aboutsummaryrefslogtreecommitdiff
path: root/id
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2013-08-09 11:01:40 +0200
committerThomas Lenz <tlenz@iaik.tugraz.at>2013-08-09 11:01:40 +0200
commit45e170310a012dca93d5e5d4dc0b54e6b0808e95 (patch)
tree9bea65102edd41a0c9d87700bd89fdd67616dd86 /id
parent085e28a515520656a281634297d399d550eb3898 (diff)
downloadmoa-id-spss-45e170310a012dca93d5e5d4dc0b54e6b0808e95.tar.gz
moa-id-spss-45e170310a012dca93d5e5d4dc0b54e6b0808e95.tar.bz2
moa-id-spss-45e170310a012dca93d5e5d4dc0b54e6b0808e95.zip
BugFixes:
>>PVP2 Metadata: - Load OA only if Authentication is required - Load Metadata enityID from Database >>LegacyConfigParser - Solve problems if no OnlineMandate or STORK config is included - try to load DefaultBKUURLs from TrustedBKUs - if old MOA-ID 2.x config exists, use this DefaultBKUs to import OnlineApplications >> ConfigurationTool - change LayOut
Diffstat (limited to 'id')
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java14
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java2
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java71
-rw-r--r--id/ConfigWebTool/src/main/resources/applicationResources.properties2
-rw-r--r--id/ConfigWebTool/src/main/resources/struts.xml2
-rw-r--r--id/ConfigWebTool/src/main/webapp/css/index.css37
-rw-r--r--id/ConfigWebTool/src/main/webapp/jsp/snippets/footer.jsp2
-rw-r--r--id/ConfigWebTool/src/main/webapp/jsp/snippets/header_userinfos.jsp6
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java38
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java103
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java127
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java2
12 files changed, 247 insertions, 159 deletions
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java
index a58b20214..d90e6f9b1 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java
@@ -1,6 +1,7 @@
package at.gv.egovernment.moa.id.configuration.filter;
import java.io.IOException;
+import java.io.PrintWriter;
import java.util.ArrayList;
import java.util.StringTokenizer;
import java.util.regex.Pattern;
@@ -173,8 +174,19 @@ public class AuthenticationFilter implements Filter{
}
}
+ try {
+ filterchain.doFilter(req, resp);
- filterchain.doFilter(req, resp);
+ } catch (Exception e) {
+
+ String redirectURL = "./index.action";
+ HttpServletResponse httpResp = (HttpServletResponse) resp;
+ redirectURL = httpResp.encodeRedirectURL(redirectURL);
+ resp.setContentType("text/html");
+ ((HttpServletResponse) resp).setStatus(302);
+ httpResp.addHeader("Location", redirectURL);
+ log.warn("A Filter Error occurs -> Redirect to Login-Form");
+ }
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java
index 96918d37c..7be62d362 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java
@@ -178,6 +178,8 @@ ServletResponseAware {
errors.add(LanguageHelper.getErrorString("validation.general.oaidentifier.empty"));
} else {
+
+ //TODO: oaidentifier has to be a URL according to PVP2.1 specification
if (ValidationHelper.isValidOAIdentifier(oaidentifier)) {
log.warn("IdentificationNumber contains potentail XSS characters: " + oaidentifier);
errors.add(LanguageHelper.getErrorString("validation.general.oaidentifier.valid",
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java
index a8992e6b8..b683a95f9 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java
@@ -103,34 +103,42 @@ implements ServletRequestAware, ServletResponseAware {
return Constants.STRUTS_ERROR_VALIDATION;
}
log.debug("OpenSAML successfully initialized");
-
-
- MOAIDConfiguration moaconfig;
try {
- log.warn("WARNING! The legacy import deletes the hole old config");
-
- List<OnlineApplication> oas = ConfigurationDBRead.getAllOnlineApplications();
- if (oas != null && oas.size() > 0) {
- for (OnlineApplication oa : oas)
- ConfigurationDBUtils.delete(oa);
- }
+
+ MOAIDConfiguration moaidconfig = ConfigurationDBRead.getMOAIDConfiguration();
-
- moaconfig = BuildFromLegacyConfig.build(fileUpload, "");
+ MOAIDConfiguration moaconfig;
+ try {
+ log.warn("WARNING! The legacy import deletes the hole old config");
+
+ moaconfig = BuildFromLegacyConfig.build(fileUpload, "", moaidconfig);
- } catch (ConfigurationException e) {
- log.info("Legacy configuration has an Import Error", e);
- addActionError(LanguageHelper.getErrorString("errors.importexport.legacyimport", new Object[] {e.getMessage()}));
- return Constants.STRUTS_ERROR_VALIDATION;
- }
+ } catch (ConfigurationException e) {
+ log.info("Legacy configuration has an Import Error", e);
+ addActionError(LanguageHelper.getErrorString("errors.importexport.legacyimport", new Object[] {e.getMessage()}));
+ ConfigurationDBUtils.closeSession();
+ return Constants.STRUTS_ERROR_VALIDATION;
+ }
//check if XML config should be use
log.warn("WARNING! MOA-ID 2.0 is started with XML configuration. This setup overstrike the actual configuration in the Database!");
- try {
- MOAIDConfiguration moaidconfig = ConfigurationDBRead.getMOAIDConfiguration();
+
+
if (moaidconfig != null)
ConfigurationDBUtils.delete(moaidconfig);
+
+ List<OnlineApplication> oas = ConfigurationDBRead.getAllOnlineApplications();
+ if (oas != null && oas.size() > 0) {
+ for (OnlineApplication oa : oas)
+ ConfigurationDBUtils.delete(oa);
+ }
+
+ oas = moaconfig.getOnlineApplication();
+ for (OnlineApplication oa : oas)
+ ConfigurationDBUtils.save(oa);
+
+ moaconfig.setOnlineApplication(null);
ConfigurationDBUtils.save(moaconfig);
} catch (MOADatabaseException e) {
@@ -227,19 +235,7 @@ implements ServletRequestAware, ServletResponseAware {
addActionError(LanguageHelper.getErrorString("errors.importexport.nofile"));
return Constants.STRUTS_ERROR_VALIDATION;
}
-
- log.warn("WARNING! The XML import deletes the hole old config");
-
- List<OnlineApplication> oas = ConfigurationDBRead.getAllOnlineApplications();
- if (oas != null && oas.size() > 0) {
- for (OnlineApplication oa : oas)
- ConfigurationDBUtils.delete(oa);
- }
- MOAIDConfiguration moaidconfig = ConfigurationDBRead.getMOAIDConfiguration();
- if (moaidconfig != null)
- ConfigurationDBUtils.delete(moaidconfig);
-
-
+
log.info("Load configuration from MOA-ID 2.x XML configuration");
try {
@@ -247,6 +243,17 @@ implements ServletRequestAware, ServletResponseAware {
Unmarshaller m = jc.createUnmarshaller();
MOAIDConfiguration moaconfig = (MOAIDConfiguration) m.unmarshal(fileUpload);
+
+ log.warn("WARNING! The XML import deletes the hole old config");
+ List<OnlineApplication> oas = ConfigurationDBRead.getAllOnlineApplications();
+ if (oas != null && oas.size() > 0) {
+ for (OnlineApplication oa : oas)
+ ConfigurationDBUtils.delete(oa);
+ }
+ MOAIDConfiguration moaidconfig = ConfigurationDBRead.getMOAIDConfiguration();
+ if (moaidconfig != null)
+ ConfigurationDBUtils.delete(moaidconfig);
+
List<OnlineApplication> importoas = moaconfig.getOnlineApplication();
for (OnlineApplication importoa : importoas) {
ConfigurationDBUtils.saveOrUpdate(importoa);
diff --git a/id/ConfigWebTool/src/main/resources/applicationResources.properties b/id/ConfigWebTool/src/main/resources/applicationResources.properties
index 9ceaa75b3..46f591cb3 100644
--- a/id/ConfigWebTool/src/main/resources/applicationResources.properties
+++ b/id/ConfigWebTool/src/main/resources/applicationResources.properties
@@ -139,7 +139,7 @@ webpages.oaconfig.general.bku.online=Online BKU
webpages.oaconfig.general.bku.handy=Handy BKU
webpages.oaconfig.general.bku.slversion=SecurityLayer Version
webpages.oaconfig.general.bku.keyboxidentifier=KeyBoxIdentifier
-webpages.oaconfig.general.identification=Eindeutiger Identifikatior
+webpages.oaconfig.general.identification=Eindeutiger Identifikatior (PublicURLPrefix)
webpages.oaconfig.general.mandate.header=Vollmachten
webpages.oaconfig.general.mandate.profiles=Profile
webpages.oaconfig.general.friendlyname=Name der Online-Applikation
diff --git a/id/ConfigWebTool/src/main/resources/struts.xml b/id/ConfigWebTool/src/main/resources/struts.xml
index a729f5f57..3b33bffcb 100644
--- a/id/ConfigWebTool/src/main/resources/struts.xml
+++ b/id/ConfigWebTool/src/main/resources/struts.xml
@@ -29,7 +29,7 @@
<result name="success" type="redirectAction">
<param name="actionName">index</param>
<param name="namespace">/</param>
- </result>
+ </result>
<interceptor-ref name="defaultStack"/>
</action>
diff --git a/id/ConfigWebTool/src/main/webapp/css/index.css b/id/ConfigWebTool/src/main/webapp/css/index.css
index 49e9f41d1..6eeb6a4ee 100644
--- a/id/ConfigWebTool/src/main/webapp/css/index.css
+++ b/id/ConfigWebTool/src/main/webapp/css/index.css
@@ -1,9 +1,14 @@
@CHARSET "UTF-8";
#header_area {
- height: 40px;
- background-color: green;
+ padding-bottom: 10px;
+ background-color: #6FA5D4;
display: block;
+ font-size: 20px;
+ /* margin-left: 25px; */
+ padding-top: 10px;
+ padding-left: 25px;
+ border-radius: 3px;
}
#header_area>div {
@@ -26,9 +31,11 @@
margin-left: 15px;
position: relative;
padding-left: 15px;
+ padding-top: 10px;
float: left;
- background-color: gray;
-
+ /* background-color: gray; */
+ background-color: #CACACA;
+ border-radius: 5px;
}
.menu_element {
@@ -36,7 +43,8 @@
margin-bottom: 15px;
font-size: 20px;
display: block;
- background-color: red;
+/* background-color: red; */
+ background-color: #6FA5D4;
margin-right: 18px;
margin-top: 5px;
height: 30px;
@@ -165,13 +173,13 @@
padding-right: 10px;
padding-top: 3px;
text-align: right;
- width: 250px;
+ width: 300px;
}
.wwctrl {
float: left;
padding-bottom: 5px;
- padding-top: 5px;
+ padding-top: 1px;
text-align: left;
}
@@ -273,18 +281,17 @@ div .wwgrp br {
}
#footer_area {
- background-color: green;
+ background-color: #6FA5D4;
clear: both;
display: block;
- height: 40px;
+/* height: 40px; */
+ padding-bottom: 10px;
margin-top: 15px;
padding-left: 30px;
position: relative;
top: 15px;
-}
-
-#footer_area>p {
- font-size: 20px;
- text-align: center;
- padding-top: 8px;
+ font-size: 20px;
+ text-align: center;
+ padding-top: 10px;
+ border-radius: 3px;
}
diff --git a/id/ConfigWebTool/src/main/webapp/jsp/snippets/footer.jsp b/id/ConfigWebTool/src/main/webapp/jsp/snippets/footer.jsp
index a0f12eed4..3f00984f2 100644
--- a/id/ConfigWebTool/src/main/webapp/jsp/snippets/footer.jsp
+++ b/id/ConfigWebTool/src/main/webapp/jsp/snippets/footer.jsp
@@ -4,6 +4,6 @@
<html>
<div id="footer_area">
- <p>MOA-ID 2.x Configuration Tool</p>
+ MOA-ID 2.x Konfigurations-Tool
</div>
</html> \ No newline at end of file
diff --git a/id/ConfigWebTool/src/main/webapp/jsp/snippets/header_userinfos.jsp b/id/ConfigWebTool/src/main/webapp/jsp/snippets/header_userinfos.jsp
index 56fcf9681..72affde79 100644
--- a/id/ConfigWebTool/src/main/webapp/jsp/snippets/header_userinfos.jsp
+++ b/id/ConfigWebTool/src/main/webapp/jsp/snippets/header_userinfos.jsp
@@ -4,14 +4,14 @@
<html>
<div id="header_area">
- <div><%=LanguageHelper.getGUIString("webpages.header.info", request) %>
+<!-- <div> -->
+ <%=LanguageHelper.getGUIString("webpages.header.info", request) %>
<s:property value="authUser.givenName"/> <s:property value="authUser.familyName"/>,&nbsp;&nbsp;&nbsp;
<%=LanguageHelper.getGUIString("webpages.header.lastlogin", request) %> <s:property value="authUser.lastLogin"/>
<s:url action="logout" var="logoutURL" namespace="/"/>
<a id="logoutbutton" href="<s:property value="#logoutURL" />"><%=LanguageHelper.getGUIString("webpages.index.logout", request) %></a>
- </div>
+<!-- </div> -->
-
</div>
</html> \ No newline at end of file
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
index da3a79d32..f4cdeddb7 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
@@ -323,7 +323,7 @@ public class AuthConfigurationProvider extends ConfigurationProvider {
String legacyconfig = props.getProperty("configuration.xml.legacy");
String xmlconfig = props.getProperty("configuration.xml");
- String xmlconfigout = props.getProperty("configuration.xml.out");
+// String xmlconfigout = props.getProperty("configuration.xml.out");
//check if XML config should be used
@@ -344,8 +344,15 @@ public class AuthConfigurationProvider extends ConfigurationProvider {
if (MiscUtil.isNotEmpty(legacyconfig)) {
Logger.warn("WARNING! MOA-ID 2.0 is started with legacy configuration. This setup is not recommended!");
- MOAIDConfiguration moaconfig = BuildFromLegacyConfig.build(new File(legacyconfig), rootConfigFileDir);
+ MOAIDConfiguration moaconfig = BuildFromLegacyConfig.build(new File(legacyconfig), rootConfigFileDir, null);
+
+ List<OnlineApplication> oas = moaconfig.getOnlineApplication();
+ for (OnlineApplication oa : oas)
+ ConfigurationDBUtils.save(oa);
+
+ moaconfig.setOnlineApplication(null);
ConfigurationDBUtils.save(moaconfig);
+
Logger.info("Legacy Configuration load is completed.");
@@ -361,6 +368,13 @@ public class AuthConfigurationProvider extends ConfigurationProvider {
File file = new File(xmlconfig);
MOAIDConfiguration moaconfig = (MOAIDConfiguration) m.unmarshal(file);
//ConfigurationDBUtils.save(moaconfig);
+
+ List<OnlineApplication> importoas = moaconfig.getOnlineApplication();
+ for (OnlineApplication importoa : importoas) {
+ ConfigurationDBUtils.saveOrUpdate(importoa);
+ }
+
+ moaconfig.setOnlineApplication(null);
ConfigurationDBUtils.saveOrUpdate(moaconfig);
} catch (Exception e) {
@@ -375,16 +389,16 @@ public class AuthConfigurationProvider extends ConfigurationProvider {
Logger.info("MOA-ID 2.0 is loaded.");
- //TODO: only for Testing!!!
- if (MiscUtil.isNotEmpty(xmlconfigout)) {
- Logger.info("Write MOA-ID 2.x xml config into " + xmlconfig);
- JAXBContext jc = JAXBContext.newInstance("at.gv.egovernment.moa.id.commons.db.dao.config");
- Marshaller m = jc.createMarshaller();
- m.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, true);
- File test = new File(xmlconfigout);
- m.marshal(moaidconfig, test);
-
- }
+// //TODO: only for Testing!!!
+// if (MiscUtil.isNotEmpty(xmlconfigout)) {
+// Logger.info("Write MOA-ID 2.x xml config into " + xmlconfig);
+// JAXBContext jc = JAXBContext.newInstance("at.gv.egovernment.moa.id.commons.db.dao.config");
+// Marshaller m = jc.createMarshaller();
+// m.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, true);
+// File test = new File(xmlconfigout);
+// m.marshal(moaidconfig, test);
+//
+// }
//build STORK Config
AuthComponentGeneral auth = getAuthComponentGeneral();
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java
index 762669a70..c807fdc7d 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java
@@ -17,6 +17,7 @@ import java.util.Map;
import java.util.Properties;
import java.util.Set;
+import org.bouncycastle.crypto.macs.OldHMac;
import org.opensaml.saml2.metadata.RequestedAttribute;
import org.opensaml.xml.XMLObject;
import org.w3c.dom.Element;
@@ -77,12 +78,17 @@ import at.gv.egovernment.moa.id.data.IssuerAndSerial;
import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils;
import at.gv.egovernment.moa.util.Base64Utils;
import at.gv.egovernment.moa.util.DOMUtils;
+import at.gv.egovernment.moa.util.MiscUtil;
public class BuildFromLegacyConfig {
private static final String GENERIC_CONFIG_PARAM_SOURCEID = "AuthenticationServer.SourceID";
+
+ private static final String SEARCHBKUTEMPLATE_LOCAL = "https://127.0.0.1:3496/";
+ private static final String SEARCHBKUTEMPLATE_HANDY = "https://www.handy-signatur.at";
+ private static final String SEARCHBKUTEMPLATE_ONLINE = "bkuonline/http-security-layer-request";
- public static MOAIDConfiguration build(File fileName, String rootConfigFileDir) throws ConfigurationException {
+ public static MOAIDConfiguration build(File fileName, String rootConfigFileDir, MOAIDConfiguration oldconfig) throws ConfigurationException {
InputStream stream = null;
Element configElem;
ConfigurationBuilder builder;
@@ -109,6 +115,10 @@ public class BuildFromLegacyConfig {
}
try {
+ String oldbkuonline = "";
+ String oldbkulocal = "";
+ String oldbkuhandy = "";
+
// build the internal datastructures
builder = new ConfigurationBuilder(configElem, rootConfigFileDir);
@@ -309,24 +319,31 @@ public class BuildFromLegacyConfig {
}
auth_foreign_stork.setCPEPS(auth_foreign_stork_cpeps);
+
//set SAMLSigningParameter
- SAMLSigningParameter auth_foreign_stork_samlSign = new SAMLSigningParameter();
- auth_foreign_stork.setSAMLSigningParameter(auth_foreign_stork_samlSign);
-
- SignatureCreationParameterType stork_saml_creat = new SignatureCreationParameterType();
- auth_foreign_stork_samlSign.setSignatureCreationParameter(stork_saml_creat);
- KeyStore stork_saml_creat_keystore = new KeyStore();
- stork_saml_creat.setKeyStore(stork_saml_creat_keystore);
- stork_saml_creat_keystore.setPassword(storkConfig.getSignatureCreationParameter().getKeyStorePassword());
- stork_saml_creat_keystore.setValue(storkConfig.getSignatureCreationParameter().getKeyStorePath());
- KeyName stork_saml_creat_keyname = new KeyName();
- stork_saml_creat.setKeyName(stork_saml_creat_keyname);
- stork_saml_creat_keyname.setValue(storkConfig.getSignatureCreationParameter().getKeyName());
- stork_saml_creat_keyname.setPassword(storkConfig.getSignatureCreationParameter().getKeyPassword());
-
- SignatureVerificationParameterType stork_saml_verify = new SignatureVerificationParameterType();
- auth_foreign_stork_samlSign.setSignatureVerificationParameter(stork_saml_verify);
- stork_saml_verify.setTrustProfileID(storkConfig.getSignatureVerificationParameter().getTrustProfileID());
+ if (storkConfig.getSignatureCreationParameter() != null &&
+ storkConfig.getSignatureVerificationParameter() != null) {
+ SAMLSigningParameter auth_foreign_stork_samlSign = new SAMLSigningParameter();
+ auth_foreign_stork.setSAMLSigningParameter(auth_foreign_stork_samlSign);
+
+ SignatureCreationParameterType stork_saml_creat = new SignatureCreationParameterType();
+ auth_foreign_stork_samlSign.setSignatureCreationParameter(stork_saml_creat);
+ KeyStore stork_saml_creat_keystore = new KeyStore();
+ stork_saml_creat.setKeyStore(stork_saml_creat_keystore);
+ stork_saml_creat_keystore.setPassword(storkConfig.getSignatureCreationParameter().getKeyStorePassword());
+ stork_saml_creat_keystore.setValue(storkConfig.getSignatureCreationParameter().getKeyStorePath());
+ KeyName stork_saml_creat_keyname = new KeyName();
+ stork_saml_creat.setKeyName(stork_saml_creat_keyname);
+ stork_saml_creat_keyname.setValue(storkConfig.getSignatureCreationParameter().getKeyName());
+ stork_saml_creat_keyname.setPassword(storkConfig.getSignatureCreationParameter().getKeyPassword());
+
+
+
+ SignatureVerificationParameterType stork_saml_verify = new SignatureVerificationParameterType();
+ auth_foreign_stork_samlSign.setSignatureVerificationParameter(stork_saml_verify);
+ stork_saml_verify.setTrustProfileID(storkConfig.getSignatureVerificationParameter().getTrustProfileID());
+
+ }
//TODO: check correctness
//set QualityAuthenticationAssurance
@@ -335,20 +352,44 @@ public class BuildFromLegacyConfig {
//set OnlineMandates config
ConnectionParameter onlineMandatesConnectionParameter = builder.buildOnlineMandatesConnectionParameter();
- OnlineMandates auth_mandates = new OnlineMandates();
- generalAuth.setOnlineMandates(auth_mandates);
- auth_mandates.setConnectionParameter(
+ if (onlineMandatesConnectionParameter != null) {
+ OnlineMandates auth_mandates = new OnlineMandates();
+ generalAuth.setOnlineMandates(auth_mandates);
+ auth_mandates.setConnectionParameter(
parseConnectionParameterClientAuth(onlineMandatesConnectionParameter));
+ }
//TODO: add auth template configuration!!!
+
+ if (oldconfig != null) {
+ if (oldconfig.getDefaultBKUs() != null) {
+ oldbkuhandy = oldconfig.getDefaultBKUs().getHandyBKU();
+ oldbkulocal = oldconfig.getDefaultBKUs().getLocalBKU();
+ oldbkuonline = oldconfig.getDefaultBKUs().getOnlineBKU();
+ }
+ } else {
+ List<String> trustbkus = builder.getTrustedBKUs();
+ for (String trustbku : trustbkus) {
+ if (MiscUtil.isEmpty(oldbkuonline) && trustbku.endsWith(SEARCHBKUTEMPLATE_ONLINE))
+ oldbkuonline = trustbku;
+
+ if (MiscUtil.isEmpty(oldbkuhandy) && trustbku.startsWith(SEARCHBKUTEMPLATE_HANDY))
+ oldbkuhandy = trustbku;
+
+ if (MiscUtil.isEmpty(oldbkulocal) && trustbku.startsWith(SEARCHBKUTEMPLATE_LOCAL))
+ oldbkulocal = trustbku;
+ }
+
+ }
+
//set OnlineApplications
OAAuthParameter[] onlineApplicationAuthParameters = builder.buildOnlineApplicationAuthParameters(defaultVerifyInfoboxParameters, moaSpIdentityLinkTrustProfileID);
- // ArrayList<OnlineApplication> moa_oas = new ArrayList<OnlineApplication>();
-// moaIDConfig.setOnlineApplication(moa_oas);
+ ArrayList<OnlineApplication> moa_oas = new ArrayList<OnlineApplication>();
+ moaIDConfig.setOnlineApplication(moa_oas);
for (OAAuthParameter oa : onlineApplicationAuthParameters) {
OnlineApplication moa_oa = new OnlineApplication();
@@ -375,9 +416,9 @@ public class BuildFromLegacyConfig {
//BKUURLs
BKUURLS bkuurls = new BKUURLS();
- bkuurls.setOnlineBKU("https://labda.iaik.tugraz.at:8843/bkuonline/https-security-layer-request");
- bkuurls.setHandyBKU("https://www.handy-signatur.at/mobile/https-security-layer-request/default.aspx");
- bkuurls.setLocalBKU("https://127.0.0.1:3496/https-security-layer-request");
+ bkuurls.setOnlineBKU(oldbkuonline);
+ bkuurls.setHandyBKU(oldbkuhandy);
+ bkuurls.setLocalBKU(oldbkulocal);
oa_auth.setBKUURLS(bkuurls);
//IdentificationNumber
@@ -451,8 +492,8 @@ public class BuildFromLegacyConfig {
// oa_pvp2.setCertificate(null);
// }
- //moa_oas.add(moa_oa);
- ConfigurationDBUtils.save(moa_oa);
+ moa_oas.add(moa_oa);
+ //ConfigurationDBUtils.save(moa_oa);
}
//removed from MOAID 2.0 config
@@ -498,9 +539,9 @@ public class BuildFromLegacyConfig {
//set DefaultBKUs
DefaultBKUs moa_defaultbkus = new DefaultBKUs();
moaIDConfig.setDefaultBKUs(moa_defaultbkus);
- moa_defaultbkus.setOnlineBKU("https://labda.iaik.tugraz.at:8843/bkuonline/https-security-layer-request");
- moa_defaultbkus.setHandyBKU("https://www.handy-signatur.at/mobile/https-security-layer-request/default.aspx");
- moa_defaultbkus.setLocalBKU("https://127.0.0.1:3496/https-security-layer-request");
+ moa_defaultbkus.setOnlineBKU(oldbkuonline);
+ moa_defaultbkus.setHandyBKU(oldbkuhandy);
+ moa_defaultbkus.setLocalBKU(oldbkulocal);
//set SLRequest Templates
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
index 2a28bcd15..604077844 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
@@ -315,27 +315,21 @@ public class DispatcherServlet extends AuthServlet{
}
}
-
-
-
- //load Parameters from OnlineApplicationConfiguration
- OAAuthParameter oaParam = AuthConfigurationProvider.getInstance()
- .getOnlineApplicationParameter(protocolRequest.getOAURL());
-
- if (oaParam == null) {
- throw new AuthenticationException("auth.00", new Object[] { protocolRequest.getOAURL() });
- }
RequestStorage.setPendingRequest(httpSession, protocolRequests);
- AuthenticationManager authmanager = AuthenticationManager.getInstance();
-
+ AuthenticationManager authmanager = AuthenticationManager.getInstance();
SSOManager ssomanager = SSOManager.getInstance();
+ String moasessionID = null;
+ AuthenticationSession moasession = null;
+
//get SSO Cookie for Request
String ssoId = ssomanager.getSSOSessionID(req);
-
- if (moduleAction.needAuthentication(protocolRequest, req, resp)) {
+
+ boolean needAuthentication = moduleAction.needAuthentication(protocolRequest, req, resp);
+
+ if (needAuthentication) {
//check SSO session
if (ssoId != null) {
@@ -349,6 +343,15 @@ public class DispatcherServlet extends AuthServlet{
ssomanager.deleteSSOSessionID(req, resp);
}
}
+
+ //load Parameters from OnlineApplicationConfiguration
+ OAAuthParameter oaParam = AuthConfigurationProvider.getInstance()
+ .getOnlineApplicationParameter(protocolRequest.getOAURL());
+
+ if (oaParam == null) {
+ throw new AuthenticationException("auth.00", new Object[] { protocolRequest.getOAURL() });
+ }
+
isValidSSOSession = ssomanager.isValidSSOSession(ssoId, req);
useSSOOA = oaParam.useSSO();
@@ -387,72 +390,74 @@ public class DispatcherServlet extends AuthServlet{
return;
}
}
-
- }
-
- String moasessionID = null;
- AuthenticationSession moasession = null;
-
- if ((useSSOOA || isValidSSOSession)) //TODO: SSO with mandates requires an OVS extension
- {
-
- //TODO SSO Question!!!!
- if (useSSOOA && isValidSSOSession) {
- moasessionID = ssomanager.getMOASession(ssoId);
- moasession = AuthenticationSessionStoreage.getSession(moasessionID);
+
+ if ((useSSOOA || isValidSSOSession)) //TODO: SSO with mandates requires an OVS extension
+ {
+
+ //TODO SSO Question!!!!
+ if (useSSOOA && isValidSSOSession) {
- //use new OAParameter
- if (oaParam.useSSOQuestion() && !AuthenticationSessionStoreage.isAuthenticated(moasessionID)) {
- authmanager.sendTransmitAssertionQuestion(req, resp, protocolRequest, oaParam);
- return;
- }
- }
- else {
+ moasessionID = ssomanager.getMOASession(ssoId);
+ moasession = AuthenticationSessionStoreage.getSession(moasessionID);
+
+ //use new OAParameter
+ if (oaParam.useSSOQuestion() && !AuthenticationSessionStoreage.isAuthenticated(moasessionID)) {
+ authmanager.sendTransmitAssertionQuestion(req, resp, protocolRequest, oaParam);
+ return;
+ }
+ }
+ else {
+
+ //TODO: maybe transmit moasessionID with http GET to handle more then one PendingRequest!
+ moasessionID = (String) req.getParameter(PARAM_SESSIONID);
+
+// moasessionID = HTTPSessionUtils.getHTTPSessionString(req.getSession(),
+// AuthenticationManager.MOA_SESSION, null);
+
+ moasession = AuthenticationSessionStoreage.getSession(moasessionID);
+ }
- //TODO: maybe transmit moasessionID with http GET to handle more then one PendingRequest!
- moasessionID = (String) req.getParameter(PARAM_SESSIONID);
+ //save SSO session usage in Database
+ String newSSOSessionId = ssomanager.storeSSOSessionInformations(moasessionID, protocolRequest.getOAURL());
+
+ if (newSSOSessionId != null) {
+ ssomanager.setSSOSessionID(req, resp, newSSOSessionId);
+ } else {
+ ssomanager.deleteSSOSessionID(req, resp);
+ }
+
+ } else {
// moasessionID = HTTPSessionUtils.getHTTPSessionString(req.getSession(),
-// AuthenticationManager.MOA_SESSION, null);
+// AuthenticationManager.MOA_SESSION, null);
+
+ moasessionID = (String) req.getParameter(PARAM_SESSIONID);
moasession = AuthenticationSessionStoreage.getSession(moasessionID);
}
+
- //save SSO session usage in Database
- String newSSOSessionId = ssomanager.storeSSOSessionInformations(moasessionID, protocolRequest.getOAURL());
-
- if (newSSOSessionId != null) {
- ssomanager.setSSOSessionID(req, resp, newSSOSessionId);
-
- } else {
- ssomanager.deleteSSOSessionID(req, resp);
- }
-
- } else {
-// moasessionID = HTTPSessionUtils.getHTTPSessionString(req.getSession(),
-// AuthenticationManager.MOA_SESSION, null);
-
- moasessionID = (String) req.getParameter(PARAM_SESSIONID);
-
- moasession = AuthenticationSessionStoreage.getSession(moasessionID);
+
}
-
+
moduleAction.processRequest(protocolRequest, req, resp, moasession);
RequestStorage.removePendingRequest(protocolRequests, protocolRequestID);
- boolean isSSOSession = AuthenticationSessionStoreage.isSSOSession(moasessionID);
+ if (needAuthentication) {
+ boolean isSSOSession = AuthenticationSessionStoreage.isSSOSession(moasessionID);
- if ((useSSOOA || isSSOSession) //TODO: SSO with mandates requires an OVS extension
+ if ((useSSOOA || isSSOSession) //TODO: SSO with mandates requires an OVS extension
&& !moasession.getUseMandate())
- {
+ {
- } else {
- authmanager.logout(req, resp, moasessionID);
- }
+ } else {
+ authmanager.logout(req, resp, moasessionID);
+ }
//authmanager.logout(req, resp);
+ }
} catch (Throwable e) {
e.printStackTrace();
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java
index 9fc213a48..3d0fd80bd 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java
@@ -63,7 +63,7 @@ public class MetadataAction implements IAction {
idpEntitiesDescriptor.getEntityDescriptors().add(idpEntityDescriptor);
idpEntityDescriptor
- .setEntityID("https://localhost:8443/moa-id-auth");
+ .setEntityID(PVPConfiguration.getInstance().getIDPPublicPath());
List<ContactPerson> persons = PVPConfiguration.getInstance()
.getIDPContacts();