aboutsummaryrefslogtreecommitdiff
path: root/id
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2013-08-08 15:50:28 +0200
committerThomas Lenz <tlenz@iaik.tugraz.at>2013-08-08 15:50:28 +0200
commit2337072ac18b66e523818702ba6dce6b462472b1 (patch)
tree44482f07d89a6d7ffb57e014185b52a73e6f68d0 /id
parentf7c35a0214cb10cf6f7de031e9e5e73f40e4569d (diff)
downloadmoa-id-spss-2337072ac18b66e523818702ba6dce6b462472b1.tar.gz
moa-id-spss-2337072ac18b66e523818702ba6dce6b462472b1.tar.bz2
moa-id-spss-2337072ac18b66e523818702ba6dce6b462472b1.zip
MOA-ID Configuration Tool Beta
Diffstat (limited to 'id')
-rw-r--r--id/ConfigWebTool/pom.xml19
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java3
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/AuthenticatedUser.java18
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/UserDatabaseFrom.java237
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java3
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java4
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/AuthenticationHelper.java35
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java353
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java141
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java368
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/UserDatabaseFormValidator.java147
-rw-r--r--id/ConfigWebTool/src/main/resources/applicationResources.properties (renamed from id/ConfigWebTool/src/main/resources/applicationResources_de.properties)158
-rw-r--r--id/ConfigWebTool/src/main/resources/struts.xml194
-rw-r--r--id/ConfigWebTool/src/main/webapp/WEB-INF/web.xml12
-rw-r--r--id/ConfigWebTool/src/main/webapp/css/index.css29
-rw-r--r--id/ConfigWebTool/src/main/webapp/index.jsp35
-rw-r--r--id/ConfigWebTool/src/main/webapp/js/common.js4
-rw-r--r--id/ConfigWebTool/src/main/webapp/jsp/edituser.jsp142
-rw-r--r--id/ConfigWebTool/src/main/webapp/jsp/importexport.jsp76
-rw-r--r--id/ConfigWebTool/src/main/webapp/jsp/mainpage.jsp2
-rw-r--r--id/ConfigWebTool/src/main/webapp/jsp/snippets/header_userinfos.jsp9
-rw-r--r--id/ConfigWebTool/src/main/webapp/jsp/snippets/main_menu.jsp22
-rw-r--r--id/ConfigWebTool/src/main/webapp/jsp/snippets/oas_list.jsp2
-rw-r--r--id/ConfigWebTool/src/main/webapp/jsp/snippets/user_list.jsp42
-rw-r--r--id/ConfigWebTool/src/main/webapp/jsp/usermanagement.jsp50
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java2
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java4
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SessionEncrytionUtil.java1
-rw-r--r--id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBRead.java44
-rw-r--r--id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBUtils.java1
30 files changed, 2046 insertions, 111 deletions
diff --git a/id/ConfigWebTool/pom.xml b/id/ConfigWebTool/pom.xml
index c55a1e04f..411ef55e6 100644
--- a/id/ConfigWebTool/pom.xml
+++ b/id/ConfigWebTool/pom.xml
@@ -9,10 +9,29 @@
<dependencies>
<dependency>
+ <groupId>javax.servlet</groupId>
+ <artifactId>jstl</artifactId>
+ <version>1.2</version>
+ <scope>provided</scope>
+ </dependency>
+ <dependency>
+ <groupId>javax.servlet</groupId>
+ <artifactId>servlet-api</artifactId>
+ <version>2.5</version>
+ <scope>provided</scope>
+ </dependency>
+
+
+ <dependency>
<groupId>MOA.id.server</groupId>
<artifactId>moa-id-commons</artifactId>
<version>1.5.2</version>
</dependency>
+ <dependency>
+ <groupId>MOA.id.server</groupId>
+ <artifactId>moa-id-lib</artifactId>
+ <version>1.9.90-SNAPSHOT</version>
+ </dependency>
<dependency>
<groupId>at.gv.util</groupId>
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java
index 8ef3ec2f0..d088edf34 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java
@@ -23,4 +23,7 @@ public class Constants {
public static final String MOA_CONFIG_PROTOCOL_SAML1 = "id_saml1";
public static final String MOA_CONFIG_PROTOCOL_PVP2 = "id_pvp2x";
+
+ public static final String DEFAULT_LOCALBKU_URL = "https://127.0.0.1:3496/https-security-layer-request";
+ public static final String DEFAULT_HANDYBKU_URL = "https://www.handy-signatur.at/mobile/https-security-layer-request/default.aspx";
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/AuthenticatedUser.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/AuthenticatedUser.java
index 3ff48e92b..8f75a357c 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/AuthenticatedUser.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/AuthenticatedUser.java
@@ -10,17 +10,19 @@ public class AuthenticatedUser {
private long userID;
private String givenName;
private String familyName;
+ private String userName;
private Date lastLogin;
public AuthenticatedUser() {
}
- public AuthenticatedUser(long userID, String givenName, String familyName,
+ public AuthenticatedUser(long userID, String givenName, String familyName, String userName,
boolean isAuthenticated, boolean isAdmin) {
this.familyName = familyName;
this.givenName = givenName;
+ this.userName = userName;
this.userID = userID;
this.isAdmin = isAdmin;
this.isAuthenticated = isAuthenticated;
@@ -110,6 +112,20 @@ public class AuthenticatedUser {
public void setLastLogin(Date lastLogin) {
this.lastLogin = lastLogin;
}
+
+ /**
+ * @return the userName
+ */
+ public String getUserName() {
+ return userName;
+ }
+
+ /**
+ * @param userName the userName to set
+ */
+ public void setUserName(String userName) {
+ this.userName = userName;
+ }
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/UserDatabaseFrom.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/UserDatabaseFrom.java
new file mode 100644
index 000000000..e62160285
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/UserDatabaseFrom.java
@@ -0,0 +1,237 @@
+package at.gv.egovernment.moa.id.configuration.data;
+
+import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase;
+import at.gv.egovernment.moa.util.MiscUtil;
+import at.gv.util.data.BPK;
+
+public class UserDatabaseFrom {
+
+ private String bpk;
+ private String familyName;
+ private String givenName;
+ private String institut;
+ private String mail;
+ private String phone;
+ private String username;
+ private String password;
+ private boolean active = false;
+ private boolean admin = false;
+ private boolean passwordActive;
+ private String userID = null;
+
+ public UserDatabaseFrom() {
+
+ }
+
+ public UserDatabaseFrom(UserDatabase db) {
+ bpk = db.getBpk();
+ familyName = db.getFamilyname();
+ givenName = db.getGivenname();
+ institut = db.getInstitut();
+ mail = db.getMail();
+ phone = db.getPhone();
+ username = db.getUsername();
+
+ if (MiscUtil.isNotEmpty(db.getPassword()))
+ passwordActive = true;
+ else
+ passwordActive = false;
+
+ active = db.isIsActive();
+ admin = db.isIsAdmin();
+
+ userID = String.valueOf(db.getHjid());
+ }
+
+
+ /**
+ * @return the bpk
+ */
+ public String getBpk() {
+ return bpk;
+ }
+
+
+ /**
+ * @param bpk the bpk to set
+ */
+ public void setBpk(String bpk) {
+ this.bpk = bpk;
+ }
+
+
+ /**
+ * @return the familyName
+ */
+ public String getFamilyName() {
+ return familyName;
+ }
+
+
+ /**
+ * @param familyName the familyName to set
+ */
+ public void setFamilyName(String familyName) {
+ this.familyName = familyName;
+ }
+
+
+ /**
+ * @return the givenName
+ */
+ public String getGivenName() {
+ return givenName;
+ }
+
+
+ /**
+ * @param givenName the givenName to set
+ */
+ public void setGivenName(String givenName) {
+ this.givenName = givenName;
+ }
+
+
+ /**
+ * @return the institut
+ */
+ public String getInstitut() {
+ return institut;
+ }
+
+
+ /**
+ * @param institut the institut to set
+ */
+ public void setInstitut(String institut) {
+ this.institut = institut;
+ }
+
+
+ /**
+ * @return the mail
+ */
+ public String getMail() {
+ return mail;
+ }
+
+
+ /**
+ * @param mail the mail to set
+ */
+ public void setMail(String mail) {
+ this.mail = mail;
+ }
+
+
+ /**
+ * @return the phone
+ */
+ public String getPhone() {
+ return phone;
+ }
+
+
+ /**
+ * @param phone the phone to set
+ */
+ public void setPhone(String phone) {
+ this.phone = phone;
+ }
+
+
+ /**
+ * @return the username
+ */
+ public String getUsername() {
+ return username;
+ }
+
+
+ /**
+ * @param username the username to set
+ */
+ public void setUsername(String username) {
+ this.username = username;
+ }
+
+
+ /**
+ * @return the password
+ */
+ public String getPassword() {
+ return password;
+ }
+
+
+ /**
+ * @param password the password to set
+ */
+ public void setPassword(String password) {
+ this.password = password;
+ }
+
+
+ /**
+ * @return the active
+ */
+ public boolean isActive() {
+ return active;
+ }
+
+
+ /**
+ * @param active the active to set
+ */
+ public void setActive(boolean active) {
+ this.active = active;
+ }
+
+
+ /**
+ * @return the admin
+ */
+ public boolean isAdmin() {
+ return admin;
+ }
+
+
+ /**
+ * @param admin the admin to set
+ */
+ public void setAdmin(boolean admin) {
+ this.admin = admin;
+ }
+
+
+ /**
+ * @return the passwordActive
+ */
+ public boolean isPasswordActive() {
+ return passwordActive;
+ }
+
+
+ /**
+ * @param passwordActive the passwordActive to set
+ */
+ public void setPasswordActive(boolean passwordActive) {
+ this.passwordActive = passwordActive;
+ }
+
+ /**
+ * @return the userID
+ */
+ public String getUserID() {
+ return userID;
+ }
+
+ /**
+ * @param userID the userID to set
+ */
+ public void setUserID(String userID) {
+ this.userID = userID;
+ }
+
+
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java
index f3b513019..129d62346 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java
@@ -67,6 +67,9 @@ public class OAGeneralConfig {
for (int i=0; i<values.length; i++) {
keyBoxIdentifierList.put(values[i].value(), values[i].value());
}
+
+ bkuLocalURL = Constants.DEFAULT_LOCALBKU_URL;
+ bkuHandyURL = Constants.DEFAULT_HANDYBKU_URL;
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java
index 4eccfdf5d..a58b20214 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java
@@ -128,7 +128,7 @@ public class AuthenticationFilter implements Filter{
if (authuser == null) {
- authuser = new AuthenticatedUser(1, "Max", "TestUser", true, true);
+ authuser = new AuthenticatedUser(0, "Max", "TestUser", "maxtestuser", true, true);
//authuser = new AuthenticatedUser(1, "Max", "TestUser", true, false);
httpServletRequest.getSession().setAttribute(Constants.SESSION_AUTH, authuser);
}
@@ -150,6 +150,8 @@ public class AuthenticationFilter implements Filter{
if (MiscUtil.isNotEmpty(getAuthenticatedPage())) {
log.debug("Unable to find authentication data. Authenticated page is given so there is no need to save original request url. " + (loginPageForward ? "Forwarding" : "Redirecting") + " to login page \"" + loginPage + "\".");
+
+
}
else {
log.debug("Unable to find authentication data. Storing request url and " + (loginPageForward ? "forwarding" : "redirecting") + " to login page \"" + loginPage + "\".");
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/AuthenticationHelper.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/AuthenticationHelper.java
new file mode 100644
index 000000000..b2f1b106f
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/AuthenticationHelper.java
@@ -0,0 +1,35 @@
+package at.gv.egovernment.moa.id.configuration.helper;
+
+import java.security.spec.KeySpec;
+
+import javax.crypto.SecretKey;
+import javax.crypto.SecretKeyFactory;
+import javax.crypto.spec.PBEKeySpec;
+import javax.crypto.spec.SecretKeySpec;
+
+import org.apache.log4j.Logger;
+
+import at.gv.egovernment.moa.util.Base64Utils;
+
+public class AuthenticationHelper {
+
+ private static final Logger log = Logger.getLogger(AuthenticationHelper.class);
+
+ public static String generateKeyFormPassword(String password) {
+ SecretKeyFactory factory;
+
+ try {
+ factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
+ KeySpec spec = new PBEKeySpec(password.toCharArray(), "TestSALT".getBytes(), 1024, 128);
+ SecretKey tmp = factory.generateSecret(spec);
+ SecretKeySpec secret = new SecretKeySpec(tmp.getEncoded(), "AES");
+ return Base64Utils.encode(secret.getEncoded());
+
+ } catch (Exception e) {
+ log.info("Key generation form password failed.");
+ return null;
+ }
+
+ }
+
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java
new file mode 100644
index 000000000..a8992e6b8
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java
@@ -0,0 +1,353 @@
+package at.gv.egovernment.moa.id.configuration.struts.action;
+
+import java.io.File;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
+import java.io.StringReader;
+import java.io.StringWriter;
+import java.util.List;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.xml.bind.JAXBContext;
+import javax.xml.bind.JAXBException;
+import javax.xml.bind.Marshaller;
+import javax.xml.bind.Unmarshaller;
+import javax.xml.transform.Result;
+
+import org.apache.commons.io.IOUtils;
+import org.apache.log4j.Logger;
+import org.apache.struts2.interceptor.ServletRequestAware;
+import org.apache.struts2.interceptor.ServletResponseAware;
+import org.hibernate.lob.ReaderInputStream;
+import org.w3c.dom.Node;
+
+import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead;
+import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
+import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration;
+import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
+import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
+import at.gv.egovernment.moa.id.config.ConfigurationException;
+import at.gv.egovernment.moa.id.config.legacy.BuildFromLegacyConfig;
+import at.gv.egovernment.moa.id.configuration.Constants;
+import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
+import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
+import at.iaik.commons.util.IOUtil;
+
+import com.opensymphony.xwork2.ActionSupport;
+
+import eu.stork.vidp.messages.common.STORKBootstrap;
+
+public class ImportExportAction extends ActionSupport
+implements ServletRequestAware, ServletResponseAware {
+
+ private static final Logger log = Logger.getLogger(ImportExportAction.class);
+
+ private static final long serialVersionUID = 1L;
+ private HttpServletRequest request;
+ private HttpServletResponse response;
+
+ private AuthenticatedUser authUser;
+
+ private File fileUpload = null;
+ private String fileUploadContentType = null;
+ private String fileUploadFileName = null;
+
+ private InputStream fileInputStream;
+
+ public String init() {
+
+ Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+
+ if (authUserObj != null && authUserObj instanceof AuthenticatedUser) {
+ authUser = (AuthenticatedUser) authUserObj;
+
+ if (authUser.isAdmin()) {
+
+ return Constants.STRUTS_SUCCESS;
+
+ } else {
+ log.info("No access to Import/Export for User with ID" + authUser.getUserID());
+ addActionError(LanguageHelper.getErrorString("errors.notallowed"));
+ return Constants.STRUTS_NOTALLOWED;
+ }
+ }
+ return Constants.STRUTS_REAUTHENTICATE;
+
+ }
+
+ public String importLegacyConfig() {
+ Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+
+ if (authUserObj != null && authUserObj instanceof AuthenticatedUser) {
+ authUser = (AuthenticatedUser) authUserObj;
+
+ if (authUser.isAdmin()) {
+
+ //load legacy config if it is configured
+
+ if (fileUpload == null) {
+ addActionError(LanguageHelper.getErrorString("errors.importexport.nofile"));
+ return Constants.STRUTS_ERROR_VALIDATION;
+ }
+
+ //Initialize OpenSAML for STORK
+ log.info("Starting initialization of OpenSAML...");
+ try {
+ STORKBootstrap.bootstrap();
+
+ } catch (org.opensaml.xml.ConfigurationException e1) {
+ log.info("Legacy configuration has an Import Error", e1);
+ addActionError(LanguageHelper.getErrorString("errors.importexport.legacyimport", new Object[] {e1.getMessage()}));
+ return Constants.STRUTS_ERROR_VALIDATION;
+ }
+ log.debug("OpenSAML successfully initialized");
+
+
+ MOAIDConfiguration moaconfig;
+ try {
+ log.warn("WARNING! The legacy import deletes the hole old config");
+
+ List<OnlineApplication> oas = ConfigurationDBRead.getAllOnlineApplications();
+ if (oas != null && oas.size() > 0) {
+ for (OnlineApplication oa : oas)
+ ConfigurationDBUtils.delete(oa);
+ }
+
+
+ moaconfig = BuildFromLegacyConfig.build(fileUpload, "");
+
+ } catch (ConfigurationException e) {
+ log.info("Legacy configuration has an Import Error", e);
+ addActionError(LanguageHelper.getErrorString("errors.importexport.legacyimport", new Object[] {e.getMessage()}));
+ return Constants.STRUTS_ERROR_VALIDATION;
+ }
+
+ //check if XML config should be use
+ log.warn("WARNING! MOA-ID 2.0 is started with XML configuration. This setup overstrike the actual configuration in the Database!");
+ try {
+ MOAIDConfiguration moaidconfig = ConfigurationDBRead.getMOAIDConfiguration();
+ if (moaidconfig != null)
+ ConfigurationDBUtils.delete(moaidconfig);
+
+ ConfigurationDBUtils.save(moaconfig);
+
+ } catch (MOADatabaseException e) {
+ log.warn("General MOA-ID config can not be stored in Database");
+ addActionError(e.getMessage());
+ return Constants.STRUTS_ERROR_VALIDATION;
+ }
+
+ finally {
+ ConfigurationDBUtils.closeSession();
+ }
+
+ log.info("Legacy Configuration load is completed.");
+ addActionMessage(LanguageHelper.getGUIString("webpages.inportexport.success"));
+ return Constants.STRUTS_SUCCESS;
+
+ } else {
+ log.info("No access to Import/Export for User with ID" + authUser.getUserID());
+ addActionError(LanguageHelper.getErrorString("errors.notallowed"));
+ return Constants.STRUTS_NOTALLOWED;
+ }
+ }
+ return Constants.STRUTS_REAUTHENTICATE;
+ }
+
+ public String downloadXMLConfig() {
+ Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+
+ if (authUserObj != null && authUserObj instanceof AuthenticatedUser) {
+ authUser = (AuthenticatedUser) authUserObj;
+
+ if (authUser.isAdmin()) {
+
+ log.info("Write MOA-ID 2.x xml config");
+ JAXBContext jc;
+ try {
+ jc = JAXBContext.newInstance("at.gv.egovernment.moa.id.commons.db.dao.config");
+
+ Marshaller m = jc.createMarshaller();
+ m.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, true);
+// File test = new File(xmlconfigout);
+// m.marshal(moaidconfig, test);
+ MOAIDConfiguration moaidconfig = ConfigurationDBRead.getMOAIDConfiguration();
+
+ if (moaidconfig == null) {
+ log.info("No MOA-ID 2.x configruation available");
+ addActionError(LanguageHelper.getErrorString("errors.importexport.export.noconfig"));
+ return Constants.STRUTS_ERROR_VALIDATION;
+ }
+
+ List<OnlineApplication> oaconfigs = ConfigurationDBRead.getAllOnlineApplications();
+ moaidconfig.setOnlineApplication(oaconfigs);
+
+ StringWriter writer = new StringWriter();
+ m.marshal(moaidconfig, writer);
+ fileInputStream = IOUtils.toInputStream(writer.toString(), "UTF-8");
+
+ } catch (JAXBException e) {
+ log.info("MOA-ID 2.x configruation could not be exported into a XML file.", e);
+ addActionError(LanguageHelper.getErrorString("errors.importexport.export",
+ new Object[]{e.getMessage()}));
+ return Constants.STRUTS_ERROR_VALIDATION;
+ } catch (IOException e) {
+ log.info("MOA-ID 2.x configruation could not be exported into a XML file.", e);
+ addActionError(LanguageHelper.getErrorString("errors.importexport.export",
+ new Object[]{e.getMessage()}));
+ return Constants.STRUTS_ERROR_VALIDATION;
+ }
+
+ finally {
+ ConfigurationDBUtils.closeSession();
+ }
+
+ return Constants.STRUTS_SUCCESS;
+ } else {
+ log.info("No access to Import/Export for User with ID" + authUser.getUserID());
+ addActionError(LanguageHelper.getErrorString("errors.notallowed"));
+ return Constants.STRUTS_NOTALLOWED;
+ }
+ }
+ return Constants.STRUTS_REAUTHENTICATE;
+ }
+
+
+ public String importXMLConfig() {
+ Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+
+ if (authUserObj != null && authUserObj instanceof AuthenticatedUser) {
+ authUser = (AuthenticatedUser) authUserObj;
+
+ if (authUser.isAdmin()) {
+
+ if (fileUpload == null) {
+ addActionError(LanguageHelper.getErrorString("errors.importexport.nofile"));
+ return Constants.STRUTS_ERROR_VALIDATION;
+ }
+
+ log.warn("WARNING! The XML import deletes the hole old config");
+
+ List<OnlineApplication> oas = ConfigurationDBRead.getAllOnlineApplications();
+ if (oas != null && oas.size() > 0) {
+ for (OnlineApplication oa : oas)
+ ConfigurationDBUtils.delete(oa);
+ }
+ MOAIDConfiguration moaidconfig = ConfigurationDBRead.getMOAIDConfiguration();
+ if (moaidconfig != null)
+ ConfigurationDBUtils.delete(moaidconfig);
+
+
+ log.info("Load configuration from MOA-ID 2.x XML configuration");
+
+ try {
+ JAXBContext jc = JAXBContext.newInstance("at.gv.egovernment.moa.id.commons.db.dao.config");
+ Unmarshaller m = jc.createUnmarshaller();
+ MOAIDConfiguration moaconfig = (MOAIDConfiguration) m.unmarshal(fileUpload);
+
+ List<OnlineApplication> importoas = moaconfig.getOnlineApplication();
+ for (OnlineApplication importoa : importoas) {
+ ConfigurationDBUtils.saveOrUpdate(importoa);
+ }
+
+ moaconfig.setOnlineApplication(null);
+ ConfigurationDBUtils.saveOrUpdate(moaconfig);
+
+ } catch (Exception e) {
+ log.warn("MOA-ID XML configuration can not be loaded from File.", e);
+ addActionError(LanguageHelper.getErrorString("errors.importexport.import",
+ new Object[]{e.getMessage()}));
+ return Constants.STRUTS_ERROR_VALIDATION;
+
+ }
+
+ finally {
+ ConfigurationDBUtils.closeSession();
+ }
+
+ log.info("XML Configuration load is completed.");
+ addActionMessage(LanguageHelper.getGUIString("webpages.inportexport.success"));
+ return Constants.STRUTS_SUCCESS;
+
+ } else {
+ log.info("No access to Import/Export for User with ID" + authUser.getUserID());
+ addActionError(LanguageHelper.getErrorString("errors.notallowed"));
+ return Constants.STRUTS_NOTALLOWED;
+ }
+ }
+ return Constants.STRUTS_REAUTHENTICATE;
+
+ }
+
+ /**
+ * @return the fileUpload
+ */
+ public File getFileUpload() {
+ return fileUpload;
+ }
+
+
+
+ /**
+ * @param fileUpload the fileUpload to set
+ */
+ public void setFileUpload(File fileUpload) {
+ this.fileUpload = fileUpload;
+ }
+
+
+
+ /**
+ * @return the fileUploadContentType
+ */
+ public String getFileUploadContentType() {
+ return fileUploadContentType;
+ }
+
+
+
+ /**
+ * @param fileUploadContentType the fileUploadContentType to set
+ */
+ public void setFileUploadContentType(String fileUploadContentType) {
+ this.fileUploadContentType = fileUploadContentType;
+ }
+
+
+
+ /**
+ * @return the fileUploadFileName
+ */
+ public String getFileUploadFileName() {
+ return fileUploadFileName;
+ }
+
+
+
+ /**
+ * @param fileUploadFileName the fileUploadFileName to set
+ */
+ public void setFileUploadFileName(String fileUploadFileName) {
+ this.fileUploadFileName = fileUploadFileName;
+ }
+
+ /**
+ * @return the authUser
+ */
+ public AuthenticatedUser getAuthUser() {
+ return authUser;
+ }
+
+ public void setServletResponse(HttpServletResponse response) {
+ this.response = response;
+ }
+ public void setServletRequest(HttpServletRequest request) {
+ this.request = request;
+ }
+
+ public InputStream getFileInputStream() {
+ return fileInputStream;
+ }
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java
index 4e8e44007..6aeebcf7b 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java
@@ -1,32 +1,169 @@
package at.gv.egovernment.moa.id.configuration.struts.action;
+import java.util.Date;
+
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+import org.apache.log4j.Logger;
import org.apache.struts2.interceptor.ServletRequestAware;
import org.apache.struts2.interceptor.ServletResponseAware;
+import com.opensymphony.xwork2.ActionSupport;
+
+import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead;
+import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
+import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase;
+import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
import at.gv.egovernment.moa.id.configuration.Constants;
+import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider;
import at.gv.egovernment.moa.id.configuration.exception.ConfigurationException;
+import at.gv.egovernment.moa.id.configuration.helper.AuthenticationHelper;
+import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
+import at.gv.egovernment.moa.id.configuration.validation.UserDatabaseFormValidator;
+import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper;
+import at.gv.egovernment.moa.util.MiscUtil;
-public class IndexAction implements ServletRequestAware,
+public class IndexAction extends ActionSupport implements ServletRequestAware,
ServletResponseAware {
+ private static final Logger log = Logger.getLogger(IndexAction.class);
+
private HttpServletRequest request;
private HttpServletResponse response;
+ private String password;
+ private String username;
+
public String start() {
return Constants.STRUTS_SUCCESS;
}
+ public String authenticate() {
+
+ String key = null;
+
+ if (MiscUtil.isNotEmpty(username)) {
+ if (ValidationHelper.containsPotentialCSSCharacter(username, false)) {
+ log.warn("Username contains potentail XSS characters: " + username);
+ addActionError(LanguageHelper.getErrorString("validation.edituser.username.valid",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+ return Constants.STRUTS_ERROR;
+ }
+ } else {
+ log.warn("Username is empty");
+ addActionError(LanguageHelper.getErrorString("validation.edituser.username.empty"));
+ return Constants.STRUTS_ERROR;
+ }
+
+ if (MiscUtil.isEmpty(password)) {
+ log.warn("Password is empty");
+ addActionError(LanguageHelper.getErrorString("validation.edituser.password.empty"));
+ return Constants.STRUTS_ERROR;
+
+ } else {
+ key = AuthenticationHelper.generateKeyFormPassword(password);
+ if (key == null) {
+ addActionError(LanguageHelper.getErrorString("validation.edituser.password.valid"));
+ return Constants.STRUTS_ERROR;
+ }
+ }
+
+ UserDatabase dbuser = ConfigurationDBRead.getUserWithUserName(username);
+ if (dbuser == null) {
+ log.warn("Unknown Username");
+ addActionError(LanguageHelper.getErrorString("webpages.index.username.unkown"));
+ return Constants.STRUTS_ERROR;
+
+ } else {
+ if (!dbuser.isIsActive()) {
+ log.warn("Username " + dbuser.getUsername() + " is not active");
+ addActionError(LanguageHelper.getErrorString("webpages.index.username.notactive"));
+ return Constants.STRUTS_ERROR;
+ }
+
+ if (!dbuser.getPassword().equals(key)) {
+ log.warn("Username " + dbuser.getUsername() + " use a false password");
+ addActionError(LanguageHelper.getErrorString("webpages.index.password.false"));
+ return Constants.STRUTS_ERROR;
+ }
+
+ AuthenticatedUser authuser = new AuthenticatedUser(
+ dbuser.getHjid(),
+ dbuser.getGivenname(),
+ dbuser.getFamilyname(),
+ dbuser.getUsername(),
+ true,
+ dbuser.isIsAdmin());
+
+ authuser.setLastLogin(dbuser.getLastLoginItem());
+
+ dbuser.setLastLoginItem(new Date());
+
+ try {
+ ConfigurationDBUtils.saveOrUpdate(dbuser);
+
+ } catch (MOADatabaseException e) {
+ log.warn("UserDatabase communicaton error", e);
+ addActionError(LanguageHelper.getErrorString("error.login"));
+ return Constants.STRUTS_ERROR;
+ }
+ finally {
+ ConfigurationDBUtils.closeSession();
+ }
+ request.getSession().setAttribute(Constants.SESSION_AUTH, authuser);
+ return Constants.STRUTS_SUCCESS;
+ }
+ }
+
+ public String logout() {
+
+ HttpSession session = request.getSession();
+
+ if (session != null)
+ session.invalidate();
+
+ return Constants.STRUTS_SUCCESS;
+ }
public void setServletResponse(HttpServletResponse arg0) {
this.response = arg0;
}
public void setServletRequest(HttpServletRequest arg0) {
this.request = arg0;
- }
+ }
+
+ /**
+ * @return the password
+ */
+ public String getPassword() {
+ return password;
+ }
+
+ /**
+ * @param password the password to set
+ */
+ public void setPassword(String password) {
+ this.password = password;
+ }
+
+ /**
+ * @return the username
+ */
+ public String getUsername() {
+ return username;
+ }
+
+ /**
+ * @param username the username to set
+ */
+ public void setUsername(String username) {
+ this.username = username;
+ }
+
+
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java
index 3f4b21fdd..c022d0057 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java
@@ -1,51 +1,331 @@
package at.gv.egovernment.moa.id.configuration.struts.action;
+import java.util.ArrayList;
import java.util.Date;
+import java.util.List;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import org.apache.log4j.Logger;
import org.apache.struts2.interceptor.ServletRequestAware;
import org.apache.struts2.interceptor.ServletResponseAware;
+import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead;
import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase;
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
import at.gv.egovernment.moa.id.configuration.Constants;
import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
+import at.gv.egovernment.moa.id.configuration.data.UserDatabaseFrom;
+import at.gv.egovernment.moa.id.configuration.helper.AuthenticationHelper;
+import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
+import at.gv.egovernment.moa.id.configuration.validation.UserDatabaseFormValidator;
+import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper;
+import at.gv.egovernment.moa.util.MiscUtil;
import com.opensymphony.xwork2.ActionSupport;
public class UserManagementAction extends ActionSupport
implements ServletRequestAware, ServletResponseAware {
+ private static final Logger log = Logger.getLogger(UserManagementAction.class);
+
private static final long serialVersionUID = 1L;
private HttpServletRequest request;
private HttpServletResponse response;
+
+ private AuthenticatedUser authUser = null;
+
+ private List<AuthenticatedUser> userlist = null;
+ private UserDatabaseFrom user = null;
+
+ private String useridobj = null;
+ private static boolean newUser = false;
- private AuthenticatedUser authUser;
+ public String init() {
+ Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+
+ if (authUserObj != null && authUserObj instanceof AuthenticatedUser) {
+ authUser = (AuthenticatedUser) authUserObj;
+
+ if (authUser.isAdmin()) {
+
+ log.info("Show UserList");
+
+ List<UserDatabase> dbuserlist = ConfigurationDBRead.getAllUsers();
+ if (dbuserlist != null) {
+ userlist = new ArrayList<AuthenticatedUser>();
+
+ for (UserDatabase dbuser : dbuserlist) {
+ userlist.add(new AuthenticatedUser(
+ dbuser.getHjid(),
+ dbuser.getGivenname(),
+ dbuser.getFamilyname(),
+ dbuser.getUsername(),
+ dbuser.isIsActive(),
+ dbuser.isIsAdmin()));
+ }
+ }
+
+ ConfigurationDBUtils.closeSession();
+ return Constants.STRUTS_SUCCESS;
+
+ } else {
+ log.info("User with ID " + authUser.getUserID() + " is not admin. Show only EditUser Frame");
+ UserDatabase dbuser = ConfigurationDBRead.getUserWithID(authUser.getUserID());
+ if (dbuser == null) {
+ return Constants.STRUTS_REAUTHENTICATE;
+ }
+ user = new UserDatabaseFrom(dbuser);
+ ConfigurationDBUtils.closeSession();
+ return Constants.STRUTS_NOTALLOWED;
+ }
+ }
+ return Constants.STRUTS_REAUTHENTICATE;
+
+ }
+ public String createuser() {
+ Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+
+ if (authUserObj != null && authUserObj instanceof AuthenticatedUser) {
+ authUser = (AuthenticatedUser) authUserObj;
+
+ if (authUser.isAdmin()) {
+
+ user = new UserDatabaseFrom();
+
+ newUser = true;
+ return Constants.STRUTS_SUCCESS;
+
+ } else {
+ return Constants.STRUTS_NOTALLOWED;
+ }
+ }
+ return Constants.STRUTS_REAUTHENTICATE;
+
+ }
+
+ public String edituser() {
+ Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+
+ if (authUserObj != null && authUserObj instanceof AuthenticatedUser) {
+ authUser = (AuthenticatedUser) authUserObj;
+
+ if (authUser.isAdmin()) {
+ long userid = -1;
+
+ if (!ValidationHelper.validateOAID(useridobj)) {
+ addActionError(LanguageHelper.getErrorString("errors.edit.user.userid", request));
+ return Constants.STRUTS_ERROR;
+ }
+ userid = Long.valueOf(useridobj);
+
+ UserDatabase dbuser = ConfigurationDBRead.getUserWithID(userid);
+ if (dbuser == null) {
+ log.info("No User with ID " + userid + " in Database");;
+ addActionError(LanguageHelper.getErrorString("errors.edit.user.userid", request));
+ return Constants.STRUTS_ERROR;
+ }
+ user = new UserDatabaseFrom(dbuser);
+
+ newUser = false;
+
+ ConfigurationDBUtils.closeSession();
+
+ return Constants.STRUTS_SUCCESS;
+
+ } else {
+ log.info("User with ID " + authUser.getUserID() + " is not admin. Show his own EditUser Frame");
+ UserDatabase dbuser = ConfigurationDBRead.getUserWithID(authUser.getUserID());
+ user = new UserDatabaseFrom(dbuser);
+ return Constants.STRUTS_SUCCESS;
+ }
+ }
+ return Constants.STRUTS_REAUTHENTICATE;
+
+ }
+
+ public String saveuser() {
+ Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+
+ if (authUserObj != null && authUserObj instanceof AuthenticatedUser) {
+ authUser = (AuthenticatedUser) authUserObj;
+
+ String useridobj = user.getUserID();
+ long userID = -1;
+ if (MiscUtil.isEmpty(useridobj)) {
+ userID = -1;
+
+ } else {
+ if (!ValidationHelper.validateOAID(useridobj)){
+ log.warn("User with ID " + authUser.getUserID()
+ + " would access UserDatabase ID " + useridobj);
+ addActionError(LanguageHelper.getErrorString("errors.edit.user.notallowed", request));
+ return Constants.STRUTS_ERROR;
+ }
+ userID = Long.valueOf(useridobj);
+ }
+
+ List<String> errors;
+ UserDatabaseFormValidator validator = new UserDatabaseFormValidator();
+ errors = validator.validate(user, userID);
+
+ if (errors.size() > 0) {
+ log.info("UserDataForm has some erros.");
+ for (String el : errors)
+ addActionError(el);
+ user.setPassword("");
+
+ if (MiscUtil.isEmpty(user.getUsername()))
+ newUser = true;
+
+ return Constants.STRUTS_ERROR_VALIDATION;
+ }
+
+ if (!authUser.isAdmin()) {
+ if (authUser.getUserID() != userID) {
+ log.warn("User with ID " + authUser.getUserID()
+ + " would access UserDatabase Entry " + user.getUsername());
+ addActionError(LanguageHelper.getErrorString("errors.edit.user.notallowed", request));
+ return Constants.STRUTS_ERROR;
+ }
+
+ }
+
+ String error = saveFormToDB();
+ if (error != null) {
+ log.warn("UserData can not be stored in Database");
+ addActionError(error);
+ return Constants.STRUTS_SUCCESS;
+ }
+
+ ConfigurationDBUtils.closeSession();
+ return Constants.STRUTS_SUCCESS;
+
+ }
+ return Constants.STRUTS_REAUTHENTICATE;
+
+ }
+
+ public String deleteuser() {
+ Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+
+ if (authUserObj != null && authUserObj instanceof AuthenticatedUser) {
+ authUser = (AuthenticatedUser) authUserObj;
+
+ String useridobj = user.getUserID();
+ long userID = -1;
+ if (MiscUtil.isEmpty(useridobj)) {
+ userID = -1;
+
+ } else {
+ if (!ValidationHelper.validateOAID(useridobj)){
+ log.warn("User with ID " + authUser.getUserID()
+ + " would access UserDatabase ID " + useridobj);
+ addActionError(LanguageHelper.getErrorString("errors.edit.user.notallowed", request));
+ return Constants.STRUTS_ERROR;
+ }
+ userID = Long.valueOf(useridobj);
+ }
+
+ if (!authUser.isAdmin()) {
+ if (authUser.getUserID() != userID) {
+ log.warn("User with ID " + authUser.getUserID()
+ + " would access UserDatabase Entry " + user.getUsername());
+ addActionError(LanguageHelper.getErrorString("errors.edit.user.notallowed", request));
+ return Constants.STRUTS_ERROR;
+ }
+ }
+
+ UserDatabase dbuser = ConfigurationDBRead.getUserWithID(userID);
+ if (dbuser != null) {
+ dbuser.setOnlineApplication(null);
+
+ try {
+ ConfigurationDBUtils.saveOrUpdate(dbuser);
+ ConfigurationDBUtils.delete(dbuser);
+
+ } catch (MOADatabaseException e) {
+ log.warn("UserData can not be deleted from Database");
+ addActionError(e.getMessage());
+ return Constants.STRUTS_SUCCESS;
+ }
+
+ finally {
+ ConfigurationDBUtils.closeSession();
+ }
+ }
+
+ ConfigurationDBUtils.closeSession();
+ return Constants.STRUTS_SUCCESS;
+
+ }
+ return Constants.STRUTS_REAUTHENTICATE;
+
+ }
- public String createTestUser() throws MOADatabaseException {
+ private String saveFormToDB() {
+
+ UserDatabase dbuser = ConfigurationDBRead.getUserWithUserName(user.getUsername());
- UserDatabase user = new UserDatabase();
- user.setBpk("");
- user.setFamilyname("Max");
- user.setGivenname("Mustermann");
- user.setIsActive(true);
- user.setIsAdmin(false);
- user.setInstitut("EGIZ");
- user.setLastLoginItem(new Date());
- user.setMail("masdf@amfasdf.com");
- user.setPhone("00660011542");
- user.setUsername("testuser");
+ if( dbuser == null) {
+ dbuser = new UserDatabase();
+ }
- ConfigurationDBUtils.save(user);
+ dbuser.setBpk(user.getBpk());
+ dbuser.setFamilyname(user.getFamilyName());
+ dbuser.setGivenname(user.getGivenName());
+ dbuser.setInstitut(user.getInstitut());
+ dbuser.setMail(user.getMail());
+ dbuser.setPhone(user.getPhone());
+ dbuser.setUsername(user.getUsername());
- return Constants.STRUTS_SUCCESS;
+ if (authUser.isAdmin()) {
+ dbuser.setIsActive(user.isActive());
+ dbuser.setIsAdmin(user.isAdmin());
+ }
+
+ if (MiscUtil.isNotEmpty(user.getPassword())) {
+ String key = AuthenticationHelper.generateKeyFormPassword(user.getPassword());
+ if (key == null) {
+ return LanguageHelper.getErrorString("errors.edit.user.save");
+ }
+ dbuser.setPassword(key);
+ }
+
+
+ try {
+ ConfigurationDBUtils.saveOrUpdate(dbuser);
+ } catch (MOADatabaseException e) {
+ log.warn("User information can not be stored in Database.", e);
+ return LanguageHelper.getErrorString("errors.edit.user.save");
+ }
+
+ return null;
}
+// public String createTestUser() throws MOADatabaseException {
+//
+// UserDatabase user = new UserDatabase();
+// user.setBpk("");
+// user.setFamilyname("Max");
+// user.setGivenname("Mustermann");
+// user.setIsActive(true);
+// user.setIsAdmin(false);
+// user.setInstitut("EGIZ");
+// user.setLastLoginItem(new Date());
+// user.setMail("masdf@amfasdf.com");
+// user.setPhone("00660011542");
+// user.setUsername("testuser");
+//
+// ConfigurationDBUtils.save(user);
+//
+// return Constants.STRUTS_SUCCESS;
+// }
+
public void setServletResponse(HttpServletResponse response) {
this.response = response;
@@ -56,7 +336,63 @@ public class UserManagementAction extends ActionSupport
this.request = request;
}
+
+ /**
+ * @return the userlist
+ */
+ public List<AuthenticatedUser> getUserlist() {
+ return userlist;
+ }
+
+ /**
+ * @param userlist the userlist to set
+ */
+ public void setUserlist(List<AuthenticatedUser> userlist) {
+ this.userlist = userlist;
+ }
+
+ /**
+ * @return the user
+ */
+ public UserDatabaseFrom getUser() {
+ return user;
+ }
+
+ /**
+ * @param user the user to set
+ */
+ public void setUser(UserDatabaseFrom user) {
+ this.user = user;
+ }
+
+ /**
+ * @return the useridobj
+ */
+ public String getUseridobj() {
+ return useridobj;
+ }
+
+ /**
+ * @param useridobj the useridobj to set
+ */
+ public void setUseridobj(String useridobj) {
+ this.useridobj = useridobj;
+ }
+
+ /**
+ * @return the authUser
+ */
+ public AuthenticatedUser getAuthUser() {
+ return authUser;
+ }
+
+ /**
+ * @return the newUser
+ */
+ public boolean isNewUser() {
+ return newUser;
+ }
+
-
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/UserDatabaseFormValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/UserDatabaseFormValidator.java
new file mode 100644
index 000000000..8e6edf52a
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/UserDatabaseFormValidator.java
@@ -0,0 +1,147 @@
+package at.gv.egovernment.moa.id.configuration.validation;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import org.apache.log4j.Logger;
+
+import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead;
+import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase;
+import at.gv.egovernment.moa.id.configuration.data.UserDatabaseFrom;
+import at.gv.egovernment.moa.id.configuration.helper.AuthenticationHelper;
+import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+public class UserDatabaseFormValidator {
+
+ private static final Logger log = Logger.getLogger(UserDatabaseFormValidator.class);
+
+ public List<String> validate(UserDatabaseFrom form, long userID) {
+ List<String> errors = new ArrayList<String>();
+
+ String check = form.getGivenName();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ log.warn("GivenName contains potentail XSS characters: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.edituser.givenname.valid",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+ }
+ } else {
+ log.warn("GivenName is empty");
+ errors.add(LanguageHelper.getErrorString("validation.edituser.givenname.empty"));
+ }
+
+
+ check = form.getFamilyName();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ log.warn("FamilyName contains potentail XSS characters: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.edituser.familyname.valid",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+ }
+ } else {
+ log.warn("FamilyName is empty");
+ errors.add(LanguageHelper.getErrorString("validation.edituser.familyname.empty"));
+ }
+
+ check = form.getInstitut();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ log.warn("Organisation contains potentail XSS characters: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.edituser.institut.valid",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+ }
+ } else {
+ log.warn("Organisation is empty");
+ errors.add(LanguageHelper.getErrorString("validation.edituser.institut.empty"));
+ }
+
+ check = form.getMail();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!ValidationHelper.isEmailAddressFormat(check)) {
+ log.warn("Mailaddress is not valid: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.edituser.mail.valid",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+ }
+ } else {
+ log.warn("Mailaddress is empty");
+ errors.add(LanguageHelper.getErrorString("validation.edituser.mail.empty"));
+ }
+
+ check = form.getPhone();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ log.warn("Phonenumber contains potentail XSS characters: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.edituser.phone.valid",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+ }
+ } else {
+ log.warn("Phonenumber is empty");
+ errors.add(LanguageHelper.getErrorString("validation.edituser.phone.empty"));
+ }
+
+ check = form.getUsername();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ log.warn("Username contains potentail XSS characters: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.edituser.username.valid",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+
+ } else {
+ UserDatabase dbuser = ConfigurationDBRead.getUserWithUserName(check);
+ if (dbuser != null && userID != dbuser.getHjid()) {
+ log.warn("Username " + check + " exists in UserDatabase");
+ errors.add(LanguageHelper.getErrorString("validation.edituser.username.duplicate"));
+ form.setUsername("");
+ }
+ }
+ } else {
+ if (userID == -1) {
+ log.warn("Username is empty");
+ errors.add(LanguageHelper.getErrorString("validation.edituser.username.empty"));
+ } else {
+ UserDatabase dbuser = ConfigurationDBRead.getUserWithID(userID);
+ if (dbuser == null) {
+ log.warn("Username is empty");
+ errors.add(LanguageHelper.getErrorString("validation.edituser.username.empty"));
+ } else {
+ form.setUsername(dbuser.getUsername());
+ }
+ }
+ }
+
+ check = form.getPassword();
+ if (MiscUtil.isEmpty(check)) {
+ if (userID == -1) {
+ log.warn("Password is empty");
+ errors.add(LanguageHelper.getErrorString("validation.edituser.password.empty"));
+ } else {
+ UserDatabase dbuser = ConfigurationDBRead.getUserWithID(userID);
+ if (dbuser == null || MiscUtil.isEmpty(dbuser.getPassword())) {
+ log.warn("Password is empty");
+ errors.add(LanguageHelper.getErrorString("validation.edituser.password.empty"));
+ }
+ }
+
+ } else {
+ String key = AuthenticationHelper.generateKeyFormPassword(check);
+ if (key == null) {
+ errors.add(LanguageHelper.getErrorString("validation.edituser.password.valid"));
+ }
+ }
+
+
+
+ check = form.getBpk();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ log.warn("BPK contains potentail XSS characters: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.edituser.bpk.valid",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+ }
+ }
+
+ return errors;
+
+ }
+}
diff --git a/id/ConfigWebTool/src/main/resources/applicationResources_de.properties b/id/ConfigWebTool/src/main/resources/applicationResources.properties
index 00825c15c..9ceaa75b3 100644
--- a/id/ConfigWebTool/src/main/resources/applicationResources_de.properties
+++ b/id/ConfigWebTool/src/main/resources/applicationResources.properties
@@ -7,15 +7,62 @@ config.03=Hibernate Database connector can not be initialized
error.title=Fehler:
errors.listOAs.noOA=Es wurden keine Online-Applikationen in der Datenbank gefunden.
-errors.edit.oa.oaid=Es wurde keine g\u00FCtige Onlineapplikations ID \u00FCbergeben.
-errors.edit.oa.oaid.allowed=Sie besitzen nicht die ben\u00f6tigen Rechte um auf diese Online-Applikation zuzugreifen.
+errors.edit.oa.oaid=Es wurde keine g\u00FCtige Online-Applikations-ID \u00FCbergeben.
+errors.edit.oa.oaid.allowed=Sie besitzen nicht die ben\u00F6tigen Rechte um auf diese Online-Applikation zuzugreifen.
error.oa.pvp2.certificate=Das hinterlegte PVP2 Zertifikat konnte nicht gelesen werden.
-error.db.oa.store=Die Konfigruation konnte nicht in der Datenbank gespeichert werden.
+error.db.oa.store=Die Konfiguration konnte nicht in der Datenbank gespeichert werden.
errors.notallowed=Sie besitzen nicht die n\u00F6tigen Rechte um diese Funktion zu benutzen.
+errors.importexport.nofile=Es wurde keine Datei angegeben.
+errors.importexport.legacyimport=Der Importvorgang der Legacy-Konfiguration wurde mit einem Fehler abgebrochen (Fehler={0}).
+errors.importexport.export=Die MOA-ID 2.x Konfiguration konnte nicht in ein XML File exportiert werden. (Fehler={0})
+errors.importexport.import=Der Importvorgang der XML Konfiguration wurde mit einem Fehler abgebrochen (Fehler={0}).
+errors.importexport.export.noconfig=Die Konfiguration kann nicht exportiert werden da keine MOA-ID Konfiguration vorhanden ist.
+errors.edit.user.userid=Es wurde keine g\u00FCtige User ID \u00FCbergeben.
+errors.edit.user.save=Der Benutzer konnte nicht in die Datenbank eingetragen werden.
+errors.edit.user.notallowed=Das Bearbeiten fremder Benutzereinstellungen ist nur dem Admin erlaubt.
+error.login=Der Anmeldevorgang durch einen internen Fehler unterbrochen. Bitte Versuchen sie es noch einmal.
+
webpages.error.header=Es ist ein Fehler aufgetreten
-webpages.index.header=Willkommen beim MOA-ID 2.x Configuration Tool
+webpages.index.header=Willkommen bei der MOA-ID 2.x Konfigurationsapplikation
webpages.index.desciption.head=Um dieses Service nutzen zu k\u00F6nnen m\u00FCssen sie sich einloggen.
+webpages.index.login=Anmelden
+webpages.index.logout=Abmelden
+webpages.index.username.unkown=Der Benutzer ist nicht bekannt.
+webpages.index.username.notactive=Der Benutzer wurde durch den Administrator noch nicht freigeschalten.
+webpages.index.password.false=Das Passwort stimmt nicht.
+
+webpages.inportexport.header=Konfiguration Importieren/Exportieren
+webpages.inportexport.success=Die Konfiguration konnte erfolgreich importiert werden.
+webpages.inportexport.legacyimport.header=Legacy Konfiguration importieren (MOA-ID < 2.0)
+webpages.inportexport.legacyimport.upload=Legacy Konfiguration
+webpages.edit.import=Importieren
+webpages.edit.export=Exportieren
+webpages.inportexport.import.header=MOA-ID 2.x Konfiguration
+webpages.inportexport.import.upload=Konfiguration importieren
+webpages.inportexport.import.download=Konfiguration exportieren
+webpages.inportexport.descripten=ACHTUNG\: Die importierte Konfiguration ersetzt eine aktuell vorhandene Konfiguration vollst\u00E4ndig\!
+
+webpages.usermanagement.newuser=Neuen Benutzer erstellen
+webpages.usermanagement.header=Benutzerverwaltung
+webpages.listUsers.list.header=Liste aller vorhandenen Benutzer
+webpages.listUsers.list.first=Vorname
+webpages.listUsers.list.second=Familienname
+webpages.listUsers.list.third=Benutzername
+webpages.edituser.header=Benutzerdaten
+webpages.edituser.givenname=Vorname
+webpages.edituser.familyName=Familienname
+webpages.edituser.institut=Organisation
+webpages.edituser.phone=Telefonnummer
+webpages.edituser.mail=EMail Adresse
+webpages.edituser.access.header=Zugangsdaten
+webpages.edituser.username=Benutzername
+webpages.edituser.password=Kennwort
+webpages.edituser.bpk=BPK
+webpages.edituser.role.header=Rechte und Role
+webpages.edituser.active=Benutzer ist aktiviert
+webpages.edituser.admin=Benutzer ist Admin
+webpages.edit.delete.user=Benutzer l\u00F6schen
webpages.mainpage.menu.oa.insert=Neue Applikation anlegen
webpages.mainpage.menu.oa.display=Meine Applikationen
@@ -40,7 +87,7 @@ webpages.moaconfig.certificates.chainingmode=ChainingMode
webpages.moaconfig.timeout.header=Session TimeOuts
webpages.moaconfig.timeout.assertion=Assertion [sec]
webpages.moaconfig.timeout.MOASessionCreated=SSO Session authentifiziert [sec]
-webpages.moaconfig.timeout.MOASessionUpdated=SSO Session letzer Zugriff [sec]
+webpages.moaconfig.timeout.MOASessionUpdated=SSO Session letzter Zugriff [sec]
webpages.moaconfig.moasp.header=MOA-SP Konfiguration
webpages.moaconfig.moasp.idltrustprofile=Personenbindung Trustprofil
webpages.moaconfig.moasp.authtrustprofile=Authentfizierungsblock Trustprofil
@@ -64,7 +111,7 @@ webpages.moaconfig.protocols.pvp2.PublicUrlPrefix=PVP2 Service URL-Prefix
webpages.moaconfig.protocols.pvp2.IssuerName=PVP Service Name
webpages.moaconfig.protocols.pvp2.org.header=Organisation
webpages.moaconfig.protocols.pvp2.org.name=Kurzbezeichnung
-webpages.moaconfig.protocols.pvp2.org.displayname=Vollst\u00e4ndiger Name
+webpages.moaconfig.protocols.pvp2.org.displayname=Vollst\u00E4ndiger Name
webpages.moaconfig.protocols.pvp2.org.url=URL der Organisation
webpages.moaconfig.protocols.pvp2.contact.header=Kontaktdaten
webpages.moaconfig.protocols.pvp2.contact.surename=Familienname
@@ -150,52 +197,69 @@ webpages.edit.delete=Online-Applikation l\u00F6schen
webpages.header.info=Sie sind angemeldet als:
webpages.header.lastlogin=Letzte Anmeldung am:
-validation.general.AlternativeSourceID=Die alternatice SourceID enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.edituser.familyname.empty=Der Familienname ist leer.
+validation.edituser.familyname.valid=Der Familienname enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.edituser.givenname.empty=Der Vorname ist leer.
+validation.edituser.givenname.valid=Der Vorname enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.edituser.institut.empty=Die Organisation ist leer.
+validation.edituser.institut.valid=Die Organisation enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.edituser.mail.empty=Die EMail Adresse ist leer.
+validation.edituser.mail.valid=Die EMail Adresse hat kein g\u00FCltiges Format.
+validation.edituser.phone.empty=Die Telefonnummer ist leer.
+validation.edituser.phone.valid=Die Telefonnummer hat kein g\u00FCltiges Form
+validation.edituser.username.empty=Der Benutzername ist leer.
+validation.edituser.username.valid=Der Benutzername enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.edituser.username.duplicate=Der Benutzername ist bereits vergeben
+validation.edituser.password.empty=Das Passwort ist leer.
+validation.edituser.password.valid=Das Passwort konnte nicht in einen g\u00FCltigen Schl\u00FCssel transferiert werden.
+validation.edituser.bpk.valid=Die BPK enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+
+validation.general.AlternativeSourceID=Die AlternaticeSourceID enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
validation.general.certStoreDirectory.empty=CertStoreDirectory Feld ist leer.
-validation.general.certStoreDirectory.valid=Das ertStoreDirectory Feld enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
-validation.general.Defaultchainigmode.empty=Es wurde kein DefaultChainingMode gew\u00e4hlt.
-validation.general.Defaultchainigmode.valid=Der DefaultChainingMode enth\u00e4lt einen ung\u00f6ltigen Wert.
+validation.general.certStoreDirectory.valid=Das CertStoreDirectory Feld enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.Defaultchainigmode.empty=Es wurde kein DefaultChainingMode gew\u00E4hlt.
+validation.general.Defaultchainigmode.valid=Der DefaultChainingMode enth\u00E4lt einen ung\u00F6ltigen Wert.
validation.general.IdentityLinkSigners.empty=Es wurde kein IdentityLinkSigner angegeben
-validation.general.IdentityLinkSigners.valid=Der IdentityLinkSigner in der Zeile {0} enth\u00e4lt ein ung\u00fcltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {1}
-validation.general.mandateservice.valid=Die URL zum Online-Vollmachten Service hat kein g\u00f6ltiges Format.
-validation.general.moasp.auth.transformation.empty=Die Transformation f\u00f6r den Authentfizierungsblock ist leer.
-validation.general.moasp.auth.transformation.valid=Die Transformation f\u00f6r den Authentfizierungsblock in der Zeile {0} enth\u00e4lt ein ung\u00fcltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {1}
-validation.general.moasp.auth.trustprofile.empty=Das TrustProfile zur Pr\u00f6fung des Authentfizierungsblock ist leer.
-validation.general.moasp.auth.trustprofile.valid=Das TrustProfile zur Pr\u00f6fung des Authentfizierungsblock enth\u00e4lt ein ung\u00fcltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
-validation.general.moasp.idl.trustprofile.empty=Das TrustProfile zur Pr\u00f6fung der Personenbindung ist leer.
-validation.general.moasp.idl.trustprofile.valid=Das TrustProfile zur Pr\u00f6fung der Personenbindung enth\u00e4lt ein ung\u00fcltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
-validation.general.moaspss.url.valid=Die URL zum MOA-SP/SS Service hat kein g\u00f6ltiges Format.
-validation.general.protocol.pvp2.issuername.valid=PVP2: Service Name enth\u00e4lt ein ung\u00fcltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
-validation.general.protocol.pvp2.org.displayname.valid=PVP2 Organisation: Vollst\u00e4ndiger Name enth\u00e4lt ein ung\u00fcltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
-validation.general.protocol.pvp2.org.name.valid=PVP2 Organisation: Kurzbezeichnung enth\u00e4lt ein ung\u00fcltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
-validation.general.protocol.pvp2.org.url.valid=PVP2 Organisation: URL hat kein g\u00f6ltiges Format.
-validation.general.protocol.pvp2.serviceurl.valid=PVP2: Service URL-Prefix hat kein g\u00f6ltiges Format.
-validation.general.protocol.pvp2.contact.company.valid=PVP2 Kontaktdaten: Der Firmenname enth\u00e4lt ein ung\u00fcltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
-validation.general.protocol.pvp2.contact.givenname.valid=PVP2 Kontaktdaten: Der Familienname enth\u00e4lt ein ung\u00fcltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
-validation.general.protocol.pvp2.contact.surename.valid=PVP2 Kontaktdaten: Der Vorname enth\u00e4lt ein ung\u00fcltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.IdentityLinkSigners.valid=Der IdentityLinkSigner in der Zeile {0} enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {1}
+validation.general.mandateservice.valid=Die URL zum Online-Vollmachten Service hat kein g\u00F6ltiges Format.
+validation.general.moasp.auth.transformation.empty=Die Transformation f\u00F6r den Authentfizierungsblock ist leer.
+validation.general.moasp.auth.transformation.valid=Die Transformation f\u00F6r den Authentfizierungsblock in der Zeile {0} enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {1}
+validation.general.moasp.auth.trustprofile.empty=Das TrustProfile zur Pr\u00F6fung des Authentfizierungsblock ist leer.
+validation.general.moasp.auth.trustprofile.valid=Das TrustProfile zur Pr\u00F6fung des Authentfizierungsblock enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.moasp.idl.trustprofile.empty=Das TrustProfile zur Pr\u00F6fung der Personenbindung ist leer.
+validation.general.moasp.idl.trustprofile.valid=Das TrustProfile zur Pr\u00F6fung der Personenbindung enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.moaspss.url.valid=Die URL zum MOA-SP/SS Service hat kein g\u00F6ltiges Format.
+validation.general.protocol.pvp2.issuername.valid=PVP2\: Service Name enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.protocol.pvp2.org.displayname.valid=PVP2 Organisation\: Vollst\u00E4ndiger Name enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.protocol.pvp2.org.name.valid=PVP2 Organisation\: Kurzbezeichnung enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.protocol.pvp2.org.url.valid=PVP2 Organisation\: URL hat kein g\u00F6ltiges Format.
+validation.general.protocol.pvp2.serviceurl.valid=PVP2\: Service URL-Prefix hat kein g\u00F6ltiges Format.
+validation.general.protocol.pvp2.contact.company.valid=PVP2 Kontaktdaten\: Der Firmenname enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.protocol.pvp2.contact.givenname.valid=PVP2 Kontaktdaten\: Der Familienname enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.protocol.pvp2.contact.surename.valid=PVP2 Kontaktdaten\: Der Vorname enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
validation.general.protocol.pvp2.contact.type.valid=PVP2 Kontaktdaten: Der angegebene Kontakttyp existiert nicht.
-validation.general.protocol.pvp2.contact.mail.valid=PVP2 Kontaktdaten: Die EMail Adresse ist nicht g\u00fcltig.
-validation.general.protocol.pvp2.contact.phone.valid=PVP2 Kontaktdaten: Die Telefonnummer ist nicht g\u00fcltig.
-validation.general.timeouts.assertion.valid=Das Feld Assertion TimeOut hat keinen g\u00f6ltigen Wert.
-validation.general.timeouts.moasessioncreated.valid=Das Feld MOASessionCreated TimeOut hat keinen g\u00fcltigen Wert.
-validation.general.timeouts.moasessionupdated.valid=Das Feld MOASessionUpdated TimeOut hat keinen g\u00fcltigen Wert.
-
-validation.general.slrequest.handy.empty=Die URL zum SecurityLayer Template f\u00f6r die Handy-BKU ist leer.
-validation.general.slrequest.handy.valid=Die URL zum SecurityLayer Template f\u00f6r die Handy-BKU hat kein g\u00f6ltiges Format.
-validation.general.slrequest.local.empty=Die URL zum SecurityLayer Template f\u00f6r die locale BKU ist leer.
-validation.general.slrequest.local.valid=Die URL zum SecurityLayer Template f\u00f6r die locale BKU hat kein g\u00f6ltiges Format.
-validation.general.slrequest.online.empty=Die URL zum SecurityLayer Template f\u00f6r die Online-BKU ist leer.
-validation.general.slrequest.online.valid=Die URL zum SecurityLayer Template f\u00f6r die Online-BKU hat kein g\u00f6ltiges Format.
-validation.general.sso.friendlyname.valid=Der SSO Service Name enth\u00e4lt ein ung\u00fcltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
-validation.general.sso.identificationnumber.valid=Die SSO IdentificationNumber enth\u00e4lt ein ung\u00fcltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
-validation.general.sso.publicurl.valid=Der SSO Service URL-Prefix hat kein g\u00f6ltiges Format.
-validation.general.sso.specialauthtext.valid=Der SSO AuthBlockText enth\u00e4lt ein ung\u00fcltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.protocol.pvp2.contact.mail.valid=PVP2 Kontaktdaten\: Die EMail Adresse ist nicht g\u00FCltig.
+validation.general.protocol.pvp2.contact.phone.valid=PVP2 Kontaktdaten\: Die Telefonnummer ist nicht g\u00FCltig.
+validation.general.timeouts.assertion.valid=Das Feld Assertion TimeOut hat keinen g\u00F6ltigen Wert.
+validation.general.timeouts.moasessioncreated.valid=Das Feld MOASessionCreated TimeOut hat keinen g\u00FCltigen Wert.
+validation.general.timeouts.moasessionupdated.valid=Das Feld MOASessionUpdated TimeOut hat keinen g\u00FCltigen Wert.
+
+validation.general.slrequest.handy.empty=Die URL zum SecurityLayer Template f\u00F6r die Handy-BKU ist leer.
+validation.general.slrequest.handy.valid=Die URL zum SecurityLayer Template f\u00F6r die Handy-BKU hat kein g\u00F6ltiges Format.
+validation.general.slrequest.local.empty=Die URL zum SecurityLayer Template f\u00F6r die locale BKU ist leer.
+validation.general.slrequest.local.valid=Die URL zum SecurityLayer Template f\u00F6r die locale BKU hat kein g\u00F6ltiges Format.
+validation.general.slrequest.online.empty=Die URL zum SecurityLayer Template f\u00F6r die Online-BKU ist leer.
+validation.general.slrequest.online.valid=Die URL zum SecurityLayer Template f\u00F6r die Online-BKU hat kein g\u00F6ltiges Format.
+validation.general.sso.friendlyname.valid=Der SSO Service Name enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.sso.identificationnumber.valid=Die SSO IdentificationNumber enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.sso.publicurl.valid=Der SSO Service URL-Prefix hat kein g\u00F6ltiges Format.
+validation.general.sso.specialauthtext.valid=Der SSO AuthBlockText enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
validation.general.sso.target.empty=Das SSO Target Feld ist leer.
-validation.general.sso.target.valid=Das SSO Target Feld enth\u00e4lt ein ung\u00fcltiges Target.
-validation.general.szrgw.url.valid=Die URL des SZR Gateways hat kein g\u00f6ltiges Format.
+validation.general.sso.target.valid=Das SSO Target Feld enth\u00E4lt ein ung\u00FCltiges Target.
+validation.general.szrgw.url.valid=Die URL des SZR Gateways hat kein g\u00F6ltiges Format.
validation.general.trustedcacerts.empty=Das Feld TrustedCACertificates ist leer.
-validation.general.trustedcacerts.valid=Das Feld TrustedCACertificates enth\u00e4lt ein ung\u00fcltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
-validation.general.slrequest.filename.valid=Der Dateiname der angegebenen SecurtityLayer Transformation enth\u00e4lt ein ung\u00fcltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.trustedcacerts.valid=Das Feld TrustedCACertificates enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.slrequest.filename.valid=Der Dateiname der angegebenen SecurtityLayer Transformation enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
validation.general.slrequest.file.valid=Die angegebenen SecurtityLayer Transformation konnte nicht geladen werden.
validation.general.aditionalauthblocktext=Der Zusatztext f\u00FCr den AuthBlock enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
diff --git a/id/ConfigWebTool/src/main/resources/struts.xml b/id/ConfigWebTool/src/main/resources/struts.xml
index 83234ba3c..a729f5f57 100644
--- a/id/ConfigWebTool/src/main/resources/struts.xml
+++ b/id/ConfigWebTool/src/main/resources/struts.xml
@@ -16,6 +16,23 @@
<interceptor-ref name="defaultStack"/>
</action>
+ <action name="authenticate" method="authenticate" class="at.gv.egovernment.moa.id.configuration.struts.action.IndexAction">
+ <result name="success" type="redirectAction">
+ <param name="actionName">main</param>
+ <param name="namespace">/secure</param>
+ </result>
+ <result name="error">/index.jsp</result>
+ <interceptor-ref name="defaultStack"/>
+ </action>
+
+ <action name="logout" method="logout" class="at.gv.egovernment.moa.id.configuration.struts.action.IndexAction">
+ <result name="success" type="redirectAction">
+ <param name="actionName">index</param>
+ <param name="namespace">/</param>
+ </result>
+ <interceptor-ref name="defaultStack"/>
+ </action>
+
<action name="error" method="error" class="at.gv.egovernment.moa.id.configuration.struts.action.IndexAction">
<result name="error">/error.jsp</result>
<interceptor-ref name="defaultStack"/>
@@ -25,45 +42,70 @@
<package name="secure" namespace="/secure" extends="struts-default">
<default-interceptor-ref name="defaultStack"/>
-
+
+ <action name="index">
+ <result type="redirectAction">
+ <param name="actionName">index</param>
+ <param name="namespace">/</param>
+ </result>
+ </action>
+
<action name="main" method="generateMainFrame" class="at.gv.egovernment.moa.id.configuration.struts.action.MainAction">
<result name="success">/jsp/mainpage.jsp</result>
<result name="error">/error.jsp</result>
- <result name="reauthentication">/index.jsp</result>
+ <result name="reauthentication" type="redirectAction">
+ <param name="actionName">logout</param>
+ <param name="namespace">/</param>
+ </result>
<interceptor-ref name="defaultStack"/>
- </action>
-
+ </action>
+
<action name="listallapplications" method="listAllOnlineAppliactions" class="at.gv.egovernment.moa.id.configuration.struts.action.ListOAsAction">
<result name="success">/jsp/listOAs.jsp</result>
<result name="error">/error.jsp</result>
- <result name="reauthentication">/index.jsp</result>
+ <result name="reauthentication" type="redirectAction">
+ <param name="actionName">logout</param>
+ <param name="namespace">/</param>
+ </result>
<interceptor-ref name="defaultStack"/>
</action>
<action name="searchOAInit" method="searchOAInit" class="at.gv.egovernment.moa.id.configuration.struts.action.ListOAsAction">
<result name="success">/jsp/searchOAs.jsp</result>
- <result name="reauthentication">/index.jsp</result>
+ <result name="reauthentication" type="redirectAction">
+ <param name="actionName">logout</param>
+ <param name="namespace">/</param>
+ </result>
<interceptor-ref name="defaultStack"/>
</action>
<action name="searchOA" method="searchOA" class="at.gv.egovernment.moa.id.configuration.struts.action.ListOAsAction">
<result name="success">/jsp/searchOAs.jsp</result>
<result name="error">/error.jsp</result>
- <result name="reauthentication">/index.jsp</result>
+ <result name="reauthentication" type="redirectAction">
+ <param name="actionName">logout</param>
+ <param name="namespace">/</param>
+ </result>
<interceptor-ref name="defaultStack"/>
</action>
<action name="newOA" method="newOA" class="at.gv.egovernment.moa.id.configuration.struts.action.EditOAAction">
<result name="editOA">/jsp/editOAGeneral.jsp</result>
<result name="error">/error.jsp</result>
- <result name="reauthentication">/index.jsp</result>
+ <result name="reauthentication" type="redirectAction">
+ <param name="actionName">logout</param>
+ <param name="namespace">/</param>
+ </result>
<interceptor-ref name="defaultStack"/>
</action>
<action name="loadOA" method="inital" class="at.gv.egovernment.moa.id.configuration.struts.action.EditOAAction">
<result name="editOA">/jsp/editOAGeneral.jsp</result>
<result name="error">/error.jsp</result>
- <result name="reauthentication">/index.jsp</result>
+ <result name="reauthentication" type="redirectAction">
+ <param name="actionName">logout</param>
+ <param name="namespace">/</param>
+ </result>
<interceptor-ref name="defaultStack"/>
</action>
@@ -71,27 +113,39 @@
<result name="success" type="chain">main</result>
<result name="error_validation">/jsp/editOAGeneral.jsp</result>
<result name="error">/error.jsp</result>
- <result name="reauthentication">/index.jsp</result>
+ <result name="reauthentication" type="redirectAction">
+ <param name="actionName">logout</param>
+ <param name="namespace">/</param>
+ </result>
<interceptor-ref name="defaultStack"/>
</action>
<action name="cancleandbackOA" method="cancleAndBackOA" class="at.gv.egovernment.moa.id.configuration.struts.action.EditOAAction">
<result type="chain">main</result>
- <result name="reauthentication">/index.jsp</result>
+ <result name="reauthentication" type="redirectAction">
+ <param name="actionName">logout</param>
+ <param name="namespace">/</param>
+ </result>
<interceptor-ref name="defaultStack"/>
</action>
<action name="deleteOA" method="deleteOA" class="at.gv.egovernment.moa.id.configuration.struts.action.EditOAAction">
<result type="chain">main</result>
<result name="error_validation">/jsp/editOAGeneral.jsp</result>
- <result name="reauthentication">/index.jsp</result>
+ <result name="reauthentication" type="redirectAction">
+ <param name="actionName">logout</param>
+ <param name="namespace">/</param>
+ </result>
<interceptor-ref name="defaultStack"/>
</action>
<action name="loadGeneralConfig" method="loadConfig" class="at.gv.egovernment.moa.id.configuration.struts.action.EditGeneralConfigAction">
<result name="success">/jsp/editMOAConfig.jsp</result>
<result name="error">/error.jsp</result>
- <result name="reauthentication">/index.jsp</result>
+ <result name="reauthentication" type="redirectAction">
+ <param name="actionName">logout</param>
+ <param name="namespace">/</param>
+ </result>
<result name="notallowed" type="chain">main</result>
<interceptor-ref name="defaultStack"/>
</action>
@@ -100,7 +154,10 @@
<result name="success" type="chain">main</result>
<result name="error_validation">/jsp/editMOAConfig.jsp</result>
<result name="error">/error.jsp</result>
- <result name="reauthentication">/index.jsp</result>
+ <result name="reauthentication" type="redirectAction">
+ <param name="actionName">logout</param>
+ <param name="namespace">/</param>
+ </result>
<result name="notallowed" type="chain">main</result>
<interceptor-ref name="defaultStack"/>
</action>
@@ -108,17 +165,116 @@
<action name="backGeneralConfig" method="back" class="at.gv.egovernment.moa.id.configuration.struts.action.EditGeneralConfigAction">
<result name="success" type="chain">main</result>
<result name="error">/error.jsp</result>
- <result name="reauthentication">/index.jsp</result>
+ <result name="reauthentication" type="redirectAction">
+ <param name="actionName">logout</param>
+ <param name="namespace">/</param>
+ </result>
+ <interceptor-ref name="defaultStack"/>
+ </action>
+
+ <action name="importexport" method="init" class="at.gv.egovernment.moa.id.configuration.struts.action.ImportExportAction">
+ <result name="success">/jsp/importexport.jsp</result>
+ <result name="reauthentication" type="redirectAction">
+ <param name="actionName">logout</param>
+ <param name="namespace">/</param>
+ </result>
+ <result name="notallowed" type="chain">main</result>
<interceptor-ref name="defaultStack"/>
</action>
- <action name="addTestUser" method="createTestUser" class="at.gv.egovernment.moa.id.configuration.struts.action.UserManagementAction">
- <result name="success" type="chain">main</result>
+ <action name="importlegacy" method="importLegacyConfig" class="at.gv.egovernment.moa.id.configuration.struts.action.ImportExportAction">
+ <result name="success">/jsp/mainpage.jsp</result>
+ <result name="error_validation">/jsp/importexport.jsp</result>
+ <result name="reauthentication" type="redirectAction">
+ <param name="actionName">logout</param>
+ <param name="namespace">/</param>
+ </result>
+ <result name="notallowed">/jsp/mainpage.jsp</result>
+ <interceptor-ref name="defaultStack"/>
+ </action>
+
+ <action name="importConfig" method="importXMLConfig" class="at.gv.egovernment.moa.id.configuration.struts.action.ImportExportAction">
+ <result name="success">/jsp/mainpage.jsp</result>
+ <result name="error_validation">/jsp/importexport.jsp</result>
+ <result name="reauthentication" type="redirectAction">
+ <param name="actionName">logout</param>
+ <param name="namespace">/</param>
+ </result>
+ <result name="notallowed">/jsp/mainpage.jsp</result>
+ <interceptor-ref name="defaultStack"/>
+ </action>
+
+ <action name="exportConfig" method="downloadXMLConfig" class="at.gv.egovernment.moa.id.configuration.struts.action.ImportExportAction">
+ <result name="success" type="stream">
+ <param name="contentType">application/octet-stream</param>
+ <param name="inputName">fileInputStream</param>
+ <param name="contentDisposition">attachment;filename="MOAID-2.0_config.xml"</param>
+ <param name="bufferSize">1024</param>
+ </result>
+ <result name="reauthentication" type="redirectAction">
+ <param name="actionName">logout</param>
+ <param name="namespace">/</param>
+ </result>
+ <result name="error_validation">/jsp/importexport.jsp</result>
+ <result name="notallowed">/jsp/mainpage.jsp</result>
+ <interceptor-ref name="defaultStack"/>
+ </action>
+
+ <action name="usermanagementInit" method="init" class="at.gv.egovernment.moa.id.configuration.struts.action.UserManagementAction">
+ <result name="success">/jsp/usermanagement.jsp</result>
+ <result name="notallowed">/jsp/edituser.jsp</result>
<result name="error">/error.jsp</result>
- <result name="reauthentication">/index.jsp</result>
+ <result name="reauthentication" type="redirectAction">
+ <param name="actionName">logout</param>
+ <param name="namespace">/</param>
+ </result>
<interceptor-ref name="defaultStack"/>
</action>
-
+
+ <action name="createUser" method="createuser" class="at.gv.egovernment.moa.id.configuration.struts.action.UserManagementAction">
+ <result name="success">/jsp/edituser.jsp</result>
+ <result name="notallowed" type="chain">main</result>
+ <result name="error">/error.jsp</result>
+ <result name="reauthentication" type="redirectAction">
+ <param name="actionName">logout</param>
+ <param name="namespace">/</param>
+ </result>
+ <interceptor-ref name="defaultStack"/>
+ </action>
+
+ <action name="editUser" method="edituser" class="at.gv.egovernment.moa.id.configuration.struts.action.UserManagementAction">
+ <result name="success">/jsp/edituser.jsp</result>
+ <result name="error">/error.jsp</result>
+ <result name="reauthentication" type="redirectAction">
+ <param name="actionName">logout</param>
+ <param name="namespace">/</param>
+ </result>
+ <interceptor-ref name="defaultStack"/>
+ </action>
+
+ <action name="deleteUser" method="deleteuser" class="at.gv.egovernment.moa.id.configuration.struts.action.UserManagementAction">
+ <result name="success" type="chain">usermanagementInit</result>
+ <result name="notallowed" type="chain">main</result>
+ <result name="error">/error.jsp</result>
+ <result name="reauthentication" type="redirectAction">
+ <param name="actionName">logout</param>
+ <param name="namespace">/</param>
+ </result>
+ <interceptor-ref name="defaultStack"/>
+ </action>
+
+ <action name="saveUser" method="saveuser" class="at.gv.egovernment.moa.id.configuration.struts.action.UserManagementAction">
+ <result name="success" type="chain">usermanagementInit</result>
+ <result name="error_validation">/jsp/edituser.jsp</result>
+ <result name="notallowed" type="chain">main</result>
+ <result name="error">/error.jsp</result>
+ <result name="reauthentication" type="redirectAction">
+ <param name="actionName">logout</param>
+ <param name="namespace">/</param>
+ </result>
+ <interceptor-ref name="defaultStack"/>
+ </action>
+
</package>
</struts> \ No newline at end of file
diff --git a/id/ConfigWebTool/src/main/webapp/WEB-INF/web.xml b/id/ConfigWebTool/src/main/webapp/WEB-INF/web.xml
index c8ba8ab8a..7b27b0c4d 100644
--- a/id/ConfigWebTool/src/main/webapp/WEB-INF/web.xml
+++ b/id/ConfigWebTool/src/main/webapp/WEB-INF/web.xml
@@ -8,23 +8,23 @@
<filter-class>at.gv.egovernment.moa.id.configuration.filter.AuthenticationFilter</filter-class>
<init-param>
<param-name>loginPage</param-name>
- <param-value>index.action</param-value>
+ <param-value>./index.action</param-value>
</init-param>
<init-param>
<param-name>errorPage</param-name>
- <param-value>error.action</param-value>
+ <param-value>./error.action</param-value>
</init-param>
<init-param>
<param-name>sessionLostPage</param-name>
- <param-value>/</param-value>
+ <param-value>./authenticate.action</param-value>
</init-param>
- <init-param>
+ <init-param>
<param-name>authenticatedPage</param-name>
- <param-value>main.action</param-value>
+ <param-value>./secure/main.action</param-value>
</init-param>
<init-param>
<param-name>allowed</param-name>
- <param-value>^.*((/index.action)|(/error.action)|(/jsp/.*)|(/css/.*)|(/images/.*)|(/js/.*))$</param-value>
+ <param-value>^.*((/index.action)|(/error.action)|(/authenticate.action)|(/logout.action)|(/jsp/.*)|(/css/.*)|(/images/.*)|(/js/.*))$</param-value>
</init-param>
</filter>
<filter-mapping>
diff --git a/id/ConfigWebTool/src/main/webapp/css/index.css b/id/ConfigWebTool/src/main/webapp/css/index.css
index 5edddd506..49e9f41d1 100644
--- a/id/ConfigWebTool/src/main/webapp/css/index.css
+++ b/id/ConfigWebTool/src/main/webapp/css/index.css
@@ -6,12 +6,17 @@
display: block;
}
-#header_area>p {
+#header_area>div {
font-size: 20px;
margin-left: 25px;
padding-top: 8px;
}
+#header_area #logoutbutton {
+ float: right;
+ padding-right: 25px;
+}
+
#menu_area {
margin-top: 25px;
border-color: black;
@@ -245,6 +250,28 @@ div .wwgrp br {
float: left;
}
+.userListFirst {
+ position: relative;
+ width: 200px;
+ float: left;
+
+}
+
+.userListSecond {
+ position: relative;
+ float: left;
+ width: 200px;
+}
+
+.userListThird {
+ position: relative;
+ float: left;
+}
+
+.disabled {
+
+}
+
#footer_area {
background-color: green;
clear: both;
diff --git a/id/ConfigWebTool/src/main/webapp/index.jsp b/id/ConfigWebTool/src/main/webapp/index.jsp
index 44d3bef5a..4e49eac75 100644
--- a/id/ConfigWebTool/src/main/webapp/index.jsp
+++ b/id/ConfigWebTool/src/main/webapp/index.jsp
@@ -15,9 +15,40 @@
<h1><%=LanguageHelper.getGUIString("webpages.index.header", request) %></h1>
<div id="information_area">
+ <s:if test="hasActionErrors()">
+ <div id="error_area">
+ <label><%=LanguageHelper.getGUIString("error.title", request) %></label>
+ <s:actionerror/>
+ </div>
+ </s:if>
+
+ <div id="information_area">
<p><%=LanguageHelper.getGUIString("webpages.index.desciption.head", request) %></p>
- <br/>
- <a href="secure/main.action">Login</a>
+
+ <div class="oa_config_block">
+
+ <s:form namespace="/" method="POST" enctype="multipart/form-data">
+
+ <s:textfield name="username"
+ value="%{username}"
+ labelposition="left"
+ key="webpages.edituser.username"
+ cssClass="textfield_long"
+ maxlength="16">
+ </s:textfield>
+
+ <s:password name="password"
+ labelposition="left"
+ key="webpages.edituser.password"
+ cssClass="textfield_long"
+ maxlength="16">
+ </s:password>
+
+ <s:submit key="webpages.index.login" action="authenticate"/>
+
+ </s:form>
+ </div>
+
</div>
</body>
diff --git a/id/ConfigWebTool/src/main/webapp/js/common.js b/id/ConfigWebTool/src/main/webapp/js/common.js
index 431824c2a..5271a4006 100644
--- a/id/ConfigWebTool/src/main/webapp/js/common.js
+++ b/id/ConfigWebTool/src/main/webapp/js/common.js
@@ -48,6 +48,10 @@ function editOA(oaid){
$('#selectOAForm_OAID').val(oaid);
$('#selectOAForm').submit();
}
+function userOA(userid){
+ $('#selectUserForm_OAID').val(userid);
+ $('#selectUserForm').submit();
+}
function oaOnLoad() {
oaBusinessService();
oaSSOService();
diff --git a/id/ConfigWebTool/src/main/webapp/jsp/edituser.jsp b/id/ConfigWebTool/src/main/webapp/jsp/edituser.jsp
new file mode 100644
index 000000000..a332fb425
--- /dev/null
+++ b/id/ConfigWebTool/src/main/webapp/jsp/edituser.jsp
@@ -0,0 +1,142 @@
+<%@page import="at.gv.egovernment.moa.id.configuration.helper.LanguageHelper"%>
+
+<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%>
+<%@ taglib prefix="s" uri="/struts-tags" %>
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<html>
+ <head>
+ <meta content="text/html; charset=utf-8" http-equiv="Content-Type">
+ <link rel="stylesheet" type="text/css" href="../css/index.css">
+ <title><%=LanguageHelper.getGUIString("title", request) %></title>
+ <script type="text/javascript" src="../js/common.js"></script>
+ <script src="../js/jquery.js"></script>
+ </head>
+
+ <body>
+
+ <jsp:include page="snippets/header_userinfos.jsp"></jsp:include>
+
+ <jsp:include page="snippets/main_menu.jsp"></jsp:include>
+
+ <div id="information_area">
+ <s:if test="hasActionErrors()">
+ <div id="error_area">
+ <label><%=LanguageHelper.getGUIString("error.title", request) %></label>
+ <s:actionerror/>
+ </div>
+ </s:if>
+
+ <div id="list_area">
+
+ <s:form namespace="/secure" method="POST" enctype="multipart/form-data">
+
+ <div class="oa_config_block">
+ <h3><%=LanguageHelper.getGUIString("webpages.edituser.header", request) %></h3>
+ <s:textfield name="user.givenName"
+ value="%{user.givenName}"
+ labelposition="left"
+ key="webpages.edituser.givenname"
+ cssClass="textfield_long">
+ </s:textfield>
+ <s:textfield name="user.familyName"
+ value="%{user.familyName}"
+ labelposition="left"
+ key="webpages.edituser.familyName"
+ cssClass="textfield_long">
+ </s:textfield>
+ <s:textfield name="user.institut"
+ value="%{user.institut}"
+ labelposition="left"
+ key="webpages.edituser.institut"
+ cssClass="textfield_long">
+ </s:textfield>
+ <s:textfield name="user.mail"
+ value="%{user.mail}"
+ labelposition="left"
+ key="webpages.edituser.mail"
+ cssClass="textfield_long">
+ </s:textfield>
+ <s:textfield name="user.phone"
+ value="%{user.phone}"
+ labelposition="left"
+ key="webpages.edituser.phone"
+ cssClass="textfield_long">
+ </s:textfield>
+ </div>
+
+ <div class="oa_config_block">
+ <h3><%=LanguageHelper.getGUIString("webpages.edituser.access.header", request) %></h3>
+ <s:if test="isNewUser()">
+ <s:textfield name="user.username"
+ value="%{user.username}"
+ labelposition="left"
+ key="webpages.edituser.username"
+ cssClass="textfield_long"
+ maxlength="16">
+ </s:textfield>
+ </s:if>
+ <s:else>
+ <s:textfield name="user.username"
+ value="%{user.username}"
+ labelposition="left"
+ key="webpages.edituser.username"
+ cssClass="textfield_long"
+ disabled="true"
+ maxlength="16">
+ </s:textfield>
+ </s:else>
+
+ <s:password name="user.password"
+ labelposition="left"
+ key="webpages.edituser.password"
+ cssClass="textfield_long"
+ maxlength="16">
+ </s:password>
+
+ <s:textfield name="user.bpk"
+ value="%{user.bpk}"
+ labelposition="left"
+ key="webpages.edituser.bpk"
+ cssClass="textfield_long">
+ </s:textfield>
+ </div>
+
+ <s:if test="authUser.isAdmin()">
+ <div class="oa_config_block">
+ <h3><%=LanguageHelper.getGUIString("webpages.edituser.role.header", request) %></h3>
+ <s:checkbox name="user.active"
+ value="%{user.active}"
+ labelposition="left"
+ key="webpages.edituser.active"
+ cssClass="checkbox">
+ </s:checkbox>
+ <s:checkbox name="user.admin"
+ value="%{user.admin}"
+ labelposition="left"
+ key="webpages.edituser.admin"
+ cssClass="checkbox">
+ </s:checkbox>
+ </div>
+ </s:if>
+
+ <s:hidden name="user.userID" value="%{user.userID}"></s:hidden>
+
+ <div id="button_area">
+
+ <s:if test="authUser.isAdmin()">
+ <s:submit key="webpages.edit.back" action="usermanagementInit"/>
+ </s:if>
+ <s:submit key="webpages.edit.save" action="saveUser"/>
+ <s:if test="!isNewUser()">
+ <s:submit key="webpages.edit.delete.user" action="deleteUser"/>
+ </s:if>
+ </div>
+ </s:form>
+ </div>
+ </div>
+
+ <jsp:include page="snippets/footer.jsp"></jsp:include>
+
+ </body>
+</html> \ No newline at end of file
diff --git a/id/ConfigWebTool/src/main/webapp/jsp/importexport.jsp b/id/ConfigWebTool/src/main/webapp/jsp/importexport.jsp
new file mode 100644
index 000000000..b28bc5f57
--- /dev/null
+++ b/id/ConfigWebTool/src/main/webapp/jsp/importexport.jsp
@@ -0,0 +1,76 @@
+<%@page import="at.gv.egovernment.moa.id.configuration.helper.LanguageHelper"%>
+
+<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%>
+<%@ taglib prefix="s" uri="/struts-tags" %>
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<html>
+ <head>
+ <meta content="text/html; charset=utf-8" http-equiv="Content-Type">
+ <link rel="stylesheet" type="text/css" href="../css/index.css">
+ <title><%=LanguageHelper.getGUIString("title", request) %></title>
+ <script type="text/javascript" src="../js/common.js"></script>
+ <script src="../js/jquery.js"></script>
+ </head>
+
+ <body>
+
+ <jsp:include page="snippets/header_userinfos.jsp"></jsp:include>
+
+ <jsp:include page="snippets/main_menu.jsp"></jsp:include>
+
+ <div id="information_area">
+ <s:if test="hasActionErrors()">
+ <div id="error_area">
+ <label><%=LanguageHelper.getGUIString("error.title", request) %></label>
+ <s:actionerror/>
+ </div>
+ </s:if>
+
+ <div id="list_area">
+ <h2><%=LanguageHelper.getGUIString("webpages.inportexport.header", request) %></h2>
+
+
+ <s:if test="authUser.isAdmin()">
+
+ <p><%=LanguageHelper.getGUIString("webpages.inportexport.descripten", request) %></p>
+
+ <s:form namespace="/secure" method="POST" enctype="multipart/form-data">
+
+
+ <div class="oa_config_block">
+ <h3><%=LanguageHelper.getGUIString("webpages.inportexport.legacyimport.header", request) %></h3>
+ <s:file name="fileUpload" key="webpages.inportexport.legacyimport.upload" cssClass="textfield_long"></s:file>
+
+ <div id="button_area">
+ <%-- <s:submit key="webpages.edit.back" action="main"/> --%>
+ <s:submit key="webpages.edit.import" action="importlegacy"/>
+ </div>
+ </div>
+
+ </s:form>
+
+ <s:form namespace="/secure" method="POST" enctype="multipart/form-data">
+
+
+ <div class="oa_config_block">
+ <h3><%=LanguageHelper.getGUIString("webpages.inportexport.import.header", request) %></h3>
+ <s:file name="fileUpload" key="webpages.inportexport.import.upload" cssClass="textfield_long"></s:file>
+
+ <div id="button_area">
+ <s:submit key="webpages.edit.import" action="importConfig"/>
+ <s:submit key="webpages.edit.export" action="exportConfig"/>
+ </div>
+
+ </div>
+ </s:form>
+ </s:if>
+
+ </div>
+
+ </div>
+
+ <jsp:include page="snippets/footer.jsp"></jsp:include>
+
+ </body>
+</html> \ No newline at end of file
diff --git a/id/ConfigWebTool/src/main/webapp/jsp/mainpage.jsp b/id/ConfigWebTool/src/main/webapp/jsp/mainpage.jsp
index c3a4921e9..b700970cc 100644
--- a/id/ConfigWebTool/src/main/webapp/jsp/mainpage.jsp
+++ b/id/ConfigWebTool/src/main/webapp/jsp/mainpage.jsp
@@ -26,7 +26,7 @@
</div>
</s:if>
- <p>das ist ein Test Text</p>
+ <p>Im Menü auf der rechten Seite können Sie die einzelnen Operationen wählen.</p>
</div>
<jsp:include page="snippets/footer.jsp"></jsp:include>
diff --git a/id/ConfigWebTool/src/main/webapp/jsp/snippets/header_userinfos.jsp b/id/ConfigWebTool/src/main/webapp/jsp/snippets/header_userinfos.jsp
index a10b6e202..56fcf9681 100644
--- a/id/ConfigWebTool/src/main/webapp/jsp/snippets/header_userinfos.jsp
+++ b/id/ConfigWebTool/src/main/webapp/jsp/snippets/header_userinfos.jsp
@@ -4,9 +4,14 @@
<html>
<div id="header_area">
- <p><%=LanguageHelper.getGUIString("webpages.header.info", request) %>
+ <div><%=LanguageHelper.getGUIString("webpages.header.info", request) %>
<s:property value="authUser.givenName"/> <s:property value="authUser.familyName"/>,&nbsp;&nbsp;&nbsp;
<%=LanguageHelper.getGUIString("webpages.header.lastlogin", request) %> <s:property value="authUser.lastLogin"/>
- </p>
+
+ <s:url action="logout" var="logoutURL" namespace="/"/>
+ <a id="logoutbutton" href="<s:property value="#logoutURL" />"><%=LanguageHelper.getGUIString("webpages.index.logout", request) %></a>
+ </div>
+
+
</div>
</html> \ No newline at end of file
diff --git a/id/ConfigWebTool/src/main/webapp/jsp/snippets/main_menu.jsp b/id/ConfigWebTool/src/main/webapp/jsp/snippets/main_menu.jsp
index 06bb1130c..26b12cdcb 100644
--- a/id/ConfigWebTool/src/main/webapp/jsp/snippets/main_menu.jsp
+++ b/id/ConfigWebTool/src/main/webapp/jsp/snippets/main_menu.jsp
@@ -5,34 +5,38 @@
<html>
<div id="menu_area">
<div class="menu_element">
- <s:url action="newOA.action" var="newOA" namespace="/secure"/>
+ <s:url action="newOA" var="newOA" namespace="/secure"/>
<a href="<s:property value="#newOA" />"><%=LanguageHelper.getGUIString("webpages.mainpage.menu.oa.insert", request) %></a>
</div>
<div class="menu_element">
- <s:url action="searchOAInit.action" var="searchOAs" namespace="/secure"/>
+ <s:url action="searchOAInit" var="searchOAs" namespace="/secure"/>
<a href="<s:property value="#searchOAs" />"><%=LanguageHelper.getGUIString("webpages.mainpage.menu.oa.search", request) %></a>
</div>
<div class="menu_element">
- <s:url action="listallapplications.action" var="listAllOAs" namespace="/secure"/>
+ <s:url action="listallapplications" var="listAllOAs" namespace="/secure"/>
<a href="<s:property value="#listAllOAs" />"><%=LanguageHelper.getGUIString("webpages.mainpage.menu.oa.display", request) %></a>
</div>
<s:if test="authUser.isAdmin()">
<div class="menu_element">
- <s:url action="loadGeneralConfig.action" var="generalConfig" namespace="/secure"/>
+ <s:url action="loadGeneralConfig" var="generalConfig" namespace="/secure"/>
<a href="<s:property value="#generalConfig" />"><%=LanguageHelper.getGUIString("webpages.mainpage.menu.general.config.moaid", request) %></a>
</div>
<div class="menu_element">
- <a href=""><%=LanguageHelper.getGUIString("webpages.mainpage.menu.general.importexport", request) %></a>
- </div>
- <div class="menu_element">
- <a href=""><%=LanguageHelper.getGUIString("webpages.mainpage.menu.general.usermanagement", request) %></a>
+ <s:url action="importexport" var="importexportUrl" namespace="/secure"/>
+ <a href="<s:property value="#importexportUrl" />"><%=LanguageHelper.getGUIString("webpages.mainpage.menu.general.importexport", request) %></a>
</div>
</s:if>
<div class="menu_element">
- <a href=""><%=LanguageHelper.getGUIString("webpages.mainpage.menu.general.user", request) %></a>
+ <s:url action="usermanagementInit" var="userManagementUrl" namespace="/secure"/>
+ <a href="<s:property value="#userManagementUrl" />"><%=LanguageHelper.getGUIString("webpages.mainpage.menu.general.usermanagement", request) %></a>
</div>
+
+<%-- <div class="menu_element">
+ <a href=""><%=LanguageHelper.getGUIString("webpages.mainpage.menu.general.user", request) %></a>
+ </div> --%>
+
</div>
</html> \ No newline at end of file
diff --git a/id/ConfigWebTool/src/main/webapp/jsp/snippets/oas_list.jsp b/id/ConfigWebTool/src/main/webapp/jsp/snippets/oas_list.jsp
index 2e1b0365f..113e822f8 100644
--- a/id/ConfigWebTool/src/main/webapp/jsp/snippets/oas_list.jsp
+++ b/id/ConfigWebTool/src/main/webapp/jsp/snippets/oas_list.jsp
@@ -28,7 +28,7 @@
</s:iterator>
</div>
- <s:form namespace="/" method="GET" id="selectOAForm" action="loadOA" namespace="/secure">
+ <s:form method="POST" id="selectOAForm" action="loadOA" namespace="/secure">
<s:hidden id="selectOAForm_OAID" name="oaidobj"></s:hidden>
</s:form>
</s:if>
diff --git a/id/ConfigWebTool/src/main/webapp/jsp/snippets/user_list.jsp b/id/ConfigWebTool/src/main/webapp/jsp/snippets/user_list.jsp
new file mode 100644
index 000000000..c5b67cbac
--- /dev/null
+++ b/id/ConfigWebTool/src/main/webapp/jsp/snippets/user_list.jsp
@@ -0,0 +1,42 @@
+<%@page import="at.gv.egovernment.moa.id.configuration.helper.LanguageHelper"%>
+<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%>
+<%@ taglib prefix="s" uri="/struts-tags" %>
+
+<html>
+ <s:if test="userlist && userlist.size > 0">
+ <h3><%=LanguageHelper.getGUIString("webpages.listUsers.list.header", request) %></h3>
+ <div id="list_area">
+ <div id="listHeader" class="listElement">
+ <div class="userListFirst">
+ <%=LanguageHelper.getGUIString("webpages.listUsers.list.first", request) %>
+ </div>
+ <div class="userListSecond">
+ <%=LanguageHelper.getGUIString("webpages.listUsers.list.second", request) %>
+ </div>
+ <div class="userListThird">
+ <%=LanguageHelper.getGUIString("webpages.listUsers.list.third", request) %>
+ </div>
+ </div>
+
+ <s:iterator var="UserElement" value="userlist">
+
+ <div class="listElement" onclick="userOA(<s:property value='userID'/>);">
+ <div class="userListFirst">
+ <s:property value="givenName"/>
+ </div>
+ <div class="userListSecond">
+ <s:property value="familyName"/>
+ </div>
+ <div class="userListThird">
+ <s:property value="userName"/>
+ </div>
+ </div>
+
+ </s:iterator>
+ </div>
+
+ <s:form method="POST" id="selectUserForm" action="editUser" namespace="/secure">
+ <s:hidden id="selectUserForm_OAID" name="useridobj"></s:hidden>
+ </s:form>
+ </s:if>
+</html> \ No newline at end of file
diff --git a/id/ConfigWebTool/src/main/webapp/jsp/usermanagement.jsp b/id/ConfigWebTool/src/main/webapp/jsp/usermanagement.jsp
new file mode 100644
index 000000000..a29780cff
--- /dev/null
+++ b/id/ConfigWebTool/src/main/webapp/jsp/usermanagement.jsp
@@ -0,0 +1,50 @@
+<%@page import="at.gv.egovernment.moa.id.configuration.helper.LanguageHelper"%>
+
+<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%>
+<%@ taglib prefix="s" uri="/struts-tags" %>
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<html>
+ <head>
+ <meta content="text/html; charset=utf-8" http-equiv="Content-Type">
+ <link rel="stylesheet" type="text/css" href="../css/index.css">
+ <title><%=LanguageHelper.getGUIString("title", request) %></title>
+ <script type="text/javascript" src="../js/common.js"></script>
+ <script src="../js/jquery.js"></script>
+ </head>
+
+ <body>
+
+ <jsp:include page="snippets/header_userinfos.jsp"></jsp:include>
+
+ <jsp:include page="snippets/main_menu.jsp"></jsp:include>
+
+ <div id="information_area">
+ <s:if test="hasActionErrors()">
+ <div id="error_area">
+ <label><%=LanguageHelper.getGUIString("error.title", request) %></label>
+ <s:actionerror/>
+ </div>
+ </s:if>
+
+ <h2><%=LanguageHelper.getGUIString("webpages.usermanagement.header", request) %></h2>
+
+ <s:if test="authUser.isAdmin()">
+
+ <jsp:include page="snippets/user_list.jsp"></jsp:include>
+
+ <div id="list_area">
+ <s:form namespace="/secure" method="POST" enctype="multipart/form-data">
+ <div id="button_area">
+ <s:submit key="webpages.usermanagement.newuser" action="createUser"/>
+ </div>
+ </s:form>
+ </div>
+ </s:if>
+
+ </div>
+
+ <jsp:include page="snippets/footer.jsp"></jsp:include>
+
+ </body>
+</html> \ No newline at end of file
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
index 3fc59a78d..da3a79d32 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
@@ -344,7 +344,7 @@ public class AuthConfigurationProvider extends ConfigurationProvider {
if (MiscUtil.isNotEmpty(legacyconfig)) {
Logger.warn("WARNING! MOA-ID 2.0 is started with legacy configuration. This setup is not recommended!");
- MOAIDConfiguration moaconfig = BuildFromLegacyConfig.build(legacyconfig, rootConfigFileDir, props);
+ MOAIDConfiguration moaconfig = BuildFromLegacyConfig.build(new File(legacyconfig), rootConfigFileDir);
ConfigurationDBUtils.save(moaconfig);
Logger.info("Legacy Configuration load is completed.");
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java
index e70830f93..99567478d 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java
@@ -24,6 +24,7 @@ import org.opensaml.xml.parse.BasicParserPool;
import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWSecureSocketFactory;
import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead;
+import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
import at.gv.egovernment.moa.id.commons.db.dao.config.OAPVP2;
import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
@@ -93,8 +94,9 @@ public class MOAMetadataProvider implements MetadataProvider {
Logger.error(
"Failed to add Metadata (unhandled reason: "
+ e.getMessage(), e);
- }
+ }
}
+
internalProvider = chainProvider;
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SessionEncrytionUtil.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SessionEncrytionUtil.java
index 4ae4e5c44..1f8c31bb5 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SessionEncrytionUtil.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SessionEncrytionUtil.java
@@ -32,6 +32,7 @@ public class SessionEncrytionUtil {
SecretKey tmp = factory.generateSecret(spec);
secret = new SecretKeySpec(tmp.getEncoded(), "AES");
+
} else {
Logger.warn("MOASession encryption is deaktivated.");
}
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBRead.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBRead.java
index 08cb32625..795981777 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBRead.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBRead.java
@@ -24,6 +24,8 @@ public class ConfigurationDBRead {
QUERIES.put("getAllActiveOnlineApplications", "select onlineapplication from OnlineApplication onlineapplication where onlineapplication.isActive = '1'");
QUERIES.put("getMOAIDConfiguration", "select moaidconfiguration from MOAIDConfiguration moaidconfiguration");
QUERIES.put("getUserWithUserID", "select userdatabase from UserDatabase userdatabase where userdatabase.hjid = :id");
+ QUERIES.put("getUserWithUserUsername", "select userdatabase from UserDatabase userdatabase where userdatabase.username = :username");
+ QUERIES.put("getAllUsers", "select userdatabase from UserDatabase userdatabase");
QUERIES.put("searchOnlineApplicationsWithID", "select onlineapplication from OnlineApplication onlineapplication where onlineapplication.friendlyName like :id"); }
@SuppressWarnings("rawtypes")
@@ -133,6 +135,24 @@ public class ConfigurationDBRead {
return result;
}
+ public static List<UserDatabase> getAllUsers() {
+ Logger.trace("Get All OnlineApplications from database.");
+
+ List<UserDatabase> result;
+ EntityManager session = ConfigurationDBUtils.getCurrentSession();
+
+ javax.persistence.Query query = session.createQuery(QUERIES.get("getAllUsers"));
+ result = query.getResultList();
+
+ Logger.trace("Found entries: " + result.size());
+
+ if (result.size() == 0) {
+ Logger.trace("No entries found.");
+ return null;
+ }
+ return result;
+ }
+
public static List<OnlineApplication> getAllActiveOnlineApplications() {
Logger.trace("Get All active OnlineApplications from database.");
@@ -192,5 +212,27 @@ public class ConfigurationDBRead {
return null;
}
return (UserDatabase) result.get(0);
- }
+ }
+
+
+
+ public static UserDatabase getUserWithUserName(String username) {
+ MiscUtil.assertNotNull(username, "UserName");
+ Logger.trace("Getting Userinformation with ID " + username + " from database.");
+
+ List<UserDatabase> result;
+ EntityManager session = ConfigurationDBUtils.getCurrentSession();
+
+ javax.persistence.Query query = session.createQuery(QUERIES.get("getUserWithUserUsername"));
+ query.setParameter("username", username);
+ result = query.getResultList();
+
+ Logger.trace("Found entries: " + result.size());
+
+ if (result.size() == 0) {
+ Logger.trace("No entries found.");
+ return null;
+ }
+ return (UserDatabase) result.get(0);
+ }
}
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBUtils.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBUtils.java
index c8bacb470..16cea07d8 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBUtils.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBUtils.java
@@ -80,6 +80,7 @@ public final class ConfigurationDBUtils {
query.getResultList();
} catch (Throwable e) {
+ Logger.warn("JPA Session Handling Warning!!!! - This error should not occur.");
session = getNewSession();
}