diff options
10 files changed, 316 insertions, 16 deletions
diff --git a/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/Constants.java b/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/Constants.java index 434643d16..6dbba7f89 100644 --- a/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/Constants.java +++ b/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/Constants.java @@ -19,6 +19,7 @@ public class Constants public static final String IP_MOA2SL_STYLESHEET_ = "location.stylesheet.moa2sl"; public static final String IP_SL_SCHEMA_ = "location.schema.sl"; public static final String IP_MOA_SCHEMA_ = "location.schema.moa"; + public static final String IP_TEMP_DIR_ = "location.tempdir"; public static final String IP_SP_ENDPOINT_ = "service.sp.endpoint"; public static final String IP_SP_TRUSTPROFILEID_ = "service.sp.trustProfileId"; @@ -28,6 +29,7 @@ public class Constants public static final String LH_LISTENERS_ = LH_BASE_ + ".listeners"; public static final String LH_FILTERS_ = LH_BASE_ + ".filters"; public static final String LH_SERVLETS_ = LH_BASE_ + ".servlets"; + public static final String LH_BEANS_ = LH_BASE_ + ".beans"; public static final String LH_TEST_ = LH_BASE_ + ".test"; // Web service context parameters diff --git a/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/Utils.java b/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/Utils.java index 8c1292734..50ae5dc03 100644 --- a/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/Utils.java +++ b/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/Utils.java @@ -8,6 +8,7 @@ package at.gv.egovernment.moa.spss.slinterface; import java.io.ByteArrayOutputStream; import java.io.IOException; import java.io.InputStream; +import java.io.OutputStream; /** * @author Gregor Karlinger (mailto:gregor.karlinger@cio.gv.at) @@ -30,4 +31,21 @@ public class Utils while (bytesRead != -1); return result.toByteArray(); } + + /* ---------------------------------------------------------------------------------------------------- */ + + public static void transferStreams(InputStream in, OutputStream out) throws IOException + { + byte[] currentBytes = new byte[500]; + int bytesRead; + do + { + bytesRead = in.read(currentBytes); + if (bytesRead > 0) + { + out.write(currentBytes, 0, bytesRead); + } + } + while (bytesRead != -1); + } } diff --git a/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/beans/DataInfoBean.java b/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/beans/DataInfoBean.java index 1a64312d7..3e23c9eb0 100644 --- a/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/beans/DataInfoBean.java +++ b/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/beans/DataInfoBean.java @@ -5,21 +5,157 @@ */ package at.gv.egovernment.moa.spss.slinterface.beans; +import iaik.utils.Util; + +import java.io.File; +import java.io.FileOutputStream; +import java.io.IOException; +import java.util.ArrayList; +import java.util.List; +import java.util.Properties; +import java.util.Random; + +import javax.servlet.ServletContext; +import javax.servlet.http.HttpSession; +import javax.servlet.http.HttpSessionBindingEvent; +import javax.servlet.http.HttpSessionBindingListener; + +import org.apache.log4j.Logger; import org.w3c.dom.Document; +import org.w3c.dom.Element; + +import at.gv.egovernment.moa.spss.slinterface.Constants; +import at.gv.egovernment.moa.spss.slinterface.DOMUtils; /** * @author Gregor Karlinger (mailto:gregor.karlinger@cio.gv.at) */ -public class DataInfoBean +public class DataInfoBean implements HttpSessionBindingListener { + private static Logger logger_ = Logger.getLogger(Constants.LH_BEANS_); + + private static final String HID_ELEM_ = "HashInputData"; + private static final String B64CONT_ELEM_ = "Base64Content"; + private static final String XMLCONT_ELEM_ = "XMLContent"; + + private static final String HID_URL_PREFIX_ = "/showdata?hidCount="; + + List hashInputDataFilenames_; + int hashInputDataCount_; + + /* ---------------------------------------------------------------------------------------------------- */ + + public DataInfoBean(Document moaResponseDoc, ServletContext context, HttpSession session) + throws IOException + { + hashInputDataFilenames_ = new ArrayList(); + int hashInputDataCount_ = 0; + + Element moaResponseElem = moaResponseDoc.getDocumentElement(); + List hidElems = DOMUtils.getChildElems(moaResponseElem, Constants.NSURI_MOA_12_, HID_ELEM_, false); + + Properties initProps = (Properties) context.getAttribute(Constants.WSCP_INIT_PROPS_); + String tempDir = initProps.getProperty(Constants.IP_TEMP_DIR_); + if (tempDir == null) + { + String message = "Init property \"" + Constants.IP_TEMP_DIR_ + "\" not set."; + logger_.error(message); + throw new IOException(message); + } + + Random random = new Random(); + for (int i = 0; i < hidElems.size(); i++) + { + // Open file for current hash input data + String currHidFileNameStr = tempDir + session.getId() + "_" + System.currentTimeMillis() + "_" + + random.nextLong(); + currHidFileNameStr = context.getRealPath(currHidFileNameStr); + FileOutputStream currHidFOS; + try + { + currHidFOS = new FileOutputStream(currHidFileNameStr); + } + catch (IOException e) + { + String message = "Cannot open file \"" + currHidFileNameStr + "\"."; + logger_.error(message); + throw new IOException(message); + } + + // Write HID to file + Element currHidElem = (Element) hidElems.get(i); + Element base64ContentElem = DOMUtils.getChildElem(currHidElem, Constants.NSURI_MOA_12_, B64CONT_ELEM_); + if (base64ContentElem != null) + { + // HID is base64 + + String base64ContentText = DOMUtils.getText(base64ContentElem); + byte[] content = Util.Base64Decode(base64ContentText.getBytes()); + try + { + currHidFOS.write(content); + currHidFOS.close(); + } + catch (IOException e) + { + String message = "Cannot write to file \"" + currHidFileNameStr + "\"."; + logger_.error(message); + throw new IOException(message); + } + } + else + { + // HID is XML + + // TODO treatment of XML content + throw new RuntimeException("XML content not support yet."); + } + + hashInputDataFilenames_.add(currHidFileNameStr); + } + } + + /* ---------------------------------------------------------------------------------------------------- */ + + public void valueBound(HttpSessionBindingEvent event) + { + // Do nothing. + } + + /* ---------------------------------------------------------------------------------------------------- */ + + public void valueUnbound(HttpSessionBindingEvent event) + { + // Delete all temporary hash input data files + for (int i = 0; i < hashInputDataFilenames_.size(); i++) + { + String currFileStr = (String) hashInputDataFilenames_.get(i); + File currFile = new File(currFileStr); + currFile.delete(); + } + } + + /* ---------------------------------------------------------------------------------------------------- */ + + public void setHashInputDataCount(int count) + { + hashInputDataCount_ = count; + } + + /* ---------------------------------------------------------------------------------------------------- */ - /** - * - */ - public DataInfoBean(Document slResponseDoc) + public String getHashInputDataFilename() { - super(); - // TODO Auto-generated constructor stub + return (String) hashInputDataFilenames_.get(hashInputDataCount_); } + /* ---------------------------------------------------------------------------------------------------- */ + + public String getHashInputDataURL() + { + + return (hashInputDataFilenames_.size() > hashInputDataCount_) + ? HID_URL_PREFIX_ + hashInputDataCount_ + : null; + } } diff --git a/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/filters/SL2MOAFilter.java b/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/filters/SL2MOAFilter.java index f4a4a1243..9a4529565 100644 --- a/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/filters/SL2MOAFilter.java +++ b/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/filters/SL2MOAFilter.java @@ -10,7 +10,6 @@ import java.io.ByteArrayOutputStream; import java.io.CharArrayReader; import java.io.IOException; import java.io.InputStream; -import java.io.OutputStream; import java.io.Reader; import java.util.Iterator; import java.util.List; @@ -129,8 +128,8 @@ public class SL2MOAFilter implements Filter } // Create bean with info about signed data - DataInfoBean dataInfo = new DataInfoBean(moaResponseDoc); - request.setAttribute("dataInfo", dataInfo); + DataInfoBean dataInfo = new DataInfoBean(moaResponseDoc, config_.getServletContext(), session); + session.setAttribute("dataInfo", dataInfo); // Transform MOA response into a SL response Document slResponseDoc; diff --git a/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/servlets/HashInputDataServlet.java b/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/servlets/HashInputDataServlet.java new file mode 100644 index 000000000..193a15a9e --- /dev/null +++ b/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/servlets/HashInputDataServlet.java @@ -0,0 +1,91 @@ +/* + * Created on 01.12.2003 + * + * (c) Stabsstelle IKT-Strategie des Bundes + */ +package at.gv.egovernment.moa.spss.slinterface.servlets; + +import java.io.FileInputStream; +import java.io.OutputStream; + +import javax.servlet.ServletException; +import javax.servlet.http.HttpServlet; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.servlet.http.HttpSession; + +import org.apache.log4j.Logger; + +import at.gv.egovernment.moa.spss.slinterface.Constants; +import at.gv.egovernment.moa.spss.slinterface.Utils; +import at.gv.egovernment.moa.spss.slinterface.beans.DataInfoBean; + +/** + * @author Gregor Karlinger (mailto:gregor.karlinger@cio.gv.at) + */ +public class HashInputDataServlet extends HttpServlet +{ + private static Logger logger_ = Logger.getLogger(Constants.LH_SERVLETS_); + + /** + * Default constructor. + */ + public HashInputDataServlet() + { + super(); + } + + public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException + { + // Get DataInfoBean object from session + HttpSession session = request.getSession(false); + if (session == null) + { + String message = "No session available."; + logger_.error(message); + throw new ServletException(message); + } + DataInfoBean dataInfo = (DataInfoBean) session.getAttribute("dataInfo"); + + // Get parameter inicating which hash input data file to show + String hidCountStr = request.getParameter("hidCount"); + if (hidCountStr == null) + { + String message = "Parameter \"hidCount\" not available in request."; + logger_.error(message); + throw new ServletException(message); + } + int hidCount = -1; + try + { + hidCount = Integer.parseInt(hidCountStr); + } + catch (NumberFormatException e) + { + String message = "Parameter \"hidCount\" (\"" + hidCount + "\") is not a valid string representation of an integer."; + logger_.error(message, e); + throw new ServletException(message, e); + } + + // Get file name of temporary HID file + dataInfo.setHashInputDataCount(hidCount); + String hidFilename = dataInfo.getHashInputDataFilename(); + + // Set response headers + response.setContentType("application/octet-stream"); + + // Write content from temporary HID file to response OS + try + { + FileInputStream hidFIS = new FileInputStream(hidFilename); + OutputStream responseOS = response.getOutputStream(); + Utils.transferStreams(hidFIS, responseOS); + } + catch (Exception e) + { + String message = "Writing hash input data to response stream failed."; + logger_.error(message, e); + throw new ServletException(message, e); + } + } +} diff --git a/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/servlets/ReturnServlet.java b/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/servlets/ReturnServlet.java index c37e6f697..052c51f94 100644 --- a/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/servlets/ReturnServlet.java +++ b/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/servlets/ReturnServlet.java @@ -46,7 +46,7 @@ public class ReturnServlet extends HttpServlet HttpSession session = request.getSession(false); if (session == null) { - String message = "No session available"; + String message = "No session available."; logger_.error(message); throw new ServletException(message); } diff --git a/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/transformers/SL2MOA.java b/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/transformers/SL2MOA.java index 11855242e..6c476e9ce 100644 --- a/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/transformers/SL2MOA.java +++ b/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/transformers/SL2MOA.java @@ -77,6 +77,11 @@ public class SL2MOA // Convert SL request into MOA request verifyRequestElem = Utils.transformDeep(verifyRequestElem, prefixMap, nsTransforms, nameTransforms); + // Add ReturnHashInputData element + Element returnHashInputDataElem = slVerifyXMLSignatureRequest.createElementNS( + Constants.NSURI_MOA_12_, Constants.NSPRE_MOA_12_ + ":ReturnHashInputData"); + verifyRequestElem.appendChild(returnHashInputDataElem); + // Add trust profile ID element Element trustProfileIDElem = slVerifyXMLSignatureRequest.createElementNS( Constants.NSURI_MOA_12_, Constants.NSPRE_MOA_12_ + ":TrustProfileID"); diff --git a/spss.slinterface/WEB-INF/web.xml b/spss.slinterface/WEB-INF/web.xml index b2907b1f2..6d282bd1c 100644 --- a/spss.slinterface/WEB-INF/web.xml +++ b/spss.slinterface/WEB-INF/web.xml @@ -41,10 +41,19 @@ </servlet> <servlet> - <servlet-name>ResultServlet</servlet-name> - <display-name>Result servlet</display-name> + <servlet-name>HashInputDataServlet</servlet-name> + <display-name>Displays a particular hash input data</display-name> <servlet-class> - at.gv.egovernment.moa.spss.slinterface.servlets.ResultServlet + at.gv.egovernment.moa.spss.slinterface.servlets.HashInputDataServlet + </servlet-class> + <load-on-startup>0</load-on-startup> + </servlet> + + <servlet> + <servlet-name>ReturnServlet</servlet-name> + <display-name>Return servlet</display-name> + <servlet-class> + at.gv.egovernment.moa.spss.slinterface.servlets.ReturnServlet </servlet-class> <load-on-startup>0</load-on-startup> </servlet> @@ -60,8 +69,13 @@ </servlet-mapping> <servlet-mapping> - <servlet-name>ResultServlet</servlet-name> - <url-pattern>/results</url-pattern> + <servlet-name>HashInputDataServlet</servlet-name> + <url-pattern>/showdata</url-pattern> + </servlet-mapping> + + <servlet-mapping> + <servlet-name>ReturnServlet</servlet-name> + <url-pattern>/return</url-pattern> </servlet-mapping> </web-app> diff --git a/spss.slinterface/pages/resultOverview.jsp b/spss.slinterface/pages/resultOverview.jsp index 5a29e5b4c..deaa43709 100644 --- a/spss.slinterface/pages/resultOverview.jsp +++ b/spss.slinterface/pages/resultOverview.jsp @@ -10,6 +10,11 @@ class="at.gv.egovernment.moa.spss.slinterface.beans.SignerInfoBean" scope="request">
</jsp:useBean>
+<jsp:useBean
+ id="dataInfo"
+ class="at.gv.egovernment.moa.spss.slinterface.beans.DataInfoBean" scope="session">
+</jsp:useBean>
+
<html>
<head>
<head><title>Resultate der Signaturprüfung</title></head>
@@ -163,5 +168,33 @@ certCheckCode = (certCheckCode == 99) ? 6 : certCheckCode;
out.print(certCheckMsgs[certCheckCode]);
%>
+
+ <!-- ######################################################### -->
+ <!-- Signierte Daten -->
+ <!-- ######################################################### -->
+
+ <h1>Signierte Daten</h1>
+ <p>
+ <%
+ int i = 0;
+ do
+ {
+ dataInfo.setHashInputDataCount(i);
+ String hashDataInputURL = dataInfo.getHashInputDataURL();
+ if (hashDataInputURL == null) break;
+ if (i > 0) out.println("<br/>");
+ out.print("<a href=\"" + response.encodeURL(request.getContextPath() + dataInfo.getHashInputDataURL()) + "\">");
+ out.print("Datum Nr." + (i + 1) + "</a>");
+ i++;
+ }
+ while (true);
+ %>
+ </p>
+
+ <p>
+ <a href="<% out.print(response.encodeURL(request.getContextPath() + "/return")); %>">
+ Zurück zur Anwendung ...</a>
+ </p>
+
</body>
</html>
\ No newline at end of file diff --git a/spss.slinterface/res/resources/properties/init.properties b/spss.slinterface/res/resources/properties/init.properties index 0946d3817..e6f1cbb91 100644 --- a/spss.slinterface/res/resources/properties/init.properties +++ b/spss.slinterface/res/resources/properties/init.properties @@ -4,5 +4,7 @@ location.stylesheet.moa2sl = /WEB-INF/classes/resources/stylesheets/moa2sl.xsl location.schema.sl = /WEB-INF/classes/resources/schemas/Core.20031231.xsd location.schema.moa = /WEB-INF/classes/resources/schemas/MOA-SPSS-1.2.xsd +location.tempdir = /workDir/temp/ + service.sp.endpoint = http://localhost:8080/moa-spss/services/SignatureVerification service.sp.trustProfileId = TrustProfile1
\ No newline at end of file |