aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--id/server/doc/moa_id/id-anwendung_1.htm2
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java8
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationAssertionBuilder.java22
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java5
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilder.java49
-rw-r--r--id/server/idserverlib/src/test/java/test/abnahme/A/Test300VerifyAuthBlock.java2
-rw-r--r--id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilderTest.java8
-rw-r--r--id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParserTest.java12
-rw-r--r--id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/proxy/builder/SAMLRequestBuilderTest.java2
-rw-r--r--pom.xml6
-rw-r--r--repository/iaik/prod/iaik_moa/1.32/iaik_moa-1.32.jarbin0 -> 729266 bytes
-rw-r--r--repository/iaik/prod/iaik_moa/1.32/iaik_moa-1.32.pom6
-rw-r--r--repository/iaik/prod/iaik_moa/maven-metadata-MOA.xml2
-rw-r--r--repository/iaik/prod/iaik_moa/maven-metadata-local.xml4
-rw-r--r--spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java33
-rw-r--r--spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java3
-rw-r--r--spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/IaikExceptionMapper.java2
17 files changed, 100 insertions, 66 deletions
diff --git a/id/server/doc/moa_id/id-anwendung_1.htm b/id/server/doc/moa_id/id-anwendung_1.htm
index ad45ff7e1..561f3f556 100644
--- a/id/server/doc/moa_id/id-anwendung_1.htm
+++ b/id/server/doc/moa_id/id-anwendung_1.htm
@@ -94,7 +94,7 @@ StartAuthentication?Target=<geschäftsbereich>
</tr>
<tr>
<td id="klein2">sourceID=&lt;sourceID&gt;</td>
- <td id="klein2">optional; Gibt eine sourceID an, die (wenn sie gesetzt ist) in der SAML-Assertion aufscheint</td>
+ <td id="klein2">optional; Gibt eine sourceID an, die (wenn sie gesetzt ist) zur Berechnung des SAML-Artifacts herangezogen wird.</td>
</tr>
</tbody>
</table>
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
index 5eb23cabc..093d22732 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
@@ -1538,7 +1538,6 @@ public class AuthenticationServer implements MOAIDAuthConstants {
session.getBkuURL(),
session.getAssertionSignerCertificateBase64(),
session.getAssertionBusinessService(),
- session.getSourceID(),
session.getExtendedSAMLAttributesOA());
authData.setSamlAssertion(samlAssertion);
@@ -1554,7 +1553,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
}
String samlArtifact =
- new SAMLArtifactBuilder().build(session.getAuthURL(), session.getSessionID());
+ new SAMLArtifactBuilder().build(session.getAuthURL(), session.getSessionID(), session.getSourceID());
storeAuthenticationData(samlArtifact, authData);
// invalidates the authentication session
@@ -1717,7 +1716,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
}
String samlArtifact =
- new SAMLArtifactBuilder().build(session.getAuthURL(), session.getSessionID());
+ new SAMLArtifactBuilder().build(session.getAuthURL(), session.getSessionID(), session.getSourceID());
storeAuthenticationData(samlArtifact, authData);
// invalidates the authentication session
@@ -1816,7 +1815,6 @@ public class AuthenticationServer implements MOAIDAuthConstants {
session.getBkuURL(),
session.getAssertionSignerCertificateBase64(),
session.getAssertionBusinessService(),
- session.getSourceID(),
session.getExtendedSAMLAttributesOA());
authData.setSamlAssertion(samlAssertion);
@@ -1832,7 +1830,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
}
String samlArtifact =
- new SAMLArtifactBuilder().build(session.getAuthURL(), session.getSessionID());
+ new SAMLArtifactBuilder().build(session.getAuthURL(), session.getSessionID(), session.getSourceID());
storeAuthenticationData(samlArtifact, authData);
// invalidates the authentication session
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationAssertionBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationAssertionBuilder.java
index 410d045f0..bcad65eed 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationAssertionBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationAssertionBuilder.java
@@ -114,25 +114,5 @@ public class AuthenticationAssertionBuilder {
return sb.toString();
}
- /**
- * Builds the SAML attributes to be appended to the AUTHBlock or to the SAML assertion
- * delivered to the online application.
- * The method traverses through the list of given SAML attribute objects and builds an
- * XML structure (String representation) for each of the attributes.
- *
- * @param extendedSAMLAttributes The SAML attributes to be appended to the AUTHBlock or
- * to the SAML assertion delivered to the online application.
- * @return A string representation including the XML structures of
- * the SAML attributes.
- *
- * @throws ParseException If an error occurs on serializing an SAML attribute.
- */
- protected String buildSourceIDSAMLAttributes(String sourceID) throws ParseException {
- StringBuffer sb = new StringBuffer();
- if (sourceID!=null)
- sb.append(MessageFormat.format( SAML_ATTRIBUTE_NO_NAMESPACE, new Object[] {"SourceID", sourceID}));
-
- return sb.toString();
- }
-
+
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java
index 7032e09eb..b9e44544d 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java
@@ -72,7 +72,6 @@ public class AuthenticationDataAssertionBuilder extends AuthenticationAssertionB
"{10}" +
"{11}" +
"{12}" +
- "{13}" +
" </saml:AttributeStatement>" + NL +
"</saml:Assertion>";
@@ -107,7 +106,6 @@ public class AuthenticationDataAssertionBuilder extends AuthenticationAssertionB
"{11}" +
"{12}" +
"{13}" +
- "{14}" +
" </saml:AttributeStatement>" + NL +
"</saml:Assertion>";
/**
@@ -158,7 +156,6 @@ public class AuthenticationDataAssertionBuilder extends AuthenticationAssertionB
String bkuURL,
String signerCertificateBase64,
boolean businessService,
- String sourceID,
List extendedSAMLAttributes)
throws BuildException
{
@@ -210,7 +207,6 @@ public class AuthenticationDataAssertionBuilder extends AuthenticationAssertionB
StringUtils.removeXMLDeclaration(xmlPersonData),
isQualifiedCertificate,
bkuURL,
- buildSourceIDSAMLAttributes(sourceID),
publicAuthorityAttribute,
signerCertificateAttribute,
buildExtendedSAMLAttributes(extendedSAMLAttributes)});
@@ -301,7 +297,6 @@ public class AuthenticationDataAssertionBuilder extends AuthenticationAssertionB
StringUtils.removeXMLDeclaration(xmlMandateData),
isQualifiedCertificate,
bkuURL,
- buildSourceIDSAMLAttributes(sourceID),
publicAuthorityAttribute,
signerCertificateAttribute,
buildExtendedSAMLAttributes(extendedSAMLAttributes)});
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilder.java
index 41e4cd37d..145664a2b 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilder.java
@@ -67,7 +67,7 @@ public class SAMLArtifactBuilder {
* of <code>AssertionHandle</code>
* @return the 42-byte SAML artifact, encoded BASE64
*/
- public String build(String authURL, String sessionID) throws BuildException {
+ public String build(String authURL, String sessionID, String sourceIdParam) throws BuildException {
try {
MessageDigest md = MessageDigest.getInstance("SHA-1");
byte[] sourceID;
@@ -77,16 +77,45 @@ public class SAMLArtifactBuilder {
//System.out.println("alternativeSourceID: " + alternativeSourceID);
//System.out.println("authURL: " + authURL);
- if (!ParepUtils.isEmpty(alternativeSourceID)) {
- // if generic config parameter "AuthenticationServer.SourceID" is given, use that sourceID instead of authURL;
- sourceID = md.digest(alternativeSourceID.getBytes());
- Logger.info("Building SAMArtifact from sourceID \"" + alternativeSourceID + "\" instead of authURL \"" + authURL + "\".");
- } else {
- sourceID = md.digest(authURL.getBytes());
+ // if sourceID is given in GET/POST param - use this as source id
+ if (!ParepUtils.isEmpty(sourceIdParam)) {
+ // if GET/POST parameter sourceID is set, use that sourceID instead of authURL;
+ sourceID = md.digest(sourceIdParam.getBytes());
+ Logger.info("Building SAMArtifact from sourceID \"" + sourceIdParam + "\" instead of authURL \"" + authURL + "\".");
+
+ byte[] assertionHandle = md.digest(sessionID.getBytes());
+ ByteArrayOutputStream out = new ByteArrayOutputStream(42);
+ out.write(0);
+ out.write(1);
+ out.write(sourceID, 0, 20);
+ out.write(assertionHandle, 0, 20);
+ byte[] samlArtifact = out.toByteArray();
+ //System.out.println("samlArtifact: " + new String(samlArtifact));
+ String samlArtifactBase64 = Base64Utils.encode(samlArtifact);
+ //System.out.println("samlArtifact Base64: " + samlArtifactBase64);
+ return samlArtifactBase64;
}
- //System.out.println("sourceID: " + new String(sourceID));
+ // if generic config parameter "AuthenticationServer.SourceID" is given, use that sourceID instead of authURL;
+ if (!ParepUtils.isEmpty(alternativeSourceID)) {
+ sourceID = md.digest(alternativeSourceID.getBytes());
+ Logger.info("Building SAMArtifact from sourceID \"" + alternativeSourceID + "\" instead of authURL \"" + authURL + "\".");
+
+ byte[] assertionHandle = md.digest(sessionID.getBytes());
+ ByteArrayOutputStream out = new ByteArrayOutputStream(42);
+ out.write(0);
+ out.write(1);
+ out.write(sourceID, 0, 20);
+ out.write(assertionHandle, 0, 20);
+ byte[] samlArtifact = out.toByteArray();
+ System.out.println("samlArtifact: " + new String(samlArtifact));
+ String samlArtifactBase64 = Base64Utils.encode(samlArtifact);
+ System.out.println("samlArtifact Base64: " + samlArtifactBase64);
+ return samlArtifactBase64;
+ }
+ // default: sourecID from authURL
+ sourceID = md.digest(authURL.getBytes());
byte[] assertionHandle = md.digest(sessionID.getBytes());
ByteArrayOutputStream out = new ByteArrayOutputStream(42);
out.write(0);
@@ -98,6 +127,10 @@ public class SAMLArtifactBuilder {
String samlArtifactBase64 = Base64Utils.encode(samlArtifact);
//System.out.println("samlArtifact Base64: " + samlArtifactBase64);
return samlArtifactBase64;
+
+ //System.out.println("sourceID: " + new String(sourceID));
+
+
}
catch (Throwable ex) {
throw new BuildException(
diff --git a/id/server/idserverlib/src/test/java/test/abnahme/A/Test300VerifyAuthBlock.java b/id/server/idserverlib/src/test/java/test/abnahme/A/Test300VerifyAuthBlock.java
index d9cd13259..a71fe0181 100644
--- a/id/server/idserverlib/src/test/java/test/abnahme/A/Test300VerifyAuthBlock.java
+++ b/id/server/idserverlib/src/test/java/test/abnahme/A/Test300VerifyAuthBlock.java
@@ -619,7 +619,7 @@ public class Test300VerifyAuthBlock extends AbnahmeTestCase {
oaParam.getProvideIdentityLink() ? DOMUtils.serializeNode(identityLink.getSamlAssertion()) : "";
String authBlock = oaParam.getProvideAuthBlock() ? session.getAuthBlock() : "";
String samlAssertion = new AuthenticationDataAssertionBuilder().build(
- authData, prPerson, authBlock, ilAssertion, session.getBkuURL(), "", false, null, null);
+ authData, prPerson, authBlock, ilAssertion, session.getBkuURL(), "", false, null);
authData.setSamlAssertion(samlAssertion);
return authData;
}
diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilderTest.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilderTest.java
index 979a4aa24..915dc540c 100644
--- a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilderTest.java
+++ b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilderTest.java
@@ -51,9 +51,9 @@ public class SAMLArtifactBuilderTest extends UnitTestCase {
}
protected void setUp() throws Exception {
builder = new SAMLArtifactBuilder();
- artifact1 = Base64Utils.decode(builder.build(AUTH_URL, SESSION_ID_1), false);
- artifact2 = Base64Utils.decode(builder.build(AUTH_URL, SESSION_ID_2), false);
- artifact3 = Base64Utils.decode(builder.build(AUTH_URL, SESSION_ID_3), false);
+ artifact1 = Base64Utils.decode(builder.build(AUTH_URL, SESSION_ID_1, null), false);
+ artifact2 = Base64Utils.decode(builder.build(AUTH_URL, SESSION_ID_2, null), false);
+ artifact3 = Base64Utils.decode(builder.build(AUTH_URL, SESSION_ID_3, null), false);
}
public void testBuildArtifactLength() throws BuildException {
@@ -62,7 +62,7 @@ public class SAMLArtifactBuilderTest extends UnitTestCase {
assertEquals(42, artifact3.length);
}
public void testBuildSameArtifact() throws Exception {
- byte[] artifact1Clone = Base64Utils.decode(builder.build(AUTH_URL, SESSION_ID_1), false);
+ byte[] artifact1Clone = Base64Utils.decode(builder.build(AUTH_URL, SESSION_ID_1, null), false);
assertEquals(new String(artifact1), new String(artifact1Clone));
}
public void testBuildDifferentArtifacts() throws BuildException {
diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParserTest.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParserTest.java
index 1dab28dea..d34678f0c 100644
--- a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParserTest.java
+++ b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParserTest.java
@@ -44,7 +44,7 @@ public class SAMLArtifactParserTest extends UnitTestCase {
public void testParseTypeCode() throws Exception {
String sessionID = Random.nextRandom();
- String samlArtifact = new SAMLArtifactBuilder().build(URL1, sessionID);
+ String samlArtifact = new SAMLArtifactBuilder().build(URL1, sessionID, null);
byte[] typeCode = new SAMLArtifactParser(samlArtifact).parseTypeCode();
assertEquals(typeCode[0], 0);
assertEquals(typeCode[1], 1);
@@ -52,8 +52,8 @@ public class SAMLArtifactParserTest extends UnitTestCase {
public void testParseAssertionHandleSameSessionID() throws Exception {
// SAML artifacts for different authURL's but same sessionID MUST give same assertion handle
String sessionID = Random.nextRandom();
- String samlArtifact1 = new SAMLArtifactBuilder().build(URL1, sessionID);
- String samlArtifact2 = new SAMLArtifactBuilder().build(URL2, sessionID);
+ String samlArtifact1 = new SAMLArtifactBuilder().build(URL1, sessionID, null);
+ String samlArtifact2 = new SAMLArtifactBuilder().build(URL2, sessionID, null);
String assertionHandle1 = new SAMLArtifactParser(samlArtifact1).parseAssertionHandle();
String assertionHandle2 = new SAMLArtifactParser(samlArtifact2).parseAssertionHandle();
assertEquals(assertionHandle1, assertionHandle2);
@@ -62,8 +62,8 @@ public class SAMLArtifactParserTest extends UnitTestCase {
// SAML artifacts for same authURL but different sessionID's MUST give different assertion handles
String sessionID1 = Random.nextRandom();
String sessionID2 = Random.nextRandom();
- String samlArtifact1 = new SAMLArtifactBuilder().build(URL1, sessionID1);
- String samlArtifact2 = new SAMLArtifactBuilder().build(URL1, sessionID2);
+ String samlArtifact1 = new SAMLArtifactBuilder().build(URL1, sessionID1, null);
+ String samlArtifact2 = new SAMLArtifactBuilder().build(URL1, sessionID2, null);
String assertionHandle1 = new SAMLArtifactParser(samlArtifact1).parseAssertionHandle();
String assertionHandle2 = new SAMLArtifactParser(samlArtifact2).parseAssertionHandle();
assertFalse(assertionHandle1.equals(assertionHandle2));
@@ -71,7 +71,7 @@ public class SAMLArtifactParserTest extends UnitTestCase {
public void testParseAssertionHandleSameSAMLArtifact() throws Exception {
// SAML artifact parsed twice MUST give same assertion handle each time
String sessionID = Random.nextRandom();
- String samlArtifact = new SAMLArtifactBuilder().build(URL1, sessionID);
+ String samlArtifact = new SAMLArtifactBuilder().build(URL1, sessionID, null);
String assertionHandle1 = new SAMLArtifactParser(samlArtifact).parseAssertionHandle();
String assertionHandle2 = new SAMLArtifactParser(samlArtifact).parseAssertionHandle();
assertEquals(assertionHandle1, assertionHandle2);
diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/proxy/builder/SAMLRequestBuilderTest.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/proxy/builder/SAMLRequestBuilderTest.java
index 73085270f..467c6520e 100644
--- a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/proxy/builder/SAMLRequestBuilderTest.java
+++ b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/proxy/builder/SAMLRequestBuilderTest.java
@@ -43,7 +43,7 @@ public class SAMLRequestBuilderTest extends UnitTestCase {
public void testBuild() throws Exception {
String requestID = "123";
- String samlArtifact = new SAMLArtifactBuilder().build("https://moa.gv.at/auth/", "12345678901234567890");
+ String samlArtifact = new SAMLArtifactBuilder().build("https://moa.gv.at/auth/", "12345678901234567890", null);
String REQUEST_SHOULD = "<samlp:Request xmlns:samlp=\"urn:oasis:names:tc:SAML:1.0:protocol\" RequestID=\"" +
requestID + "\" MajorVersion=\"1\" MinorVersion=\"0\" IssueInstant=\"IGNORE\">" +
"<samlp:AssertionArtifact>" + samlArtifact + "</samlp:AssertionArtifact>" +
diff --git a/pom.xml b/pom.xml
index f2a67a02e..d4a0c387a 100644
--- a/pom.xml
+++ b/pom.xml
@@ -248,7 +248,7 @@
<dependency>
<groupId>iaik.prod</groupId>
<artifactId>iaik_moa</artifactId>
- <version>1.31</version>
+ <version>1.32</version>
<scope>compile</scope>
</dependency>
<dependency>
@@ -266,7 +266,9 @@
<dependency>
<groupId>iaik.prod</groupId>
<artifactId>iaik_ixsil</artifactId>
- <version>1.2.2.4</version>
+ <!-- <version>1.2.2.4</version> -->
+ <!-- Updated properties for blacklist -->
+ <version>1.2.2.4_prop</version>
<scope>compile</scope>
</dependency>
<dependency>
diff --git a/repository/iaik/prod/iaik_moa/1.32/iaik_moa-1.32.jar b/repository/iaik/prod/iaik_moa/1.32/iaik_moa-1.32.jar
new file mode 100644
index 000000000..13725f801
--- /dev/null
+++ b/repository/iaik/prod/iaik_moa/1.32/iaik_moa-1.32.jar
Binary files differ
diff --git a/repository/iaik/prod/iaik_moa/1.32/iaik_moa-1.32.pom b/repository/iaik/prod/iaik_moa/1.32/iaik_moa-1.32.pom
new file mode 100644
index 000000000..c3de037f4
--- /dev/null
+++ b/repository/iaik/prod/iaik_moa/1.32/iaik_moa-1.32.pom
@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="UTF-8"?><project>
+ <modelVersion>4.0.0</modelVersion>
+ <groupId>iaik.prod</groupId>
+ <artifactId>iaik_moa</artifactId>
+ <version>1.32</version>
+</project> \ No newline at end of file
diff --git a/repository/iaik/prod/iaik_moa/maven-metadata-MOA.xml b/repository/iaik/prod/iaik_moa/maven-metadata-MOA.xml
index 32e4aad37..6190bccb0 100644
--- a/repository/iaik/prod/iaik_moa/maven-metadata-MOA.xml
+++ b/repository/iaik/prod/iaik_moa/maven-metadata-MOA.xml
@@ -1,7 +1,7 @@
<?xml version="1.0" encoding="UTF-8"?><metadata>
<groupId>iaik.prod</groupId>
<artifactId>iaik_moa</artifactId>
- <version>1.28</version>
+ <version>1.32</version>
<versioning>
<versions>
<version>1.23</version>
diff --git a/repository/iaik/prod/iaik_moa/maven-metadata-local.xml b/repository/iaik/prod/iaik_moa/maven-metadata-local.xml
index ced753edc..44703a321 100644
--- a/repository/iaik/prod/iaik_moa/maven-metadata-local.xml
+++ b/repository/iaik/prod/iaik_moa/maven-metadata-local.xml
@@ -2,10 +2,10 @@
<metadata>
<groupId>iaik.prod</groupId>
<artifactId>iaik_moa</artifactId>
- <version>1.29</version>
+ <version>1.32</version>
<versioning>
<versions>
- <version>1.29</version>
+ <version>1.32</version>
</versions>
<lastUpdated>20100618102247</lastUpdated>
</versioning>
diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java
index 40416f121..2a2427bbb 100644
--- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java
+++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java
@@ -29,6 +29,8 @@ import iaik.ixsil.exceptions.URIException;
import iaik.ixsil.util.URI;
import iaik.pki.pathvalidation.ChainingModes;
import iaik.pki.revocation.RevocationSourceTypes;
+import iaik.server.modules.xml.BlackListEntry;
+import iaik.server.modules.xml.ExternalReferenceChecker;
import iaik.utils.RFC2253NameParser;
import iaik.utils.RFC2253NameParserException;
@@ -385,11 +387,16 @@ public class ConfigurationPartsBuilder {
Element permitExtUris = (Element)XPathUtils.selectSingleNode(getConfigElem(), PERMIT_EXTERNAL_URIS_XPATH);
// if PermitExternalUris element does not exist - don't allow external uris
- if (permitExtUris == null)
- return false;
- else
+ if (permitExtUris == null) {
+ // set permitExtUris for iaik-moa
+ ExternalReferenceChecker.setPermitExternalURLs(false);
+ return false;
+ }
+ else {
+ // set permitExtUris for iaik-moa
+ ExternalReferenceChecker.setPermitExternalURLs(true);
return true;
-
+ }
}
/**
@@ -401,6 +408,7 @@ public class ConfigurationPartsBuilder {
info("config.33", null);
List blacklist = new ArrayList();
+ List blackListIaikMoa = new ArrayList();
NodeIterator permitExtIter = XPathUtils.selectNodeIterator(
getConfigElem(),
@@ -411,11 +419,19 @@ public class ConfigurationPartsBuilder {
String host = getElementValue(permitExtElem, CONF + "IP", null);
String port = getElementValue(permitExtElem, CONF + "Port", null);
-
- if (port == null)
+ BlackListEntry entry =null;
+ if (port == null) {
+ entry = new BlackListEntry(host, -1);
info("config.34", new Object[]{host});
- else
+ }
+ else {
+ entry = new BlackListEntry(host, new Integer(port).intValue());
info("config.34", new Object[]{host + ":" + port});
+ }
+
+ // add entry to iaik-moa blacklist
+ blackListIaikMoa.add(entry);
+
String array[] = new String[2];
array[0] = host;
@@ -424,6 +440,9 @@ public class ConfigurationPartsBuilder {
}
+ // set blacklist for iaik-moa
+ ExternalReferenceChecker.setBlacklist(blackListIaikMoa);
+
if(blacklist.isEmpty()) // no blacklisted uris given
info("config.36", null);
diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java
index a5f861c52..cae1497d6 100644
--- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java
+++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java
@@ -367,7 +367,7 @@ public class ConfigurationProvider
allowExternalUris_= builder.allowExternalUris();
- if (allowExternalUris_)
+ if (allowExternalUris_)
blackListedUris_ = builder.buildPermitExternalUris();
else {
info("config.35", null);
@@ -375,6 +375,7 @@ public class ConfigurationProvider
}
+
// Set set = crlRetentionIntervals.entrySet();
// Iterator i = set.iterator();
// while(i.hasNext()){
diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/IaikExceptionMapper.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/IaikExceptionMapper.java
index 722d5350c..dd5436827 100644
--- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/IaikExceptionMapper.java
+++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/IaikExceptionMapper.java
@@ -83,7 +83,7 @@ public class IaikExceptionMapper {
{ iaik.server.modules.xmlverify.SignerCertificateUnavailableException.class, "2243", MOAApplicationException.class },
{ iaik.server.modules.xmlverify.SupplementException.class, "2230", MOAApplicationException.class },
{ iaik.server.modules.xmlverify.TransformationException.class, "2265", MOAApplicationException.class },
- { iaik.server.modules.xmlverify.TransformationParsingException.class, "2269", MOAApplicationException.class }
+ { iaik.server.modules.xmlverify.TransformationParsingException.class, "2269", MOAApplicationException.class },
};
/** The single instance of this class. */