moa.id.auth.servlet.IDPSingleLogOutServlet</servlet-class>
- </servlet>
- <servlet-mapping>
- <servlet-name>IDPSLO</servlet-name>
- <url-pattern>/idpSingleLogout</url-pattern>
- </servlet-mapping> -->
-
-<!-- <servlet>
- <display-name>Apache-Axis Servlet</display-name>
- <servlet-name>AxisServlet</servlet-name>
- <servlet-class>org.apache.axis.transport.http.AxisServlet</servlet-class>
- </servlet>
- <servlet-mapping>
- <servlet-name>AxisServlet</servlet-name>
- <url-pattern>/services/*</url-pattern>
- </servlet-mapping> -->
-
-<!-- <servlet>
- <display-name>Dispatcher Servlet</display-name>
- <servlet-name>DispatcherServlet</servlet-name>
- <servlet-class>at.gv.egovernment.moa.id.entrypoints.DispatcherServlet</servlet-class>
- <load-on-startup>1</load-on-startup>
- </servlet>
- <servlet-mapping>
- <servlet-name>DispatcherServlet</servlet-name>
- <url-pattern>/dispatcher</url-pattern>
- </servlet-mapping>
-
- <servlet>
- <description>Resumes a suspended process task.</description>
- <display-name>ProcessEngineSignal</display-name>
- <servlet-name>ProcessEngineSignal</servlet-name>
- <servlet-class>at.gv.egovernment.moa.id.auth.servlet.ProcessEngineSignalServlet</servlet-class>
- </servlet>
- <servlet-mapping>
- do not change this servlet-name
- <servlet-name>ProcessEngineSignal</servlet-name>
-
- Use this url-pattern in order to signal the next (asynchronous) task.
- <url-pattern>/signalProcess</url-pattern>
-
- legacy url patterns for asynchronous tasks (internal default module/processes)
- <url-pattern>/GetMISSessionID</url-pattern>
- <url-pattern>/GetForeignID</url-pattern>
- <url-pattern>/VerifyAuthBlock</url-pattern>
- <url-pattern>/VerifyCertificate</url-pattern>
- <url-pattern>/VerifyIdentityLink</url-pattern>
-
-
- STORK servlet mappings; automatically registered by the stork module;
- refer to at.gv.egovernment.moa.id.auth.modules.stork.STORKWebApplicationInitializer
-
-
- <url-pattern>/PEPSConnectorWithLocalSigning</url-pattern>
- <url-pattern>/PEPSConnector</url-pattern>
-
- </servlet-mapping> -->
-
<session-config>
<session-timeout>5</session-timeout>
</session-config>
diff --git a/id/server/auth/src/main/webapp/errorpage-auth.jsp b/id/server/auth/src/main/webapp/errorpage-auth.jsp
deleted file mode 100644
index 07f3e7f69..000000000
--- a/id/server/auth/src/main/webapp/errorpage-auth.jsp
+++ /dev/null
@@ -1,50 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
-<%@ page contentType="text/html; charset=UTF-8" %>
-<html>
-<head>
-<title>Ein Fehler ist aufgetreten</title>
-</head>
-<% Throwable exceptionThrown = (Throwable)request.getAttribute("ExceptionThrown");
- String errorMessage = (String)request.getAttribute("ErrorMessage");
- String wrongParameters = (String)request.getAttribute("WrongParameters");
-%>
-
-<body>
-<h1>Fehler bei der Anmeldung</h1>
-<p>Bei der Anmeldung ist ein Fehler aufgetreten.</p>
-
-<% if (errorMessage != null) { %>
-<p>
-<%= errorMessage%><br>
-</p>
-<% } %>
-<% if (exceptionThrown != null) { %>
-<p>
-<%= exceptionThrown.getMessage()%>
-</p>
-<% } %>
-<% if (wrongParameters != null) { %>
-<p>Die Angabe der Parameter ist unvollst&auml;ndig.<br></p>
-<b> <%= wrongParameters %> </b><br>
-<p>
- Beispiele f&uuml;r korrekte Links zur MOA-ID Authentisierung sind:
-</p>
-<p>
-<tt>&lt;a href="https://&lt;MOA-URL&gt;/StartAuthentication?Target=&lt;Gesch&auml;ftsbereich&gt;&amp;OA=&lt;OA-URL&gt;&amp;Template=&lt;Template-URL&gt;&quot;&gt;</tt>
-</p>
-<p>
-<tt>&lt;a href="https://&lt;MOA-URL&gt;/SelectBKU?Target=&lt;Gesch&auml;ftsbereich&gt;&amp;OA=&lt;OA-URL&gt;&amp;Template=&lt;Template-URL&gt;&amp;BKUSelectionTemplate=&lt;BKU-Template-URL&gt;&quot;&gt;</tt>
-</p>
-<p>
-Im Falle einer Applikation aus dem privatwirtschaftlichen Bereich (type="businessService") entf&auml;llt die Angabe des <i>Target</i> Parameters:
-</p>
-<p>
-<tt>&lt;a href="https://&lt;MOA-URL&gt;/StartAuthentication?OA=&lt;OA-URL&gt;&amp;Template=&lt;Template-URL&gt;&quot;&gt;</tt>
-</p>
-<p>
-<tt>&lt;a href="https://&lt;MOA-URL&gt;/SelectBKU?OA=&lt;OA-URL&gt;&amp;Template=&lt;Template-URL&gt;&amp;BKUSelectionTemplate=&lt;BKU-Template-URL&gt;&quot;&gt;</tt>
-</p>
-<p>Die Angabe der Parameter <tt>&quot;Template&quot;</tt> und <tt>&quot;BKUSelectionTemplate&quot;</tt> ist optional.</p>
-<% } %>
-</body>
-</html> \ No newline at end of file
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
deleted file mode 100644
index c7f86c167..000000000
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
+++ /dev/null
@@ -1,624 +0,0 @@
-///*******************************************************************************
-// * Copyright 2014 Federal Chancellery Austria
-// * MOA-ID has been developed in a cooperation between BRZ, the Federal
-// * Chancellery Austria - ICT staff unit, and Graz University of Technology.
-// *
-// * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
-// * the European Commission - subsequent versions of the EUPL (the "Licence");
-// * You may not use this work except in compliance with the Licence.
-// * You may obtain a copy of the Licence at:
-// * http://www.osor.eu/eupl/
-// *
-// * Unless required by applicable law or agreed to in writing, software
-// * distributed under the Licence is distributed on an "AS IS" basis,
-// * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// * See the Licence for the specific language governing permissions and
-// * limitations under the Licence.
-// *
-// * This product combines work with different licenses. See the "NOTICE" text
-// * file for details on the various modules and licenses.
-// * The "NOTICE" text file is part of the distribution. Any derivative works
-// * that you distribute must include a readable copy of the "NOTICE" text file.
-// *******************************************************************************/
-//package at.gv.egovernment.moa.id.entrypoints;
-//
-//import java.io.IOException;
-//import java.util.Iterator;
-//
-//import javax.servlet.ServletException;
-//import javax.servlet.http.HttpServletRequest;
-//import javax.servlet.http.HttpServletResponse;
-//
-//import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
-//import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger;
-//import at.gv.egovernment.moa.id.advancedlogging.StatisticLogger;
-//import at.gv.egovernment.moa.id.advancedlogging.TransactionIDUtils;
-//import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
-//import at.gv.egovernment.moa.id.auth.builder.AuthenticationDataBuilder;
-//import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
-//import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
-//import at.gv.egovernment.moa.id.auth.exception.InvalidProtocolRequestException;
-//import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
-//import at.gv.egovernment.moa.id.auth.exception.ProtocolNotActiveException;
-//import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
-//import at.gv.egovernment.moa.id.auth.servlet.AuthServlet;
-//import at.gv.egovernment.moa.id.config.ConfigurationException;
-//import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
-//import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
-//import at.gv.egovernment.moa.id.data.IAuthData;
-//import at.gv.egovernment.moa.id.data.SLOInformationInterface;
-//import at.gv.egovernment.moa.id.moduls.AuthenticationManager;
-//import at.gv.egovernment.moa.id.moduls.IAction;
-//import at.gv.egovernment.moa.id.moduls.IModulInfo;
-//import at.gv.egovernment.moa.id.moduls.IRequest;
-//import at.gv.egovernment.moa.id.moduls.ModulStorage;
-//import at.gv.egovernment.moa.id.moduls.NoPassivAuthenticationException;
-//import at.gv.egovernment.moa.id.moduls.RequestStorage;
-//import at.gv.egovernment.moa.id.moduls.SSOManager;
-//import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AuthnRequestValidatorException;
-//import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
-//import at.gv.egovernment.moa.id.storage.DBExceptionStoreImpl;
-//import at.gv.egovernment.moa.id.util.ErrorResponseUtils;
-//import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
-//import at.gv.egovernment.moa.id.util.Random;
-//import at.gv.egovernment.moa.id.util.legacy.LegacyHelper;
-//import at.gv.egovernment.moa.logging.Logger;
-//import at.gv.egovernment.moa.util.MiscUtil;
-//
-//public class DispatcherServlet extends AuthServlet{
-//
-// /**
-// *
-// */
-// private static final long serialVersionUID = 1L;
-//
-// public static final String PARAM_TARGET_MODULE = "mod";
-// public static final String PARAM_TARGET_ACTION = "action";
-// public static final String PARAM_TARGET_PENDINGREQUESTID = "pendingid";
-//
-//// @Override
-//// public void init(ServletConfig config) throws ServletException {
-//// try {
-//// super.init(config);
-//// MOAIDAuthInitializer.initialize();
-//// Logger.info(MOAIDMessageProvider.getInstance().getMessage(
-//// "init.00", null));
-////
-//// Logger.info("Dispatcher Servlet initialization finished.");
-////
-//// } catch (Exception ex) {
-//// Logger.fatal(
-//// MOAIDMessageProvider.getInstance().getMessage("init.02",
-//// null), ex);
-////
-//// //throw new ServletException(ex);
-////
-//// }
-////
-//// }
-//
-// protected void processRequest(HttpServletRequest req,
-// HttpServletResponse resp) throws ServletException, IOException {
-// boolean isValidSSOSession = false;
-// boolean useSSOOA = false;
-// String protocolRequestID = null;
-//
-// try {
-// Logger.debug("REQUEST: " + req.getRequestURI());
-// Logger.debug("QUERY : " + req.getQueryString());
-//
-//
-//// *** start of error handling ***
-//
-// String errorid = req.getParameter(ERROR_CODE_PARAM);
-// if (errorid != null) {
-//
-// Throwable throwable = DBExceptionStoreImpl.getStore()
-// .fetchException(errorid);
-// DBExceptionStoreImpl.getStore().removeException(errorid);
-//
-// Object idObject = req.getParameter(PARAM_TARGET_PENDINGREQUESTID);
-//
-// //Map<String, IRequest> errorRequests = RequestStorage.getPendingRequest(req.getSession());
-//
-// String pendingRequestID = null;
-// if (idObject != null && (idObject instanceof String)) {
-// pendingRequestID = (String) idObject;
-// }
-//
-// if (throwable != null) {
-//
-// IRequest errorRequest = null;
-// if (pendingRequestID != null) {
-// errorRequest = RequestStorage.getPendingRequest(pendingRequestID);
-//
-// }
-//
-// if (errorRequest != null) {
-// RequestStorage.removePendingRequest(pendingRequestID);
-// MOAReversionLogger.getInstance().logEvent(errorRequest, MOAIDEventConstants.TRANSACTION_ERROR);
-//
-// try {
-// IModulInfo handlingModule = ModulStorage
-// .getModuleByPath(errorRequest
-// .requestedModule());
-// if (handlingModule != null) {
-//
-// if (handlingModule.generateErrorMessage(
-// throwable, req, resp, errorRequest)) {
-//
-// //log Error Message
-// StatisticLogger logger = StatisticLogger.getInstance();
-// logger.logErrorOperation(throwable, errorRequest);
-//
-// //remove MOASession
-// AuthenticationSession moaSession = AuthenticationSessionStoreage.getSessionWithPendingRequestID(pendingRequestID);
-// if (moaSession != null)
-// AuthenticationManager.getInstance().performOnlyIDPLogOut(req, resp, moaSession.getSessionID());
-//
-// return;
-//
-// } else {
-// handleErrorNoRedirect(throwable.getMessage(), throwable,
-// req, resp);
-//
-// }
-// }
-//
-// } catch (Throwable e) {
-// Logger.error(e);
-// handleErrorNoRedirect(throwable.getMessage(),
-// throwable, req, resp);
-// }
-//
-// } else {
-// handleErrorNoRedirect(throwable.getMessage(), throwable,
-// req, resp);
-// }
-//
-// } else
-// handleErrorNoRedirect(MOAIDMessageProvider.getInstance().getMessage("auth.26", null),
-// null, req, resp);
-//
-// return;
-// }
-//
-//// *** end of error handling ***
-//
-//
-//// *** start of protocol specific stuff ***
-//
-// Object moduleObject = req.getParameter(PARAM_TARGET_MODULE);
-// String module = null;
-// if (moduleObject != null && (moduleObject instanceof String)) {
-// module = (String) moduleObject;
-// }
-//
-// if (module == null) {
-// module = (String) req.getAttribute(PARAM_TARGET_MODULE);
-// }
-//
-// Object actionObject = req.getParameter(PARAM_TARGET_ACTION);
-// String action = null;
-// if (actionObject != null && (actionObject instanceof String)) {
-// action = (String) actionObject;
-// }
-//
-// if (action == null) {
-// action = req.getParameter(PARAM_TARGET_ACTION);
-// }
-//
-// Logger.debug("dispatching to " + module + " protocol " + action);
-//
-// IModulInfo info = ModulStorage.getModuleByPath(module);
-//
-// IAction moduleAction = null;
-//
-// if (info == null) {
-//
-// Iterator<IModulInfo> modules = ModulStorage.getAllModules()
-// .iterator();
-// while (modules.hasNext()) {
-// info = modules.next();
-// moduleAction = info.canHandleRequest(req, resp);
-// if (moduleAction != null) {
-// action = moduleAction.getDefaultActionName();
-// module = info.getPath();
-// break;
-// }
-// info = null;
-// }
-//
-// if (moduleAction == null) {
-// resp.sendError(HttpServletResponse.SC_NOT_FOUND);
-// Logger.error("Protocol " + module
-// + " has no module registered");
-// return;
-// }
-// }
-//
-// if (moduleAction == null) {
-// moduleAction = info.getAction(action);
-//
-// if (moduleAction == null) {
-// resp.sendError(HttpServletResponse.SC_NOT_FOUND);
-// Logger.error("Action " + action + " is not available!");
-// return;
-// }
-// }
-//
-// //get SSO Cookie for Request
-// SSOManager ssomanager = SSOManager.getInstance();
-// String ssoId = ssomanager.getSSOSessionID(req);
-//
-// IRequest protocolRequest = null;
-// String uniqueSessionIdentifier = null;
-//
-// try {
-// Object idObject = req.getParameter(PARAM_TARGET_PENDINGREQUESTID);
-//
-// if (idObject != null && (idObject instanceof String)) {
-//
-// protocolRequestID = (String) idObject;
-// protocolRequest = RequestStorage.getPendingRequest(protocolRequestID);
-//
-// //get IRequest if it exits
-// if (protocolRequest != null) {
-// Logger.debug(DispatcherServlet.class.getName()+": Found PendingRequest with ID " + protocolRequestID);
-//
-// } else {
-// Logger.error("No PendingRequest with ID " + protocolRequestID + " found.!");
-// handleErrorNoRedirect("Während des Anmeldevorgangs ist ein Fehler aufgetreten. Bitte versuchen Sie es noch einmal.",
-// null, req, resp);
-// return;
-// }
-// } else {
-// try {
-//
-// //load unique session identifier with SSO-sessionID
-// uniqueSessionIdentifier = ssomanager.getUniqueSessionIdentifier(ssoId);
-// if (MiscUtil.isEmpty(uniqueSessionIdentifier))
-// uniqueSessionIdentifier = Random.nextRandom();
-// TransactionIDUtils.setSessionId(uniqueSessionIdentifier);
-//
-// //set transactionID to Logger
-// protocolRequestID = Random.nextRandom();
-// TransactionIDUtils.setTransactionId(protocolRequestID);
-//
-// //log information for security and process reversion
-// MOAReversionLogger.getInstance().logEvent(MOAIDEventConstants.SESSION_CREATED, uniqueSessionIdentifier);
-// MOAReversionLogger.getInstance().logEvent(MOAIDEventConstants.TRANSACTION_CREATED, protocolRequestID);
-// MOAReversionLogger.getInstance().logEvent(uniqueSessionIdentifier, protocolRequestID, MOAIDEventConstants.TRANSACTION_IP, req.getRemoteAddr());
-//
-// protocolRequest = info.preProcess(req, resp, action, uniqueSessionIdentifier, protocolRequestID);
-//
-// //request is a valid interfederation response
-// if (protocolRequest != null &&
-// protocolRequest.getInterfederationResponse() != null ) {
-// Logger.debug("Create new interfederated MOA-Session and add to HTTPRequest");
-//
-// //reload SP protocol implementation
-// info = ModulStorage.getModuleByPath(protocolRequest.requestedModule());
-// moduleAction = info.getAction(protocolRequest.requestedAction());
-//
-// //create interfederated MOASession
-// String sessionID =
-// AuthenticationSessionStoreage.createInterfederatedSession(protocolRequest, true, ssoId);
-// req.getParameterMap().put(MOAIDAuthConstants.PARAM_SESSIONID, new String[]{ sessionID });
-//
-// Logger.info("PreProcessing of SSO interfederation response complete. ");
-//
-// //request is a not valid interfederation response
-// } else if (protocolRequest != null &&
-// MiscUtil.isNotEmpty(protocolRequest.getRequestID())) {
-//
-// OAAuthParameter oaParams = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(protocolRequest.getOAURL());
-// if (!oaParams.isPerformLocalAuthenticationOnInterfederationError()) {
-// // -> send end error to service provider
-// Logger.info("Federated authentication for entity " + protocolRequest.getOAURL()
-// + " FAILED. Sending error message to service provider.");
-// MOAIDException e = new MOAIDException("auth.27", new Object[]{});
-// IModulInfo requestedModul = ModulStorage.getModuleByPath(protocolRequest.requestedModule());
-// if (!requestedModul.generateErrorMessage(e, req, resp, protocolRequest))
-// handleErrorNoRedirect(e.getMessage(), e, req,
-// resp);
-//
-// return;
-//
-// } else
-// //-> Restart local authentication
-// Logger.info("Restart authentication with stored " + protocolRequest.requestedModule()
-// + " AuthnRequest for OnlineApplication " + protocolRequest.getOAURL());
-//
-// //request is a new authentication request
-// } else if (protocolRequest != null &&
-// MiscUtil.isEmpty(protocolRequest.getRequestID())) {
-// //Start new Authentication
-// protocolRequest.setModule(module);
-//
-// //if preProcessing has not set a specific action from decoded request
-// // then set the default action
-// if (MiscUtil.isEmpty(protocolRequest.requestedAction()))
-// protocolRequest.setAction(action);
-// else
-// moduleAction = info.getAction(protocolRequest.requestedAction());
-//
-// protocolRequest.setRequestID(protocolRequestID);
-// protocolRequest.setSessionIdentifier(uniqueSessionIdentifier);
-// RequestStorage.setPendingRequest(protocolRequest);
-// Logger.debug(DispatcherServlet.class.getName()+": Create PendingRequest with ID " + protocolRequestID + ".");
-//
-//
-// } else {
-// Logger.error("Failed to generate a valid protocol request!");
-// resp.setContentType("text/html;charset=UTF-8");
-// resp.sendError(HttpServletResponse.SC_BAD_REQUEST, "NO valid protocol request received!");
-// return;
-//
-// }
-//
-// } catch (ProtocolNotActiveException e) {
-// resp.getWriter().write(e.getMessage());
-// resp.setContentType("text/html;charset=UTF-8");
-// resp.sendError(HttpServletResponse.SC_FORBIDDEN, e.getMessage());
-// return;
-//
-// } catch (AuthnRequestValidatorException e) {
-// //log Error Message
-// StatisticLogger logger = StatisticLogger.getInstance();
-// logger.logErrorOperation(e, e.getErrorRequest());
-//
-// //TODO: maybe add some error message handling???
-//
-// return;
-//
-// }catch (InvalidProtocolRequestException e) {
-// ErrorResponseUtils utils = ErrorResponseUtils.getInstance();
-// String code = utils.mapInternalErrorToExternalError(e.getMessageId());
-// String descr = e.getMessage();
-// Logger.error("Protocol validation FAILED!");
-// resp.setContentType("text/html;charset=UTF-8");
-// resp.sendError(HttpServletResponse.SC_BAD_REQUEST, "Protocol validation FAILED!" +
-// "(Errorcode=" + code +
-// " | Description=" + descr + ")");
-// return;
-// } catch (ConfigurationException e) {
-// resp.setContentType("text/html;charset=UTF-8");
-// resp.sendError(HttpServletResponse.SC_BAD_REQUEST, "NO valid protocol request received!" +
-// "(Errorcode=9199"
-// +" | Description="+ e.getMessage() + ")");
-// return;
-//
-// } catch (MOAIDException e) {
-// Logger.error("Failed to generate a valid protocol request!");
-// resp.setContentType("text/html;charset=UTF-8");
-// resp.sendError(HttpServletResponse.SC_BAD_REQUEST, "NO valid protocol request received!" +
-// "(Errorcode=6000"
-// +" | Description=Das Authentifizierungsprotokoll wurde nicht erkannt oder wird nicht unterst\u00FCzt" + ")");
-// return;
-//
-// }
-// }
-//
-//// *** end of protocol specific stuff ***
-//
-// if (protocolRequest != null)
-// MOAReversionLogger.getInstance().logEvent(protocolRequest.getOnlineApplicationConfiguration(),
-// protocolRequest, MOAIDEventConstants.AUTHPROTOCOL_TYPE, protocolRequest.requestedModule());
-//
-//// *** start handling authentication ***
-//
-// AuthenticationManager authmanager = AuthenticationManager.getInstance();
-//
-// String moasessionID = null;
-// String newSSOSessionId = null;
-// AuthenticationSession moasession = null;
-// IAuthData authData = null;
-//
-// boolean needAuthentication = moduleAction.needAuthentication(protocolRequest, req, resp);
-//
-// if (needAuthentication) {
-//
-// //check if interfederation IDP is requested
-// ssomanager.checkInterfederationIsRequested(req, resp, protocolRequest);
-//
-// //check SSO session
-// if (ssoId != null) {
-// String correspondingMOASession = ssomanager.existsOldSSOSession(ssoId);
-//
-// if (correspondingMOASession != null) {
-// Logger.warn("Request sends an old SSO Session ID("+ssoId+")! " +
-// "Invalidate the corresponding MOASession with ID="+ correspondingMOASession);
-//
-// MOAReversionLogger.getInstance().logEvent(protocolRequest.getOnlineApplicationConfiguration(),
-// protocolRequest, MOAIDEventConstants.AUTHPROCESS_SSO_INVALID);
-//
-// AuthenticationSessionStoreage.destroySession(correspondingMOASession);
-// ssomanager.deleteSSOSessionID(req, resp);
-// }
-// }
-//
-// //load Parameters from OnlineApplicationConfiguration
-// OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance()
-// .getOnlineApplicationParameter(protocolRequest.getOAURL());
-//
-// if (oaParam == null) {
-// throw new AuthenticationException("auth.00", new Object[] { protocolRequest.getOAURL() });
-// }
-//
-//
-// isValidSSOSession = ssomanager.isValidSSOSession(ssoId, protocolRequest);
-// useSSOOA = oaParam.useSSO() || oaParam.isInderfederationIDP();
-//
-//
-// //if a legacy request is used SSO should not be allowed, actually
-// boolean isUseMandateRequested = LegacyHelper.isUseMandateRequested(req);
-//
-// if (protocolRequest.isPassiv()
-// && protocolRequest.forceAuth()) {
-// // conflict!
-// throw new NoPassivAuthenticationException();
-// }
-//
-// boolean tryperform = authmanager.tryPerformAuthentication(
-// req, resp);
-//
-// if (tryperform)
-// MOAReversionLogger.getInstance().logEvent(protocolRequest.getOnlineApplicationConfiguration(),
-// protocolRequest, MOAIDEventConstants.AUTHPROCESS_FINISHED);
-// else
-// MOAReversionLogger.getInstance().logEvent(protocolRequest.getOnlineApplicationConfiguration(),
-// protocolRequest, MOAIDEventConstants.AUTHPROCESS_SERVICEPROVIDER, protocolRequest.getOAURL());
-//
-// if (protocolRequest.forceAuth()) {
-// if (!tryperform) {
-// authmanager.doAuthentication(req, resp,
-// protocolRequest);
-// return;
-// }
-// } else if (protocolRequest.isPassiv()) {
-// if (tryperform || (isValidSSOSession && useSSOOA && !isUseMandateRequested) ) {
-// // Passive authentication ok!
-// } else {
-// throw new NoPassivAuthenticationException();
-// }
-// } else {
-// if (tryperform || (isValidSSOSession && useSSOOA && !isUseMandateRequested) ) {
-// // Is authenticated .. proceed
-// } else {
-// // Start authentication!
-// authmanager.doAuthentication(req, resp,
-// protocolRequest);
-// return;
-// }
-// }
-//
-// if ((useSSOOA || isValidSSOSession)) //TODO: SSO with mandates requires an OVS extension
-// {
-//
-// if (useSSOOA && isValidSSOSession) {
-//
-// MOAReversionLogger.getInstance().logEvent(protocolRequest.getOnlineApplicationConfiguration(),
-// protocolRequest, MOAIDEventConstants.AUTHPROCESS_SSO);
-//
-// moasessionID = ssomanager.getMOASession(ssoId);
-// moasession = AuthenticationSessionStoreage.getSession(moasessionID);
-//
-// //use new OAParameter
-// if (oaParam.useSSOQuestion() && !AuthenticationSessionStoreage.isAuthenticated(moasessionID)) {
-// authmanager.sendTransmitAssertionQuestion(req, resp, protocolRequest, oaParam);
-// return;
-// }
-//
-// } else {
-// moasessionID = (String) req.getParameter(MOAIDAuthConstants.PARAM_SESSIONID);
-// moasession = AuthenticationSessionStoreage.getSession(moasessionID);
-//
-// }
-// //save SSO session usage in Database
-// if (useSSOOA) {
-// newSSOSessionId = ssomanager.createSSOSessionInformations(moasessionID, protocolRequest.getOAURL());
-//
-// if (MiscUtil.isNotEmpty(newSSOSessionId)) {
-// ssomanager.setSSOSessionID(req, resp, newSSOSessionId);
-//
-// } else {
-// ssomanager.deleteSSOSessionID(req, resp);
-//
-// }
-// }
-//
-// } else {
-// moasessionID = (String) req.getParameter(MOAIDAuthConstants.PARAM_SESSIONID);
-// moasession = AuthenticationSessionStoreage.getSession(moasessionID);
-// moasessionID = AuthenticationSessionStoreage.changeSessionID(moasession);
-//
-// }
-//
-// //build authenticationdata from session information and OA configuration
-// authData = AuthenticationDataBuilder.buildAuthenticationData(protocolRequest, moasession);
-// }
-//
-//// *** end handling authentication ***
-//
-//// *** start finalizing authentication (SSO, final redirects, statistic logging etc) ***
-//
-// SLOInformationInterface assertionID = moduleAction.processRequest(protocolRequest, req, resp, authData);
-//
-// RequestStorage.removePendingRequest(protocolRequestID);
-//
-// if (needAuthentication) {
-// boolean isSSOSession = MiscUtil.isNotEmpty(newSSOSessionId) && useSSOOA;
-//
-// if ((useSSOOA || isSSOSession) //TODO: SSO with mandates requires an OVS extension
-// && !moasession.getUseMandate()) {
-//
-// try {
-// //Store OA specific SSO session information
-// AuthenticationSessionStoreage.addSSOInformation(moasessionID,
-// newSSOSessionId, assertionID, protocolRequest);
-//
-// } catch (AuthenticationException e) {
-// Logger.warn("SSO Session information can not be stored -> SSO is not enabled!");
-//
-// authmanager.performOnlyIDPLogOut(req, resp, moasessionID);
-// isSSOSession = false;
-// }
-//
-// } else {
-// authmanager.performOnlyIDPLogOut(req, resp, moasessionID);
-// }
-//
-// //Advanced statistic logging
-// StatisticLogger logger = StatisticLogger.getInstance();
-// logger.logSuccessOperation(protocolRequest, authData, isSSOSession);
-//
-// }
-//
-//// *** end finalizing authentication ***
-//
-// } catch (Throwable e) {
-// Logger.warn("An authentication error occured: ", e);;
-// // Try handle module specific, if not possible rethrow
-// if (!info.generateErrorMessage(e, req, resp, protocolRequest))
-// handleErrorNoRedirect(e.getMessage(), e, req,
-// resp);
-//
-// }
-//
-// //log transaction_destroy to reversionslog
-// MOAReversionLogger.getInstance().logEvent(MOAIDEventConstants.TRANSACTION_DESTROYED, protocolRequestID);
-//
-// } catch (WrongParametersException ex) {
-// handleWrongParameters(ex, req, resp);
-//
-// } catch (MOAIDException ex) {
-// handleError(null, ex, req, resp, protocolRequestID);
-//
-// } catch (Throwable e) {
-// handleErrorNoRedirect(e.getMessage(), e, req,
-// resp);
-// }
-//
-// finally {
-//
-//
-// TransactionIDUtils.removeTransactionId();
-// TransactionIDUtils.removeSessionId();
-// }
-//
-// Logger.debug("Clossing Dispatcher processing loop");
-// }
-//
-// @Override
-// protected void doGet(HttpServletRequest req, HttpServletResponse resp)
-// throws ServletException, IOException {
-// processRequest(req, resp);
-// }
-//
-// @Override
-// protected void doPost(HttpServletRequest req, HttpServletResponse resp)
-// throws ServletException, IOException {
-// processRequest(req, resp);
-// }
-//}