aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java38
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigLoader.java14
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java32
-rw-r--r--id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd1
4 files changed, 80 insertions, 5 deletions
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java
index f160e3e51..cd34d382b 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java
@@ -4,6 +4,7 @@ import java.io.IOException;
import java.math.BigInteger;
import java.security.cert.CertificateException;
import java.util.ArrayList;
+import java.util.Date;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
@@ -19,6 +20,7 @@ import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA;
import at.gv.egovernment.moa.id.commons.db.dao.config.BKUURLS;
import at.gv.egovernment.moa.id.commons.db.dao.config.IdentificationNumber;
+import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration;
import at.gv.egovernment.moa.id.commons.db.dao.config.MOAKeyBoxSelector;
import at.gv.egovernment.moa.id.commons.db.dao.config.Mandates;
import at.gv.egovernment.moa.id.commons.db.dao.config.OAPVP2;
@@ -297,7 +299,9 @@ ServletResponseAware {
if (!authUser.isAdmin()) {
onlineapplication.setIsAdminRequired(true);
+
}
+
} else {
if (!authUser.isAdmin() &&
@@ -332,6 +336,22 @@ ServletResponseAware {
} catch (ConfigurationException e) {
log.warn("Sending Mail to User " + userdb.getMail() + " failed", e);
}
+ }
+ }
+
+ if (pvp2OA.getMetaDataURL() != null) {
+
+ try {
+ if (newentry || !pvp2OA.getMetaDataURL()
+ .equals(onlineapplication.getAuthComponentOA().getOAPVP2().getMetadataURL())) {
+
+ MOAIDConfiguration moaconfig = ConfigurationDBRead.getMOAIDConfiguration();
+ moaconfig.setPvp2RefreshItem(new Date());
+ ConfigurationDBUtils.saveOrUpdate(moaconfig);
+
+ }
+ } catch (Throwable e) {
+ log.info("Found no MetadataURL in OA-Databaseconfig!", e);
}
}
@@ -348,6 +368,8 @@ ServletResponseAware {
}
}
+
+
Object nextPageAttr = session.getAttribute(Constants.SESSION_RETURNAREA);
if (nextPageAttr != null && nextPageAttr instanceof String) {
@@ -479,8 +501,22 @@ ServletResponseAware {
}
OnlineApplication onlineapplication = ConfigurationDBRead.getOnlineApplication(oaidentifier);
-
request.getSession().setAttribute(Constants.SESSION_OAID, null);
+
+
+ try {
+ if (MiscUtil.isNotEmpty(onlineapplication.getAuthComponentOA().getOAPVP2().getMetadataURL())) {
+
+ MOAIDConfiguration moaconfig = ConfigurationDBRead.getMOAIDConfiguration();
+ moaconfig.setPvp2RefreshItem(new Date());
+ ConfigurationDBUtils.saveOrUpdate(moaconfig);
+
+ }
+ } catch (Throwable e) {
+ log.info("Found no MetadataURL in OA-Databaseconfig!", e);
+ }
+
+
if (ConfigurationDBUtils.delete(onlineapplication)) {
if (!authUser.isAdmin()) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigLoader.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigLoader.java
index 12ab3f871..92323f02b 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigLoader.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigLoader.java
@@ -1,10 +1,15 @@
package at.gv.egovernment.moa.id.config.auth;
+import iaik.util.logging.Log;
+
import java.util.Date;
+import org.bouncycastle.asn1.pkcs.Pfx;
+
import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead;
import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration;
+import at.gv.egovernment.moa.id.protocols.pvp2x.metadata.MOAMetadataProvider;
import at.gv.egovernment.moa.logging.Logger;
@@ -20,6 +25,7 @@ public class AuthConfigLoader implements Runnable {
Logger.info("check for new config.");
MOAIDConfiguration moaidconfig = ConfigurationDBRead.getMOAIDConfiguration();
Date dbdate = moaidconfig.getTimestampItem();
+ Date pvprefresh = moaidconfig.getPvp2RefreshItem();
ConfigurationDBUtils.closeSession();
Date date = AuthConfigurationProvider.getTimeStamp();
@@ -28,6 +34,14 @@ public class AuthConfigLoader implements Runnable {
AuthConfigurationProvider instance = AuthConfigurationProvider.getInstance();
instance.reloadDataBaseConfig();
}
+
+ Date pvpdate = MOAMetadataProvider.getTimeStamp();
+ if (pvprefresh != null && pvprefresh.after(pvpdate)) {
+ MOAMetadataProvider metainst = MOAMetadataProvider.getInstance();
+ metainst.reInitialize();
+ }
+
+
} catch (Throwable e) {
Logger.warn("MOA-ID Configuration is actually not loadable. Reuse old configuration.", e);
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java
index a92ac8e7f..a61633e12 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java
@@ -1,11 +1,16 @@
package at.gv.egovernment.moa.id.protocols.pvp2x.metadata;
+import iaik.util.logging.Log;
+
import java.security.cert.CertificateException;
+import java.util.Date;
import java.util.Iterator;
import java.util.List;
+import java.util.Timer;
import javax.xml.namespace.QName;
+import org.apache.commons.httpclient.HttpClient;
import org.opensaml.saml2.metadata.EntitiesDescriptor;
import org.opensaml.saml2.metadata.EntityDescriptor;
import org.opensaml.saml2.metadata.RoleDescriptor;
@@ -29,7 +34,9 @@ public class MOAMetadataProvider implements MetadataProvider {
private static MOAMetadataProvider instance = null;
private static Object mutex = new Object();
-
+ private static Date timestamp;
+
+
public static MOAMetadataProvider getInstance() {
if (instance == null) {
synchronized (mutex) {
@@ -41,6 +48,17 @@ public class MOAMetadataProvider implements MetadataProvider {
return instance;
}
+ public static Date getTimeStamp() {
+ return timestamp;
+ }
+
+ public void reInitialize() {
+ synchronized (mutex) {
+ Log.info("ReInitalize MOAMetaDataProvider.");
+ instance = new MOAMetadataProvider();
+ }
+ }
+
MetadataProvider internalProvider;
private MOAMetadataProvider() {
@@ -59,15 +77,20 @@ public class MOAMetadataProvider implements MetadataProvider {
String metadataURL = pvp2Config.getMetadataURL();
try {
// TODO: use proper SSL checking
- HTTPMetadataProvider httpProvider = new HTTPMetadataProvider(
- metadataURL, 20000);
+ HTTPMetadataProvider httpProvider =
+ new HTTPMetadataProvider(new Timer(), new HttpClient(),
+ metadataURL);
httpProvider.setParserPool(new BasicParserPool());
httpProvider.setRequireValidMetadata(true);
+ httpProvider.setMinRefreshDelay(1000*60*5); //5min
+ httpProvider.setMaxRefreshDelay(1000*60*30); //30min
+ //httpProvider.setRefreshDelayFactor(0.1F);
MetadataFilter filter = new MetadataSignatureFilter(
metadataURL, pvp2Config.getCertificate());
httpProvider.setMetadataFilter(filter);
chainProvider.addMetadataProvider(httpProvider);
httpProvider.initialize();
+
} catch (MetadataProviderException e) {
Logger.error(
"Failed to add Metadata file for "
@@ -91,8 +114,9 @@ public class MOAMetadataProvider implements MetadataProvider {
}
internalProvider = chainProvider;
+ timestamp = new Date();
}
-
+
public boolean requireValidMetadata() {
return internalProvider.requireValidMetadata();
}
diff --git a/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd b/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd
index c17a8cbd4..dd696f42f 100644
--- a/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd
+++ b/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd
@@ -272,6 +272,7 @@
</xsd:element>
</xsd:sequence>
<xsd:attribute name="timestamp" type="xsd:dateTime"/>
+ <xsd:attribute name="pvp2refresh" type="xsd:dateTime"/>
</xsd:complexType>
</xsd:element>
<xsd:complexType name="AuthComponentType">