diff options
author | Bojan Suzic <bojan.suzic@iaik.tugraz.at> | 2014-02-24 13:57:41 +0100 |
---|---|---|
committer | Bojan Suzic <bojan.suzic@iaik.tugraz.at> | 2014-02-24 13:57:41 +0100 |
commit | 764cbf7de6caa0064719645afdfde2807c272203 (patch) | |
tree | 555814a276b917fa6e2af00a5fa52733520fc346 /id | |
parent | b7c4c3bbe1e0ad4f4a4789e087f78222ebda58a9 (diff) | |
parent | f1d374bb66f3b48f2a14a8d550c4125c04dde7a8 (diff) | |
download | moa-id-spss-764cbf7de6caa0064719645afdfde2807c272203.tar.gz moa-id-spss-764cbf7de6caa0064719645afdfde2807c272203.tar.bz2 moa-id-spss-764cbf7de6caa0064719645afdfde2807c272203.zip |
Merge branch 'moa2_0_tlenz' of gitlab.iaik.tugraz.at:afitzek/moa-idspss into moa2_0_tlenz_bs_2
Diffstat (limited to 'id')
22 files changed, 197 insertions, 311 deletions
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java index c4db5a76d..fdd566888 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java @@ -128,6 +128,8 @@ public class ConfigurationProvider { UserRequestCleaner.start(); + log.info("MOA-ID-Configuration initialization completed"); + } catch (FileNotFoundException e) { throw new ConfigurationException("config.01", e); diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java index f56ad4604..08ea9f233 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java @@ -70,7 +70,7 @@ public class GeneralMOAIDConfig { private String szrgwURL = null; private String alternativeSourceID = null; private String certStoreDirectory = null; - private boolean trustmanagerrevocationcheck = false; + private boolean trustmanagerrevocationcheck = true; private String timeoutAssertion = String.valueOf(DEFAULTTIMEOUTASSERTION); private String timeoutMOASessionCreated = String.valueOf(DEFAULTTIMEOUTMOASESSIONCREATED); @@ -93,7 +93,6 @@ public class GeneralMOAIDConfig { private String saml1SourceID = null; - private String pvp2PublicUrlPrefix = null; private String pvp2IssuerName = null; private String pvp2OrgName = null; private String pvp2OrgDisplayName = null; @@ -107,7 +106,6 @@ public class GeneralMOAIDConfig { private String ssoTarget = null; private String ssoFriendlyName = null; - private String ssoPublicUrl = null; private String ssoSpecialText = null; private String ssoIdentificationNumber = null; @@ -125,6 +123,8 @@ public class GeneralMOAIDConfig { private String SLRequestTemplateLocal = ""; private String SLRequestTemplateHandy = ""; + private String publicURLPrefix = null; + public GeneralMOAIDConfig() { chainigmodelist = new HashMap<String, String>(); ChainingModeType[] values = ChainingModeType.values(); @@ -160,6 +160,8 @@ public class GeneralMOAIDConfig { certStoreDirectory = authgen.getCertStoreDirectory(); trustmanagerrevocationcheck = authgen.isTrustManagerRevocationChecking(); + publicURLPrefix = authgen.getPublicURLPreFix(); + TimeOuts timeouts = authgen.getTimeOuts(); if (timeouts != null) { @@ -237,7 +239,10 @@ public class GeneralMOAIDConfig { protocolActivePVP21 = pvp2.isIsActive(); - pvp2PublicUrlPrefix = pvp2.getPublicURLPrefix(); + //INFO: only for backup + if (MiscUtil.isEmpty(publicURLPrefix)) + publicURLPrefix = pvp2.getPublicURLPrefix(); + pvp2IssuerName = pvp2.getIssuerName(); List<Contact> con = pvp2.getContact(); @@ -276,7 +281,10 @@ public class GeneralMOAIDConfig { // if (idl != null) // ssoIdentificationNumber = idl.getValue(); - ssoPublicUrl = sso.getPublicURL(); + //INFO: only for backup + if (MiscUtil.isEmpty(publicURLPrefix)) + publicURLPrefix = sso.getPublicURL(); + ssoSpecialText = sso.getSpecialText(); if (MiscUtil.isNotEmpty(sso.getTarget()) && @@ -491,20 +499,6 @@ public class GeneralMOAIDConfig { } /** - * @return the pvp2PublicUrlPrefix - */ - public String getPvp2PublicUrlPrefix() { - return pvp2PublicUrlPrefix; - } - - /** - * @param pvp2PublicUrlPrefix the pvp2PublicUrlPrefix to set - */ - public void setPvp2PublicUrlPrefix(String pvp2PublicUrlPrefix) { - this.pvp2PublicUrlPrefix = pvp2PublicUrlPrefix; - } - - /** * @return the pvp2IssuerName */ public String getPvp2IssuerName() { @@ -645,20 +639,6 @@ public class GeneralMOAIDConfig { } /** - * @return the ssoPublicUrl - */ - public String getSsoPublicUrl() { - return ssoPublicUrl; - } - - /** - * @param ssoPublicUrl the ssoPublicUrl to set - */ - public void setSsoPublicUrl(String ssoPublicUrl) { - this.ssoPublicUrl = ssoPublicUrl; - } - - /** * @return the ssoSpecialText */ public String getSsoSpecialText() { @@ -930,6 +910,21 @@ public class GeneralMOAIDConfig { public void setSaml1SourceID(String saml1SourceID) { this.saml1SourceID = saml1SourceID; } + + /** + * @return the publicURLPrefix + */ + public String getPublicURLPrefix() { + return publicURLPrefix; + } + + /** + * @param publicURLPrefix the publicURLPrefix to set + */ + public void setPublicURLPrefix(String publicURLPrefix) { + this.publicURLPrefix = publicURLPrefix; + } + diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java index 079e6807e..ba58701fc 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java @@ -107,6 +107,8 @@ public class OAGeneralConfig { keyBoxIdentifierList.put(values[i].value(), values[i].value()); } + keyBoxIdentifier = MOAKeyBoxSelector.SECURE_SIGNATURE_KEYPAIR.value(); + bkuLocalURL = Constants.DEFAULT_LOCALBKU_URL; bkuHandyURL = Constants.DEFAULT_HANDYBKU_URL; diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java index 5dccf965d..989641f36 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java @@ -43,7 +43,6 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.Contact; import at.gv.egovernment.moa.id.commons.db.dao.config.DefaultBKUs; import at.gv.egovernment.moa.id.commons.db.dao.config.ForeignIdentities; import at.gv.egovernment.moa.id.commons.db.dao.config.GeneralConfiguration; -import at.gv.egovernment.moa.id.commons.db.dao.config.IdentificationNumber; import at.gv.egovernment.moa.id.commons.db.dao.config.IdentityLinkSigners; import at.gv.egovernment.moa.id.commons.db.dao.config.LegacyAllowed; import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration; @@ -247,9 +246,17 @@ public class EditGeneralConfigAction extends ActionSupport dbauth.setGeneralConfiguration(dbauthgeneral); } - GeneralConfiguration oldauthgeneral = null; - if (oldauth != null) - oldauthgeneral = oldauth.getGeneralConfiguration(); +// GeneralConfiguration oldauthgeneral = null; +// if (oldauth != null) +// oldauthgeneral = oldauth.getGeneralConfiguration(); + + //set Public URL Prefix + String pubURLPrefix = moaconfig.getPublicURLPrefix(); + if(pubURLPrefix.endsWith("/")) { + int length = pubURLPrefix.length(); + pubURLPrefix = pubURLPrefix.substring(0, length-1); + } + dbauthgeneral.setPublicURLPreFix(pubURLPrefix); // if (MiscUtil.isNotEmpty(moaconfig.getAlternativeSourceID())) // dbauthgeneral.setAlternativeSourceID(moaconfig.getAlternativeSourceID()); @@ -336,8 +343,8 @@ public class EditGeneralConfigAction extends ActionSupport if (MiscUtil.isNotEmpty(moaconfig.getPvp2IssuerName())) pvp2.setIssuerName(moaconfig.getPvp2IssuerName()); - if (MiscUtil.isNotEmpty(moaconfig.getPvp2PublicUrlPrefix())) - pvp2.setPublicURLPrefix(moaconfig.getPvp2PublicUrlPrefix()); +// if (MiscUtil.isNotEmpty(moaconfig.getPvp2PublicUrlPrefix())) +// pvp2.setPublicURLPrefix(moaconfig.getPvp2PublicUrlPrefix()); Organization pvp2org = pvp2.getOrganization(); if (pvp2org == null) { @@ -385,8 +392,8 @@ public class EditGeneralConfigAction extends ActionSupport dbsso.setFriendlyName(moaconfig.getSsoFriendlyName()); if (MiscUtil.isNotEmpty(moaconfig.getSsoSpecialText())) dbsso.setSpecialText(moaconfig.getSsoSpecialText()); - if (MiscUtil.isNotEmpty(moaconfig.getSsoPublicUrl())) - dbsso.setPublicURL(moaconfig.getSsoPublicUrl()); +// if (MiscUtil.isNotEmpty(moaconfig.getSsoPublicUrl())) +// dbsso.setPublicURL(moaconfig.getSsoPublicUrl()); if (MiscUtil.isNotEmpty(moaconfig.getSsoTarget())) { diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/ValidationHelper.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/ValidationHelper.java index b0e4804a8..a95d967bb 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/ValidationHelper.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/ValidationHelper.java @@ -167,23 +167,37 @@ public class ValidationHelper { } - public static boolean validateURL(String urlString) { log.debug("Validate URL " + urlString); - //if (urlString.startsWith("http") || urlString.startsWith("https")) { + if (urlString.startsWith("http") || urlString.startsWith("https")) { try { new URL(urlString); return true; } catch (MalformedURLException e) { } - //} + } return false; } +// public static boolean validateGeneralURL(String urlString) { +// +// log.debug("Validate URL " + urlString); +// +// try { +// new URL(urlString); +// return true; +// +// } catch (MalformedURLException e) { +// +// } +// +// return false; +// } + public static boolean isValidAdminTarget(String target) { log.debug("Ueberpruefe Parameter Target"); diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java index 1c7da7079..fcf74a534 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java @@ -62,6 +62,17 @@ public class MOAConfigValidator { } } + check = form.getPublicURLPrefix(); + if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.validateURL(check)) { + log.info("Public URL Prefix is not valid"); + errors.add(LanguageHelper.getErrorString("validation.general.publicURLprefix.valid")); + } + } else { + log.info("PublicURL Prefix is empty."); + errors.add(LanguageHelper.getErrorString("validation.general.publicURLprefix.empty")); + } + check = form.getTimeoutAssertion(); if (MiscUtil.isNotEmpty(check)) { if (!ValidationHelper.validateNumber(check)) { @@ -234,13 +245,13 @@ public class MOAConfigValidator { } } - check = form.getPvp2PublicUrlPrefix(); - if (MiscUtil.isNotEmpty(check)) { - if (!ValidationHelper.validateURL(check)) { - log.info("PVP2 Service URL is not valid"); - errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.serviceurl.valid")); - } - } +// check = form.getPvp2PublicUrlPrefix(); +// if (MiscUtil.isNotEmpty(check)) { +// if (!ValidationHelper.validateURL(check)) { +// log.info("PVP2 Service URL is not valid"); +// errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.serviceurl.valid")); +// } +// } check = form.getSLRequestTemplateHandy(); if (MiscUtil.isEmpty(check)) { @@ -293,13 +304,13 @@ public class MOAConfigValidator { // } // } - check = form.getSsoPublicUrl(); - if (MiscUtil.isNotEmpty(check)) { - if (!ValidationHelper.validateURL(check)) { - log.info("SSO Public URL is not valid"); - errors.add(LanguageHelper.getErrorString("validation.general.sso.publicurl.valid")); - } - } +// check = form.getSsoPublicUrl(); +// if (MiscUtil.isNotEmpty(check)) { +// if (!ValidationHelper.validateURL(check)) { +// log.info("SSO Public URL is not valid"); +// errors.add(LanguageHelper.getErrorString("validation.general.sso.publicurl.valid")); +// } +// } check = form.getSsoSpecialText(); if (MiscUtil.isNotEmpty(check)) { diff --git a/id/ConfigWebTool/src/main/resources/applicationResources.properties b/id/ConfigWebTool/src/main/resources/applicationResources.properties index ab61b8d0d..5bc85fdf6 100644 --- a/id/ConfigWebTool/src/main/resources/applicationResources.properties +++ b/id/ConfigWebTool/src/main/resources/applicationResources.properties @@ -96,6 +96,7 @@ webpages.mainpage.menu.general.adminrequests=Offene Anfragen webpages.moaconfig.save.success=Die MOA-ID Konfiguration wurde erfolgreich gespeichert. webpages.moaconfig.header=Allgemeine Konfiguration +webpages.oaconfig.general.publicURLPreFix=Public URL Prefix webpages.moaconfig.defaultbkus.header=Default BKUs webpages.moaconfig.slrequesttemplates.header=SecurtiyLayer Request Templates webpages.moaconfig.slrequesttemplates.local=Locale BKU @@ -314,6 +315,8 @@ validation.edituser.password.equal=Die Passw\u00F6rter sind nicht identisch. validation.edituser.bpk.valid=Die BPK enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0} validation.general.SAML1SourceID=Die SAML1SourceID enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0} +validation.general.publicURLprefix.empty=Public URL Prefix Feld ist leer. +validation.general.publicURLprefix.valid=Public URL Prefix hat kein g\u00F6ltiges Format. validation.general.certStoreDirectory.empty=CertStoreDirectory Feld ist leer. validation.general.certStoreDirectory.valid=Das CertStoreDirectory Feld enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0} validation.general.Defaultchainigmode.empty=Es wurde kein DefaultChainingMode gew\u00E4hlt. diff --git a/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp b/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp index 604080d21..bdafdd40a 100644 --- a/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp +++ b/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp @@ -33,6 +33,14 @@ <s:if test="authUser.isAdmin()"> <s:form namespace="/secure" method="POST" enctype="multipart/form-data"> + + <s:textfield name="moaconfig.publicURLPrefix" + value="%{moaconfig.publicURLPrefix}" + labelposition="left" + key="webpages.oaconfig.general.publicURLPreFix" + cssClass="textfield_long"> + </s:textfield> + <div class="oa_config_block"> <h3><%=LanguageHelper.getGUIString("webpages.moaconfig.defaultbkus.header", request) %></h3> @@ -200,12 +208,12 @@ <div class="oa_config_block" > <h3><%=LanguageHelper.getGUIString("webpages.moaconfig.sso.header", request) %></h3> - <s:textfield name="moaconfig.ssoPublicUrl" +<%-- <s:textfield name="moaconfig.ssoPublicUrl" value="%{moaconfig.ssoPublicUrl}" labelposition="left" key="webpages.moaconfig.sso.PublicUrl" cssClass="textfield_long"> - </s:textfield> + </s:textfield> --%> <s:textfield name="moaconfig.ssoFriendlyName" value="%{moaconfig.ssoFriendlyName}" labelposition="left" @@ -321,12 +329,12 @@ <div class="moageneral_protocol_area"> <h4><%=LanguageHelper.getGUIString("webpages.moaconfig.protocols.pvp2.header", request) %></h4> - <s:textfield name="moaconfig.pvp2PublicUrlPrefix " +<%-- <s:textfield name="moaconfig.pvp2PublicUrlPrefix " value="%{moaconfig.pvp2PublicUrlPrefix}" labelposition="left" key="webpages.moaconfig.protocols.pvp2.PublicUrlPrefix" cssClass="textfield_long"> - </s:textfield> + </s:textfield> --%> <s:textfield name="moaconfig.pvp2IssuerName" value="%{moaconfig.pvp2IssuerName}" labelposition="left" diff --git a/id/ConfigWebTool/src/main/webapp/jsp/editOAGeneral.jsp b/id/ConfigWebTool/src/main/webapp/jsp/editOAGeneral.jsp index fadf528d1..e182fd805 100644 --- a/id/ConfigWebTool/src/main/webapp/jsp/editOAGeneral.jsp +++ b/id/ConfigWebTool/src/main/webapp/jsp/editOAGeneral.jsp @@ -336,12 +336,13 @@ </s:checkbox> </s:if> - <s:textfield name="ssoOA.singleLogOutURL" +<%--TODO: insert if SLO is implemented!!!--%> +<%-- <s:textfield name="ssoOA.singleLogOutURL" value="%{ssoOA.singleLogOutURL}" labelposition="left" key="webpages.oaconfig.sso.singlelogouturl" cssClass="textfield_long"> - </s:textfield> + </s:textfield> --%> </div> </div> diff --git a/id/server/auth/src/main/webapp/WEB-INF/web.xml b/id/server/auth/src/main/webapp/WEB-INF/web.xml index dadca355c..0ef8a568c 100644 --- a/id/server/auth/src/main/webapp/WEB-INF/web.xml +++ b/id/server/auth/src/main/webapp/WEB-INF/web.xml @@ -74,13 +74,13 @@ <description>Verify AUTH block coming from security layer</description> <servlet-class>at.gv.egovernment.moa.id.auth.servlet.VerifyAuthenticationBlockServlet</servlet-class> </servlet> - <servlet> +<!-- <servlet> <servlet-name>ConfigurationUpdate</servlet-name> <display-name>ConfigurationUpdate</display-name> <description>Update MOA-ID Auth configuration from the configuration file</description> <servlet-class>at.gv.egovernment.moa.id.auth.servlet.ConfigurationServlet</servlet-class> - </servlet> + </servlet> --> <servlet> <servlet-name>AxisServlet</servlet-name> <display-name>Apache-Axis Servlet</display-name> @@ -196,10 +196,10 @@ <servlet-name>VerifyAuthBlock</servlet-name> <url-pattern>/VerifyAuthBlock</url-pattern> </servlet-mapping> - <servlet-mapping> +<!-- <servlet-mapping> <servlet-name>ConfigurationUpdate</servlet-name> <url-pattern>/ConfigurationUpdate</url-pattern> - </servlet-mapping> + </servlet-mapping> --> <servlet-mapping> <servlet-name>AxisServlet</servlet-name> <url-pattern>/services/*</url-pattern> @@ -235,7 +235,7 @@ <error-code>500</error-code> <location>/errorpage.jsp</location> </error-page> - <security-constraint> +<!-- <security-constraint> <web-resource-collection> <web-resource-name>ConfigurationUpdate</web-resource-name> <url-pattern>/ConfigurationUpdate</url-pattern> @@ -243,7 +243,7 @@ <auth-constraint> <role-name>moa-admin</role-name> </auth-constraint> - </security-constraint> + </security-constraint> --> <login-config> <auth-method>BASIC</auth-method> <realm-name>UserDatabase</realm-name> diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java index 25e73d595..ce5aa15c3 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java @@ -811,9 +811,9 @@ public class AuthenticationServer implements MOAIDAuthConstants { if (session.isSsoRequested()) { - String oaURL =new String(); + String oaURL = new String(); try { - oaURL = AuthConfigurationProvider.getInstance().getSSOPublicUrl(); + oaURL = AuthConfigurationProvider.getInstance().getPublicURLPrefix(); if (MiscUtil.isNotEmpty(oaURL)) oaURL = oaURL.replaceAll("&", "&"); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java index f0de8b2e3..71d2aae37 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java @@ -205,26 +205,13 @@ public class StartAuthentificationParameterParser implements MOAIDAuthConstants{ authURL = authURL.concat(":" + req.getServerPort()); } authURL = authURL.concat(req.getContextPath() + "/"); - - if (isEmpty(authURL)) - throw new WrongParametersException("StartAuthentication", - "AuthURL", "auth.05"); - - // check if HTTP Connection may be allowed (through - // FRONTEND_SERVLETS_ENABLE_HTTP_CONNECTION_PROPERTY) - //INFO: removed from MOA-ID 2.0 Config -// String boolStr = AuthConfigurationProvider -// .getInstance() -// .getGenericConfigurationParameter( -// AuthConfigurationProvider.FRONTEND_SERVLETS_ENABLE_HTTP_CONNECTION_PROPERTY); - - if ((!authURL.startsWith("https:")) -// && (false == BoolUtils.valueOf(boolStr)) - ) + + if (!authURL.startsWith("https:")) throw new AuthenticationException("auth.07", new Object[] { authURL + "*" }); - moasession.setAuthURL(authURL); + //set Auth URL from configuration + moasession.setAuthURL(AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "/"); //check and set SourceID if (oaParam.getSAML1Parameter() != null) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ConfigurationServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ConfigurationServlet.java deleted file mode 100644 index 0c2bb66c0..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ConfigurationServlet.java +++ /dev/null @@ -1,133 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.id.auth.servlet; - -import java.io.IOException; -import java.text.DateFormat; -import java.util.Date; -import java.util.Locale; - -import javax.servlet.ServletConfig; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServlet; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; -import at.gv.egovernment.moa.id.auth.MOAIDAuthInitializer; -import at.gv.egovernment.moa.id.util.HTTPRequestJSPForwarder; -import at.gv.egovernment.moa.id.util.MOAIDMessageProvider; -import at.gv.egovernment.moa.logging.Logger; - -/** - * Servlet requested for updating the MOA-ID Auth configuration from configuration file - * - * @author Paul Ivancsics - * @version $Id$ - */ -public class ConfigurationServlet extends HttpServlet { - - /** - * - */ - private static final long serialVersionUID = 7455620886605337681L; - -/** - * Handle a HTTP GET request, used to indicated that the MOA - * configuration needs to be updated (reloaded). - * - * @see javax.servlet.http.HttpServlet#doGet(HttpServletRequest, HttpServletResponse) - */ - public void doGet(HttpServletRequest request, HttpServletResponse response) - throws ServletException, IOException { - - - response.setHeader(MOAIDAuthConstants.HEADER_EXPIRES,MOAIDAuthConstants.HEADER_VALUE_EXPIRES); - response.setHeader(MOAIDAuthConstants.HEADER_PRAGMA,MOAIDAuthConstants.HEADER_VALUE_PRAGMA); - response.setHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL); - response.addHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL_IE); - - MOAIDMessageProvider msg = MOAIDMessageProvider.getInstance(); - - try { - MOAIDAuthInitializer.initialized=false; - MOAIDAuthInitializer.initialize(); - String message = msg.getMessage("config.00", new Object[] - { DateFormat.getTimeInstance(DateFormat.MEDIUM, Locale.GERMAN).format(new Date())} ); - - Logger.info(message); - HTTPRequestJSPForwarder.forwardNamed(message, "/message-auth.jsp", getServletContext(), request, response); - - } catch (Throwable t) { - String errorMessage = msg.getMessage("config.04", null); - Logger.error(errorMessage, t); - HTTPRequestJSPForwarder.forwardNamed(errorMessage, "/message-auth.jsp", getServletContext(), request, response); - } - } - - /** - * Do the same as <code>doGet</code>. - * - * @see javax.servlet.http.HttpServlet#doPost(HttpServletRequest, HttpServletResponse) - */ - public void doPost(HttpServletRequest request, HttpServletResponse response) - throws ServletException, IOException { - doGet(request, response); - } - - /** - * Calls the web application initializer. - * - * @see javax.servlet.Servlet#init(ServletConfig) - */ - public void init(ServletConfig servletConfig) throws ServletException { - super.init(servletConfig); - } - -} - - diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java index deec69c7f..0a0355bd7 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java @@ -57,17 +57,17 @@ public class GenerateIFrameTemplateServlet extends AuthServlet { private static final long serialVersionUID = 1L; public void init(ServletConfig servletConfig) throws ServletException { - try { - super.init(servletConfig); - MOAIDAuthInitializer.initialize(); - Logger.debug("default platform file.encoding: " + System.getProperty("file.encoding")); - Logger.info(MOAIDMessageProvider.getInstance().getMessage("init.00", null)); - } - catch (Exception ex) { - Logger.fatal(MOAIDMessageProvider.getInstance().getMessage("init.02", null), ex); - throw new ServletException(ex); - } - } +// try { +// super.init(servletConfig); +// MOAIDAuthInitializer.initialize(); +// Logger.debug("default platform file.encoding: " + System.getProperty("file.encoding")); +// Logger.info(MOAIDMessageProvider.getInstance().getMessage("init.00", null)); +// } +// catch (Exception ex) { +// Logger.fatal(MOAIDMessageProvider.getInstance().getMessage("init.02", null), ex); +// throw new ServletException(ex); +// } + } protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java index c87a17c7f..f3495966a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java @@ -123,15 +123,15 @@ public class LogOutServlet extends AuthServlet { * @see javax.servlet.Servlet#init(ServletConfig) */ public void init(ServletConfig servletConfig) throws ServletException { - try { - super.init(servletConfig); - MOAIDAuthInitializer.initialize(); - Logger.info(MOAIDMessageProvider.getInstance().getMessage("init.00", null)); - } - catch (Exception ex) { - Logger.fatal(MOAIDMessageProvider.getInstance().getMessage("init.02", null), ex); - throw new ServletException(ex); - } +// try { +// super.init(servletConfig); +// MOAIDAuthInitializer.initialize(); +// Logger.info(MOAIDMessageProvider.getInstance().getMessage("init.00", null)); +// } +// catch (Exception ex) { +// Logger.fatal(MOAIDMessageProvider.getInstance().getMessage("init.02", null), ex); +// throw new ServletException(ex); +// } } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java index 5471c03f5..b2c47fac0 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java @@ -417,7 +417,7 @@ public class CreateXMLSignatureResponseValidator { String oaURL; try { - oaURL = AuthConfigurationProvider.getInstance().getSSOPublicUrl(); + oaURL = AuthConfigurationProvider.getInstance().getPublicURLPrefix(); } catch (ConfigurationException e1) { oaURL = new String(); } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java index c0f47d781..1a3c1b0a1 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java @@ -212,6 +212,8 @@ public class AuthConfigurationProvider extends ConfigurationProvider { private static Date date = null; + private String publicURLPreFix = null; + /** * Return the single instance of configuration data. * @@ -487,32 +489,41 @@ public class AuthConfigurationProvider extends ConfigurationProvider { //set TrustManagerRevocationChecking setTrustManagerRevocationChecking(); - //set TimeOuts - if (auth.getGeneralConfiguration() != null) { - if (auth.getGeneralConfiguration().getTimeOuts() != null) { - - timeouts = new TimeOuts(); - if (auth.getGeneralConfiguration().getTimeOuts().getAssertion() == null) - timeouts.setAssertion(new BigInteger("120")); - else - timeouts.setAssertion(auth.getGeneralConfiguration().getTimeOuts().getAssertion()); - - if (auth.getGeneralConfiguration().getTimeOuts().getMOASessionCreated() == null) - timeouts.setMOASessionCreated(new BigInteger("2700")); - else - timeouts.setMOASessionCreated(auth.getGeneralConfiguration().getTimeOuts().getMOASessionCreated()); - - if (auth.getGeneralConfiguration().getTimeOuts().getMOASessionUpdated() == null) - timeouts.setMOASessionUpdated(new BigInteger("1200")); - else - timeouts.setMOASessionUpdated(auth.getGeneralConfiguration().getTimeOuts().getMOASessionUpdated()); - } - } - else { - Logger.warn("Error in MOA-ID Configuration. No TimeOuts defined."); - throw new ConfigurationException("config.02", null); - } + //set default timeouts + timeouts = new TimeOuts(); + timeouts.setAssertion(new BigInteger("300")); + timeouts.setMOASessionCreated(new BigInteger("2700")); + timeouts.setMOASessionUpdated(new BigInteger("1200")); + //search timeouts in config + if (auth.getGeneralConfiguration() != null) { + if (auth.getGeneralConfiguration().getTimeOuts() != null) { + if (auth.getGeneralConfiguration().getTimeOuts().getAssertion() != null) + timeouts.setAssertion(auth.getGeneralConfiguration().getTimeOuts().getAssertion()); + + if (auth.getGeneralConfiguration().getTimeOuts().getMOASessionCreated() != null) + timeouts.setMOASessionCreated(auth.getGeneralConfiguration().getTimeOuts().getMOASessionCreated()); + + if (auth.getGeneralConfiguration().getTimeOuts().getMOASessionUpdated() != null) + timeouts.setMOASessionUpdated(auth.getGeneralConfiguration().getTimeOuts().getMOASessionUpdated()); + + } else { + Logger.info("No TimeOuts defined. Use default values"); + } + } + + // sets the authentication session and authentication data time outs + AuthenticationServer.getInstance() + .setSecondsSessionTimeOutCreated(timeouts.getMOASessionCreated().longValue()); + + AuthenticationServer.getInstance() + .setSecondsSessionTimeOutUpdated(timeouts.getMOASessionUpdated().longValue()); + + AuthenticationServer.getInstance() + .setSecondsAuthDataTimeOut(timeouts.getAssertion().longValue()); + + + //set PVP2 general config Protocols protocols = auth.getProtocols(); if (protocols != null) { @@ -569,39 +580,21 @@ public class AuthConfigurationProvider extends ConfigurationProvider { } //set alternativeSourceID - if (auth.getGeneralConfiguration() != null) + if (auth.getGeneralConfiguration() != null) { //TODO: can be removed in a further version, because it is moved to SAML1 config if (MiscUtil.isEmpty(alternativesourceid)) alternativesourceid = auth.getGeneralConfiguration().getAlternativeSourceID(); - - // sets the authentication session and authentication data time outs - BigInteger param = auth.getGeneralConfiguration().getTimeOuts().getMOASessionCreated(); - - if (param != null) { - long sessionTimeOut = param.longValue(); - if (sessionTimeOut > 0) - AuthenticationServer.getInstance() - .setSecondsSessionTimeOutCreated(sessionTimeOut); - } - - param = auth.getGeneralConfiguration().getTimeOuts().getMOASessionUpdated(); - if (param != null) { - long sessionTimeOut = param.longValue(); - if (sessionTimeOut > 0) - AuthenticationServer.getInstance() - .setSecondsSessionTimeOutUpdated(sessionTimeOut); - } - - param = auth.getGeneralConfiguration().getTimeOuts().getAssertion(); - if (param != null) { - long authDataTimeOut = param.longValue(); - if (authDataTimeOut > 0) - AuthenticationServer.getInstance() - .setSecondsAuthDataTimeOut(authDataTimeOut); - } - - else { + + if (MiscUtil.isNotEmpty(auth.getGeneralConfiguration().getPublicURLPreFix())) + publicURLPreFix = auth.getGeneralConfiguration().getPublicURLPreFix(); + + else { + Logger.error("No Public URL Prefix configured."); + throw new ConfigurationException("config.05", new Object[]{"Public URL Prefix"}); + } + + } else { Logger.warn("Error in MOA-ID Configuration. No GeneralConfig defined."); throw new ConfigurationException("config.02", null); } @@ -947,16 +940,6 @@ public class AuthConfigurationProvider extends ConfigurationProvider { return new String(); } - public String getSSOPublicUrl() { - if (ssoconfig!= null) { - String url = ssoconfig.getPublicURL(); - if (MiscUtil.isEmpty(url)) - url = new String(); - return url; - } - return new String(); - } - public String getMOASessionEncryptionKey() { String prop = props.getProperty("configuration.moasession.key"); @@ -1005,6 +988,10 @@ public class AuthConfigurationProvider extends ConfigurationProvider { return Boolean.valueOf(prop); } + public String getPublicURLPrefix() { + return publicURLPreFix; + } + /** * Retruns the STORK Configuration * @return STORK Configuration diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java index a45eb2b9e..3af8bcfe5 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java @@ -86,7 +86,7 @@ public class DispatcherServlet extends AuthServlet{ null), ex); throw new ServletException(ex); } - Logger.info("Dispatcher Servlet initialization"); + Logger.info("Dispatcher Servlet initialization finished."); } protected void processRequest(HttpServletRequest req, diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java index 90863890f..666224b3a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java @@ -238,8 +238,9 @@ public class AuthenticationManager extends AuthServlet { //Build authentication form + String publicURLPreFix = AuthConfigurationProvider.getInstance().getPublicURLPrefix(); String loginForm = LoginFormBuilder.buildLoginForm(target.requestedModule(), - target.requestedAction(), oaParam, request.getContextPath(), moasession.getSessionID()); + target.requestedAction(), oaParam, publicURLPreFix, moasession.getSessionID()); //store MOASession try { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/PVPConfiguration.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/PVPConfiguration.java index bf82efb79..ebfffb648 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/PVPConfiguration.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/PVPConfiguration.java @@ -124,7 +124,7 @@ public class PVPConfiguration { } public String getIDPPublicPath() throws ConfigurationException { - String publicPath = AuthConfigurationProvider.getInstance().getGeneralPVP2DBConfig().getPublicURLPrefix(); + String publicPath = AuthConfigurationProvider.getInstance().getPublicURLPrefix(); if(publicPath != null) { if(publicPath.endsWith("/")) { int length = publicPath.length(); diff --git a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties index 93e8cdb99..2559d3d18 100644 --- a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties +++ b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties @@ -69,7 +69,7 @@ config.15=Das Personenbindungs-Trust-Profil (TrustProfileID \= {0}) darf nicht f config.16=MOA ID Proxy konnte nicht gestartet werden. Das Element ConnnectionParameter im allgemeinen Konfigurationsteil der MOA-ID-PROXY Konfigurationsdatei fehlt.
config.17=Fehler beim initialisieren von Hibernate
config.18=Keine MOA-ID 2.x Konfiguration gefunden.
-config.19=Kein Schl?ssel f\u00FCr die Resignierung der Personenbindung gefunden.
+config.19=Kein Schl\u00FCssel f\u00FCr die Resignierung der Personenbindung gefunden.
config.20=Umgebungsvariable "moa.id.proxy.configuration" nicht gesetzt
parser.00=Leichter Fehler beim Parsen: {0}
diff --git a/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd b/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd index 2461e1274..e6705dbb8 100644 --- a/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd +++ b/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd @@ -857,6 +857,7 @@ <xsd:element name="AlternativeSourceID" type="xsd:string"/> <xsd:element name="CertStoreDirectory" type="xsd:anyURI"/> <xsd:element name="TrustManagerRevocationChecking" type="xsd:boolean" default="true"/> + <xsd:element name="PublicURLPreFix" type="xsd:string"/> </xsd:sequence> </xsd:complexType> </xsd:element> |