aboutsummaryrefslogtreecommitdiff
path: root/id
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2013-08-07 18:02:34 +0200
committerThomas Lenz <tlenz@iaik.tugraz.at>2013-08-07 18:02:34 +0200
commitf7c35a0214cb10cf6f7de031e9e5e73f40e4569d (patch)
tree84a4ca6b36ec52a0cc104f23893d6f1f2fbd6bdd /id
parent57297522a1e6d925e6c15b46045e94b2db3e1b25 (diff)
downloadmoa-id-spss-f7c35a0214cb10cf6f7de031e9e5e73f40e4569d.tar.gz
moa-id-spss-f7c35a0214cb10cf6f7de031e9e5e73f40e4569d.tar.bz2
moa-id-spss-f7c35a0214cb10cf6f7de031e9e5e73f40e4569d.zip
WebInterface MOAID-General finished
Diffstat (limited to 'id')
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java103
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/StringHelper.java28
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java397
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java26
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/ValidationHelper.java8
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java291
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/PVP2ContactValidator.java80
-rw-r--r--id/ConfigWebTool/src/main/resources/applicationResources_de.properties123
-rw-r--r--id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp8
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java19
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java4
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java11
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java6
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java1
-rw-r--r--id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBUtils.java6
15 files changed, 1029 insertions, 82 deletions
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java
index f03b1c057..d14e12df5 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java
@@ -38,22 +38,28 @@ import at.gv.egovernment.moa.id.configuration.data.pvp2.ContactForm;
public class GeneralMOAIDConfig {
- public static final String LINE_DELIMITER = ";\n";
+ public static final long DEFAULTTIMEOUTASSERTION = 120; //sec
+ public static final long DEFAULTTIMEOUTMOASESSIONCREATED = 1200; //sec
+ public static final long DEFAULTTIMEOUTMOASESSIONUPDATED = 2700; //sec
+
+ public static final String LINE_DELIMITER = ";";
private String szrgwURL = null;
private String alternativeSourceID = null;
private String certStoreDirectory = null;
private boolean trustmanagerrevocationcheck = false;
- private long timeoutAssertion = 120; //sec
- private long timeoutMOASessionCreated = 1200; //sec
- private long timeoutMOASessionUpdated = 2700; //sec
+ private String timeoutAssertion = String.valueOf(DEFAULTTIMEOUTASSERTION);
+ private String timeoutMOASessionCreated = String.valueOf(DEFAULTTIMEOUTMOASESSIONCREATED);
+ private String timeoutMOASessionUpdated = String.valueOf(DEFAULTTIMEOUTMOASESSIONUPDATED);
private String identityLinkSigners = "";
+ private List<String> idlSignersList = null;
private String moaspssURL = null;
private String moaspssAuthTrustProfile = null;
private String moaspssAuthTransformations = "";
+ private List<String> authTransformList = null;
private String moaspssIdlTrustProfile = null;
private String mandateURL = null;
@@ -71,6 +77,7 @@ public class GeneralMOAIDConfig {
private List<File> fileUpload = null;
private List<String> fileUploadContentType;
private List<String> fileUploadFileName;
+ private Map<String, byte[]> secLayerTransformation = null;
private String ssoTarget = null;
private String ssoFriendlyName = null;
@@ -130,11 +137,11 @@ public class GeneralMOAIDConfig {
if (timeouts != null) {
if(timeouts.getAssertion() != null)
- timeoutAssertion = timeouts.getAssertion().longValue();
+ timeoutAssertion = String.valueOf(timeouts.getAssertion().longValue());
if(timeouts.getMOASessionCreated() != null)
- timeoutMOASessionCreated = timeouts.getMOASessionCreated().longValue();
+ timeoutMOASessionCreated = String.valueOf(timeouts.getMOASessionCreated().longValue());
if(timeouts.getMOASessionUpdated() != null)
- timeoutMOASessionUpdated = timeouts.getMOASessionUpdated().longValue();
+ timeoutMOASessionUpdated = String.valueOf(timeouts.getMOASessionUpdated().longValue());
}
}
@@ -144,7 +151,7 @@ public class GeneralMOAIDConfig {
List<IdentityLinkSignersX509SubjectNameItem> idem = idlsign.getX509SubjectNameItems();
for (IdentityLinkSignersX509SubjectNameItem el : idem) {
- identityLinkSigners += el.getItem() + LINE_DELIMITER;
+ identityLinkSigners += el.getItem() + LINE_DELIMITER + "\n";
}
}
@@ -161,7 +168,7 @@ public class GeneralMOAIDConfig {
List<String> list = authblock.getVerifyTransformsInfoProfileID();
for (String el : list)
- moaspssAuthTransformations += el + LINE_DELIMITER;
+ moaspssAuthTransformations += el + LINE_DELIMITER + "\n";
}
VerifyIdentityLink idl = moaspss.getVerifyIdentityLink();
@@ -219,8 +226,9 @@ public class GeneralMOAIDConfig {
fileUploadFileName = new ArrayList<String>();
- for (TransformsInfoType el : list)
+ for (TransformsInfoType el : list) {
fileUploadFileName.add(el.getFilename());
+ }
}
SSO sso = auth.getSSO();
@@ -314,42 +322,42 @@ public class GeneralMOAIDConfig {
/**
* @return the timeoutAssertion
*/
- public long getTimeoutAssertion() {
+ public String getTimeoutAssertion() {
return timeoutAssertion;
}
/**
* @param timeoutAssertion the timeoutAssertion to set
*/
- public void setTimeoutAssertion(long timeoutAssertion) {
+ public void setTimeoutAssertion(String timeoutAssertion) {
this.timeoutAssertion = timeoutAssertion;
}
/**
* @return the timeoutMOASessionCreated
*/
- public long getTimeoutMOASessionCreated() {
+ public String getTimeoutMOASessionCreated() {
return timeoutMOASessionCreated;
}
/**
* @param timeoutMOASessionCreated the timeoutMOASessionCreated to set
*/
- public void setTimeoutMOASessionCreated(long timeoutMOASessionCreated) {
+ public void setTimeoutMOASessionCreated(String timeoutMOASessionCreated) {
this.timeoutMOASessionCreated = timeoutMOASessionCreated;
}
/**
* @return the timeoutMOASessionUpdated
*/
- public long getTimeoutMOASessionUpdated() {
+ public String getTimeoutMOASessionUpdated() {
return timeoutMOASessionUpdated;
}
/**
* @param timeoutMOASessionUpdated the timeoutMOASessionUpdated to set
*/
- public void setTimeoutMOASessionUpdated(long timeoutMOASessionUpdated) {
+ public void setTimeoutMOASessionUpdated(String timeoutMOASessionUpdated) {
this.timeoutMOASessionUpdated = timeoutMOASessionUpdated;
}
@@ -800,6 +808,69 @@ public class GeneralMOAIDConfig {
public void setChainigmodelist(Map<String, String> chainigmodelist) {
GeneralMOAIDConfig.chainigmodelist = chainigmodelist;
}
+
+ /**
+ * @return the secLayerTransformation
+ */
+ public Map<String, byte[]> getSecLayerTransformation() {
+ return secLayerTransformation;
+ }
+
+ /**
+ * @param secLayerTransformation the secLayerTransformation to set
+ */
+ public void setSecLayerTransformation(Map<String, byte[]> secLayerTransformation) {
+ this.secLayerTransformation = secLayerTransformation;
+ }
+
+ /**
+ * @return the idlSignersList
+ */
+ public List<String> getIdlSignersList() {
+ return idlSignersList;
+ }
+
+ /**
+ * @param idlSignersList the idlSignersList to set
+ */
+ public void setIdlSignersList(List<String> idlSignersList) {
+ this.idlSignersList = idlSignersList;
+ }
+
+ /**
+ * @return the authTransformList
+ */
+ public List<String> getAuthTransformList() {
+ return authTransformList;
+ }
+
+ /**
+ * @param authTransformList the authTransformList to set
+ */
+ public void setAuthTransformList(List<String> authTransformList) {
+ this.authTransformList = authTransformList;
+ }
+
+
+
+
+ public void setFileUpload(File fileUpload) {
+ if (this.fileUpload == null)
+ this.fileUpload = new ArrayList<File>();
+ this.fileUpload.add(fileUpload);
+ }
+
+ public void setFileUploadContentType(String fileUploadContentType) {
+ if (this.fileUploadContentType == null)
+ this.fileUploadContentType = new ArrayList<String>();
+ this.fileUploadContentType.add(fileUploadContentType);
+ }
+
+ public void setFileUploadFileName(String fileUploadFileName) {
+ if (this.fileUploadFileName == null)
+ this.fileUploadFileName = new ArrayList<String>();
+ this.fileUploadFileName.add(fileUploadFileName);
+ }
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/StringHelper.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/StringHelper.java
new file mode 100644
index 000000000..8abb0be86
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/StringHelper.java
@@ -0,0 +1,28 @@
+package at.gv.egovernment.moa.id.configuration.helper;
+
+public class StringHelper {
+
+ public static String formatText(String strGivenText)
+ {
+ StringBuffer sbFormattedText = new StringBuffer(strGivenText);
+
+ for(int i=0; i<sbFormattedText.length(); i++)
+ {
+ if(sbFormattedText.charAt(i) == '\n') {
+ sbFormattedText.deleteCharAt(i);
+ i--;
+ }
+
+ if(sbFormattedText.charAt(i) == '\r') {
+ sbFormattedText.deleteCharAt(i);
+ i--;
+ }
+
+ if(sbFormattedText.charAt(i) == '\t') {
+ sbFormattedText.deleteCharAt(i);
+ i--;
+ }
+ }
+ return sbFormattedText.toString();
+ }
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java
index 1cd4ecc0c..6cea7d33f 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java
@@ -1,24 +1,66 @@
package at.gv.egovernment.moa.id.configuration.struts.action;
+import java.math.BigInteger;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import org.apache.log4j.Logger;
import org.apache.struts2.interceptor.ServletRequestAware;
import org.apache.struts2.interceptor.ServletResponseAware;
import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead;
import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
+import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentGeneral;
+import at.gv.egovernment.moa.id.commons.db.dao.config.ChainingModeType;
+import at.gv.egovernment.moa.id.commons.db.dao.config.ChainingModes;
+import at.gv.egovernment.moa.id.commons.db.dao.config.ConnectionParameterClientAuthType;
+import at.gv.egovernment.moa.id.commons.db.dao.config.Contact;
+import at.gv.egovernment.moa.id.commons.db.dao.config.DefaultBKUs;
+import at.gv.egovernment.moa.id.commons.db.dao.config.ForeignIdentities;
+import at.gv.egovernment.moa.id.commons.db.dao.config.GeneralConfiguration;
+import at.gv.egovernment.moa.id.commons.db.dao.config.IdentificationNumber;
+import at.gv.egovernment.moa.id.commons.db.dao.config.IdentityLinkSigners;
+import at.gv.egovernment.moa.id.commons.db.dao.config.IdentityLinkSignersX509SubjectNameItem;
+import at.gv.egovernment.moa.id.commons.db.dao.config.LegacyAllowed;
+import at.gv.egovernment.moa.id.commons.db.dao.config.LegacyAllowedProtocolNameItem;
import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration;
+import at.gv.egovernment.moa.id.commons.db.dao.config.MOASP;
+import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineMandates;
+import at.gv.egovernment.moa.id.commons.db.dao.config.Organization;
+import at.gv.egovernment.moa.id.commons.db.dao.config.PVP2;
+import at.gv.egovernment.moa.id.commons.db.dao.config.Protocols;
+import at.gv.egovernment.moa.id.commons.db.dao.config.SLRequestTemplates;
+import at.gv.egovernment.moa.id.commons.db.dao.config.SSO;
+import at.gv.egovernment.moa.id.commons.db.dao.config.STORK;
+import at.gv.egovernment.moa.id.commons.db.dao.config.SecurityLayer;
+import at.gv.egovernment.moa.id.commons.db.dao.config.TimeOuts;
+import at.gv.egovernment.moa.id.commons.db.dao.config.TransformsInfoType;
+import at.gv.egovernment.moa.id.commons.db.dao.config.TrustAnchor;
+import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyAuthBlock;
+import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyAuthBlockVerifyTransformsInfoProfileIDItem;
+import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyIdentityLink;
+import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
import at.gv.egovernment.moa.id.configuration.Constants;
import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
import at.gv.egovernment.moa.id.configuration.data.GeneralMOAIDConfig;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
+import at.gv.egovernment.moa.id.configuration.validation.moaconfig.MOAConfigValidator;
+import at.gv.egovernment.moa.id.configuration.validation.moaconfig.PVP2ContactValidator;
+import at.gv.egovernment.moa.util.MiscUtil;
import com.opensymphony.xwork2.ActionSupport;
public class EditGeneralConfigAction extends ActionSupport
implements ServletRequestAware, ServletResponseAware {
+ private static final Logger log = Logger.getLogger(EditGeneralConfigAction.class);
+
private static final long serialVersionUID = 1L;
private HttpServletRequest request;
private HttpServletResponse response;
@@ -63,10 +105,25 @@ public class EditGeneralConfigAction extends ActionSupport
if (authUser.isAdmin()) {
+ MOAConfigValidator validator = new MOAConfigValidator();
+ List<String> errors = validator.validate(moaconfig);
+
+ if (errors.size() > 0) {
+ log.info("General MOA-ID configuration has some erros.");
+ for (String el : errors)
+ addActionError(el);
+
+ return Constants.STRUTS_ERROR_VALIDATION;
+ }
+ String error = saveFormToDatabase();
-
+ if (error != null) {
+ log.warn("General MOA-ID config can not be stored in Database");
+ addActionError(error);
+ return Constants.STRUTS_SUCCESS;
+ }
} else {
addActionError(LanguageHelper.getErrorString("errors.notallowed", request));
@@ -76,6 +133,7 @@ public class EditGeneralConfigAction extends ActionSupport
} else
return Constants.STRUTS_REAUTHENTICATE;
+ addActionMessage(LanguageHelper.getGUIString("webpages.moaconfig.save.success"));
return Constants.STRUTS_SUCCESS;
}
@@ -91,6 +149,343 @@ public class EditGeneralConfigAction extends ActionSupport
return Constants.STRUTS_SUCCESS;
}
+ private String saveFormToDatabase() {
+
+ MOAIDConfiguration oldconfig = ConfigurationDBRead.getMOAIDConfiguration();
+ AuthComponentGeneral oldauth = null;
+ if (oldconfig != null) {
+ oldauth = oldconfig.getAuthComponentGeneral();
+ }
+
+// MOAIDConfiguration dbconfig = ConfigurationDBRead.getMOAIDConfiguration();
+// if (dbconfig == null) {
+// dbconfig = new MOAIDConfiguration();
+// isnewconfig = true;
+// }
+
+ MOAIDConfiguration dbconfig = new MOAIDConfiguration();
+
+ AuthComponentGeneral dbauth = dbconfig.getAuthComponentGeneral();
+ if (dbauth == null) {
+ dbauth = new AuthComponentGeneral();
+ dbconfig.setAuthComponentGeneral(dbauth);
+ }
+
+ GeneralConfiguration dbauthgeneral = dbauth.getGeneralConfiguration();
+ if (dbauthgeneral == null) {
+ dbauthgeneral = new GeneralConfiguration();
+ dbauth.setGeneralConfiguration(dbauthgeneral);
+ }
+
+ GeneralConfiguration oldauthgeneral = null;
+ if (oldauth != null)
+ oldauthgeneral = oldauth.getGeneralConfiguration();
+
+ if (MiscUtil.isNotEmpty(moaconfig.getAlternativeSourceID()))
+ dbauthgeneral.setAlternativeSourceID(moaconfig.getAlternativeSourceID());
+ else {
+ if (oldauthgeneral != null)
+ dbauthgeneral.setAlternativeSourceID(oldauthgeneral.getAlternativeSourceID());
+ }
+
+ if (MiscUtil.isNotEmpty(moaconfig.getCertStoreDirectory()))
+ dbauthgeneral.setCertStoreDirectory(moaconfig.getCertStoreDirectory());
+
+ TimeOuts dbtimeouts = dbauthgeneral.getTimeOuts();
+ if (dbtimeouts == null) {
+ dbtimeouts = new TimeOuts();
+ dbauthgeneral.setTimeOuts(dbtimeouts);
+ }
+ if (MiscUtil.isEmpty(moaconfig.getTimeoutAssertion()))
+ dbtimeouts.setAssertion(BigInteger.valueOf(GeneralMOAIDConfig.DEFAULTTIMEOUTASSERTION));
+ else
+ dbtimeouts.setAssertion(new BigInteger(moaconfig.getTimeoutAssertion()));
+
+ if (MiscUtil.isEmpty(moaconfig.getTimeoutMOASessionCreated()))
+ dbtimeouts.setMOASessionCreated(BigInteger.valueOf(GeneralMOAIDConfig.DEFAULTTIMEOUTMOASESSIONCREATED));
+ else
+ dbtimeouts.setMOASessionCreated(new BigInteger(moaconfig.getTimeoutMOASessionCreated()));
+
+ if (MiscUtil.isEmpty(moaconfig.getTimeoutMOASessionUpdated()))
+ dbtimeouts.setMOASessionUpdated(BigInteger.valueOf(GeneralMOAIDConfig.DEFAULTTIMEOUTMOASESSIONUPDATED));
+ else
+ dbtimeouts.setMOASessionUpdated(new BigInteger(moaconfig.getTimeoutMOASessionUpdated()));
+
+ dbauthgeneral.setTrustManagerRevocationChecking(moaconfig.isTrustmanagerrevocationcheck());
+
+
+ Protocols dbprotocols = dbauth.getProtocols();
+ if (dbprotocols == null) {
+ dbprotocols = new Protocols();
+ dbauth.setProtocols(dbprotocols);
+ }
+ LegacyAllowed legprot = dbprotocols.getLegacyAllowed();
+ if (legprot == null) {
+ legprot = new LegacyAllowed();
+ dbprotocols.setLegacyAllowed(legprot);
+ }
+
+ List<String> el = new ArrayList<String>();
+ if (moaconfig.isLegacy_pvp2())
+ el.add(Constants.MOA_CONFIG_PROTOCOL_PVP2);
+ if (moaconfig.isLegacy_saml1())
+ el.add(Constants.MOA_CONFIG_PROTOCOL_SAML1);
+ legprot.setProtocolName(el);
+
+ PVP2 pvp2 = dbprotocols.getPVP2();
+ if (pvp2 == null) {
+ pvp2 = new PVP2();
+ dbprotocols.setPVP2(pvp2);
+ }
+ if (MiscUtil.isNotEmpty(moaconfig.getPvp2IssuerName()))
+ pvp2.setIssuerName(moaconfig.getPvp2IssuerName());
+ if (MiscUtil.isNotEmpty(moaconfig.getPvp2PublicUrlPrefix()))
+ pvp2.setPublicURLPrefix(moaconfig.getPvp2PublicUrlPrefix());
+
+ Organization pvp2org = pvp2.getOrganization();
+ if (pvp2org == null) {
+ pvp2org = new Organization();
+ pvp2.setOrganization(pvp2org);
+ }
+ if (MiscUtil.isNotEmpty(moaconfig.getPvp2OrgDisplayName()))
+ pvp2org.setDisplayName(moaconfig.getPvp2OrgDisplayName());
+ if (MiscUtil.isNotEmpty(moaconfig.getPvp2OrgName()))
+ pvp2org.setName(moaconfig.getPvp2OrgName());
+ if (MiscUtil.isNotEmpty(moaconfig.getPvp2OrgURL()))
+ pvp2org.setURL(moaconfig.getPvp2OrgURL());
+
+ List<Contact> pvp2cont = pvp2.getContact();
+ if (pvp2cont == null) {
+ pvp2cont = new ArrayList<Contact>();
+ pvp2.setContact(pvp2cont);
+ }
+ Contact cont = new Contact();
+ pvp2cont.add(cont);
+ if (MiscUtil.isNotEmpty(moaconfig.getPvp2Contact().getCompany()))
+ cont.setCompany(moaconfig.getPvp2Contact().getCompany());
+
+ if (MiscUtil.isNotEmpty(moaconfig.getPvp2Contact().getGivenname()))
+ cont.setGivenName(moaconfig.getPvp2Contact().getGivenname());
+
+ //TODO: change to list if required
+ if (MiscUtil.isNotEmpty(moaconfig.getPvp2Contact().getMail()))
+ cont.setMail(Arrays.asList(moaconfig.getPvp2Contact().getMail()));
+ if (MiscUtil.isNotEmpty(moaconfig.getPvp2Contact().getPhone()))
+ cont.setPhone(Arrays.asList(moaconfig.getPvp2Contact().getPhone()));
+
+ if (MiscUtil.isNotEmpty(moaconfig.getPvp2Contact().getSurname()))
+ cont.setSurName(moaconfig.getPvp2Contact().getSurname());
+ if (MiscUtil.isNotEmpty(moaconfig.getPvp2Contact().getType()))
+ cont.setType(moaconfig.getPvp2Contact().getType());
+
+ SSO dbsso = dbauth.getSSO();
+ if (dbsso == null) {
+ dbsso = new SSO();
+ dbauth.setSSO(dbsso);
+ }
+
+ if (MiscUtil.isNotEmpty(moaconfig.getSsoFriendlyName()))
+ dbsso.setFriendlyName(moaconfig.getSsoFriendlyName());
+ if (MiscUtil.isNotEmpty(moaconfig.getSsoSpecialText()))
+ dbsso.setSpecialText(moaconfig.getSsoSpecialText());
+ if (MiscUtil.isNotEmpty(moaconfig.getSsoPublicUrl()))
+ dbsso.setPublicURL(moaconfig.getSsoPublicUrl());
+
+ if (MiscUtil.isNotEmpty(moaconfig.getSsoTarget()))
+ dbsso.setTarget(moaconfig.getSsoTarget());
+
+ if (MiscUtil.isNotEmpty(moaconfig.getSsoIdentificationNumber())) {
+ IdentificationNumber ssoid = dbsso.getIdentificationNumber();
+ if (ssoid == null) {
+ ssoid = new IdentificationNumber();
+ dbsso.setIdentificationNumber(ssoid);
+ }
+ ssoid.setValue(moaconfig.getSsoIdentificationNumber());
+ }
+
+ DefaultBKUs dbbkus = dbconfig.getDefaultBKUs();
+ if (dbbkus == null) {
+ dbbkus = new DefaultBKUs();
+ dbconfig.setDefaultBKUs(dbbkus);
+ }
+
+ if (MiscUtil.isNotEmpty(moaconfig.getDefaultBKUHandy()))
+ dbbkus.setHandyBKU(moaconfig.getDefaultBKUHandy());
+
+ if (MiscUtil.isNotEmpty(moaconfig.getDefaultBKUOnline()))
+ dbbkus.setOnlineBKU(moaconfig.getDefaultBKUOnline());
+
+ if (MiscUtil.isNotEmpty(moaconfig.getDefaultBKULocal()))
+ dbbkus.setLocalBKU(moaconfig.getDefaultBKULocal());
+
+ ChainingModes dbchainingmodes = dbconfig.getChainingModes();
+ if (dbchainingmodes == null) {
+ dbchainingmodes = new ChainingModes();
+ dbconfig.setChainingModes(dbchainingmodes);
+ }
+
+ dbchainingmodes.setSystemDefaultMode(
+ ChainingModeType.fromValue(moaconfig.getDefaultchainigmode()));
+ if (oldconfig != null) {
+ ChainingModes oldchainigmodes = oldconfig.getChainingModes();
+ if (oldchainigmodes != null) {
+ List<TrustAnchor> oldtrustanchor = oldchainigmodes.getTrustAnchor();
+ if (oldtrustanchor != null) {
+ List<TrustAnchor> trustanchor = new ArrayList<TrustAnchor>();
+ for (TrustAnchor oldel : oldtrustanchor) {
+ TrustAnchor TAel = new TrustAnchor();
+ TAel.setX509IssuerName(oldel.getX509IssuerName());
+ TAel.setX509SerialNumber(oldel.getX509SerialNumber());
+ TAel.setMode(oldel.getMode());
+ trustanchor.add(TAel);
+ }
+ dbchainingmodes.setTrustAnchor(trustanchor);
+ }
+ }
+ }
+
+ IdentityLinkSigners idlsigners = dbauth.getIdentityLinkSigners();
+ if (idlsigners == null) {
+ idlsigners = new IdentityLinkSigners();
+ dbauth.setIdentityLinkSigners(idlsigners);
+ }
+ if (moaconfig.getIdlSignersList().size() > 0) {
+ idlsigners.setX509SubjectName(moaconfig.getIdlSignersList());
+ }
+
+ ForeignIdentities dbforeign = dbauth.getForeignIdentities();
+ if (dbforeign == null) {
+ dbforeign = new ForeignIdentities();
+ dbauth.setForeignIdentities(dbforeign);
+ }
+
+ if (MiscUtil.isNotEmpty(moaconfig.getSzrgwURL())) {
+ ConnectionParameterClientAuthType forcon = dbforeign.getConnectionParameter();
+ if (forcon == null) {
+ forcon = new ConnectionParameterClientAuthType();
+ dbforeign.setConnectionParameter(forcon);
+ }
+ forcon.setURL(moaconfig.getSzrgwURL());
+ }
+
+ //TODO: Set STORK Config!!!
+ if (oldauth != null) {
+ ForeignIdentities oldforeign = oldauth.getForeignIdentities();
+ if (oldforeign != null) {
+ STORK oldstork = oldforeign.getSTORK();
+ if (oldstork != null)
+ dbforeign.setSTORK(oldstork);
+ }
+ }
+
+ if (MiscUtil.isNotEmpty(moaconfig.getMandateURL())) {
+ OnlineMandates dbmandate = dbauth.getOnlineMandates();
+ if (dbmandate == null) {
+ dbmandate = new OnlineMandates();
+ dbauth.setOnlineMandates(dbmandate);
+ }
+ ConnectionParameterClientAuthType dbmandateconnection = dbmandate.getConnectionParameter();
+
+ if (dbmandateconnection == null) {
+ dbmandateconnection = new ConnectionParameterClientAuthType();
+ dbmandate.setConnectionParameter(dbmandateconnection);
+ }
+ dbmandateconnection.setURL(moaconfig.getMandateURL());
+ }
+
+ MOASP dbmoasp = dbauth.getMOASP();
+ if (dbmoasp == null) {
+ dbmoasp = new MOASP();
+ dbauth.setMOASP(dbmoasp);
+ }
+ if (MiscUtil.isNotEmpty(moaconfig.getMoaspssURL())) {
+ ConnectionParameterClientAuthType moaspcon = dbmoasp.getConnectionParameter();
+ if (moaspcon == null) {
+ moaspcon = new ConnectionParameterClientAuthType();
+ dbmoasp.setConnectionParameter(moaspcon);
+ }
+ moaspcon.setURL(moaconfig.getMoaspssURL());
+ }
+ VerifyIdentityLink moaidl = dbmoasp.getVerifyIdentityLink();
+ if (moaidl == null) {
+ moaidl = new VerifyIdentityLink();
+ dbmoasp.setVerifyIdentityLink(moaidl);
+ }
+ moaidl.setTrustProfileID(moaconfig.getMoaspssIdlTrustProfile());
+ VerifyAuthBlock moaauth = dbmoasp.getVerifyAuthBlock();
+ if (moaauth == null) {
+ moaauth = new VerifyAuthBlock();
+ dbmoasp.setVerifyAuthBlock(moaauth);
+ }
+ moaauth.setTrustProfileID(moaconfig.getMoaspssAuthTrustProfile());
+
+ moaauth.setVerifyTransformsInfoProfileID(moaconfig.getAuthTransformList());
+
+ SecurityLayer seclayertrans = dbauth.getSecurityLayer();
+ if (seclayertrans == null) {
+ seclayertrans = new SecurityLayer();
+ dbauth.setSecurityLayer(seclayertrans);
+ }
+ List<TransformsInfoType> trans = new ArrayList<TransformsInfoType>();
+ Map<String, byte[]> moatrans = moaconfig.getSecLayerTransformation();
+ if (moatrans != null) {
+ Set<String> keys = moatrans.keySet();
+ for (String key : keys) {
+ TransformsInfoType elem = new TransformsInfoType();
+ elem.setFilename(key);
+ elem.setTransformation(moatrans.get(key));
+ trans.add(elem);
+ }
+ } else {
+ if (oldauth != null) {
+ SecurityLayer oldsectrans = oldauth.getSecurityLayer();
+ if (oldsectrans != null) {
+ List<TransformsInfoType> oldtranslist = oldsectrans.getTransformsInfo();
+ for (TransformsInfoType oldel : oldtranslist) {
+ TransformsInfoType elem = new TransformsInfoType();
+ elem.setFilename(oldel.getFilename());
+ elem.setTransformation(oldel.getTransformation());
+ trans.add(elem);
+ }
+ }
+ }
+ }
+ if (trans.size() > 0)
+ seclayertrans.setTransformsInfo(trans);
+
+
+ SLRequestTemplates slrequesttempl = dbconfig.getSLRequestTemplates();
+ if (slrequesttempl == null) {
+ slrequesttempl = new SLRequestTemplates();
+ dbconfig.setSLRequestTemplates(slrequesttempl);
+ }
+ if (MiscUtil.isNotEmpty(moaconfig.getSLRequestTemplateHandy()))
+ slrequesttempl.setHandyBKU(moaconfig.getSLRequestTemplateHandy());
+ if (MiscUtil.isNotEmpty(moaconfig.getSLRequestTemplateLocal()))
+ slrequesttempl.setLocalBKU(moaconfig.getSLRequestTemplateLocal());
+ if (MiscUtil.isNotEmpty(moaconfig.getSLRequestTemplateOnline()))
+ slrequesttempl.setOnlineBKU(moaconfig.getSLRequestTemplateOnline());
+
+ if (MiscUtil.isNotEmpty(moaconfig.getTrustedCACerts()))
+ dbconfig.setTrustedCACertificates(moaconfig.getTrustedCACerts());
+
+ //save config
+ try {
+ ConfigurationDBUtils.save(dbconfig);
+
+ if (oldconfig != null)
+ ConfigurationDBUtils.delete(oldconfig);
+
+ } catch (MOADatabaseException e) {
+ log.warn("MOAID Configuration can not be stored in Database", e);
+ return LanguageHelper.getErrorString("error.db.oa.store");
+ }
+
+ ConfigurationDBUtils.closeSession();
+
+ return null;
+ }
+
public void setServletResponse(HttpServletResponse response) {
this.response = response;
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java
index a9210ad27..96918d37c 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java
@@ -87,11 +87,25 @@ ServletResponseAware {
return Constants.STRUTS_ERROR;
}
oaid = Long.valueOf(oaidobj);
-
- request.getSession().setAttribute(Constants.SESSION_OAID, oaid);
-
- OnlineApplication onlineapplication = ConfigurationDBRead.getOnlineApplication(oaid);
-
+
+ OnlineApplication onlineapplication = null;;
+ if (authUser.isAdmin())
+ onlineapplication = ConfigurationDBRead.getOnlineApplication(oaid);
+ else {
+ UserDatabase userdb = ConfigurationDBRead.getUserWithID(authUser.getUserID());
+ List<OnlineApplication> oas = userdb.getOnlineApplication();
+ for (OnlineApplication oa : oas) {
+ if (oa.getHjid() == oaid) {
+ onlineapplication = oa;
+ break;
+ }
+ }
+ if (onlineapplication == null) {
+ addActionError(LanguageHelper.getErrorString("errors.edit.oa.oaid", request));
+ return Constants.STRUTS_ERROR;
+ }
+ }
+
generalOA.parse(onlineapplication);
ssoOA.parse(onlineapplication);
saml1OA.parse(onlineapplication);
@@ -103,6 +117,8 @@ ServletResponseAware {
}
ConfigurationDBUtils.closeSession();
+
+ request.getSession().setAttribute(Constants.SESSION_OAID, oaid);
newOA = false;
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/ValidationHelper.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/ValidationHelper.java
index 6da106b85..aeac75e44 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/ValidationHelper.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/ValidationHelper.java
@@ -163,7 +163,7 @@ public class ValidationHelper {
return "; % \" ' ` , < > \\ /";
}
- public static boolean isValidIdentityLinkSigner(String param) {
+ public static boolean isNotValidIdentityLinkSigner(String param) {
if (param == null) {
return false;
}
@@ -173,15 +173,13 @@ public class ValidationHelper {
param.indexOf("'") != -1 ||
param.indexOf("?") != -1 ||
param.indexOf("`") != -1 ||
- param.indexOf(",") != -1 ||
param.indexOf("<") != -1 ||
- param.indexOf(">") != -1 ||
- param.indexOf("\\") != -1;
+ param.indexOf(">") != -1;
}
public static String getNotValidIdentityLinkSignerCharacters() {
- return "; % \" ' ` , < > \\";
+ return "; % \" ' ` < >";
}
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java
index cdd1d2c60..c41535d00 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java
@@ -1,14 +1,21 @@
package at.gv.egovernment.moa.id.configuration.validation.moaconfig;
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.IOException;
import java.util.ArrayList;
+import java.util.HashMap;
import java.util.List;
import java.util.Map;
import org.apache.log4j.Logger;
import at.gv.egovernment.moa.id.configuration.data.GeneralMOAIDConfig;
+import at.gv.egovernment.moa.id.configuration.data.pvp2.ContactForm;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
+import at.gv.egovernment.moa.id.configuration.helper.StringHelper;
import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper;
+import at.gv.egovernment.moa.util.Base64Utils;
import at.gv.egovernment.moa.util.MiscUtil;
public class MOAConfigValidator {
@@ -21,6 +28,7 @@ public class MOAConfigValidator {
log.debug("Validate general MOA configuration");
+
String check = form.getAlternativeSourceID();
if (MiscUtil.isNotEmpty(check)) {
if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
@@ -29,6 +37,31 @@ public class MOAConfigValidator {
new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
}
}
+
+ check = form.getTimeoutAssertion();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!ValidationHelper.validateNumber(check)) {
+ log.warn("Assertion Timeout is no number " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.timeouts.assertion.valid",
+ new Object[] {ValidationHelper.getNotValidOAIdentifierCharacters()} ));
+ }
+ }
+ check = form.getTimeoutMOASessionCreated();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!ValidationHelper.validateNumber(check)) {
+ log.warn("MOASessionCreated Timeout is no number " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.timeouts.moasessioncreated.valid",
+ new Object[] {ValidationHelper.getNotValidOAIdentifierCharacters()} ));
+ }
+ }
+ check = form.getTimeoutMOASessionUpdated();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!ValidationHelper.validateNumber(check)) {
+ log.warn("MOASessionUpdated Timeout is no number " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.timeouts.moasessionupdated.valid",
+ new Object[] {ValidationHelper.getNotValidOAIdentifierCharacters()} ));
+ }
+ }
check = form.getCertStoreDirectory();
if (MiscUtil.isNotEmpty(check)) {
@@ -79,14 +112,272 @@ public class MOAConfigValidator {
}
check = form.getIdentityLinkSigners();
+ List<String> idllist = new ArrayList<String>();
if (MiscUtil.isEmpty(check)) {
log.info("Empty IdentityLinkSigners");
errors.add(LanguageHelper.getErrorString("validation.general.IdentityLinkSigners.empty"));
} else {
String[] list = check.split(GeneralMOAIDConfig.LINE_DELIMITER);
+ int i = 1;
+ for(String el : list) {
+ if (ValidationHelper.isNotValidIdentityLinkSigner(el)) {
+ log.info("IdentityLinkSigners is not valid: " + el);
+ errors.add(LanguageHelper.getErrorString("validation.general.IdentityLinkSigners.valid",
+ new Object[] {i, ValidationHelper.getNotValidIdentityLinkSignerCharacters()} ));
+
+ } else {
+ String elformat = StringHelper.formatText(el.trim());
+ if (MiscUtil.isNotEmpty(elformat))
+ idllist.add(elformat);
+ }
+ i++;
+ }
+ }
+ form.setIdlSignersList(idllist);
+
+ check = form.getMandateURL();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!ValidationHelper.validateURL(check)) {
+ log.info("Not valid Online-Mandate Service URL");
+ errors.add(LanguageHelper.getErrorString("validation.general.mandateservice.valid"));
+ }
+ }
+
+ check = form.getMoaspssAuthTransformations();
+ List<String> authtranslist = new ArrayList<String>();
+ if (MiscUtil.isEmpty(check)) {
+ log.info("Empty MoaspssAuthTransformation");
+ errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.transformation.empty"));
+ } else {
+ check = StringHelper.formatText(check);
+ String[] list = check.split(GeneralMOAIDConfig.LINE_DELIMITER);
+ int i=1;
for(String el : list) {
+ if (ValidationHelper.containsPotentialCSSCharacter(el, false)) {
+ log.info("IdentityLinkSigners is not valid: " + el);
+ errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.transformation.valid",
+ new Object[] {i, ValidationHelper.getPotentialCSSCharacter(false)} ));
+
+ } else {
+ if (MiscUtil.isNotEmpty(el.trim()))
+ authtranslist.add(el.trim());
+ }
+ i++;
+ }
+ }
+ form.setAuthTransformList(authtranslist);
+
+ check = form.getMoaspssAuthTrustProfile();
+ if (MiscUtil.isEmpty(check)) {
+ log.info("Empty MOA-SP/SS Authblock TrustProfile");
+ errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.empty"));
+ } else {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ log.info("Authblock TrustProfile is not valid: " +check);
+ errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.valid",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+ }
+ }
+
+ check = form.getMoaspssIdlTrustProfile();
+ if (MiscUtil.isEmpty(check)) {
+ log.info("Empty MOA-SP/SS IdentityLink TrustProfile");
+ errors.add(LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.empty"));
+ } else {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ log.info("IdentityLink TrustProfile is not valid: " +check);
+ errors.add(LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.valid",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+ }
+ }
+
+ check = form.getMoaspssURL();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!ValidationHelper.validateURL(check)) {
+ log.info("Not valid MOA-SP/SS Service URL");
+ errors.add(LanguageHelper.getErrorString("validation.general.moaspss.url.valid"));
+ }
+ }
+
+ check = form.getPvp2IssuerName();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ log.info("PVP2 IssuerName is not valid: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.issuername.valid",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+ }
+ }
+
+ check = form.getPvp2OrgDisplayName();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ log.info("PVP2 organisation display name is not valid: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.org.displayname.valid",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+ }
+ }
+
+ check = form.getPvp2OrgName();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ log.info("PVP2 organisation name is not valid: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.org.name.valid",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+ }
+ }
+
+ check = form.getPvp2OrgURL();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!ValidationHelper.validateURL(check)) {
+ log.info("PVP2 organisation URL is not valid");
+ errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.org.url.valid"));
+ }
+ }
+
+ check = form.getPvp2PublicUrlPrefix();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!ValidationHelper.validateURL(check)) {
+ log.info("PVP2 Service URL is not valid");
+ errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.serviceurl.valid"));
+ }
+ }
+
+ check = form.getSLRequestTemplateHandy();
+ if (MiscUtil.isEmpty(check)) {
+ log.info("Empty SLRequestTemplate Handy-BKU");
+ errors.add(LanguageHelper.getErrorString("validation.general.slrequest.handy.empty"));
+ } else {
+ if (!ValidationHelper.validateURL(check)) {
+ log.info("SLRequestTemplate Handy-BKU is not valid");
+ errors.add(LanguageHelper.getErrorString("validation.general.slrequest.handy.valid"));
+ }
+ }
+
+ check = form.getSLRequestTemplateLocal();
+ if (MiscUtil.isEmpty(check)) {
+ log.info("Empty SLRequestTemplate local BKU");
+ errors.add(LanguageHelper.getErrorString("validation.general.slrequest.local.empty"));
+ } else {
+ if (!ValidationHelper.validateURL(check)) {
+ log.info("SLRequestTemplate local BKU is not valid");
+ errors.add(LanguageHelper.getErrorString("validation.general.slrequest.local.valid"));
+ }
+ }
+
+ check = form.getSLRequestTemplateOnline();
+ if (MiscUtil.isEmpty(check)) {
+ log.info("Empty SLRequestTemplate Online-BKU");
+ errors.add(LanguageHelper.getErrorString("validation.general.slrequest.online.empty"));
+ } else {
+ if (!ValidationHelper.validateURL(check)) {
+ log.info("SLRequestTemplate Online-BKU is not valid");
+ errors.add(LanguageHelper.getErrorString("validation.general.slrequest.online.valid"));
+ }
+ }
+
+ check = form.getSsoFriendlyName();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ log.info("SSO friendlyname is not valid: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.sso.friendlyname.valid",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+ }
+ }
+
+ check = form.getSsoIdentificationNumber();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ log.info("SSO IdentificationNumber is not valid: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.sso.identificationnumber.valid",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+ }
+ }
+
+ check = form.getSsoPublicUrl();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!ValidationHelper.validateURL(check)) {
+ log.info("SSO Public URL is not valid");
+ errors.add(LanguageHelper.getErrorString("validation.general.sso.publicurl.valid"));
+ }
+ }
+
+ check = form.getSsoSpecialText();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, true)) {
+ log.info("SSO SpecialText is not valid: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.sso.specialauthtext.valid",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(true)} ));
+ }
+ }
+
+ check = form.getSsoTarget();
+ if (MiscUtil.isEmpty(check)) {
+ log.info("Empty SSO Target");
+ errors.add(LanguageHelper.getErrorString("validation.general.sso.target.empty"));
+
+ } else {
+ if (!ValidationHelper.isValidTarget(check)) {
+ log.info("Not valid SSO Target");
+ errors.add(LanguageHelper.getErrorString("validation.general.sso.target.valid"));
+ }
+ }
+
+ check = form.getSzrgwURL();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!ValidationHelper.validateURL(check)) {
+ log.info("SZRGW URL is not valid");
+ errors.add(LanguageHelper.getErrorString("validation.general.szrgw.url.valid"));
+ }
+ }
+
+ check = form.getTrustedCACerts();
+ if (MiscUtil.isEmpty(check)) {
+ log.info("Empty TrustCACerts Directory");
+ errors.add(LanguageHelper.getErrorString("validation.general.trustedcacerts.empty"));
+
+ } else {
+ if (ValidationHelper.isNotValidIdentityLinkSigner(check)) {
+ log.info("Not valid TrustCACerts Directory");
+ errors.add(LanguageHelper.getErrorString("validation.general.trustedcacerts.valid",
+ new Object[] {ValidationHelper.getNotValidOAIdentifierCharacters()} ));
+ }
+ }
+
+
+
+ if (form.getFileUploadFileName() != null) {
+ HashMap<String, byte[]> map = new HashMap<String, byte[]>();
+ for (int i=0; i<form.getFileUploadFileName().size(); i++) {
+ String filename = form.getFileUploadFileName().get(i);
+ if (MiscUtil.isNotEmpty(filename)) {
+ if (ValidationHelper.containsPotentialCSSCharacter(filename, false)) {
+ log.info("SL Transformation Filename is not valid");
+ errors.add(LanguageHelper.getErrorString("validation.general.slrequest.filename.valid"));
+
+ } else {
+ try {
+ File file = form.getFileUpload().get(i);
+ FileInputStream stream = new FileInputStream(file);
+ map.put(filename, Base64Utils.encode(stream).getBytes("UTF-8"));
+
+ } catch (IOException e) {
+ log.info("SecurtiyLayerTransformation with FileName "
+ + filename +" can not be loaded." , e);
+ errors.add(LanguageHelper.getErrorString("validation.general.slrequest.file.valid",
+ new Object[] {filename} ));
+ }
+ }
+ }
}
+ form.setSecLayerTransformation(map);
+ }
+
+
+ ContactForm contact = form.getPvp2Contact();
+ if (contact != null) {
+ PVP2ContactValidator pvp2validator = new PVP2ContactValidator();
+ errors.addAll(pvp2validator.validate(contact));
}
return errors;
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/PVP2ContactValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/PVP2ContactValidator.java
new file mode 100644
index 000000000..6ab4f5292
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/PVP2ContactValidator.java
@@ -0,0 +1,80 @@
+package at.gv.egovernment.moa.id.configuration.validation.moaconfig;
+
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.List;
+
+import org.apache.log4j.Logger;
+
+import at.gv.egovernment.moa.id.commons.db.dao.config.Contact;
+import at.gv.egovernment.moa.id.configuration.data.pvp2.ContactForm;
+import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
+import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+
+public class PVP2ContactValidator {
+
+ public static final List<String> AllowedTypes= Arrays.asList(
+ "technical",
+ "support",
+ "administrative",
+ "billing",
+ "other");
+
+ private static final Logger log = Logger.getLogger(PVP2ContactValidator.class);
+
+ public List<String >validate(ContactForm contact) {
+ List<String> errors = new ArrayList<String>();
+
+ String check = contact.getCompany();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ log.info("PVP2 Contact: Company is not valid: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.company.valid",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+ }
+ }
+
+ check = contact.getGivenname();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ log.info("PVP2 Contact: GivenName is not valid: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.givenname.valid",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+ }
+ }
+
+ check = contact.getSurname();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ log.info("PVP2 Contact: SureName is not valid: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.surename.valid",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+ }
+ }
+
+ check = contact.getType();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!AllowedTypes.contains(check)) {
+ errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.type.valid"));
+ }
+ }
+
+ check = contact.getMail();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!ValidationHelper.isEmailAddressFormat(check)) {
+ errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.mail.valid"));
+ }
+ }
+
+ check = contact.getPhone();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.phone.valid"));
+ }
+ }
+
+ return errors;
+ }
+}
diff --git a/id/ConfigWebTool/src/main/resources/applicationResources_de.properties b/id/ConfigWebTool/src/main/resources/applicationResources_de.properties
index d0b6b6058..00825c15c 100644
--- a/id/ConfigWebTool/src/main/resources/applicationResources_de.properties
+++ b/id/ConfigWebTool/src/main/resources/applicationResources_de.properties
@@ -7,14 +7,15 @@ config.03=Hibernate Database connector can not be initialized
error.title=Fehler:
errors.listOAs.noOA=Es wurden keine Online-Applikationen in der Datenbank gefunden.
-errors.edit.oa.oaid=Es wurde keine g\u00fctige Onlineapplikations ID \u00fcbergeben.
+errors.edit.oa.oaid=Es wurde keine g\u00FCtige Onlineapplikations ID \u00FCbergeben.
+errors.edit.oa.oaid.allowed=Sie besitzen nicht die ben\u00f6tigen Rechte um auf diese Online-Applikation zuzugreifen.
error.oa.pvp2.certificate=Das hinterlegte PVP2 Zertifikat konnte nicht gelesen werden.
error.db.oa.store=Die Konfigruation konnte nicht in der Datenbank gespeichert werden.
-errors.notallowed=Sie besitzen nicht die n\u00f6tigen Rechte um diese Funktion zu benutzen.
+errors.notallowed=Sie besitzen nicht die n\u00F6tigen Rechte um diese Funktion zu benutzen.
webpages.error.header=Es ist ein Fehler aufgetreten
webpages.index.header=Willkommen beim MOA-ID 2.x Configuration Tool
-webpages.index.desciption.head=Um dieses Service nutzen zu k\u00f6nnen m\u00fcssen sie sich einloggen.
+webpages.index.desciption.head=Um dieses Service nutzen zu k\u00F6nnen m\u00FCssen sie sich einloggen.
webpages.mainpage.menu.oa.insert=Neue Applikation anlegen
webpages.mainpage.menu.oa.display=Meine Applikationen
@@ -24,13 +25,14 @@ webpages.mainpage.menu.general.importexport=Importieren/Exportieren
webpages.mainpage.menu.general.config.moaid=Allgemeine Konfiguration
webpages.mainpage.menu.general.usermanagement=Benutzerverwaltung
+webpages.moaconfig.save.success=Die MOA-ID Konfiguration wurde erfolgreich gespeichert.
webpages.moaconfig.header=Allgemeine Konfiguration
webpages.moaconfig.defaultbkus.header=Default BKUs
webpages.moaconfig.slrequesttemplates.header=SecurtiyLayer Request Templates
webpages.moaconfig.slrequesttemplates.local=Locale BKU
webpages.moaconfig.slrequesttemplates.handy=Handy BKU
webpages.moaconfig.slrequesttemplates.online=Online BKU
-webpages.moaconfig.certificates.header=Zertifikatspr\u00fcfung
+webpages.moaconfig.certificates.header=Zertifikatspr\u00FCfung
webpages.moaconfig.certificates.certstore=CertStoreDirecorty
webpages.moaconfig.certificates.trustmanagerrev=TrustManagerRevocationChecking
webpages.moaconfig.certificates.trustCACerts=TrustedCACertificates
@@ -62,7 +64,7 @@ webpages.moaconfig.protocols.pvp2.PublicUrlPrefix=PVP2 Service URL-Prefix
webpages.moaconfig.protocols.pvp2.IssuerName=PVP Service Name
webpages.moaconfig.protocols.pvp2.org.header=Organisation
webpages.moaconfig.protocols.pvp2.org.name=Kurzbezeichnung
-webpages.moaconfig.protocols.pvp2.org.displayname=Vollständiger Name
+webpages.moaconfig.protocols.pvp2.org.displayname=Vollst\u00e4ndiger Name
webpages.moaconfig.protocols.pvp2.org.url=URL der Organisation
webpages.moaconfig.protocols.pvp2.contact.header=Kontaktdaten
webpages.moaconfig.protocols.pvp2.contact.surename=Familienname
@@ -138,54 +140,95 @@ message.title=Meldung:
webpages.oaconfig.success=Die Online-Applikation {0} konnte erfolgreich gespeichert werden.
webpages.oaconfig.cancle=Die Bearbeitung der Online-Applikation {0} wurde abgebrochen.
-webpages.oaconfig.delete.message=Die Online-Applikation {0} wurde erfolgreich gel\u00f6scht.
-webpages.oaconfig.delete.error=Die Online-Applikation {0} konnte nicht gel\u00f6scht werden.
+webpages.oaconfig.delete.message=Die Online-Applikation {0} wurde erfolgreich gel\u00F6scht.
+webpages.oaconfig.delete.error=Die Online-Applikation {0} konnte nicht gel\u00F6scht werden.
-webpages.edit.save=\u00c4nderungen Speichern
-webpages.edit.back=Zur\u00fcck und \u00c4nderungen verwerfen
-webpages.edit.delete=Online-Applikation l\u00f6schen
+webpages.edit.save=\u00C4nderungen Speichern
+webpages.edit.back=Zur\u00FCck und \u00C4nderungen verwerfen
+webpages.edit.delete=Online-Applikation l\u00F6schen
webpages.header.info=Sie sind angemeldet als:
webpages.header.lastlogin=Letzte Anmeldung am:
-validation.general.AlternativeSourceID=Die alternatice SourceID enth\u00e4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt: {0}
+validation.general.AlternativeSourceID=Die alternatice SourceID enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
validation.general.certStoreDirectory.empty=CertStoreDirectory Feld ist leer.
-validation.general.certStoreDirectory.valid=Das ertStoreDirectory Feld enth\u00e4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt: {0}
-validation.general.Defaultchainigmode.empty=Es wurde kein DefaultChainingMode gewählt.
-validation.general.Defaultchainigmode.valid=Der DefaultChainingMode enthält einen ungültigen Wert.
-
-
-validation.general.aditionalauthblocktext=Der Zusatztext f\u00fcr den AuthBlock enth\u00e4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt: {0}
-validation.general.bku.handy.empty=Die URL f\u00fcr die Handy-BKU ist leer.
-validation.general.bku.handy.valid=Die URL f\u00fcr die Handy-BKU hat kein g\u00fcltiges Format.
-validation.general.bku.local.empty=Die URL f\u00fcr die lokale BKU ist leer.
-validation.general.bku.local.valid=Die URL f\u00fcr die locale BKU hat kein g\u00fcltiges Format.
-validation.general.bku.online.empty=Die URL f\u00fcr die Online-BKU ist leer.
-validation.general.bku.online.valid=Die URL f\u00fcr die Online-BKU hat kein g\u00fcltiges Format.
+validation.general.certStoreDirectory.valid=Das ertStoreDirectory Feld enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.Defaultchainigmode.empty=Es wurde kein DefaultChainingMode gew\u00e4hlt.
+validation.general.Defaultchainigmode.valid=Der DefaultChainingMode enth\u00e4lt einen ung\u00f6ltigen Wert.
+validation.general.IdentityLinkSigners.empty=Es wurde kein IdentityLinkSigner angegeben
+validation.general.IdentityLinkSigners.valid=Der IdentityLinkSigner in der Zeile {0} enth\u00e4lt ein ung\u00fcltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {1}
+validation.general.mandateservice.valid=Die URL zum Online-Vollmachten Service hat kein g\u00f6ltiges Format.
+validation.general.moasp.auth.transformation.empty=Die Transformation f\u00f6r den Authentfizierungsblock ist leer.
+validation.general.moasp.auth.transformation.valid=Die Transformation f\u00f6r den Authentfizierungsblock in der Zeile {0} enth\u00e4lt ein ung\u00fcltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {1}
+validation.general.moasp.auth.trustprofile.empty=Das TrustProfile zur Pr\u00f6fung des Authentfizierungsblock ist leer.
+validation.general.moasp.auth.trustprofile.valid=Das TrustProfile zur Pr\u00f6fung des Authentfizierungsblock enth\u00e4lt ein ung\u00fcltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.moasp.idl.trustprofile.empty=Das TrustProfile zur Pr\u00f6fung der Personenbindung ist leer.
+validation.general.moasp.idl.trustprofile.valid=Das TrustProfile zur Pr\u00f6fung der Personenbindung enth\u00e4lt ein ung\u00fcltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.moaspss.url.valid=Die URL zum MOA-SP/SS Service hat kein g\u00f6ltiges Format.
+validation.general.protocol.pvp2.issuername.valid=PVP2: Service Name enth\u00e4lt ein ung\u00fcltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.protocol.pvp2.org.displayname.valid=PVP2 Organisation: Vollst\u00e4ndiger Name enth\u00e4lt ein ung\u00fcltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.protocol.pvp2.org.name.valid=PVP2 Organisation: Kurzbezeichnung enth\u00e4lt ein ung\u00fcltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.protocol.pvp2.org.url.valid=PVP2 Organisation: URL hat kein g\u00f6ltiges Format.
+validation.general.protocol.pvp2.serviceurl.valid=PVP2: Service URL-Prefix hat kein g\u00f6ltiges Format.
+validation.general.protocol.pvp2.contact.company.valid=PVP2 Kontaktdaten: Der Firmenname enth\u00e4lt ein ung\u00fcltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.protocol.pvp2.contact.givenname.valid=PVP2 Kontaktdaten: Der Familienname enth\u00e4lt ein ung\u00fcltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.protocol.pvp2.contact.surename.valid=PVP2 Kontaktdaten: Der Vorname enth\u00e4lt ein ung\u00fcltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.protocol.pvp2.contact.type.valid=PVP2 Kontaktdaten: Der angegebene Kontakttyp existiert nicht.
+validation.general.protocol.pvp2.contact.mail.valid=PVP2 Kontaktdaten: Die EMail Adresse ist nicht g\u00fcltig.
+validation.general.protocol.pvp2.contact.phone.valid=PVP2 Kontaktdaten: Die Telefonnummer ist nicht g\u00fcltig.
+validation.general.timeouts.assertion.valid=Das Feld Assertion TimeOut hat keinen g\u00f6ltigen Wert.
+validation.general.timeouts.moasessioncreated.valid=Das Feld MOASessionCreated TimeOut hat keinen g\u00fcltigen Wert.
+validation.general.timeouts.moasessionupdated.valid=Das Feld MOASessionUpdated TimeOut hat keinen g\u00fcltigen Wert.
+
+validation.general.slrequest.handy.empty=Die URL zum SecurityLayer Template f\u00f6r die Handy-BKU ist leer.
+validation.general.slrequest.handy.valid=Die URL zum SecurityLayer Template f\u00f6r die Handy-BKU hat kein g\u00f6ltiges Format.
+validation.general.slrequest.local.empty=Die URL zum SecurityLayer Template f\u00f6r die locale BKU ist leer.
+validation.general.slrequest.local.valid=Die URL zum SecurityLayer Template f\u00f6r die locale BKU hat kein g\u00f6ltiges Format.
+validation.general.slrequest.online.empty=Die URL zum SecurityLayer Template f\u00f6r die Online-BKU ist leer.
+validation.general.slrequest.online.valid=Die URL zum SecurityLayer Template f\u00f6r die Online-BKU hat kein g\u00f6ltiges Format.
+validation.general.sso.friendlyname.valid=Der SSO Service Name enth\u00e4lt ein ung\u00fcltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.sso.identificationnumber.valid=Die SSO IdentificationNumber enth\u00e4lt ein ung\u00fcltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.sso.publicurl.valid=Der SSO Service URL-Prefix hat kein g\u00f6ltiges Format.
+validation.general.sso.specialauthtext.valid=Der SSO AuthBlockText enth\u00e4lt ein ung\u00fcltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.sso.target.empty=Das SSO Target Feld ist leer.
+validation.general.sso.target.valid=Das SSO Target Feld enth\u00e4lt ein ung\u00fcltiges Target.
+validation.general.szrgw.url.valid=Die URL des SZR Gateways hat kein g\u00f6ltiges Format.
+validation.general.trustedcacerts.empty=Das Feld TrustedCACertificates ist leer.
+validation.general.trustedcacerts.valid=Das Feld TrustedCACertificates enth\u00e4lt ein ung\u00fcltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.slrequest.filename.valid=Der Dateiname der angegebenen SecurtityLayer Transformation enth\u00e4lt ein ung\u00fcltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.slrequest.file.valid=Die angegebenen SecurtityLayer Transformation konnte nicht geladen werden.
+
+validation.general.aditionalauthblocktext=Der Zusatztext f\u00FCr den AuthBlock enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.bku.handy.empty=Die URL f\u00FCr die Handy-BKU ist leer.
+validation.general.bku.handy.valid=Die URL f\u00FCr die Handy-BKU hat kein g\u00FCltiges Format.
+validation.general.bku.local.empty=Die URL f\u00FCr die lokale BKU ist leer.
+validation.general.bku.local.valid=Die URL f\u00FCr die locale BKU hat kein g\u00FCltiges Format.
+validation.general.bku.online.empty=Die URL f\u00FCr die Online-BKU ist leer.
+validation.general.bku.online.valid=Die URL f\u00FCr die Online-BKU hat kein g\u00FCltiges Format.
validation.general.oafriendlyname.empty=Es wurde keine Online-Applikation angegeben.
-validation.general.oafriendlyname=Der Name der Online-Applikation enth\u00e4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt: {0}
-validation.general.keyboxidentifier.empty=Es wurde kein KeyBoxIdentifier ausgew\u00e4hlt.
-validation.general.keyboxidentifier.valid=Der KeyBoxIdentifier hat ein ung\u00fcltiges Format.
-validation.general.mandate.profiles=Die Liste von Vollmachtsprofilen enth\u00e4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt: {0}
-validation.general.target.empty=Der Target f\u00fcr die Online-Applikation ist leer.
-validation.general.target.valid=Der Target f\u00fcr die Online-Applikation hat kein g\u00fcltiges Format.
+validation.general.oafriendlyname=Der Name der Online-Applikation enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.keyboxidentifier.empty=Es wurde kein KeyBoxIdentifier ausgew\u00E4hlt.
+validation.general.keyboxidentifier.valid=Der KeyBoxIdentifier hat ein ung\u00FCltiges Format.
+validation.general.mandate.profiles=Die Liste von Vollmachtsprofilen enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.target.empty=Der Target f\u00FCr die Online-Applikation ist leer.
+validation.general.target.valid=Der Target f\u00FCr die Online-Applikation hat kein g\u00FCltiges Format.
validation.general.slversion=Die SecurtiyLayer Version ist kein Zahlenformat.
-validation.general.slversion.business=Im privatwirtschaftlichen Bereich muss die SecurityLayerversion mindestes 1.2 betragen. Die SLVersion wurde auf 1.2 ge\u00e4ndert.
-validation.general.targetfriendlyname=Der Name des Bereichs (Target) enth\u00e4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt: {0}
+validation.general.slversion.business=Im privatwirtschaftlichen Bereich muss die SecurityLayerversion mindestes 1.2 betragen. Die SLVersion wurde auf 1.2 ge\u00E4ndert.
+validation.general.targetfriendlyname=Der Name des Bereichs (Target) enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
validation.general.identificationnumber.empty=Im privatwirtschaftlichen Bereich ist eine Identifikationsnummer erforderlich.
-validation.general.identificationnumber.valid=Die Identifikationsnummer f\u00fcr den privatwirtschaftlichen Bereich enth\u00e4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt: {0}
-validation.general.identificationnumber.fa.valid=Die Firmenbuchnummer hat kein g\u00fcltiges Format.
-validation.general.oaidentifier.empty=Es wurde kein eindeutiger Identifier f\u00fcr die Online-Applikation angegeben.
-validation.general.oaidentifier.valid=Der eindeutige Identifier f\u00fcr die Online-Applikation enth\u00e4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt: {0}
-validation.general.oaidentifier.notunique=Der gew\u00e4hlte eindeutige Identifier ist bereits vorhanden. Eine Eintragung der Online-Applikation ist nicht m\u00f6glich.
+validation.general.identificationnumber.valid=Die Identifikationsnummer f\u00FCr den privatwirtschaftlichen Bereich enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.identificationnumber.fa.valid=Die Firmenbuchnummer hat kein g\u00FCltiges Format.
+validation.general.oaidentifier.empty=Es wurde kein eindeutiger Identifier f\u00FCr die Online-Applikation angegeben.
+validation.general.oaidentifier.valid=Der eindeutige Identifier f\u00FCr die Online-Applikation enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.oaidentifier.notunique=Der gew\u00E4hlte eindeutige Identifier ist bereits vorhanden. Eine Eintragung der Online-Applikation ist nicht m\u00F6glich.
validation.pvp2.metadataurl.empty=Keine Metadaten URL angegeben.
-validation.pvp2.metadataurl.valid=Die Metadaten URL wei\u00dft kein g\u00fcltiges URL Format auf.
-validation.pvp2.certificate.format=Das angegebene PVP2 Zertifikat wei\u00dft kein g\u00fcltiges Format auf.
-validation.pvp2.certificate.notfound=Kein PVP2 Zertifikat eingef\u00fcgt.
+validation.pvp2.metadataurl.valid=Die Metadaten URL wei\u00DFt kein g\u00FCltiges URL Format auf.
+validation.pvp2.certificate.format=Das angegebene PVP2 Zertifikat wei\u00DFt kein g\u00FCltiges Format auf.
+validation.pvp2.certificate.notfound=Kein PVP2 Zertifikat eingef\u00FCgt.
validation.sso.logouturl.empty=Eine URL zum Single Log-Out Service ist erforderlich.
-validation.sso.logouturl.valid=Die URL zum Single Log-Out Service wei\u00dft kein g\u00fcltiges Format auf.
+validation.sso.logouturl.valid=Die URL zum Single Log-Out Service wei\u00DFt kein g\u00FCltiges Format auf.
validation.saml1.providestammzahl=ProvideStammZahl kann nicht mit Applikationen aus dem privatwirtschaftlichen Bereich kombiniert werden.
diff --git a/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp b/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp
index b902e438d..e595978ec 100644
--- a/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp
+++ b/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp
@@ -328,9 +328,15 @@
<s:label key="webpages.moaconfig.sl.transormations.filename" value="%{fileName}"/>
<div id="pvp2_certificate_upload">
- <s:file name="fileUpload" key="webpages.moaconfig.sl.transormations.upload" cssClass="textfield_long"></s:file>
+ <s:file name="moaconfig.fileUpload" key="webpages.moaconfig.sl.transormations.upload" cssClass="textfield_long"></s:file>
</div>
</s:iterator>
+ <s:if test="moaconfig.fileUploadFileName.size() == 0">
+ <div id="pvp2_certificate_upload">
+ <s:file name="moaconfig.fileUpload" key="webpages.moaconfig.sl.transormations.upload" cssClass="textfield_long"></s:file>
+ </div>
+ </s:if>
+
</div>
<br>
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
index 192be5bbb..3fc59a78d 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
@@ -31,6 +31,7 @@ import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
+import java.math.BigInteger;
import java.net.MalformedURLException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
@@ -50,6 +51,7 @@ import javax.xml.bind.Unmarshaller;
import org.hibernate.cfg.Configuration;
+import at.gv.egovernment.moa.id.auth.AuthenticationServer;
import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead;
import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils;
@@ -425,9 +427,20 @@ public class AuthConfigurationProvider extends ConfigurationProvider {
if (auth.getGeneralConfiguration().getTimeOuts() != null) {
timeouts = new TimeOuts();
- timeouts.setAssertion(auth.getGeneralConfiguration().getTimeOuts().getAssertion());
- timeouts.setMOASessionCreated(auth.getGeneralConfiguration().getTimeOuts().getMOASessionCreated());
- timeouts.setMOASessionUpdated(auth.getGeneralConfiguration().getTimeOuts().getMOASessionUpdated());
+ if (auth.getGeneralConfiguration().getTimeOuts().getAssertion() == null)
+ timeouts.setAssertion(new BigInteger("120"));
+ else
+ timeouts.setAssertion(auth.getGeneralConfiguration().getTimeOuts().getAssertion());
+
+ if (auth.getGeneralConfiguration().getTimeOuts().getMOASessionCreated() == null)
+ timeouts.setMOASessionCreated(new BigInteger("2700"));
+ else
+ timeouts.setMOASessionCreated(auth.getGeneralConfiguration().getTimeOuts().getMOASessionCreated());
+
+ if (auth.getGeneralConfiguration().getTimeOuts().getMOASessionUpdated() == null)
+ timeouts.setMOASessionUpdated(new BigInteger("1200"));
+ else
+ timeouts.setMOASessionUpdated(auth.getGeneralConfiguration().getTimeOuts().getMOASessionUpdated());
}
}
else {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
index 19a006982..57f6ee4f1 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
@@ -222,12 +222,12 @@ public List<String> getTransformsInfos() {
return false;
}
- public boolean useSSOWithoutQuestion() {
+ public boolean useSSOQuestion() {
OASSO sso = oa_auth.getOASSO();
if (sso != null)
return sso.isAuthDataFrame();
else
- return false;
+ return true;
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java
index 7ec8c823e..0c5a50393 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java
@@ -24,6 +24,7 @@ import org.w3c.dom.Element;
import eu.stork.vidp.messages.util.SAMLUtil;
import eu.stork.vidp.messages.util.XMLUtil;
+import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentGeneral;
import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA;
import at.gv.egovernment.moa.id.commons.db.dao.config.BKUURLS;
@@ -345,8 +346,10 @@ public class BuildFromLegacyConfig {
//set OnlineApplications
OAAuthParameter[] onlineApplicationAuthParameters = builder.buildOnlineApplicationAuthParameters(defaultVerifyInfoboxParameters, moaSpIdentityLinkTrustProfileID);
- ArrayList<OnlineApplication> moa_oas = new ArrayList<OnlineApplication>();
- moaIDConfig.setOnlineApplication(moa_oas);
+
+ // ArrayList<OnlineApplication> moa_oas = new ArrayList<OnlineApplication>();
+// moaIDConfig.setOnlineApplication(moa_oas);
+
for (OAAuthParameter oa : onlineApplicationAuthParameters) {
OnlineApplication moa_oa = new OnlineApplication();
@@ -416,6 +419,7 @@ public class BuildFromLegacyConfig {
oa_auth.setOASSO(oa_sso);
oa_sso.setUseSSO(true);
oa_sso.setSingleLogOutURL("");
+ oa_sso.setAuthDataFrame(true);
//OA_SAML1
OASAML1 oa_saml1 = new OASAML1();
@@ -446,7 +450,8 @@ public class BuildFromLegacyConfig {
oa_pvp2.setCertificate(null);
}
- moa_oas.add(moa_oa);
+ //moa_oas.add(moa_oa);
+ ConfigurationDBUtils.save(moa_oa);
}
//removed from MOAID 2.0 config
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
index 83d12be87..2a28bcd15 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
@@ -403,7 +403,7 @@ public class DispatcherServlet extends AuthServlet{
moasession = AuthenticationSessionStoreage.getSession(moasessionID);
//use new OAParameter
- if (!oaParam.useSSOWithoutQuestion() && !AuthenticationSessionStoreage.isAuthenticated(moasessionID)) {
+ if (oaParam.useSSOQuestion() && !AuthenticationSessionStoreage.isAuthenticated(moasessionID)) {
authmanager.sendTransmitAssertionQuestion(req, resp, protocolRequest, oaParam);
return;
}
@@ -466,8 +466,8 @@ public class DispatcherServlet extends AuthServlet{
} catch (MOAIDException ex) {
handleError(null, ex, req, resp, protocolRequestID);
} catch (Throwable e) {
- e.printStackTrace();
- resp.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
+ handleErrorNoRedirect(e.getMessage(), null, req,
+ resp);
}
finally {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
index a63276d6e..34becbd49 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
@@ -270,6 +270,7 @@ public class PVP2XProtocol implements IModulInfo, MOAIDAuthConstants {
encoder = new RedirectBinding();
}
+ //TODO: getOAURL is maybe not a valid ErrorResponse URL
encoder.encodeRespone(request, response, samlResponse, protocolRequest.getOAURL());
return true;
}
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBUtils.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBUtils.java
index d3ee1442e..c8bacb470 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBUtils.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBUtils.java
@@ -149,7 +149,7 @@ public final class ConfigurationDBUtils {
session.persist(dbo);
tx.commit();
- session.clear();
+ //session.clear();
}
return true;
@@ -176,7 +176,7 @@ public final class ConfigurationDBUtils {
tx.commit();
- session.clear();
+ //session.clear();
}
return true;
@@ -198,7 +198,7 @@ public final class ConfigurationDBUtils {
session.remove(session.contains(dbo) ? dbo : session.merge(dbo));
tx.commit();
- session.clear();
+ //session.clear();
}
return true;