aboutsummaryrefslogtreecommitdiff
path: root/spss.slinterface
diff options
context:
space:
mode:
authorgregor <gregor@d688527b-c9ab-4aba-bd8d-4036d912da1d>2003-12-01 09:29:01 +0000
committergregor <gregor@d688527b-c9ab-4aba-bd8d-4036d912da1d>2003-12-01 09:29:01 +0000
commit1bfa47c942022dbf4b294cdd494b728deb84298b (patch)
tree0cbd96b0997f1c3ddbd0fe5b8ab6305a58a2281d /spss.slinterface
parent75181af53bbe97bee472e5e8923c54bbd06ac32b (diff)
downloadmoa-id-spss-1bfa47c942022dbf4b294cdd494b728deb84298b.tar.gz
moa-id-spss-1bfa47c942022dbf4b294cdd494b728deb84298b.tar.bz2
moa-id-spss-1bfa47c942022dbf4b294cdd494b728deb84298b.zip
Zwischenstand
git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/trunk@65 d688527b-c9ab-4aba-bd8d-4036d912da1d
Diffstat (limited to 'spss.slinterface')
-rw-r--r--spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/Constants.java1
-rw-r--r--spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/DOMUtils.java126
-rw-r--r--spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/beans/ChecksInfoBean.java165
-rw-r--r--spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/beans/DataInfoBean.java25
-rw-r--r--spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/beans/SignerInfoBean.java127
-rw-r--r--spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/filters/SL2MOAFilter.java46
-rw-r--r--spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/servlets/ReturnServlet.java (renamed from spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/servlets/ResultServlet.java)4
-rw-r--r--spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/transformers/MOA2SL.java17
-rw-r--r--spss.slinterface/pages/resultOverview.jsp167
-rw-r--r--spss.slinterface/res/resources/schemas/MOA-SPSS-1.2.xsd17
10 files changed, 672 insertions, 23 deletions
diff --git a/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/Constants.java b/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/Constants.java
index cb37fe843..434643d16 100644
--- a/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/Constants.java
+++ b/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/Constants.java
@@ -53,6 +53,7 @@ public class Constants
public static final String NSURI_MOA_12_ = "http://reference.e-government.gv.at/namespace/moa/20020822#";
public static final String NSURI_NAMESPACES_ = "http://www.w3.org/2000/xmlns/";
public static final String NSURI_XML_ = "http://www.w3.org/XML/1998/namespace";
+ public static final String NSURI_DSIG_ = "http://www.w3.org/2000/09/xmldsig#";
// Namespace prefixes
public static final String NSPRE_SL_10_ = "sl10";
diff --git a/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/DOMUtils.java b/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/DOMUtils.java
new file mode 100644
index 000000000..8bc23efa9
--- /dev/null
+++ b/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/DOMUtils.java
@@ -0,0 +1,126 @@
+/*
+ * Created on 28.11.2003
+ *
+ * (c) Stabsstelle IKT-Strategie des Bundes
+ */
+package at.gv.egovernment.moa.spss.slinterface;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import org.w3c.dom.Element;
+import org.w3c.dom.Node;
+import org.w3c.dom.NodeList;
+
+/**
+ * @author Gregor Karlinger (mailto:gregor.karlinger@cio.gv.at)
+ */
+public class DOMUtils
+{
+ /* ---------------------------------------------------------------------------------------------------- */
+
+ /**
+ * Gets the first text node of the specified element.
+ *
+ * @param elem The element.
+ *
+ * @return the first text node of the specified element, or <code>null</code> if <code>element</code>
+ * equals <code>null</code>, or if the element has no text node.
+ */
+ public static String getText(Element elem)
+ {
+ if (elem == null) return null;
+ NodeList childNodes = elem.getChildNodes();
+ for (int i = 0; i < childNodes.getLength(); i++)
+ {
+ Node currNode = childNodes.item(i);
+ if (currNode.getNodeType() == Node.TEXT_NODE) return currNode.getNodeValue();
+ }
+ return null;
+ }
+
+ /* ---------------------------------------------------------------------------------------------------- */
+
+ /**
+ * Gets the first text node of the specified child element from the specified parent element.
+ *
+ * @param parent The parent.
+ *
+ * @param childNS The namespace of the child element.
+ *
+ * @param childLocName The local name of the child element.
+ *
+ * @return the first text node of the specified child, or <code>null</code> if <code>parent</code> equals
+ * <code>null</code> or has no child element with the specified namespace and local name, or if
+ * the child element has no text node.
+ */
+ public static String getChildText(Element parent, String childNS, String childLocName)
+ {
+ if (parent == null) return null;
+ Element child = getChildElem(parent, childNS, childLocName);
+ if (child == null) return null;
+ return getText(child);
+ }
+
+ /* ---------------------------------------------------------------------------------------------------- */
+
+ /**
+ * Gets the first child element of the specified parent with the specified namspace and local name.
+ *
+ * @param parent The parent.
+ *
+ * @param childNS The namespace of the child element to be searched for.
+ *
+ * @param childLocName The local name of the child element to be searched for.
+ *
+ * @return the first child element as described above, or <code>null</code> if <code>parent</code> is
+ * null or has no child elements with for the specified namespace and local name.
+ */
+ public static Element getChildElem(Element parent, String childNS, String childLocName)
+ {
+ List childElems = getChildElems(parent, childNS, childLocName, true);
+ return (childElems == null) ? null : (Element) childElems.get(0);
+ }
+
+ /* ---------------------------------------------------------------------------------------------------- */
+
+ /**
+ * Gets all or the first child element(s) of the specified parent with the specified namspace and local
+ * name.
+ *
+ * @param parent The parent.
+ *
+ * @param childNS The namespace of the child elements to be searched for.
+ *
+ * @param childLocName The local name of the child elements to be searched for.
+ *
+ * @param firstOnly Specifies wheter only the first or all child elements with the specified namespace and
+ * local name should be returned.
+ *
+ * @return a <code>java.util.List</code> with objects of type <code>org.w3c.dom.Element</code>; each
+ * element in the list represents a child element as specified above. If <code>parent</code>
+ * equals <code>null</code>, or if there are no child elements as specified above, <code>null
+ * </code> will be returned.
+ */
+ public static List getChildElems(Element parent, String childNS, String childLocName, boolean firstOnly)
+ {
+ if (parent == null) return null;
+
+ ArrayList childElems = new ArrayList();
+ NodeList childNodes = parent.getChildNodes();
+ for (int i = 0; i < childNodes.getLength(); i++)
+ {
+ Node currNode = childNodes.item(i);
+ if (currNode.getNodeType() == Node.ELEMENT_NODE)
+ {
+ Element currElem = (Element) currNode;
+ if (childNS.equals(currElem.getNamespaceURI()) && childLocName.equals(currElem.getLocalName()))
+ {
+ childElems.add(currElem);
+ if (firstOnly) break;
+ }
+ }
+ }
+ return (childElems.size() == 0) ? null : childElems;
+ }
+}
diff --git a/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/beans/ChecksInfoBean.java b/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/beans/ChecksInfoBean.java
new file mode 100644
index 000000000..00c9fd517
--- /dev/null
+++ b/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/beans/ChecksInfoBean.java
@@ -0,0 +1,165 @@
+/*
+ * Created on 27.11.2003
+ *
+ * (c) Stabsstelle IKT-Strategie des Bundes
+ */
+package at.gv.egovernment.moa.spss.slinterface.beans;
+
+import java.util.List;
+
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+
+import at.gv.egovernment.moa.spss.slinterface.Constants;
+import at.gv.egovernment.moa.spss.slinterface.DOMUtils;
+
+/**
+ * @author Gregor Karlinger (mailto:gregor.karlinger@cio.gv.at)
+ */
+public class ChecksInfoBean
+{
+ private static final String SIG_CHECK_ELEM_ = "SignatureCheck";
+ private static final String SIGMF_CHECK_ELEM_ = "SignatureManifestCheck";
+ private static final String XMLDSIGMF_CHECK_ELEM_ = "XMLDSIGManifestCheck";
+ private static final String CERT_CHECK_ELEM_ = "CertificateCheck";
+ private static final String CODE_ELEM_ = "Code";
+ private static final String INFO_ELEM_ = "Info";
+ private static final String FAILEDREF_ELEM_ = "FailedReference";
+ private static final String REFSIGREF_ELEM_ = "ReferringSigReference";
+
+ private Element sigCheckElem_;
+ private int sigCheckFaildRefCount_;
+
+ private Element sigMFCheckElem_;
+ private int sigMFCheckFaildRefCount_;
+
+ private List xmldsigMFCheckElems_;
+ private int xmldsigMFCheckCount_;
+ private int xmldsigMFCheckFaildRefCount_;
+
+ private Element certCheckElem_;
+
+ /**
+ * Creates a bean with information about the checks executed for the verified xml signature.
+ *
+ * @pre slResponseDoc has been validated.
+ */
+ public ChecksInfoBean(Document slResponseDoc)
+ {
+ Element verifyXMLResponseElem = slResponseDoc.getDocumentElement();
+ sigCheckElem_ = DOMUtils.getChildElem(
+ verifyXMLResponseElem, Constants.NSURI_SL_11_, SIG_CHECK_ELEM_);
+ sigMFCheckElem_ = DOMUtils.getChildElem(
+ verifyXMLResponseElem, Constants.NSURI_SL_11_, SIGMF_CHECK_ELEM_);
+ xmldsigMFCheckElems_ = DOMUtils.getChildElems(
+ verifyXMLResponseElem, Constants.NSURI_SL_11_, XMLDSIGMF_CHECK_ELEM_, false);
+ certCheckElem_ = DOMUtils.getChildElem(
+ verifyXMLResponseElem, Constants.NSURI_SL_11_, CERT_CHECK_ELEM_);
+
+ sigCheckFaildRefCount_ = 0;
+ sigMFCheckFaildRefCount_ = 0;
+ xmldsigMFCheckFaildRefCount_ = 0;
+ xmldsigMFCheckCount_ = 0;
+ }
+
+ /* ---------------------------------------------------------------------------------------------------- */
+
+ public String getSigCheckCode()
+ {
+ return DOMUtils.getChildText(sigCheckElem_, Constants.NSURI_SL_11_, CODE_ELEM_);
+ }
+
+ /* ---------------------------------------------------------------------------------------------------- */
+
+ public void setSigCheckFailedRefCount(int count)
+ {
+ sigCheckFaildRefCount_ = count;
+ }
+
+ /* ---------------------------------------------------------------------------------------------------- */
+
+ public String getSigCheckFailedRef()
+ {
+ Element info = DOMUtils.getChildElem(sigCheckElem_, Constants.NSURI_SL_11_, INFO_ELEM_);
+ if (info == null) return null;
+ List failedRefElems = DOMUtils.getChildElems(info, Constants.NSURI_SL_11_, FAILEDREF_ELEM_, false);
+ if (failedRefElems == null || failedRefElems.size() <= sigCheckFaildRefCount_) return null;
+ return DOMUtils.getText((Element)failedRefElems.get(sigCheckFaildRefCount_));
+ }
+
+ /* ---------------------------------------------------------------------------------------------------- */
+
+ public String getSigMFCheckCode()
+ {
+ return DOMUtils.getChildText(sigMFCheckElem_, Constants.NSURI_SL_11_, CODE_ELEM_);
+ }
+
+ /* ---------------------------------------------------------------------------------------------------- */
+
+ public void setSigMFCheckFailedRefCount(int count)
+ {
+ sigMFCheckFaildRefCount_ = count;
+ }
+
+ /* ---------------------------------------------------------------------------------------------------- */
+
+ public String getSigMFCheckFailedRef()
+ {
+ Element info = DOMUtils.getChildElem(sigMFCheckElem_, Constants.NSURI_SL_11_, INFO_ELEM_);
+ if (info == null) return null;
+ List failedRefElems = DOMUtils.getChildElems(info, Constants.NSURI_SL_11_, FAILEDREF_ELEM_, false);
+ if (failedRefElems == null || failedRefElems.size() <= sigMFCheckFaildRefCount_) return null;
+ return DOMUtils.getText((Element)failedRefElems.get(sigMFCheckFaildRefCount_));
+ }
+
+ /* ---------------------------------------------------------------------------------------------------- */
+
+ public void setXmldsigMFCheckCount(int count)
+ {
+ xmldsigMFCheckCount_ = count;
+ }
+
+ /* ---------------------------------------------------------------------------------------------------- */
+
+ public void setXmldsigMFCheckFailedRefCount(int count)
+ {
+ xmldsigMFCheckFaildRefCount_ = count;
+ }
+
+ /* ---------------------------------------------------------------------------------------------------- */
+
+ public String getXmldsigMFCheckCode()
+ {
+ Element xmldsigMFCheckElem = (Element)xmldsigMFCheckElems_.get(xmldsigMFCheckCount_);
+ return DOMUtils.getChildText(xmldsigMFCheckElem, Constants.NSURI_SL_11_, CODE_ELEM_);
+ }
+
+ /* ---------------------------------------------------------------------------------------------------- */
+
+ public String getXmldsigMFCheckFailedRef()
+ {
+ Element xmldsigMFCheckElem = (Element)xmldsigMFCheckElems_.get(xmldsigMFCheckCount_);
+ Element info = DOMUtils.getChildElem(xmldsigMFCheckElem, Constants.NSURI_SL_11_, INFO_ELEM_);
+ if (info == null) return null;
+ List failedRefElems = DOMUtils.getChildElems(info, Constants.NSURI_SL_11_, FAILEDREF_ELEM_, false);
+ if (failedRefElems == null || failedRefElems.size() <= xmldsigMFCheckFaildRefCount_) return null;
+ return DOMUtils.getText((Element)failedRefElems.get(xmldsigMFCheckFaildRefCount_));
+ }
+
+ /* ---------------------------------------------------------------------------------------------------- */
+
+ public String getXmldsigMFCheckReferringSigRef()
+ {
+ Element xmldsigMFCheckElem = (Element)xmldsigMFCheckElems_.get(xmldsigMFCheckCount_);
+ Element info = DOMUtils.getChildElem(xmldsigMFCheckElem, Constants.NSURI_SL_11_, INFO_ELEM_);
+ if (info == null) return null;
+ return DOMUtils.getChildText(info, Constants.NSURI_SL_11_, REFSIGREF_ELEM_);
+ }
+
+ /* ---------------------------------------------------------------------------------------------------- */
+
+ public String getCertCheckCode()
+ {
+ return DOMUtils.getChildText(certCheckElem_, Constants.NSURI_SL_10_, CODE_ELEM_);
+ }
+}
diff --git a/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/beans/DataInfoBean.java b/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/beans/DataInfoBean.java
new file mode 100644
index 000000000..1a64312d7
--- /dev/null
+++ b/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/beans/DataInfoBean.java
@@ -0,0 +1,25 @@
+/*
+ * Created on 27.11.2003
+ *
+ * (c) Stabsstelle IKT-Strategie des Bundes
+ */
+package at.gv.egovernment.moa.spss.slinterface.beans;
+
+import org.w3c.dom.Document;
+
+/**
+ * @author Gregor Karlinger (mailto:gregor.karlinger@cio.gv.at)
+ */
+public class DataInfoBean
+{
+
+ /**
+ *
+ */
+ public DataInfoBean(Document slResponseDoc)
+ {
+ super();
+ // TODO Auto-generated constructor stub
+ }
+
+}
diff --git a/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/beans/SignerInfoBean.java b/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/beans/SignerInfoBean.java
new file mode 100644
index 000000000..2893b2ac3
--- /dev/null
+++ b/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/beans/SignerInfoBean.java
@@ -0,0 +1,127 @@
+/*
+ * Created on 27.11.2003
+ *
+ * (c) Stabsstelle IKT-Strategie des Bundes
+ */
+package at.gv.egovernment.moa.spss.slinterface.beans;
+
+import iaik.asn1.ObjectID;
+import iaik.asn1.structures.Name;
+import iaik.utils.RFC2253NameParser;
+import iaik.utils.RFC2253NameParserException;
+
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+
+import at.gv.egovernment.moa.spss.slinterface.Constants;
+import at.gv.egovernment.moa.spss.slinterface.DOMUtils;
+
+/**
+ * @author Gregor Karlinger (mailto:gregor.karlinger@cio.gv.at)
+ */
+public class SignerInfoBean
+{
+ private static final String SIGNERINFO_ELEM_ = "SignerInfo";
+ private static final String X509DATA_ELEM_ = "X509Data";
+ private static final String X509SUBJNAME_ELEM_ = "X509SubjectName";
+ private static final String X509ISSUERSERIAL_ELEM_ = "X509IssuerSerial";
+ private static final String SERIAL_ELEM_ = "X509SerialNumber";
+ private static final String ISSUER_ELEM_ = "X509IssuerName";
+ private static final String QUALCERT_ELEM_ = "QualifiedCertificate";
+
+ private Element signerInfoElem_;
+
+ private String subjectNameItemSel_;
+ private String issuerNameItemSel_;
+
+ /* ---------------------------------------------------------------------------------------------------- */
+
+ public SignerInfoBean(Document slResponseDoc)
+ {
+ Element verifyXMLResponseElem = slResponseDoc.getDocumentElement();
+ signerInfoElem_ = DOMUtils.getChildElem(
+ verifyXMLResponseElem, Constants.NSURI_SL_11_, SIGNERINFO_ELEM_);
+
+ subjectNameItemSel_ = "2.5.4.3";
+ issuerNameItemSel_ = "2.5.4.3";
+ }
+
+ /* ---------------------------------------------------------------------------------------------------- */
+
+ public void setSubjectNameItemSel(String selector)
+ {
+ subjectNameItemSel_ = selector;
+ }
+
+ /* ---------------------------------------------------------------------------------------------------- */
+
+ public String getSubjectNameItem()
+ {
+ Element x509DataElem = DOMUtils.getChildElem(signerInfoElem_, Constants.NSURI_DSIG_, X509DATA_ELEM_);
+ String subjectNameStr = DOMUtils.getChildText(x509DataElem, Constants.NSURI_DSIG_, X509SUBJNAME_ELEM_);
+ if (subjectNameStr == null) return null;
+ return getRDN(subjectNameStr, subjectNameItemSel_);
+ }
+
+ /* ---------------------------------------------------------------------------------------------------- */
+
+ public String getSerial()
+ {
+ Element x509DataElem = DOMUtils.getChildElem(signerInfoElem_, Constants.NSURI_DSIG_, X509DATA_ELEM_);
+ Element iSElem = DOMUtils.getChildElem(x509DataElem, Constants.NSURI_DSIG_, X509ISSUERSERIAL_ELEM_);
+ return DOMUtils.getChildText(iSElem, Constants.NSURI_DSIG_, SERIAL_ELEM_);
+ }
+
+ /* ---------------------------------------------------------------------------------------------------- */
+
+ public void setIssuerNameItemSel(String selector)
+ {
+ issuerNameItemSel_ = selector;
+ }
+
+ /* ---------------------------------------------------------------------------------------------------- */
+
+ public String getIssuerNameItem()
+ {
+ Element x509DataElem = DOMUtils.getChildElem(signerInfoElem_, Constants.NSURI_DSIG_, X509DATA_ELEM_);
+ Element iSElem = DOMUtils.getChildElem(x509DataElem, Constants.NSURI_DSIG_, X509ISSUERSERIAL_ELEM_);
+ String issuerNameStr = DOMUtils.getChildText(iSElem, Constants.NSURI_DSIG_, ISSUER_ELEM_);
+ if (issuerNameStr == null) return null;
+ return getRDN(issuerNameStr, issuerNameItemSel_);
+ }
+
+ /* ---------------------------------------------------------------------------------------------------- */
+
+ public boolean getIsQualified()
+ {
+ Element x509DataElem = DOMUtils.getChildElem(signerInfoElem_, Constants.NSURI_DSIG_, X509DATA_ELEM_);
+ Element qCElem = DOMUtils.getChildElem(x509DataElem, Constants.NSURI_SL_11_, QUALCERT_ELEM_);
+ return (qCElem != null);
+ }
+
+ /* ---------------------------------------------------------------------------------------------------- */
+
+ private String getRDN(String nameStr, String oidStr)
+ {
+ try
+ {
+ RFC2253NameParser nameParser = new RFC2253NameParser(nameStr);
+ Name name = nameParser.parse();
+ ObjectID oid = ObjectID.getObjectID(oidStr);
+ if (oid == null) return null;
+ String[] rdns = name.getRDNs(oid);
+ if (rdns == null) return null;
+ StringBuffer rdnsStr = new StringBuffer();
+ for (int i = 0; i < rdns.length; i++)
+ {
+ if (i > 0) rdnsStr.append(", ");
+ rdnsStr.append(rdns[i]);
+ }
+ return rdnsStr.toString();
+ }
+ catch (RFC2253NameParserException e)
+ {
+ return null;
+ }
+ }
+}
diff --git a/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/filters/SL2MOAFilter.java b/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/filters/SL2MOAFilter.java
index 08b8635ba..f4a4a1243 100644
--- a/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/filters/SL2MOAFilter.java
+++ b/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/filters/SL2MOAFilter.java
@@ -20,6 +20,7 @@ import java.util.Properties;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
+import javax.servlet.RequestDispatcher;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
@@ -44,6 +45,9 @@ import org.xml.sax.InputSource;
import org.xml.sax.SAXException;
import at.gv.egovernment.moa.spss.slinterface.Constants;
+import at.gv.egovernment.moa.spss.slinterface.beans.ChecksInfoBean;
+import at.gv.egovernment.moa.spss.slinterface.beans.DataInfoBean;
+import at.gv.egovernment.moa.spss.slinterface.beans.SignerInfoBean;
import at.gv.egovernment.moa.spss.slinterface.moainvoker.MOAInvoker;
import at.gv.egovernment.moa.spss.slinterface.servlets.SLRequest;
import at.gv.egovernment.moa.spss.slinterface.transformers.MOA2SL;
@@ -106,34 +110,54 @@ public class SL2MOAFilter implements Filter
ResponseWrapper responseWrapper = new ResponseWrapper((HttpServletResponse) response);
chain.doFilter(requestWrapper, responseWrapper);
- // Transform MOA response into a SL response
+ // Parse MOA response
DOMParser xmlParser = (DOMParser) config_.getServletContext().getAttribute(Constants.WSCP_XMLPARSER_);
ServletOutputStream moaResponseSOS = (ServletOutputStream) responseWrapper.getOutputStream();
ByteArrayInputStream moaResponseBIS = new ByteArrayInputStream(moaResponseSOS.toByteArray());
InputSource responseSource = new InputSource(moaResponseBIS);
- Document slResponseDoc;
+ Document moaResponseDoc;
try
{
xmlParser.parse(responseSource);
- Document moaResponseDoc = xmlParser.getDocument();
- slResponseDoc = MOA2SL.toSlVerifyXMLSignatureResponse(moaResponseDoc);
+ moaResponseDoc = xmlParser.getDocument();
}
catch (SAXException e)
{
- String message = "Transforming MOA XML response into SL XML response failed.";
+ String message = "Parsing MOA XML response failed.";
logger_.error(message, e);
throw new ServletException(message, e);
}
+
+ // Create bean with info about signed data
+ DataInfoBean dataInfo = new DataInfoBean(moaResponseDoc);
+ request.setAttribute("dataInfo", dataInfo);
+
+ // Transform MOA response into a SL response
+ Document slResponseDoc;
+ slResponseDoc = MOA2SL.toSlVerifyXMLSignatureResponse(moaResponseDoc);
session.setAttribute("slResponseDoc", slResponseDoc);
- String continueURL = ((HttpServletRequest) request).getContextPath() + "/results";
- continueURL = ((HttpServletResponse) response).encodeURL(continueURL);
- String responseStr = "<html><body><a href=\"" + continueURL + ">Und weiter geht es ...</a></body></html>";
+ // Create bean with info about signer
+ SignerInfoBean signerInfo = new SignerInfoBean(slResponseDoc);
+ request.setAttribute("signerInfo", signerInfo);
+
+ // Create bean with info about checks
+ ChecksInfoBean checksInfo = new ChecksInfoBean(slResponseDoc);
+ request.setAttribute("checksInfo", checksInfo);
+ // Include jsp page, which writes the overview information about the verified signature
response.setContentType("text/html");
- OutputStream responseOS = response.getOutputStream();
- responseOS.write(responseStr.getBytes("UTF-8"));
- responseOS.flush();
+ try
+ {
+ RequestDispatcher dispatcher = request.getRequestDispatcher("/pages/resultOverview.jsp");
+ dispatcher.include(request, response);
+ }
+ catch (IOException e)
+ {
+ String message = "Failed to create result overview page.";
+ logger_.error(message, e);
+ throw new ServletException(message, e);
+ }
}
/* ---------------------------------------------------------------------------------------------------- */
diff --git a/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/servlets/ResultServlet.java b/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/servlets/ReturnServlet.java
index 67397a1ee..c37e6f697 100644
--- a/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/servlets/ResultServlet.java
+++ b/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/servlets/ReturnServlet.java
@@ -27,7 +27,7 @@ import at.gv.egovernment.moa.spss.slinterface.moainvoker.MOAInvoker;
/**
* @author Gregor Karlinger (mailto:gregor.karlinger@cio.gv.at)
*/
-public class ResultServlet extends HttpServlet
+public class ReturnServlet extends HttpServlet
{
private static Logger logger_ = Logger.getLogger(Constants.LH_SERVLETS_);
@@ -35,7 +35,7 @@ public class ResultServlet extends HttpServlet
/**
* Default constructor.
*/
- public ResultServlet()
+ public ReturnServlet()
{
super();
}
diff --git a/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/transformers/MOA2SL.java b/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/transformers/MOA2SL.java
index a85917d81..2e82d4d32 100644
--- a/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/transformers/MOA2SL.java
+++ b/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/transformers/MOA2SL.java
@@ -10,6 +10,7 @@ import java.util.HashMap;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
+import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
import at.gv.egovernment.moa.spss.slinterface.Constants;
@@ -73,14 +74,18 @@ public class MOA2SL
nsTransforms.clear();
nsTransforms.put(Constants.NSURI_SL_11_, Constants.NSURI_SL_10_);
nameTransforms.clear();
- NodeList signatureCheckChildren = signatureCheckElem.getElementsByTagName("*");
- ArrayList signatureCheckChildrenList = new ArrayList(signatureCheckChildren.getLength());
- for (int i = 0; i < signatureCheckChildren.getLength(); i++)
+ Element certCheckElem = (Element) verifyResponseElem.getElementsByTagNameNS(
+ Constants.NSURI_SL_11_, "CertificateCheck").item(0);
+ NodeList certCheckChildren = certCheckElem.getChildNodes();
+ ArrayList certCheckChildElemsList = new ArrayList(certCheckChildren.getLength());
+ for (int i = 0; i < certCheckChildren.getLength(); i++)
{
- signatureCheckChildrenList.add(signatureCheckChildren.item(i));
+ Node currentNode = certCheckChildren.item(i);
+ if (currentNode.getNodeType() == Node.ELEMENT_NODE)
+ certCheckChildElemsList.add(certCheckChildren.item(i));
}
- for (int i = 0; i < signatureCheckChildrenList.size(); i++)
- Utils.transformDeep((Element) signatureCheckChildrenList.get(i), prefixMap, nsTransforms,
+ for (int i = 0; i < certCheckChildElemsList.size(); i++)
+ Utils.transformDeep((Element) certCheckChildElemsList.get(i), prefixMap, nsTransforms,
nameTransforms);
return moaVerifyXMLSignatureResponse;
diff --git a/spss.slinterface/pages/resultOverview.jsp b/spss.slinterface/pages/resultOverview.jsp
new file mode 100644
index 000000000..5a29e5b4c
--- /dev/null
+++ b/spss.slinterface/pages/resultOverview.jsp
@@ -0,0 +1,167 @@
+<%@ page contentType="text/html; charset=ISO-8859-1" %>
+
+<jsp:useBean
+ id="checksInfo"
+ class="at.gv.egovernment.moa.spss.slinterface.beans.ChecksInfoBean" scope="request">
+</jsp:useBean>
+
+<jsp:useBean
+ id="signerInfo"
+ class="at.gv.egovernment.moa.spss.slinterface.beans.SignerInfoBean" scope="request">
+</jsp:useBean>
+
+<html>
+ <head>
+ <head><title>Resultate der Signaturpr&uuml;fung</title></head>
+ </head>
+ <body>
+ <h1>Informationen zum Unterzeichner</h1>
+
+ <!-- ######################################################### -->
+ <!-- Name des Unterzeichners -->
+ <!-- ######################################################### -->
+
+ <h2>Name des Unterzeichners</h2>
+ <p>
+ <%
+ String[] subOIDNames = new String[]{"2.5.4.3", "2.5.4.11", "2.5.4.10", "2.5.4.6"}; // CN, OU, O, C
+ String[] subOIDRegNames = new String[]{"CN", "OU", "O", "C"};
+ for (int i = 0; i < subOIDNames.length; i++)
+ {
+ signerInfo.setSubjectNameItemSel(subOIDNames[i]);
+ String currSubjectNameRDN = signerInfo.getSubjectNameItem();
+ if (currSubjectNameRDN != null)
+ {
+ out.print(subOIDRegNames[i] + ": " + currSubjectNameRDN);
+ %>
+ <br/>
+ <%
+ }
+ }
+ %>
+ </p>
+
+ <!-- ######################################################### -->
+ <!-- Name des Ausstellers -->
+ <!-- ######################################################### -->
+
+ <h2>Name des Ausstellers</h2>
+ <p>
+ <%
+ String[] issuerOIDNames = new String[]{"2.5.4.3", "2.5.4.11", "2.5.4.10", "2.5.4.6"}; // CN, OU, O, C
+ String[] issuerOIDRegNames = new String[]{"CN", "OU", "O", "C"};
+ for (int i = 0; i < issuerOIDNames.length; i++)
+ {
+ signerInfo.setIssuerNameItemSel(issuerOIDNames[i]);
+ String currIssuerNameRDN = signerInfo.getIssuerNameItem();
+ if (currIssuerNameRDN != null)
+ {
+ out.print(issuerOIDRegNames[i] + ": " + currIssuerNameRDN);
+ %>
+ <br/>
+ <%
+ }
+ }
+ %>
+ </p>
+
+ <!-- ######################################################### -->
+ <!-- Seriennummer des Zertifikats -->
+ <!-- ######################################################### -->
+
+ <h2>Seriennummer des Zertifikats</h2>
+ <p>
+ Seriennummer:
+ <%
+ out.print(signerInfo.getSerial());
+ %>
+ </p>
+
+ <!-- ######################################################### -->
+ <!-- Qualifiziertes Zertifikat? -->
+ <!-- ######################################################### -->
+
+ <h2>Qualit�t des Zertifikats</h2>
+ <p>
+ Das Zertifikat ist ein
+ <% out.print(signerInfo.getIsQualified() ? "qualifiziertes" : "gew�hnliches"); %>
+ Zertifikat.
+ </p>
+
+
+ <h1>Pr�fungen</h1>
+
+ <!-- ######################################################### -->
+ <!-- Signaturpr�fung -->
+ <!-- ######################################################### -->
+
+ <h2>Signaturpr�fung</h2>
+ <p>
+ <%
+ String [] sigCheckMsgs = new String[]
+ {
+ "Die �berpr�fung der Hash-Werte und des Werts der Signatur konnte erfolgreich durchgef�hrt werden.",
+ "Bei der �berpr�fung des Hash-Werts zumindest einer dsig:Reference der Signatur ist ein Fehler aufgetreten. Der Wert der Signatur (dsig:SignatureValue) wurde nicht �berpr�ft.",
+ "Die �berpr�fung der Hash-Werte konnte erfolgreich durchgef�hrt werden. Beim �berpr�fen des Werts der Signatur (dsig:SignatureValue) ist jedoch ein Fehler aufgetreten."
+ };
+
+ int sigCheckCode = Integer.parseInt(checksInfo.getSigCheckCode());
+ out.print(sigCheckMsgs[sigCheckCode]);
+ %>
+ <br/>
+ <%
+ if (sigCheckCode == 1)
+ {
+ %>
+ Fehlerhafte Referenzen:
+ <%
+ int count = 0;
+ do
+ {
+ checksInfo.setSigCheckFailedRefCount(count);
+ String failedRef = checksInfo.getSigCheckFailedRef();
+ if (null == failedRef) break;
+ if (count > 0) out.print(", ");
+ out.print(failedRef);
+ count++;
+ }
+ while (true);
+ }
+ %>
+ </p>
+
+ <!-- ######################################################### -->
+ <!-- Signaturmanifestpr�fung -->
+ <!-- ######################################################### -->
+
+ <!-- Aus der Sicht des B�rgers nicht sinnvoll -->
+
+ <!-- ######################################################### -->
+ <!-- XMLDSIG-Manifestpr�fung -->
+ <!-- ######################################################### -->
+
+ <!-- Derzeit nicht implementiert, Bean "checksInfo" enth�lt allerdings alle notwendigen Infos -->
+
+ <!-- ######################################################### -->
+ <!-- Zertifikatspr�fung -->
+ <!-- ######################################################### -->
+
+ <h2>Zertifikatspr�fung</h2>
+ <p>
+ <%
+ String [] certCheckMsgs = new String[]
+ {
+ "Eine formal korrekte Zertifikatskette vom Signatorzertifikat zu einem vertrauensw�rdigen Wurzelzertifikat konnte konstruiert werden. Jedes Zertifikat dieser Kette ist zum in der Anfrage angegebenen Pr�fzeitpunkt g�ltig.",
+ "Es konnte keine formal korrekte Zertifikatskette vom Signatorzertifikat zu einem vertrauensw�rdigen Wurzelzertifikat konstruiert werden.",
+ "Eine formal korrekte Zertifikatskette vom Signatorzertifikat zu einem vertrauensw�rdigen Wurzelzertifikat konnte konstruiert werden. F�r zumindest ein Zertifikat dieser Kette f�llt der Pr�fzeitpunkt nicht in das G�ltigkeitsintervall.",
+ "Eine formal korrekte Zertifikatskette vom Signatorzertifikat zu einem vertrauensw�rdigen Wurzelzertifikat konnte konstruiert werden. F�r alle Zertifikate dieser Kette f�llt der Pr�fzeitpunkt in das jeweilige G�ltigkeitsintervall. F�r zumindest ein Zertifikat konnte der Zertifikatstatus nicht festgestellt werden.",
+ "Eine formal korrekte Zertifikatskette vom Signatorzertifikat zu einem vertrauensw�rdigen Wurzelzertifikat konnte konstruiert werden. F�r alle Zertifikate dieser Kette f�llt der Pr�fzeitpunkt in das jeweilige G�ltigkeitsintervall. Zumindest ein Zertifikat ist zum Pr�fzeitpunkt widerrufen.",
+ "Eine formal korrekte Zertifikatskette vom Signatorzertifikat zu einem vertrauensw�rdigen Wurzelzertifikat konnte konstruiert werden. F�r alle Zertifikate dieser Kette f�llt der Pr�fzeitpunkt in das jeweilige G�ltigkeitsintervall. Kein Zertifikat dieser Kette ist zum Pr�fzeitpunkt widerrufen. Zumindest ein Zertifikat ist zum Pr�fzeitpunkt gesperrt.",
+ "Die Pr�fung der Signaturpr�fdaten wurde nicht durchgef�hrt, da bei der Pr�fung der G�ltigkeit der Signatur ein Fehler aufgetreten ist."
+ };
+ int certCheckCode = Integer.parseInt(checksInfo.getCertCheckCode());
+ certCheckCode = (certCheckCode == 99) ? 6 : certCheckCode;
+ out.print(certCheckMsgs[certCheckCode]);
+ %>
+ </body>
+</html> \ No newline at end of file
diff --git a/spss.slinterface/res/resources/schemas/MOA-SPSS-1.2.xsd b/spss.slinterface/res/resources/schemas/MOA-SPSS-1.2.xsd
index f0a53cfa0..d7a06d6e7 100644
--- a/spss.slinterface/res/resources/schemas/MOA-SPSS-1.2.xsd
+++ b/spss.slinterface/res/resources/schemas/MOA-SPSS-1.2.xsd
@@ -3,8 +3,8 @@
MOA SP/SS 1.2 Schema
-->
<xsd:schema targetNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://reference.e-government.gv.at/namespace/moa/20020822#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.2">
- <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd"/>
- <xsd:import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="xml.xsd"/>
+ <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/>
+ <xsd:import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="http://www.w3.org/2001/xml.xsd"/>
<!--########## Create XML Signature ###-->
<!--### Create XML Signature Request ###-->
<xsd:element name="CreateXMLSignatureRequest">
@@ -173,6 +173,15 @@
<xsd:any namespace="##other" minOccurs="0" maxOccurs="unbounded"/>
</xsd:sequence>
</xsd:complexType>
+ <xsd:complexType name="FinalDataMetaInfoType">
+ <xsd:complexContent>
+ <xsd:extension base="MetaInfoType">
+ <xsd:sequence>
+ <xsd:element name="Type" type="xsd:anyURI" minOccurs="0"/>
+ </xsd:sequence>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
<xsd:complexType name="DataObjectInfoType">
<xsd:sequence>
<xsd:element name="DataObject">
@@ -202,7 +211,7 @@
<xsd:complexType name="TransformsInfoType">
<xsd:sequence>
<xsd:element ref="dsig:Transforms" minOccurs="0"/>
- <xsd:element name="FinalDataMetaInfo" type="MetaInfoType"/>
+ <xsd:element name="FinalDataMetaInfo" type="FinalDataMetaInfoType"/>
</xsd:sequence>
</xsd:complexType>
<xsd:complexType name="XMLDataObjectAssociationType">
@@ -257,7 +266,7 @@
<xsd:restriction base="CheckResultType">
<xsd:sequence>
<xsd:element name="Code" type="xsd:nonNegativeInteger"/>
- <xsd:element name="Info" type="ManifestRefsCheckResultInfoType"/>
+ <xsd:element name="Info" type="ManifestRefsCheckResultInfoType"/>
</xsd:sequence>
</xsd:restriction>
</xsd:complexContent>
generated by cgit v1.2.3 (git 2.25.1) at 2025-03-31 02:36:46 +0000