diff options
author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2013-08-08 15:50:28 +0200 |
---|---|---|
committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2013-08-08 15:50:28 +0200 |
commit | 2337072ac18b66e523818702ba6dce6b462472b1 (patch) | |
tree | 44482f07d89a6d7ffb57e014185b52a73e6f68d0 /id | |
parent | f7c35a0214cb10cf6f7de031e9e5e73f40e4569d (diff) | |
download | moa-id-spss-2337072ac18b66e523818702ba6dce6b462472b1.tar.gz moa-id-spss-2337072ac18b66e523818702ba6dce6b462472b1.tar.bz2 moa-id-spss-2337072ac18b66e523818702ba6dce6b462472b1.zip |
MOA-ID Configuration Tool Beta
Diffstat (limited to 'id')
30 files changed, 2046 insertions, 111 deletions
diff --git a/id/ConfigWebTool/pom.xml b/id/ConfigWebTool/pom.xml index c55a1e04f..411ef55e6 100644 --- a/id/ConfigWebTool/pom.xml +++ b/id/ConfigWebTool/pom.xml @@ -9,10 +9,29 @@ <dependencies> <dependency> + <groupId>javax.servlet</groupId> + <artifactId>jstl</artifactId> + <version>1.2</version> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>javax.servlet</groupId> + <artifactId>servlet-api</artifactId> + <version>2.5</version> + <scope>provided</scope> + </dependency> + + + <dependency> <groupId>MOA.id.server</groupId> <artifactId>moa-id-commons</artifactId> <version>1.5.2</version> </dependency> + <dependency> + <groupId>MOA.id.server</groupId> + <artifactId>moa-id-lib</artifactId> + <version>1.9.90-SNAPSHOT</version> + </dependency> <dependency> <groupId>at.gv.util</groupId> diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java index 8ef3ec2f0..d088edf34 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java @@ -23,4 +23,7 @@ public class Constants { public static final String MOA_CONFIG_PROTOCOL_SAML1 = "id_saml1"; public static final String MOA_CONFIG_PROTOCOL_PVP2 = "id_pvp2x"; + + public static final String DEFAULT_LOCALBKU_URL = "https://127.0.0.1:3496/https-security-layer-request"; + public static final String DEFAULT_HANDYBKU_URL = "https://www.handy-signatur.at/mobile/https-security-layer-request/default.aspx"; } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/AuthenticatedUser.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/AuthenticatedUser.java index 3ff48e92b..8f75a357c 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/AuthenticatedUser.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/AuthenticatedUser.java @@ -10,17 +10,19 @@ public class AuthenticatedUser { private long userID; private String givenName; private String familyName; + private String userName; private Date lastLogin; public AuthenticatedUser() { } - public AuthenticatedUser(long userID, String givenName, String familyName, + public AuthenticatedUser(long userID, String givenName, String familyName, String userName, boolean isAuthenticated, boolean isAdmin) { this.familyName = familyName; this.givenName = givenName; + this.userName = userName; this.userID = userID; this.isAdmin = isAdmin; this.isAuthenticated = isAuthenticated; @@ -110,6 +112,20 @@ public class AuthenticatedUser { public void setLastLogin(Date lastLogin) { this.lastLogin = lastLogin; } + + /** + * @return the userName + */ + public String getUserName() { + return userName; + } + + /** + * @param userName the userName to set + */ + public void setUserName(String userName) { + this.userName = userName; + } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/UserDatabaseFrom.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/UserDatabaseFrom.java new file mode 100644 index 000000000..e62160285 --- /dev/null +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/UserDatabaseFrom.java @@ -0,0 +1,237 @@ +package at.gv.egovernment.moa.id.configuration.data; + +import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase; +import at.gv.egovernment.moa.util.MiscUtil; +import at.gv.util.data.BPK; + +public class UserDatabaseFrom { + + private String bpk; + private String familyName; + private String givenName; + private String institut; + private String mail; + private String phone; + private String username; + private String password; + private boolean active = false; + private boolean admin = false; + private boolean passwordActive; + private String userID = null; + + public UserDatabaseFrom() { + + } + + public UserDatabaseFrom(UserDatabase db) { + bpk = db.getBpk(); + familyName = db.getFamilyname(); + givenName = db.getGivenname(); + institut = db.getInstitut(); + mail = db.getMail(); + phone = db.getPhone(); + username = db.getUsername(); + + if (MiscUtil.isNotEmpty(db.getPassword())) + passwordActive = true; + else + passwordActive = false; + + active = db.isIsActive(); + admin = db.isIsAdmin(); + + userID = String.valueOf(db.getHjid()); + } + + + /** + * @return the bpk + */ + public String getBpk() { + return bpk; + } + + + /** + * @param bpk the bpk to set + */ + public void setBpk(String bpk) { + this.bpk = bpk; + } + + + /** + * @return the familyName + */ + public String getFamilyName() { + return familyName; + } + + + /** + * @param familyName the familyName to set + */ + public void setFamilyName(String familyName) { + this.familyName = familyName; + } + + + /** + * @return the givenName + */ + public String getGivenName() { + return givenName; + } + + + /** + * @param givenName the givenName to set + */ + public void setGivenName(String givenName) { + this.givenName = givenName; + } + + + /** + * @return the institut + */ + public String getInstitut() { + return institut; + } + + + /** + * @param institut the institut to set + */ + public void setInstitut(String institut) { + this.institut = institut; + } + + + /** + * @return the mail + */ + public String getMail() { + return mail; + } + + + /** + * @param mail the mail to set + */ + public void setMail(String mail) { + this.mail = mail; + } + + + /** + * @return the phone + */ + public String getPhone() { + return phone; + } + + + /** + * @param phone the phone to set + */ + public void setPhone(String phone) { + this.phone = phone; + } + + + /** + * @return the username + */ + public String getUsername() { + return username; + } + + + /** + * @param username the username to set + */ + public void setUsername(String username) { + this.username = username; + } + + + /** + * @return the password + */ + public String getPassword() { + return password; + } + + + /** + * @param password the password to set + */ + public void setPassword(String password) { + this.password = password; + } + + + /** + * @return the active + */ + public boolean isActive() { + return active; + } + + + /** + * @param active the active to set + */ + public void setActive(boolean active) { + this.active = active; + } + + + /** + * @return the admin + */ + public boolean isAdmin() { + return admin; + } + + + /** + * @param admin the admin to set + */ + public void setAdmin(boolean admin) { + this.admin = admin; + } + + + /** + * @return the passwordActive + */ + public boolean isPasswordActive() { + return passwordActive; + } + + + /** + * @param passwordActive the passwordActive to set + */ + public void setPasswordActive(boolean passwordActive) { + this.passwordActive = passwordActive; + } + + /** + * @return the userID + */ + public String getUserID() { + return userID; + } + + /** + * @param userID the userID to set + */ + public void setUserID(String userID) { + this.userID = userID; + } + + +} diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java index f3b513019..129d62346 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java @@ -67,6 +67,9 @@ public class OAGeneralConfig { for (int i=0; i<values.length; i++) { keyBoxIdentifierList.put(values[i].value(), values[i].value()); } + + bkuLocalURL = Constants.DEFAULT_LOCALBKU_URL; + bkuHandyURL = Constants.DEFAULT_HANDYBKU_URL; } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java index 4eccfdf5d..a58b20214 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java @@ -128,7 +128,7 @@ public class AuthenticationFilter implements Filter{ if (authuser == null) { - authuser = new AuthenticatedUser(1, "Max", "TestUser", true, true); + authuser = new AuthenticatedUser(0, "Max", "TestUser", "maxtestuser", true, true); //authuser = new AuthenticatedUser(1, "Max", "TestUser", true, false); httpServletRequest.getSession().setAttribute(Constants.SESSION_AUTH, authuser); } @@ -150,6 +150,8 @@ public class AuthenticationFilter implements Filter{ if (MiscUtil.isNotEmpty(getAuthenticatedPage())) { log.debug("Unable to find authentication data. Authenticated page is given so there is no need to save original request url. " + (loginPageForward ? "Forwarding" : "Redirecting") + " to login page \"" + loginPage + "\"."); + + } else { log.debug("Unable to find authentication data. Storing request url and " + (loginPageForward ? "forwarding" : "redirecting") + " to login page \"" + loginPage + "\"."); diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/AuthenticationHelper.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/AuthenticationHelper.java new file mode 100644 index 000000000..b2f1b106f --- /dev/null +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/AuthenticationHelper.java @@ -0,0 +1,35 @@ +package at.gv.egovernment.moa.id.configuration.helper; + +import java.security.spec.KeySpec; + +import javax.crypto.SecretKey; +import javax.crypto.SecretKeyFactory; +import javax.crypto.spec.PBEKeySpec; +import javax.crypto.spec.SecretKeySpec; + +import org.apache.log4j.Logger; + +import at.gv.egovernment.moa.util.Base64Utils; + +public class AuthenticationHelper { + + private static final Logger log = Logger.getLogger(AuthenticationHelper.class); + + public static String generateKeyFormPassword(String password) { + SecretKeyFactory factory; + + try { + factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1"); + KeySpec spec = new PBEKeySpec(password.toCharArray(), "TestSALT".getBytes(), 1024, 128); + SecretKey tmp = factory.generateSecret(spec); + SecretKeySpec secret = new SecretKeySpec(tmp.getEncoded(), "AES"); + return Base64Utils.encode(secret.getEncoded()); + + } catch (Exception e) { + log.info("Key generation form password failed."); + return null; + } + + } + +} diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java new file mode 100644 index 000000000..a8992e6b8 --- /dev/null +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java @@ -0,0 +1,353 @@ +package at.gv.egovernment.moa.id.configuration.struts.action; + +import java.io.File; +import java.io.IOException; +import java.io.InputStream; +import java.io.OutputStream; +import java.io.StringReader; +import java.io.StringWriter; +import java.util.List; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.xml.bind.JAXBContext; +import javax.xml.bind.JAXBException; +import javax.xml.bind.Marshaller; +import javax.xml.bind.Unmarshaller; +import javax.xml.transform.Result; + +import org.apache.commons.io.IOUtils; +import org.apache.log4j.Logger; +import org.apache.struts2.interceptor.ServletRequestAware; +import org.apache.struts2.interceptor.ServletResponseAware; +import org.hibernate.lob.ReaderInputStream; +import org.w3c.dom.Node; + +import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead; +import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; +import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration; +import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; +import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; +import at.gv.egovernment.moa.id.config.ConfigurationException; +import at.gv.egovernment.moa.id.config.legacy.BuildFromLegacyConfig; +import at.gv.egovernment.moa.id.configuration.Constants; +import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser; +import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; +import at.iaik.commons.util.IOUtil; + +import com.opensymphony.xwork2.ActionSupport; + +import eu.stork.vidp.messages.common.STORKBootstrap; + +public class ImportExportAction extends ActionSupport +implements ServletRequestAware, ServletResponseAware { + + private static final Logger log = Logger.getLogger(ImportExportAction.class); + + private static final long serialVersionUID = 1L; + private HttpServletRequest request; + private HttpServletResponse response; + + private AuthenticatedUser authUser; + + private File fileUpload = null; + private String fileUploadContentType = null; + private String fileUploadFileName = null; + + private InputStream fileInputStream; + + public String init() { + + Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH); + + if (authUserObj != null && authUserObj instanceof AuthenticatedUser) { + authUser = (AuthenticatedUser) authUserObj; + + if (authUser.isAdmin()) { + + return Constants.STRUTS_SUCCESS; + + } else { + log.info("No access to Import/Export for User with ID" + authUser.getUserID()); + addActionError(LanguageHelper.getErrorString("errors.notallowed")); + return Constants.STRUTS_NOTALLOWED; + } + } + return Constants.STRUTS_REAUTHENTICATE; + + } + + public String importLegacyConfig() { + Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH); + + if (authUserObj != null && authUserObj instanceof AuthenticatedUser) { + authUser = (AuthenticatedUser) authUserObj; + + if (authUser.isAdmin()) { + + //load legacy config if it is configured + + if (fileUpload == null) { + addActionError(LanguageHelper.getErrorString("errors.importexport.nofile")); + return Constants.STRUTS_ERROR_VALIDATION; + } + + //Initialize OpenSAML for STORK + log.info("Starting initialization of OpenSAML..."); + try { + STORKBootstrap.bootstrap(); + + } catch (org.opensaml.xml.ConfigurationException e1) { + log.info("Legacy configuration has an Import Error", e1); + addActionError(LanguageHelper.getErrorString("errors.importexport.legacyimport", new Object[] {e1.getMessage()})); + return Constants.STRUTS_ERROR_VALIDATION; + } + log.debug("OpenSAML successfully initialized"); + + + MOAIDConfiguration moaconfig; + try { + log.warn("WARNING! The legacy import deletes the hole old config"); + + List<OnlineApplication> oas = ConfigurationDBRead.getAllOnlineApplications(); + if (oas != null && oas.size() > 0) { + for (OnlineApplication oa : oas) + ConfigurationDBUtils.delete(oa); + } + + + moaconfig = BuildFromLegacyConfig.build(fileUpload, ""); + + } catch (ConfigurationException e) { + log.info("Legacy configuration has an Import Error", e); + addActionError(LanguageHelper.getErrorString("errors.importexport.legacyimport", new Object[] {e.getMessage()})); + return Constants.STRUTS_ERROR_VALIDATION; + } + + //check if XML config should be use + log.warn("WARNING! MOA-ID 2.0 is started with XML configuration. This setup overstrike the actual configuration in the Database!"); + try { + MOAIDConfiguration moaidconfig = ConfigurationDBRead.getMOAIDConfiguration(); + if (moaidconfig != null) + ConfigurationDBUtils.delete(moaidconfig); + + ConfigurationDBUtils.save(moaconfig); + + } catch (MOADatabaseException e) { + log.warn("General MOA-ID config can not be stored in Database"); + addActionError(e.getMessage()); + return Constants.STRUTS_ERROR_VALIDATION; + } + + finally { + ConfigurationDBUtils.closeSession(); + } + + log.info("Legacy Configuration load is completed."); + addActionMessage(LanguageHelper.getGUIString("webpages.inportexport.success")); + return Constants.STRUTS_SUCCESS; + + } else { + log.info("No access to Import/Export for User with ID" + authUser.getUserID()); + addActionError(LanguageHelper.getErrorString("errors.notallowed")); + return Constants.STRUTS_NOTALLOWED; + } + } + return Constants.STRUTS_REAUTHENTICATE; + } + + public String downloadXMLConfig() { + Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH); + + if (authUserObj != null && authUserObj instanceof AuthenticatedUser) { + authUser = (AuthenticatedUser) authUserObj; + + if (authUser.isAdmin()) { + + log.info("Write MOA-ID 2.x xml config"); + JAXBContext jc; + try { + jc = JAXBContext.newInstance("at.gv.egovernment.moa.id.commons.db.dao.config"); + + Marshaller m = jc.createMarshaller(); + m.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, true); +// File test = new File(xmlconfigout); +// m.marshal(moaidconfig, test); + MOAIDConfiguration moaidconfig = ConfigurationDBRead.getMOAIDConfiguration(); + + if (moaidconfig == null) { + log.info("No MOA-ID 2.x configruation available"); + addActionError(LanguageHelper.getErrorString("errors.importexport.export.noconfig")); + return Constants.STRUTS_ERROR_VALIDATION; + } + + List<OnlineApplication> oaconfigs = ConfigurationDBRead.getAllOnlineApplications(); + moaidconfig.setOnlineApplication(oaconfigs); + + StringWriter writer = new StringWriter(); + m.marshal(moaidconfig, writer); + fileInputStream = IOUtils.toInputStream(writer.toString(), "UTF-8"); + + } catch (JAXBException e) { + log.info("MOA-ID 2.x configruation could not be exported into a XML file.", e); + addActionError(LanguageHelper.getErrorString("errors.importexport.export", + new Object[]{e.getMessage()})); + return Constants.STRUTS_ERROR_VALIDATION; + } catch (IOException e) { + log.info("MOA-ID 2.x configruation could not be exported into a XML file.", e); + addActionError(LanguageHelper.getErrorString("errors.importexport.export", + new Object[]{e.getMessage()})); + return Constants.STRUTS_ERROR_VALIDATION; + } + + finally { + ConfigurationDBUtils.closeSession(); + } + + return Constants.STRUTS_SUCCESS; + } else { + log.info("No access to Import/Export for User with ID" + authUser.getUserID()); + addActionError(LanguageHelper.getErrorString("errors.notallowed")); + return Constants.STRUTS_NOTALLOWED; + } + } + return Constants.STRUTS_REAUTHENTICATE; + } + + + public String importXMLConfig() { + Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH); + + if (authUserObj != null && authUserObj instanceof AuthenticatedUser) { + authUser = (AuthenticatedUser) authUserObj; + + if (authUser.isAdmin()) { + + if (fileUpload == null) { + addActionError(LanguageHelper.getErrorString("errors.importexport.nofile")); + return Constants.STRUTS_ERROR_VALIDATION; + } + + log.warn("WARNING! The XML import deletes the hole old config"); + + List<OnlineApplication> oas = ConfigurationDBRead.getAllOnlineApplications(); + if (oas != null && oas.size() > 0) { + for (OnlineApplication oa : oas) + ConfigurationDBUtils.delete(oa); + } + MOAIDConfiguration moaidconfig = ConfigurationDBRead.getMOAIDConfiguration(); + if (moaidconfig != null) + ConfigurationDBUtils.delete(moaidconfig); + + + log.info("Load configuration from MOA-ID 2.x XML configuration"); + + try { + JAXBContext jc = JAXBContext.newInstance("at.gv.egovernment.moa.id.commons.db.dao.config"); + Unmarshaller m = jc.createUnmarshaller(); + MOAIDConfiguration moaconfig = (MOAIDConfiguration) m.unmarshal(fileUpload); + + List<OnlineApplication> importoas = moaconfig.getOnlineApplication(); + for (OnlineApplication importoa : importoas) { + ConfigurationDBUtils.saveOrUpdate(importoa); + } + + moaconfig.setOnlineApplication(null); + ConfigurationDBUtils.saveOrUpdate(moaconfig); + + } catch (Exception e) { + log.warn("MOA-ID XML configuration can not be loaded from File.", e); + addActionError(LanguageHelper.getErrorString("errors.importexport.import", + new Object[]{e.getMessage()})); + return Constants.STRUTS_ERROR_VALIDATION; + + } + + finally { + ConfigurationDBUtils.closeSession(); + } + + log.info("XML Configuration load is completed."); + addActionMessage(LanguageHelper.getGUIString("webpages.inportexport.success")); + return Constants.STRUTS_SUCCESS; + + } else { + log.info("No access to Import/Export for User with ID" + authUser.getUserID()); + addActionError(LanguageHelper.getErrorString("errors.notallowed")); + return Constants.STRUTS_NOTALLOWED; + } + } + return Constants.STRUTS_REAUTHENTICATE; + + } + + /** + * @return the fileUpload + */ + public File getFileUpload() { + return fileUpload; + } + + + + /** + * @param fileUpload the fileUpload to set + */ + public void setFileUpload(File fileUpload) { + this.fileUpload = fileUpload; + } + + + + /** + * @return the fileUploadContentType + */ + public String getFileUploadContentType() { + return fileUploadContentType; + } + + + + /** + * @param fileUploadContentType the fileUploadContentType to set + */ + public void setFileUploadContentType(String fileUploadContentType) { + this.fileUploadContentType = fileUploadContentType; + } + + + + /** + * @return the fileUploadFileName + */ + public String getFileUploadFileName() { + return fileUploadFileName; + } + + + + /** + * @param fileUploadFileName the fileUploadFileName to set + */ + public void setFileUploadFileName(String fileUploadFileName) { + this.fileUploadFileName = fileUploadFileName; + } + + /** + * @return the authUser + */ + public AuthenticatedUser getAuthUser() { + return authUser; + } + + public void setServletResponse(HttpServletResponse response) { + this.response = response; + } + public void setServletRequest(HttpServletRequest request) { + this.request = request; + } + + public InputStream getFileInputStream() { + return fileInputStream; + } +} diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java index 4e8e44007..6aeebcf7b 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java @@ -1,32 +1,169 @@ package at.gv.egovernment.moa.id.configuration.struts.action; +import java.util.Date; + import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import javax.servlet.http.HttpSession; +import org.apache.log4j.Logger; import org.apache.struts2.interceptor.ServletRequestAware; import org.apache.struts2.interceptor.ServletResponseAware; +import com.opensymphony.xwork2.ActionSupport; + +import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead; +import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; +import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase; +import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; import at.gv.egovernment.moa.id.configuration.Constants; +import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser; import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider; import at.gv.egovernment.moa.id.configuration.exception.ConfigurationException; +import at.gv.egovernment.moa.id.configuration.helper.AuthenticationHelper; +import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; +import at.gv.egovernment.moa.id.configuration.validation.UserDatabaseFormValidator; +import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper; +import at.gv.egovernment.moa.util.MiscUtil; -public class IndexAction implements ServletRequestAware, +public class IndexAction extends ActionSupport implements ServletRequestAware, ServletResponseAware { + private static final Logger log = Logger.getLogger(IndexAction.class); + private HttpServletRequest request; private HttpServletResponse response; + private String password; + private String username; + public String start() { return Constants.STRUTS_SUCCESS; } + public String authenticate() { + + String key = null; + + if (MiscUtil.isNotEmpty(username)) { + if (ValidationHelper.containsPotentialCSSCharacter(username, false)) { + log.warn("Username contains potentail XSS characters: " + username); + addActionError(LanguageHelper.getErrorString("validation.edituser.username.valid", + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + return Constants.STRUTS_ERROR; + } + } else { + log.warn("Username is empty"); + addActionError(LanguageHelper.getErrorString("validation.edituser.username.empty")); + return Constants.STRUTS_ERROR; + } + + if (MiscUtil.isEmpty(password)) { + log.warn("Password is empty"); + addActionError(LanguageHelper.getErrorString("validation.edituser.password.empty")); + return Constants.STRUTS_ERROR; + + } else { + key = AuthenticationHelper.generateKeyFormPassword(password); + if (key == null) { + addActionError(LanguageHelper.getErrorString("validation.edituser.password.valid")); + return Constants.STRUTS_ERROR; + } + } + + UserDatabase dbuser = ConfigurationDBRead.getUserWithUserName(username); + if (dbuser == null) { + log.warn("Unknown Username"); + addActionError(LanguageHelper.getErrorString("webpages.index.username.unkown")); + return Constants.STRUTS_ERROR; + + } else { + if (!dbuser.isIsActive()) { + log.warn("Username " + dbuser.getUsername() + " is not active"); + addActionError(LanguageHelper.getErrorString("webpages.index.username.notactive")); + return Constants.STRUTS_ERROR; + } + + if (!dbuser.getPassword().equals(key)) { + log.warn("Username " + dbuser.getUsername() + " use a false password"); + addActionError(LanguageHelper.getErrorString("webpages.index.password.false")); + return Constants.STRUTS_ERROR; + } + + AuthenticatedUser authuser = new AuthenticatedUser( + dbuser.getHjid(), + dbuser.getGivenname(), + dbuser.getFamilyname(), + dbuser.getUsername(), + true, + dbuser.isIsAdmin()); + + authuser.setLastLogin(dbuser.getLastLoginItem()); + + dbuser.setLastLoginItem(new Date()); + + try { + ConfigurationDBUtils.saveOrUpdate(dbuser); + + } catch (MOADatabaseException e) { + log.warn("UserDatabase communicaton error", e); + addActionError(LanguageHelper.getErrorString("error.login")); + return Constants.STRUTS_ERROR; + } + finally { + ConfigurationDBUtils.closeSession(); + } + request.getSession().setAttribute(Constants.SESSION_AUTH, authuser); + return Constants.STRUTS_SUCCESS; + } + } + + public String logout() { + + HttpSession session = request.getSession(); + + if (session != null) + session.invalidate(); + + return Constants.STRUTS_SUCCESS; + } public void setServletResponse(HttpServletResponse arg0) { this.response = arg0; } public void setServletRequest(HttpServletRequest arg0) { this.request = arg0; - } + } + + /** + * @return the password + */ + public String getPassword() { + return password; + } + + /** + * @param password the password to set + */ + public void setPassword(String password) { + this.password = password; + } + + /** + * @return the username + */ + public String getUsername() { + return username; + } + + /** + * @param username the username to set + */ + public void setUsername(String username) { + this.username = username; + } + + } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java index 3f4b21fdd..c022d0057 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java @@ -1,51 +1,331 @@ package at.gv.egovernment.moa.id.configuration.struts.action; +import java.util.ArrayList; import java.util.Date; +import java.util.List; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import org.apache.log4j.Logger; import org.apache.struts2.interceptor.ServletRequestAware; import org.apache.struts2.interceptor.ServletResponseAware; +import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; import at.gv.egovernment.moa.id.configuration.Constants; import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser; +import at.gv.egovernment.moa.id.configuration.data.UserDatabaseFrom; +import at.gv.egovernment.moa.id.configuration.helper.AuthenticationHelper; +import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; +import at.gv.egovernment.moa.id.configuration.validation.UserDatabaseFormValidator; +import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper; +import at.gv.egovernment.moa.util.MiscUtil; import com.opensymphony.xwork2.ActionSupport; public class UserManagementAction extends ActionSupport implements ServletRequestAware, ServletResponseAware { + private static final Logger log = Logger.getLogger(UserManagementAction.class); + private static final long serialVersionUID = 1L; private HttpServletRequest request; private HttpServletResponse response; + + private AuthenticatedUser authUser = null; + + private List<AuthenticatedUser> userlist = null; + private UserDatabaseFrom user = null; + + private String useridobj = null; + private static boolean newUser = false; - private AuthenticatedUser authUser; + public String init() { + Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH); + + if (authUserObj != null && authUserObj instanceof AuthenticatedUser) { + authUser = (AuthenticatedUser) authUserObj; + + if (authUser.isAdmin()) { + + log.info("Show UserList"); + + List<UserDatabase> dbuserlist = ConfigurationDBRead.getAllUsers(); + if (dbuserlist != null) { + userlist = new ArrayList<AuthenticatedUser>(); + + for (UserDatabase dbuser : dbuserlist) { + userlist.add(new AuthenticatedUser( + dbuser.getHjid(), + dbuser.getGivenname(), + dbuser.getFamilyname(), + dbuser.getUsername(), + dbuser.isIsActive(), + dbuser.isIsAdmin())); + } + } + + ConfigurationDBUtils.closeSession(); + return Constants.STRUTS_SUCCESS; + + } else { + log.info("User with ID " + authUser.getUserID() + " is not admin. Show only EditUser Frame"); + UserDatabase dbuser = ConfigurationDBRead.getUserWithID(authUser.getUserID()); + if (dbuser == null) { + return Constants.STRUTS_REAUTHENTICATE; + } + user = new UserDatabaseFrom(dbuser); + ConfigurationDBUtils.closeSession(); + return Constants.STRUTS_NOTALLOWED; + } + } + return Constants.STRUTS_REAUTHENTICATE; + + } + public String createuser() { + Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH); + + if (authUserObj != null && authUserObj instanceof AuthenticatedUser) { + authUser = (AuthenticatedUser) authUserObj; + + if (authUser.isAdmin()) { + + user = new UserDatabaseFrom(); + + newUser = true; + return Constants.STRUTS_SUCCESS; + + } else { + return Constants.STRUTS_NOTALLOWED; + } + } + return Constants.STRUTS_REAUTHENTICATE; + + } + + public String edituser() { + Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH); + + if (authUserObj != null && authUserObj instanceof AuthenticatedUser) { + authUser = (AuthenticatedUser) authUserObj; + + if (authUser.isAdmin()) { + long userid = -1; + + if (!ValidationHelper.validateOAID(useridobj)) { + addActionError(LanguageHelper.getErrorString("errors.edit.user.userid", request)); + return Constants.STRUTS_ERROR; + } + userid = Long.valueOf(useridobj); + + UserDatabase dbuser = ConfigurationDBRead.getUserWithID(userid); + if (dbuser == null) { + log.info("No User with ID " + userid + " in Database");; + addActionError(LanguageHelper.getErrorString("errors.edit.user.userid", request)); + return Constants.STRUTS_ERROR; + } + user = new UserDatabaseFrom(dbuser); + + newUser = false; + + ConfigurationDBUtils.closeSession(); + + return Constants.STRUTS_SUCCESS; + + } else { + log.info("User with ID " + authUser.getUserID() + " is not admin. Show his own EditUser Frame"); + UserDatabase dbuser = ConfigurationDBRead.getUserWithID(authUser.getUserID()); + user = new UserDatabaseFrom(dbuser); + return Constants.STRUTS_SUCCESS; + } + } + return Constants.STRUTS_REAUTHENTICATE; + + } + + public String saveuser() { + Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH); + + if (authUserObj != null && authUserObj instanceof AuthenticatedUser) { + authUser = (AuthenticatedUser) authUserObj; + + String useridobj = user.getUserID(); + long userID = -1; + if (MiscUtil.isEmpty(useridobj)) { + userID = -1; + + } else { + if (!ValidationHelper.validateOAID(useridobj)){ + log.warn("User with ID " + authUser.getUserID() + + " would access UserDatabase ID " + useridobj); + addActionError(LanguageHelper.getErrorString("errors.edit.user.notallowed", request)); + return Constants.STRUTS_ERROR; + } + userID = Long.valueOf(useridobj); + } + + List<String> errors; + UserDatabaseFormValidator validator = new UserDatabaseFormValidator(); + errors = validator.validate(user, userID); + + if (errors.size() > 0) { + log.info("UserDataForm has some erros."); + for (String el : errors) + addActionError(el); + user.setPassword(""); + + if (MiscUtil.isEmpty(user.getUsername())) + newUser = true; + + return Constants.STRUTS_ERROR_VALIDATION; + } + + if (!authUser.isAdmin()) { + if (authUser.getUserID() != userID) { + log.warn("User with ID " + authUser.getUserID() + + " would access UserDatabase Entry " + user.getUsername()); + addActionError(LanguageHelper.getErrorString("errors.edit.user.notallowed", request)); + return Constants.STRUTS_ERROR; + } + + } + + String error = saveFormToDB(); + if (error != null) { + log.warn("UserData can not be stored in Database"); + addActionError(error); + return Constants.STRUTS_SUCCESS; + } + + ConfigurationDBUtils.closeSession(); + return Constants.STRUTS_SUCCESS; + + } + return Constants.STRUTS_REAUTHENTICATE; + + } + + public String deleteuser() { + Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH); + + if (authUserObj != null && authUserObj instanceof AuthenticatedUser) { + authUser = (AuthenticatedUser) authUserObj; + + String useridobj = user.getUserID(); + long userID = -1; + if (MiscUtil.isEmpty(useridobj)) { + userID = -1; + + } else { + if (!ValidationHelper.validateOAID(useridobj)){ + log.warn("User with ID " + authUser.getUserID() + + " would access UserDatabase ID " + useridobj); + addActionError(LanguageHelper.getErrorString("errors.edit.user.notallowed", request)); + return Constants.STRUTS_ERROR; + } + userID = Long.valueOf(useridobj); + } + + if (!authUser.isAdmin()) { + if (authUser.getUserID() != userID) { + log.warn("User with ID " + authUser.getUserID() + + " would access UserDatabase Entry " + user.getUsername()); + addActionError(LanguageHelper.getErrorString("errors.edit.user.notallowed", request)); + return Constants.STRUTS_ERROR; + } + } + + UserDatabase dbuser = ConfigurationDBRead.getUserWithID(userID); + if (dbuser != null) { + dbuser.setOnlineApplication(null); + + try { + ConfigurationDBUtils.saveOrUpdate(dbuser); + ConfigurationDBUtils.delete(dbuser); + + } catch (MOADatabaseException e) { + log.warn("UserData can not be deleted from Database"); + addActionError(e.getMessage()); + return Constants.STRUTS_SUCCESS; + } + + finally { + ConfigurationDBUtils.closeSession(); + } + } + + ConfigurationDBUtils.closeSession(); + return Constants.STRUTS_SUCCESS; + + } + return Constants.STRUTS_REAUTHENTICATE; + + } - public String createTestUser() throws MOADatabaseException { + private String saveFormToDB() { + + UserDatabase dbuser = ConfigurationDBRead.getUserWithUserName(user.getUsername()); - UserDatabase user = new UserDatabase(); - user.setBpk(""); - user.setFamilyname("Max"); - user.setGivenname("Mustermann"); - user.setIsActive(true); - user.setIsAdmin(false); - user.setInstitut("EGIZ"); - user.setLastLoginItem(new Date()); - user.setMail("masdf@amfasdf.com"); - user.setPhone("00660011542"); - user.setUsername("testuser"); + if( dbuser == null) { + dbuser = new UserDatabase(); + } - ConfigurationDBUtils.save(user); + dbuser.setBpk(user.getBpk()); + dbuser.setFamilyname(user.getFamilyName()); + dbuser.setGivenname(user.getGivenName()); + dbuser.setInstitut(user.getInstitut()); + dbuser.setMail(user.getMail()); + dbuser.setPhone(user.getPhone()); + dbuser.setUsername(user.getUsername()); - return Constants.STRUTS_SUCCESS; + if (authUser.isAdmin()) { + dbuser.setIsActive(user.isActive()); + dbuser.setIsAdmin(user.isAdmin()); + } + + if (MiscUtil.isNotEmpty(user.getPassword())) { + String key = AuthenticationHelper.generateKeyFormPassword(user.getPassword()); + if (key == null) { + return LanguageHelper.getErrorString("errors.edit.user.save"); + } + dbuser.setPassword(key); + } + + + try { + ConfigurationDBUtils.saveOrUpdate(dbuser); + } catch (MOADatabaseException e) { + log.warn("User information can not be stored in Database.", e); + return LanguageHelper.getErrorString("errors.edit.user.save"); + } + + return null; } +// public String createTestUser() throws MOADatabaseException { +// +// UserDatabase user = new UserDatabase(); +// user.setBpk(""); +// user.setFamilyname("Max"); +// user.setGivenname("Mustermann"); +// user.setIsActive(true); +// user.setIsAdmin(false); +// user.setInstitut("EGIZ"); +// user.setLastLoginItem(new Date()); +// user.setMail("masdf@amfasdf.com"); +// user.setPhone("00660011542"); +// user.setUsername("testuser"); +// +// ConfigurationDBUtils.save(user); +// +// return Constants.STRUTS_SUCCESS; +// } + public void setServletResponse(HttpServletResponse response) { this.response = response; @@ -56,7 +336,63 @@ public class UserManagementAction extends ActionSupport this.request = request; } + + /** + * @return the userlist + */ + public List<AuthenticatedUser> getUserlist() { + return userlist; + } + + /** + * @param userlist the userlist to set + */ + public void setUserlist(List<AuthenticatedUser> userlist) { + this.userlist = userlist; + } + + /** + * @return the user + */ + public UserDatabaseFrom getUser() { + return user; + } + + /** + * @param user the user to set + */ + public void setUser(UserDatabaseFrom user) { + this.user = user; + } + + /** + * @return the useridobj + */ + public String getUseridobj() { + return useridobj; + } + + /** + * @param useridobj the useridobj to set + */ + public void setUseridobj(String useridobj) { + this.useridobj = useridobj; + } + + /** + * @return the authUser + */ + public AuthenticatedUser getAuthUser() { + return authUser; + } + + /** + * @return the newUser + */ + public boolean isNewUser() { + return newUser; + } + - } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/UserDatabaseFormValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/UserDatabaseFormValidator.java new file mode 100644 index 000000000..8e6edf52a --- /dev/null +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/UserDatabaseFormValidator.java @@ -0,0 +1,147 @@ +package at.gv.egovernment.moa.id.configuration.validation; + +import java.util.ArrayList; +import java.util.List; + +import org.apache.log4j.Logger; + +import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead; +import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase; +import at.gv.egovernment.moa.id.configuration.data.UserDatabaseFrom; +import at.gv.egovernment.moa.id.configuration.helper.AuthenticationHelper; +import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; +import at.gv.egovernment.moa.util.MiscUtil; + +public class UserDatabaseFormValidator { + + private static final Logger log = Logger.getLogger(UserDatabaseFormValidator.class); + + public List<String> validate(UserDatabaseFrom form, long userID) { + List<String> errors = new ArrayList<String>(); + + String check = form.getGivenName(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + log.warn("GivenName contains potentail XSS characters: " + check); + errors.add(LanguageHelper.getErrorString("validation.edituser.givenname.valid", + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + } + } else { + log.warn("GivenName is empty"); + errors.add(LanguageHelper.getErrorString("validation.edituser.givenname.empty")); + } + + + check = form.getFamilyName(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + log.warn("FamilyName contains potentail XSS characters: " + check); + errors.add(LanguageHelper.getErrorString("validation.edituser.familyname.valid", + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + } + } else { + log.warn("FamilyName is empty"); + errors.add(LanguageHelper.getErrorString("validation.edituser.familyname.empty")); + } + + check = form.getInstitut(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + log.warn("Organisation contains potentail XSS characters: " + check); + errors.add(LanguageHelper.getErrorString("validation.edituser.institut.valid", + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + } + } else { + log.warn("Organisation is empty"); + errors.add(LanguageHelper.getErrorString("validation.edituser.institut.empty")); + } + + check = form.getMail(); + if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.isEmailAddressFormat(check)) { + log.warn("Mailaddress is not valid: " + check); + errors.add(LanguageHelper.getErrorString("validation.edituser.mail.valid", + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + } + } else { + log.warn("Mailaddress is empty"); + errors.add(LanguageHelper.getErrorString("validation.edituser.mail.empty")); + } + + check = form.getPhone(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + log.warn("Phonenumber contains potentail XSS characters: " + check); + errors.add(LanguageHelper.getErrorString("validation.edituser.phone.valid", + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + } + } else { + log.warn("Phonenumber is empty"); + errors.add(LanguageHelper.getErrorString("validation.edituser.phone.empty")); + } + + check = form.getUsername(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + log.warn("Username contains potentail XSS characters: " + check); + errors.add(LanguageHelper.getErrorString("validation.edituser.username.valid", + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + + } else { + UserDatabase dbuser = ConfigurationDBRead.getUserWithUserName(check); + if (dbuser != null && userID != dbuser.getHjid()) { + log.warn("Username " + check + " exists in UserDatabase"); + errors.add(LanguageHelper.getErrorString("validation.edituser.username.duplicate")); + form.setUsername(""); + } + } + } else { + if (userID == -1) { + log.warn("Username is empty"); + errors.add(LanguageHelper.getErrorString("validation.edituser.username.empty")); + } else { + UserDatabase dbuser = ConfigurationDBRead.getUserWithID(userID); + if (dbuser == null) { + log.warn("Username is empty"); + errors.add(LanguageHelper.getErrorString("validation.edituser.username.empty")); + } else { + form.setUsername(dbuser.getUsername()); + } + } + } + + check = form.getPassword(); + if (MiscUtil.isEmpty(check)) { + if (userID == -1) { + log.warn("Password is empty"); + errors.add(LanguageHelper.getErrorString("validation.edituser.password.empty")); + } else { + UserDatabase dbuser = ConfigurationDBRead.getUserWithID(userID); + if (dbuser == null || MiscUtil.isEmpty(dbuser.getPassword())) { + log.warn("Password is empty"); + errors.add(LanguageHelper.getErrorString("validation.edituser.password.empty")); + } + } + + } else { + String key = AuthenticationHelper.generateKeyFormPassword(check); + if (key == null) { + errors.add(LanguageHelper.getErrorString("validation.edituser.password.valid")); + } + } + + + + check = form.getBpk(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + log.warn("BPK contains potentail XSS characters: " + check); + errors.add(LanguageHelper.getErrorString("validation.edituser.bpk.valid", + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + } + } + + return errors; + + } +} diff --git a/id/ConfigWebTool/src/main/resources/applicationResources_de.properties b/id/ConfigWebTool/src/main/resources/applicationResources.properties index 00825c15c..9ceaa75b3 100644 --- a/id/ConfigWebTool/src/main/resources/applicationResources_de.properties +++ b/id/ConfigWebTool/src/main/resources/applicationResources.properties @@ -7,15 +7,62 @@ config.03=Hibernate Database connector can not be initialized error.title=Fehler: errors.listOAs.noOA=Es wurden keine Online-Applikationen in der Datenbank gefunden. -errors.edit.oa.oaid=Es wurde keine g\u00FCtige Onlineapplikations ID \u00FCbergeben. -errors.edit.oa.oaid.allowed=Sie besitzen nicht die ben\u00f6tigen Rechte um auf diese Online-Applikation zuzugreifen. +errors.edit.oa.oaid=Es wurde keine g\u00FCtige Online-Applikations-ID \u00FCbergeben. +errors.edit.oa.oaid.allowed=Sie besitzen nicht die ben\u00F6tigen Rechte um auf diese Online-Applikation zuzugreifen. error.oa.pvp2.certificate=Das hinterlegte PVP2 Zertifikat konnte nicht gelesen werden. -error.db.oa.store=Die Konfigruation konnte nicht in der Datenbank gespeichert werden. +error.db.oa.store=Die Konfiguration konnte nicht in der Datenbank gespeichert werden. errors.notallowed=Sie besitzen nicht die n\u00F6tigen Rechte um diese Funktion zu benutzen. +errors.importexport.nofile=Es wurde keine Datei angegeben. +errors.importexport.legacyimport=Der Importvorgang der Legacy-Konfiguration wurde mit einem Fehler abgebrochen (Fehler={0}). +errors.importexport.export=Die MOA-ID 2.x Konfiguration konnte nicht in ein XML File exportiert werden. (Fehler={0}) +errors.importexport.import=Der Importvorgang der XML Konfiguration wurde mit einem Fehler abgebrochen (Fehler={0}). +errors.importexport.export.noconfig=Die Konfiguration kann nicht exportiert werden da keine MOA-ID Konfiguration vorhanden ist. +errors.edit.user.userid=Es wurde keine g\u00FCtige User ID \u00FCbergeben. +errors.edit.user.save=Der Benutzer konnte nicht in die Datenbank eingetragen werden. +errors.edit.user.notallowed=Das Bearbeiten fremder Benutzereinstellungen ist nur dem Admin erlaubt. +error.login=Der Anmeldevorgang durch einen internen Fehler unterbrochen. Bitte Versuchen sie es noch einmal. + webpages.error.header=Es ist ein Fehler aufgetreten -webpages.index.header=Willkommen beim MOA-ID 2.x Configuration Tool +webpages.index.header=Willkommen bei der MOA-ID 2.x Konfigurationsapplikation webpages.index.desciption.head=Um dieses Service nutzen zu k\u00F6nnen m\u00FCssen sie sich einloggen. +webpages.index.login=Anmelden +webpages.index.logout=Abmelden +webpages.index.username.unkown=Der Benutzer ist nicht bekannt. +webpages.index.username.notactive=Der Benutzer wurde durch den Administrator noch nicht freigeschalten. +webpages.index.password.false=Das Passwort stimmt nicht. + +webpages.inportexport.header=Konfiguration Importieren/Exportieren +webpages.inportexport.success=Die Konfiguration konnte erfolgreich importiert werden. +webpages.inportexport.legacyimport.header=Legacy Konfiguration importieren (MOA-ID < 2.0) +webpages.inportexport.legacyimport.upload=Legacy Konfiguration +webpages.edit.import=Importieren +webpages.edit.export=Exportieren +webpages.inportexport.import.header=MOA-ID 2.x Konfiguration +webpages.inportexport.import.upload=Konfiguration importieren +webpages.inportexport.import.download=Konfiguration exportieren +webpages.inportexport.descripten=ACHTUNG\: Die importierte Konfiguration ersetzt eine aktuell vorhandene Konfiguration vollst\u00E4ndig\! + +webpages.usermanagement.newuser=Neuen Benutzer erstellen +webpages.usermanagement.header=Benutzerverwaltung +webpages.listUsers.list.header=Liste aller vorhandenen Benutzer +webpages.listUsers.list.first=Vorname +webpages.listUsers.list.second=Familienname +webpages.listUsers.list.third=Benutzername +webpages.edituser.header=Benutzerdaten +webpages.edituser.givenname=Vorname +webpages.edituser.familyName=Familienname +webpages.edituser.institut=Organisation +webpages.edituser.phone=Telefonnummer +webpages.edituser.mail=EMail Adresse +webpages.edituser.access.header=Zugangsdaten +webpages.edituser.username=Benutzername +webpages.edituser.password=Kennwort +webpages.edituser.bpk=BPK +webpages.edituser.role.header=Rechte und Role +webpages.edituser.active=Benutzer ist aktiviert +webpages.edituser.admin=Benutzer ist Admin +webpages.edit.delete.user=Benutzer l\u00F6schen webpages.mainpage.menu.oa.insert=Neue Applikation anlegen webpages.mainpage.menu.oa.display=Meine Applikationen @@ -40,7 +87,7 @@ webpages.moaconfig.certificates.chainingmode=ChainingMode webpages.moaconfig.timeout.header=Session TimeOuts webpages.moaconfig.timeout.assertion=Assertion [sec] webpages.moaconfig.timeout.MOASessionCreated=SSO Session authentifiziert [sec] -webpages.moaconfig.timeout.MOASessionUpdated=SSO Session letzer Zugriff [sec] +webpages.moaconfig.timeout.MOASessionUpdated=SSO Session letzter Zugriff [sec] webpages.moaconfig.moasp.header=MOA-SP Konfiguration webpages.moaconfig.moasp.idltrustprofile=Personenbindung Trustprofil webpages.moaconfig.moasp.authtrustprofile=Authentfizierungsblock Trustprofil @@ -64,7 +111,7 @@ webpages.moaconfig.protocols.pvp2.PublicUrlPrefix=PVP2 Service URL-Prefix webpages.moaconfig.protocols.pvp2.IssuerName=PVP Service Name webpages.moaconfig.protocols.pvp2.org.header=Organisation webpages.moaconfig.protocols.pvp2.org.name=Kurzbezeichnung -webpages.moaconfig.protocols.pvp2.org.displayname=Vollst\u00e4ndiger Name +webpages.moaconfig.protocols.pvp2.org.displayname=Vollst\u00E4ndiger Name webpages.moaconfig.protocols.pvp2.org.url=URL der Organisation webpages.moaconfig.protocols.pvp2.contact.header=Kontaktdaten webpages.moaconfig.protocols.pvp2.contact.surename=Familienname @@ -150,52 +197,69 @@ webpages.edit.delete=Online-Applikation l\u00F6schen webpages.header.info=Sie sind angemeldet als: webpages.header.lastlogin=Letzte Anmeldung am: -validation.general.AlternativeSourceID=Die alternatice SourceID enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0} +validation.edituser.familyname.empty=Der Familienname ist leer. +validation.edituser.familyname.valid=Der Familienname enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0} +validation.edituser.givenname.empty=Der Vorname ist leer. +validation.edituser.givenname.valid=Der Vorname enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0} +validation.edituser.institut.empty=Die Organisation ist leer. +validation.edituser.institut.valid=Die Organisation enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0} +validation.edituser.mail.empty=Die EMail Adresse ist leer. +validation.edituser.mail.valid=Die EMail Adresse hat kein g\u00FCltiges Format. +validation.edituser.phone.empty=Die Telefonnummer ist leer. +validation.edituser.phone.valid=Die Telefonnummer hat kein g\u00FCltiges Form +validation.edituser.username.empty=Der Benutzername ist leer. +validation.edituser.username.valid=Der Benutzername enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0} +validation.edituser.username.duplicate=Der Benutzername ist bereits vergeben +validation.edituser.password.empty=Das Passwort ist leer. +validation.edituser.password.valid=Das Passwort konnte nicht in einen g\u00FCltigen Schl\u00FCssel transferiert werden. +validation.edituser.bpk.valid=Die BPK enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0} + +validation.general.AlternativeSourceID=Die AlternaticeSourceID enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0} validation.general.certStoreDirectory.empty=CertStoreDirectory Feld ist leer. -validation.general.certStoreDirectory.valid=Das ertStoreDirectory Feld enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0} -validation.general.Defaultchainigmode.empty=Es wurde kein DefaultChainingMode gew\u00e4hlt. -validation.general.Defaultchainigmode.valid=Der DefaultChainingMode enth\u00e4lt einen ung\u00f6ltigen Wert. +validation.general.certStoreDirectory.valid=Das CertStoreDirectory Feld enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0} +validation.general.Defaultchainigmode.empty=Es wurde kein DefaultChainingMode gew\u00E4hlt. +validation.general.Defaultchainigmode.valid=Der DefaultChainingMode enth\u00E4lt einen ung\u00F6ltigen Wert. validation.general.IdentityLinkSigners.empty=Es wurde kein IdentityLinkSigner angegeben -validation.general.IdentityLinkSigners.valid=Der IdentityLinkSigner in der Zeile {0} enth\u00e4lt ein ung\u00fcltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {1} -validation.general.mandateservice.valid=Die URL zum Online-Vollmachten Service hat kein g\u00f6ltiges Format. -validation.general.moasp.auth.transformation.empty=Die Transformation f\u00f6r den Authentfizierungsblock ist leer. -validation.general.moasp.auth.transformation.valid=Die Transformation f\u00f6r den Authentfizierungsblock in der Zeile {0} enth\u00e4lt ein ung\u00fcltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {1} -validation.general.moasp.auth.trustprofile.empty=Das TrustProfile zur Pr\u00f6fung des Authentfizierungsblock ist leer. -validation.general.moasp.auth.trustprofile.valid=Das TrustProfile zur Pr\u00f6fung des Authentfizierungsblock enth\u00e4lt ein ung\u00fcltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0} -validation.general.moasp.idl.trustprofile.empty=Das TrustProfile zur Pr\u00f6fung der Personenbindung ist leer. -validation.general.moasp.idl.trustprofile.valid=Das TrustProfile zur Pr\u00f6fung der Personenbindung enth\u00e4lt ein ung\u00fcltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0} -validation.general.moaspss.url.valid=Die URL zum MOA-SP/SS Service hat kein g\u00f6ltiges Format. -validation.general.protocol.pvp2.issuername.valid=PVP2: Service Name enth\u00e4lt ein ung\u00fcltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0} -validation.general.protocol.pvp2.org.displayname.valid=PVP2 Organisation: Vollst\u00e4ndiger Name enth\u00e4lt ein ung\u00fcltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0} -validation.general.protocol.pvp2.org.name.valid=PVP2 Organisation: Kurzbezeichnung enth\u00e4lt ein ung\u00fcltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0} -validation.general.protocol.pvp2.org.url.valid=PVP2 Organisation: URL hat kein g\u00f6ltiges Format. -validation.general.protocol.pvp2.serviceurl.valid=PVP2: Service URL-Prefix hat kein g\u00f6ltiges Format. -validation.general.protocol.pvp2.contact.company.valid=PVP2 Kontaktdaten: Der Firmenname enth\u00e4lt ein ung\u00fcltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0} -validation.general.protocol.pvp2.contact.givenname.valid=PVP2 Kontaktdaten: Der Familienname enth\u00e4lt ein ung\u00fcltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0} -validation.general.protocol.pvp2.contact.surename.valid=PVP2 Kontaktdaten: Der Vorname enth\u00e4lt ein ung\u00fcltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0} +validation.general.IdentityLinkSigners.valid=Der IdentityLinkSigner in der Zeile {0} enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {1} +validation.general.mandateservice.valid=Die URL zum Online-Vollmachten Service hat kein g\u00F6ltiges Format. +validation.general.moasp.auth.transformation.empty=Die Transformation f\u00F6r den Authentfizierungsblock ist leer. +validation.general.moasp.auth.transformation.valid=Die Transformation f\u00F6r den Authentfizierungsblock in der Zeile {0} enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {1} +validation.general.moasp.auth.trustprofile.empty=Das TrustProfile zur Pr\u00F6fung des Authentfizierungsblock ist leer. +validation.general.moasp.auth.trustprofile.valid=Das TrustProfile zur Pr\u00F6fung des Authentfizierungsblock enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0} +validation.general.moasp.idl.trustprofile.empty=Das TrustProfile zur Pr\u00F6fung der Personenbindung ist leer. +validation.general.moasp.idl.trustprofile.valid=Das TrustProfile zur Pr\u00F6fung der Personenbindung enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0} +validation.general.moaspss.url.valid=Die URL zum MOA-SP/SS Service hat kein g\u00F6ltiges Format. +validation.general.protocol.pvp2.issuername.valid=PVP2\: Service Name enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0} +validation.general.protocol.pvp2.org.displayname.valid=PVP2 Organisation\: Vollst\u00E4ndiger Name enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0} +validation.general.protocol.pvp2.org.name.valid=PVP2 Organisation\: Kurzbezeichnung enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0} +validation.general.protocol.pvp2.org.url.valid=PVP2 Organisation\: URL hat kein g\u00F6ltiges Format. +validation.general.protocol.pvp2.serviceurl.valid=PVP2\: Service URL-Prefix hat kein g\u00F6ltiges Format. +validation.general.protocol.pvp2.contact.company.valid=PVP2 Kontaktdaten\: Der Firmenname enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0} +validation.general.protocol.pvp2.contact.givenname.valid=PVP2 Kontaktdaten\: Der Familienname enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0} +validation.general.protocol.pvp2.contact.surename.valid=PVP2 Kontaktdaten\: Der Vorname enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0} validation.general.protocol.pvp2.contact.type.valid=PVP2 Kontaktdaten: Der angegebene Kontakttyp existiert nicht. -validation.general.protocol.pvp2.contact.mail.valid=PVP2 Kontaktdaten: Die EMail Adresse ist nicht g\u00fcltig. -validation.general.protocol.pvp2.contact.phone.valid=PVP2 Kontaktdaten: Die Telefonnummer ist nicht g\u00fcltig. -validation.general.timeouts.assertion.valid=Das Feld Assertion TimeOut hat keinen g\u00f6ltigen Wert. -validation.general.timeouts.moasessioncreated.valid=Das Feld MOASessionCreated TimeOut hat keinen g\u00fcltigen Wert. -validation.general.timeouts.moasessionupdated.valid=Das Feld MOASessionUpdated TimeOut hat keinen g\u00fcltigen Wert. - -validation.general.slrequest.handy.empty=Die URL zum SecurityLayer Template f\u00f6r die Handy-BKU ist leer. -validation.general.slrequest.handy.valid=Die URL zum SecurityLayer Template f\u00f6r die Handy-BKU hat kein g\u00f6ltiges Format. -validation.general.slrequest.local.empty=Die URL zum SecurityLayer Template f\u00f6r die locale BKU ist leer. -validation.general.slrequest.local.valid=Die URL zum SecurityLayer Template f\u00f6r die locale BKU hat kein g\u00f6ltiges Format. -validation.general.slrequest.online.empty=Die URL zum SecurityLayer Template f\u00f6r die Online-BKU ist leer. -validation.general.slrequest.online.valid=Die URL zum SecurityLayer Template f\u00f6r die Online-BKU hat kein g\u00f6ltiges Format. -validation.general.sso.friendlyname.valid=Der SSO Service Name enth\u00e4lt ein ung\u00fcltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0} -validation.general.sso.identificationnumber.valid=Die SSO IdentificationNumber enth\u00e4lt ein ung\u00fcltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0} -validation.general.sso.publicurl.valid=Der SSO Service URL-Prefix hat kein g\u00f6ltiges Format. -validation.general.sso.specialauthtext.valid=Der SSO AuthBlockText enth\u00e4lt ein ung\u00fcltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0} +validation.general.protocol.pvp2.contact.mail.valid=PVP2 Kontaktdaten\: Die EMail Adresse ist nicht g\u00FCltig. +validation.general.protocol.pvp2.contact.phone.valid=PVP2 Kontaktdaten\: Die Telefonnummer ist nicht g\u00FCltig. +validation.general.timeouts.assertion.valid=Das Feld Assertion TimeOut hat keinen g\u00F6ltigen Wert. +validation.general.timeouts.moasessioncreated.valid=Das Feld MOASessionCreated TimeOut hat keinen g\u00FCltigen Wert. +validation.general.timeouts.moasessionupdated.valid=Das Feld MOASessionUpdated TimeOut hat keinen g\u00FCltigen Wert. + +validation.general.slrequest.handy.empty=Die URL zum SecurityLayer Template f\u00F6r die Handy-BKU ist leer. +validation.general.slrequest.handy.valid=Die URL zum SecurityLayer Template f\u00F6r die Handy-BKU hat kein g\u00F6ltiges Format. +validation.general.slrequest.local.empty=Die URL zum SecurityLayer Template f\u00F6r die locale BKU ist leer. +validation.general.slrequest.local.valid=Die URL zum SecurityLayer Template f\u00F6r die locale BKU hat kein g\u00F6ltiges Format. +validation.general.slrequest.online.empty=Die URL zum SecurityLayer Template f\u00F6r die Online-BKU ist leer. +validation.general.slrequest.online.valid=Die URL zum SecurityLayer Template f\u00F6r die Online-BKU hat kein g\u00F6ltiges Format. +validation.general.sso.friendlyname.valid=Der SSO Service Name enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0} +validation.general.sso.identificationnumber.valid=Die SSO IdentificationNumber enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0} +validation.general.sso.publicurl.valid=Der SSO Service URL-Prefix hat kein g\u00F6ltiges Format. +validation.general.sso.specialauthtext.valid=Der SSO AuthBlockText enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0} validation.general.sso.target.empty=Das SSO Target Feld ist leer. -validation.general.sso.target.valid=Das SSO Target Feld enth\u00e4lt ein ung\u00fcltiges Target. -validation.general.szrgw.url.valid=Die URL des SZR Gateways hat kein g\u00f6ltiges Format. +validation.general.sso.target.valid=Das SSO Target Feld enth\u00E4lt ein ung\u00FCltiges Target. +validation.general.szrgw.url.valid=Die URL des SZR Gateways hat kein g\u00F6ltiges Format. validation.general.trustedcacerts.empty=Das Feld TrustedCACertificates ist leer. -validation.general.trustedcacerts.valid=Das Feld TrustedCACertificates enth\u00e4lt ein ung\u00fcltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0} -validation.general.slrequest.filename.valid=Der Dateiname der angegebenen SecurtityLayer Transformation enth\u00e4lt ein ung\u00fcltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0} +validation.general.trustedcacerts.valid=Das Feld TrustedCACertificates enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0} +validation.general.slrequest.filename.valid=Der Dateiname der angegebenen SecurtityLayer Transformation enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0} validation.general.slrequest.file.valid=Die angegebenen SecurtityLayer Transformation konnte nicht geladen werden. validation.general.aditionalauthblocktext=Der Zusatztext f\u00FCr den AuthBlock enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0} diff --git a/id/ConfigWebTool/src/main/resources/struts.xml b/id/ConfigWebTool/src/main/resources/struts.xml index 83234ba3c..a729f5f57 100644 --- a/id/ConfigWebTool/src/main/resources/struts.xml +++ b/id/ConfigWebTool/src/main/resources/struts.xml @@ -16,6 +16,23 @@ <interceptor-ref name="defaultStack"/> </action> + <action name="authenticate" method="authenticate" class="at.gv.egovernment.moa.id.configuration.struts.action.IndexAction"> + <result name="success" type="redirectAction"> + <param name="actionName">main</param> + <param name="namespace">/secure</param> + </result> + <result name="error">/index.jsp</result> + <interceptor-ref name="defaultStack"/> + </action> + + <action name="logout" method="logout" class="at.gv.egovernment.moa.id.configuration.struts.action.IndexAction"> + <result name="success" type="redirectAction"> + <param name="actionName">index</param> + <param name="namespace">/</param> + </result> + <interceptor-ref name="defaultStack"/> + </action> + <action name="error" method="error" class="at.gv.egovernment.moa.id.configuration.struts.action.IndexAction"> <result name="error">/error.jsp</result> <interceptor-ref name="defaultStack"/> @@ -25,45 +42,70 @@ <package name="secure" namespace="/secure" extends="struts-default"> <default-interceptor-ref name="defaultStack"/> - + + <action name="index"> + <result type="redirectAction"> + <param name="actionName">index</param> + <param name="namespace">/</param> + </result> + </action> + <action name="main" method="generateMainFrame" class="at.gv.egovernment.moa.id.configuration.struts.action.MainAction"> <result name="success">/jsp/mainpage.jsp</result> <result name="error">/error.jsp</result> - <result name="reauthentication">/index.jsp</result> + <result name="reauthentication" type="redirectAction"> + <param name="actionName">logout</param> + <param name="namespace">/</param> + </result> <interceptor-ref name="defaultStack"/> - </action> - + </action> + <action name="listallapplications" method="listAllOnlineAppliactions" class="at.gv.egovernment.moa.id.configuration.struts.action.ListOAsAction"> <result name="success">/jsp/listOAs.jsp</result> <result name="error">/error.jsp</result> - <result name="reauthentication">/index.jsp</result> + <result name="reauthentication" type="redirectAction"> + <param name="actionName">logout</param> + <param name="namespace">/</param> + </result> <interceptor-ref name="defaultStack"/> </action> <action name="searchOAInit" method="searchOAInit" class="at.gv.egovernment.moa.id.configuration.struts.action.ListOAsAction"> <result name="success">/jsp/searchOAs.jsp</result> - <result name="reauthentication">/index.jsp</result> + <result name="reauthentication" type="redirectAction"> + <param name="actionName">logout</param> + <param name="namespace">/</param> + </result> <interceptor-ref name="defaultStack"/> </action> <action name="searchOA" method="searchOA" class="at.gv.egovernment.moa.id.configuration.struts.action.ListOAsAction"> <result name="success">/jsp/searchOAs.jsp</result> <result name="error">/error.jsp</result> - <result name="reauthentication">/index.jsp</result> + <result name="reauthentication" type="redirectAction"> + <param name="actionName">logout</param> + <param name="namespace">/</param> + </result> <interceptor-ref name="defaultStack"/> </action> <action name="newOA" method="newOA" class="at.gv.egovernment.moa.id.configuration.struts.action.EditOAAction"> <result name="editOA">/jsp/editOAGeneral.jsp</result> <result name="error">/error.jsp</result> - <result name="reauthentication">/index.jsp</result> + <result name="reauthentication" type="redirectAction"> + <param name="actionName">logout</param> + <param name="namespace">/</param> + </result> <interceptor-ref name="defaultStack"/> </action> <action name="loadOA" method="inital" class="at.gv.egovernment.moa.id.configuration.struts.action.EditOAAction"> <result name="editOA">/jsp/editOAGeneral.jsp</result> <result name="error">/error.jsp</result> - <result name="reauthentication">/index.jsp</result> + <result name="reauthentication" type="redirectAction"> + <param name="actionName">logout</param> + <param name="namespace">/</param> + </result> <interceptor-ref name="defaultStack"/> </action> @@ -71,27 +113,39 @@ <result name="success" type="chain">main</result> <result name="error_validation">/jsp/editOAGeneral.jsp</result> <result name="error">/error.jsp</result> - <result name="reauthentication">/index.jsp</result> + <result name="reauthentication" type="redirectAction"> + <param name="actionName">logout</param> + <param name="namespace">/</param> + </result> <interceptor-ref name="defaultStack"/> </action> <action name="cancleandbackOA" method="cancleAndBackOA" class="at.gv.egovernment.moa.id.configuration.struts.action.EditOAAction"> <result type="chain">main</result> - <result name="reauthentication">/index.jsp</result> + <result name="reauthentication" type="redirectAction"> + <param name="actionName">logout</param> + <param name="namespace">/</param> + </result> <interceptor-ref name="defaultStack"/> </action> <action name="deleteOA" method="deleteOA" class="at.gv.egovernment.moa.id.configuration.struts.action.EditOAAction"> <result type="chain">main</result> <result name="error_validation">/jsp/editOAGeneral.jsp</result> - <result name="reauthentication">/index.jsp</result> + <result name="reauthentication" type="redirectAction"> + <param name="actionName">logout</param> + <param name="namespace">/</param> + </result> <interceptor-ref name="defaultStack"/> </action> <action name="loadGeneralConfig" method="loadConfig" class="at.gv.egovernment.moa.id.configuration.struts.action.EditGeneralConfigAction"> <result name="success">/jsp/editMOAConfig.jsp</result> <result name="error">/error.jsp</result> - <result name="reauthentication">/index.jsp</result> + <result name="reauthentication" type="redirectAction"> + <param name="actionName">logout</param> + <param name="namespace">/</param> + </result> <result name="notallowed" type="chain">main</result> <interceptor-ref name="defaultStack"/> </action> @@ -100,7 +154,10 @@ <result name="success" type="chain">main</result> <result name="error_validation">/jsp/editMOAConfig.jsp</result> <result name="error">/error.jsp</result> - <result name="reauthentication">/index.jsp</result> + <result name="reauthentication" type="redirectAction"> + <param name="actionName">logout</param> + <param name="namespace">/</param> + </result> <result name="notallowed" type="chain">main</result> <interceptor-ref name="defaultStack"/> </action> @@ -108,17 +165,116 @@ <action name="backGeneralConfig" method="back" class="at.gv.egovernment.moa.id.configuration.struts.action.EditGeneralConfigAction"> <result name="success" type="chain">main</result> <result name="error">/error.jsp</result> - <result name="reauthentication">/index.jsp</result> + <result name="reauthentication" type="redirectAction"> + <param name="actionName">logout</param> + <param name="namespace">/</param> + </result> + <interceptor-ref name="defaultStack"/> + </action> + + <action name="importexport" method="init" class="at.gv.egovernment.moa.id.configuration.struts.action.ImportExportAction"> + <result name="success">/jsp/importexport.jsp</result> + <result name="reauthentication" type="redirectAction"> + <param name="actionName">logout</param> + <param name="namespace">/</param> + </result> + <result name="notallowed" type="chain">main</result> <interceptor-ref name="defaultStack"/> </action> - <action name="addTestUser" method="createTestUser" class="at.gv.egovernment.moa.id.configuration.struts.action.UserManagementAction"> - <result name="success" type="chain">main</result> + <action name="importlegacy" method="importLegacyConfig" class="at.gv.egovernment.moa.id.configuration.struts.action.ImportExportAction"> + <result name="success">/jsp/mainpage.jsp</result> + <result name="error_validation">/jsp/importexport.jsp</result> + <result name="reauthentication" type="redirectAction"> + <param name="actionName">logout</param> + <param name="namespace">/</param> + </result> + <result name="notallowed">/jsp/mainpage.jsp</result> + <interceptor-ref name="defaultStack"/> + </action> + + <action name="importConfig" method="importXMLConfig" class="at.gv.egovernment.moa.id.configuration.struts.action.ImportExportAction"> + <result name="success">/jsp/mainpage.jsp</result> + <result name="error_validation">/jsp/importexport.jsp</result> + <result name="reauthentication" type="redirectAction"> + <param name="actionName">logout</param> + <param name="namespace">/</param> + </result> + <result name="notallowed">/jsp/mainpage.jsp</result> + <interceptor-ref name="defaultStack"/> + </action> + + <action name="exportConfig" method="downloadXMLConfig" class="at.gv.egovernment.moa.id.configuration.struts.action.ImportExportAction"> + <result name="success" type="stream"> + <param name="contentType">application/octet-stream</param> + <param name="inputName">fileInputStream</param> + <param name="contentDisposition">attachment;filename="MOAID-2.0_config.xml"</param> + <param name="bufferSize">1024</param> + </result> + <result name="reauthentication" type="redirectAction"> + <param name="actionName">logout</param> + <param name="namespace">/</param> + </result> + <result name="error_validation">/jsp/importexport.jsp</result> + <result name="notallowed">/jsp/mainpage.jsp</result> + <interceptor-ref name="defaultStack"/> + </action> + + <action name="usermanagementInit" method="init" class="at.gv.egovernment.moa.id.configuration.struts.action.UserManagementAction"> + <result name="success">/jsp/usermanagement.jsp</result> + <result name="notallowed">/jsp/edituser.jsp</result> <result name="error">/error.jsp</result> - <result name="reauthentication">/index.jsp</result> + <result name="reauthentication" type="redirectAction"> + <param name="actionName">logout</param> + <param name="namespace">/</param> + </result> <interceptor-ref name="defaultStack"/> </action> - + + <action name="createUser" method="createuser" class="at.gv.egovernment.moa.id.configuration.struts.action.UserManagementAction"> + <result name="success">/jsp/edituser.jsp</result> + <result name="notallowed" type="chain">main</result> + <result name="error">/error.jsp</result> + <result name="reauthentication" type="redirectAction"> + <param name="actionName">logout</param> + <param name="namespace">/</param> + </result> + <interceptor-ref name="defaultStack"/> + </action> + + <action name="editUser" method="edituser" class="at.gv.egovernment.moa.id.configuration.struts.action.UserManagementAction"> + <result name="success">/jsp/edituser.jsp</result> + <result name="error">/error.jsp</result> + <result name="reauthentication" type="redirectAction"> + <param name="actionName">logout</param> + <param name="namespace">/</param> + </result> + <interceptor-ref name="defaultStack"/> + </action> + + <action name="deleteUser" method="deleteuser" class="at.gv.egovernment.moa.id.configuration.struts.action.UserManagementAction"> + <result name="success" type="chain">usermanagementInit</result> + <result name="notallowed" type="chain">main</result> + <result name="error">/error.jsp</result> + <result name="reauthentication" type="redirectAction"> + <param name="actionName">logout</param> + <param name="namespace">/</param> + </result> + <interceptor-ref name="defaultStack"/> + </action> + + <action name="saveUser" method="saveuser" class="at.gv.egovernment.moa.id.configuration.struts.action.UserManagementAction"> + <result name="success" type="chain">usermanagementInit</result> + <result name="error_validation">/jsp/edituser.jsp</result> + <result name="notallowed" type="chain">main</result> + <result name="error">/error.jsp</result> + <result name="reauthentication" type="redirectAction"> + <param name="actionName">logout</param> + <param name="namespace">/</param> + </result> + <interceptor-ref name="defaultStack"/> + </action> + </package> </struts>
\ No newline at end of file diff --git a/id/ConfigWebTool/src/main/webapp/WEB-INF/web.xml b/id/ConfigWebTool/src/main/webapp/WEB-INF/web.xml index c8ba8ab8a..7b27b0c4d 100644 --- a/id/ConfigWebTool/src/main/webapp/WEB-INF/web.xml +++ b/id/ConfigWebTool/src/main/webapp/WEB-INF/web.xml @@ -8,23 +8,23 @@ <filter-class>at.gv.egovernment.moa.id.configuration.filter.AuthenticationFilter</filter-class> <init-param> <param-name>loginPage</param-name> - <param-value>index.action</param-value> + <param-value>./index.action</param-value> </init-param> <init-param> <param-name>errorPage</param-name> - <param-value>error.action</param-value> + <param-value>./error.action</param-value> </init-param> <init-param> <param-name>sessionLostPage</param-name> - <param-value>/</param-value> + <param-value>./authenticate.action</param-value> </init-param> - <init-param> + <init-param> <param-name>authenticatedPage</param-name> - <param-value>main.action</param-value> + <param-value>./secure/main.action</param-value> </init-param> <init-param> <param-name>allowed</param-name> - <param-value>^.*((/index.action)|(/error.action)|(/jsp/.*)|(/css/.*)|(/images/.*)|(/js/.*))$</param-value> + <param-value>^.*((/index.action)|(/error.action)|(/authenticate.action)|(/logout.action)|(/jsp/.*)|(/css/.*)|(/images/.*)|(/js/.*))$</param-value> </init-param> </filter> <filter-mapping> diff --git a/id/ConfigWebTool/src/main/webapp/css/index.css b/id/ConfigWebTool/src/main/webapp/css/index.css index 5edddd506..49e9f41d1 100644 --- a/id/ConfigWebTool/src/main/webapp/css/index.css +++ b/id/ConfigWebTool/src/main/webapp/css/index.css @@ -6,12 +6,17 @@ display: block; } -#header_area>p { +#header_area>div { font-size: 20px; margin-left: 25px; padding-top: 8px; } +#header_area #logoutbutton { + float: right; + padding-right: 25px; +} + #menu_area { margin-top: 25px; border-color: black; @@ -245,6 +250,28 @@ div .wwgrp br { float: left; } +.userListFirst { + position: relative; + width: 200px; + float: left; + +} + +.userListSecond { + position: relative; + float: left; + width: 200px; +} + +.userListThird { + position: relative; + float: left; +} + +.disabled { + +} + #footer_area { background-color: green; clear: both; diff --git a/id/ConfigWebTool/src/main/webapp/index.jsp b/id/ConfigWebTool/src/main/webapp/index.jsp index 44d3bef5a..4e49eac75 100644 --- a/id/ConfigWebTool/src/main/webapp/index.jsp +++ b/id/ConfigWebTool/src/main/webapp/index.jsp @@ -15,9 +15,40 @@ <h1><%=LanguageHelper.getGUIString("webpages.index.header", request) %></h1> <div id="information_area"> + <s:if test="hasActionErrors()"> + <div id="error_area"> + <label><%=LanguageHelper.getGUIString("error.title", request) %></label> + <s:actionerror/> + </div> + </s:if> + + <div id="information_area"> <p><%=LanguageHelper.getGUIString("webpages.index.desciption.head", request) %></p> - <br/> - <a href="secure/main.action">Login</a> + + <div class="oa_config_block"> + + <s:form namespace="/" method="POST" enctype="multipart/form-data"> + + <s:textfield name="username" + value="%{username}" + labelposition="left" + key="webpages.edituser.username" + cssClass="textfield_long" + maxlength="16"> + </s:textfield> + + <s:password name="password" + labelposition="left" + key="webpages.edituser.password" + cssClass="textfield_long" + maxlength="16"> + </s:password> + + <s:submit key="webpages.index.login" action="authenticate"/> + + </s:form> + </div> + </div> </body> diff --git a/id/ConfigWebTool/src/main/webapp/js/common.js b/id/ConfigWebTool/src/main/webapp/js/common.js index 431824c2a..5271a4006 100644 --- a/id/ConfigWebTool/src/main/webapp/js/common.js +++ b/id/ConfigWebTool/src/main/webapp/js/common.js @@ -48,6 +48,10 @@ function editOA(oaid){ $('#selectOAForm_OAID').val(oaid); $('#selectOAForm').submit(); } +function userOA(userid){ + $('#selectUserForm_OAID').val(userid); + $('#selectUserForm').submit(); +} function oaOnLoad() { oaBusinessService(); oaSSOService(); diff --git a/id/ConfigWebTool/src/main/webapp/jsp/edituser.jsp b/id/ConfigWebTool/src/main/webapp/jsp/edituser.jsp new file mode 100644 index 000000000..a332fb425 --- /dev/null +++ b/id/ConfigWebTool/src/main/webapp/jsp/edituser.jsp @@ -0,0 +1,142 @@ +<%@page import="at.gv.egovernment.moa.id.configuration.helper.LanguageHelper"%> + +<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%> +<%@ taglib prefix="s" uri="/struts-tags" %> + +<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> +<html> + <head> + <meta content="text/html; charset=utf-8" http-equiv="Content-Type"> + <link rel="stylesheet" type="text/css" href="../css/index.css"> + <title><%=LanguageHelper.getGUIString("title", request) %></title> + <script type="text/javascript" src="../js/common.js"></script> + <script src="../js/jquery.js"></script> + </head> + + <body> + + <jsp:include page="snippets/header_userinfos.jsp"></jsp:include> + + <jsp:include page="snippets/main_menu.jsp"></jsp:include> + + <div id="information_area"> + <s:if test="hasActionErrors()"> + <div id="error_area"> + <label><%=LanguageHelper.getGUIString("error.title", request) %></label> + <s:actionerror/> + </div> + </s:if> + + <div id="list_area"> + + <s:form namespace="/secure" method="POST" enctype="multipart/form-data"> + + <div class="oa_config_block"> + <h3><%=LanguageHelper.getGUIString("webpages.edituser.header", request) %></h3> + <s:textfield name="user.givenName" + value="%{user.givenName}" + labelposition="left" + key="webpages.edituser.givenname" + cssClass="textfield_long"> + </s:textfield> + <s:textfield name="user.familyName" + value="%{user.familyName}" + labelposition="left" + key="webpages.edituser.familyName" + cssClass="textfield_long"> + </s:textfield> + <s:textfield name="user.institut" + value="%{user.institut}" + labelposition="left" + key="webpages.edituser.institut" + cssClass="textfield_long"> + </s:textfield> + <s:textfield name="user.mail" + value="%{user.mail}" + labelposition="left" + key="webpages.edituser.mail" + cssClass="textfield_long"> + </s:textfield> + <s:textfield name="user.phone" + value="%{user.phone}" + labelposition="left" + key="webpages.edituser.phone" + cssClass="textfield_long"> + </s:textfield> + </div> + + <div class="oa_config_block"> + <h3><%=LanguageHelper.getGUIString("webpages.edituser.access.header", request) %></h3> + <s:if test="isNewUser()"> + <s:textfield name="user.username" + value="%{user.username}" + labelposition="left" + key="webpages.edituser.username" + cssClass="textfield_long" + maxlength="16"> + </s:textfield> + </s:if> + <s:else> + <s:textfield name="user.username" + value="%{user.username}" + labelposition="left" + key="webpages.edituser.username" + cssClass="textfield_long" + disabled="true" + maxlength="16"> + </s:textfield> + </s:else> + + <s:password name="user.password" + labelposition="left" + key="webpages.edituser.password" + cssClass="textfield_long" + maxlength="16"> + </s:password> + + <s:textfield name="user.bpk" + value="%{user.bpk}" + labelposition="left" + key="webpages.edituser.bpk" + cssClass="textfield_long"> + </s:textfield> + </div> + + <s:if test="authUser.isAdmin()"> + <div class="oa_config_block"> + <h3><%=LanguageHelper.getGUIString("webpages.edituser.role.header", request) %></h3> + <s:checkbox name="user.active" + value="%{user.active}" + labelposition="left" + key="webpages.edituser.active" + cssClass="checkbox"> + </s:checkbox> + <s:checkbox name="user.admin" + value="%{user.admin}" + labelposition="left" + key="webpages.edituser.admin" + cssClass="checkbox"> + </s:checkbox> + </div> + </s:if> + + <s:hidden name="user.userID" value="%{user.userID}"></s:hidden> + + <div id="button_area"> + + <s:if test="authUser.isAdmin()"> + <s:submit key="webpages.edit.back" action="usermanagementInit"/> + </s:if> + <s:submit key="webpages.edit.save" action="saveUser"/> + <s:if test="!isNewUser()"> + <s:submit key="webpages.edit.delete.user" action="deleteUser"/> + </s:if> + </div> + </s:form> + </div> + </div> + + <jsp:include page="snippets/footer.jsp"></jsp:include> + + </body> +</html>
\ No newline at end of file diff --git a/id/ConfigWebTool/src/main/webapp/jsp/importexport.jsp b/id/ConfigWebTool/src/main/webapp/jsp/importexport.jsp new file mode 100644 index 000000000..b28bc5f57 --- /dev/null +++ b/id/ConfigWebTool/src/main/webapp/jsp/importexport.jsp @@ -0,0 +1,76 @@ +<%@page import="at.gv.egovernment.moa.id.configuration.helper.LanguageHelper"%> + +<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%> +<%@ taglib prefix="s" uri="/struts-tags" %> + +<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> +<html> + <head> + <meta content="text/html; charset=utf-8" http-equiv="Content-Type"> + <link rel="stylesheet" type="text/css" href="../css/index.css"> + <title><%=LanguageHelper.getGUIString("title", request) %></title> + <script type="text/javascript" src="../js/common.js"></script> + <script src="../js/jquery.js"></script> + </head> + + <body> + + <jsp:include page="snippets/header_userinfos.jsp"></jsp:include> + + <jsp:include page="snippets/main_menu.jsp"></jsp:include> + + <div id="information_area"> + <s:if test="hasActionErrors()"> + <div id="error_area"> + <label><%=LanguageHelper.getGUIString("error.title", request) %></label> + <s:actionerror/> + </div> + </s:if> + + <div id="list_area"> + <h2><%=LanguageHelper.getGUIString("webpages.inportexport.header", request) %></h2> + + + <s:if test="authUser.isAdmin()"> + + <p><%=LanguageHelper.getGUIString("webpages.inportexport.descripten", request) %></p> + + <s:form namespace="/secure" method="POST" enctype="multipart/form-data"> + + + <div class="oa_config_block"> + <h3><%=LanguageHelper.getGUIString("webpages.inportexport.legacyimport.header", request) %></h3> + <s:file name="fileUpload" key="webpages.inportexport.legacyimport.upload" cssClass="textfield_long"></s:file> + + <div id="button_area"> + <%-- <s:submit key="webpages.edit.back" action="main"/> --%> + <s:submit key="webpages.edit.import" action="importlegacy"/> + </div> + </div> + + </s:form> + + <s:form namespace="/secure" method="POST" enctype="multipart/form-data"> + + + <div class="oa_config_block"> + <h3><%=LanguageHelper.getGUIString("webpages.inportexport.import.header", request) %></h3> + <s:file name="fileUpload" key="webpages.inportexport.import.upload" cssClass="textfield_long"></s:file> + + <div id="button_area"> + <s:submit key="webpages.edit.import" action="importConfig"/> + <s:submit key="webpages.edit.export" action="exportConfig"/> + </div> + + </div> + </s:form> + </s:if> + + </div> + + </div> + + <jsp:include page="snippets/footer.jsp"></jsp:include> + + </body> +</html>
\ No newline at end of file diff --git a/id/ConfigWebTool/src/main/webapp/jsp/mainpage.jsp b/id/ConfigWebTool/src/main/webapp/jsp/mainpage.jsp index c3a4921e9..b700970cc 100644 --- a/id/ConfigWebTool/src/main/webapp/jsp/mainpage.jsp +++ b/id/ConfigWebTool/src/main/webapp/jsp/mainpage.jsp @@ -26,7 +26,7 @@ </div> </s:if> - <p>das ist ein Test Text</p> + <p>Im Menü auf der rechten Seite können Sie die einzelnen Operationen wählen.</p> </div> <jsp:include page="snippets/footer.jsp"></jsp:include> diff --git a/id/ConfigWebTool/src/main/webapp/jsp/snippets/header_userinfos.jsp b/id/ConfigWebTool/src/main/webapp/jsp/snippets/header_userinfos.jsp index a10b6e202..56fcf9681 100644 --- a/id/ConfigWebTool/src/main/webapp/jsp/snippets/header_userinfos.jsp +++ b/id/ConfigWebTool/src/main/webapp/jsp/snippets/header_userinfos.jsp @@ -4,9 +4,14 @@ <html> <div id="header_area"> - <p><%=LanguageHelper.getGUIString("webpages.header.info", request) %> + <div><%=LanguageHelper.getGUIString("webpages.header.info", request) %> <s:property value="authUser.givenName"/> <s:property value="authUser.familyName"/>, <%=LanguageHelper.getGUIString("webpages.header.lastlogin", request) %> <s:property value="authUser.lastLogin"/> - </p> + + <s:url action="logout" var="logoutURL" namespace="/"/> + <a id="logoutbutton" href="<s:property value="#logoutURL" />"><%=LanguageHelper.getGUIString("webpages.index.logout", request) %></a> + </div> + + </div> </html>
\ No newline at end of file diff --git a/id/ConfigWebTool/src/main/webapp/jsp/snippets/main_menu.jsp b/id/ConfigWebTool/src/main/webapp/jsp/snippets/main_menu.jsp index 06bb1130c..26b12cdcb 100644 --- a/id/ConfigWebTool/src/main/webapp/jsp/snippets/main_menu.jsp +++ b/id/ConfigWebTool/src/main/webapp/jsp/snippets/main_menu.jsp @@ -5,34 +5,38 @@ <html> <div id="menu_area"> <div class="menu_element"> - <s:url action="newOA.action" var="newOA" namespace="/secure"/> + <s:url action="newOA" var="newOA" namespace="/secure"/> <a href="<s:property value="#newOA" />"><%=LanguageHelper.getGUIString("webpages.mainpage.menu.oa.insert", request) %></a> </div> <div class="menu_element"> - <s:url action="searchOAInit.action" var="searchOAs" namespace="/secure"/> + <s:url action="searchOAInit" var="searchOAs" namespace="/secure"/> <a href="<s:property value="#searchOAs" />"><%=LanguageHelper.getGUIString("webpages.mainpage.menu.oa.search", request) %></a> </div> <div class="menu_element"> - <s:url action="listallapplications.action" var="listAllOAs" namespace="/secure"/> + <s:url action="listallapplications" var="listAllOAs" namespace="/secure"/> <a href="<s:property value="#listAllOAs" />"><%=LanguageHelper.getGUIString("webpages.mainpage.menu.oa.display", request) %></a> </div> <s:if test="authUser.isAdmin()"> <div class="menu_element"> - <s:url action="loadGeneralConfig.action" var="generalConfig" namespace="/secure"/> + <s:url action="loadGeneralConfig" var="generalConfig" namespace="/secure"/> <a href="<s:property value="#generalConfig" />"><%=LanguageHelper.getGUIString("webpages.mainpage.menu.general.config.moaid", request) %></a> </div> <div class="menu_element"> - <a href=""><%=LanguageHelper.getGUIString("webpages.mainpage.menu.general.importexport", request) %></a> - </div> - <div class="menu_element"> - <a href=""><%=LanguageHelper.getGUIString("webpages.mainpage.menu.general.usermanagement", request) %></a> + <s:url action="importexport" var="importexportUrl" namespace="/secure"/> + <a href="<s:property value="#importexportUrl" />"><%=LanguageHelper.getGUIString("webpages.mainpage.menu.general.importexport", request) %></a> </div> </s:if> <div class="menu_element"> - <a href=""><%=LanguageHelper.getGUIString("webpages.mainpage.menu.general.user", request) %></a> + <s:url action="usermanagementInit" var="userManagementUrl" namespace="/secure"/> + <a href="<s:property value="#userManagementUrl" />"><%=LanguageHelper.getGUIString("webpages.mainpage.menu.general.usermanagement", request) %></a> </div> + +<%-- <div class="menu_element"> + <a href=""><%=LanguageHelper.getGUIString("webpages.mainpage.menu.general.user", request) %></a> + </div> --%> + </div> </html>
\ No newline at end of file diff --git a/id/ConfigWebTool/src/main/webapp/jsp/snippets/oas_list.jsp b/id/ConfigWebTool/src/main/webapp/jsp/snippets/oas_list.jsp index 2e1b0365f..113e822f8 100644 --- a/id/ConfigWebTool/src/main/webapp/jsp/snippets/oas_list.jsp +++ b/id/ConfigWebTool/src/main/webapp/jsp/snippets/oas_list.jsp @@ -28,7 +28,7 @@ </s:iterator> </div> - <s:form namespace="/" method="GET" id="selectOAForm" action="loadOA" namespace="/secure"> + <s:form method="POST" id="selectOAForm" action="loadOA" namespace="/secure"> <s:hidden id="selectOAForm_OAID" name="oaidobj"></s:hidden> </s:form> </s:if> diff --git a/id/ConfigWebTool/src/main/webapp/jsp/snippets/user_list.jsp b/id/ConfigWebTool/src/main/webapp/jsp/snippets/user_list.jsp new file mode 100644 index 000000000..c5b67cbac --- /dev/null +++ b/id/ConfigWebTool/src/main/webapp/jsp/snippets/user_list.jsp @@ -0,0 +1,42 @@ +<%@page import="at.gv.egovernment.moa.id.configuration.helper.LanguageHelper"%> +<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%> +<%@ taglib prefix="s" uri="/struts-tags" %> + +<html> + <s:if test="userlist && userlist.size > 0"> + <h3><%=LanguageHelper.getGUIString("webpages.listUsers.list.header", request) %></h3> + <div id="list_area"> + <div id="listHeader" class="listElement"> + <div class="userListFirst"> + <%=LanguageHelper.getGUIString("webpages.listUsers.list.first", request) %> + </div> + <div class="userListSecond"> + <%=LanguageHelper.getGUIString("webpages.listUsers.list.second", request) %> + </div> + <div class="userListThird"> + <%=LanguageHelper.getGUIString("webpages.listUsers.list.third", request) %> + </div> + </div> + + <s:iterator var="UserElement" value="userlist"> + + <div class="listElement" onclick="userOA(<s:property value='userID'/>);"> + <div class="userListFirst"> + <s:property value="givenName"/> + </div> + <div class="userListSecond"> + <s:property value="familyName"/> + </div> + <div class="userListThird"> + <s:property value="userName"/> + </div> + </div> + + </s:iterator> + </div> + + <s:form method="POST" id="selectUserForm" action="editUser" namespace="/secure"> + <s:hidden id="selectUserForm_OAID" name="useridobj"></s:hidden> + </s:form> + </s:if> +</html>
\ No newline at end of file diff --git a/id/ConfigWebTool/src/main/webapp/jsp/usermanagement.jsp b/id/ConfigWebTool/src/main/webapp/jsp/usermanagement.jsp new file mode 100644 index 000000000..a29780cff --- /dev/null +++ b/id/ConfigWebTool/src/main/webapp/jsp/usermanagement.jsp @@ -0,0 +1,50 @@ +<%@page import="at.gv.egovernment.moa.id.configuration.helper.LanguageHelper"%> + +<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%> +<%@ taglib prefix="s" uri="/struts-tags" %> + +<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> +<html> + <head> + <meta content="text/html; charset=utf-8" http-equiv="Content-Type"> + <link rel="stylesheet" type="text/css" href="../css/index.css"> + <title><%=LanguageHelper.getGUIString("title", request) %></title> + <script type="text/javascript" src="../js/common.js"></script> + <script src="../js/jquery.js"></script> + </head> + + <body> + + <jsp:include page="snippets/header_userinfos.jsp"></jsp:include> + + <jsp:include page="snippets/main_menu.jsp"></jsp:include> + + <div id="information_area"> + <s:if test="hasActionErrors()"> + <div id="error_area"> + <label><%=LanguageHelper.getGUIString("error.title", request) %></label> + <s:actionerror/> + </div> + </s:if> + + <h2><%=LanguageHelper.getGUIString("webpages.usermanagement.header", request) %></h2> + + <s:if test="authUser.isAdmin()"> + + <jsp:include page="snippets/user_list.jsp"></jsp:include> + + <div id="list_area"> + <s:form namespace="/secure" method="POST" enctype="multipart/form-data"> + <div id="button_area"> + <s:submit key="webpages.usermanagement.newuser" action="createUser"/> + </div> + </s:form> + </div> + </s:if> + + </div> + + <jsp:include page="snippets/footer.jsp"></jsp:include> + + </body> +</html>
\ No newline at end of file diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java index 3fc59a78d..da3a79d32 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java @@ -344,7 +344,7 @@ public class AuthConfigurationProvider extends ConfigurationProvider { if (MiscUtil.isNotEmpty(legacyconfig)) { Logger.warn("WARNING! MOA-ID 2.0 is started with legacy configuration. This setup is not recommended!"); - MOAIDConfiguration moaconfig = BuildFromLegacyConfig.build(legacyconfig, rootConfigFileDir, props); + MOAIDConfiguration moaconfig = BuildFromLegacyConfig.build(new File(legacyconfig), rootConfigFileDir); ConfigurationDBUtils.save(moaconfig); Logger.info("Legacy Configuration load is completed."); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java index e70830f93..99567478d 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java @@ -24,6 +24,7 @@ import org.opensaml.xml.parse.BasicParserPool; import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWSecureSocketFactory; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead; +import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; import at.gv.egovernment.moa.id.commons.db.dao.config.OAPVP2; import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; @@ -93,8 +94,9 @@ public class MOAMetadataProvider implements MetadataProvider { Logger.error( "Failed to add Metadata (unhandled reason: " + e.getMessage(), e); - } + } } + internalProvider = chainProvider; } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SessionEncrytionUtil.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SessionEncrytionUtil.java index 4ae4e5c44..1f8c31bb5 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SessionEncrytionUtil.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SessionEncrytionUtil.java @@ -32,6 +32,7 @@ public class SessionEncrytionUtil { SecretKey tmp = factory.generateSecret(spec); secret = new SecretKeySpec(tmp.getEncoded(), "AES"); + } else { Logger.warn("MOASession encryption is deaktivated."); } diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBRead.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBRead.java index 08cb32625..795981777 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBRead.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBRead.java @@ -24,6 +24,8 @@ public class ConfigurationDBRead { QUERIES.put("getAllActiveOnlineApplications", "select onlineapplication from OnlineApplication onlineapplication where onlineapplication.isActive = '1'"); QUERIES.put("getMOAIDConfiguration", "select moaidconfiguration from MOAIDConfiguration moaidconfiguration"); QUERIES.put("getUserWithUserID", "select userdatabase from UserDatabase userdatabase where userdatabase.hjid = :id"); + QUERIES.put("getUserWithUserUsername", "select userdatabase from UserDatabase userdatabase where userdatabase.username = :username"); + QUERIES.put("getAllUsers", "select userdatabase from UserDatabase userdatabase"); QUERIES.put("searchOnlineApplicationsWithID", "select onlineapplication from OnlineApplication onlineapplication where onlineapplication.friendlyName like :id"); } @SuppressWarnings("rawtypes") @@ -133,6 +135,24 @@ public class ConfigurationDBRead { return result; } + public static List<UserDatabase> getAllUsers() { + Logger.trace("Get All OnlineApplications from database."); + + List<UserDatabase> result; + EntityManager session = ConfigurationDBUtils.getCurrentSession(); + + javax.persistence.Query query = session.createQuery(QUERIES.get("getAllUsers")); + result = query.getResultList(); + + Logger.trace("Found entries: " + result.size()); + + if (result.size() == 0) { + Logger.trace("No entries found."); + return null; + } + return result; + } + public static List<OnlineApplication> getAllActiveOnlineApplications() { Logger.trace("Get All active OnlineApplications from database."); @@ -192,5 +212,27 @@ public class ConfigurationDBRead { return null; } return (UserDatabase) result.get(0); - } + } + + + + public static UserDatabase getUserWithUserName(String username) { + MiscUtil.assertNotNull(username, "UserName"); + Logger.trace("Getting Userinformation with ID " + username + " from database."); + + List<UserDatabase> result; + EntityManager session = ConfigurationDBUtils.getCurrentSession(); + + javax.persistence.Query query = session.createQuery(QUERIES.get("getUserWithUserUsername")); + query.setParameter("username", username); + result = query.getResultList(); + + Logger.trace("Found entries: " + result.size()); + + if (result.size() == 0) { + Logger.trace("No entries found."); + return null; + } + return (UserDatabase) result.get(0); + } } diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBUtils.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBUtils.java index c8bacb470..16cea07d8 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBUtils.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBUtils.java @@ -80,6 +80,7 @@ public final class ConfigurationDBUtils { query.getResultList(); } catch (Throwable e) { + Logger.warn("JPA Session Handling Warning!!!! - This error should not occur."); session = getNewSession(); } |