diff options
194 files changed, 9242 insertions, 3562 deletions
diff --git a/common/src/main/java/at/gv/egovernment/moa/util/Constants.java b/common/src/main/java/at/gv/egovernment/moa/util/Constants.java index 8d71f2e84..5d12691f8 100644 --- a/common/src/main/java/at/gv/egovernment/moa/util/Constants.java +++ b/common/src/main/java/at/gv/egovernment/moa/util/Constants.java @@ -381,6 +381,16 @@ public interface Constants { public static final String XENC_SCHEMA_LOCATION = SCHEMA_ROOT + "xenc-schema.xsd"; + /** Prefix used for the XML Encryption XML namespace */ + public static final String SAML2_METADATA_PREFIX = "md"; + + /** Prefix used for the XML Encryption XML namespace */ + public static final String SAML2_METADATA_URI = "urn:oasis:names:tc:SAML:2.0:metadata"; + + /** Local location of the XML Encryption XML schema definition. */ + public static final String SAML2_METADATA_SCHEMA_LOCATION = + SCHEMA_ROOT + "saml-schema-metadata-2.0.xsd"; + /** * Contains all namespaces and local schema locations for XML schema * definitions relevant for MOA. For use in validating XML parsers. @@ -413,6 +423,7 @@ public interface Constants { + (SAML2P_NS_URI + " " + SAML2P_SCHEMA_LOCATION + " ") + (STORK_NS_URI + " " + STORK_SCHEMA_LOCATION + " ") + (STORKP_NS_URI + " " + STORKP_SCHEMA_LOCATION + " ") + + (SAML2_METADATA_URI + " " + SAML2_METADATA_SCHEMA_LOCATION + " ") + (XENC_NS_URI + " " + XENC_SCHEMA_LOCATION); /** URN prefix for bPK and wbPK. */ diff --git a/common/src/main/java/at/gv/egovernment/moa/util/DOMUtils.java b/common/src/main/java/at/gv/egovernment/moa/util/DOMUtils.java index 2b816ed4c..0a07fc4a7 100644 --- a/common/src/main/java/at/gv/egovernment/moa/util/DOMUtils.java +++ b/common/src/main/java/at/gv/egovernment/moa/util/DOMUtils.java @@ -246,6 +246,10 @@ public class DOMUtils { parser.setFeature(CREATE_ENTITY_REF_NODES_FEATURE, false); parser.setFeature(EXTERNAL_GENERAL_ENTITIES_FEATURE, false); parser.setFeature(EXTERNAL_PARAMETER_ENTITIES_FEATURE, false); + + //fix XXE problem + parser.setFeature("http://apache.org/xml/features/disallow-doctype-decl", true); + if (validating) { if (externalSchemaLocations != null) { diff --git a/common/src/main/resources/resources/schemas/saml-schema-metadata-2.0.xsd b/common/src/main/resources/resources/schemas/saml-schema-metadata-2.0.xsd index 0d158c0ba..625b66dfc 100644 --- a/common/src/main/resources/resources/schemas/saml-schema-metadata-2.0.xsd +++ b/common/src/main/resources/resources/schemas/saml-schema-metadata-2.0.xsd @@ -1,23 +1,9 @@ <?xml version="1.0" encoding="UTF-8"?>
-<schema
- targetNamespace="urn:oasis:names:tc:SAML:2.0:metadata"
- xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"
- xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
- xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
- xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
- xmlns="http://www.w3.org/2001/XMLSchema"
- elementFormDefault="unqualified"
- attributeFormDefault="unqualified"
- blockDefault="substitution"
- version="2.0">
- <import namespace="http://www.w3.org/2000/09/xmldsig#"
- schemaLocation="http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd"/>
- <import namespace="http://www.w3.org/2001/04/xmlenc#"
- schemaLocation="http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/xenc-schema.xsd"/>
- <import namespace="urn:oasis:names:tc:SAML:2.0:assertion"
- schemaLocation="saml-schema-assertion-2.0.xsd"/>
- <import namespace="http://www.w3.org/XML/1998/namespace"
- schemaLocation="http://www.w3.org/2001/xml.xsd"/>
+<schema targetNamespace="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns="http://www.w3.org/2001/XMLSchema" elementFormDefault="unqualified" attributeFormDefault="unqualified" blockDefault="substitution" version="2.0">
+ <import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd"/>
+ <import namespace="http://www.w3.org/2001/04/xmlenc#" schemaLocation="http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/xenc-schema.xsd"/>
+ <import namespace="urn:oasis:names:tc:SAML:2.0:assertion" schemaLocation="saml-schema-assertion-2.0.xsd"/>
+ <import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="http://www.w3.org/2001/xml.xsd"/>
<annotation>
<documentation>
Document identifier: saml-schema-metadata-2.0
@@ -334,4 +320,4 @@ <anyAttribute namespace="##other" processContents="lax"/>
</complexType>
<element name="AffiliateMember" type="md:entityIDType"/>
-</schema>
+</schema>
\ No newline at end of file diff --git a/id/ConfigWebTool/pom.xml b/id/ConfigWebTool/pom.xml index 9800fad7e..51bb941a4 100644 --- a/id/ConfigWebTool/pom.xml +++ b/id/ConfigWebTool/pom.xml @@ -97,6 +97,12 @@ <artifactId>moa-id-module-stork</artifactId> </dependency> + <dependency> + <groupId>org.apache.commons</groupId> + <artifactId>commons-collections4</artifactId> + <version>${org.apache.commons.collections4.version}</version> + </dependency> + <dependency> <groupId>at.gv.util</groupId> diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/PVPSOAPRequestSecurityPolicy.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/PVPSOAPRequestSecurityPolicy.java new file mode 100644 index 000000000..a25cc44ef --- /dev/null +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/PVPSOAPRequestSecurityPolicy.java @@ -0,0 +1,92 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.configuration.auth.pvp2; + +import java.util.List; + +import javax.xml.namespace.QName; + +import org.opensaml.common.SignableSAMLObject; +import org.opensaml.saml2.metadata.provider.HTTPMetadataProvider; +import org.opensaml.ws.soap.soap11.Envelope; +import org.opensaml.xml.XMLObject; +import org.opensaml.xml.signature.SignatureTrustEngine; + +import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider; +import at.gv.egovernment.moa.id.protocols.pvp2x.validation.AbstractRequestSignedSecurityPolicyRule; + +/** + * @author tlenz + * + */ +public class PVPSOAPRequestSecurityPolicy extends + AbstractRequestSignedSecurityPolicyRule { + + /** + * @param trustEngine + * @param peerEntityRole + */ + public PVPSOAPRequestSecurityPolicy(SignatureTrustEngine trustEngine, + QName peerEntityRole) { + super(trustEngine, peerEntityRole); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.validation.AbstractRequestSignedSecurityPolicyRule#refreshMetadataProvider(java.lang.String) + */ + @Override + protected boolean refreshMetadataProvider(String entityID) { + try { + HTTPMetadataProvider metadataProvider = ConfigurationProvider.getInstance().getMetaDataProvier(); + metadataProvider.setRequireValidMetadata(true); + metadataProvider.refresh(); + + return true; + + } catch (Exception e) { + + + } + + return false; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.validation.AbstractRequestSignedSecurityPolicyRule#getSignedSAMLObject(org.opensaml.xml.XMLObject) + */ + @Override + protected SignableSAMLObject getSignedSAMLObject(XMLObject inboundData) { + if (inboundData instanceof Envelope) { + Envelope envelope = (Envelope) inboundData; + if (envelope.getBody() != null) { + List<XMLObject> xmlElemList = envelope.getBody().getUnknownXMLObjects(); + if (!xmlElemList.isEmpty() && xmlElemList.get(0) instanceof SignableSAMLObject) + return (SignableSAMLObject) xmlElemList.get(0); + + } + } + + return null; + } + +} diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOBackChannelServlet.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOBackChannelServlet.java index cff08740b..17d3d9e50 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOBackChannelServlet.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOBackChannelServlet.java @@ -40,6 +40,7 @@ import org.opensaml.saml2.core.LogoutRequest; import org.opensaml.saml2.core.LogoutResponse; import org.opensaml.ws.message.decoder.MessageDecodingException; import org.opensaml.ws.message.encoder.MessageEncodingException; +import org.opensaml.ws.soap.client.BasicSOAPMessageContext; import org.opensaml.ws.soap.soap11.Envelope; import org.opensaml.ws.soap.soap11.decoder.http.HTTPSOAP11Decoder; import org.opensaml.ws.transport.http.HttpServletRequestAdapter; @@ -49,10 +50,12 @@ import org.opensaml.xml.parse.BasicParserPool; import org.opensaml.xml.security.SecurityException; import org.opensaml.xml.security.x509.KeyStoreX509CredentialAdapter; import org.opensaml.xml.security.x509.X509Credential; +import org.opensaml.xml.validation.ValidationException; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationException; +import at.gv.egovernment.moa.id.configuration.auth.pvp2.PVP2Utils; /** * @author tlenz @@ -77,25 +80,44 @@ public class SLOBackChannelServlet extends SLOBasicServlet { try { HTTPSOAP11Decoder soapDecoder = new HTTPSOAP11Decoder(new BasicParserPool()); - BasicSAMLMessageContext<SAMLObject, ?, ?> messageContext = - new BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject>(); - messageContext - .setInboundMessageTransport(new HttpServletRequestAdapter( - request)); + + BasicSOAPMessageContext messageContext = new BasicSOAPMessageContext(); + +// BasicSAMLMessageContext<SAMLObject, ?, ?> messageContext = +// new BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject>(); + + messageContext.setInboundMessageTransport(new HttpServletRequestAdapter(request)); + + //messageContext.setMetadataProvider(getConfig().getMetaDataProvier()); + + //set trustPolicy +// BasicSecurityPolicy policy = new BasicSecurityPolicy(); +// policy.getPolicyRules().add( +// new PVPSOAPRequestSecurityPolicy( +// PVP2Utils.getTrustEngine(getConfig()), +// IDPSSODescriptor.DEFAULT_ELEMENT_NAME)); +// SecurityPolicyResolver resolver = new StaticSecurityPolicyResolver( +// policy); +// messageContext.setSecurityPolicyResolver(resolver); soapDecoder.decode(messageContext); - + Envelope inboundMessage = (Envelope) messageContext .getInboundMessage(); + LogoutResponse sloResp = null; + if (inboundMessage.getBody() != null) { List<XMLObject> xmlElemList = inboundMessage.getBody().getUnknownXMLObjects(); - - LogoutResponse sloResp; + if (!xmlElemList.isEmpty() && xmlElemList.get(0) instanceof LogoutRequest) { LogoutRequest sloReq = (LogoutRequest) xmlElemList.get(0); - sloResp = processLogOutRequest(sloReq, request); + //validate request signature + PVP2Utils.validateSignature(sloReq, getConfig()); + + sloResp = processLogOutRequest(sloReq, request); + KeyStore keyStore = getConfig().getPVP2KeyStore(); X509Credential authcredential = new KeyStoreX509CredentialAdapter( keyStore, @@ -111,24 +133,17 @@ public class SLOBackChannelServlet extends SLOBasicServlet { context.setOutboundMessageTransport(responseAdapter); encoder.encode(context); - + } else { log.warn("Received request ist not of type LogOutRequest"); response.setStatus(HttpServletResponse.SC_BAD_REQUEST); + return; } } - } catch (MessageDecodingException e) { - log.error("SLO message processing FAILED." , e); - response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e.getMessage()); - - } catch (SecurityException e) { - log.error("SLO message processing FAILED." , e); - response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e.getMessage()); - - } catch (NoSuchAlgorithmException e) { - log.error("SLO message processing FAILED." , e); + } catch (MessageDecodingException | SecurityException | NoSuchAlgorithmException | ConfigurationException | ValidationException e) { + log.error("SLO message processing FAILED." , e); response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e.getMessage()); } catch (CertificateException e) { @@ -139,15 +154,14 @@ public class SLOBackChannelServlet extends SLOBasicServlet { log.error("SLO message processing FAILED." , e); response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e.getMessage()); - } catch (ConfigurationException e) { - log.error("SLO message processing FAILED." , e); - response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e.getMessage()); - } catch (MessageEncodingException e) { log.error("SLO message processing FAILED." , e); response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e.getMessage()); - } + } + + + } protected void doGet(HttpServletRequest request, diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOBasicServlet.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOBasicServlet.java index 2a35e50b1..c70d34d7e 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOBasicServlet.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOBasicServlet.java @@ -131,13 +131,13 @@ public class SLOBasicServlet extends HttpServlet { } else { log.debug("Single LogOut not possible! User with nameID:" + sloReq.getNameID().getValue() + " is not found."); - return createSLOResponse(sloReq, StatusCode.PARTIAL_LOGOUT_URI, request); + return createSLOResponse(sloReq, StatusCode.SUCCESS_URI, request); } } - private LogoutResponse createSLOResponse(LogoutRequest sloReq, String statusCodeURI, HttpServletRequest request) throws NoSuchAlgorithmException { + protected LogoutResponse createSLOResponse(LogoutRequest sloReq, String statusCodeURI, HttpServletRequest request) throws NoSuchAlgorithmException { LogoutResponse sloResp = SAML2Utils.createSAMLObject(LogoutResponse.class); SecureRandomIdentifierGenerator gen = new SecureRandomIdentifierGenerator(); sloResp.setID(gen.generateIdentifier()); diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOFrontChannelServlet.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOFrontChannelServlet.java index 8df7f9d5a..274aa21bf 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOFrontChannelServlet.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOFrontChannelServlet.java @@ -69,7 +69,6 @@ import at.gv.egovernment.moa.id.configuration.auth.pvp2.PVP2Utils; import at.gv.egovernment.moa.id.configuration.exception.PVP2Exception; import at.gv.egovernment.moa.id.configuration.exception.SLOException; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; -import at.gv.egovernment.moa.id.protocols.pvp2x.verification.TrustEngineFactory; import at.gv.egovernment.moa.util.MiscUtil; /** @@ -99,8 +98,15 @@ public class SLOFrontChannelServlet extends SLOBasicServlet { if (MiscUtil.isNotEmpty(request.getParameter(Constants.REQUEST_USERSLO))) { //process user initiated single logout process Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH); + + if (authUserObj == null) { + log.warn("No user information found. Single Log-Out not possible"); + buildErrorMessage(request, response); + + } + AuthenticatedUser authUser = (AuthenticatedUser) authUserObj; - + String nameIDFormat = authUser.getNameIDFormat(); String nameID = authUser.getNameID(); diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java index e2a55db60..ab6c22858 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java @@ -54,6 +54,7 @@ import org.springframework.beans.factory.config.AutowireCapableBeanFactory; import org.springframework.context.ApplicationContext; import org.springframework.context.support.ClassPathXmlApplicationContext; +import at.gv.egovernment.moa.id.commons.db.NewConfigurationDBRead; import at.gv.egovernment.moa.id.commons.ex.MOAHttpProtocolSocketFactoryException; import at.gv.egovernment.moa.id.commons.utils.MOAHttpProtocolSocketFactory; import at.gv.egovernment.moa.id.config.webgui.MOAIDConfigurationModul; @@ -65,8 +66,6 @@ import at.gv.egovernment.moa.id.configuration.utils.UserRequestCleaner; import at.gv.egovernment.moa.util.FileUtils; import at.gv.egovernment.moa.util.MiscUtil; -import at.gv.egovernment.moa.id.commons.db.NewConfigurationDBRead; - public class ConfigurationProvider { @@ -602,7 +601,7 @@ public class ConfigurationProvider { } catch (Exception e) { log.warn("PVP2 authentification can not be initialized."); - throw new ConfigurationException("PVP2 authentification can not be initialized.", e); + throw new ConfigurationException("error.initialization.pvplogin", e); } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java index 83795567c..95af93af3 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java @@ -54,7 +54,9 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.TransformsInfoT import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.TrustAnchor; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.VerifyAuthBlock; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.VerifyIdentityLink; +import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils; import at.gv.egovernment.moa.id.configuration.Constants; +import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider; import at.gv.egovernment.moa.id.configuration.data.pvp2.ContactForm; import at.gv.egovernment.moa.util.MiscUtil; @@ -126,6 +128,7 @@ public class GeneralMOAIDConfig { private String SLRequestTemplateHandy = "SLTemplates/template_handyBKU.html"; private String publicURLPrefix = null; + private boolean virtualPublicURLPrefixEnabled = false; public GeneralMOAIDConfig() { chainigmodelist = new HashMap<String, String>(); @@ -133,6 +136,26 @@ public class GeneralMOAIDConfig { for (int i=0; i<values.length; i++) { chainigmodelist.put(values[i].value(), values[i].value()); } + + try { + ConfigurationProvider config = ConfigurationProvider.getInstance(); + if (config != null) { + MOAIDConfiguration dbconfig = config.getDbRead().getMOAIDConfiguration(); + List<TransformsInfoType> authBlockTrans = dbconfig.getAuthComponentGeneral().getSecurityLayer().getTransformsInfo(); + + if (authBlockTrans != null && !authBlockTrans.isEmpty()) { + if (secLayerTransformation == null) + secLayerTransformation = new HashMap<String, byte[]>(); + for (TransformsInfoType el : authBlockTrans) + secLayerTransformation.put(el.getFilename(), el.getTransformation()); + + } + } + + } catch (Exception e) { + + } + } public void parse(MOAIDConfiguration config) { @@ -163,7 +186,26 @@ public class GeneralMOAIDConfig { if (authgen.isTrustManagerRevocationChecking() != null) trustmanagerrevocationcheck = authgen.isTrustManagerRevocationChecking(); - publicURLPrefix = authgen.getPublicURLPreFix(); + virtualPublicURLPrefixEnabled = + KeyValueUtils.isCSVValueString(authgen.getPublicURLPreFix()); + + if (virtualPublicURLPrefixEnabled) { + //format CSV values with newlines + publicURLPrefix = KeyValueUtils.normalizeCSVValueString( + authgen.getPublicURLPreFix()); + + } else { + String tmp = authgen.getPublicURLPreFix(); + if (tmp.contains(KeyValueUtils.CSV_DELIMITER)) { + //remove trailing comma if exist + publicURLPrefix = tmp.substring(0, + tmp.indexOf(KeyValueUtils.CSV_DELIMITER)); + + } else + publicURLPrefix = tmp; + } + + TimeOuts timeouts = authgen.getTimeOuts(); if (timeouts != null) { @@ -819,6 +861,7 @@ public class GeneralMOAIDConfig { * @return the secLayerTransformation */ public Map<String, byte[]> getSecLayerTransformation() { + return secLayerTransformation; } @@ -931,7 +974,12 @@ public class GeneralMOAIDConfig { * @param publicURLPrefix the publicURLPrefix to set */ public void setPublicURLPrefix(String publicURLPrefix) { - this.publicURLPrefix = publicURLPrefix; + if (MiscUtil.isNotEmpty(publicURLPrefix)) + this.publicURLPrefix = + KeyValueUtils.removeAllNewlineFromString(publicURLPrefix); + else + this.publicURLPrefix = publicURLPrefix; + } /** @@ -961,6 +1009,23 @@ public class GeneralMOAIDConfig { public void setMoaspssAuthTrustProfileTest(String moaspssAuthTrustProfileTest) { this.moaspssAuthTrustProfileTest = moaspssAuthTrustProfileTest; } + + /** + * @return the virtualPublicURLPrefixEnabled + */ + public boolean isVirtualPublicURLPrefixEnabled() { + return virtualPublicURLPrefixEnabled; + } + + /** + * @param virtualPublicURLPrefixEnabled the virtualPublicURLPrefixEnabled to set + */ + public void setVirtualPublicURLPrefixEnabled( + boolean virtualPublicURLPrefixEnabled) { + this.virtualPublicURLPrefixEnabled = virtualPublicURLPrefixEnabled; + } + + diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAAuthenticationData.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAAuthenticationData.java index 9b0172a24..d0232e86a 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAAuthenticationData.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAAuthenticationData.java @@ -31,17 +31,13 @@ import javax.servlet.http.HttpServletRequest; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.AuthComponentOA; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.BKUURLS; -import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.DefaultBKUs; -import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.MOAIDConfiguration; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.MOAKeyBoxSelector; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.Mandates; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OnlineApplication; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.TemplateType; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.TemplatesType; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.TestCredentials; -import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.TestCredentialsCredentialOIDItem; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.TransformsInfoType; -import at.gv.egovernment.moa.id.configuration.Constants; import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser; import at.gv.egovernment.moa.id.configuration.validation.oa.OAAuthenticationDataValidation; import at.gv.egovernment.moa.util.MiscUtil; diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OARevisionsLogData.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OARevisionsLogData.java index 441c879be..bb98d2e64 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OARevisionsLogData.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OARevisionsLogData.java @@ -27,10 +27,8 @@ import java.util.List; import javax.servlet.http.HttpServletRequest; -import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OnlineApplication; import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils; -import at.gv.egovernment.moa.id.config.webgui.exception.ValidationObjectIdentifier; import at.gv.egovernment.moa.id.config.webgui.helper.LanguageHelper; import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser; import at.gv.egovernment.moa.util.MiscUtil; diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicOAAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicOAAction.java index e092d9e13..9ddb41d83 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicOAAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicOAAction.java @@ -29,23 +29,21 @@ import java.io.File; import java.io.FileInputStream; import java.io.InputStream; import java.util.ArrayList; -import java.util.Date; +import java.util.Arrays; import java.util.LinkedHashMap; import java.util.List; import java.util.Map; import org.apache.log4j.Logger; -import edu.emory.mathcs.backport.java.util.Arrays; - import at.gv.egiz.components.configuration.meta.api.ConfigurationStorageException; import at.gv.egovernment.moa.id.auth.builder.LoginFormBuilder; import at.gv.egovernment.moa.id.commons.config.ConfigurationMigrationUtils; import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; +import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.MOAIDConfiguration; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OnlineApplication; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.STORK; -import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils; import at.gv.egovernment.moa.id.commons.validation.ValidationHelper; diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java index 725a2eded..504b598c0 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java @@ -23,9 +23,13 @@ package at.gv.egovernment.moa.id.configuration.struts.action; import java.math.BigInteger; -import java.util.*; - +import java.util.ArrayList; +import java.util.Arrays; +import java.util.List; +import java.util.Map; +import java.util.Set; +import org.apache.commons.lang3.StringUtils; import org.apache.log4j.Logger; import at.gv.egiz.components.configuration.meta.api.ConfigurationStorageException; @@ -58,6 +62,7 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.TimeOuts; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.TransformsInfoType; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.VerifyAuthBlock; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.VerifyIdentityLink; +import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils; import at.gv.egovernment.moa.id.commons.validation.ValidationHelper; import at.gv.egovernment.moa.id.configuration.Constants; import at.gv.egovernment.moa.id.configuration.data.GeneralMOAIDConfig; @@ -175,19 +180,21 @@ public class EditGeneralConfigAction extends BasicAction { } } - - - - String error = saveFormToDatabase(); - - session.setAttribute(Constants.SESSION_SLTRANSFORMATION, null); - + + String error = saveFormToDatabase(); if (error != null) { log.warn("General MOA-ID config can not be stored in Database"); - addActionError(error); - return Constants.STRUTS_SUCCESS; + + //set new formID + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + + addActionError(error); + return Constants.STRUTS_ERROR_VALIDATION; } + session.setAttribute(Constants.SESSION_SLTRANSFORMATION, null); + } else { addActionError(LanguageHelper.getErrorString("errors.notallowed", request)); return Constants.STRUTS_NOTALLOWED; @@ -251,13 +258,27 @@ public class EditGeneralConfigAction extends BasicAction { // if (oldauth != null) // oldauthgeneral = oldauth.getGeneralConfiguration(); - //set Public URL Prefix - String pubURLPrefix = moaconfig.getPublicURLPrefix(); - if(pubURLPrefix.endsWith("/")) { - int length = pubURLPrefix.length(); - pubURLPrefix = pubURLPrefix.substring(0, length-1); - } - dbauthgeneral.setPublicURLPreFix(pubURLPrefix); + //set Public URL Prefix + String pubURLPrefix = moaconfig.getPublicURLPrefix(); + if (moaconfig.isVirtualPublicURLPrefixEnabled()) { + dbauthgeneral.setPublicURLPreFix( + KeyValueUtils.normalizeCSVValueString(pubURLPrefix)); + + } else { + if (pubURLPrefix.contains(KeyValueUtils.CSV_DELIMITER)) { + dbauthgeneral.setPublicURLPreFix( + pubURLPrefix.trim().substring(0, + pubURLPrefix.indexOf(KeyValueUtils.CSV_DELIMITER))); + + } else + dbauthgeneral.setPublicURLPreFix( + StringUtils.chomp(pubURLPrefix.trim())); + + } + + dbauthgeneral.setVirtualPublicURLPrefixEnabled( + moaconfig.isVirtualPublicURLPrefixEnabled()); + // if (MiscUtil.isNotEmpty(moaconfig.getAlternativeSourceID())) // dbauthgeneral.setAlternativeSourceID(moaconfig.getAlternativeSourceID()); @@ -478,12 +499,18 @@ public class EditGeneralConfigAction extends BasicAction { if (MiscUtil.isNotEmpty(moaconfig.getDefaultBKUHandy())) dbbkus.setHandyBKU(moaconfig.getDefaultBKUHandy()); + else + dbbkus.setHandyBKU(new String()); if (MiscUtil.isNotEmpty(moaconfig.getDefaultBKUOnline())) dbbkus.setOnlineBKU(moaconfig.getDefaultBKUOnline()); + else + dbbkus.setOnlineBKU(new String()); if (MiscUtil.isNotEmpty(moaconfig.getDefaultBKULocal())) dbbkus.setLocalBKU(moaconfig.getDefaultBKULocal()); + else + dbbkus.setLocalBKU(new String()); ChainingModes dbchainingmodes = dbconfig.getChainingModes(); if (dbchainingmodes == null) { diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java index a2c5da247..a9889da9c 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java @@ -53,8 +53,6 @@ import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; import at.gv.egovernment.moa.id.util.Random; import at.gv.egovernment.moa.util.MiscUtil; -import com.fasterxml.jackson.core.JsonProcessingException; - public class ImportExportAction extends BasicAction { private static final Logger log = Logger.getLogger(ImportExportAction.class); @@ -150,7 +148,7 @@ public class ImportExportAction extends BasicAction { } - } catch (JsonProcessingException | JAXBException | FileNotFoundException e) { + } catch (JAXBException | FileNotFoundException e) { log.info("Legacy configuration has an Import Error", e); addActionError(LanguageHelper.getErrorString("errors.importexport.legacyimport", new Object[] {e.getMessage()}, request)); diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java index 040931b42..4fecd89c1 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java @@ -420,11 +420,11 @@ public class IndexAction extends BasicAction { String strAttributeName = attributes.get(x).getDOM().getAttribute("Name"); if (strAttributeName.equals(PVPConstants.PRINCIPAL_NAME_NAME)) { - user.setFamilyName(attributes.get(x).getAttributeValues().get(0).getDOM().getTextContent()); + user.setFamilyName(attributes.get(x).getAttributeValues().get(0).getDOM().getFirstChild().getNodeValue()); } if (strAttributeName.equals(PVPConstants.GIVEN_NAME_NAME)) { - user.setGivenName(attributes.get(x).getAttributeValues().get(0).getDOM().getTextContent()); + user.setGivenName(attributes.get(x).getAttributeValues().get(0).getDOM().getFirstChild().getNodeValue()); } if (strAttributeName.equals(PVPConstants.MANDATE_TYPE_NAME)) { @@ -432,7 +432,7 @@ public class IndexAction extends BasicAction { } if (strAttributeName.equals(PVPConstants.MANDATE_LEG_PER_FULL_NAME_NAME)) { - user.setInstitut(attributes.get(x).getAttributeValues().get(0).getDOM().getTextContent()); + user.setInstitut(attributes.get(x).getAttributeValues().get(0).getDOM().getFirstChild().getNodeValue()); } } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/InterfederationIDPAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/InterfederationIDPAction.java index 8be24edb4..384f0662f 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/InterfederationIDPAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/InterfederationIDPAction.java @@ -271,7 +271,7 @@ public class InterfederationIDPAction extends BasicOAAction { businessID = new IdentificationNumber(); onlineapplication.getAuthComponentOA().setIdentificationNumber(businessID); } - businessID.setValue(Constants.PREFIX_WPBK + "MOA-IDP"); + businessID.setValue(Constants.PREFIX_WPBK + "MOA-IDP+MOA-IDP"); } else onlineapplication.setTarget("MOA-IDP"); diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/SAML2Utils.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/SAML2Utils.java index fc310900e..eca4c05ef 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/SAML2Utils.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/SAML2Utils.java @@ -94,6 +94,26 @@ public class SAML2Utils { return document; } +// public static SignatureTrustEngine getSignatureKnownKeysTrustEngine() throws ConfigurationException { +// MetadataCredentialResolver resolver; +// +// resolver = new MetadataCredentialResolver(ConfigurationProvider.getInstance().getMetaDataProvier()); +// +// List<KeyInfoProvider> keyInfoProvider = new ArrayList<KeyInfoProvider>(); +// keyInfoProvider.add(new DSAKeyValueProvider()); +// keyInfoProvider.add(new RSAKeyValueProvider()); +// keyInfoProvider.add(new InlineX509DataProvider()); +// +// KeyInfoCredentialResolver keyInfoResolver = new BasicProviderKeyInfoCredentialResolver( +// keyInfoProvider); +// +// ExplicitKeySignatureTrustEngine engine = new ExplicitKeySignatureTrustEngine( +// resolver, keyInfoResolver); +// +// return engine; +// +// } + } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java index 95502cedb..d4e8e957d 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java @@ -28,10 +28,10 @@ import java.io.IOException; import java.util.ArrayList; import java.util.HashMap; import java.util.List; -import java.util.Map; import javax.servlet.http.HttpServletRequest; +import org.apache.commons.lang3.StringUtils; import org.apache.log4j.Logger; import at.gv.egovernment.moa.id.commons.validation.ValidationHelper; @@ -39,8 +39,6 @@ import at.gv.egovernment.moa.id.configuration.Constants; import at.gv.egovernment.moa.id.configuration.data.GeneralMOAIDConfig; import at.gv.egovernment.moa.id.configuration.data.pvp2.ContactForm; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; -import at.gv.egovernment.moa.id.configuration.helper.StringHelper; -import at.gv.egovernment.moa.id.configuration.validation.CompanyNumberValidator; import at.gv.egovernment.moa.util.Base64Utils; import at.gv.egovernment.moa.util.MiscUtil; @@ -66,14 +64,29 @@ public class MOAConfigValidator { check = form.getPublicURLPrefix(); if (MiscUtil.isNotEmpty(check)) { - if (!ValidationHelper.validateURL(check)) { - log.info("Public URL Prefix is not valid"); - errors.add(LanguageHelper.getErrorString("validation.general.publicURLprefix.valid", request)); - } + String[] publicURLPreFix = check.split(","); + if (form.isVirtualPublicURLPrefixEnabled()) { + for (String el : publicURLPreFix) { + if (!ValidationHelper.validateURL( + StringUtils.chomp(el.trim()))) { + log.info("Public URL Prefix " + el + " is not valid"); + errors.add(LanguageHelper.getErrorString("validation.general.publicURLprefix.valid", new Object[]{el}, request)); + } + } + + } else { + if (!ValidationHelper.validateURL( + StringUtils.chomp(publicURLPreFix[0].trim()))) { + log.info("Public URL Prefix " + publicURLPreFix[0] + " is not valid"); + errors.add(LanguageHelper.getErrorString("validation.general.publicURLprefix.valid", new Object[]{publicURLPreFix[0]}, request)); + + } + + } } else { log.info("PublicURL Prefix is empty."); errors.add(LanguageHelper.getErrorString("validation.general.publicURLprefix.empty", request)); - } + } check = form.getTimeoutAssertion(); if (MiscUtil.isNotEmpty(check)) { @@ -401,7 +414,7 @@ public class MOAConfigValidator { - if (form.getFileUploadFileName() != null) { + if (form.getFileUploadFileName() != null && !form.getFileUploadFileName().isEmpty()) { HashMap<String, byte[]> map = new HashMap<String, byte[]>(); for (int i=0; i<form.getFileUploadFileName().size(); i++) { String filename = form.getFileUploadFileName().get(i); @@ -426,7 +439,15 @@ public class MOAConfigValidator { } } } + form.setSecLayerTransformation(map); + + } else { + if (form.getSecLayerTransformation() == null) { + log.info("AuthBlock Transformation file is empty"); + errors.add(LanguageHelper.getErrorString("validation.general.slrequest.file.empty", request)); + + } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java index 35b69274f..6476ea1f1 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java @@ -43,6 +43,7 @@ import org.opensaml.saml2.metadata.provider.MetadataProviderException; import org.opensaml.xml.parse.BasicParserPool; import org.opensaml.xml.security.x509.BasicX509Credential; +import at.gv.egovernment.moa.id.commons.MOAIDConstants; import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; import at.gv.egovernment.moa.id.commons.ex.MOAHttpProtocolSocketFactoryException; import at.gv.egovernment.moa.id.commons.utils.MOAHttpProtocolSocketFactory; @@ -76,9 +77,20 @@ public class OAPVP2ConfigValidation { else { try { - //OracleDB does not allow the selection of a lob in SQL where expression - String dbDriver = ConfigurationProvider.getInstance().getConfigurationProperties().getProperty("hibernate.connection.driver_class"); - boolean backupVersion = MiscUtil.isNotEmpty(dbDriver) && dbDriver.startsWith("oracle.jdbc."); + //Some databases does not allow the selection of a lob in SQL where expression + String dbDriver = ConfigurationProvider.getInstance().getConfigurationProperties().getProperty("hibernate.connection.driver_class"); + boolean backupVersion = false; + if (MiscUtil.isNotEmpty(dbDriver)) { + for (String el:MOAIDConstants.JDBC_DRIVER_NEEDS_WORKAROUND) { + if (dbDriver.startsWith(el)) { + backupVersion = true; + log.debug("JDBC driver '" + dbDriver + + "' is blacklisted --> Switch to alternative DB access methode implementation."); + + } + + } + } Map<String, String> oa = ConfigurationProvider.getInstance().getDbRead().getOnlineApplicationKeyValueWithId(oaID, backupVersion); if (oa != null && diff --git a/id/ConfigWebTool/src/main/resources/applicationResources_de.properties b/id/ConfigWebTool/src/main/resources/applicationResources_de.properties index 5248690d6..ab404f65b 100644 --- a/id/ConfigWebTool/src/main/resources/applicationResources_de.properties +++ b/id/ConfigWebTool/src/main/resources/applicationResources_de.properties @@ -7,6 +7,8 @@ config.03=Hibernate Database connector can not be initialized config.04=OpenSAML (PVP2 Login) can not be initialized config.05=Configuration file not defined +error.initialization.pvplogin=PVP2 authentication can not be initialized. + error.title=Fehler: error.login.internal=W\u00E4hrend der Verarbeitung ist ein interner Fehler aufgetreten. Bitte Versuchen Sie es nocheinmal oder kontaktieren Sie den Administrator. error.general.text=W\u00E4hrend der Verarbeitung ist ein interner Fehler aufgetreten. Bitte Versuchen Sie es nocheinmal oder kontaktieren Sie den Administrator. @@ -38,6 +40,8 @@ error.oa.oauth.keystore=Keystore darf nicht leer sein und muss eine richtige URL error.oa.reversion.log.enabled=Es muss zumindest ein EventCode konfiguriert werden. error.oa.reversion.log.eventcodes=Eventcodes d\u00FCrfen nur Zahlen enthalten. +header.title=MOA-ID Konfiguration + mail.userrequest.subject=Accountanforderung MOA-ID 3.x Konfigurationstool webpages.slo.error=Der Abmeldevorgang bei allen Online-Applikationen war nicht erfolgreich. Bitte schlie \t\u00DFen Sie aus Sicherheitsgr\u00FCnden ihren Browser. @@ -48,7 +52,7 @@ webpages.index.header=Willkommen bei der MOA-ID 3.x Konfigurationsapplikation webpages.index.desciption.head=Um dieses Service nutzen zu k\u00F6nnen m\u00FCssen sie sich einloggen. webpages.index.login=Anmelden webpages.index.logout=Abmelden -webpages.index.login.pvp2=Anmeldung mit B\u00FCrgerkarte oder Handy-Signature +webpages.index.login.pvp2=Anmeldung mit B\u00FCrgerkarte oder Handy-Signatur webpages.index.login.notallowed=Entweder sind Benutzername oder Passwort sind nicht korrekt oder der Account wurde noch nicht aktiviert. webpages.index.username.unkown=Der Benutzer ist nicht bekannt. webpages.index.username.notactive=Der Benutzer wurde durch den Administrator noch nicht freigeschalten. @@ -123,6 +127,7 @@ webpages.inderfederation.gateway.entityID=EntityID des PVP Portals webpages.moaconfig.save.success=Die MOA-ID Konfiguration wurde erfolgreich gespeichert. webpages.moaconfig.header=Allgemeine Konfiguration webpages.oaconfig.general.publicURLPreFix=Public URL Prefix +webpages.moaconfig.general.virtualPublicURLPrefixEnabled=Virtuelle IDP aktivieren webpages.moaconfig.defaultbkus.header=Default BKUs webpages.moaconfig.slrequesttemplates.header=SecurityLayer Request Templates webpages.moaconfig.slrequesttemplates.local=Locale BKU @@ -182,6 +187,7 @@ webpages.moaconfig.sl.transormations.upload=Neue Transformation hochladen webpages.listOAs.list.elInfo=Type webpages.listOAs.list.first=Eindeutige Kennung webpages.listOAs.list.second=Name der Online-Applikation +webpages.listOAs.list.title=Meine Applikationen webpages.searchoa.header=Online-Applikation suchen webpages.searchoa.search.friendlyname=Name der Online-Applikation @@ -301,13 +307,13 @@ webpages.oaconfig.stork.attributes.mandatory=obligatorisch? webpages.oaconfig.stork.usestork=STORK Logon aktivieren webpages.moaconfig.stork.pepslist=C-PEPS Konfiguration webpages.moaconfig.stork.newpeps=Neuen PEPS konfigurieren -webpages.moaconfig.stork.removepeps=l\u00F6schen +webpages.moaconfig.stork.removepeps=L\u00F6schen webpages.moaconfig.stork.qaa.default=Standard QAA-Level ausw\u00E4hlen webpages.moaconfig.stork.attributes.heading=Attributkonfiguration webpages.moaconfig.stork.attributes.new=Neues Attribut hinzuf\u00FCgen webpages.moaconfig.stork.attributes.heading.name=Attributname webpages.moaconfig.stork.attributes.heading.mandatory=zwingend -webpages.moaconfig.stork.attributes.remove=l\u00F6schen +webpages.moaconfig.stork.attributes.remove=L\u00F6schen webpages.moaconfig.stork.qaa=Mindest-QAA-Level f\u00FCr diese OA ausw\u00E4hlen webpages.oaconfig.protocols.saml1.header=SAML1 Konfiguration @@ -354,7 +360,7 @@ webpages.edit.back=Zur\u00FCck und \u00C4nderungen verwerfen webpages.edit.delete=Online-Applikation l\u00F6schen webpages.header.info=Sie sind angemeldet als: -webpages.header.lastlogin=Letzte Anmeldung am: +webpages.header.lastlogin=Letzte Anmeldung: webpages.openadminrequests.header=Offene Antr\u00E4ge webpages.openadminrequests.users.header=Benutzeraccounts @@ -435,7 +441,8 @@ validation.general.szrgw.url.valid=Die URL des SZR Gateways hat kein g\u00F6ltig validation.general.trustedcacerts.empty=Das Feld TrustedCACertificates ist leer. validation.general.trustedcacerts.valid=Das Feld TrustedCACertificates enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0} validation.general.slrequest.filename.valid=Der Dateiname der angegebenen SecurtityLayer Transformation enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0} -validation.general.slrequest.file.valid=Die angegebenen SecurtityLayer Transformation konnte nicht geladen werden. +validation.general.slrequest.file.valid=Die angegebenen AuthBlock Transformation konnte nicht geladen werden. +validation.general.slrequest.file.empty=Die AuthBlock Transformation fehlt. validation.general.aditionalauthblocktext=Der Zusatztext f\u00FCr den AuthBlock enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0} validation.general.bku.handy.empty=Die URL f\u00FCr die Handy-BKU ist leer. diff --git a/id/ConfigWebTool/src/main/resources/applicationResources_en.properties b/id/ConfigWebTool/src/main/resources/applicationResources_en.properties index 22453ed2b..29db35a0e 100644 --- a/id/ConfigWebTool/src/main/resources/applicationResources_en.properties +++ b/id/ConfigWebTool/src/main/resources/applicationResources_en.properties @@ -7,6 +7,8 @@ config.03=Hibernate Database connector can not be initialized config.04=OpenSAML (PVP2 Login) can not be initialized config.05=Configuration file is not defined +error.initialization.pvplogin=PVP2 authentication can not be initialized. + error.title=Error: error.login.internal=The error occurred during the processing. Please try again or contact Administrator. error.general.text=During the processing the error condition occured. Please try again or contact the administrator. @@ -38,6 +40,8 @@ error.oa.oauth.keystore=Keystore cannot be blank and has to be provided in the f error.oa.reversion.log.enabled=One EventCode is required at minimum. error.oa.reversion.log.eventcodes=Only numbers are allowed as EventCodes +header.title=MOA-ID Configuration + mail.userrequest.subject=Requesting accounts - MOA-ID 3.x Config Tool @@ -122,6 +126,7 @@ webpages.inderfederation.gateway.entityID=PVP portal EntityID webpages.moaconfig.save.success=MOA-ID has been successfully saved. webpages.moaconfig.header=General configuration webpages.oaconfig.general.publicURLPreFix=Public URL Prefix +webpages.moaconfig.general.virtualPublicURLPrefixEnabled=Enable virtual IDPs webpages.moaconfig.defaultbkus.header=Default CCE webpages.moaconfig.slrequesttemplates.header=SecurityLayer Request Templates webpages.moaconfig.slrequesttemplates.local=Local CCE @@ -152,8 +157,8 @@ webpages.moaconfig.sso.PublicUrl=SSO Service URL-Prefix webpages.moaconfig.sso.FriendlyName=SSO Service Name webpages.moaconfig.services.sso.Target=SSO Service Target webpages.moaconfig.services.sso.SpecialText=SSO AuthBlockText -webpages.moaconfig.protocols.header=Logging -webpages.moaconfig.protocols.allowed.header=Activate logging +webpages.moaconfig.protocols.header=Authentication protocols +webpages.moaconfig.protocols.allowed.header=Activate protocols webpages.moaconfig.protocols.legacy.header=Activate Legacy Mode webpages.moaconfig.protocols.legacy.saml1=SAML1 webpages.moaconfig.protocols.legacy.pvp2=PVP2.1 @@ -181,6 +186,7 @@ webpages.moaconfig.sl.transormations.upload=Upload new transformations webpages.listOAs.list.elInfo=Type webpages.listOAs.list.first=Unique identifier webpages.listOAs.list.second=Name of the Online-Application +webpages.listOAs.list.title=My Applications webpages.searchoa.header=Find Online-Application webpages.searchoa.search.friendlyname=Name of the Online-Applikation @@ -299,13 +305,13 @@ webpages.oaconfig.stork.attributes.mandatory=mandatory? webpages.oaconfig.stork.enabledcpeps=activated target countries webpages.moaconfig.stork.pepslist=C-PEPS configuration webpages.moaconfig.stork.newpeps=Configure new PEPS -webpages.moaconfig.stork.removepeps=remove +webpages.moaconfig.stork.removepeps=Remove webpages.moaconfig.stork.qaa.default=Select standard QAA-Level webpages.moaconfig.stork.attributes.heading=Configuration of attributes webpages.moaconfig.stork.attributes.new=Add new attribute webpages.moaconfig.stork.attributes.heading.name=Name of attribute webpages.moaconfig.stork.attributes.heading.mandatory=mandatory -webpages.moaconfig.stork.attributes.remove=remove +webpages.moaconfig.stork.attributes.remove=Remove webpages.moaconfig.stork.qaa=Select minimal QAA-Level for current OA webpages.oaconfig.protocols.saml1.header=SAML1 configuration @@ -352,7 +358,7 @@ webpages.edit.back=Forget changes and go back webpages.edit.delete=Remove Online-Application webpages.header.info=You are logged in as: -webpages.header.lastlogin=Last login on: +webpages.header.lastlogin=Last login: webpages.openadminrequests.header=Active requests: webpages.openadminrequests.users.header=User accounts @@ -381,7 +387,7 @@ validation.edituser.bpk.valid=BPK contains forbidden characters. The following c validation.general.SAML1SourceID=SAML1SourceID contains forbidden characters. The following characters are not allowed\: {0} validation.general.publicURLprefix.empty=Public URL Prefix is blank. -validation.general.publicURLprefix.valid=Public URL Prefix has invalid format. +validation.general.publicURLprefix.valid=Public URL Prefix {0} has invalid format. validation.general.certStoreDirectory.empty=CertStoreDirectory is blank. validation.general.certStoreDirectory.valid=CertStoreDirectory Feld contains forbidden characters. The following characters are not allowed\: {0} validation.general.Defaultchainigmode.empty=There is no DefaultChainingMode selected. @@ -433,7 +439,8 @@ validation.general.szrgw.url.valid=URL for SZR Gateway has invalid format. validation.general.trustedcacerts.empty=Field TrustedCACertificates is blank. validation.general.trustedcacerts.valid=Das Feld TrustedCACertificates contains forbidden characters. The following characters are not allowed\: {0} validation.general.slrequest.filename.valid=File name of provided SecurityLayer Transformation contains forbidden characters. The following characters are not allowed\: {0} -validation.general.slrequest.file.valid=The provided SecurityLayer Transformation could not be loaded. +validation.general.slrequest.file.valid=The provided AuthBlock-Transformation is not loadable. +validation.general.slrequest.file.empty=No AuthBlock-Transformation found. validation.general.aditionalauthblocktext=The additional text for AuthBlock contains forbidden characters. The following characters are not allowed\: {0} validation.general.bku.handy.empty=URL for Mobile-CCE is blank. diff --git a/id/ConfigWebTool/src/main/webapp/css/bootstrap.css b/id/ConfigWebTool/src/main/webapp/css/bootstrap.css new file mode 100644 index 000000000..a664030ea --- /dev/null +++ b/id/ConfigWebTool/src/main/webapp/css/bootstrap.css @@ -0,0 +1,4882 @@ +/*! + * Bootstrap v3.3.5 (http://getbootstrap.com) + * Copyright 2011-2015 Twitter, Inc. + * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE) + */ + +/*! + * Generated using the Bootstrap Customizer (http://getbootstrap.com/customize/?id=f0f1940e0dcdeb4dd69c) + * Config saved to config.json and https://gist.github.com/f0f1940e0dcdeb4dd69c + */ +/*! + * Bootstrap v3.3.5 (http://getbootstrap.com) + * Copyright 2011-2015 Twitter, Inc. + * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE) + */ +/*! normalize.css v3.0.3 | MIT License | github.com/necolas/normalize.css */ +html { + font-family: sans-serif; + -ms-text-size-adjust: 100%; + -webkit-text-size-adjust: 100%; +} +body { + margin: 0; +} +article, +aside, +details, +figcaption, +figure, +footer, +header, +hgroup, +main, +menu, +nav, +section, +summary { + display: block; +} +audio, +canvas, +progress, +video { + display: inline-block; + vertical-align: baseline; +} +audio:not([controls]) { + display: none; + height: 0; +} +[hidden], +template { + display: none; +} +a { + background-color: transparent; +} +a:active, +a:hover { + outline: 0; +} +abbr[title] { + border-bottom: 1px dotted; +} +b, +strong { + font-weight: bold; +} +dfn { + font-style: italic; +} +h1 { + font-size: 2em; + margin: 0.67em 0; +} +mark { + background: #ff0; + color: #000; +} +small { + font-size: 80%; +} +sub, +sup { + font-size: 75%; + line-height: 0; + position: relative; + vertical-align: baseline; +} +sup { + top: -0.5em; +} +sub { + bottom: -0.25em; +} +img { + border: 0; +} +svg:not(:root) { + overflow: hidden; +} +figure { + margin: 1em 40px; +} +hr { + -webkit-box-sizing: content-box; + -moz-box-sizing: content-box; + box-sizing: content-box; + height: 0; +} +pre { + overflow: auto; +} +code, +kbd, +pre, +samp { + font-family: monospace, monospace; + font-size: 1em; +} +button, +input, +optgroup, +select, +textarea { + color: inherit; + font: inherit; + margin: 0; +} +button { + overflow: visible; +} +button, +select { + text-transform: none; +} +button, +html input[type="button"], +input[type="reset"], +input[type="submit"] { + -webkit-appearance: button; + cursor: pointer; +} +button[disabled], +html input[disabled] { + cursor: default; +} +button::-moz-focus-inner, +input::-moz-focus-inner { + border: 0; + padding: 0; +} +input { + line-height: normal; +} +input[type="checkbox"], +input[type="radio"] { + -webkit-box-sizing: border-box; + -moz-box-sizing: border-box; + box-sizing: border-box; + padding: 0; +} +input[type="number"]::-webkit-inner-spin-button, +input[type="number"]::-webkit-outer-spin-button { + height: auto; +} +input[type="search"] { + -webkit-appearance: textfield; + -webkit-box-sizing: content-box; + -moz-box-sizing: content-box; + box-sizing: content-box; +} +input[type="search"]::-webkit-search-cancel-button, +input[type="search"]::-webkit-search-decoration { + -webkit-appearance: none; +} +fieldset { + border: 1px solid #c0c0c0; + margin: 0 2px; + padding: 0.35em 0.625em 0.75em; +} +legend { + border: 0; + padding: 0; +} +textarea { + overflow: auto; +} +optgroup { + font-weight: bold; +} +table { + border-collapse: collapse; + border-spacing: 0; +} +td, +th { + padding: 0; +} +@font-face { + font-family: 'Glyphicons Halflings'; + src: url('../fonts/glyphicons-halflings-regular.eot'); + src: url('../fonts/glyphicons-halflings-regular.eot?#iefix') format('embedded-opentype'), url('../fonts/glyphicons-halflings-regular.woff2') format('woff2'), url('../fonts/glyphicons-halflings-regular.woff') format('woff'), url('../fonts/glyphicons-halflings-regular.ttf') format('truetype'), url('../fonts/glyphicons-halflings-regular.svg#glyphicons_halflingsregular') format('svg'); +} +.glyphicon { + position: relative; + top: 1px; + display: inline-block; + font-family: 'Glyphicons Halflings'; + font-style: normal; + font-weight: normal; + line-height: 1; + -webkit-font-smoothing: antialiased; + -moz-osx-font-smoothing: grayscale; +} +.glyphicon-asterisk:before { + content: "\2a"; +} +.glyphicon-plus:before { + content: "\2b"; +} +.glyphicon-euro:before, +.glyphicon-eur:before { + content: "\20ac"; +} +.glyphicon-minus:before { + content: "\2212"; +} +.glyphicon-cloud:before { + content: "\2601"; +} +.glyphicon-envelope:before { + content: "\2709"; +} +.glyphicon-pencil:before { + content: "\270f"; +} +.glyphicon-glass:before { + content: "\e001"; +} +.glyphicon-music:before { + content: "\e002"; +} +.glyphicon-search:before { + content: "\e003"; +} +.glyphicon-heart:before { + content: "\e005"; +} +.glyphicon-star:before { + content: "\e006"; +} +.glyphicon-star-empty:before { + content: "\e007"; +} +.glyphicon-user:before { + content: "\e008"; +} +.glyphicon-film:before { + content: "\e009"; +} +.glyphicon-th-large:before { + content: "\e010"; +} +.glyphicon-th:before { + content: "\e011"; +} +.glyphicon-th-list:before { + content: "\e012"; +} +.glyphicon-ok:before { + content: "\e013"; +} +.glyphicon-remove:before { + content: "\e014"; +} +.glyphicon-zoom-in:before { + content: "\e015"; +} +.glyphicon-zoom-out:before { + content: "\e016"; +} +.glyphicon-off:before { + content: "\e017"; +} +.glyphicon-signal:before { + content: "\e018"; +} +.glyphicon-cog:before { + content: "\e019"; +} +.glyphicon-trash:before { + content: "\e020"; +} +.glyphicon-home:before { + content: "\e021"; +} +.glyphicon-file:before { + content: "\e022"; +} +.glyphicon-time:before { + content: "\e023"; +} +.glyphicon-road:before { + content: "\e024"; +} +.glyphicon-download-alt:before { + content: "\e025"; +} +.glyphicon-download:before { + content: "\e026"; +} +.glyphicon-upload:before { + content: "\e027"; +} +.glyphicon-inbox:before { + content: "\e028"; +} +.glyphicon-play-circle:before { + content: "\e029"; +} +.glyphicon-repeat:before { + content: "\e030"; +} +.glyphicon-refresh:before { + content: "\e031"; +} +.glyphicon-list-alt:before { + content: "\e032"; +} +.glyphicon-lock:before { + content: "\e033"; +} +.glyphicon-flag:before { + content: "\e034"; +} +.glyphicon-headphones:before { + content: "\e035"; +} +.glyphicon-volume-off:before { + content: "\e036"; +} +.glyphicon-volume-down:before { + content: "\e037"; +} +.glyphicon-volume-up:before { + content: "\e038"; +} +.glyphicon-qrcode:before { + content: "\e039"; +} +.glyphicon-barcode:before { + content: "\e040"; +} +.glyphicon-tag:before { + content: "\e041"; +} +.glyphicon-tags:before { + content: "\e042"; +} +.glyphicon-book:before { + content: "\e043"; +} +.glyphicon-bookmark:before { + content: "\e044"; +} +.glyphicon-print:before { + content: "\e045"; +} +.glyphicon-camera:before { + content: "\e046"; +} +.glyphicon-font:before { + content: "\e047"; +} +.glyphicon-bold:before { + content: "\e048"; +} +.glyphicon-italic:before { + content: "\e049"; +} +.glyphicon-text-height:before { + content: "\e050"; +} +.glyphicon-text-width:before { + content: "\e051"; +} +.glyphicon-align-left:before { + content: "\e052"; +} +.glyphicon-align-center:before { + content: "\e053"; +} +.glyphicon-align-right:before { + content: "\e054"; +} +.glyphicon-align-justify:before { + content: "\e055"; +} +.glyphicon-list:before { + content: "\e056"; +} +.glyphicon-indent-left:before { + content: "\e057"; +} +.glyphicon-indent-right:before { + content: "\e058"; +} +.glyphicon-facetime-video:before { + content: "\e059"; +} +.glyphicon-picture:before { + content: "\e060"; +} +.glyphicon-map-marker:before { + content: "\e062"; +} +.glyphicon-adjust:before { + content: "\e063"; +} +.glyphicon-tint:before { + content: "\e064"; +} +.glyphicon-edit:before { + content: "\e065"; +} +.glyphicon-share:before { + content: "\e066"; +} +.glyphicon-check:before { + content: "\e067"; +} +.glyphicon-move:before { + content: "\e068"; +} +.glyphicon-step-backward:before { + content: "\e069"; +} +.glyphicon-fast-backward:before { + content: "\e070"; +} +.glyphicon-backward:before { + content: "\e071"; +} +.glyphicon-play:before { + content: "\e072"; +} +.glyphicon-pause:before { + content: "\e073"; +} +.glyphicon-stop:before { + content: "\e074"; +} +.glyphicon-forward:before { + content: "\e075"; +} +.glyphicon-fast-forward:before { + content: "\e076"; +} +.glyphicon-step-forward:before { + content: "\e077"; +} +.glyphicon-eject:before { + content: "\e078"; +} +.glyphicon-chevron-left:before { + content: "\e079"; +} +.glyphicon-chevron-right:before { + content: "\e080"; +} +.glyphicon-plus-sign:before { + content: "\e081"; +} +.glyphicon-minus-sign:before { + content: "\e082"; +} +.glyphicon-remove-sign:before { + content: "\e083"; +} +.glyphicon-ok-sign:before { + content: "\e084"; +} +.glyphicon-question-sign:before { + content: "\e085"; +} +.glyphicon-info-sign:before { + content: "\e086"; +} +.glyphicon-screenshot:before { + content: "\e087"; +} +.glyphicon-remove-circle:before { + content: "\e088"; +} +.glyphicon-ok-circle:before { + content: "\e089"; +} +.glyphicon-ban-circle:before { + content: "\e090"; +} +.glyphicon-arrow-left:before { + content: "\e091"; +} +.glyphicon-arrow-right:before { + content: "\e092"; +} +.glyphicon-arrow-up:before { + content: "\e093"; +} +.glyphicon-arrow-down:before { + content: "\e094"; +} +.glyphicon-share-alt:before { + content: "\e095"; +} +.glyphicon-resize-full:before { + content: "\e096"; +} +.glyphicon-resize-small:before { + content: "\e097"; +} +.glyphicon-exclamation-sign:before { + content: "\e101"; +} +.glyphicon-gift:before { + content: "\e102"; +} +.glyphicon-leaf:before { + content: "\e103"; +} +.glyphicon-fire:before { + content: "\e104"; +} +.glyphicon-eye-open:before { + content: "\e105"; +} +.glyphicon-eye-close:before { + content: "\e106"; +} +.glyphicon-warning-sign:before { + content: "\e107"; +} +.glyphicon-plane:before { + content: "\e108"; +} +.glyphicon-calendar:before { + content: "\e109"; +} +.glyphicon-random:before { + content: "\e110"; +} +.glyphicon-comment:before { + content: "\e111"; +} +.glyphicon-magnet:before { + content: "\e112"; +} +.glyphicon-chevron-up:before { + content: "\e113"; +} +.glyphicon-chevron-down:before { + content: "\e114"; +} +.glyphicon-retweet:before { + content: "\e115"; +} +.glyphicon-shopping-cart:before { + content: "\e116"; +} +.glyphicon-folder-close:before { + content: "\e117"; +} +.glyphicon-folder-open:before { + content: "\e118"; +} +.glyphicon-resize-vertical:before { + content: "\e119"; +} +.glyphicon-resize-horizontal:before { + content: "\e120"; +} +.glyphicon-hdd:before { + content: "\e121"; +} +.glyphicon-bullhorn:before { + content: "\e122"; +} +.glyphicon-bell:before { + content: "\e123"; +} +.glyphicon-certificate:before { + content: "\e124"; +} +.glyphicon-thumbs-up:before { + content: "\e125"; +} +.glyphicon-thumbs-down:before { + content: "\e126"; +} +.glyphicon-hand-right:before { + content: "\e127"; +} +.glyphicon-hand-left:before { + content: "\e128"; +} +.glyphicon-hand-up:before { + content: "\e129"; +} +.glyphicon-hand-down:before { + content: "\e130"; +} +.glyphicon-circle-arrow-right:before { + content: "\e131"; +} +.glyphicon-circle-arrow-left:before { + content: "\e132"; +} +.glyphicon-circle-arrow-up:before { + content: "\e133"; +} +.glyphicon-circle-arrow-down:before { + content: "\e134"; +} +.glyphicon-globe:before { + content: "\e135"; +} +.glyphicon-wrench:before { + content: "\e136"; +} +.glyphicon-tasks:before { + content: "\e137"; +} +.glyphicon-filter:before { + content: "\e138"; +} +.glyphicon-briefcase:before { + content: "\e139"; +} +.glyphicon-fullscreen:before { + content: "\e140"; +} +.glyphicon-dashboard:before { + content: "\e141"; +} +.glyphicon-paperclip:before { + content: "\e142"; +} +.glyphicon-heart-empty:before { + content: "\e143"; +} +.glyphicon-link:before { + content: "\e144"; +} +.glyphicon-phone:before { + content: "\e145"; +} +.glyphicon-pushpin:before { + content: "\e146"; +} +.glyphicon-usd:before { + content: "\e148"; +} +.glyphicon-gbp:before { + content: "\e149"; +} +.glyphicon-sort:before { + content: "\e150"; +} +.glyphicon-sort-by-alphabet:before { + content: "\e151"; +} +.glyphicon-sort-by-alphabet-alt:before { + content: "\e152"; +} +.glyphicon-sort-by-order:before { + content: "\e153"; +} +.glyphicon-sort-by-order-alt:before { + content: "\e154"; +} +.glyphicon-sort-by-attributes:before { + content: "\e155"; +} +.glyphicon-sort-by-attributes-alt:before { + content: "\e156"; +} +.glyphicon-unchecked:before { + content: "\e157"; +} +.glyphicon-expand:before { + content: "\e158"; +} +.glyphicon-collapse-down:before { + content: "\e159"; +} +.glyphicon-collapse-up:before { + content: "\e160"; +} +.glyphicon-log-in:before { + content: "\e161"; +} +.glyphicon-flash:before { + content: "\e162"; +} +.glyphicon-log-out:before { + content: "\e163"; +} +.glyphicon-new-window:before { + content: "\e164"; +} +.glyphicon-record:before { + content: "\e165"; +} +.glyphicon-save:before { + content: "\e166"; +} +.glyphicon-open:before { + content: "\e167"; +} +.glyphicon-saved:before { + content: "\e168"; +} +.glyphicon-import:before { + content: "\e169"; +} +.glyphicon-export:before { + content: "\e170"; +} +.glyphicon-send:before { + content: "\e171"; +} +.glyphicon-floppy-disk:before { + content: "\e172"; +} +.glyphicon-floppy-saved:before { + content: "\e173"; +} +.glyphicon-floppy-remove:before { + content: "\e174"; +} +.glyphicon-floppy-save:before { + content: "\e175"; +} +.glyphicon-floppy-open:before { + content: "\e176"; +} +.glyphicon-credit-card:before { + content: "\e177"; +} +.glyphicon-transfer:before { + content: "\e178"; +} +.glyphicon-cutlery:before { + content: "\e179"; +} +.glyphicon-header:before { + content: "\e180"; +} +.glyphicon-compressed:before { + content: "\e181"; +} +.glyphicon-earphone:before { + content: "\e182"; +} +.glyphicon-phone-alt:before { + content: "\e183"; +} +.glyphicon-tower:before { + content: "\e184"; +} +.glyphicon-stats:before { + content: "\e185"; +} +.glyphicon-sd-video:before { + content: "\e186"; +} +.glyphicon-hd-video:before { + content: "\e187"; +} +.glyphicon-subtitles:before { + content: "\e188"; +} +.glyphicon-sound-stereo:before { + content: "\e189"; +} +.glyphicon-sound-dolby:before { + content: "\e190"; +} +.glyphicon-sound-5-1:before { + content: "\e191"; +} +.glyphicon-sound-6-1:before { + content: "\e192"; +} +.glyphicon-sound-7-1:before { + content: "\e193"; +} +.glyphicon-copyright-mark:before { + content: "\e194"; +} +.glyphicon-registration-mark:before { + content: "\e195"; +} +.glyphicon-cloud-download:before { + content: "\e197"; +} +.glyphicon-cloud-upload:before { + content: "\e198"; +} +.glyphicon-tree-conifer:before { + content: "\e199"; +} +.glyphicon-tree-deciduous:before { + content: "\e200"; +} +.glyphicon-cd:before { + content: "\e201"; +} +.glyphicon-save-file:before { + content: "\e202"; +} +.glyphicon-open-file:before { + content: "\e203"; +} +.glyphicon-level-up:before { + content: "\e204"; +} +.glyphicon-copy:before { + content: "\e205"; +} +.glyphicon-paste:before { + content: "\e206"; +} +.glyphicon-alert:before { + content: "\e209"; +} +.glyphicon-equalizer:before { + content: "\e210"; +} +.glyphicon-king:before { + content: "\e211"; +} +.glyphicon-queen:before { + content: "\e212"; +} +.glyphicon-pawn:before { + content: "\e213"; +} +.glyphicon-bishop:before { + content: "\e214"; +} +.glyphicon-knight:before { + content: "\e215"; +} +.glyphicon-baby-formula:before { + content: "\e216"; +} +.glyphicon-tent:before { + content: "\26fa"; +} +.glyphicon-blackboard:before { + content: "\e218"; +} +.glyphicon-bed:before { + content: "\e219"; +} +.glyphicon-apple:before { + content: "\f8ff"; +} +.glyphicon-erase:before { + content: "\e221"; +} +.glyphicon-hourglass:before { + content: "\231b"; +} +.glyphicon-lamp:before { + content: "\e223"; +} +.glyphicon-duplicate:before { + content: "\e224"; +} +.glyphicon-piggy-bank:before { + content: "\e225"; +} +.glyphicon-scissors:before { + content: "\e226"; +} +.glyphicon-bitcoin:before { + content: "\e227"; +} +.glyphicon-btc:before { + content: "\e227"; +} +.glyphicon-xbt:before { + content: "\e227"; +} +.glyphicon-yen:before { + content: "\00a5"; +} +.glyphicon-jpy:before { + content: "\00a5"; +} +.glyphicon-ruble:before { + content: "\20bd"; +} +.glyphicon-rub:before { + content: "\20bd"; +} +.glyphicon-scale:before { + content: "\e230"; +} +.glyphicon-ice-lolly:before { + content: "\e231"; +} +.glyphicon-ice-lolly-tasted:before { + content: "\e232"; +} +.glyphicon-education:before { + content: "\e233"; +} +.glyphicon-option-horizontal:before { + content: "\e234"; +} +.glyphicon-option-vertical:before { + content: "\e235"; +} +.glyphicon-menu-hamburger:before { + content: "\e236"; +} +.glyphicon-modal-window:before { + content: "\e237"; +} +.glyphicon-oil:before { + content: "\e238"; +} +.glyphicon-grain:before { + content: "\e239"; +} +.glyphicon-sunglasses:before { + content: "\e240"; +} +.glyphicon-text-size:before { + content: "\e241"; +} +.glyphicon-text-color:before { + content: "\e242"; +} +.glyphicon-text-background:before { + content: "\e243"; +} +.glyphicon-object-align-top:before { + content: "\e244"; +} +.glyphicon-object-align-bottom:before { + content: "\e245"; +} +.glyphicon-object-align-horizontal:before { + content: "\e246"; +} +.glyphicon-object-align-left:before { + content: "\e247"; +} +.glyphicon-object-align-vertical:before { + content: "\e248"; +} +.glyphicon-object-align-right:before { + content: "\e249"; +} +.glyphicon-triangle-right:before { + content: "\e250"; +} +.glyphicon-triangle-left:before { + content: "\e251"; +} +.glyphicon-triangle-bottom:before { + content: "\e252"; +} +.glyphicon-triangle-top:before { + content: "\e253"; +} +.glyphicon-console:before { + content: "\e254"; +} +.glyphicon-superscript:before { + content: "\e255"; +} +.glyphicon-subscript:before { + content: "\e256"; +} +.glyphicon-menu-left:before { + content: "\e257"; +} +.glyphicon-menu-right:before { + content: "\e258"; +} +.glyphicon-menu-down:before { + content: "\e259"; +} +.glyphicon-menu-up:before { + content: "\e260"; +} +* { + -webkit-box-sizing: border-box; + -moz-box-sizing: border-box; + box-sizing: border-box; +} +*:before, +*:after { + -webkit-box-sizing: border-box; + -moz-box-sizing: border-box; + box-sizing: border-box; +} +html { + font-size: 10px; + -webkit-tap-highlight-color: rgba(0, 0, 0, 0); +} +body { + font-family: "Helvetica Neue", Helvetica, Arial, sans-serif; + font-size: 14px; + line-height: 1.42857143; + color: #333333; + background-color: #ffffff; +} +input, +button, +select, +textarea { + font-family: inherit; + font-size: inherit; + line-height: inherit; +} +a { + color: #337ab7; + text-decoration: none; +} +a:hover, +a:focus { + color: #23527c; + text-decoration: underline; +} +a:focus { + outline: thin dotted; + outline: 5px auto -webkit-focus-ring-color; + outline-offset: -2px; +} +figure { + margin: 0; +} +img { + vertical-align: middle; +} +.img-responsive, +.thumbnail > img, +.thumbnail a > img { + display: block; + max-width: 100%; + height: auto; +} +.img-rounded { + border-radius: 6px; +} +.img-thumbnail { + padding: 4px; + line-height: 1.42857143; + background-color: #ffffff; + border: 1px solid #dddddd; + border-radius: 4px; + -webkit-transition: all 0.2s ease-in-out; + -o-transition: all 0.2s ease-in-out; + transition: all 0.2s ease-in-out; + display: inline-block; + max-width: 100%; + height: auto; +} +.img-circle { + border-radius: 50%; +} +hr { + margin-top: 20px; + margin-bottom: 20px; + border: 0; + border-top: 1px solid #eeeeee; +} +.sr-only { + position: absolute; + width: 1px; + height: 1px; + margin: -1px; + padding: 0; + overflow: hidden; + clip: rect(0, 0, 0, 0); + border: 0; +} +.sr-only-focusable:active, +.sr-only-focusable:focus { + position: static; + width: auto; + height: auto; + margin: 0; + overflow: visible; + clip: auto; +} +[role="button"] { + cursor: pointer; +} +.container { + margin-right: auto; + margin-left: auto; + padding-left: 15px; + padding-right: 15px; +} +@media (min-width: 768px) { + .container { + width: 750px; + } +} +@media (min-width: 992px) { + .container { + width: 970px; + } +} +@media (min-width: 1200px) { + .container { + width: 1170px; + } +} +.container-fluid { + margin-right: auto; + margin-left: auto; + padding-left: 15px; + padding-right: 15px; +} +.row { + margin-left: -15px; + margin-right: -15px; +} +.col-xs-1, .col-sm-1, .col-md-1, .col-lg-1, .col-xs-2, .col-sm-2, .col-md-2, .col-lg-2, .col-xs-3, .col-sm-3, .col-md-3, .col-lg-3, .col-xs-4, .col-sm-4, .col-md-4, .col-lg-4, .col-xs-5, .col-sm-5, .col-md-5, .col-lg-5, .col-xs-6, .col-sm-6, .col-md-6, .col-lg-6, .col-xs-7, .col-sm-7, .col-md-7, .col-lg-7, .col-xs-8, .col-sm-8, .col-md-8, .col-lg-8, .col-xs-9, .col-sm-9, .col-md-9, .col-lg-9, .col-xs-10, .col-sm-10, .col-md-10, .col-lg-10, .col-xs-11, .col-sm-11, .col-md-11, .col-lg-11, .col-xs-12, .col-sm-12, .col-md-12, .col-lg-12 { + position: relative; + min-height: 1px; + padding-left: 15px; + padding-right: 15px; +} +.col-xs-1, .col-xs-2, .col-xs-3, .col-xs-4, .col-xs-5, .col-xs-6, .col-xs-7, .col-xs-8, .col-xs-9, .col-xs-10, .col-xs-11, .col-xs-12 { + float: left; +} +.col-xs-12 { + width: 100%; +} +.col-xs-11 { + width: 91.66666667%; +} +.col-xs-10 { + width: 83.33333333%; +} +.col-xs-9 { + width: 75%; +} +.col-xs-8 { + width: 66.66666667%; +} +.col-xs-7 { + width: 58.33333333%; +} +.col-xs-6 { + width: 50%; +} +.col-xs-5 { + width: 41.66666667%; +} +.col-xs-4 { + width: 33.33333333%; +} +.col-xs-3 { + width: 25%; +} +.col-xs-2 { + width: 16.66666667%; +} +.col-xs-1 { + width: 8.33333333%; +} +.col-xs-pull-12 { + right: 100%; +} +.col-xs-pull-11 { + right: 91.66666667%; +} +.col-xs-pull-10 { + right: 83.33333333%; +} +.col-xs-pull-9 { + right: 75%; +} +.col-xs-pull-8 { + right: 66.66666667%; +} +.col-xs-pull-7 { + right: 58.33333333%; +} +.col-xs-pull-6 { + right: 50%; +} +.col-xs-pull-5 { + right: 41.66666667%; +} +.col-xs-pull-4 { + right: 33.33333333%; +} +.col-xs-pull-3 { + right: 25%; +} +.col-xs-pull-2 { + right: 16.66666667%; +} +.col-xs-pull-1 { + right: 8.33333333%; +} +.col-xs-pull-0 { + right: auto; +} +.col-xs-push-12 { + left: 100%; +} +.col-xs-push-11 { + left: 91.66666667%; +} +.col-xs-push-10 { + left: 83.33333333%; +} +.col-xs-push-9 { + left: 75%; +} +.col-xs-push-8 { + left: 66.66666667%; +} +.col-xs-push-7 { + left: 58.33333333%; +} +.col-xs-push-6 { + left: 50%; +} +.col-xs-push-5 { + left: 41.66666667%; +} +.col-xs-push-4 { + left: 33.33333333%; +} +.col-xs-push-3 { + left: 25%; +} +.col-xs-push-2 { + left: 16.66666667%; +} +.col-xs-push-1 { + left: 8.33333333%; +} +.col-xs-push-0 { + left: auto; +} +.col-xs-offset-12 { + margin-left: 100%; +} +.col-xs-offset-11 { + margin-left: 91.66666667%; +} +.col-xs-offset-10 { + margin-left: 83.33333333%; +} +.col-xs-offset-9 { + margin-left: 75%; +} +.col-xs-offset-8 { + margin-left: 66.66666667%; +} +.col-xs-offset-7 { + margin-left: 58.33333333%; +} +.col-xs-offset-6 { + margin-left: 50%; +} +.col-xs-offset-5 { + margin-left: 41.66666667%; +} +.col-xs-offset-4 { + margin-left: 33.33333333%; +} +.col-xs-offset-3 { + margin-left: 25%; +} +.col-xs-offset-2 { + margin-left: 16.66666667%; +} +.col-xs-offset-1 { + margin-left: 8.33333333%; +} +.col-xs-offset-0 { + margin-left: 0%; +} +@media (min-width: 768px) { + .col-sm-1, .col-sm-2, .col-sm-3, .col-sm-4, .col-sm-5, .col-sm-6, .col-sm-7, .col-sm-8, .col-sm-9, .col-sm-10, .col-sm-11, .col-sm-12 { + float: left; + } + .col-sm-12 { + width: 100%; + } + .col-sm-11 { + width: 91.66666667%; + } + .col-sm-10 { + width: 83.33333333%; + } + .col-sm-9 { + width: 75%; + } + .col-sm-8 { + width: 66.66666667%; + } + .col-sm-7 { + width: 58.33333333%; + } + .col-sm-6 { + width: 50%; + } + .col-sm-5 { + width: 41.66666667%; + } + .col-sm-4 { + width: 33.33333333%; + } + .col-sm-3 { + width: 25%; + } + .col-sm-2 { + width: 16.66666667%; + } + .col-sm-1 { + width: 8.33333333%; + } + .col-sm-pull-12 { + right: 100%; + } + .col-sm-pull-11 { + right: 91.66666667%; + } + .col-sm-pull-10 { + right: 83.33333333%; + } + .col-sm-pull-9 { + right: 75%; + } + .col-sm-pull-8 { + right: 66.66666667%; + } + .col-sm-pull-7 { + right: 58.33333333%; + } + .col-sm-pull-6 { + right: 50%; + } + .col-sm-pull-5 { + right: 41.66666667%; + } + .col-sm-pull-4 { + right: 33.33333333%; + } + .col-sm-pull-3 { + right: 25%; + } + .col-sm-pull-2 { + right: 16.66666667%; + } + .col-sm-pull-1 { + right: 8.33333333%; + } + .col-sm-pull-0 { + right: auto; + } + .col-sm-push-12 { + left: 100%; + } + .col-sm-push-11 { + left: 91.66666667%; + } + .col-sm-push-10 { + left: 83.33333333%; + } + .col-sm-push-9 { + left: 75%; + } + .col-sm-push-8 { + left: 66.66666667%; + } + .col-sm-push-7 { + left: 58.33333333%; + } + .col-sm-push-6 { + left: 50%; + } + .col-sm-push-5 { + left: 41.66666667%; + } + .col-sm-push-4 { + left: 33.33333333%; + } + .col-sm-push-3 { + left: 25%; + } + .col-sm-push-2 { + left: 16.66666667%; + } + .col-sm-push-1 { + left: 8.33333333%; + } + .col-sm-push-0 { + left: auto; + } + .col-sm-offset-12 { + margin-left: 100%; + } + .col-sm-offset-11 { + margin-left: 91.66666667%; + } + .col-sm-offset-10 { + margin-left: 83.33333333%; + } + .col-sm-offset-9 { + margin-left: 75%; + } + .col-sm-offset-8 { + margin-left: 66.66666667%; + } + .col-sm-offset-7 { + margin-left: 58.33333333%; + } + .col-sm-offset-6 { + margin-left: 50%; + } + .col-sm-offset-5 { + margin-left: 41.66666667%; + } + .col-sm-offset-4 { + margin-left: 33.33333333%; + } + .col-sm-offset-3 { + margin-left: 25%; + } + .col-sm-offset-2 { + margin-left: 16.66666667%; + } + .col-sm-offset-1 { + margin-left: 8.33333333%; + } + .col-sm-offset-0 { + margin-left: 0%; + } +} +@media (min-width: 992px) { + .col-md-1, .col-md-2, .col-md-3, .col-md-4, .col-md-5, .col-md-6, .col-md-7, .col-md-8, .col-md-9, .col-md-10, .col-md-11, .col-md-12 { + float: left; + } + .col-md-12 { + width: 100%; + } + .col-md-11 { + width: 91.66666667%; + } + .col-md-10 { + width: 83.33333333%; + } + .col-md-9 { + width: 75%; + } + .col-md-8 { + width: 66.66666667%; + } + .col-md-7 { + width: 58.33333333%; + } + .col-md-6 { + width: 50%; + } + .col-md-5 { + width: 41.66666667%; + } + .col-md-4 { + width: 33.33333333%; + } + .col-md-3 { + width: 25%; + } + .col-md-2 { + width: 16.66666667%; + } + .col-md-1 { + width: 8.33333333%; + } + .col-md-pull-12 { + right: 100%; + } + .col-md-pull-11 { + right: 91.66666667%; + } + .col-md-pull-10 { + right: 83.33333333%; + } + .col-md-pull-9 { + right: 75%; + } + .col-md-pull-8 { + right: 66.66666667%; + } + .col-md-pull-7 { + right: 58.33333333%; + } + .col-md-pull-6 { + right: 50%; + } + .col-md-pull-5 { + right: 41.66666667%; + } + .col-md-pull-4 { + right: 33.33333333%; + } + .col-md-pull-3 { + right: 25%; + } + .col-md-pull-2 { + right: 16.66666667%; + } + .col-md-pull-1 { + right: 8.33333333%; + } + .col-md-pull-0 { + right: auto; + } + .col-md-push-12 { + left: 100%; + } + .col-md-push-11 { + left: 91.66666667%; + } + .col-md-push-10 { + left: 83.33333333%; + } + .col-md-push-9 { + left: 75%; + } + .col-md-push-8 { + left: 66.66666667%; + } + .col-md-push-7 { + left: 58.33333333%; + } + .col-md-push-6 { + left: 50%; + } + .col-md-push-5 { + left: 41.66666667%; + } + .col-md-push-4 { + left: 33.33333333%; + } + .col-md-push-3 { + left: 25%; + } + .col-md-push-2 { + left: 16.66666667%; + } + .col-md-push-1 { + left: 8.33333333%; + } + .col-md-push-0 { + left: auto; + } + .col-md-offset-12 { + margin-left: 100%; + } + .col-md-offset-11 { + margin-left: 91.66666667%; + } + .col-md-offset-10 { + margin-left: 83.33333333%; + } + .col-md-offset-9 { + margin-left: 75%; + } + .col-md-offset-8 { + margin-left: 66.66666667%; + } + .col-md-offset-7 { + margin-left: 58.33333333%; + } + .col-md-offset-6 { + margin-left: 50%; + } + .col-md-offset-5 { + margin-left: 41.66666667%; + } + .col-md-offset-4 { + margin-left: 33.33333333%; + } + .col-md-offset-3 { + margin-left: 25%; + } + .col-md-offset-2 { + margin-left: 16.66666667%; + } + .col-md-offset-1 { + margin-left: 8.33333333%; + } + .col-md-offset-0 { + margin-left: 0%; + } +} +@media (min-width: 1200px) { + .col-lg-1, .col-lg-2, .col-lg-3, .col-lg-4, .col-lg-5, .col-lg-6, .col-lg-7, .col-lg-8, .col-lg-9, .col-lg-10, .col-lg-11, .col-lg-12 { + float: left; + } + .col-lg-12 { + width: 100%; + } + .col-lg-11 { + width: 91.66666667%; + } + .col-lg-10 { + width: 83.33333333%; + } + .col-lg-9 { + width: 75%; + } + .col-lg-8 { + width: 66.66666667%; + } + .col-lg-7 { + width: 58.33333333%; + } + .col-lg-6 { + width: 50%; + } + .col-lg-5 { + width: 41.66666667%; + } + .col-lg-4 { + width: 33.33333333%; + } + .col-lg-3 { + width: 25%; + } + .col-lg-2 { + width: 16.66666667%; + } + .col-lg-1 { + width: 8.33333333%; + } + .col-lg-pull-12 { + right: 100%; + } + .col-lg-pull-11 { + right: 91.66666667%; + } + .col-lg-pull-10 { + right: 83.33333333%; + } + .col-lg-pull-9 { + right: 75%; + } + .col-lg-pull-8 { + right: 66.66666667%; + } + .col-lg-pull-7 { + right: 58.33333333%; + } + .col-lg-pull-6 { + right: 50%; + } + .col-lg-pull-5 { + right: 41.66666667%; + } + .col-lg-pull-4 { + right: 33.33333333%; + } + .col-lg-pull-3 { + right: 25%; + } + .col-lg-pull-2 { + right: 16.66666667%; + } + .col-lg-pull-1 { + right: 8.33333333%; + } + .col-lg-pull-0 { + right: auto; + } + .col-lg-push-12 { + left: 100%; + } + .col-lg-push-11 { + left: 91.66666667%; + } + .col-lg-push-10 { + left: 83.33333333%; + } + .col-lg-push-9 { + left: 75%; + } + .col-lg-push-8 { + left: 66.66666667%; + } + .col-lg-push-7 { + left: 58.33333333%; + } + .col-lg-push-6 { + left: 50%; + } + .col-lg-push-5 { + left: 41.66666667%; + } + .col-lg-push-4 { + left: 33.33333333%; + } + .col-lg-push-3 { + left: 25%; + } + .col-lg-push-2 { + left: 16.66666667%; + } + .col-lg-push-1 { + left: 8.33333333%; + } + .col-lg-push-0 { + left: auto; + } + .col-lg-offset-12 { + margin-left: 100%; + } + .col-lg-offset-11 { + margin-left: 91.66666667%; + } + .col-lg-offset-10 { + margin-left: 83.33333333%; + } + .col-lg-offset-9 { + margin-left: 75%; + } + .col-lg-offset-8 { + margin-left: 66.66666667%; + } + .col-lg-offset-7 { + margin-left: 58.33333333%; + } + .col-lg-offset-6 { + margin-left: 50%; + } + .col-lg-offset-5 { + margin-left: 41.66666667%; + } + .col-lg-offset-4 { + margin-left: 33.33333333%; + } + .col-lg-offset-3 { + margin-left: 25%; + } + .col-lg-offset-2 { + margin-left: 16.66666667%; + } + .col-lg-offset-1 { + margin-left: 8.33333333%; + } + .col-lg-offset-0 { + margin-left: 0%; + } +} +table { + background-color: transparent; +} +caption { + padding-top: 8px; + padding-bottom: 8px; + color: #777777; + text-align: left; +} +th { + text-align: left; +} +.table { + width: 100%; + max-width: 100%; + margin-bottom: 20px; +} +.table > thead > tr > th, +.table > tbody > tr > th, +.table > tfoot > tr > th, +.table > thead > tr > td, +.table > tbody > tr > td, +.table > tfoot > tr > td { + padding: 8px; + line-height: 1.42857143; + vertical-align: top; + border-top: 1px solid #dddddd; +} +.table > thead > tr > th { + vertical-align: bottom; + border-bottom: 2px solid #dddddd; +} +.table > caption + thead > tr:first-child > th, +.table > colgroup + thead > tr:first-child > th, +.table > thead:first-child > tr:first-child > th, +.table > caption + thead > tr:first-child > td, +.table > colgroup + thead > tr:first-child > td, +.table > thead:first-child > tr:first-child > td { + border-top: 0; +} +.table > tbody + tbody { + border-top: 2px solid #dddddd; +} +.table .table { + background-color: #ffffff; +} +.table-condensed > thead > tr > th, +.table-condensed > tbody > tr > th, +.table-condensed > tfoot > tr > th, +.table-condensed > thead > tr > td, +.table-condensed > tbody > tr > td, +.table-condensed > tfoot > tr > td { + padding: 5px; +} +.table-bordered { + border: 1px solid #dddddd; +} +.table-bordered > thead > tr > th, +.table-bordered > tbody > tr > th, +.table-bordered > tfoot > tr > th, +.table-bordered > thead > tr > td, +.table-bordered > tbody > tr > td, +.table-bordered > tfoot > tr > td { + border: 1px solid #dddddd; +} +.table-bordered > thead > tr > th, +.table-bordered > thead > tr > td { + border-bottom-width: 2px; +} +.table-striped > tbody > tr:nth-of-type(odd) { + background-color: #f9f9f9; +} +.table-hover > tbody > tr:hover { + background-color: #f5f5f5; +} +table col[class*="col-"] { + position: static; + float: none; + display: table-column; +} +table td[class*="col-"], +table th[class*="col-"] { + position: static; + float: none; + display: table-cell; +} +.table > thead > tr > td.active, +.table > tbody > tr > td.active, +.table > tfoot > tr > td.active, +.table > thead > tr > th.active, +.table > tbody > tr > th.active, +.table > tfoot > tr > th.active, +.table > thead > tr.active > td, +.table > tbody > tr.active > td, +.table > tfoot > tr.active > td, +.table > thead > tr.active > th, +.table > tbody > tr.active > th, +.table > tfoot > tr.active > th { + background-color: #f5f5f5; +} +.table-hover > tbody > tr > td.active:hover, +.table-hover > tbody > tr > th.active:hover, +.table-hover > tbody > tr.active:hover > td, +.table-hover > tbody > tr:hover > .active, +.table-hover > tbody > tr.active:hover > th { + background-color: #e8e8e8; +} +.table > thead > tr > td.success, +.table > tbody > tr > td.success, +.table > tfoot > tr > td.success, +.table > thead > tr > th.success, +.table > tbody > tr > th.success, +.table > tfoot > tr > th.success, +.table > thead > tr.success > td, +.table > tbody > tr.success > td, +.table > tfoot > tr.success > td, +.table > thead > tr.success > th, +.table > tbody > tr.success > th, +.table > tfoot > tr.success > th { + background-color: #dff0d8; +} +.table-hover > tbody > tr > td.success:hover, +.table-hover > tbody > tr > th.success:hover, +.table-hover > tbody > tr.success:hover > td, +.table-hover > tbody > tr:hover > .success, +.table-hover > tbody > tr.success:hover > th { + background-color: #d0e9c6; +} +.table > thead > tr > td.info, +.table > tbody > tr > td.info, +.table > tfoot > tr > td.info, +.table > thead > tr > th.info, +.table > tbody > tr > th.info, +.table > tfoot > tr > th.info, +.table > thead > tr.info > td, +.table > tbody > tr.info > td, +.table > tfoot > tr.info > td, +.table > thead > tr.info > th, +.table > tbody > tr.info > th, +.table > tfoot > tr.info > th { + background-color: #d9edf7; +} +.table-hover > tbody > tr > td.info:hover, +.table-hover > tbody > tr > th.info:hover, +.table-hover > tbody > tr.info:hover > td, +.table-hover > tbody > tr:hover > .info, +.table-hover > tbody > tr.info:hover > th { + background-color: #c4e3f3; +} +.table > thead > tr > td.warning, +.table > tbody > tr > td.warning, +.table > tfoot > tr > td.warning, +.table > thead > tr > th.warning, +.table > tbody > tr > th.warning, +.table > tfoot > tr > th.warning, +.table > thead > tr.warning > td, +.table > tbody > tr.warning > td, +.table > tfoot > tr.warning > td, +.table > thead > tr.warning > th, +.table > tbody > tr.warning > th, +.table > tfoot > tr.warning > th { + background-color: #fcf8e3; +} +.table-hover > tbody > tr > td.warning:hover, +.table-hover > tbody > tr > th.warning:hover, +.table-hover > tbody > tr.warning:hover > td, +.table-hover > tbody > tr:hover > .warning, +.table-hover > tbody > tr.warning:hover > th { + background-color: #faf2cc; +} +.table > thead > tr > td.danger, +.table > tbody > tr > td.danger, +.table > tfoot > tr > td.danger, +.table > thead > tr > th.danger, +.table > tbody > tr > th.danger, +.table > tfoot > tr > th.danger, +.table > thead > tr.danger > td, +.table > tbody > tr.danger > td, +.table > tfoot > tr.danger > td, +.table > thead > tr.danger > th, +.table > tbody > tr.danger > th, +.table > tfoot > tr.danger > th { + background-color: #f2dede; +} +.table-hover > tbody > tr > td.danger:hover, +.table-hover > tbody > tr > th.danger:hover, +.table-hover > tbody > tr.danger:hover > td, +.table-hover > tbody > tr:hover > .danger, +.table-hover > tbody > tr.danger:hover > th { + background-color: #ebcccc; +} +.table-responsive { + overflow-x: auto; + min-height: 0.01%; +} +@media screen and (max-width: 767px) { + .table-responsive { + width: 100%; + margin-bottom: 15px; + overflow-y: hidden; + -ms-overflow-style: -ms-autohiding-scrollbar; + border: 1px solid #dddddd; + } + .table-responsive > .table { + margin-bottom: 0; + } + .table-responsive > .table > thead > tr > th, + .table-responsive > .table > tbody > tr > th, + .table-responsive > .table > tfoot > tr > th, + .table-responsive > .table > thead > tr > td, + .table-responsive > .table > tbody > tr > td, + .table-responsive > .table > tfoot > tr > td { + white-space: nowrap; + } + .table-responsive > .table-bordered { + border: 0; + } + .table-responsive > .table-bordered > thead > tr > th:first-child, + .table-responsive > .table-bordered > tbody > tr > th:first-child, + .table-responsive > .table-bordered > tfoot > tr > th:first-child, + .table-responsive > .table-bordered > thead > tr > td:first-child, + .table-responsive > .table-bordered > tbody > tr > td:first-child, + .table-responsive > .table-bordered > tfoot > tr > td:first-child { + border-left: 0; + } + .table-responsive > .table-bordered > thead > tr > th:last-child, + .table-responsive > .table-bordered > tbody > tr > th:last-child, + .table-responsive > .table-bordered > tfoot > tr > th:last-child, + .table-responsive > .table-bordered > thead > tr > td:last-child, + .table-responsive > .table-bordered > tbody > tr > td:last-child, + .table-responsive > .table-bordered > tfoot > tr > td:last-child { + border-right: 0; + } + .table-responsive > .table-bordered > tbody > tr:last-child > th, + .table-responsive > .table-bordered > tfoot > tr:last-child > th, + .table-responsive > .table-bordered > tbody > tr:last-child > td, + .table-responsive > .table-bordered > tfoot > tr:last-child > td { + border-bottom: 0; + } +} +fieldset { + padding: 0; + margin: 0; + border: 0; + min-width: 0; +} +legend { + display: block; + width: 100%; + padding: 0; + margin-bottom: 20px; + font-size: 21px; + line-height: inherit; + color: #333333; + border: 0; + border-bottom: 1px solid #e5e5e5; +} +label { + display: inline-block; + max-width: 100%; + margin-bottom: 5px; +} +input[type="search"] { + -webkit-box-sizing: border-box; + -moz-box-sizing: border-box; + box-sizing: border-box; +} +input[type="radio"], +input[type="checkbox"] { + margin: 4px 0 0; + margin-top: 1px \9; + line-height: normal; +} +input[type="file"] { + display: block; +} +input[type="range"] { + display: block; + width: 100%; +} +select[multiple], +select[size] { + height: auto; +} +input[type="file"]:focus, +input[type="radio"]:focus, +input[type="checkbox"]:focus { + outline: thin dotted; + outline: 5px auto -webkit-focus-ring-color; + outline-offset: -2px; +} +output { + display: block; + padding-top: 7px; + font-size: 14px; + line-height: 1.42857143; + color: #555555; +} +.form-control { + display: block; + width: 100%; + height: 34px; + padding: 6px 12px; + font-size: 14px; + line-height: 1.42857143; + color: #555555; + background-color: #ffffff; + background-image: none; + border: 1px solid #cccccc; + border-radius: 4px; + -webkit-box-shadow: inset 0 1px 1px rgba(0, 0, 0, 0.075); + box-shadow: inset 0 1px 1px rgba(0, 0, 0, 0.075); + -webkit-transition: border-color ease-in-out .15s, -webkit-box-shadow ease-in-out .15s; + -o-transition: border-color ease-in-out .15s, box-shadow ease-in-out .15s; + transition: border-color ease-in-out .15s, box-shadow ease-in-out .15s; +} +.form-control:focus { + border-color: #66afe9; + outline: 0; + -webkit-box-shadow: inset 0 1px 1px rgba(0,0,0,.075), 0 0 8px rgba(102, 175, 233, 0.6); + box-shadow: inset 0 1px 1px rgba(0,0,0,.075), 0 0 8px rgba(102, 175, 233, 0.6); +} +.form-control::-moz-placeholder { + color: #999999; + opacity: 1; +} +.form-control:-ms-input-placeholder { + color: #999999; +} +.form-control::-webkit-input-placeholder { + color: #999999; +} +.form-control[disabled], +.form-control[readonly], +fieldset[disabled] .form-control { + background-color: #eeeeee; + opacity: 1; +} +.form-control[disabled], +fieldset[disabled] .form-control { + cursor: not-allowed; +} +textarea.form-control { + height: auto; +} +input[type="search"] { + -webkit-appearance: none; +} +@media screen and (-webkit-min-device-pixel-ratio: 0) { + input[type="date"].form-control, + input[type="time"].form-control, + input[type="datetime-local"].form-control, + input[type="month"].form-control { + line-height: 34px; + } + input[type="date"].input-sm, + input[type="time"].input-sm, + input[type="datetime-local"].input-sm, + input[type="month"].input-sm, + .input-group-sm input[type="date"], + .input-group-sm input[type="time"], + .input-group-sm input[type="datetime-local"], + .input-group-sm input[type="month"] { + line-height: 30px; + } + input[type="date"].input-lg, + input[type="time"].input-lg, + input[type="datetime-local"].input-lg, + input[type="month"].input-lg, + .input-group-lg input[type="date"], + .input-group-lg input[type="time"], + .input-group-lg input[type="datetime-local"], + .input-group-lg input[type="month"] { + line-height: 46px; + } +} +.form-group { + margin-bottom: 15px; +} +.radio, +.checkbox { + position: relative; + margin-top: 10px; + margin-bottom: 10px; +} +.radio label, +.checkbox label { + min-height: 20px; + padding-left: 20px; + margin-bottom: 0; + font-weight: normal; + cursor: pointer; +} +.radio input[type="radio"], +.radio-inline input[type="radio"], +.checkbox input[type="checkbox"], +.checkbox-inline input[type="checkbox"] { + position: absolute; + margin-left: -20px; + margin-top: 4px \9; +} +.radio + .radio, +.checkbox + .checkbox { + margin-top: -5px; +} +.radio-inline, +.checkbox-inline { + position: relative; + display: inline-block; + padding-left: 20px; + margin-bottom: 0; + vertical-align: middle; + font-weight: normal; + cursor: pointer; +} +.radio-inline + .radio-inline, +.checkbox-inline + .checkbox-inline { + margin-top: 0; + margin-left: 10px; +} +input[type="radio"][disabled], +input[type="checkbox"][disabled], +input[type="radio"].disabled, +input[type="checkbox"].disabled, +fieldset[disabled] input[type="radio"], +fieldset[disabled] input[type="checkbox"] { + cursor: not-allowed; +} +.radio-inline.disabled, +.checkbox-inline.disabled, +fieldset[disabled] .radio-inline, +fieldset[disabled] .checkbox-inline { + cursor: not-allowed; +} +.radio.disabled label, +.checkbox.disabled label, +fieldset[disabled] .radio label, +fieldset[disabled] .checkbox label { + cursor: not-allowed; +} +.form-control-static { + padding-top: 7px; + padding-bottom: 7px; + margin-bottom: 0; + min-height: 34px; +} +.form-control-static.input-lg, +.form-control-static.input-sm { + padding-left: 0; + padding-right: 0; +} +.input-sm { + height: 30px; + padding: 5px 10px; + font-size: 12px; + line-height: 1.5; + border-radius: 3px; +} +select.input-sm { + height: 30px; + line-height: 30px; +} +textarea.input-sm, +select[multiple].input-sm { + height: auto; +} +.form-group-sm .form-control { + height: 30px; + padding: 5px 10px; + font-size: 12px; + line-height: 1.5; + border-radius: 3px; +} +.form-group-sm select.form-control { + height: 30px; + line-height: 30px; +} +.form-group-sm textarea.form-control, +.form-group-sm select[multiple].form-control { + height: auto; +} +.form-group-sm .form-control-static { + height: 30px; + min-height: 32px; + padding: 6px 10px; + font-size: 12px; + line-height: 1.5; +} +.input-lg { + height: 46px; + padding: 10px 16px; + font-size: 18px; + line-height: 1.3333333; + border-radius: 6px; +} +select.input-lg { + height: 46px; + line-height: 46px; +} +textarea.input-lg, +select[multiple].input-lg { + height: auto; +} +.form-group-lg .form-control { + height: 46px; + padding: 10px 16px; + font-size: 18px; + line-height: 1.3333333; + border-radius: 6px; +} +.form-group-lg select.form-control { + height: 46px; + line-height: 46px; +} +.form-group-lg textarea.form-control, +.form-group-lg select[multiple].form-control { + height: auto; +} +.form-group-lg .form-control-static { + height: 46px; + min-height: 38px; + padding: 11px 16px; + font-size: 18px; + line-height: 1.3333333; +} +.has-feedback { + position: relative; +} +.has-feedback .form-control { + padding-right: 42.5px; +} +.form-control-feedback { + position: absolute; + top: 0; + right: 0; + z-index: 2; + display: block; + width: 34px; + height: 34px; + line-height: 34px; + text-align: center; + pointer-events: none; +} +.input-lg + .form-control-feedback, +.input-group-lg + .form-control-feedback, +.form-group-lg .form-control + .form-control-feedback { + width: 46px; + height: 46px; + line-height: 46px; +} +.input-sm + .form-control-feedback, +.input-group-sm + .form-control-feedback, +.form-group-sm .form-control + .form-control-feedback { + width: 30px; + height: 30px; + line-height: 30px; +} +.has-success .help-block, +.has-success .control-label, +.has-success .radio, +.has-success .checkbox, +.has-success .radio-inline, +.has-success .checkbox-inline, +.has-success.radio label, +.has-success.checkbox label, +.has-success.radio-inline label, +.has-success.checkbox-inline label { + color: #3c763d; +} +.has-success .form-control { + border-color: #3c763d; + -webkit-box-shadow: inset 0 1px 1px rgba(0, 0, 0, 0.075); + box-shadow: inset 0 1px 1px rgba(0, 0, 0, 0.075); +} +.has-success .form-control:focus { + border-color: #2b542c; + -webkit-box-shadow: inset 0 1px 1px rgba(0, 0, 0, 0.075), 0 0 6px #67b168; + box-shadow: inset 0 1px 1px rgba(0, 0, 0, 0.075), 0 0 6px #67b168; +} +.has-success .input-group-addon { + color: #3c763d; + border-color: #3c763d; + background-color: #dff0d8; +} +.has-success .form-control-feedback { + color: #3c763d; +} +.has-warning .help-block, +.has-warning .control-label, +.has-warning .radio, +.has-warning .checkbox, +.has-warning .radio-inline, +.has-warning .checkbox-inline, +.has-warning.radio label, +.has-warning.checkbox label, +.has-warning.radio-inline label, +.has-warning.checkbox-inline label { + color: #8a6d3b; +} +.has-warning .form-control { + border-color: #8a6d3b; + -webkit-box-shadow: inset 0 1px 1px rgba(0, 0, 0, 0.075); + box-shadow: inset 0 1px 1px rgba(0, 0, 0, 0.075); +} +.has-warning .form-control:focus { + border-color: #66512c; + -webkit-box-shadow: inset 0 1px 1px rgba(0, 0, 0, 0.075), 0 0 6px #c0a16b; + box-shadow: inset 0 1px 1px rgba(0, 0, 0, 0.075), 0 0 6px #c0a16b; +} +.has-warning .input-group-addon { + color: #8a6d3b; + border-color: #8a6d3b; + background-color: #fcf8e3; +} +.has-warning .form-control-feedback { + color: #8a6d3b; +} +.has-error .help-block, +.has-error .control-label, +.has-error .radio, +.has-error .checkbox, +.has-error .radio-inline, +.has-error .checkbox-inline, +.has-error.radio label, +.has-error.checkbox label, +.has-error.radio-inline label, +.has-error.checkbox-inline label { + color: #a94442; +} +.has-error .form-control { + border-color: #a94442; + -webkit-box-shadow: inset 0 1px 1px rgba(0, 0, 0, 0.075); + box-shadow: inset 0 1px 1px rgba(0, 0, 0, 0.075); +} +.has-error .form-control:focus { + border-color: #843534; + -webkit-box-shadow: inset 0 1px 1px rgba(0, 0, 0, 0.075), 0 0 6px #ce8483; + box-shadow: inset 0 1px 1px rgba(0, 0, 0, 0.075), 0 0 6px #ce8483; +} +.has-error .input-group-addon { + color: #a94442; + border-color: #a94442; + background-color: #f2dede; +} +.has-error .form-control-feedback { + color: #a94442; +} +.has-feedback label ~ .form-control-feedback { + top: 25px; +} +.has-feedback label.sr-only ~ .form-control-feedback { + top: 0; +} +.help-block { + display: block; + margin-top: 5px; + margin-bottom: 10px; + color: #737373; +} +@media (min-width: 768px) { + .form-inline .form-group { + display: inline-block; + margin-bottom: 0; + vertical-align: middle; + } + .form-inline .form-control { + display: inline-block; + width: auto; + vertical-align: middle; + } + .form-inline .form-control-static { + display: inline-block; + } + .form-inline .input-group { + display: inline-table; + vertical-align: middle; + } + .form-inline .input-group .input-group-addon, + .form-inline .input-group .input-group-btn, + .form-inline .input-group .form-control { + width: auto; + } + .form-inline .input-group > .form-control { + width: 100%; + } + .form-inline .control-label { + margin-bottom: 0; + vertical-align: middle; + } + .form-inline .radio, + .form-inline .checkbox { + display: inline-block; + margin-top: 0; + margin-bottom: 0; + vertical-align: middle; + } + .form-inline .radio label, + .form-inline .checkbox label { + padding-left: 0; + } + .form-inline .radio input[type="radio"], + .form-inline .checkbox input[type="checkbox"] { + position: relative; + margin-left: 0; + } + .form-inline .has-feedback .form-control-feedback { + top: 0; + } +} +.form-horizontal .radio, +.form-horizontal .checkbox, +.form-horizontal .radio-inline, +.form-horizontal .checkbox-inline { + margin-top: 0; + margin-bottom: 0; + padding-top: 7px; +} +.form-horizontal .radio, +.form-horizontal .checkbox { + min-height: 27px; +} +.form-horizontal .form-group { + margin-left: -15px; + margin-right: -15px; +} +@media (min-width: 768px) { + .form-horizontal .control-label { + text-align: right; + margin-bottom: 0; + padding-top: 7px; + } +} +.form-horizontal .has-feedback .form-control-feedback { + right: 15px; +} +@media (min-width: 768px) { + .form-horizontal .form-group-lg .control-label { + padding-top: 14.333333px; + font-size: 18px; + } +} +@media (min-width: 768px) { + .form-horizontal .form-group-sm .control-label { + padding-top: 6px; + font-size: 12px; + } +} +.btn { + display: inline-block; + margin-bottom: 0; + font-weight: normal; + text-align: center; + vertical-align: middle; + -ms-touch-action: manipulation; + touch-action: manipulation; + cursor: pointer; + background-image: none; + border: 1px solid transparent; + white-space: nowrap; + padding: 6px 12px; + font-size: 14px; + line-height: 1.42857143; + border-radius: 4px; + -webkit-user-select: none; + -moz-user-select: none; + -ms-user-select: none; + user-select: none; +} +.btn:focus, +.btn:active:focus, +.btn.active:focus, +.btn.focus, +.btn:active.focus, +.btn.active.focus { + outline: thin dotted; + outline: 5px auto -webkit-focus-ring-color; + outline-offset: -2px; +} +.btn:hover, +.btn:focus, +.btn.focus { + color: #333333; + text-decoration: none; +} +.btn:active, +.btn.active { + outline: 0; + background-image: none; + -webkit-box-shadow: inset 0 3px 5px rgba(0, 0, 0, 0.125); + box-shadow: inset 0 3px 5px rgba(0, 0, 0, 0.125); +} +.btn.disabled, +.btn[disabled], +fieldset[disabled] .btn { + cursor: not-allowed; + opacity: 0.65; + filter: alpha(opacity=65); + -webkit-box-shadow: none; + box-shadow: none; +} +a.btn.disabled, +fieldset[disabled] a.btn { + pointer-events: none; +} +.btn-default { + color: #333333; + background-color: #ffffff; + border-color: #cccccc; +} +.btn-default:focus, +.btn-default.focus { + color: #333333; + background-color: #e6e6e6; + border-color: #8c8c8c; +} +.btn-default:hover { + color: #333333; + background-color: #e6e6e6; + border-color: #adadad; +} +.btn-default:active, +.btn-default.active, +.open > .dropdown-toggle.btn-default { + color: #333333; + background-color: #e6e6e6; + border-color: #adadad; +} +.btn-default:active:hover, +.btn-default.active:hover, +.open > .dropdown-toggle.btn-default:hover, +.btn-default:active:focus, +.btn-default.active:focus, +.open > .dropdown-toggle.btn-default:focus, +.btn-default:active.focus, +.btn-default.active.focus, +.open > .dropdown-toggle.btn-default.focus { + color: #333333; + background-color: #d4d4d4; + border-color: #8c8c8c; +} +.btn-default:active, +.btn-default.active, +.open > .dropdown-toggle.btn-default { + background-image: none; +} +.btn-default.disabled, +.btn-default[disabled], +fieldset[disabled] .btn-default, +.btn-default.disabled:hover, +.btn-default[disabled]:hover, +fieldset[disabled] .btn-default:hover, +.btn-default.disabled:focus, +.btn-default[disabled]:focus, +fieldset[disabled] .btn-default:focus, +.btn-default.disabled.focus, +.btn-default[disabled].focus, +fieldset[disabled] .btn-default.focus, +.btn-default.disabled:active, +.btn-default[disabled]:active, +fieldset[disabled] .btn-default:active, +.btn-default.disabled.active, +.btn-default[disabled].active, +fieldset[disabled] .btn-default.active { + background-color: #ffffff; + border-color: #cccccc; +} +.btn-default .badge { + color: #ffffff; + background-color: #333333; +} +.btn-primary { + color: #ffffff; + background-color: #337ab7; + border-color: #2e6da4; +} +.btn-primary:focus, +.btn-primary.focus { + color: #ffffff; + background-color: #286090; + border-color: #122b40; +} +.btn-primary:hover { + color: #ffffff; + background-color: #286090; + border-color: #204d74; +} +.btn-primary:active, +.btn-primary.active, +.open > .dropdown-toggle.btn-primary { + color: #ffffff; + background-color: #286090; + border-color: #204d74; +} +.btn-primary:active:hover, +.btn-primary.active:hover, +.open > .dropdown-toggle.btn-primary:hover, +.btn-primary:active:focus, +.btn-primary.active:focus, +.open > .dropdown-toggle.btn-primary:focus, +.btn-primary:active.focus, +.btn-primary.active.focus, +.open > .dropdown-toggle.btn-primary.focus { + color: #ffffff; + background-color: #204d74; + border-color: #122b40; +} +.btn-primary:active, +.btn-primary.active, +.open > .dropdown-toggle.btn-primary { + background-image: none; +} +.btn-primary.disabled, +.btn-primary[disabled], +fieldset[disabled] .btn-primary, +.btn-primary.disabled:hover, +.btn-primary[disabled]:hover, +fieldset[disabled] .btn-primary:hover, +.btn-primary.disabled:focus, +.btn-primary[disabled]:focus, +fieldset[disabled] .btn-primary:focus, +.btn-primary.disabled.focus, +.btn-primary[disabled].focus, +fieldset[disabled] .btn-primary.focus, +.btn-primary.disabled:active, +.btn-primary[disabled]:active, +fieldset[disabled] .btn-primary:active, +.btn-primary.disabled.active, +.btn-primary[disabled].active, +fieldset[disabled] .btn-primary.active { + background-color: #337ab7; + border-color: #2e6da4; +} +.btn-primary .badge { + color: #337ab7; + background-color: #ffffff; +} +.btn-success { + color: #ffffff; + background-color: #5cb85c; + border-color: #4cae4c; +} +.btn-success:focus, +.btn-success.focus { + color: #ffffff; + background-color: #449d44; + border-color: #255625; +} +.btn-success:hover { + color: #ffffff; + background-color: #449d44; + border-color: #398439; +} +.btn-success:active, +.btn-success.active, +.open > .dropdown-toggle.btn-success { + color: #ffffff; + background-color: #449d44; + border-color: #398439; +} +.btn-success:active:hover, +.btn-success.active:hover, +.open > .dropdown-toggle.btn-success:hover, +.btn-success:active:focus, +.btn-success.active:focus, +.open > .dropdown-toggle.btn-success:focus, +.btn-success:active.focus, +.btn-success.active.focus, +.open > .dropdown-toggle.btn-success.focus { + color: #ffffff; + background-color: #398439; + border-color: #255625; +} +.btn-success:active, +.btn-success.active, +.open > .dropdown-toggle.btn-success { + background-image: none; +} +.btn-success.disabled, +.btn-success[disabled], +fieldset[disabled] .btn-success, +.btn-success.disabled:hover, +.btn-success[disabled]:hover, +fieldset[disabled] .btn-success:hover, +.btn-success.disabled:focus, +.btn-success[disabled]:focus, +fieldset[disabled] .btn-success:focus, +.btn-success.disabled.focus, +.btn-success[disabled].focus, +fieldset[disabled] .btn-success.focus, +.btn-success.disabled:active, +.btn-success[disabled]:active, +fieldset[disabled] .btn-success:active, +.btn-success.disabled.active, +.btn-success[disabled].active, +fieldset[disabled] .btn-success.active { + background-color: #5cb85c; + border-color: #4cae4c; +} +.btn-success .badge { + color: #5cb85c; + background-color: #ffffff; +} +.btn-info { + color: #ffffff; + background-color: #5bc0de; + border-color: #46b8da; +} +.btn-info:focus, +.btn-info.focus { + color: #ffffff; + background-color: #31b0d5; + border-color: #1b6d85; +} +.btn-info:hover { + color: #ffffff; + background-color: #31b0d5; + border-color: #269abc; +} +.btn-info:active, +.btn-info.active, +.open > .dropdown-toggle.btn-info { + color: #ffffff; + background-color: #31b0d5; + border-color: #269abc; +} +.btn-info:active:hover, +.btn-info.active:hover, +.open > .dropdown-toggle.btn-info:hover, +.btn-info:active:focus, +.btn-info.active:focus, +.open > .dropdown-toggle.btn-info:focus, +.btn-info:active.focus, +.btn-info.active.focus, +.open > .dropdown-toggle.btn-info.focus { + color: #ffffff; + background-color: #269abc; + border-color: #1b6d85; +} +.btn-info:active, +.btn-info.active, +.open > .dropdown-toggle.btn-info { + background-image: none; +} +.btn-info.disabled, +.btn-info[disabled], +fieldset[disabled] .btn-info, +.btn-info.disabled:hover, +.btn-info[disabled]:hover, +fieldset[disabled] .btn-info:hover, +.btn-info.disabled:focus, +.btn-info[disabled]:focus, +fieldset[disabled] .btn-info:focus, +.btn-info.disabled.focus, +.btn-info[disabled].focus, +fieldset[disabled] .btn-info.focus, +.btn-info.disabled:active, +.btn-info[disabled]:active, +fieldset[disabled] .btn-info:active, +.btn-info.disabled.active, +.btn-info[disabled].active, +fieldset[disabled] .btn-info.active { + background-color: #5bc0de; + border-color: #46b8da; +} +.btn-info .badge { + color: #5bc0de; + background-color: #ffffff; +} +.btn-warning { + color: #ffffff; + background-color: #f0ad4e; + border-color: #eea236; +} +.btn-warning:focus, +.btn-warning.focus { + color: #ffffff; + background-color: #ec971f; + border-color: #985f0d; +} +.btn-warning:hover { + color: #ffffff; + background-color: #ec971f; + border-color: #d58512; +} +.btn-warning:active, +.btn-warning.active, +.open > .dropdown-toggle.btn-warning { + color: #ffffff; + background-color: #ec971f; + border-color: #d58512; +} +.btn-warning:active:hover, +.btn-warning.active:hover, +.open > .dropdown-toggle.btn-warning:hover, +.btn-warning:active:focus, +.btn-warning.active:focus, +.open > .dropdown-toggle.btn-warning:focus, +.btn-warning:active.focus, +.btn-warning.active.focus, +.open > .dropdown-toggle.btn-warning.focus { + color: #ffffff; + background-color: #d58512; + border-color: #985f0d; +} +.btn-warning:active, +.btn-warning.active, +.open > .dropdown-toggle.btn-warning { + background-image: none; +} +.btn-warning.disabled, +.btn-warning[disabled], +fieldset[disabled] .btn-warning, +.btn-warning.disabled:hover, +.btn-warning[disabled]:hover, +fieldset[disabled] .btn-warning:hover, +.btn-warning.disabled:focus, +.btn-warning[disabled]:focus, +fieldset[disabled] .btn-warning:focus, +.btn-warning.disabled.focus, +.btn-warning[disabled].focus, +fieldset[disabled] .btn-warning.focus, +.btn-warning.disabled:active, +.btn-warning[disabled]:active, +fieldset[disabled] .btn-warning:active, +.btn-warning.disabled.active, +.btn-warning[disabled].active, +fieldset[disabled] .btn-warning.active { + background-color: #f0ad4e; + border-color: #eea236; +} +.btn-warning .badge { + color: #f0ad4e; + background-color: #ffffff; +} +.btn-danger { + color: #ffffff; + background-color: #d9534f; + border-color: #d43f3a; +} +.btn-danger:focus, +.btn-danger.focus { + color: #ffffff; + background-color: #c9302c; + border-color: #761c19; +} +.btn-danger:hover { + color: #ffffff; + background-color: #c9302c; + border-color: #ac2925; +} +.btn-danger:active, +.btn-danger.active, +.open > .dropdown-toggle.btn-danger { + color: #ffffff; + background-color: #c9302c; + border-color: #ac2925; +} +.btn-danger:active:hover, +.btn-danger.active:hover, +.open > .dropdown-toggle.btn-danger:hover, +.btn-danger:active:focus, +.btn-danger.active:focus, +.open > .dropdown-toggle.btn-danger:focus, +.btn-danger:active.focus, +.btn-danger.active.focus, +.open > .dropdown-toggle.btn-danger.focus { + color: #ffffff; + background-color: #ac2925; + border-color: #761c19; +} +.btn-danger:active, +.btn-danger.active, +.open > .dropdown-toggle.btn-danger { + background-image: none; +} +.btn-danger.disabled, +.btn-danger[disabled], +fieldset[disabled] .btn-danger, +.btn-danger.disabled:hover, +.btn-danger[disabled]:hover, +fieldset[disabled] .btn-danger:hover, +.btn-danger.disabled:focus, +.btn-danger[disabled]:focus, +fieldset[disabled] .btn-danger:focus, +.btn-danger.disabled.focus, +.btn-danger[disabled].focus, +fieldset[disabled] .btn-danger.focus, +.btn-danger.disabled:active, +.btn-danger[disabled]:active, +fieldset[disabled] .btn-danger:active, +.btn-danger.disabled.active, +.btn-danger[disabled].active, +fieldset[disabled] .btn-danger.active { + background-color: #d9534f; + border-color: #d43f3a; +} +.btn-danger .badge { + color: #d9534f; + background-color: #ffffff; +} +.btn-link { + color: #337ab7; + font-weight: normal; + border-radius: 0; +} +.btn-link, +.btn-link:active, +.btn-link.active, +.btn-link[disabled], +fieldset[disabled] .btn-link { + background-color: transparent; + -webkit-box-shadow: none; + box-shadow: none; +} +.btn-link, +.btn-link:hover, +.btn-link:focus, +.btn-link:active { + border-color: transparent; +} +.btn-link:hover, +.btn-link:focus { + color: #23527c; + text-decoration: underline; + background-color: transparent; +} +.btn-link[disabled]:hover, +fieldset[disabled] .btn-link:hover, +.btn-link[disabled]:focus, +fieldset[disabled] .btn-link:focus { + color: #777777; + text-decoration: none; +} +.btn-lg, +.btn-group-lg > .btn { + padding: 10px 16px; + font-size: 18px; + line-height: 1.3333333; + border-radius: 6px; +} +.btn-sm, +.btn-group-sm > .btn { + padding: 5px 10px; + font-size: 12px; + line-height: 1.5; + border-radius: 3px; +} +.btn-xs, +.btn-group-xs > .btn { + padding: 1px 5px; + font-size: 12px; + line-height: 1.5; + border-radius: 3px; +} +.btn-block { + display: block; + width: 100%; +} +.btn-block + .btn-block { + margin-top: 5px; +} +input[type="submit"].btn-block, +input[type="reset"].btn-block, +input[type="button"].btn-block { + width: 100%; +} +.fade { + opacity: 0; + -webkit-transition: opacity 0.15s linear; + -o-transition: opacity 0.15s linear; + transition: opacity 0.15s linear; +} +.fade.in { + opacity: 1; +} +.collapse { + display: none; +} +.collapse.in { + display: block; +} +tr.collapse.in { + display: table-row; +} +tbody.collapse.in { + display: table-row-group; +} +.collapsing { + position: relative; + height: 0; + overflow: hidden; + -webkit-transition-property: height, visibility; + -o-transition-property: height, visibility; + transition-property: height, visibility; + -webkit-transition-duration: 0.35s; + -o-transition-duration: 0.35s; + transition-duration: 0.35s; + -webkit-transition-timing-function: ease; + -o-transition-timing-function: ease; + transition-timing-function: ease; +} +.caret { + display: inline-block; + width: 0; + height: 0; + margin-left: 2px; + vertical-align: middle; + border-top: 4px dashed; + border-top: 4px solid \9; + border-right: 4px solid transparent; + border-left: 4px solid transparent; +} +.dropup, +.dropdown { + position: relative; +} +.dropdown-toggle:focus { + outline: 0; +} +.dropdown-menu { + position: absolute; + top: 100%; + left: 0; + z-index: 1000; + display: none; + float: left; + min-width: 160px; + padding: 5px 0; + margin: 2px 0 0; + list-style: none; + font-size: 14px; + text-align: left; + background-color: #ffffff; + border: 1px solid #cccccc; + border: 1px solid rgba(0, 0, 0, 0.15); + border-radius: 4px; + -webkit-box-shadow: 0 6px 12px rgba(0, 0, 0, 0.175); + box-shadow: 0 6px 12px rgba(0, 0, 0, 0.175); + -webkit-background-clip: padding-box; + background-clip: padding-box; +} +.dropdown-menu.pull-right { + right: 0; + left: auto; +} +.dropdown-menu .divider { + height: 1px; + margin: 9px 0; + overflow: hidden; + background-color: #e5e5e5; +} +.dropdown-menu > li > a { + display: block; + padding: 3px 20px; + clear: both; + font-weight: normal; + line-height: 1.42857143; + color: #333333; + white-space: nowrap; +} +.dropdown-menu > li > a:hover, +.dropdown-menu > li > a:focus { + text-decoration: none; + color: #262626; + background-color: #f5f5f5; +} +.dropdown-menu > .active > a, +.dropdown-menu > .active > a:hover, +.dropdown-menu > .active > a:focus { + color: #ffffff; + text-decoration: none; + outline: 0; + background-color: #337ab7; +} +.dropdown-menu > .disabled > a, +.dropdown-menu > .disabled > a:hover, +.dropdown-menu > .disabled > a:focus { + color: #777777; +} +.dropdown-menu > .disabled > a:hover, +.dropdown-menu > .disabled > a:focus { + text-decoration: none; + background-color: transparent; + background-image: none; + filter: progid:DXImageTransform.Microsoft.gradient(enabled = false); + cursor: not-allowed; +} +.open > .dropdown-menu { + display: block; +} +.open > a { + outline: 0; +} +.dropdown-menu-right { + left: auto; + right: 0; +} +.dropdown-menu-left { + left: 0; + right: auto; +} +.dropdown-header { + display: block; + padding: 3px 20px; + font-size: 12px; + line-height: 1.42857143; + color: #777777; + white-space: nowrap; +} +.dropdown-backdrop { + position: fixed; + left: 0; + right: 0; + bottom: 0; + top: 0; + z-index: 990; +} +.pull-right > .dropdown-menu { + right: 0; + left: auto; +} +.dropup .caret, +.navbar-fixed-bottom .dropdown .caret { + border-top: 0; + border-bottom: 4px dashed; + border-bottom: 4px solid \9; + content: ""; +} +.dropup .dropdown-menu, +.navbar-fixed-bottom .dropdown .dropdown-menu { + top: auto; + bottom: 100%; + margin-bottom: 2px; +} +@media (min-width: 768px) { + .navbar-right .dropdown-menu { + left: auto; + right: 0; + } + .navbar-right .dropdown-menu-left { + left: 0; + right: auto; + } +} +.btn-group, +.btn-group-vertical { + position: relative; + display: inline-block; + vertical-align: middle; +} +.btn-group > .btn, +.btn-group-vertical > .btn { + position: relative; + float: left; +} +.btn-group > .btn:hover, +.btn-group-vertical > .btn:hover, +.btn-group > .btn:focus, +.btn-group-vertical > .btn:focus, +.btn-group > .btn:active, +.btn-group-vertical > .btn:active, +.btn-group > .btn.active, +.btn-group-vertical > .btn.active { + z-index: 2; +} +.btn-group .btn + .btn, +.btn-group .btn + .btn-group, +.btn-group .btn-group + .btn, +.btn-group .btn-group + .btn-group { + margin-left: -1px; +} +.btn-toolbar { + margin-left: -5px; +} +.btn-toolbar .btn, +.btn-toolbar .btn-group, +.btn-toolbar .input-group { + float: left; +} +.btn-toolbar > .btn, +.btn-toolbar > .btn-group, +.btn-toolbar > .input-group { + margin-left: 5px; +} +.btn-group > .btn:not(:first-child):not(:last-child):not(.dropdown-toggle) { + border-radius: 0; +} +.btn-group > .btn:first-child { + margin-left: 0; +} +.btn-group > .btn:first-child:not(:last-child):not(.dropdown-toggle) { + border-bottom-right-radius: 0; + border-top-right-radius: 0; +} +.btn-group > .btn:last-child:not(:first-child), +.btn-group > .dropdown-toggle:not(:first-child) { + border-bottom-left-radius: 0; + border-top-left-radius: 0; +} +.btn-group > .btn-group { + float: left; +} +.btn-group > .btn-group:not(:first-child):not(:last-child) > .btn { + border-radius: 0; +} +.btn-group > .btn-group:first-child:not(:last-child) > .btn:last-child, +.btn-group > .btn-group:first-child:not(:last-child) > .dropdown-toggle { + border-bottom-right-radius: 0; + border-top-right-radius: 0; +} +.btn-group > .btn-group:last-child:not(:first-child) > .btn:first-child { + border-bottom-left-radius: 0; + border-top-left-radius: 0; +} +.btn-group .dropdown-toggle:active, +.btn-group.open .dropdown-toggle { + outline: 0; +} +.btn-group > .btn + .dropdown-toggle { + padding-left: 8px; + padding-right: 8px; +} +.btn-group > .btn-lg + .dropdown-toggle { + padding-left: 12px; + padding-right: 12px; +} +.btn-group.open .dropdown-toggle { + -webkit-box-shadow: inset 0 3px 5px rgba(0, 0, 0, 0.125); + box-shadow: inset 0 3px 5px rgba(0, 0, 0, 0.125); +} +.btn-group.open .dropdown-toggle.btn-link { + -webkit-box-shadow: none; + box-shadow: none; +} +.btn .caret { + margin-left: 0; +} +.btn-lg .caret { + border-width: 5px 5px 0; + border-bottom-width: 0; +} +.dropup .btn-lg .caret { + border-width: 0 5px 5px; +} +.btn-group-vertical > .btn, +.btn-group-vertical > .btn-group, +.btn-group-vertical > .btn-group > .btn { + display: block; + float: none; + width: 100%; + max-width: 100%; +} +.btn-group-vertical > .btn-group > .btn { + float: none; +} +.btn-group-vertical > .btn + .btn, +.btn-group-vertical > .btn + .btn-group, +.btn-group-vertical > .btn-group + .btn, +.btn-group-vertical > .btn-group + .btn-group { + margin-top: -1px; + margin-left: 0; +} +.btn-group-vertical > .btn:not(:first-child):not(:last-child) { + border-radius: 0; +} +.btn-group-vertical > .btn:first-child:not(:last-child) { + border-top-right-radius: 4px; + border-bottom-right-radius: 0; + border-bottom-left-radius: 0; +} +.btn-group-vertical > .btn:last-child:not(:first-child) { + border-bottom-left-radius: 4px; + border-top-right-radius: 0; + border-top-left-radius: 0; +} +.btn-group-vertical > .btn-group:not(:first-child):not(:last-child) > .btn { + border-radius: 0; +} +.btn-group-vertical > .btn-group:first-child:not(:last-child) > .btn:last-child, +.btn-group-vertical > .btn-group:first-child:not(:last-child) > .dropdown-toggle { + border-bottom-right-radius: 0; + border-bottom-left-radius: 0; +} +.btn-group-vertical > .btn-group:last-child:not(:first-child) > .btn:first-child { + border-top-right-radius: 0; + border-top-left-radius: 0; +} +.btn-group-justified { + display: table; + width: 100%; + table-layout: fixed; + border-collapse: separate; +} +.btn-group-justified > .btn, +.btn-group-justified > .btn-group { + float: none; + display: table-cell; + width: 1%; +} +.btn-group-justified > .btn-group .btn { + width: 100%; +} +.btn-group-justified > .btn-group .dropdown-menu { + left: auto; +} +[data-toggle="buttons"] > .btn input[type="radio"], +[data-toggle="buttons"] > .btn-group > .btn input[type="radio"], +[data-toggle="buttons"] > .btn input[type="checkbox"], +[data-toggle="buttons"] > .btn-group > .btn input[type="checkbox"] { + position: absolute; + clip: rect(0, 0, 0, 0); + pointer-events: none; +} +.input-group { + position: relative; + display: table; + border-collapse: separate; +} +.input-group[class*="col-"] { + float: none; + padding-left: 0; + padding-right: 0; +} +.input-group .form-control { + position: relative; + z-index: 2; + float: left; + width: 100%; + margin-bottom: 0; +} +.input-group-lg > .form-control, +.input-group-lg > .input-group-addon, +.input-group-lg > .input-group-btn > .btn { + height: 46px; + padding: 10px 16px; + font-size: 18px; + line-height: 1.3333333; + border-radius: 6px; +} +select.input-group-lg > .form-control, +select.input-group-lg > .input-group-addon, +select.input-group-lg > .input-group-btn > .btn { + height: 46px; + line-height: 46px; +} +textarea.input-group-lg > .form-control, +textarea.input-group-lg > .input-group-addon, +textarea.input-group-lg > .input-group-btn > .btn, +select[multiple].input-group-lg > .form-control, +select[multiple].input-group-lg > .input-group-addon, +select[multiple].input-group-lg > .input-group-btn > .btn { + height: auto; +} +.input-group-sm > .form-control, +.input-group-sm > .input-group-addon, +.input-group-sm > .input-group-btn > .btn { + height: 30px; + padding: 5px 10px; + font-size: 12px; + line-height: 1.5; + border-radius: 3px; +} +select.input-group-sm > .form-control, +select.input-group-sm > .input-group-addon, +select.input-group-sm > .input-group-btn > .btn { + height: 30px; + line-height: 30px; +} +textarea.input-group-sm > .form-control, +textarea.input-group-sm > .input-group-addon, +textarea.input-group-sm > .input-group-btn > .btn, +select[multiple].input-group-sm > .form-control, +select[multiple].input-group-sm > .input-group-addon, +select[multiple].input-group-sm > .input-group-btn > .btn { + height: auto; +} +.input-group-addon, +.input-group-btn, +.input-group .form-control { + display: table-cell; +} +.input-group-addon:not(:first-child):not(:last-child), +.input-group-btn:not(:first-child):not(:last-child), +.input-group .form-control:not(:first-child):not(:last-child) { + border-radius: 0; +} +.input-group-addon, +.input-group-btn { + width: 1%; + white-space: nowrap; + vertical-align: middle; +} +.input-group-addon { + padding: 6px 12px; + font-size: 14px; + font-weight: normal; + line-height: 1; + color: #555555; + text-align: center; + background-color: #eeeeee; + border: 1px solid #cccccc; + border-radius: 4px; +} +.input-group-addon.input-sm { + padding: 5px 10px; + font-size: 12px; + border-radius: 3px; +} +.input-group-addon.input-lg { + padding: 10px 16px; + font-size: 18px; + border-radius: 6px; +} +.input-group-addon input[type="radio"], +.input-group-addon input[type="checkbox"] { + margin-top: 0; +} +.input-group .form-control:first-child, +.input-group-addon:first-child, +.input-group-btn:first-child > .btn, +.input-group-btn:first-child > .btn-group > .btn, +.input-group-btn:first-child > .dropdown-toggle, +.input-group-btn:last-child > .btn:not(:last-child):not(.dropdown-toggle), +.input-group-btn:last-child > .btn-group:not(:last-child) > .btn { + border-bottom-right-radius: 0; + border-top-right-radius: 0; +} +.input-group-addon:first-child { + border-right: 0; +} +.input-group .form-control:last-child, +.input-group-addon:last-child, +.input-group-btn:last-child > .btn, +.input-group-btn:last-child > .btn-group > .btn, +.input-group-btn:last-child > .dropdown-toggle, +.input-group-btn:first-child > .btn:not(:first-child), +.input-group-btn:first-child > .btn-group:not(:first-child) > .btn { + border-bottom-left-radius: 0; + border-top-left-radius: 0; +} +.input-group-addon:last-child { + border-left: 0; +} +.input-group-btn { + position: relative; + font-size: 0; + white-space: nowrap; +} +.input-group-btn > .btn { + position: relative; +} +.input-group-btn > .btn + .btn { + margin-left: -1px; +} +.input-group-btn > .btn:hover, +.input-group-btn > .btn:focus, +.input-group-btn > .btn:active { + z-index: 2; +} +.input-group-btn:first-child > .btn, +.input-group-btn:first-child > .btn-group { + margin-right: -1px; +} +.input-group-btn:last-child > .btn, +.input-group-btn:last-child > .btn-group { + z-index: 2; + margin-left: -1px; +} +.nav { + margin-bottom: 0; + padding-left: 0; + list-style: none; +} +.nav > li { + position: relative; + display: block; +} +.nav > li > a { + position: relative; + display: block; + padding: 10px 15px; +} +.nav > li > a:hover, +.nav > li > a:focus { + text-decoration: none; + background-color: #eeeeee; +} +.nav > li.disabled > a { + color: #777777; +} +.nav > li.disabled > a:hover, +.nav > li.disabled > a:focus { + color: #777777; + text-decoration: none; + background-color: transparent; + cursor: not-allowed; +} +.nav .open > a, +.nav .open > a:hover, +.nav .open > a:focus { + background-color: #eeeeee; + border-color: #337ab7; +} +.nav .nav-divider { + height: 1px; + margin: 9px 0; + overflow: hidden; + background-color: #e5e5e5; +} +.nav > li > a > img { + max-width: none; +} +.nav-tabs { + border-bottom: 1px solid #dddddd; +} +.nav-tabs > li { + float: left; + margin-bottom: -1px; +} +.nav-tabs > li > a { + margin-right: 2px; + line-height: 1.42857143; + border: 1px solid transparent; + border-radius: 4px 4px 0 0; +} +.nav-tabs > li > a:hover { + border-color: #eeeeee #eeeeee #dddddd; +} +.nav-tabs > li.active > a, +.nav-tabs > li.active > a:hover, +.nav-tabs > li.active > a:focus { + color: #555555; + background-color: #ffffff; + border: 1px solid #dddddd; + border-bottom-color: transparent; + cursor: default; +} +.nav-tabs.nav-justified { + width: 100%; + border-bottom: 0; +} +.nav-tabs.nav-justified > li { + float: none; +} +.nav-tabs.nav-justified > li > a { + text-align: center; + margin-bottom: 5px; +} +.nav-tabs.nav-justified > .dropdown .dropdown-menu { + top: auto; + left: auto; +} +@media (min-width: 768px) { + .nav-tabs.nav-justified > li { + display: table-cell; + width: 1%; + } + .nav-tabs.nav-justified > li > a { + margin-bottom: 0; + } +} +.nav-tabs.nav-justified > li > a { + margin-right: 0; + border-radius: 4px; +} +.nav-tabs.nav-justified > .active > a, +.nav-tabs.nav-justified > .active > a:hover, +.nav-tabs.nav-justified > .active > a:focus { + border: 1px solid #dddddd; +} +@media (min-width: 768px) { + .nav-tabs.nav-justified > li > a { + border-bottom: 1px solid #dddddd; + border-radius: 4px 4px 0 0; + } + .nav-tabs.nav-justified > .active > a, + .nav-tabs.nav-justified > .active > a:hover, + .nav-tabs.nav-justified > .active > a:focus { + border-bottom-color: #ffffff; + } +} +.nav-pills > li { + float: left; +} +.nav-pills > li > a { + border-radius: 4px; +} +.nav-pills > li + li { + margin-left: 2px; +} +.nav-pills > li.active > a, +.nav-pills > li.active > a:hover, +.nav-pills > li.active > a:focus { + color: #ffffff; + background-color: #337ab7; +} +.nav-stacked > li { + float: none; +} +.nav-stacked > li + li { + margin-top: 2px; + margin-left: 0; +} +.nav-justified { + width: 100%; +} +.nav-justified > li { + float: none; +} +.nav-justified > li > a { + text-align: center; + margin-bottom: 5px; +} +.nav-justified > .dropdown .dropdown-menu { + top: auto; + left: auto; +} +@media (min-width: 768px) { + .nav-justified > li { + display: table-cell; + width: 1%; + } + .nav-justified > li > a { + margin-bottom: 0; + } +} +.nav-tabs-justified { + border-bottom: 0; +} +.nav-tabs-justified > li > a { + margin-right: 0; + border-radius: 4px; +} +.nav-tabs-justified > .active > a, +.nav-tabs-justified > .active > a:hover, +.nav-tabs-justified > .active > a:focus { + border: 1px solid #dddddd; +} +@media (min-width: 768px) { + .nav-tabs-justified > li > a { + border-bottom: 1px solid #dddddd; + border-radius: 4px 4px 0 0; + } + .nav-tabs-justified > .active > a, + .nav-tabs-justified > .active > a:hover, + .nav-tabs-justified > .active > a:focus { + border-bottom-color: #ffffff; + } +} +.tab-content > .tab-pane { + display: none; +} +.tab-content > .active { + display: block; +} +.nav-tabs .dropdown-menu { + margin-top: -1px; + border-top-right-radius: 0; + border-top-left-radius: 0; +} +.breadcrumb { + padding: 8px 15px; + margin-bottom: 20px; + list-style: none; + background-color: #f5f5f5; + border-radius: 4px; +} +.breadcrumb > li { + display: inline-block; +} +.breadcrumb > li + li:before { + content: "/\00a0"; + padding: 0 5px; + color: #cccccc; +} +.breadcrumb > .active { + color: #777777; +} +.pagination { + display: inline-block; + padding-left: 0; + margin: 20px 0; + border-radius: 4px; +} +.pagination > li { + display: inline; +} +.pagination > li > a, +.pagination > li > span { + position: relative; + float: left; + padding: 6px 12px; + line-height: 1.42857143; + text-decoration: none; + color: #337ab7; + background-color: #ffffff; + border: 1px solid #dddddd; + margin-left: -1px; +} +.pagination > li:first-child > a, +.pagination > li:first-child > span { + margin-left: 0; + border-bottom-left-radius: 4px; + border-top-left-radius: 4px; +} +.pagination > li:last-child > a, +.pagination > li:last-child > span { + border-bottom-right-radius: 4px; + border-top-right-radius: 4px; +} +.pagination > li > a:hover, +.pagination > li > span:hover, +.pagination > li > a:focus, +.pagination > li > span:focus { + z-index: 3; + color: #23527c; + background-color: #eeeeee; + border-color: #dddddd; +} +.pagination > .active > a, +.pagination > .active > span, +.pagination > .active > a:hover, +.pagination > .active > span:hover, +.pagination > .active > a:focus, +.pagination > .active > span:focus { + z-index: 2; + color: #ffffff; + background-color: #337ab7; + border-color: #337ab7; + cursor: default; +} +.pagination > .disabled > span, +.pagination > .disabled > span:hover, +.pagination > .disabled > span:focus, +.pagination > .disabled > a, +.pagination > .disabled > a:hover, +.pagination > .disabled > a:focus { + color: #777777; + background-color: #ffffff; + border-color: #dddddd; + cursor: not-allowed; +} +.pagination-lg > li > a, +.pagination-lg > li > span { + padding: 10px 16px; + font-size: 18px; + line-height: 1.3333333; +} +.pagination-lg > li:first-child > a, +.pagination-lg > li:first-child > span { + border-bottom-left-radius: 6px; + border-top-left-radius: 6px; +} +.pagination-lg > li:last-child > a, +.pagination-lg > li:last-child > span { + border-bottom-right-radius: 6px; + border-top-right-radius: 6px; +} +.pagination-sm > li > a, +.pagination-sm > li > span { + padding: 5px 10px; + font-size: 12px; + line-height: 1.5; +} +.pagination-sm > li:first-child > a, +.pagination-sm > li:first-child > span { + border-bottom-left-radius: 3px; + border-top-left-radius: 3px; +} +.pagination-sm > li:last-child > a, +.pagination-sm > li:last-child > span { + border-bottom-right-radius: 3px; + border-top-right-radius: 3px; +} +.pager { + padding-left: 0; + margin: 20px 0; + list-style: none; + text-align: center; +} +.pager li { + display: inline; +} +.pager li > a, +.pager li > span { + display: inline-block; + padding: 5px 14px; + background-color: #ffffff; + border: 1px solid #dddddd; + border-radius: 15px; +} +.pager li > a:hover, +.pager li > a:focus { + text-decoration: none; + background-color: #eeeeee; +} +.pager .next > a, +.pager .next > span { + float: right; +} +.pager .previous > a, +.pager .previous > span { + float: left; +} +.pager .disabled > a, +.pager .disabled > a:hover, +.pager .disabled > a:focus, +.pager .disabled > span { + color: #777777; + background-color: #ffffff; + cursor: not-allowed; +} +.badge { + display: inline-block; + min-width: 10px; + padding: 3px 7px; + font-size: 12px; + font-weight: bold; + color: #ffffff; + line-height: 1; + vertical-align: middle; + white-space: nowrap; + text-align: center; + background-color: #777777; + border-radius: 10px; +} +.badge:empty { + display: none; +} +.btn .badge { + position: relative; + top: -1px; +} +.btn-xs .badge, +.btn-group-xs > .btn .badge { + top: 0; + padding: 1px 5px; +} +a.badge:hover, +a.badge:focus { + color: #ffffff; + text-decoration: none; + cursor: pointer; +} +.list-group-item.active > .badge, +.nav-pills > .active > a > .badge { + color: #337ab7; + background-color: #ffffff; +} +.list-group-item > .badge { + float: right; +} +.list-group-item > .badge + .badge { + margin-right: 5px; +} +.nav-pills > li > a > .badge { + margin-left: 3px; +} +.jumbotron { + padding-top: 30px; + padding-bottom: 30px; + margin-bottom: 30px; + color: inherit; + background-color: #eeeeee; +} +.jumbotron h1, +.jumbotron .h1 { + color: inherit; +} +.jumbotron p { + margin-bottom: 15px; + font-size: 21px; + font-weight: 200; +} +.jumbotron > hr { + border-top-color: #d5d5d5; +} +.container .jumbotron, +.container-fluid .jumbotron { + border-radius: 6px; +} +.jumbotron .container { + max-width: 100%; +} +@media screen and (min-width: 768px) { + .jumbotron { + padding-top: 48px; + padding-bottom: 48px; + } + .container .jumbotron, + .container-fluid .jumbotron { + padding-left: 60px; + padding-right: 60px; + } + .jumbotron h1, + .jumbotron .h1 { + font-size: 63px; + } +} +.thumbnail { + display: block; + padding: 4px; + margin-bottom: 20px; + line-height: 1.42857143; + background-color: #ffffff; + border: 1px solid #dddddd; + border-radius: 4px; + -webkit-transition: border 0.2s ease-in-out; + -o-transition: border 0.2s ease-in-out; + transition: border 0.2s ease-in-out; +} +.thumbnail > img, +.thumbnail a > img { + margin-left: auto; + margin-right: auto; +} +a.thumbnail:hover, +a.thumbnail:focus, +a.thumbnail.active { + border-color: #337ab7; +} +.thumbnail .caption { + padding: 9px; + color: #333333; +} +.alert { + padding: 15px; + margin-bottom: 20px; + border: 1px solid transparent; + border-radius: 4px; +} +.alert h4 { + margin-top: 0; + color: inherit; +} +.alert .alert-link { + font-weight: bold; +} +.alert > p, +.alert > ul { + margin-bottom: 0; +} +.alert > p + p { + margin-top: 5px; +} +.alert-dismissable, +.alert-dismissible { + padding-right: 35px; +} +.alert-dismissable .close, +.alert-dismissible .close { + position: relative; + top: -2px; + right: -21px; + color: inherit; +} +.alert-success { + background-color: #dff0d8; + border-color: #d6e9c6; + color: #3c763d; +} +.alert-success hr { + border-top-color: #c9e2b3; +} +.alert-success .alert-link { + color: #2b542c; +} +.alert-info { + background-color: #d9edf7; + border-color: #bce8f1; + color: #31708f; +} +.alert-info hr { + border-top-color: #a6e1ec; +} +.alert-info .alert-link { + color: #245269; +} +.alert-warning { + background-color: #fcf8e3; + border-color: #faebcc; + color: #8a6d3b; +} +.alert-warning hr { + border-top-color: #f7e1b5; +} +.alert-warning .alert-link { + color: #66512c; +} +.alert-danger { + background-color: #f2dede; + border-color: #ebccd1; + color: #a94442; +} +.alert-danger hr { + border-top-color: #e4b9c0; +} +.alert-danger .alert-link { + color: #843534; +} +@-webkit-keyframes progress-bar-stripes { + from { + background-position: 40px 0; + } + to { + background-position: 0 0; + } +} +@-o-keyframes progress-bar-stripes { + from { + background-position: 40px 0; + } + to { + background-position: 0 0; + } +} +@keyframes progress-bar-stripes { + from { + background-position: 40px 0; + } + to { + background-position: 0 0; + } +} +.progress { + overflow: hidden; + height: 20px; + margin-bottom: 20px; + background-color: #f5f5f5; + border-radius: 4px; + -webkit-box-shadow: inset 0 1px 2px rgba(0, 0, 0, 0.1); + box-shadow: inset 0 1px 2px rgba(0, 0, 0, 0.1); +} +.progress-bar { + float: left; + width: 0%; + height: 100%; + font-size: 12px; + line-height: 20px; + color: #ffffff; + text-align: center; + background-color: #337ab7; + -webkit-box-shadow: inset 0 -1px 0 rgba(0, 0, 0, 0.15); + box-shadow: inset 0 -1px 0 rgba(0, 0, 0, 0.15); + -webkit-transition: width 0.6s ease; + -o-transition: width 0.6s ease; + transition: width 0.6s ease; +} +.progress-striped .progress-bar, +.progress-bar-striped { + background-image: -webkit-linear-gradient(45deg, rgba(255, 255, 255, 0.15) 25%, transparent 25%, transparent 50%, rgba(255, 255, 255, 0.15) 50%, rgba(255, 255, 255, 0.15) 75%, transparent 75%, transparent); + background-image: -o-linear-gradient(45deg, rgba(255, 255, 255, 0.15) 25%, transparent 25%, transparent 50%, rgba(255, 255, 255, 0.15) 50%, rgba(255, 255, 255, 0.15) 75%, transparent 75%, transparent); + background-image: linear-gradient(45deg, rgba(255, 255, 255, 0.15) 25%, transparent 25%, transparent 50%, rgba(255, 255, 255, 0.15) 50%, rgba(255, 255, 255, 0.15) 75%, transparent 75%, transparent); + -webkit-background-size: 40px 40px; + background-size: 40px 40px; +} +.progress.active .progress-bar, +.progress-bar.active { + -webkit-animation: progress-bar-stripes 2s linear infinite; + -o-animation: progress-bar-stripes 2s linear infinite; + animation: progress-bar-stripes 2s linear infinite; +} +.progress-bar-success { + background-color: #5cb85c; +} +.progress-striped .progress-bar-success { + background-image: -webkit-linear-gradient(45deg, rgba(255, 255, 255, 0.15) 25%, transparent 25%, transparent 50%, rgba(255, 255, 255, 0.15) 50%, rgba(255, 255, 255, 0.15) 75%, transparent 75%, transparent); + background-image: -o-linear-gradient(45deg, rgba(255, 255, 255, 0.15) 25%, transparent 25%, transparent 50%, rgba(255, 255, 255, 0.15) 50%, rgba(255, 255, 255, 0.15) 75%, transparent 75%, transparent); + background-image: linear-gradient(45deg, rgba(255, 255, 255, 0.15) 25%, transparent 25%, transparent 50%, rgba(255, 255, 255, 0.15) 50%, rgba(255, 255, 255, 0.15) 75%, transparent 75%, transparent); +} +.progress-bar-info { + background-color: #5bc0de; +} +.progress-striped .progress-bar-info { + background-image: -webkit-linear-gradient(45deg, rgba(255, 255, 255, 0.15) 25%, transparent 25%, transparent 50%, rgba(255, 255, 255, 0.15) 50%, rgba(255, 255, 255, 0.15) 75%, transparent 75%, transparent); + background-image: -o-linear-gradient(45deg, rgba(255, 255, 255, 0.15) 25%, transparent 25%, transparent 50%, rgba(255, 255, 255, 0.15) 50%, rgba(255, 255, 255, 0.15) 75%, transparent 75%, transparent); + background-image: linear-gradient(45deg, rgba(255, 255, 255, 0.15) 25%, transparent 25%, transparent 50%, rgba(255, 255, 255, 0.15) 50%, rgba(255, 255, 255, 0.15) 75%, transparent 75%, transparent); +} +.progress-bar-warning { + background-color: #f0ad4e; +} +.progress-striped .progress-bar-warning { + background-image: -webkit-linear-gradient(45deg, rgba(255, 255, 255, 0.15) 25%, transparent 25%, transparent 50%, rgba(255, 255, 255, 0.15) 50%, rgba(255, 255, 255, 0.15) 75%, transparent 75%, transparent); + background-image: -o-linear-gradient(45deg, rgba(255, 255, 255, 0.15) 25%, transparent 25%, transparent 50%, rgba(255, 255, 255, 0.15) 50%, rgba(255, 255, 255, 0.15) 75%, transparent 75%, transparent); + background-image: linear-gradient(45deg, rgba(255, 255, 255, 0.15) 25%, transparent 25%, transparent 50%, rgba(255, 255, 255, 0.15) 50%, rgba(255, 255, 255, 0.15) 75%, transparent 75%, transparent); +} +.progress-bar-danger { + background-color: #d9534f; +} +.progress-striped .progress-bar-danger { + background-image: -webkit-linear-gradient(45deg, rgba(255, 255, 255, 0.15) 25%, transparent 25%, transparent 50%, rgba(255, 255, 255, 0.15) 50%, rgba(255, 255, 255, 0.15) 75%, transparent 75%, transparent); + background-image: -o-linear-gradient(45deg, rgba(255, 255, 255, 0.15) 25%, transparent 25%, transparent 50%, rgba(255, 255, 255, 0.15) 50%, rgba(255, 255, 255, 0.15) 75%, transparent 75%, transparent); + background-image: linear-gradient(45deg, rgba(255, 255, 255, 0.15) 25%, transparent 25%, transparent 50%, rgba(255, 255, 255, 0.15) 50%, rgba(255, 255, 255, 0.15) 75%, transparent 75%, transparent); +} +.panel { + margin-bottom: 20px; + background-color: #ffffff; + border: 1px solid transparent; + border-radius: 4px; + -webkit-box-shadow: 0 1px 1px rgba(0, 0, 0, 0.05); + box-shadow: 0 1px 1px rgba(0, 0, 0, 0.05); +} +.panel-body { + padding: 15px; +} +.panel-heading { + padding: 10px 15px; + border-bottom: 1px solid transparent; + border-top-right-radius: 3px; + border-top-left-radius: 3px; +} +.panel-heading > .dropdown .dropdown-toggle { + color: inherit; +} +.panel-title { + margin-top: 0; + margin-bottom: 0; + font-size: 16px; + color: inherit; +} +.panel-title > a, +.panel-title > small, +.panel-title > .small, +.panel-title > small > a, +.panel-title > .small > a { + color: inherit; +} +.panel-footer { + padding: 10px 15px; + background-color: #f5f5f5; + border-top: 1px solid #dddddd; + border-bottom-right-radius: 3px; + border-bottom-left-radius: 3px; +} +.panel > .list-group, +.panel > .panel-collapse > .list-group { + margin-bottom: 0; +} +.panel > .list-group .list-group-item, +.panel > .panel-collapse > .list-group .list-group-item { + border-width: 1px 0; + border-radius: 0; +} +.panel > .list-group:first-child .list-group-item:first-child, +.panel > .panel-collapse > .list-group:first-child .list-group-item:first-child { + border-top: 0; + border-top-right-radius: 3px; + border-top-left-radius: 3px; +} +.panel > .list-group:last-child .list-group-item:last-child, +.panel > .panel-collapse > .list-group:last-child .list-group-item:last-child { + border-bottom: 0; + border-bottom-right-radius: 3px; + border-bottom-left-radius: 3px; +} +.panel > .panel-heading + .panel-collapse > .list-group .list-group-item:first-child { + border-top-right-radius: 0; + border-top-left-radius: 0; +} +.panel-heading + .list-group .list-group-item:first-child { + border-top-width: 0; +} +.list-group + .panel-footer { + border-top-width: 0; +} +.panel > .table, +.panel > .table-responsive > .table, +.panel > .panel-collapse > .table { + margin-bottom: 0; +} +.panel > .table caption, +.panel > .table-responsive > .table caption, +.panel > .panel-collapse > .table caption { + padding-left: 15px; + padding-right: 15px; +} +.panel > .table:first-child, +.panel > .table-responsive:first-child > .table:first-child { + border-top-right-radius: 3px; + border-top-left-radius: 3px; +} +.panel > .table:first-child > thead:first-child > tr:first-child, +.panel > .table-responsive:first-child > .table:first-child > thead:first-child > tr:first-child, +.panel > .table:first-child > tbody:first-child > tr:first-child, +.panel > .table-responsive:first-child > .table:first-child > tbody:first-child > tr:first-child { + border-top-left-radius: 3px; + border-top-right-radius: 3px; +} +.panel > .table:first-child > thead:first-child > tr:first-child td:first-child, +.panel > .table-responsive:first-child > .table:first-child > thead:first-child > tr:first-child td:first-child, +.panel > .table:first-child > tbody:first-child > tr:first-child td:first-child, +.panel > .table-responsive:first-child > .table:first-child > tbody:first-child > tr:first-child td:first-child, +.panel > .table:first-child > thead:first-child > tr:first-child th:first-child, +.panel > .table-responsive:first-child > .table:first-child > thead:first-child > tr:first-child th:first-child, +.panel > .table:first-child > tbody:first-child > tr:first-child th:first-child, +.panel > .table-responsive:first-child > .table:first-child > tbody:first-child > tr:first-child th:first-child { + border-top-left-radius: 3px; +} +.panel > .table:first-child > thead:first-child > tr:first-child td:last-child, +.panel > .table-responsive:first-child > .table:first-child > thead:first-child > tr:first-child td:last-child, +.panel > .table:first-child > tbody:first-child > tr:first-child td:last-child, +.panel > .table-responsive:first-child > .table:first-child > tbody:first-child > tr:first-child td:last-child, +.panel > .table:first-child > thead:first-child > tr:first-child th:last-child, +.panel > .table-responsive:first-child > .table:first-child > thead:first-child > tr:first-child th:last-child, +.panel > .table:first-child > tbody:first-child > tr:first-child th:last-child, +.panel > .table-responsive:first-child > .table:first-child > tbody:first-child > tr:first-child th:last-child { + border-top-right-radius: 3px; +} +.panel > .table:last-child, +.panel > .table-responsive:last-child > .table:last-child { + border-bottom-right-radius: 3px; + border-bottom-left-radius: 3px; +} +.panel > .table:last-child > tbody:last-child > tr:last-child, +.panel > .table-responsive:last-child > .table:last-child > tbody:last-child > tr:last-child, +.panel > .table:last-child > tfoot:last-child > tr:last-child, +.panel > .table-responsive:last-child > .table:last-child > tfoot:last-child > tr:last-child { + border-bottom-left-radius: 3px; + border-bottom-right-radius: 3px; +} +.panel > .table:last-child > tbody:last-child > tr:last-child td:first-child, +.panel > .table-responsive:last-child > .table:last-child > tbody:last-child > tr:last-child td:first-child, +.panel > .table:last-child > tfoot:last-child > tr:last-child td:first-child, +.panel > .table-responsive:last-child > .table:last-child > tfoot:last-child > tr:last-child td:first-child, +.panel > .table:last-child > tbody:last-child > tr:last-child th:first-child, +.panel > .table-responsive:last-child > .table:last-child > tbody:last-child > tr:last-child th:first-child, +.panel > .table:last-child > tfoot:last-child > tr:last-child th:first-child, +.panel > .table-responsive:last-child > .table:last-child > tfoot:last-child > tr:last-child th:first-child { + border-bottom-left-radius: 3px; +} +.panel > .table:last-child > tbody:last-child > tr:last-child td:last-child, +.panel > .table-responsive:last-child > .table:last-child > tbody:last-child > tr:last-child td:last-child, +.panel > .table:last-child > tfoot:last-child > tr:last-child td:last-child, +.panel > .table-responsive:last-child > .table:last-child > tfoot:last-child > tr:last-child td:last-child, +.panel > .table:last-child > tbody:last-child > tr:last-child th:last-child, +.panel > .table-responsive:last-child > .table:last-child > tbody:last-child > tr:last-child th:last-child, +.panel > .table:last-child > tfoot:last-child > tr:last-child th:last-child, +.panel > .table-responsive:last-child > .table:last-child > tfoot:last-child > tr:last-child th:last-child { + border-bottom-right-radius: 3px; +} +.panel > .panel-body + .table, +.panel > .panel-body + .table-responsive, +.panel > .table + .panel-body, +.panel > .table-responsive + .panel-body { + border-top: 1px solid #dddddd; +} +.panel > .table > tbody:first-child > tr:first-child th, +.panel > .table > tbody:first-child > tr:first-child td { + border-top: 0; +} +.panel > .table-bordered, +.panel > .table-responsive > .table-bordered { + border: 0; +} +.panel > .table-bordered > thead > tr > th:first-child, +.panel > .table-responsive > .table-bordered > thead > tr > th:first-child, +.panel > .table-bordered > tbody > tr > th:first-child, +.panel > .table-responsive > .table-bordered > tbody > tr > th:first-child, +.panel > .table-bordered > tfoot > tr > th:first-child, +.panel > .table-responsive > .table-bordered > tfoot > tr > th:first-child, +.panel > .table-bordered > thead > tr > td:first-child, +.panel > .table-responsive > .table-bordered > thead > tr > td:first-child, +.panel > .table-bordered > tbody > tr > td:first-child, +.panel > .table-responsive > .table-bordered > tbody > tr > td:first-child, +.panel > .table-bordered > tfoot > tr > td:first-child, +.panel > .table-responsive > .table-bordered > tfoot > tr > td:first-child { + border-left: 0; +} +.panel > .table-bordered > thead > tr > th:last-child, +.panel > .table-responsive > .table-bordered > thead > tr > th:last-child, +.panel > .table-bordered > tbody > tr > th:last-child, +.panel > .table-responsive > .table-bordered > tbody > tr > th:last-child, +.panel > .table-bordered > tfoot > tr > th:last-child, +.panel > .table-responsive > .table-bordered > tfoot > tr > th:last-child, +.panel > .table-bordered > thead > tr > td:last-child, +.panel > .table-responsive > .table-bordered > thead > tr > td:last-child, +.panel > .table-bordered > tbody > tr > td:last-child, +.panel > .table-responsive > .table-bordered > tbody > tr > td:last-child, +.panel > .table-bordered > tfoot > tr > td:last-child, +.panel > .table-responsive > .table-bordered > tfoot > tr > td:last-child { + border-right: 0; +} +.panel > .table-bordered > thead > tr:first-child > td, +.panel > .table-responsive > .table-bordered > thead > tr:first-child > td, +.panel > .table-bordered > tbody > tr:first-child > td, +.panel > .table-responsive > .table-bordered > tbody > tr:first-child > td, +.panel > .table-bordered > thead > tr:first-child > th, +.panel > .table-responsive > .table-bordered > thead > tr:first-child > th, +.panel > .table-bordered > tbody > tr:first-child > th, +.panel > .table-responsive > .table-bordered > tbody > tr:first-child > th { + border-bottom: 0; +} +.panel > .table-bordered > tbody > tr:last-child > td, +.panel > .table-responsive > .table-bordered > tbody > tr:last-child > td, +.panel > .table-bordered > tfoot > tr:last-child > td, +.panel > .table-responsive > .table-bordered > tfoot > tr:last-child > td, +.panel > .table-bordered > tbody > tr:last-child > th, +.panel > .table-responsive > .table-bordered > tbody > tr:last-child > th, +.panel > .table-bordered > tfoot > tr:last-child > th, +.panel > .table-responsive > .table-bordered > tfoot > tr:last-child > th { + border-bottom: 0; +} +.panel > .table-responsive { + border: 0; + margin-bottom: 0; +} +.panel-group { + margin-bottom: 20px; +} +.panel-group .panel { + margin-bottom: 0; + border-radius: 4px; +} +.panel-group .panel + .panel { + margin-top: 5px; +} +.panel-group .panel-heading { + border-bottom: 0; +} +.panel-group .panel-heading + .panel-collapse > .panel-body, +.panel-group .panel-heading + .panel-collapse > .list-group { + border-top: 1px solid #dddddd; +} +.panel-group .panel-footer { + border-top: 0; +} +.panel-group .panel-footer + .panel-collapse .panel-body { + border-bottom: 1px solid #dddddd; +} +.panel-default { + border-color: #dddddd; +} +.panel-default > .panel-heading { + color: #333333; + background-color: #f5f5f5; + border-color: #dddddd; +} +.panel-default > .panel-heading + .panel-collapse > .panel-body { + border-top-color: #dddddd; +} +.panel-default > .panel-heading .badge { + color: #f5f5f5; + background-color: #333333; +} +.panel-default > .panel-footer + .panel-collapse > .panel-body { + border-bottom-color: #dddddd; +} +.panel-primary { + border-color: #337ab7; +} +.panel-primary > .panel-heading { + color: #ffffff; + background-color: #337ab7; + border-color: #337ab7; +} +.panel-primary > .panel-heading + .panel-collapse > .panel-body { + border-top-color: #337ab7; +} +.panel-primary > .panel-heading .badge { + color: #337ab7; + background-color: #ffffff; +} +.panel-primary > .panel-footer + .panel-collapse > .panel-body { + border-bottom-color: #337ab7; +} +.panel-success { + border-color: #d6e9c6; +} +.panel-success > .panel-heading { + color: #3c763d; + background-color: #dff0d8; + border-color: #d6e9c6; +} +.panel-success > .panel-heading + .panel-collapse > .panel-body { + border-top-color: #d6e9c6; +} +.panel-success > .panel-heading .badge { + color: #dff0d8; + background-color: #3c763d; +} +.panel-success > .panel-footer + .panel-collapse > .panel-body { + border-bottom-color: #d6e9c6; +} +.panel-info { + border-color: #bce8f1; +} +.panel-info > .panel-heading { + color: #31708f; + background-color: #d9edf7; + border-color: #bce8f1; +} +.panel-info > .panel-heading + .panel-collapse > .panel-body { + border-top-color: #bce8f1; +} +.panel-info > .panel-heading .badge { + color: #d9edf7; + background-color: #31708f; +} +.panel-info > .panel-footer + .panel-collapse > .panel-body { + border-bottom-color: #bce8f1; +} +.panel-warning { + border-color: #faebcc; +} +.panel-warning > .panel-heading { + color: #8a6d3b; + background-color: #fcf8e3; + border-color: #faebcc; +} +.panel-warning > .panel-heading + .panel-collapse > .panel-body { + border-top-color: #faebcc; +} +.panel-warning > .panel-heading .badge { + color: #fcf8e3; + background-color: #8a6d3b; +} +.panel-warning > .panel-footer + .panel-collapse > .panel-body { + border-bottom-color: #faebcc; +} +.panel-danger { + border-color: #ebccd1; +} +.panel-danger > .panel-heading { + color: #a94442; + background-color: #f2dede; + border-color: #ebccd1; +} +.panel-danger > .panel-heading + .panel-collapse > .panel-body { + border-top-color: #ebccd1; +} +.panel-danger > .panel-heading .badge { + color: #f2dede; + background-color: #a94442; +} +.panel-danger > .panel-footer + .panel-collapse > .panel-body { + border-bottom-color: #ebccd1; +} +.well { + min-height: 20px; + padding: 19px; + margin-bottom: 20px; + background-color: #f5f5f5; + border: 1px solid #e3e3e3; + border-radius: 4px; + -webkit-box-shadow: inset 0 1px 1px rgba(0, 0, 0, 0.05); + box-shadow: inset 0 1px 1px rgba(0, 0, 0, 0.05); +} +.well blockquote { + border-color: #ddd; + border-color: rgba(0, 0, 0, 0.15); +} +.well-lg { + padding: 24px; + border-radius: 6px; +} +.well-sm { + padding: 9px; + border-radius: 3px; +} +.close { + float: right; + font-size: 21px; + font-weight: bold; + line-height: 1; + color: #000000; + text-shadow: 0 1px 0 #ffffff; + opacity: 0.2; + filter: alpha(opacity=20); +} +.close:hover, +.close:focus { + color: #000000; + text-decoration: none; + cursor: pointer; + opacity: 0.5; + filter: alpha(opacity=50); +} +button.close { + padding: 0; + cursor: pointer; + background: transparent; + border: 0; + -webkit-appearance: none; +} +.modal-open { + overflow: hidden; +} +.modal { + display: none; + overflow: hidden; + position: fixed; + top: 0; + right: 0; + bottom: 0; + left: 0; + z-index: 1050; + -webkit-overflow-scrolling: touch; + outline: 0; +} +.modal.fade .modal-dialog { + -webkit-transform: translate(0, -25%); + -ms-transform: translate(0, -25%); + -o-transform: translate(0, -25%); + transform: translate(0, -25%); + -webkit-transition: -webkit-transform 0.3s ease-out; + -o-transition: -o-transform 0.3s ease-out; + transition: transform 0.3s ease-out; +} +.modal.in .modal-dialog { + -webkit-transform: translate(0, 0); + -ms-transform: translate(0, 0); + -o-transform: translate(0, 0); + transform: translate(0, 0); +} +.modal-open .modal { + overflow-x: hidden; + overflow-y: auto; +} +.modal-dialog { + position: relative; + width: auto; + margin: 10px; +} +.modal-content { + position: relative; + background-color: #ffffff; + border: 1px solid #999999; + border: 1px solid rgba(0, 0, 0, 0.2); + border-radius: 6px; + -webkit-box-shadow: 0 3px 9px rgba(0, 0, 0, 0.5); + box-shadow: 0 3px 9px rgba(0, 0, 0, 0.5); + -webkit-background-clip: padding-box; + background-clip: padding-box; + outline: 0; +} +.modal-backdrop { + position: fixed; + top: 0; + right: 0; + bottom: 0; + left: 0; + z-index: 1040; + background-color: #000000; +} +.modal-backdrop.fade { + opacity: 0; + filter: alpha(opacity=0); +} +.modal-backdrop.in { + opacity: 0.5; + filter: alpha(opacity=50); +} +.modal-header { + padding: 15px; + border-bottom: 1px solid #e5e5e5; + min-height: 16.42857143px; +} +.modal-header .close { + margin-top: -2px; +} +.modal-title { + margin: 0; + line-height: 1.42857143; +} +.modal-body { + position: relative; + padding: 15px; +} +.modal-footer { + padding: 15px; + text-align: right; + border-top: 1px solid #e5e5e5; +} +.modal-footer .btn + .btn { + margin-left: 5px; + margin-bottom: 0; +} +.modal-footer .btn-group .btn + .btn { + margin-left: -1px; +} +.modal-footer .btn-block + .btn-block { + margin-left: 0; +} +.modal-scrollbar-measure { + position: absolute; + top: -9999px; + width: 50px; + height: 50px; + overflow: scroll; +} +@media (min-width: 768px) { + .modal-dialog { + width: 600px; + margin: 30px auto; + } + .modal-content { + -webkit-box-shadow: 0 5px 15px rgba(0, 0, 0, 0.5); + box-shadow: 0 5px 15px rgba(0, 0, 0, 0.5); + } + .modal-sm { + width: 300px; + } +} +@media (min-width: 992px) { + .modal-lg { + width: 900px; + } +} +.popover { + position: absolute; + top: 0; + left: 0; + z-index: 1060; + display: none; + max-width: 276px; + padding: 1px; + font-family: "Helvetica Neue", Helvetica, Arial, sans-serif; + font-style: normal; + font-weight: normal; + letter-spacing: normal; + line-break: auto; + line-height: 1.42857143; + text-align: left; + text-align: start; + text-decoration: none; + text-shadow: none; + text-transform: none; + white-space: normal; + word-break: normal; + word-spacing: normal; + word-wrap: normal; + font-size: 14px; + background-color: #ffffff; + -webkit-background-clip: padding-box; + background-clip: padding-box; + border: 1px solid #cccccc; + border: 1px solid rgba(0, 0, 0, 0.2); + border-radius: 6px; + -webkit-box-shadow: 0 5px 10px rgba(0, 0, 0, 0.2); + box-shadow: 0 5px 10px rgba(0, 0, 0, 0.2); +} +.popover.top { + margin-top: -10px; +} +.popover.right { + margin-left: 10px; +} +.popover.bottom { + margin-top: 10px; +} +.popover.left { + margin-left: -10px; +} +.popover-title { + margin: 0; + padding: 8px 14px; + font-size: 14px; + background-color: #f7f7f7; + border-bottom: 1px solid #ebebeb; + border-radius: 5px 5px 0 0; +} +.popover-content { + padding: 9px 14px; +} +.popover > .arrow, +.popover > .arrow:after { + position: absolute; + display: block; + width: 0; + height: 0; + border-color: transparent; + border-style: solid; +} +.popover > .arrow { + border-width: 11px; +} +.popover > .arrow:after { + border-width: 10px; + content: ""; +} +.popover.top > .arrow { + left: 50%; + margin-left: -11px; + border-bottom-width: 0; + border-top-color: #999999; + border-top-color: rgba(0, 0, 0, 0.25); + bottom: -11px; +} +.popover.top > .arrow:after { + content: " "; + bottom: 1px; + margin-left: -10px; + border-bottom-width: 0; + border-top-color: #ffffff; +} +.popover.right > .arrow { + top: 50%; + left: -11px; + margin-top: -11px; + border-left-width: 0; + border-right-color: #999999; + border-right-color: rgba(0, 0, 0, 0.25); +} +.popover.right > .arrow:after { + content: " "; + left: 1px; + bottom: -10px; + border-left-width: 0; + border-right-color: #ffffff; +} +.popover.bottom > .arrow { + left: 50%; + margin-left: -11px; + border-top-width: 0; + border-bottom-color: #999999; + border-bottom-color: rgba(0, 0, 0, 0.25); + top: -11px; +} +.popover.bottom > .arrow:after { + content: " "; + top: 1px; + margin-left: -10px; + border-top-width: 0; + border-bottom-color: #ffffff; +} +.popover.left > .arrow { + top: 50%; + right: -11px; + margin-top: -11px; + border-right-width: 0; + border-left-color: #999999; + border-left-color: rgba(0, 0, 0, 0.25); +} +.popover.left > .arrow:after { + content: " "; + right: 1px; + border-right-width: 0; + border-left-color: #ffffff; + bottom: -10px; +} +.clearfix:before, +.clearfix:after, +.container:before, +.container:after, +.container-fluid:before, +.container-fluid:after, +.row:before, +.row:after, +.form-horizontal .form-group:before, +.form-horizontal .form-group:after, +.btn-toolbar:before, +.btn-toolbar:after, +.btn-group-vertical > .btn-group:before, +.btn-group-vertical > .btn-group:after, +.nav:before, +.nav:after, +.pager:before, +.pager:after, +.panel-body:before, +.panel-body:after, +.modal-footer:before, +.modal-footer:after { + content: " "; + display: table; +} +.clearfix:after, +.container:after, +.container-fluid:after, +.row:after, +.form-horizontal .form-group:after, +.btn-toolbar:after, +.btn-group-vertical > .btn-group:after, +.nav:after, +.pager:after, +.panel-body:after, +.modal-footer:after { + clear: both; +} +.center-block { + display: block; + margin-left: auto; + margin-right: auto; +} +.pull-right { + float: right !important; +} +.pull-left { + float: left !important; +} +.hide { + display: none !important; +} +.show { + display: block !important; +} +.invisible { + visibility: hidden; +} +.text-hide { + font: 0/0 a; + color: transparent; + text-shadow: none; + background-color: transparent; + border: 0; +} + +.affix { + position: fixed; +} diff --git a/id/ConfigWebTool/src/main/webapp/css/index.css b/id/ConfigWebTool/src/main/webapp/css/index.css index 2c7a880f0..00a2fa851 100644 --- a/id/ConfigWebTool/src/main/webapp/css/index.css +++ b/id/ConfigWebTool/src/main/webapp/css/index.css @@ -1,29 +1,59 @@ @CHARSET "UTF-8"; +html{ + margin:0; + padding:0; +} + body { - font-size: 1em; + margin:0; + padding:0; + font-size: 1.2em; + font-family: 'Open Sans', sans-serif; + left:0; + width:100%; + position:absolute; + color: #303030; + box-sizing:none; } -#header_area { - padding-bottom: 10px; - background-color: #6FA5D4; - display: block; +.label{ + font-weight:normal; font-size: 1.2em; - /* margin-left: 25px; */ - padding-top: 10px; - padding-left: 25px; - border-radius: 3px; +} + +h2{ + font-size:1.8em; + font-weight: normal; +} +h3{ + font-size:1.5em; + font-weight: normal; +} +h4{ + font-size:1.4em; + font-weight: normal; +} +h5{ + font-size:1.3em; + font-weight: normal; + margin-bottom:1px; + padding-top:10px; } #header_area { + background-color: #EEEEEE; + display: block; font-size: 1.2em; - margin-left: 25px; - padding-top: 8px; + height: 50px; + padding-top:5px; + padding-left:20px; + padding-top: 10px; } + #header_area #logoutbutton { float: right; - /*padding-right: 25px;*/ } #passwordlogin { @@ -31,71 +61,77 @@ body { } #bkulogin { - float: left; - margin-left: 50px; -} - -#bkuloginbutton { - background:-moz-linear-gradient(bottom,#b3b3b3,#f1f1f1); /* Firefox */ - background:-webkit-gradient(linear,left top,left bottom,from(#b3b3b3),to(#f1f1f1)); /* Chrome, Safari */ - filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#b3b3b3',endColorstr='#f1f1f1'); - - display: block; - padding-top: 10px; - padding-bottom: 10px; - text-align: center; - width: 200px; - /* background-color: gold; */ - border-radius: 10px; - box-shadow: 8px 8px 8px #666; - border-style: solid; - border-color: black; - border-width: 2px; - + float: right; + margin-left: 0px; + padding-top:5px; } #menu_area { margin-top: 25px; - border-color: black; - border-style: solid; - border-width: 2px; - width: 250px; - margin-left: 15px; - position: relative; - padding-left: 15px; - padding-top: 10px; + width: 300px; + margin-left: 0px; + position: absolute; + padding-left: 0px; + padding-top: 3px; float: left; - /* background-color: gray; */ - background-color: #CACACA; - border-radius: 5px; } - .menu_element { - margin-top: 15px; - margin-bottom: 15px; - font-size: 1.2em; + margin-top: 5px; + margin-bottom: 5px; display: block; -/* background-color: red; */ - background-color: #6FA5D4; margin-right: 18px; margin-top: 5px; height: 30px; - border-radius: 10px; + border-radius: 0px; padding-top: 5px; + padding-left:30px; + margin-left:0px; } +.menu_element:HOVER { + background-color: #EEEEEE; +} .menu_element>a { - padding: 5px; - margin-left: 5px; + padding: auto; + text-decoration: none; + color: #303030; + outline:0; + font-size: 1.4em; } + #information_area { float: left; padding-left: 25px; - padding-top: 25px; + padding-top: 16px; + padding-bottom: 25px; + width:auto; } -#language_area { +#right_area { + float: right; + width:auto; + padding-bottom: 10px; + padding-left: 10px; + padding-right: 30px; + padding-top: 4px; +} + +#left_area { + float: left; + width:auto; + padding-left: 10px; + padding-right: 30px; + padding-top: 0px; + margin-top:-5px; +} + +#left_area h2{ + padding-top:0px; + margin-top:0px; +} + +#nameField{ float: right; padding-bottom: 10px; padding-left: 10px; @@ -129,13 +165,49 @@ body { margin-top: 25px; margin-bottom: 50px; clear: both; - padding-left: 70px; + padding-left: 0px; } #button_area input { float: left; - margin-left: 40px; - width: 225px; + margin-left: 0px; + margin-right:20px; + margin-bottom:10px; + width: 290px; + + background-color:#2dabf9; + border:none; + display:inline-block; + cursor:pointer; + color:#ffffff; + font-family:Arial; + font-size:15px; + padding:5px 0px; + text-decoration:none; +} + +#button_area input:hover { + background-color:#0688fa; +} +#button_area input:active { + position:relative; +} + +#loadOA_formOA_bkuSelectionFileUpload input{ + float: left; + margin-left: 0px; + margin-right:20px; + width: 290px; + + background-color:#2dabf9; + border:none; + display:inline-block; + cursor:pointer; + color:#ffffff; + font-family:Arial; + font-size:15px; + padding:5px 0px; + text-decoration:none; } #button_saml1_hidden { @@ -153,6 +225,7 @@ body { #formcustom_button_show { margin-bottom: 50px; clear: both; + } #formcustom_area { @@ -175,8 +248,8 @@ body { .oa_protocol_area { clear: both; - margin-left: 25px; - padding-top: 20px; + margin-left: 0px; + padding-top: 0px; } .hidden { @@ -186,9 +259,10 @@ body { .floatClass > .wwgrp { clear: none; } +#oa_search_symbol{ + font-size: 2em; + text-decoration:none; -.oa_protocol_area >h4 { - margin-left: 10px; } .oa_protocol_area >h5 { @@ -198,8 +272,12 @@ body { } .oa_config_block { - padding-left: 15px; + /*padding-left: 15px;*/ clear: both; + border-bottom: 1px solid #ddd; + display:block; + overflow:auto; + padding-bottom:10px; } /* .oa_config_block label{ @@ -212,6 +290,7 @@ body { .oa_config_block label.radio{ text-align: left; + padding-left:5px; width: 170px; } @@ -224,11 +303,13 @@ body { .oa_config_block input.radio{ margin-top: 6px; + margin-left:0px; + vertical-align: text-bottom; } .oa_config_block h3 { - padding-top: 25px; + padding-top: 10px; } .oa_config_block h4 { @@ -243,12 +324,8 @@ body { .moageneral_protocol_area { clear: both; - margin-left: 25px; } -.moageneral_protocol_area>h4 { - margin-left: 10px; -} #moageneral_active_protocol>.wwgrp { float: left; @@ -260,11 +337,11 @@ body { } .wwlbl { - float: left; + float: left; padding-right: 10px; - padding-top: 3px; - text-align: right; - width: 300px; + padding-top: 5px; + text-align: left; + width: 280px; } .wwctrl { @@ -272,6 +349,7 @@ body { padding-bottom: 5px; padding-top: 1px; text-align: left; + padding-left:50px; } .wwgrp { @@ -308,7 +386,10 @@ div .wwgrp br { .textfield_long { width: 600px; - +} + +.textfield_300px{ + width: 300px; } .textfield_large{ @@ -321,15 +402,39 @@ div .wwgrp br { width: 80px; float: left; margin-right: 5px; + background: transparent; + overflow: hidden; + border: 1px solid #ccc; + text-decoration:none; } .checkbox{ margin-top: 7px; + margin-left:0px; } .oa_buttons{ float: left; - margin-left: 100px; + margin-right: 20px; + width:290px; + background-color:#2dabf9; + border:none; + display:inline-block; + cursor:pointer; + color:#ffffff; + font-family:Arial; + font-size:15px; + padding:5px 10px; + text-decoration:none; + +} + +.oa_buttons:hover { + background-color:#0688fa; +} +.oa_buttons:active { + position:relative; + top:1px; } #list_area { @@ -343,7 +448,7 @@ div .wwgrp br { padding-top: 5px; padding-right: 10px; border-bottom: 1px; - border-color: red; + border-color: #ddd; border-bottom-style: solid; clear: both; } @@ -352,8 +457,9 @@ div .wwgrp br { cursor: default; border-bottom-style: none; display: table-header-group; - font-weight: bold; - font-size: 1.1em; + font-weight: normal; + font-size: 1.3em; + margin-top: 50px; } .listElInfo { @@ -403,7 +509,7 @@ div .wwgrp br { } #footer_area { - background-color: #6FA5D4; + clear: both; display: block; /* height: 40px; */ @@ -417,3 +523,149 @@ div .wwgrp br { padding-top: 10px; border-radius: 3px; } + +/*drop down menu */ + + +#drop_down_menu { + position: fixed; + overflow: hidden; + z-index: -1; + opacity: 0; + width: 200px; + height: 150px; + right:20px; + top: 40px; + background: rgba(0,0,0,0.8); + -webkit-transition: all 0.3s ease-in-out; + -moz-transition: all 0.3s ease-in-out; + -o-transition: all 0.3s ease-in-out; + transition: all 0.3s ease-in-out; + color: #fff; +} + +#drop_down_menu ul { + top: 10px; + -webkit-transition: all 0.3s ease-in-out; + -moz-transition: all 0.3s ease-in-out; + -o-transition: all 0.3s ease-in-out; + transition: all 0.3s ease-in-out; + padding-left:10px; +} + +#drop_down_menu li { + display: inline-block; + margin: 2px; +} + +#drop_down_menu:hover { + opacity:1; + z-index:1000; +} + +#drop_down_menu ul li a { + text-decoration: none; + font-size: 1.1em; + -webkit-transition: all 0.2s ease-in-out; + -moz-transition: all 0.2s ease-in-out; + -o-transition: all 0.2s ease-in-out; + transition: all 0.2s ease-in-out; +} + +#drop_down_menu li a:hover { border-color: #fff; } + +#toggleMenu{ + text-decoration: none; + font-size:1.2em; + color: #303030; + margin-right: 15px; +} + +#toggleMenu:hover ~ #drop_down_menu{ + opacity:1; + z-index:1000; +} + +#flag_at{ + position:absolute; + left: 10px; + bottom:20px; +} + +#flag_en{ + position:absolute; + left: 50px; + bottom:20px; +} + +#logout_button{ + position:absolute; + right: 10px; + bottom:20px; + text-decoration:none; + color:white; +} + +.button_narrow{ + float: left; + margin-right: 10px; + width:100px; + background-color:#2dabf9; + border:none; + display:inline-block; + cursor:pointer; + color:#ffffff; + font-family:Arial; + font-size:15px; + padding:2px 5px; + text-decoration:none; + margin-bottom: 3px; +} + +.button_narrow:hover { + background-color:#0688fa; +} +.button_narrow:active { + position:relative; + top:1px; +} + +.button_fit{ + + margin-right: 0px; + background-color:#2dabf9; + border:none; + display:inline-block; + cursor:pointer; + color:#ffffff; + font-family:Arial; + font-size:15px; + padding:2px 10px; + text-decoration:none; + margin-bottom: 3px; +} + +.button_fit:hover { + background-color:#0688fa; +} +.button_fit:active { + position:relative; + top:1px; +} + +.checkboxLabel{ + padding-left:5px; + padding-right:5px; +} + +#stork_attributelist .wwctrl{ + padding-left:0px; +} +#stork_attributelist .wwctrl input[type="checkbox"]{ + margin-left:20px; +} + +#loadGeneralConfig_moaconfig_publicURLPrefix { + resize: none; + +} diff --git a/id/ConfigWebTool/src/main/webapp/images/logout.png b/id/ConfigWebTool/src/main/webapp/images/logout.png Binary files differnew file mode 100644 index 000000000..c8117ef4b --- /dev/null +++ b/id/ConfigWebTool/src/main/webapp/images/logout.png diff --git a/id/ConfigWebTool/src/main/webapp/images/lupe.png b/id/ConfigWebTool/src/main/webapp/images/lupe.png Binary files differnew file mode 100644 index 000000000..c49978116 --- /dev/null +++ b/id/ConfigWebTool/src/main/webapp/images/lupe.png diff --git a/id/ConfigWebTool/src/main/webapp/index.jsp b/id/ConfigWebTool/src/main/webapp/index.jsp index fda077d28..f6fd16ab4 100644 --- a/id/ConfigWebTool/src/main/webapp/index.jsp +++ b/id/ConfigWebTool/src/main/webapp/index.jsp @@ -7,19 +7,23 @@ <html> <head> <meta content="text/html; charset=utf-8" http-equiv="Content-Type"> + <link rel="stylesheet" type="text/css" href="css/bootstrap.css"> <link rel="stylesheet" type="text/css" href="css/index.css"> <title><%=LanguageHelper.getGUIString("title", request) %></title> </head> <body> - <h1><%=LanguageHelper.getGUIString("webpages.index.header", request) %></h1> + <div id="header_area"> + <div id ="left_area"> + <h2><%=LanguageHelper.getGUIString("header.title", request) %></h2> + + </div> + + </div> <div id="information_area"> - <div id="language_area"> - <a href="index.action?request_locale=de" /><img alt="Deutsch" src="./images/de.png"></a> - <a href="index.action?request_locale=en" /><img alt="English" src="./images/en.png"></a> - </div> + <s:if test="hasActionMessages()"> <div id="message_area"> @@ -36,8 +40,7 @@ </s:if> <div id="information_area"> - <p><%=LanguageHelper.getGUIString("webpages.index.desciption.head", request) %></p> - + <h4><%=LanguageHelper.getGUIString("webpages.index.desciption.head", request) %></h4> <div class="oa_config_block"> <s:form id="passwordlogin" namespace="/" method="POST" enctype="multipart/form-data"> @@ -57,17 +60,23 @@ maxlength="16"> </s:password> - <s:submit key="webpages.index.login" action="authenticate"/> + + <s:submit class="button_fit" key="webpages.index.login" action="authenticate"/> </s:form> - + <br/> <s:if test="isPvp2LoginActiv()"> <div id="bkulogin"> - <a id="bkuloginbutton" href="servlet/pvp2login"><%=LanguageHelper.getGUIString("webpages.index.login.pvp2", request) %></a> + <a href="servlet/pvp2login"> + <button class="button_fit"><%=LanguageHelper.getGUIString("webpages.index.login.pvp2", request) %></button> + </a> </div> - </s:if> + </s:if> </div> - + <div> + <a href="index.action?request_locale=de" /><img style="width:25px" alt="Deutsch" src="./images/de.png"></a> + <a href="index.action?request_locale=en" /><img style="width:25px" alt="English" src="./images/en.png"></a> + </div> </div> </body> diff --git a/id/ConfigWebTool/src/main/webapp/js/bootstrap-input.js b/id/ConfigWebTool/src/main/webapp/js/bootstrap-input.js new file mode 100644 index 000000000..37d6f9496 --- /dev/null +++ b/id/ConfigWebTool/src/main/webapp/js/bootstrap-input.js @@ -0,0 +1,134 @@ +/* + Bootstrap - File Input + ====================== + + This is meant to convert all file input tags into a set of elements that displays consistently in all browsers. + + Converts all + <input type="file"> + into Bootstrap buttons + <a class="btn">Browse</a> + +*/ +(function($) { + +$.fn.bootstrapFileInput = function() { + + this.each(function(i,elem){ + + var $elem = $(elem); + + // Maybe some fields don't need to be standardized. + if (typeof $elem.attr('data-bfi-disabled') != 'undefined') { + return; + } + + // Set the word to be displayed on the button + var buttonWord = 'Browse'; + + if (typeof $elem.attr('title') != 'undefined') { + buttonWord = $elem.attr('title'); + } + + var className = ''; + + if (!!$elem.attr('class')) { + className = ' ' + $elem.attr('class'); + } + + // Now we're going to wrap that input field with a Bootstrap button. + // The input will actually still be there, it will just be float above and transparent (done with the CSS). + $elem.wrap('<a class="file-input-wrapper btn btn-default ' + className + '"></a>').parent().prepend($('<span></span>').html(buttonWord)); + }) + + // After we have found all of the file inputs let's apply a listener for tracking the mouse movement. + // This is important because the in order to give the illusion that this is a button in FF we actually need to move the button from the file input under the cursor. Ugh. + .promise().done( function(){ + + // As the cursor moves over our new Bootstrap button we need to adjust the position of the invisible file input Browse button to be under the cursor. + // This gives us the pointer cursor that FF denies us + $('.file-input-wrapper').mousemove(function(cursor) { + + var input, wrapper, + wrapperX, wrapperY, + inputWidth, inputHeight, + cursorX, cursorY; + + // This wrapper element (the button surround this file input) + wrapper = $(this); + // The invisible file input element + input = wrapper.find("input"); + // The left-most position of the wrapper + wrapperX = wrapper.offset().left; + // The top-most position of the wrapper + wrapperY = wrapper.offset().top; + // The with of the browsers input field + inputWidth= input.width(); + // The height of the browsers input field + inputHeight= input.height(); + //The position of the cursor in the wrapper + cursorX = cursor.pageX; + cursorY = cursor.pageY; + + //The positions we are to move the invisible file input + // The 20 at the end is an arbitrary number of pixels that we can shift the input such that cursor is not pointing at the end of the Browse button but somewhere nearer the middle + moveInputX = cursorX - wrapperX - inputWidth + 20; + // Slides the invisible input Browse button to be positioned middle under the cursor + moveInputY = cursorY- wrapperY - (inputHeight/2); + + // Apply the positioning styles to actually move the invisible file input + input.css({ + left:moveInputX, + top:moveInputY + }); + }); + + $('body').on('change', '.file-input-wrapper input[type=file]', function(){ + + var fileName; + fileName = $(this).val(); + + // Remove any previous file names + $(this).parent().next('.file-input-name').remove(); + if (!!$(this).prop('files') && $(this).prop('files').length > 1) { + fileName = $(this)[0].files.length+' files'; + } + else { + fileName = fileName.substring(fileName.lastIndexOf('\\') + 1, fileName.length); + } + + // Don't try to show the name if there is none + if (!fileName) { + return; + } + + //MODIFICATION: Always place the filename inside of the elemtn + $(this).siblings('span').html(fileName); + $(this).attr('title', fileName); +// var selectedFileNamePlacement = $(this).data('filename-placement'); +// if (selectedFileNamePlacement === 'inside') { +// // Print the fileName inside +// $(this).siblings('span').html(fileName); +// $(this).attr('title', fileName); +// } else { +// // Print the fileName aside (right after the the button) +// $(this).parent().after('<span class="file-input-name">'+fileName+'</span>'); +// } + }); + + }); + +}; + +// Add the styles before the first stylesheet +// This ensures they can be easily overridden with developer styles +var cssHtml = '<style>'+ + '.file-input-wrapper { overflow: hidden; position: relative; cursor: pointer; z-index: 1; }'+ + '.file-input-wrapper input[type=file], .file-input-wrapper input[type=file]:focus, .file-input-wrapper input[type=file]:hover { position: absolute; top: 0; left: 0; cursor: pointer; opacity: 0; filter: alpha(opacity=0); z-index: 99; outline: 0; }'+ + '.file-input-name { margin-left: 8px; }'+ + '</style>'; +$('link[rel=stylesheet]').eq(0).before(cssHtml); + +})(jQuery); + + diff --git a/id/ConfigWebTool/src/main/webapp/js/bootstrap.min.js b/id/ConfigWebTool/src/main/webapp/js/bootstrap.min.js new file mode 100644 index 000000000..2e936b63a --- /dev/null +++ b/id/ConfigWebTool/src/main/webapp/js/bootstrap.min.js @@ -0,0 +1,12 @@ +/*! + * Bootstrap v3.3.5 (http://getbootstrap.com) + * Copyright 2011-2015 Twitter, Inc. + * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE) + */ + +/*! + * Generated using the Bootstrap Customizer (http://getbootstrap.com/customize/?id=f0f1940e0dcdeb4dd69c) + * Config saved to config.json and https://gist.github.com/f0f1940e0dcdeb4dd69c + */ +if("undefined"==typeof jQuery)throw new Error("Bootstrap's JavaScript requires jQuery");+function(t){"use strict";var e=t.fn.jquery.split(" ")[0].split(".");if(e[0]<2&&e[1]<9||1==e[0]&&9==e[1]&&e[2]<1)throw new Error("Bootstrap's JavaScript requires jQuery version 1.9.1 or higher")}(jQuery),+function(t){"use strict";function e(e){return this.each(function(){var i=t(this),n=i.data("bs.alert");n||i.data("bs.alert",n=new o(this)),"string"==typeof e&&n[e].call(i)})}var i='[data-dismiss="alert"]',o=function(e){t(e).on("click",i,this.close)};o.VERSION="3.3.5",o.TRANSITION_DURATION=150,o.prototype.close=function(e){function i(){a.detach().trigger("closed.bs.alert").remove()}var n=t(this),s=n.attr("data-target");s||(s=n.attr("href"),s=s&&s.replace(/.*(?=#[^\s]*$)/,""));var a=t(s);e&&e.preventDefault(),a.length||(a=n.closest(".alert")),a.trigger(e=t.Event("close.bs.alert")),e.isDefaultPrevented()||(a.removeClass("in"),t.support.transition&&a.hasClass("fade")?a.one("bsTransitionEnd",i).emulateTransitionEnd(o.TRANSITION_DURATION):i())};var n=t.fn.alert;t.fn.alert=e,t.fn.alert.Constructor=o,t.fn.alert.noConflict=function(){return t.fn.alert=n,this},t(document).on("click.bs.alert.data-api",i,o.prototype.close)}(jQuery),+function(t){"use strict";function e(e){return this.each(function(){var o=t(this),n=o.data("bs.button"),s="object"==typeof e&&e;n||o.data("bs.button",n=new i(this,s)),"toggle"==e?n.toggle():e&&n.setState(e)})}var i=function(e,o){this.$element=t(e),this.options=t.extend({},i.DEFAULTS,o),this.isLoading=!1};i.VERSION="3.3.5",i.DEFAULTS={loadingText:"loading..."},i.prototype.setState=function(e){var i="disabled",o=this.$element,n=o.is("input")?"val":"html",s=o.data();e+="Text",null==s.resetText&&o.data("resetText",o[n]()),setTimeout(t.proxy(function(){o[n](null==s[e]?this.options[e]:s[e]),"loadingText"==e?(this.isLoading=!0,o.addClass(i).attr(i,i)):this.isLoading&&(this.isLoading=!1,o.removeClass(i).removeAttr(i))},this),0)},i.prototype.toggle=function(){var t=!0,e=this.$element.closest('[data-toggle="buttons"]');if(e.length){var i=this.$element.find("input");"radio"==i.prop("type")?(i.prop("checked")&&(t=!1),e.find(".active").removeClass("active"),this.$element.addClass("active")):"checkbox"==i.prop("type")&&(i.prop("checked")!==this.$element.hasClass("active")&&(t=!1),this.$element.toggleClass("active")),i.prop("checked",this.$element.hasClass("active")),t&&i.trigger("change")}else this.$element.attr("aria-pressed",!this.$element.hasClass("active")),this.$element.toggleClass("active")};var o=t.fn.button;t.fn.button=e,t.fn.button.Constructor=i,t.fn.button.noConflict=function(){return t.fn.button=o,this},t(document).on("click.bs.button.data-api",'[data-toggle^="button"]',function(i){var o=t(i.target);o.hasClass("btn")||(o=o.closest(".btn")),e.call(o,"toggle"),t(i.target).is('input[type="radio"]')||t(i.target).is('input[type="checkbox"]')||i.preventDefault()}).on("focus.bs.button.data-api blur.bs.button.data-api",'[data-toggle^="button"]',function(e){t(e.target).closest(".btn").toggleClass("focus",/^focus(in)?$/.test(e.type))})}(jQuery),+function(t){"use strict";function e(e){return this.each(function(){var o=t(this),n=o.data("bs.carousel"),s=t.extend({},i.DEFAULTS,o.data(),"object"==typeof e&&e),a="string"==typeof e?e:s.slide;n||o.data("bs.carousel",n=new i(this,s)),"number"==typeof e?n.to(e):a?n[a]():s.interval&&n.pause().cycle()})}var i=function(e,i){this.$element=t(e),this.$indicators=this.$element.find(".carousel-indicators"),this.options=i,this.paused=null,this.sliding=null,this.interval=null,this.$active=null,this.$items=null,this.options.keyboard&&this.$element.on("keydown.bs.carousel",t.proxy(this.keydown,this)),"hover"==this.options.pause&&!("ontouchstart"in document.documentElement)&&this.$element.on("mouseenter.bs.carousel",t.proxy(this.pause,this)).on("mouseleave.bs.carousel",t.proxy(this.cycle,this))};i.VERSION="3.3.5",i.TRANSITION_DURATION=600,i.DEFAULTS={interval:5e3,pause:"hover",wrap:!0,keyboard:!0},i.prototype.keydown=function(t){if(!/input|textarea/i.test(t.target.tagName)){switch(t.which){case 37:this.prev();break;case 39:this.next();break;default:return}t.preventDefault()}},i.prototype.cycle=function(e){return e||(this.paused=!1),this.interval&&clearInterval(this.interval),this.options.interval&&!this.paused&&(this.interval=setInterval(t.proxy(this.next,this),this.options.interval)),this},i.prototype.getItemIndex=function(t){return this.$items=t.parent().children(".item"),this.$items.index(t||this.$active)},i.prototype.getItemForDirection=function(t,e){var i=this.getItemIndex(e),o="prev"==t&&0===i||"next"==t&&i==this.$items.length-1;if(o&&!this.options.wrap)return e;var n="prev"==t?-1:1,s=(i+n)%this.$items.length;return this.$items.eq(s)},i.prototype.to=function(t){var e=this,i=this.getItemIndex(this.$active=this.$element.find(".item.active"));return t>this.$items.length-1||0>t?void 0:this.sliding?this.$element.one("slid.bs.carousel",function(){e.to(t)}):i==t?this.pause().cycle():this.slide(t>i?"next":"prev",this.$items.eq(t))},i.prototype.pause=function(e){return e||(this.paused=!0),this.$element.find(".next, .prev").length&&t.support.transition&&(this.$element.trigger(t.support.transition.end),this.cycle(!0)),this.interval=clearInterval(this.interval),this},i.prototype.next=function(){return this.sliding?void 0:this.slide("next")},i.prototype.prev=function(){return this.sliding?void 0:this.slide("prev")},i.prototype.slide=function(e,o){var n=this.$element.find(".item.active"),s=o||this.getItemForDirection(e,n),a=this.interval,r="next"==e?"left":"right",l=this;if(s.hasClass("active"))return this.sliding=!1;var h=s[0],d=t.Event("slide.bs.carousel",{relatedTarget:h,direction:r});if(this.$element.trigger(d),!d.isDefaultPrevented()){if(this.sliding=!0,a&&this.pause(),this.$indicators.length){this.$indicators.find(".active").removeClass("active");var p=t(this.$indicators.children()[this.getItemIndex(s)]);p&&p.addClass("active")}var c=t.Event("slid.bs.carousel",{relatedTarget:h,direction:r});return t.support.transition&&this.$element.hasClass("slide")?(s.addClass(e),s[0].offsetWidth,n.addClass(r),s.addClass(r),n.one("bsTransitionEnd",function(){s.removeClass([e,r].join(" ")).addClass("active"),n.removeClass(["active",r].join(" ")),l.sliding=!1,setTimeout(function(){l.$element.trigger(c)},0)}).emulateTransitionEnd(i.TRANSITION_DURATION)):(n.removeClass("active"),s.addClass("active"),this.sliding=!1,this.$element.trigger(c)),a&&this.cycle(),this}};var o=t.fn.carousel;t.fn.carousel=e,t.fn.carousel.Constructor=i,t.fn.carousel.noConflict=function(){return t.fn.carousel=o,this};var n=function(i){var o,n=t(this),s=t(n.attr("data-target")||(o=n.attr("href"))&&o.replace(/.*(?=#[^\s]+$)/,""));if(s.hasClass("carousel")){var a=t.extend({},s.data(),n.data()),r=n.attr("data-slide-to");r&&(a.interval=!1),e.call(s,a),r&&s.data("bs.carousel").to(r),i.preventDefault()}};t(document).on("click.bs.carousel.data-api","[data-slide]",n).on("click.bs.carousel.data-api","[data-slide-to]",n),t(window).on("load",function(){t('[data-ride="carousel"]').each(function(){var i=t(this);e.call(i,i.data())})})}(jQuery),+function(t){"use strict";function e(e){var i=e.attr("data-target");i||(i=e.attr("href"),i=i&&/#[A-Za-z]/.test(i)&&i.replace(/.*(?=#[^\s]*$)/,""));var o=i&&t(i);return o&&o.length?o:e.parent()}function i(i){i&&3===i.which||(t(n).remove(),t(s).each(function(){var o=t(this),n=e(o),s={relatedTarget:this};n.hasClass("open")&&(i&&"click"==i.type&&/input|textarea/i.test(i.target.tagName)&&t.contains(n[0],i.target)||(n.trigger(i=t.Event("hide.bs.dropdown",s)),i.isDefaultPrevented()||(o.attr("aria-expanded","false"),n.removeClass("open").trigger("hidden.bs.dropdown",s))))}))}function o(e){return this.each(function(){var i=t(this),o=i.data("bs.dropdown");o||i.data("bs.dropdown",o=new a(this)),"string"==typeof e&&o[e].call(i)})}var n=".dropdown-backdrop",s='[data-toggle="dropdown"]',a=function(e){t(e).on("click.bs.dropdown",this.toggle)};a.VERSION="3.3.5",a.prototype.toggle=function(o){var n=t(this);if(!n.is(".disabled, :disabled")){var s=e(n),a=s.hasClass("open");if(i(),!a){"ontouchstart"in document.documentElement&&!s.closest(".navbar-nav").length&&t(document.createElement("div")).addClass("dropdown-backdrop").insertAfter(t(this)).on("click",i);var r={relatedTarget:this};if(s.trigger(o=t.Event("show.bs.dropdown",r)),o.isDefaultPrevented())return;n.trigger("focus").attr("aria-expanded","true"),s.toggleClass("open").trigger("shown.bs.dropdown",r)}return!1}},a.prototype.keydown=function(i){if(/(38|40|27|32)/.test(i.which)&&!/input|textarea/i.test(i.target.tagName)){var o=t(this);if(i.preventDefault(),i.stopPropagation(),!o.is(".disabled, :disabled")){var n=e(o),a=n.hasClass("open");if(!a&&27!=i.which||a&&27==i.which)return 27==i.which&&n.find(s).trigger("focus"),o.trigger("click");var r=" li:not(.disabled):visible a",l=n.find(".dropdown-menu"+r);if(l.length){var h=l.index(i.target);38==i.which&&h>0&&h--,40==i.which&&h<l.length-1&&h++,~h||(h=0),l.eq(h).trigger("focus")}}}};var r=t.fn.dropdown;t.fn.dropdown=o,t.fn.dropdown.Constructor=a,t.fn.dropdown.noConflict=function(){return t.fn.dropdown=r,this},t(document).on("click.bs.dropdown.data-api",i).on("click.bs.dropdown.data-api",".dropdown form",function(t){t.stopPropagation()}).on("click.bs.dropdown.data-api",s,a.prototype.toggle).on("keydown.bs.dropdown.data-api",s,a.prototype.keydown).on("keydown.bs.dropdown.data-api",".dropdown-menu",a.prototype.keydown)}(jQuery),+function(t){"use strict";function e(e,o){return this.each(function(){var n=t(this),s=n.data("bs.modal"),a=t.extend({},i.DEFAULTS,n.data(),"object"==typeof e&&e);s||n.data("bs.modal",s=new i(this,a)),"string"==typeof e?s[e](o):a.show&&s.show(o)})}var i=function(e,i){this.options=i,this.$body=t(document.body),this.$element=t(e),this.$dialog=this.$element.find(".modal-dialog"),this.$backdrop=null,this.isShown=null,this.originalBodyPad=null,this.scrollbarWidth=0,this.ignoreBackdropClick=!1,this.options.remote&&this.$element.find(".modal-content").load(this.options.remote,t.proxy(function(){this.$element.trigger("loaded.bs.modal")},this))};i.VERSION="3.3.5",i.TRANSITION_DURATION=300,i.BACKDROP_TRANSITION_DURATION=150,i.DEFAULTS={backdrop:!0,keyboard:!0,show:!0},i.prototype.toggle=function(t){return this.isShown?this.hide():this.show(t)},i.prototype.show=function(e){var o=this,n=t.Event("show.bs.modal",{relatedTarget:e});this.$element.trigger(n),this.isShown||n.isDefaultPrevented()||(this.isShown=!0,this.checkScrollbar(),this.setScrollbar(),this.$body.addClass("modal-open"),this.escape(),this.resize(),this.$element.on("click.dismiss.bs.modal",'[data-dismiss="modal"]',t.proxy(this.hide,this)),this.$dialog.on("mousedown.dismiss.bs.modal",function(){o.$element.one("mouseup.dismiss.bs.modal",function(e){t(e.target).is(o.$element)&&(o.ignoreBackdropClick=!0)})}),this.backdrop(function(){var n=t.support.transition&&o.$element.hasClass("fade");o.$element.parent().length||o.$element.appendTo(o.$body),o.$element.show().scrollTop(0),o.adjustDialog(),n&&o.$element[0].offsetWidth,o.$element.addClass("in"),o.enforceFocus();var s=t.Event("shown.bs.modal",{relatedTarget:e});n?o.$dialog.one("bsTransitionEnd",function(){o.$element.trigger("focus").trigger(s)}).emulateTransitionEnd(i.TRANSITION_DURATION):o.$element.trigger("focus").trigger(s)}))},i.prototype.hide=function(e){e&&e.preventDefault(),e=t.Event("hide.bs.modal"),this.$element.trigger(e),this.isShown&&!e.isDefaultPrevented()&&(this.isShown=!1,this.escape(),this.resize(),t(document).off("focusin.bs.modal"),this.$element.removeClass("in").off("click.dismiss.bs.modal").off("mouseup.dismiss.bs.modal"),this.$dialog.off("mousedown.dismiss.bs.modal"),t.support.transition&&this.$element.hasClass("fade")?this.$element.one("bsTransitionEnd",t.proxy(this.hideModal,this)).emulateTransitionEnd(i.TRANSITION_DURATION):this.hideModal())},i.prototype.enforceFocus=function(){t(document).off("focusin.bs.modal").on("focusin.bs.modal",t.proxy(function(t){this.$element[0]===t.target||this.$element.has(t.target).length||this.$element.trigger("focus")},this))},i.prototype.escape=function(){this.isShown&&this.options.keyboard?this.$element.on("keydown.dismiss.bs.modal",t.proxy(function(t){27==t.which&&this.hide()},this)):this.isShown||this.$element.off("keydown.dismiss.bs.modal")},i.prototype.resize=function(){this.isShown?t(window).on("resize.bs.modal",t.proxy(this.handleUpdate,this)):t(window).off("resize.bs.modal")},i.prototype.hideModal=function(){var t=this;this.$element.hide(),this.backdrop(function(){t.$body.removeClass("modal-open"),t.resetAdjustments(),t.resetScrollbar(),t.$element.trigger("hidden.bs.modal")})},i.prototype.removeBackdrop=function(){this.$backdrop&&this.$backdrop.remove(),this.$backdrop=null},i.prototype.backdrop=function(e){var o=this,n=this.$element.hasClass("fade")?"fade":"";if(this.isShown&&this.options.backdrop){var s=t.support.transition&&n;if(this.$backdrop=t(document.createElement("div")).addClass("modal-backdrop "+n).appendTo(this.$body),this.$element.on("click.dismiss.bs.modal",t.proxy(function(t){return this.ignoreBackdropClick?void(this.ignoreBackdropClick=!1):void(t.target===t.currentTarget&&("static"==this.options.backdrop?this.$element[0].focus():this.hide()))},this)),s&&this.$backdrop[0].offsetWidth,this.$backdrop.addClass("in"),!e)return;s?this.$backdrop.one("bsTransitionEnd",e).emulateTransitionEnd(i.BACKDROP_TRANSITION_DURATION):e()}else if(!this.isShown&&this.$backdrop){this.$backdrop.removeClass("in");var a=function(){o.removeBackdrop(),e&&e()};t.support.transition&&this.$element.hasClass("fade")?this.$backdrop.one("bsTransitionEnd",a).emulateTransitionEnd(i.BACKDROP_TRANSITION_DURATION):a()}else e&&e()},i.prototype.handleUpdate=function(){this.adjustDialog()},i.prototype.adjustDialog=function(){var t=this.$element[0].scrollHeight>document.documentElement.clientHeight;this.$element.css({paddingLeft:!this.bodyIsOverflowing&&t?this.scrollbarWidth:"",paddingRight:this.bodyIsOverflowing&&!t?this.scrollbarWidth:""})},i.prototype.resetAdjustments=function(){this.$element.css({paddingLeft:"",paddingRight:""})},i.prototype.checkScrollbar=function(){var t=window.innerWidth;if(!t){var e=document.documentElement.getBoundingClientRect();t=e.right-Math.abs(e.left)}this.bodyIsOverflowing=document.body.clientWidth<t,this.scrollbarWidth=this.measureScrollbar()},i.prototype.setScrollbar=function(){var t=parseInt(this.$body.css("padding-right")||0,10);this.originalBodyPad=document.body.style.paddingRight||"",this.bodyIsOverflowing&&this.$body.css("padding-right",t+this.scrollbarWidth)},i.prototype.resetScrollbar=function(){this.$body.css("padding-right",this.originalBodyPad)},i.prototype.measureScrollbar=function(){var t=document.createElement("div");t.className="modal-scrollbar-measure",this.$body.append(t);var e=t.offsetWidth-t.clientWidth;return this.$body[0].removeChild(t),e};var o=t.fn.modal;t.fn.modal=e,t.fn.modal.Constructor=i,t.fn.modal.noConflict=function(){return t.fn.modal=o,this},t(document).on("click.bs.modal.data-api",'[data-toggle="modal"]',function(i){var o=t(this),n=o.attr("href"),s=t(o.attr("data-target")||n&&n.replace(/.*(?=#[^\s]+$)/,"")),a=s.data("bs.modal")?"toggle":t.extend({remote:!/#/.test(n)&&n},s.data(),o.data());o.is("a")&&i.preventDefault(),s.one("show.bs.modal",function(t){t.isDefaultPrevented()||s.one("hidden.bs.modal",function(){o.is(":visible")&&o.trigger("focus")})}),e.call(s,a,this)})}(jQuery),+function(t){"use strict";function e(e){return this.each(function(){var o=t(this),n=o.data("bs.tooltip"),s="object"==typeof e&&e;(n||!/destroy|hide/.test(e))&&(n||o.data("bs.tooltip",n=new i(this,s)),"string"==typeof e&&n[e]())})}var i=function(t,e){this.type=null,this.options=null,this.enabled=null,this.timeout=null,this.hoverState=null,this.$element=null,this.inState=null,this.init("tooltip",t,e)};i.VERSION="3.3.5",i.TRANSITION_DURATION=150,i.DEFAULTS={animation:!0,placement:"top",selector:!1,template:'<div class="tooltip" role="tooltip"><div class="tooltip-arrow"></div><div class="tooltip-inner"></div></div>',trigger:"hover focus",title:"",delay:0,html:!1,container:!1,viewport:{selector:"body",padding:0}},i.prototype.init=function(e,i,o){if(this.enabled=!0,this.type=e,this.$element=t(i),this.options=this.getOptions(o),this.$viewport=this.options.viewport&&t(t.isFunction(this.options.viewport)?this.options.viewport.call(this,this.$element):this.options.viewport.selector||this.options.viewport),this.inState={click:!1,hover:!1,focus:!1},this.$element[0]instanceof document.constructor&&!this.options.selector)throw new Error("`selector` option must be specified when initializing "+this.type+" on the window.document object!");for(var n=this.options.trigger.split(" "),s=n.length;s--;){var a=n[s];if("click"==a)this.$element.on("click."+this.type,this.options.selector,t.proxy(this.toggle,this));else if("manual"!=a){var r="hover"==a?"mouseenter":"focusin",l="hover"==a?"mouseleave":"focusout";this.$element.on(r+"."+this.type,this.options.selector,t.proxy(this.enter,this)),this.$element.on(l+"."+this.type,this.options.selector,t.proxy(this.leave,this))}}this.options.selector?this._options=t.extend({},this.options,{trigger:"manual",selector:""}):this.fixTitle()},i.prototype.getDefaults=function(){return i.DEFAULTS},i.prototype.getOptions=function(e){return e=t.extend({},this.getDefaults(),this.$element.data(),e),e.delay&&"number"==typeof e.delay&&(e.delay={show:e.delay,hide:e.delay}),e},i.prototype.getDelegateOptions=function(){var e={},i=this.getDefaults();return this._options&&t.each(this._options,function(t,o){i[t]!=o&&(e[t]=o)}),e},i.prototype.enter=function(e){var i=e instanceof this.constructor?e:t(e.currentTarget).data("bs."+this.type);return i||(i=new this.constructor(e.currentTarget,this.getDelegateOptions()),t(e.currentTarget).data("bs."+this.type,i)),e instanceof t.Event&&(i.inState["focusin"==e.type?"focus":"hover"]=!0),i.tip().hasClass("in")||"in"==i.hoverState?void(i.hoverState="in"):(clearTimeout(i.timeout),i.hoverState="in",i.options.delay&&i.options.delay.show?void(i.timeout=setTimeout(function(){"in"==i.hoverState&&i.show()},i.options.delay.show)):i.show())},i.prototype.isInStateTrue=function(){for(var t in this.inState)if(this.inState[t])return!0;return!1},i.prototype.leave=function(e){var i=e instanceof this.constructor?e:t(e.currentTarget).data("bs."+this.type);return i||(i=new this.constructor(e.currentTarget,this.getDelegateOptions()),t(e.currentTarget).data("bs."+this.type,i)),e instanceof t.Event&&(i.inState["focusout"==e.type?"focus":"hover"]=!1),i.isInStateTrue()?void 0:(clearTimeout(i.timeout),i.hoverState="out",i.options.delay&&i.options.delay.hide?void(i.timeout=setTimeout(function(){"out"==i.hoverState&&i.hide()},i.options.delay.hide)):i.hide())},i.prototype.show=function(){var e=t.Event("show.bs."+this.type);if(this.hasContent()&&this.enabled){this.$element.trigger(e);var o=t.contains(this.$element[0].ownerDocument.documentElement,this.$element[0]);if(e.isDefaultPrevented()||!o)return;var n=this,s=this.tip(),a=this.getUID(this.type);this.setContent(),s.attr("id",a),this.$element.attr("aria-describedby",a),this.options.animation&&s.addClass("fade");var r="function"==typeof this.options.placement?this.options.placement.call(this,s[0],this.$element[0]):this.options.placement,l=/\s?auto?\s?/i,h=l.test(r);h&&(r=r.replace(l,"")||"top"),s.detach().css({top:0,left:0,display:"block"}).addClass(r).data("bs."+this.type,this),this.options.container?s.appendTo(this.options.container):s.insertAfter(this.$element),this.$element.trigger("inserted.bs."+this.type);var d=this.getPosition(),p=s[0].offsetWidth,c=s[0].offsetHeight;if(h){var f=r,u=this.getPosition(this.$viewport);r="bottom"==r&&d.bottom+c>u.bottom?"top":"top"==r&&d.top-c<u.top?"bottom":"right"==r&&d.right+p>u.width?"left":"left"==r&&d.left-p<u.left?"right":r,s.removeClass(f).addClass(r)}var g=this.getCalculatedOffset(r,d,p,c);this.applyPlacement(g,r);var m=function(){var t=n.hoverState;n.$element.trigger("shown.bs."+n.type),n.hoverState=null,"out"==t&&n.leave(n)};t.support.transition&&this.$tip.hasClass("fade")?s.one("bsTransitionEnd",m).emulateTransitionEnd(i.TRANSITION_DURATION):m()}},i.prototype.applyPlacement=function(e,i){var o=this.tip(),n=o[0].offsetWidth,s=o[0].offsetHeight,a=parseInt(o.css("margin-top"),10),r=parseInt(o.css("margin-left"),10);isNaN(a)&&(a=0),isNaN(r)&&(r=0),e.top+=a,e.left+=r,t.offset.setOffset(o[0],t.extend({using:function(t){o.css({top:Math.round(t.top),left:Math.round(t.left)})}},e),0),o.addClass("in");var l=o[0].offsetWidth,h=o[0].offsetHeight;"top"==i&&h!=s&&(e.top=e.top+s-h);var d=this.getViewportAdjustedDelta(i,e,l,h);d.left?e.left+=d.left:e.top+=d.top;var p=/top|bottom/.test(i),c=p?2*d.left-n+l:2*d.top-s+h,f=p?"offsetWidth":"offsetHeight";o.offset(e),this.replaceArrow(c,o[0][f],p)},i.prototype.replaceArrow=function(t,e,i){this.arrow().css(i?"left":"top",50*(1-t/e)+"%").css(i?"top":"left","")},i.prototype.setContent=function(){var t=this.tip(),e=this.getTitle();t.find(".tooltip-inner")[this.options.html?"html":"text"](e),t.removeClass("fade in top bottom left right")},i.prototype.hide=function(e){function o(){"in"!=n.hoverState&&s.detach(),n.$element.removeAttr("aria-describedby").trigger("hidden.bs."+n.type),e&&e()}var n=this,s=t(this.$tip),a=t.Event("hide.bs."+this.type);return this.$element.trigger(a),a.isDefaultPrevented()?void 0:(s.removeClass("in"),t.support.transition&&s.hasClass("fade")?s.one("bsTransitionEnd",o).emulateTransitionEnd(i.TRANSITION_DURATION):o(),this.hoverState=null,this)},i.prototype.fixTitle=function(){var t=this.$element;(t.attr("title")||"string"!=typeof t.attr("data-original-title"))&&t.attr("data-original-title",t.attr("title")||"").attr("title","")},i.prototype.hasContent=function(){return this.getTitle()},i.prototype.getPosition=function(e){e=e||this.$element;var i=e[0],o="BODY"==i.tagName,n=i.getBoundingClientRect();null==n.width&&(n=t.extend({},n,{width:n.right-n.left,height:n.bottom-n.top}));var s=o?{top:0,left:0}:e.offset(),a={scroll:o?document.documentElement.scrollTop||document.body.scrollTop:e.scrollTop()},r=o?{width:t(window).width(),height:t(window).height()}:null;return t.extend({},n,a,r,s)},i.prototype.getCalculatedOffset=function(t,e,i,o){return"bottom"==t?{top:e.top+e.height,left:e.left+e.width/2-i/2}:"top"==t?{top:e.top-o,left:e.left+e.width/2-i/2}:"left"==t?{top:e.top+e.height/2-o/2,left:e.left-i}:{top:e.top+e.height/2-o/2,left:e.left+e.width}},i.prototype.getViewportAdjustedDelta=function(t,e,i,o){var n={top:0,left:0};if(!this.$viewport)return n;var s=this.options.viewport&&this.options.viewport.padding||0,a=this.getPosition(this.$viewport);if(/right|left/.test(t)){var r=e.top-s-a.scroll,l=e.top+s-a.scroll+o;r<a.top?n.top=a.top-r:l>a.top+a.height&&(n.top=a.top+a.height-l)}else{var h=e.left-s,d=e.left+s+i;h<a.left?n.left=a.left-h:d>a.right&&(n.left=a.left+a.width-d)}return n},i.prototype.getTitle=function(){var t,e=this.$element,i=this.options;return t=e.attr("data-original-title")||("function"==typeof i.title?i.title.call(e[0]):i.title)},i.prototype.getUID=function(t){do t+=~~(1e6*Math.random());while(document.getElementById(t));return t},i.prototype.tip=function(){if(!this.$tip&&(this.$tip=t(this.options.template),1!=this.$tip.length))throw new Error(this.type+" `template` option must consist of exactly 1 top-level element!");return this.$tip},i.prototype.arrow=function(){return this.$arrow=this.$arrow||this.tip().find(".tooltip-arrow")},i.prototype.enable=function(){this.enabled=!0},i.prototype.disable=function(){this.enabled=!1},i.prototype.toggleEnabled=function(){this.enabled=!this.enabled},i.prototype.toggle=function(e){var i=this;e&&(i=t(e.currentTarget).data("bs."+this.type),i||(i=new this.constructor(e.currentTarget,this.getDelegateOptions()),t(e.currentTarget).data("bs."+this.type,i))),e?(i.inState.click=!i.inState.click,i.isInStateTrue()?i.enter(i):i.leave(i)):i.tip().hasClass("in")?i.leave(i):i.enter(i)},i.prototype.destroy=function(){var t=this;clearTimeout(this.timeout),this.hide(function(){t.$element.off("."+t.type).removeData("bs."+t.type),t.$tip&&t.$tip.detach(),t.$tip=null,t.$arrow=null,t.$viewport=null})};var o=t.fn.tooltip;t.fn.tooltip=e,t.fn.tooltip.Constructor=i,t.fn.tooltip.noConflict=function(){return t.fn.tooltip=o,this}}(jQuery),+function(t){"use strict";function e(e){return this.each(function(){var o=t(this),n=o.data("bs.popover"),s="object"==typeof e&&e;(n||!/destroy|hide/.test(e))&&(n||o.data("bs.popover",n=new i(this,s)),"string"==typeof e&&n[e]())})}var i=function(t,e){this.init("popover",t,e)};if(!t.fn.tooltip)throw new Error("Popover requires tooltip.js");i.VERSION="3.3.5",i.DEFAULTS=t.extend({},t.fn.tooltip.Constructor.DEFAULTS,{placement:"right",trigger:"click",content:"",template:'<div class="popover" role="tooltip"><div class="arrow"></div><h3 class="popover-title"></h3><div class="popover-content"></div></div>'}),i.prototype=t.extend({},t.fn.tooltip.Constructor.prototype),i.prototype.constructor=i,i.prototype.getDefaults=function(){return i.DEFAULTS},i.prototype.setContent=function(){var t=this.tip(),e=this.getTitle(),i=this.getContent();t.find(".popover-title")[this.options.html?"html":"text"](e),t.find(".popover-content").children().detach().end()[this.options.html?"string"==typeof i?"html":"append":"text"](i),t.removeClass("fade top bottom left right in"),t.find(".popover-title").html()||t.find(".popover-title").hide()},i.prototype.hasContent=function(){return this.getTitle()||this.getContent()},i.prototype.getContent=function(){var t=this.$element,e=this.options;return t.attr("data-content")||("function"==typeof e.content?e.content.call(t[0]):e.content)},i.prototype.arrow=function(){return this.$arrow=this.$arrow||this.tip().find(".arrow")};var o=t.fn.popover;t.fn.popover=e,t.fn.popover.Constructor=i,t.fn.popover.noConflict=function(){return t.fn.popover=o,this}}(jQuery),+function(t){"use strict";function e(e){return this.each(function(){var o=t(this),n=o.data("bs.tab");n||o.data("bs.tab",n=new i(this)),"string"==typeof e&&n[e]()})}var i=function(e){this.element=t(e)};i.VERSION="3.3.5",i.TRANSITION_DURATION=150,i.prototype.show=function(){var e=this.element,i=e.closest("ul:not(.dropdown-menu)"),o=e.data("target");if(o||(o=e.attr("href"),o=o&&o.replace(/.*(?=#[^\s]*$)/,"")),!e.parent("li").hasClass("active")){var n=i.find(".active:last a"),s=t.Event("hide.bs.tab",{relatedTarget:e[0]}),a=t.Event("show.bs.tab",{relatedTarget:n[0]});if(n.trigger(s),e.trigger(a),!a.isDefaultPrevented()&&!s.isDefaultPrevented()){var r=t(o);this.activate(e.closest("li"),i),this.activate(r,r.parent(),function(){n.trigger({type:"hidden.bs.tab",relatedTarget:e[0]}),e.trigger({type:"shown.bs.tab",relatedTarget:n[0]})})}}},i.prototype.activate=function(e,o,n){function s(){a.removeClass("active").find("> .dropdown-menu > .active").removeClass("active").end().find('[data-toggle="tab"]').attr("aria-expanded",!1),e.addClass("active").find('[data-toggle="tab"]').attr("aria-expanded",!0),r?(e[0].offsetWidth,e.addClass("in")):e.removeClass("fade"),e.parent(".dropdown-menu").length&&e.closest("li.dropdown").addClass("active").end().find('[data-toggle="tab"]').attr("aria-expanded",!0),n&&n()}var a=o.find("> .active"),r=n&&t.support.transition&&(a.length&&a.hasClass("fade")||!!o.find("> .fade").length);a.length&&r?a.one("bsTransitionEnd",s).emulateTransitionEnd(i.TRANSITION_DURATION):s(),a.removeClass("in")};var o=t.fn.tab;t.fn.tab=e,t.fn.tab.Constructor=i,t.fn.tab.noConflict=function(){return t.fn.tab=o,this};var n=function(i){i.preventDefault(),e.call(t(this),"show")};t(document).on("click.bs.tab.data-api",'[data-toggle="tab"]',n).on("click.bs.tab.data-api",'[data-toggle="pill"]',n)}(jQuery),+function(t){"use strict";function e(e){return this.each(function(){var o=t(this),n=o.data("bs.affix"),s="object"==typeof e&&e;n||o.data("bs.affix",n=new i(this,s)),"string"==typeof e&&n[e]()})}var i=function(e,o){this.options=t.extend({},i.DEFAULTS,o),this.$target=t(this.options.target).on("scroll.bs.affix.data-api",t.proxy(this.checkPosition,this)).on("click.bs.affix.data-api",t.proxy(this.checkPositionWithEventLoop,this)),this.$element=t(e),this.affixed=null,this.unpin=null,this.pinnedOffset=null,this.checkPosition()};i.VERSION="3.3.5",i.RESET="affix affix-top affix-bottom",i.DEFAULTS={offset:0,target:window},i.prototype.getState=function(t,e,i,o){var n=this.$target.scrollTop(),s=this.$element.offset(),a=this.$target.height();if(null!=i&&"top"==this.affixed)return i>n?"top":!1;if("bottom"==this.affixed)return null!=i?n+this.unpin<=s.top?!1:"bottom":t-o>=n+a?!1:"bottom";var r=null==this.affixed,l=r?n:s.top,h=r?a:e;return null!=i&&i>=n?"top":null!=o&&l+h>=t-o?"bottom":!1},i.prototype.getPinnedOffset=function(){if(this.pinnedOffset)return this.pinnedOffset;this.$element.removeClass(i.RESET).addClass("affix");var t=this.$target.scrollTop(),e=this.$element.offset();return this.pinnedOffset=e.top-t},i.prototype.checkPositionWithEventLoop=function(){setTimeout(t.proxy(this.checkPosition,this),1)},i.prototype.checkPosition=function(){if(this.$element.is(":visible")){var e=this.$element.height(),o=this.options.offset,n=o.top,s=o.bottom,a=Math.max(t(document).height(),t(document.body).height());"object"!=typeof o&&(s=n=o),"function"==typeof n&&(n=o.top(this.$element)),"function"==typeof s&&(s=o.bottom(this.$element));var r=this.getState(a,e,n,s);if(this.affixed!=r){null!=this.unpin&&this.$element.css("top","");var l="affix"+(r?"-"+r:""),h=t.Event(l+".bs.affix");if(this.$element.trigger(h),h.isDefaultPrevented())return;this.affixed=r,this.unpin="bottom"==r?this.getPinnedOffset():null,this.$element.removeClass(i.RESET).addClass(l).trigger(l.replace("affix","affixed")+".bs.affix")}"bottom"==r&&this.$element.offset({top:a-e-s})}};var o=t.fn.affix;t.fn.affix=e,t.fn.affix.Constructor=i,t.fn.affix.noConflict=function(){return t.fn.affix=o,this},t(window).on("load",function(){t('[data-spy="affix"]').each(function(){var i=t(this),o=i.data();o.offset=o.offset||{},null!=o.offsetBottom&&(o.offset.bottom=o.offsetBottom),null!=o.offsetTop&&(o.offset.top=o.offsetTop),e.call(i,o)})})}(jQuery),+function(t){"use strict";function e(e){var i,o=e.attr("data-target")||(i=e.attr("href"))&&i.replace(/.*(?=#[^\s]+$)/,"");return t(o)}function i(e){return this.each(function(){var i=t(this),n=i.data("bs.collapse"),s=t.extend({},o.DEFAULTS,i.data(),"object"==typeof e&&e);!n&&s.toggle&&/show|hide/.test(e)&&(s.toggle=!1),n||i.data("bs.collapse",n=new o(this,s)),"string"==typeof e&&n[e]()})}var o=function(e,i){this.$element=t(e),this.options=t.extend({},o.DEFAULTS,i),this.$trigger=t('[data-toggle="collapse"][href="#'+e.id+'"],[data-toggle="collapse"][data-target="#'+e.id+'"]'),this.transitioning=null,this.options.parent?this.$parent=this.getParent():this.addAriaAndCollapsedClass(this.$element,this.$trigger),this.options.toggle&&this.toggle()};o.VERSION="3.3.5",o.TRANSITION_DURATION=350,o.DEFAULTS={toggle:!0},o.prototype.dimension=function(){var t=this.$element.hasClass("width");return t?"width":"height"},o.prototype.show=function(){if(!this.transitioning&&!this.$element.hasClass("in")){var e,n=this.$parent&&this.$parent.children(".panel").children(".in, .collapsing");if(!(n&&n.length&&(e=n.data("bs.collapse"),e&&e.transitioning))){var s=t.Event("show.bs.collapse");if(this.$element.trigger(s),!s.isDefaultPrevented()){n&&n.length&&(i.call(n,"hide"),e||n.data("bs.collapse",null));var a=this.dimension();this.$element.removeClass("collapse").addClass("collapsing")[a](0).attr("aria-expanded",!0),this.$trigger.removeClass("collapsed").attr("aria-expanded",!0),this.transitioning=1;var r=function(){this.$element.removeClass("collapsing").addClass("collapse in")[a](""),this.transitioning=0,this.$element.trigger("shown.bs.collapse")};if(!t.support.transition)return r.call(this);var l=t.camelCase(["scroll",a].join("-"));this.$element.one("bsTransitionEnd",t.proxy(r,this)).emulateTransitionEnd(o.TRANSITION_DURATION)[a](this.$element[0][l]); +}}}},o.prototype.hide=function(){if(!this.transitioning&&this.$element.hasClass("in")){var e=t.Event("hide.bs.collapse");if(this.$element.trigger(e),!e.isDefaultPrevented()){var i=this.dimension();this.$element[i](this.$element[i]())[0].offsetHeight,this.$element.addClass("collapsing").removeClass("collapse in").attr("aria-expanded",!1),this.$trigger.addClass("collapsed").attr("aria-expanded",!1),this.transitioning=1;var n=function(){this.transitioning=0,this.$element.removeClass("collapsing").addClass("collapse").trigger("hidden.bs.collapse")};return t.support.transition?void this.$element[i](0).one("bsTransitionEnd",t.proxy(n,this)).emulateTransitionEnd(o.TRANSITION_DURATION):n.call(this)}}},o.prototype.toggle=function(){this[this.$element.hasClass("in")?"hide":"show"]()},o.prototype.getParent=function(){return t(this.options.parent).find('[data-toggle="collapse"][data-parent="'+this.options.parent+'"]').each(t.proxy(function(i,o){var n=t(o);this.addAriaAndCollapsedClass(e(n),n)},this)).end()},o.prototype.addAriaAndCollapsedClass=function(t,e){var i=t.hasClass("in");t.attr("aria-expanded",i),e.toggleClass("collapsed",!i).attr("aria-expanded",i)};var n=t.fn.collapse;t.fn.collapse=i,t.fn.collapse.Constructor=o,t.fn.collapse.noConflict=function(){return t.fn.collapse=n,this},t(document).on("click.bs.collapse.data-api",'[data-toggle="collapse"]',function(o){var n=t(this);n.attr("data-target")||o.preventDefault();var s=e(n),a=s.data("bs.collapse"),r=a?"toggle":n.data();i.call(s,r)})}(jQuery),+function(t){"use strict";function e(i,o){this.$body=t(document.body),this.$scrollElement=t(t(i).is(document.body)?window:i),this.options=t.extend({},e.DEFAULTS,o),this.selector=(this.options.target||"")+" .nav li > a",this.offsets=[],this.targets=[],this.activeTarget=null,this.scrollHeight=0,this.$scrollElement.on("scroll.bs.scrollspy",t.proxy(this.process,this)),this.refresh(),this.process()}function i(i){return this.each(function(){var o=t(this),n=o.data("bs.scrollspy"),s="object"==typeof i&&i;n||o.data("bs.scrollspy",n=new e(this,s)),"string"==typeof i&&n[i]()})}e.VERSION="3.3.5",e.DEFAULTS={offset:10},e.prototype.getScrollHeight=function(){return this.$scrollElement[0].scrollHeight||Math.max(this.$body[0].scrollHeight,document.documentElement.scrollHeight)},e.prototype.refresh=function(){var e=this,i="offset",o=0;this.offsets=[],this.targets=[],this.scrollHeight=this.getScrollHeight(),t.isWindow(this.$scrollElement[0])||(i="position",o=this.$scrollElement.scrollTop()),this.$body.find(this.selector).map(function(){var e=t(this),n=e.data("target")||e.attr("href"),s=/^#./.test(n)&&t(n);return s&&s.length&&s.is(":visible")&&[[s[i]().top+o,n]]||null}).sort(function(t,e){return t[0]-e[0]}).each(function(){e.offsets.push(this[0]),e.targets.push(this[1])})},e.prototype.process=function(){var t,e=this.$scrollElement.scrollTop()+this.options.offset,i=this.getScrollHeight(),o=this.options.offset+i-this.$scrollElement.height(),n=this.offsets,s=this.targets,a=this.activeTarget;if(this.scrollHeight!=i&&this.refresh(),e>=o)return a!=(t=s[s.length-1])&&this.activate(t);if(a&&e<n[0])return this.activeTarget=null,this.clear();for(t=n.length;t--;)a!=s[t]&&e>=n[t]&&(void 0===n[t+1]||e<n[t+1])&&this.activate(s[t])},e.prototype.activate=function(e){this.activeTarget=e,this.clear();var i=this.selector+'[data-target="'+e+'"],'+this.selector+'[href="'+e+'"]',o=t(i).parents("li").addClass("active");o.parent(".dropdown-menu").length&&(o=o.closest("li.dropdown").addClass("active")),o.trigger("activate.bs.scrollspy")},e.prototype.clear=function(){t(this.selector).parentsUntil(this.options.target,".active").removeClass("active")};var o=t.fn.scrollspy;t.fn.scrollspy=i,t.fn.scrollspy.Constructor=e,t.fn.scrollspy.noConflict=function(){return t.fn.scrollspy=o,this},t(window).on("load.bs.scrollspy.data-api",function(){t('[data-spy="scroll"]').each(function(){var e=t(this);i.call(e,e.data())})})}(jQuery),+function(t){"use strict";function e(){var t=document.createElement("bootstrap"),e={WebkitTransition:"webkitTransitionEnd",MozTransition:"transitionend",OTransition:"oTransitionEnd otransitionend",transition:"transitionend"};for(var i in e)if(void 0!==t.style[i])return{end:e[i]};return!1}t.fn.emulateTransitionEnd=function(e){var i=!1,o=this;t(this).one("bsTransitionEnd",function(){i=!0});var n=function(){i||t(o).trigger(t.support.transition.end)};return setTimeout(n,e),this},t(function(){t.support.transition=e(),t.support.transition&&(t.event.special.bsTransitionEnd={bindType:t.support.transition.end,delegateType:t.support.transition.end,handle:function(e){return t(e.target).is(this)?e.handleObj.handler.apply(this,arguments):void 0}})})}(jQuery);
\ No newline at end of file diff --git a/id/ConfigWebTool/src/main/webapp/js/common.js b/id/ConfigWebTool/src/main/webapp/js/common.js index 9f19e88a2..f17ee3623 100644 --- a/id/ConfigWebTool/src/main/webapp/js/common.js +++ b/id/ConfigWebTool/src/main/webapp/js/common.js @@ -251,7 +251,7 @@ function newPeps() { </div>\ </td>\ <td>\ - <input type="button" value="löschen" onclick="this.parentNode.parentNode.parentNode.removeChild(this.parentNode.parentNode);"></td>\ + <input type="button" class="button_narrow" value="Löschen" onclick="this.parentNode.parentNode.parentNode.removeChild(this.parentNode.parentNode);"></td>\ </tr>'; target.parentNode.appendChild(clone); } @@ -261,7 +261,7 @@ function newStorkAttribute() { var lastindex = parseInt(clone.innerHTML.match(/name="storkconfig.attributes\[(\d)/)[1]); var nextindex = lastindex + 1; clone.innerHTML = clone.innerHTML.replace(/name="storkconfig.attributes\[\d/g, 'name="storkconfig.attributes[' + nextindex); - clone.innerHTML = clone.innerHTML.replace(/(.*" value=").*?(".*)/g, '$1$2'); + clone.innerHTML = clone.innerHTML.replace(/(.*" value=").*?(".*)/, '$1$2'); target.parentNode.appendChild(clone); } function newAp() { @@ -272,4 +272,25 @@ function newAp() { clone.innerHTML = clone.innerHTML.replace(/name="storkOA.attributeProviderPlugins\[\d/g, 'name="storkOA.attributeProviderPlugins[' + nextindex); clone.innerHTML = clone.innerHTML.replace(/(.*" value=").*?(".*)/g, '$1$2'); target.parentNode.appendChild(clone); -}
\ No newline at end of file +} + +function setPublicURLPrefixTestBox(checkbox) { + if (checkbox.checked) { + var textarea = $("#loadGeneralConfig_moaconfig_publicURLPrefix"); + textarea.attr("rows", 6); + textarea.height(120); + + } else { + var textarea = $("#loadGeneralConfig_moaconfig_publicURLPrefix"); + textarea.attr("rows", 1); + textarea.height(25); + + } + return true; +} + +function generalConfigLoadEvent() { + var value = $("#loadGeneralConfig_moaconfig_publicURLPrefix").val(); + $("#loadGeneralConfig_moaconfig_publicURLPrefix").val(value.replace(/,/g,",\n")); + return true; +} diff --git a/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp b/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp index e6f07f847..ac2c8de5a 100644 --- a/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp +++ b/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp @@ -6,14 +6,17 @@ <html> <head> <meta content="text/html; charset=utf-8" http-equiv="Content-Type"> + <link rel="stylesheet" type="text/css" href="../css/bootstrap.css"> <link rel="stylesheet" type="text/css" href="../css/index.css"> <title><%=LanguageHelper.getGUIString("title", request) %></title> <script type="text/javascript" src="../js/common.js"></script> <script src="../js/jquery.js"></script> + <script src="../js/bootstrap-input.js"></script> + <script>$(document).ready(function(){$('input[type=file]').bootstrapFileInput();});</script> </head> - <body> + <body onload="generalConfigLoadEvent();"> <jsp:include page="snippets/header_userinfos.jsp"></jsp:include> @@ -34,13 +37,38 @@ <s:form namespace="/secure" method="POST" enctype="multipart/form-data"> - <s:textfield name="moaconfig.publicURLPrefix" - value="%{moaconfig.publicURLPrefix}" - labelposition="left" - key="webpages.oaconfig.general.publicURLPreFix" - cssClass="textfield_long"> - </s:textfield> + <s:if test="moaconfig.isVirtualPublicURLPrefixEnabled()"> + <s:textarea name="moaconfig.publicURLPrefix" + value="%{moaconfig.publicURLPrefix}" + labelposition="left" + key="webpages.oaconfig.general.publicURLPreFix" + cssClass="textfield_long" + rows="6" + requiredLabel="true" + style="height:120px;"> + </s:textarea> + </s:if> + <s:else> + <s:textarea name="moaconfig.publicURLPrefix" + value="%{moaconfig.publicURLPrefix}" + labelposition="left" + key="webpages.oaconfig.general.publicURLPreFix" + cssClass="textfield_long" + rows="1" + requiredLabel="true" + style="height:25px;"> + </s:textarea> + </s:else> + <s:checkbox name="moaconfig.virtualPublicURLPrefixEnabled" + value="%{moaconfig.virtualPublicURLPrefixEnabled}" + labelposition="left" + key="webpages.moaconfig.general.virtualPublicURLPrefixEnabled" + cssClass="checkbox" + onchange="setPublicURLPrefixTestBox(this);"> + </s:checkbox> + + <div class="oa_config_block"> <h3><%=LanguageHelper.getGUIString("webpages.moaconfig.defaultbkus.header", request) %></h3> @@ -256,34 +284,34 @@ labelposition="left" /> <h4><%=LanguageHelper.getGUIString("webpages.moaconfig.stork.pepslist", request) %></h4> <table id="stork_pepslist"> - <tr><th>Country Shortcode</th><th>PEPS URL</th><th>Supports XMLSignatures</th></tr> + <tr><td>Country Shortcode</td><td style="text-align:center;">PEPS URL</td><td>Supports XMLSignatures</td></tr> <s:iterator value="storkconfig.cpepslist" status="stat"> <tr> <td style="display:none;"><s:textfield name="storkconfig.cpepslist[%{#stat.index}].hjid" value="%{hjid}" cssStyle="display:none;"/></td> <td><s:property value="%{countryCode}" /></td> <td><s:textfield name="storkconfig.cpepslist[%{#stat.index}].URL" value="%{URL}" cssClass="textfield_long"/></td> <td><s:checkbox name="storkconfig.cpepslist[%{#stat.index}].supportsXMLSignature" value="%{supportsXMLSignature}" /></td> - <td><input type="button" value="<%=LanguageHelper.getGUIString("webpages.moaconfig.stork.removepeps", request) %>" onclick='this.parentNode.parentNode.parentNode.removeChild(this.parentNode.parentNode);'/></td> + <td><input class="button_narrow" type="button" value="<%=LanguageHelper.getGUIString("webpages.moaconfig.stork.removepeps", request) %>" onclick='this.parentNode.parentNode.parentNode.removeChild(this.parentNode.parentNode);'/></td> </tr> </s:iterator> <s:if test="%{storkconfig.cpepslist == null || storkconfig.cpepslist.isEmpty}"> <tr><td><s:textfield name="storkconfig.cpepslist[0].countryCode" value="CC" cssClass="textfield_short"/></td> <td><s:textfield name="storkconfig.cpepslist[0].URL" value="http://" cssClass="textfield_long"/></td> <td><s:checkbox name="storkconfig.cpepslist[0].supportsXMLSignature" value="true" /></td> - <td><input type="button" value="<%=LanguageHelper.getGUIString("webpages.moaconfig.stork.removepeps", request) %>" onclick='this.parentNode.parentNode.parentNode.removeChild(this.parentNode.parentNode);'/></td></tr> + <td><input class="button_narrow" type="button" value="<%=LanguageHelper.getGUIString("webpages.moaconfig.stork.removepeps", request) %>" onclick='this.parentNode.parentNode.parentNode.removeChild(this.parentNode.parentNode);'/></td></tr> </s:if> </table> - <input type="button" value="<%=LanguageHelper.getGUIString("webpages.moaconfig.stork.newpeps", request) %>" onclick='newPeps();' /> + <input class="oa_buttons" type="button" value="<%=LanguageHelper.getGUIString("webpages.moaconfig.stork.newpeps", request) %>" onclick='newPeps();' /> <h4><%=LanguageHelper.getGUIString("webpages.moaconfig.stork.attributes.heading", request) %></h4> <table id="stork_attributelist"> - <tr><th><%=LanguageHelper.getGUIString("webpages.moaconfig.stork.attributes.heading.name", request) %></th><th><%=LanguageHelper.getGUIString("webpages.moaconfig.stork.attributes.heading.mandatory", request) %></th></tr> + <tr><td><%=LanguageHelper.getGUIString("webpages.moaconfig.stork.attributes.heading.name", request) %></td><td><%=LanguageHelper.getGUIString("webpages.moaconfig.stork.attributes.heading.mandatory", request) %></td></tr> <s:iterator value="storkconfig.attributes" status="stat"> <tr><td><s:textfield name="storkconfig.attributes[%{#stat.index}].name" value="%{name}"/></td> <td><s:checkbox name="storkconfig.attributes[%{#stat.index}].mandatory" value="%{mandatory}" /></td> - <td><input type="button" value="<%=LanguageHelper.getGUIString("webpages.moaconfig.stork.attributes.remove", request) %>" onclick='this.parentNode.parentNode.parentNode.removeChild(this.parentNode.parentNode);'/></td></tr> + <td><input class="button_narrow" type="button" value="<%=LanguageHelper.getGUIString("webpages.moaconfig.stork.attributes.remove", request) %>" onclick='this.parentNode.parentNode.parentNode.removeChild(this.parentNode.parentNode);'/></td></tr> </s:iterator> </table> - <input type="button" value="<%=LanguageHelper.getGUIString("webpages.moaconfig.stork.attributes.new", request) %>" onclick='newStorkAttribute();' /> + <input class="oa_buttons" type="button" value="<%=LanguageHelper.getGUIString("webpages.moaconfig.stork.attributes.new", request) %>" onclick='newStorkAttribute();' /> </div> <div class="oa_config_block"> @@ -293,19 +321,19 @@ <h4><%=LanguageHelper.getGUIString("webpages.moaconfig.protocols.allowed.header", request) %></h4> <s:checkbox name="moaconfig.protocolActiveSAML1" value="%{moaconfig.protocolActiveSAML1}" - labelposition="left" + labelposition="right" key="webpages.moaconfig.protocols.legacy.saml1" cssClass="checkbox"> </s:checkbox> <s:checkbox name="moaconfig.protocolActivePVP21" value="%{moaconfig.protocolActivePVP21}" - labelposition="left" + labelposition="right" key="webpages.moaconfig.protocols.legacy.pvp2" cssClass="checkbox"> </s:checkbox> <s:checkbox name="moaconfig.protocolActiveOAuth" value="%{moaconfig.protocolActiveOAuth}" - labelposition="left" + labelposition="right" key="webpages.moaconfig.protocols.oauth" cssClass="checkbox"> </s:checkbox> @@ -317,13 +345,13 @@ <h4><%=LanguageHelper.getGUIString("webpages.moaconfig.protocols.legacy.header", request) %></h4> <s:checkbox name="moaconfig.legacy_saml1" value="%{moaconfig.legacy_saml1}" - labelposition="left" + labelposition="right" key="webpages.moaconfig.protocols.legacy.saml1" cssClass="checkbox"> </s:checkbox> <s:checkbox name="moaconfig.legacy_pvp2" value="%{moaconfig.legacy_pvp2}" - labelposition="left" + labelposition="right" key="webpages.moaconfig.protocols.legacy.pvp2" cssClass="checkbox"> </s:checkbox> @@ -359,7 +387,7 @@ key="webpages.moaconfig.protocols.pvp2.IssuerName" cssClass="textfield_long"> </s:textfield> - + <br/> <h5><%=LanguageHelper.getGUIString("webpages.moaconfig.protocols.pvp2.org.header", request) %></h5> <s:textfield name="moaconfig.pvp2OrgName" value="%{moaconfig.pvp2OrgName}" @@ -379,7 +407,7 @@ key="webpages.moaconfig.protocols.pvp2.org.url" cssClass="textfield_long"> </s:textfield> - + <br/> <h5><%=LanguageHelper.getGUIString("webpages.moaconfig.protocols.pvp2.contact.header", request) %></h5> <s:textfield name="moaconfig.pvp2Contact.surname" value="%{moaconfig.pvp2Contact.surname}" diff --git a/id/ConfigWebTool/src/main/webapp/jsp/editOAGeneral.jsp b/id/ConfigWebTool/src/main/webapp/jsp/editOAGeneral.jsp index c98b400f7..cc4220d0e 100644 --- a/id/ConfigWebTool/src/main/webapp/jsp/editOAGeneral.jsp +++ b/id/ConfigWebTool/src/main/webapp/jsp/editOAGeneral.jsp @@ -6,13 +6,19 @@ <html> <head> <meta content="text/html; charset=utf-8" http-equiv="Content-Type"> + <link rel="stylesheet" type="text/css" href="../css/bootstrap.css"> <link rel="stylesheet" type="text/css" href="../css/index.css"> + + <link rel="stylesheet" media="screen" type="text/css" href="../css/colorpicker.css" /> + <title><%=LanguageHelper.getGUIString("title", request) %></title> <script type="text/javascript" src="../js/common.js"></script> <script src="../js/jquery.js"></script> <script type="text/javascript" src="../js/colorpicker.js"></script> + <script src="../js/bootstrap-input.js"></script> + <script>$(document).ready(function(){$('input[type=file]').bootstrapFileInput();});</script> </head> <body onload="oaOnLoad()"> @@ -71,7 +77,7 @@ <button type="button" style="display:none" class="oa_buttons" onclick="oaOAuth20();" id="button_oauth20_hidden"> <%=LanguageHelper.getGUIString("webpages.oaconfig.menu.oauth20.hidden", request) %> </button> - + <s:include value="snippets/OA/saml1.jsp"></s:include> @@ -79,7 +85,8 @@ <s:param name="hideBlock">hidden</s:param> </s:include> - <s:include value="snippets/OA/openIDConnect.jsp"></s:include> + <s:include value="snippets/OA/openIDConnect.jsp"></s:include> + </div> @@ -89,7 +96,7 @@ <s:hidden name="formID" value="%{formID}"></s:hidden> - + <br/> <div id="button_area"> <s:submit key="webpages.edit.back" action="cancleandbackOA"/> diff --git a/id/ConfigWebTool/src/main/webapp/jsp/edituser.jsp b/id/ConfigWebTool/src/main/webapp/jsp/edituser.jsp index 994389de3..dffa7bd1b 100644 --- a/id/ConfigWebTool/src/main/webapp/jsp/edituser.jsp +++ b/id/ConfigWebTool/src/main/webapp/jsp/edituser.jsp @@ -8,7 +8,7 @@ <head> <title><%=LanguageHelper.getGUIString("title", request) %></title> <meta content="text/html; charset=utf-8" http-equiv="Content-Type"> - + <link rel="stylesheet" type="text/css" href="../css/bootstrap.css"> <link rel="stylesheet" type="text/css" href="../css/index.css"> <script type="text/javascript" src="../js/common.js"></script> <script src="../js/jquery.js"></script> diff --git a/id/ConfigWebTool/src/main/webapp/jsp/importexport.jsp b/id/ConfigWebTool/src/main/webapp/jsp/importexport.jsp index c619e64b1..d1f95dee8 100644 --- a/id/ConfigWebTool/src/main/webapp/jsp/importexport.jsp +++ b/id/ConfigWebTool/src/main/webapp/jsp/importexport.jsp @@ -7,10 +7,13 @@ <html> <head> <meta content="text/html; charset=utf-8" http-equiv="Content-Type"> + <link rel="stylesheet" type="text/css" href="../css/bootstrap.css"> <link rel="stylesheet" type="text/css" href="../css/index.css"> <title><%=LanguageHelper.getGUIString("title", request) %></title> <script type="text/javascript" src="../js/common.js"></script> <script src="../js/jquery.js"></script> + <script src="../js/bootstrap-input.js"></script> + <script>$(document).ready(function(){$('input[type=file]').bootstrapFileInput();});</script> </head> <body> @@ -40,7 +43,7 @@ <div class="oa_config_block"> <h3><%=LanguageHelper.getGUIString("webpages.inportexport.legacyimport.header", request) %></h3> - <s:file name="fileUpload" key="webpages.inportexport.legacyimport.upload" cssClass="textfield_long"></s:file> + <s:file name="fileUpload" key="webpages.inportexport.legacyimport.upload" cssClass="textfield_300px"></s:file> <s:hidden name="formID" value="%{formID}"></s:hidden> @@ -51,18 +54,19 @@ </div> </s:form> - + <s:form namespace="/secure" method="POST" enctype="multipart/form-data"> <div class="oa_config_block"> <h3><%=LanguageHelper.getGUIString("webpages.inportexport.import.header", request) %></h3> - <s:file name="fileUpload" key="webpages.inportexport.import.upload" cssClass="textfield_long"></s:file> + <s:file name="fileUpload" key="webpages.inportexport.import.upload" cssClass="textfield_300px"></s:file> <s:hidden name="formID" value="%{formID}"></s:hidden> <div id="button_area"> - <s:submit key="webpages.edit.import" action="importConfig"/> + <s:submit key="webpages.edit.import" action="importConfig"/> + <s:submit key="webpages.edit.export" action="exportConfig"/> </div> diff --git a/id/ConfigWebTool/src/main/webapp/jsp/interfederation/idplist.jsp b/id/ConfigWebTool/src/main/webapp/jsp/interfederation/idplist.jsp index ef666b357..a7de4a8e0 100644 --- a/id/ConfigWebTool/src/main/webapp/jsp/interfederation/idplist.jsp +++ b/id/ConfigWebTool/src/main/webapp/jsp/interfederation/idplist.jsp @@ -7,6 +7,7 @@ <html> <head> <meta content="text/html; charset=utf-8" http-equiv="Content-Type"> + <link rel="stylesheet" type="text/css" href="../css/bootstrap.css"> <link rel="stylesheet" type="text/css" href="../css/index.css"> <title><%=LanguageHelper.getGUIString("title", request) %></title> <script type="text/javascript" src="../js/common.js"></script> @@ -46,7 +47,7 @@ <s:form action="newIDP" namespace="/secure" method="POST" > <s:hidden name="interfederationType" value="-VIDP"></s:hidden> <s:submit key="webpages.interfederation.new.vidp"/> - </s:form> + </s:form> <s:form action="newIDP" namespace="/secure" method="POST" > <s:hidden name="interfederationType" value="-IDPGATEWAY"></s:hidden> <s:submit key="webpages.interfederation.new.gateway"/> diff --git a/id/ConfigWebTool/src/main/webapp/jsp/interfederation/moa_idp.jsp b/id/ConfigWebTool/src/main/webapp/jsp/interfederation/moa_idp.jsp index f0d0671bf..45d340908 100644 --- a/id/ConfigWebTool/src/main/webapp/jsp/interfederation/moa_idp.jsp +++ b/id/ConfigWebTool/src/main/webapp/jsp/interfederation/moa_idp.jsp @@ -7,6 +7,7 @@ <html> <head> <meta content="text/html; charset=utf-8" http-equiv="Content-Type"> + <link rel="stylesheet" type="text/css" href="../css/bootstrap.css"> <link rel="stylesheet" type="text/css" href="../css/index.css"> <title><%=LanguageHelper.getGUIString("title", request) %></title> <script type="text/javascript" src="../js/common.js"></script> diff --git a/id/ConfigWebTool/src/main/webapp/jsp/interfederation/pvpgateway.jsp b/id/ConfigWebTool/src/main/webapp/jsp/interfederation/pvpgateway.jsp index ee86c4b91..6677b2b8a 100644 --- a/id/ConfigWebTool/src/main/webapp/jsp/interfederation/pvpgateway.jsp +++ b/id/ConfigWebTool/src/main/webapp/jsp/interfederation/pvpgateway.jsp @@ -7,6 +7,7 @@ <html> <head> <meta content="text/html; charset=utf-8" http-equiv="Content-Type"> + <link rel="stylesheet" type="text/css" href="../css/bootstrap.css"> <link rel="stylesheet" type="text/css" href="../css/index.css"> <title><%=LanguageHelper.getGUIString("title", request) %></title> <script type="text/javascript" src="../js/common.js"></script> diff --git a/id/ConfigWebTool/src/main/webapp/jsp/interfederation/vidp.jsp b/id/ConfigWebTool/src/main/webapp/jsp/interfederation/vidp.jsp index 0cc3b11dd..bf4dc9e72 100644 --- a/id/ConfigWebTool/src/main/webapp/jsp/interfederation/vidp.jsp +++ b/id/ConfigWebTool/src/main/webapp/jsp/interfederation/vidp.jsp @@ -7,6 +7,7 @@ <html> <head> <meta content="text/html; charset=utf-8" http-equiv="Content-Type"> + <link rel="stylesheet" type="text/css" href="../css/bootstrap.css"> <link rel="stylesheet" type="text/css" href="../css/index.css"> <link rel="stylesheet" media="screen" type="text/css" href="../css/colorpicker.css" /> <title><%=LanguageHelper.getGUIString("title", request) %></title> diff --git a/id/ConfigWebTool/src/main/webapp/jsp/listOAs.jsp b/id/ConfigWebTool/src/main/webapp/jsp/listOAs.jsp index bad50262d..d562f1e7c 100644 --- a/id/ConfigWebTool/src/main/webapp/jsp/listOAs.jsp +++ b/id/ConfigWebTool/src/main/webapp/jsp/listOAs.jsp @@ -7,6 +7,7 @@ <html> <head> <meta content="text/html; charset=utf-8" http-equiv="Content-Type"> + <link rel="stylesheet" type="text/css" href="../css/bootstrap.css"> <link rel="stylesheet" type="text/css" href="../css/index.css"> <title><%=LanguageHelper.getGUIString("title", request) %></title> <script type="text/javascript" src="../js/common.js"></script> diff --git a/id/ConfigWebTool/src/main/webapp/jsp/mainpage.jsp b/id/ConfigWebTool/src/main/webapp/jsp/mainpage.jsp index c9f1e00f6..34f228952 100644 --- a/id/ConfigWebTool/src/main/webapp/jsp/mainpage.jsp +++ b/id/ConfigWebTool/src/main/webapp/jsp/mainpage.jsp @@ -7,6 +7,7 @@ <html> <head> <meta content="text/html; charset=utf-8" http-equiv="Content-Type"> + <link rel="stylesheet" type="text/css" href="../css/bootstrap.css"> <link rel="stylesheet" type="text/css" href="../css/index.css"> <title><%=LanguageHelper.getGUIString("title", request) %></title> </head> diff --git a/id/ConfigWebTool/src/main/webapp/jsp/newUserRequest.jsp b/id/ConfigWebTool/src/main/webapp/jsp/newUserRequest.jsp index 9995f9f31..934296b3a 100644 --- a/id/ConfigWebTool/src/main/webapp/jsp/newUserRequest.jsp +++ b/id/ConfigWebTool/src/main/webapp/jsp/newUserRequest.jsp @@ -8,7 +8,7 @@ <head> <title><%=LanguageHelper.getGUIString("title", request) %></title> <meta content="text/html; charset=utf-8" http-equiv="Content-Type"> - + <link rel="stylesheet" type="text/css" href="../css/bootstrap.css"> <link rel="stylesheet" type="text/css" href="./css/index.css"> <script type="text/javascript" src="./js/common.js"></script> <script src="./js/jquery.js"></script> diff --git a/id/ConfigWebTool/src/main/webapp/jsp/openadminrequests.jsp b/id/ConfigWebTool/src/main/webapp/jsp/openadminrequests.jsp index 0cd861884..deb757885 100644 --- a/id/ConfigWebTool/src/main/webapp/jsp/openadminrequests.jsp +++ b/id/ConfigWebTool/src/main/webapp/jsp/openadminrequests.jsp @@ -7,6 +7,7 @@ <html> <head> <meta content="text/html; charset=utf-8" http-equiv="Content-Type"> + <link rel="stylesheet" type="text/css" href="../css/bootstrap.css"> <link rel="stylesheet" type="text/css" href="../css/index.css"> <title><%=LanguageHelper.getGUIString("title", request) %></title> <script type="text/javascript" src="../js/common.js"></script> diff --git a/id/ConfigWebTool/src/main/webapp/jsp/searchOAs.jsp b/id/ConfigWebTool/src/main/webapp/jsp/searchOAs.jsp index a2617a0e9..8d1c5adf9 100644 --- a/id/ConfigWebTool/src/main/webapp/jsp/searchOAs.jsp +++ b/id/ConfigWebTool/src/main/webapp/jsp/searchOAs.jsp @@ -7,6 +7,7 @@ <html> <head> <meta content="text/html; charset=utf-8" http-equiv="Content-Type"> + <link rel="stylesheet" type="text/css" href="../css/bootstrap.css"> <link rel="stylesheet" type="text/css" href="../css/index.css"> <title><%=LanguageHelper.getGUIString("title", request) %></title> <script type="text/javascript" src="../js/common.js"></script> @@ -38,8 +39,8 @@ key="webpages.searchoa.search.friendlyname" cssClass="textfield_long"> </s:textfield> - - <s:submit key="webpages.searchoa.butten.search" action="searchOA"/> + + <s:submit key="webpages.searchoa.butten.search" action="searchOA" cssClass="button_fit"/> </s:form> </div> diff --git a/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/saml1.jsp b/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/saml1.jsp index a004a03a3..294d638f8 100644 --- a/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/saml1.jsp +++ b/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/saml1.jsp @@ -14,38 +14,42 @@ cssClass="checkbox"> </s:checkbox> </s:if> + <s:checkbox name="saml1OA.provideStammZahl" value="%{saml1OA.provideStammZahl}" labelposition="left" key="webpages.oaconfig.saml1.provideStammZahl" cssClass="checkbox"> </s:checkbox> + <br> <s:checkbox name="saml1OA.provideAuthBlock" value="%{saml1OA.provideAuthBlock}" labelposition="left" key="webpages.oaconfig.saml1.provideAuthBlock" cssClass="checkbox"> </s:checkbox> - <br> + <s:checkbox name="saml1OA.provideIdentityLink" value="%{saml1OA.provideIdentityLink}" labelposition="left" key="webpages.oaconfig.saml1.provideIdentityLink" cssClass="checkbox"> - </s:checkbox> + </s:checkbox> + <br> <s:checkbox name="saml1OA.provideCertificate" value="%{saml1OA.provideCertificate}" labelposition="left" key="webpages.oaconfig.saml1.provideCertificate" cssClass="checkbox"> </s:checkbox> + <br> <s:checkbox name="saml1OA.provideFullMandateData" value="%{saml1OA.provideFullMandateData}" labelposition="left" key="webpages.oaconfig.saml1.provideFullMandateData" cssClass="checkbox"> </s:checkbox> - <br> + <s:checkbox name="saml1OA.provideAllErrors" value="%{saml1OA.provideAllErrors}" labelposition="left" diff --git a/id/ConfigWebTool/src/main/webapp/jsp/snippets/footer.jsp b/id/ConfigWebTool/src/main/webapp/jsp/snippets/footer.jsp index e78319181..bcad99a5d 100644 --- a/id/ConfigWebTool/src/main/webapp/jsp/snippets/footer.jsp +++ b/id/ConfigWebTool/src/main/webapp/jsp/snippets/footer.jsp @@ -2,8 +2,9 @@ <%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%> <%@ taglib prefix="s" uri="/struts-tags" %> -<html> +<!-- html> <div id="footer_area"> - MOA-ID Konfigurations-Tool (Version: <s:property value="ConfigToolVersion"/>) + <!-- MOA-ID Konfigurations-Tool (Version: <s:property value="ConfigToolVersion"/>)--> </div> -</html>
\ No newline at end of file + +</html-->
\ No newline at end of file diff --git a/id/ConfigWebTool/src/main/webapp/jsp/snippets/header_userinfos.jsp b/id/ConfigWebTool/src/main/webapp/jsp/snippets/header_userinfos.jsp index 6ba70da54..4d740fd06 100644 --- a/id/ConfigWebTool/src/main/webapp/jsp/snippets/header_userinfos.jsp +++ b/id/ConfigWebTool/src/main/webapp/jsp/snippets/header_userinfos.jsp @@ -1,27 +1,54 @@ -<%@page import="at.gv.egovernment.moa.id.configuration.helper.LanguageHelper"%> -<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%> -<%@ taglib prefix="s" uri="/struts-tags" %> +<%@page + import="at.gv.egovernment.moa.id.configuration.helper.LanguageHelper"%> +<%@ page language="java" contentType="text/html; charset=UTF-8" + pageEncoding="UTF-8"%> +<%@ taglib prefix="s" uri="/struts-tags"%> <html> - <div id="header_area"> -<!-- <div> --> - <%=LanguageHelper.getGUIString("webpages.header.info", request) %> - <s:if test="authUser.isMandateUser()"> - <s:property value="authUser.institute"/> - </s:if> - <s:else> - <s:property value="authUser.givenName"/> <s:property value="authUser.familyName"/>, - </s:else> - <%=LanguageHelper.getGUIString("webpages.header.lastlogin", request) %> <s:property value="authUser.getFormatedLastLogin()"/> - - <div id="language_area"> - <a href="changeLanguage.action?request_locale=de" /><img alt="Deutsch" src="./../images/de.png"></a> - <a href="changeLanguage.action?request_locale=en" /><img alt="English" src="./../images/en.png"></a> - </div> - - <s:url action="logout" var="logoutURL" namespace="/"/> - <a id="logoutbutton" href="<s:property value="#logoutURL" />"><%=LanguageHelper.getGUIString("webpages.index.logout", request) %></a> -<!-- </div> --> +<div id="header_area"> + <!-- <div> --> + + + <div id ="left_area"> + <h2><%=LanguageHelper.getGUIString("header.title", request) %></h2> </div> -</html>
\ No newline at end of file + + <div id="right_area"> + <a id="toggleMenu"> + <s:if test="authUser.isMandateUser()"> + <s:property value="authUser.institute" /> + </s:if> + <s:else> + <s:property value="authUser.givenName" /> + <s:property value="authUser.familyName" /> + </s:else> + </a> + <div id="drop_down_menu"> + + <ul> + <li> + <span> + <%=LanguageHelper.getGUIString("webpages.header.lastlogin", request) %> <s:property value="authUser.getFormatedLastLogin()"/> + </span> + </li> + </ul> + <a id="flag_at" href="changeLanguage.action?request_locale=de" ><img alt="Deutsch" + src="./../images/de.png"></a> + <a id="flag_en" href="changeLanguage.action?request_locale=en" ><img alt="English" + src="./../images/en.png"></a> + <s:url action="logout" var="logoutURL" namespace="/" /> + <a id="logout_button" href="<s:property value="#logoutURL" />">Logout <img alt="<%=LanguageHelper.getGUIString("webpages.index.logout", request) %>" + src="./../images/logout.png"></a> + </div> + + + <s:url action="searchOAInit" var="searchOAs" namespace="/secure" /> + <a href="<s:property value="#searchOAs" />"><img alt="Deutsch" + src="./../images/lupe.png"></a> + + </div> + + +</div> +</html> diff --git a/id/ConfigWebTool/src/main/webapp/jsp/snippets/oas_list.jsp b/id/ConfigWebTool/src/main/webapp/jsp/snippets/oas_list.jsp index e2af292d7..e97dddd8f 100644 --- a/id/ConfigWebTool/src/main/webapp/jsp/snippets/oas_list.jsp +++ b/id/ConfigWebTool/src/main/webapp/jsp/snippets/oas_list.jsp @@ -6,6 +6,7 @@ <html> <s:if test="formOAs && formOAs.size > 0"> <div id="list_area"> + <h2><%=LanguageHelper.getGUIString("webpages.listOAs.list.title", request) %></h2> <div id="listHeader" class="listElement"> <s:if test="formOAs[0].serviceType != 'OA'"> <div class="listElInfo"> diff --git a/id/ConfigWebTool/src/main/webapp/jsp/snippets/userfields.jsp b/id/ConfigWebTool/src/main/webapp/jsp/snippets/userfields.jsp index 7d28a9236..555f7cd36 100644 --- a/id/ConfigWebTool/src/main/webapp/jsp/snippets/userfields.jsp +++ b/id/ConfigWebTool/src/main/webapp/jsp/snippets/userfields.jsp @@ -40,7 +40,8 @@ </s:textfield> <input type="button" onclick="sendVerificationMail();" - value='<%=LanguageHelper.getGUIString("webpages.edituser.verify.mail.button", request) %>' + value='<%=LanguageHelper.getGUIString("webpages.edituser.verify.mail.button", request) %>' + class='button_fit' /> </div> </s:if> diff --git a/id/ConfigWebTool/src/main/webapp/jsp/usermanagement.jsp b/id/ConfigWebTool/src/main/webapp/jsp/usermanagement.jsp index 1d5d4ac12..41222cff6 100644 --- a/id/ConfigWebTool/src/main/webapp/jsp/usermanagement.jsp +++ b/id/ConfigWebTool/src/main/webapp/jsp/usermanagement.jsp @@ -7,6 +7,7 @@ <html> <head> <meta content="text/html; charset=utf-8" http-equiv="Content-Type"> + <link rel="stylesheet" type="text/css" href="../css/bootstrap.css"> <link rel="stylesheet" type="text/css" href="../css/index.css"> <title><%=LanguageHelper.getGUIString("title", request) %></title> <script type="text/javascript" src="../js/common.js"></script> diff --git a/id/history.txt b/id/history.txt index 6ad08d910..f242ab35e 100644 --- a/id/history.txt +++ b/id/history.txt @@ -1,5 +1,32 @@ Dieses Dokument zeigt die Veränderungen und Erweiterungen von MOA-ID auf.
+Version MOA-ID Release 3.1.0: Änderungen seit Version MOA-ID 3.0.2
+- Änderungen
+ - Mehrere virtuelle IDP Instanzen je deployer MOA-ID Instanz möglich
+ (unterschiedliche Entity-IDs je virtueller Instanz)
+ - Überarbeitung der Weboberfläche des Konfigurationstools
+ - Update der beigelegten Templates (BKU-Auswahl, SSO Assertion Conformation,
+ Front-Channel Single LogOut)
+ - Kleinere Bug-Fixes
+ - Update von Libraries
+ > mysql:mysql-connector-java 5.1.38
+ > org.slf4j:jcl-over-slf4j 1.7.13
+ > org.slf4j:jul-to-slf4j 1.7.13
+ > org.slf4j:slf4j-api 1.7.13
+ > org.slf4j:slf4j-log4j12 1.7.13
+ > apache:cxf 3.1.4
+ > org.springframework 4.2.4.RELEASE
+ > commons:collections3 3.2.2
+ > commons:collections4 4.1
+ > org.apache.struts:struts2-core 2.3.24.1
+ > org.apache.struts:struts2-json-plugin 2.3.24.1
+ > org.hibernate:hibernate-core 4.3.11.Final
+ > org.hibernate:hibernate-entitymanager 4.3.11.Final
+ > org.hibernate:hibernate-c3p0 4.3.11.Final
+ > com.google.http-client:google-http-client-jackson2 1.21.0
+ > com.google.oauth-client:google-oauth-client-jetty 1.21.0
+
+ ------------------------------------------------------------------------------
Version MOA-ID Release 3.0.2: Änderungen seit Version MOA-ID 3.0.1
- Änderungen
- Bug-Fix für Zugriff auf Oracle Datenbanken
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralMOAIDConfigurationTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralMOAIDConfigurationTask.java index ed02f8186..1c3e0fe13 100644 --- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralMOAIDConfigurationTask.java +++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralMOAIDConfigurationTask.java @@ -29,6 +29,7 @@ import java.util.List; import java.util.Map; import java.util.regex.Pattern; +import org.apache.commons.lang3.StringUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -114,14 +115,32 @@ public class GeneralMOAIDConfigurationTask extends AbstractTaskValidator impleme } check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_PUBLICURLPREFIX, getKeyPrefix())); + String isVirtualIDPEnabled = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_ISVIRTUALIDPSENABLED, getKeyPrefix())); if (MiscUtil.isNotEmpty(check)) { - if (!ValidationHelper.validateURL(check)) { - log.info("Public URL Prefix is not valid"); - errors.add(new ValidationObjectIdentifier( - MOAIDConfigurationConstants.GENERAL_PUBLICURLPREFIX, - "Public URL Prefix", - LanguageHelper.getErrorString("validation.general.publicURLprefix.valid"))); - } + String[] preFixList = check.split(","); + if (isVirtualIDPEnabled != null && Boolean.valueOf(isVirtualIDPEnabled)) { + for (String el : preFixList) { + if (!ValidationHelper.validateURL(el.trim())) { + log.info("Public URL Prefix is not valid"); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.GENERAL_PUBLICURLPREFIX, + "Public URL Prefix", + LanguageHelper.getErrorString("validation.general.publicURLprefix.valid", new Object[]{el}))); + } + } + } else { + if (!ValidationHelper.validateURL( + StringUtils.chomp(preFixList[0].trim()))) { + log.info("Public URL Prefix " + preFixList[0] + " is not valid"); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.GENERAL_PUBLICURLPREFIX, + "Public URL Prefix", + LanguageHelper.getErrorString("validation.general.publicURLprefix.valid", new Object[]{preFixList[0]}))); + + } + + } + } else { log.info("PublicURL Prefix is empty."); errors.add(new ValidationObjectIdentifier( @@ -191,12 +210,12 @@ public class GeneralMOAIDConfigurationTask extends AbstractTaskValidator impleme "Default BKUs - Handy", LanguageHelper.getErrorString("validation.general.bku.handy.valid"))); } - } else { - log.info("Empty Handy-BKU URL"); - errors.add(new ValidationObjectIdentifier( - MOAIDConfigurationConstants.GENERAL_DEFAULTS_BKU_HANDY, - "Default BKUs - Handy", - LanguageHelper.getErrorString("validation.general.bku.handy.empty"))); +// } else { +// log.info("Empty Handy-BKU URL"); +// errors.add(new ValidationObjectIdentifier( +// MOAIDConfigurationConstants.GENERAL_DEFAULTS_BKU_HANDY, +// "Default BKUs - Handy", +// LanguageHelper.getErrorString("validation.general.bku.handy.empty"))); } check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_DEFAULTS_BKU_LOCAL, getKeyPrefix())); @@ -208,12 +227,12 @@ public class GeneralMOAIDConfigurationTask extends AbstractTaskValidator impleme "Default BKUs - Local", LanguageHelper.getErrorString("validation.general.bku.local.valid"))); } - } else { - log.info("Empty Online-BKU URL"); - errors.add(new ValidationObjectIdentifier( - MOAIDConfigurationConstants.GENERAL_DEFAULTS_BKU_LOCAL, - "Default BKUs - Local", - LanguageHelper.getErrorString("validation.general.bku.local.empty"))); +// } else { +// log.info("Empty Online-BKU URL"); +// errors.add(new ValidationObjectIdentifier( +// MOAIDConfigurationConstants.GENERAL_DEFAULTS_BKU_LOCAL, +// "Default BKUs - Local", +// LanguageHelper.getErrorString("validation.general.bku.local.empty"))); } @@ -226,12 +245,12 @@ public class GeneralMOAIDConfigurationTask extends AbstractTaskValidator impleme "Default BKUs - Online", LanguageHelper.getErrorString("validation.general.bku.online.valid"))); } - } else { - log.info("Empty Online-BKU URL"); - errors.add(new ValidationObjectIdentifier( - MOAIDConfigurationConstants.GENERAL_DEFAULTS_BKU_ONLINE, - "Default BKUs - Online", - LanguageHelper.getErrorString("validation.general.bku.online.empty"))); +// } else { +// log.info("Empty Online-BKU URL"); +// errors.add(new ValidationObjectIdentifier( +// MOAIDConfigurationConstants.GENERAL_DEFAULTS_BKU_ONLINE, +// "Default BKUs - Online", +// LanguageHelper.getErrorString("validation.general.bku.online.empty"))); } @@ -511,15 +530,32 @@ public class GeneralMOAIDConfigurationTask extends AbstractTaskValidator impleme Map<String, String> newConfigValues = new HashMap<String, String>(); - String pubURLPrefix = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_PUBLICURLPREFIX, getKeyPrefix())); - if(pubURLPrefix.endsWith("/")) { - int length = pubURLPrefix.length(); - pubURLPrefix = pubURLPrefix.substring(0, length-1); - newConfigValues.put(MOAIDConfigurationConstants.GENERAL_PUBLICURLPREFIX, pubURLPrefix); + String pubURLPrefix = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_PUBLICURLPREFIX, getKeyPrefix())); + String normalizedPubURLPrefix = KeyValueUtils.normalizeCSVValueString(pubURLPrefix); + String[] normalizedPubURLPrefixList = normalizedPubURLPrefix.split(KeyValueUtils.CSV_DELIMITER); + String modifiedPubURLPrefixCSV = null; + + for (String el : normalizedPubURLPrefixList) { + String newPubURLPrefix = el; + if(el.endsWith("/")) { + int length = el.length(); + newPubURLPrefix = el.substring(0, length-1); + } + + if (modifiedPubURLPrefixCSV == null) + modifiedPubURLPrefixCSV = newPubURLPrefix; + else + modifiedPubURLPrefixCSV += KeyValueUtils.CSV_DELIMITER + newPubURLPrefix; + + } + + if (!modifiedPubURLPrefixCSV.equals(pubURLPrefix)) { + newConfigValues.put(MOAIDConfigurationConstants.GENERAL_PUBLICURLPREFIX, modifiedPubURLPrefixCSV); log.debug("Change key: " + MOAIDConfigurationConstants.GENERAL_PUBLICURLPREFIX + " from value: " + input.get(MOAIDConfigurationConstants.GENERAL_PUBLICURLPREFIX) - + " to value: " + pubURLPrefix); - } + + " to value: " + modifiedPubURLPrefixCSV); + } + String ssoTarget = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_SSO_TARGET, getKeyPrefix())); if (MiscUtil.isNotEmpty(ssoTarget)) { diff --git a/id/moa-id-webgui/src/main/resources/applicationResources_de.properties b/id/moa-id-webgui/src/main/resources/applicationResources_de.properties index bb0499020..8f7ccd8ab 100644 --- a/id/moa-id-webgui/src/main/resources/applicationResources_de.properties +++ b/id/moa-id-webgui/src/main/resources/applicationResources_de.properties @@ -373,7 +373,7 @@ validation.edituser.bpk.valid=Die BPK enth\u00E4lt nicht erlaubte Zeichen. Folge validation.general.SAML1SourceID=Die SAML1SourceID enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0} validation.general.publicURLprefix.empty=Public URL Prefix Feld ist leer. -validation.general.publicURLprefix.valid=Public URL Prefix hat kein g\u00FCltiges Format. +validation.general.publicURLprefix.valid=Public URL Prefix {0} hat kein g\u00FCltiges Format. validation.general.businessservice.empty=Die Application ist weder dem \u00F6ffentlichen noch dem privaten Sektor zugeordnet. validation.general.certStoreDirectory.empty=CertStoreDirectory Feld ist leer. validation.general.certStoreDirectory.valid=Das CertStoreDirectory Feld enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0} diff --git a/id/moa-id-webgui/src/main/resources/applicationResources_en.properties b/id/moa-id-webgui/src/main/resources/applicationResources_en.properties index 420ac27ec..9e472e3af 100644 --- a/id/moa-id-webgui/src/main/resources/applicationResources_en.properties +++ b/id/moa-id-webgui/src/main/resources/applicationResources_en.properties @@ -371,7 +371,7 @@ validation.edituser.bpk.valid=BPK contains forbidden characters. The following c validation.general.SAML1SourceID=SAML1SourceID contains forbidden characters. The following characters are not allowed\: {0} validation.general.publicURLprefix.empty=Public URL Prefix is blank. -validation.general.publicURLprefix.valid=Public URL Prefix has invalid format. +validation.general.publicURLprefix.valid=Public URL Prefix {0} has invalid format. validation.general.businessservice.empty=Online application is no public or private application. validation.general.certStoreDirectory.empty=CertStoreDirectory is blank. validation.general.certStoreDirectory.valid=CertStoreDirectory Feld contains forbidden characters. The following characters are not allowed\: {0} diff --git a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/Authenticate.java b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/Authenticate.java index 4bce49465..0b8251386 100644 --- a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/Authenticate.java +++ b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/Authenticate.java @@ -43,6 +43,7 @@ import org.opensaml.common.binding.BasicSAMLMessageContext; import org.opensaml.common.impl.SecureRandomIdentifierGenerator; import org.opensaml.common.xml.SAMLConstants; import org.opensaml.saml2.binding.encoding.HTTPPostEncoder; +import org.opensaml.saml2.binding.encoding.HTTPRedirectDeflateEncoder; import org.opensaml.saml2.core.AuthnContextClassRef; import org.opensaml.saml2.core.AuthnContextComparisonTypeEnumeration; import org.opensaml.saml2.core.AuthnRequest; @@ -124,7 +125,7 @@ public class Authenticate extends HttpServlet { serviceURL = serviceURL + "/"; //name.setValue(serviceURL); issuer.setValue(serviceURL); - + // subject.setNameID(name); // authReq.setSubject(subject); issuer.setFormat(NameIDType.ENTITY); @@ -155,13 +156,21 @@ public class Authenticate extends HttpServlet { for (SingleSignOnService sss : idpEntity.getIDPSSODescriptor(SAMLConstants.SAML20P_NS).getSingleSignOnServices()) { +// //Get the service address for the binding you wish to use +// if (sss.getBinding().equals(SAMLConstants.SAML2_POST_BINDING_URI)) { +// redirectEndpoint = sss; +// } + //Get the service address for the binding you wish to use - if (sss.getBinding().equals(SAMLConstants.SAML2_POST_BINDING_URI)) { + if (sss.getBinding().equals(SAMLConstants.SAML2_REDIRECT_BINDING_URI)) { redirectEndpoint = sss; } + } authReq.setDestination(redirectEndpoint.getLocation()); + //authReq.setDestination("http://test.test.test"); + RequestedAuthnContext reqAuthContext = SAML2Utils.createSAMLObject(RequestedAuthnContext.class); @@ -191,32 +200,47 @@ public class Authenticate extends HttpServlet { authReq.setSignature(signer); //generate Http-POST Binding message - VelocityEngine engine = new VelocityEngine(); - engine.setProperty(RuntimeConstants.ENCODING_DEFAULT, "UTF-8"); - engine.setProperty(RuntimeConstants.OUTPUT_ENCODING, "UTF-8"); - engine.setProperty(RuntimeConstants.ENCODING_DEFAULT, "UTF-8"); - engine.setProperty(RuntimeConstants.RESOURCE_LOADER, "classpath"); - engine.setProperty("classpath.resource.loader.class", - "org.apache.velocity.runtime.resource.loader.ClasspathResourceLoader"); - engine.setProperty(RuntimeConstants.RUNTIME_LOG_LOGSYSTEM_CLASS, - "org.apache.velocity.runtime.log.SimpleLog4JLogSystem"); - engine.init(); - - HTTPPostEncoder encoder = new HTTPPostEncoder(engine, - "templates/pvp_postbinding_template.html"); +// VelocityEngine engine = new VelocityEngine(); +// engine.setProperty(RuntimeConstants.ENCODING_DEFAULT, "UTF-8"); +// engine.setProperty(RuntimeConstants.OUTPUT_ENCODING, "UTF-8"); +// engine.setProperty(RuntimeConstants.ENCODING_DEFAULT, "UTF-8"); +// engine.setProperty(RuntimeConstants.RESOURCE_LOADER, "classpath"); +// engine.setProperty("classpath.resource.loader.class", +// "org.apache.velocity.runtime.resource.loader.ClasspathResourceLoader"); +// engine.setProperty(RuntimeConstants.RUNTIME_LOG_LOGSYSTEM_CLASS, +// "org.apache.velocity.runtime.log.SimpleLog4JLogSystem"); +// engine.init(); +// +// HTTPPostEncoder encoder = new HTTPPostEncoder(engine, +// "templates/pvp_postbinding_template.html"); +// HttpServletResponseAdapter responseAdapter = new HttpServletResponseAdapter( +// response, true); +// BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject> context = new BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject>(); +// SingleSignOnService service = new SingleSignOnServiceBuilder() +// .buildObject(); +// service.setBinding("urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"); +// service.setLocation(redirectEndpoint.getLocation());; +// +// context.setOutboundSAMLMessageSigningCredential(authcredential); +// context.setPeerEntityEndpoint(service); +// context.setOutboundSAMLMessage(authReq); +// context.setOutboundMessageTransport(responseAdapter); + + //generate Redirect Binding message + HTTPRedirectDeflateEncoder encoder = new HTTPRedirectDeflateEncoder(); HttpServletResponseAdapter responseAdapter = new HttpServletResponseAdapter( response, true); BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject> context = new BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject>(); SingleSignOnService service = new SingleSignOnServiceBuilder() .buildObject(); - service.setBinding("urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"); - service.setLocation(redirectEndpoint.getLocation());; - + service.setBinding(SAMLConstants.SAML2_REDIRECT_BINDING_URI); + service.setLocation(redirectEndpoint.getLocation()); context.setOutboundSAMLMessageSigningCredential(authcredential); context.setPeerEntityEndpoint(service); context.setOutboundSAMLMessage(authReq); context.setOutboundMessageTransport(responseAdapter); - + //context.setRelayState(relayState); + encoder.encode(context); } catch (Exception e) { diff --git a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/utils/AttributeListBuilder.java b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/utils/AttributeListBuilder.java index eecb691c0..1dcc66a56 100644 --- a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/utils/AttributeListBuilder.java +++ b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/utils/AttributeListBuilder.java @@ -56,9 +56,9 @@ public class AttributeListBuilder implements PVPConstants{ requestedAttributes.add(buildReqAttribute(EID_CITIZEN_QAA_LEVEL_NAME, EID_CITIZEN_QAA_LEVEL_FRIENDLY_NAME, true)); requestedAttributes.add(buildReqAttribute(EID_ISSUING_NATION_NAME, EID_ISSUING_NATION_FRIENDLY_NAME, true)); requestedAttributes.add(buildReqAttribute(EID_SECTOR_FOR_IDENTIFIER_NAME, EID_SECTOR_FOR_IDENTIFIER_FRIENDLY_NAME, true)); - requestedAttributes.add(buildReqAttribute(EID_SIGNER_CERTIFICATE_NAME, EID_SIGNER_CERTIFICATE_FRIENDLY_NAME, true)); + requestedAttributes.add(buildReqAttribute(EID_SIGNER_CERTIFICATE_NAME, EID_SIGNER_CERTIFICATE_FRIENDLY_NAME, false)); requestedAttributes.add(buildReqAttribute(EID_CCS_URL_NAME, EID_CCS_URL_FRIENDLY_NAME, true)); - requestedAttributes.add(buildReqAttribute(EID_AUTH_BLOCK_NAME, EID_AUTH_BLOCK_FRIENDLY_NAME, true)); + requestedAttributes.add(buildReqAttribute(EID_AUTH_BLOCK_NAME, EID_AUTH_BLOCK_FRIENDLY_NAME, false)); requestedAttributes.add(buildReqAttribute(EID_IDENTITY_LINK_NAME, EID_IDENTITY_LINK_FRIENDLY_NAME, true)); requestedAttributes.add(buildReqAttribute(MANDATE_TYPE_NAME, MANDATE_TYPE_FRIENDLY_NAME, false)); diff --git a/id/readme_2.0.2.1.txt b/id/readme_2.0.2.1.txt new file mode 100644 index 000000000..4c71618f1 --- /dev/null +++ b/id/readme_2.0.2.1.txt @@ -0,0 +1,47 @@ +=============================================================================== +MOA ID Configuration Version Release 2.0.2.1 + - Wichtige Informationen zur Installation +=============================================================================== + +------------------------------------------------------------------------------- +A. Neuerungen/Änderungen +------------------------------------------------------------------------------- + +Hierbei handelt es sich um eine Zwischenrelease des Modules MOA-ID-Configuration +für die offizielle MOA-ID Release 3.0.2. +Diese Zwischenrelase beinhaltet eine fehlerkorrigierte Version des Modules +MOA-ID-Configuration mit der Version 2.0.2.1. + +- Änderungen + - Bug-Fix + - Preview des GUI Layouts + +------------------------------------------------------------------------------- +B. Durchführung eines Updates +------------------------------------------------------------------------------- + +Dieses Version dient NUR zum Update des Modules MOA-ID-Configuration in der +MOA-ID Release 3.0.2. + +............................................................................... +B.0 Durchführung eines Updates +............................................................................... +1. Stoppen Sie den Tomcat, in dem Ihre bisherige Installation betrieben wird. + Fertigen Sie eine Sicherungskopie Ihrer kompletten Tomcat-Installation an. + +2. Entpacken Sie das Modul MOA-ID-Configuration (moa-id-configuration-2.0.2.1.zip) + in ein temporäres Verzeichnis, in weiterer Folge als MOA_ID_AUTH_INST + bezeichnet. + +3. Wechseln Sie in jenes Verzeichnis, das die Webapplikation von MOA ID Configuration + beinhaltet (für gewöhnlich ist dieses Verzeichnis CATALINA_HOME_ID/webapps, + wobei CATALINA_HOME_ID für das Basisverzeichnis der Tomcat-Installation + für MOA ID steht). Löschen Sie darin sowohl die Dateien moa-id-auth.war + als auch das komplette Verzeichnis moa-id-auth. + +4. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-configuration.war nach + CATALINA_HOME_ID/webapps. + +5. Starten Sie den Tomcat neu, achten Sie auf eventuelle Fehlermeldungen im + Logging von MOA ID beim Einlesen der Konfiguration. + diff --git a/id/readme_3.1.0-RC1.txt b/id/readme_3.1.0-RC1.txt new file mode 100644 index 000000000..6c2fce8a8 --- /dev/null +++ b/id/readme_3.1.0-RC1.txt @@ -0,0 +1,602 @@ +=============================================================================== +MOA ID Version Release 3.1.0 - Wichtige Informationen zur Installation +=============================================================================== + +------------------------------------------------------------------------------- +A. Neuerungen/Änderungen +------------------------------------------------------------------------------- + +Mit MOA ID Version 3.1.0 wurden folgende Neuerungen und Änderungen eingeführt, +die jetzt erstmals in der Veröffentlichung enthalten sind (siehe auch +history.txt im gleichen Verzeichnis). + +- Änderungen + - Mehrere virtuelle IDP Instanzen je deployer MOA-ID Instanz möglich + (unterschiedliche Entity-IDs je virtueller Instanz) + - Überarbeitung der Weboberfläche des Konfigurationstools + - Kleinere Bug-Fixes + - Update von Libraries + + +------------------------------------------------------------------------------- +B. Durchführung eines Updates +------------------------------------------------------------------------------- + +Es wird generell eine Neuinstallation lt. Handbuch empfohlen! Dennoch ist auch +eine Aktualisierung bestehender Installationen möglich. Je nachdem von welcher +MOA-ID Version ausgegangen wird ergibt sich eine Kombination der nachfolgend +angebebenen Updateschritte. + +Hinweis: Wenn Sie die bestehende Konfiguration von MOA-ID 2.x.x in MOA-ID 3.1.x +reimportieren möchten, so muss diese vor dem Update mit Hilfe der import/export +Funktion der grafischen Konfigurationsoberfläche in eine Datei exportiert werden. +Diese Datei dient dann als Basis für den Import in MOA-ID 3.1.x. + +............................................................................... +B.1 Durchführung eines Updates von Version 3.0.x auf Version 3.1.0 +............................................................................... +1. Stoppen Sie den Tomcat, in dem Ihre bisherige Installation betrieben wird. + Fertigen Sie eine Sicherungskopie Ihrer kompletten Tomcat-Installation an. + +2. Entpacken Sie die Distribution von MOA-ID-Auth (moa-id-auth-3.1.0.zip) in + ein temporäres Verzeichnis, in weiterer Folge als MOA_ID_AUTH_INST + bezeichnet. + +3. Wechseln Sie in jenes Verzeichnis, das die Webapplikation von MOA ID Auth + beinhaltet (für gewöhnlich ist dieses Verzeichnis CATALINA_HOME_ID/webapps, + wobei CATALINA_HOME_ID für das Basisverzeichnis der Tomcat-Installation + für MOA ID steht). Löschen Sie darin sowohl die Dateien moa-id-auth.war + als auch das komplette Verzeichnis moa-id-auth. + +4. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-auth.war nach + CATALINA_HOME_ID/webapps. + +5. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-configuration.war nach + CATALINA_HOME_ID/webapps. + +6. Update der TrustStores für WebService Zugriffe. + a.) Kopieren Sie die Dateien aus dem Verzeichnis MOA_ID_INST_AUTH\conf\moa-id\certs\ca-certs + in das Verzeichnis CATALINA_HOME\conf\moa-id\certs\ca-certs. + b.) Kopieren Sie die Dateien aus dem Verzeichnis MOA_ID_INST_AUTH\conf\moa-id\certs\certstore\toBeAdded + in das Verzeichnis CATALINA_HOME\conf\moa-id\certs\certstore\toBeAdded. + +7. Hinzufügen der zusätzlichen Konfigurationsparameter in der + MOA-ID-Configuration Konfigurationsdatei + CATALINA_HOME\conf\moa-id-configuration\moa-id-configtool.properties + a.) dbcp.validationQuery=..... (SQL Query zum Validieren der + Datenbankverbindung + z.B: "SELECT 1" für mySQL + "select 1 from dual" für OracleDB) + +8. Hinzufügen der zusätzlichen Konfigurationsparameter in der MOA-ID-Auth + Konfigurationsdatei CATALINA_HOME\conf\moa-id\moa-id.properties + a.) configuration.dbcp.validationQuery=..... (SQL Query zum + Validieren der Datenbankverbindung + z.B: "SELECT 1" für mySQL + "select 1 from dual" für OracleDB) + +9. Update der Default html-Templates für die Bürgerkartenauswahl. + a.) Kopieren Sie die Dateien aus dem Verzeichnis MOA_ID_INST_AUTH\conf\moa-id\htmlTemplates + in das Verzeichnis CATALINA_HOME\conf\moa-id\htmlTemplates. + b.) Kopieren Sie die Dateien aus dem Verzeichnis MOA_ID_INST_AUTH\conf\moa-id-configuration\htmlTemplates + in das Verzeichnis CATALINA_HOME\conf\moa-id-configuration\htmlTemplates. + +10. Starten Sie den Tomcat neu, achten Sie auf eventuelle Fehlermeldungen im + Logging von MOA ID beim Einlesen der Konfiguration. + +............................................................................... +B.2 Durchführung eines Updates von Version 2.2.1 auf Version 3.1.0 +............................................................................... + +1. Stoppen Sie den Tomcat, in dem Ihre bisherige Installation betrieben wird. + Fertigen Sie eine Sicherungskopie Ihrer kompletten Tomcat-Installation an. + +2. Entpacken Sie die Distribution von MOA-ID-Auth (moa-id-auth-3.1.0.zip) in + ein temporäres Verzeichnis, in weiterer Folge als MOA_ID_AUTH_INST + bezeichnet. + +3. Wechseln Sie in jenes Verzeichnis, das die Webapplikation von MOA ID Auth + beinhaltet (für gewöhnlich ist dieses Verzeichnis CATALINA_HOME_ID/webapps, + wobei CATALINA_HOME_ID für das Basisverzeichnis der Tomcat-Installation + für MOA ID steht). Löschen Sie darin sowohl die Dateien moa-id-auth.war und + moa-id-configuration.war als auch das komplette Verzeichnis moa-id-auth + und das komplette Verzeichnis moa-id-configuration. + +4. Erstellen Sie eine Sicherungskopie aller "*.jar"-Dateien im Verzeichnis + CATALINA_HOME_ID\endorsed und loeschen Sie diese Dateien danach. + +5. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-auth.war nach + CATALINA_HOME_ID/webapps. + +6. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-configuration.war nach + CATALINA_HOME_ID/webapps. + +7. Update des Cert-Stores. + Kopieren Sie den Inhalt des Verzeichnisses + MOA_ID_INST_AUTH\conf\moa-spss\certstore in das Verzeichnis + CATALINA_HOME\conf\moa-spss\certstore. Wenn Sie gefragt werden, ob Sie + vorhandene Dateien oder Unterverzeichnisse überschreiben sollen, dann + bejahen sie das. + +8. Update der Trust-Profile. Wenn Sie Ihre alten Trust-Profile durch die Neuen ersetzen + wollen, dann gehen Sie vor, wie in Punkt a). Wenn Sie Ihre eigenen Trust-Profile + beibehalten wollen, dann gehen Sie vor, wie in Punkt b). + + a. Gehen Sie wie folgt vor, um die Trust-Profile auszutauschen: + + 1) Löschen Sie das Verzeichnis CATALINA_HOME\conf\moa-spss\trustprofiles. + 2) Kopieren Sie das Verzeichnis + MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles in das Verzeichnis + CATALINA_HOME\conf\moa-spss. + + b. Falls Sie Ihre alten Trust-Profile beibehalten wollen, gehen Sie wie + folgt vor, um die Profile auf den aktuellen Stand zu bringen: + + 1) Ergänzen Sie ihre Trustprofile durch alle Zertifikate aus den + entsprechenden Profilen im Verzeichnis + MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles, die nicht in Ihren + Profilen enthalten sind. Am einfachsten ist es, wenn Sie den Inhalt + der einzelnen Profile aus der Distribution + (MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles) in die entsprechenden + Profile Ihrer Installation (CATALINA_HOME\conf\moa-spss\trustProfiles) + kopieren und dabei die vorhandenen gleichnamigen Zertifikate + überschreiben), also z.B: Kopieren des Inhalts von + MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles\ + MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten nach + CATALINA_HOME\conf\moa-spss\trustProfiles\ + MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten usw. + +9. Update der Default html-Templates für die Bürgerkartenauswahl. + + a.) Kopieren Sie die Dateien aus dem Verzeichnis MOA_ID_INST_AUTH\conf\moa-id\htmlTemplates + in das Verzeichnis CATALINA_HOME\conf\moa-id\htmlTemplates. + b.) Kopieren Sie die Dateien aus dem Verzeichnis MOA_ID_INST_AUTH\conf\moa-id-configuration\htmlTemplates + in das Verzeichnis CATALINA_HOME\conf\moa-id-configuration\htmlTemplates. + +10. Update der STORK Konfiguration + a.) Kopieren Sie die Dateien aus dem Verzeichnis MOA_ID_INST_AUTH\conf\moa-id\stork + in das Verzeichnis CATALINA_HOME\conf\moa-id\stork. + b.) Passen Sie die STORK Konfiguration laut Handbuch -> Konfiguration -> + 2.4 Konfiguration des SamlEngines an. + +11. Hinzufügen der zusätzlichen Konfigurationsparameter in der MOA-ID-Auth Konfigurationsdatei + CATALINA_HOME\conf\moa-id\moa-id.properties + +12. Hinzufügen der zusätzlichen Konfigurationsparameter in der MOA-ID-Configration Konfigurationsdatei + CATALINA_HOME\conf\moa-id-configuration\moa-id-configtool.properties + +13. Hinzufügen der zusätzlichen Konfigurationsdatei in der MOA-ID-Configuration + CATALINA_HOME\conf\moa-id-configuration\userdatabase.properties + +14. Update der Tomcat Start-Skripts: + - Die Konfigurationsdateien für MOA-ID-Auth und MOA-ID-Configuration müssen + nur als URI (file:/...) übergeben werden. + +15. Starten Sie den Tomcat neu, achten Sie auf eventuelle Fehlermeldungen im + Logging von MOA ID beim Einlesen der Konfiguration. + + +............................................................................... +B.1 Durchführung eines Updates von Version 2.2.0 auf Version 2.2.1 +............................................................................... +1. Stoppen Sie den Tomcat, in dem Ihre bisherige Installation betrieben wird. + Fertigen Sie eine Sicherungskopie Ihrer kompletten Tomcat-Installation an. + +2. Entpacken Sie die Distribution von MOA-ID-Auth (moa-id-auth-2.2.1.zip) in + ein temporäres Verzeichnis, in weiterer Folge als MOA_ID_AUTH_INST + bezeichnet. + +3. Wechseln Sie in jenes Verzeichnis, das die Webapplikation von MOA ID Auth + beinhaltet (für gewöhnlich ist dieses Verzeichnis CATALINA_HOME_ID/webapps, + wobei CATALINA_HOME_ID für das Basisverzeichnis der Tomcat-Installation + für MOA ID steht). Löschen Sie darin sowohl die Dateien moa-id-auth.war und + moa-id-configuration.war als auch das komplette Verzeichnis moa-id-auth + und das komplette Verzeichnis moa-id-configuration. + +4. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-auth.war nach + CATALINA_HOME_ID/webapps. + +5. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-configuration.war nach + CATALINA_HOME_ID/webapps. + +6. Update des Cert-Stores. + Kopieren Sie den Inhalt des Verzeichnisses + MOA_ID_INST_AUTH\conf\moa-spss\certstore in das Verzeichnis + CATALINA_HOME\conf\moa-spss\certstore. Wenn Sie gefragt werden, ob Sie + vorhandene Dateien oder Unterverzeichnisse überschreiben sollen, dann + bejahen sie das. + +7. Update der Trust-Profile. Wenn Sie Ihre alten Trust-Profile durch die Neuen ersetzen + wollen, dann gehen Sie vor, wie in Punkt a). Wenn Sie Ihre eigenen Trust-Profile + beibehalten wollen, dann gehen Sie vor, wie in Punkt b). + + a. Gehen Sie wie folgt vor, um die Trust-Profile auszutauschen: + + 1) Löschen Sie das Verzeichnis CATALINA_HOME\conf\moa-spss\trustprofiles. + 2) Kopieren Sie das Verzeichnis + MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles in das Verzeichnis + CATALINA_HOME\conf\moa-spss. + + b. Falls Sie Ihre alten Trust-Profile beibehalten wollen, gehen Sie wie + folgt vor, um die Profile auf den aktuellen Stand zu bringen: + + 1) Ergänzen Sie ihre Trustprofile durch alle Zertifikate aus den + entsprechenden Profilen im Verzeichnis + MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles, die nicht in Ihren + Profilen enthalten sind. Am einfachsten ist es, wenn Sie den Inhalt + der einzelnen Profile aus der Distribution + (MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles) in die entsprechenden + Profile Ihrer Installation (CATALINA_HOME\conf\moa-spss\trustProfiles) + kopieren und dabei die vorhandenen gleichnamigen Zertifikate + überschreiben), also z.B: Kopieren des Inhalts von + MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles\ + MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten nach + CATALINA_HOME\conf\moa-spss\trustProfiles\ + MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten usw. + +8. Starten Sie den Tomcat neu, achten Sie auf eventuelle Fehlermeldungen im + Logging von MOA ID beim Einlesen der Konfiguration. + +............................................................................... +B.1 Durchführung eines Updates von Version 2.1.2 auf Version 2.2.0 +............................................................................... + 1. Stoppen Sie den Tomcat, in dem Ihre bisherige Installation betrieben wird. + Fertigen Sie eine Sicherungskopie Ihrer kompletten Tomcat-Installation an. + +2. Entpacken Sie die Distribution von MOA-ID-Auth (moa-id-auth-2.2.0.zip) in + ein temporäres Verzeichnis, in weiterer Folge als MOA_ID_AUTH_INST + bezeichnet. + +3. Wechseln Sie in jenes Verzeichnis, das die Webapplikation von MOA ID Auth + beinhaltet (für gewöhnlich ist dieses Verzeichnis CATALINA_HOME_ID/webapps, + wobei CATALINA_HOME_ID für das Basisverzeichnis der Tomcat-Installation + für MOA ID steht). Löschen Sie darin sowohl die Dateien moa-id-auth.war und + moa-id-configuration.war als auch das komplette Verzeichnis moa-id-auth + und das komplette Verzeichnis moa-id-configuration. + +4. Erstellen Sie eine Sicherungskopie aller "*.jar"-Dateien im Verzeichnis + CATALINA_HOME_ID\endorsed und loeschen Sie diese Dateien danach. + +6. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-auth.war nach + CATALINA_HOME_ID/webapps. + +7. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-configuration.war nach + CATALINA_HOME_ID/webapps. + +8. Kopieren der folgenden Dateien: + Sollte die Datei bereits vorhanden sein erstellen Sie ein Backup der + Datei bevor Sie diese durch die neue Version ersetzen. + a.) MOA_ID_AUTH_INST/conf/moa-id/stork/StorkSamlEngine_VIDP.xml -> + CATALINA_HOME/conf/moa-id/stork/StorkSamlEngine_VIDP.xml + b.) MOA_ID_AUTH_INST/conf/moa-id/stork/StorkSamlEngine_outgoing.xml -> + CATALINA_HOME/conf/moa-id/stork/StorkSamlEngine_outgoing.xml + +9. Dem STORK KeyStores unter MOA_ID_AUTH_INST/conf/moa-id/keys/storkDemoKeys.jks + (Passwort=local-demo) wurden neue vertrauenswürdige Zertifikate hinzugefügt. + Gleichen Sie bei Bedarf die Zertifikate dieses KeyStores mit Ihrem aktuell + verwendeten KeyStore ab. + +10. Update des Cert-Stores. + Kopieren Sie den Inhalt des Verzeichnisses + MOA_ID_INST_AUTH\conf\moa-spss\certstore in das Verzeichnis + CATALINA_HOME\conf\moa-spss\certstore. Wenn Sie gefragt werden, ob Sie + vorhandene Dateien oder Unterverzeichnisse überschreiben sollen, dann + bejahen sie das. + +11. Update der Trust-Profile. Wenn Sie Ihre alten Trust-Profile durch die Neuen ersetzen + wollen, dann gehen Sie vor, wie in Punkt a). Wenn Sie Ihre eigenen Trust-Profile + beibehalten wollen, dann gehen Sie vor, wie in Punkt b). + + a. Gehen Sie wie folgt vor, um die Trust-Profile auszutauschen: + + 1) Löschen Sie das Verzeichnis CATALINA_HOME\conf\moa-spss\trustprofiles. + 2) Kopieren Sie das Verzeichnis + MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles in das Verzeichnis + CATALINA_HOME\conf\moa-spss. + + b. Falls Sie Ihre alten Trust-Profile beibehalten wollen, gehen Sie wie + folgt vor, um die Profile auf den aktuellen Stand zu bringen: + + 1) Ergänzen Sie ihre Trustprofile durch alle Zertifikate aus den + entsprechenden Profilen im Verzeichnis + MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles, die nicht in Ihren + Profilen enthalten sind. Am einfachsten ist es, wenn Sie den Inhalt + der einzelnen Profile aus der Distribution + (MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles) in die entsprechenden + Profile Ihrer Installation (CATALINA_HOME\conf\moa-spss\trustProfiles) + kopieren und dabei die vorhandenen gleichnamigen Zertifikate + überschreiben), also z.B: Kopieren des Inhalts von + MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles\ + MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten nach + CATALINA_HOME\conf\moa-spss\trustProfiles\ + MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten usw. + + +12. Starten Sie den Tomcat neu, achten Sie auf eventuelle Fehlermeldungen im + Logging von MOA ID beim Einlesen der Konfiguration. + +............................................................................... +B.2 Durchführung eines Updates von Version 2.1.1 auf Version 2.1.2 +............................................................................... + 1. Stoppen Sie den Tomcat, in dem Ihre bisherige Installation betrieben wird. + Fertigen Sie eine Sicherungskopie Ihrer kompletten Tomcat-Installation an. + +2. Entpacken Sie die Distribution von MOA-ID-Auth (moa-id-auth-2.1.2.zip) in + ein temporäres Verzeichnis, in weiterer Folge als MOA_ID_AUTH_INST + bezeichnet. + +3. Wechseln Sie in jenes Verzeichnis, das die Webapplikation von MOA ID Auth + beinhaltet (für gewöhnlich ist dieses Verzeichnis CATALINA_HOME_ID/webapps, + wobei CATALINA_HOME_ID für das Basisverzeichnis der Tomcat-Installation + für MOA ID steht). Löschen Sie darin sowohl die Dateien moa-id-auth.war und + moa-id-configuration.war als auch das komplette Verzeichnis moa-id-auth + und das komplette Verzeichnis moa-id-configuration. + +4. Erstellen Sie eine Sicherungskopie aller "*.jar"-Dateien im Verzeichnis + CATALINA_HOME_ID\endorsed und loeschen Sie diese Dateien danach. + +5. Kopieren Sie alle Dateien aus dem Verzeichnis MOA_ID_AUTH_INST\endorsed in das + Verzeichnis CATALINA_HOME_ID\endorsed + +6. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-auth.war nach + CATALINA_HOME_ID/webapps. + +7. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-configuration.war nach + CATALINA_HOME_ID/webapps. + +8. Kopieren der folgenden Dateien + a.) MOA_ID_AUTH_INST/conf/moa-id/stork/StorkSamlEngine_VIDP.xml -> + CATALINA_HOME/conf/moa-id/stork/StorkSamlEngine_VIDP.xml + Sollte die Datei bereits vorhanden sein erstellen Sie ein Backup der + Datei slo_template.html bevor Sie diese durch die neue Version ersetzen. + +9. Dem STORK KeyStores unter MOA_ID_AUTH_INST/conf/moa-id/keys/storkDemoKeys.jks + (Passwort=local-demo) wurden neue vertrauenswürdige Zertifikate hinzugefügt. + Gleichen Sie bei Bedarf die Zertifikate dieses KeyStores mit Ihrem aktuell + verwendeten KeyStore ab. + +10. Starten Sie den Tomcat neu, achten Sie auf eventuelle Fehlermeldungen im + Logging von MOA ID beim Einlesen der Konfiguration. + + +............................................................................... +B.3 Durchführung eines Updates von Version 2.1.0 auf Version 2.1.1 +............................................................................... + 1. Stoppen Sie den Tomcat, in dem Ihre bisherige Installation betrieben wird. + Fertigen Sie eine Sicherungskopie Ihrer kompletten Tomcat-Installation an. + +2. Entpacken Sie die Distribution von MOA-ID-Auth (moa-id-auth-2.1.0.zip) in + ein temporäres Verzeichnis, in weiterer Folge als MOA_ID_AUTH_INST + bezeichnet. + +3. Erstellen Sie eine Sicherungskopie aller "iaik*.jar"-Dateien im Verzeichnis + JAVA_HOME\jre\lib\ext und loeschen Sie diese Dateien danach. + +4. Kopieren Sie alle Dateien aus dem Verzeichnis MOA_ID_AUTH_INST\ext in das + Verzeichnis JAVA_HOME\jre\lib\ext (Achtung: Java 1.4.x wird nicht mehr + unterstuetzt). + +5. Wechseln Sie in jenes Verzeichnis, das die Webapplikation von MOA ID Auth + beinhaltet (für gewöhnlich ist dieses Verzeichnis CATALINA_HOME_ID/webapps, + wobei CATALINA_HOME_ID für das Basisverzeichnis der Tomcat-Installation + für MOA ID steht). Löschen Sie darin sowohl die Datei moa-id-auth.war als + auch das komplette Verzeichnis moa-id-auth. + +6. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-auth.war nach + CATALINA_HOME_ID/webapps. + +7. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-configuration.war nach + CATALINA_HOME_ID/webapps. + +8. Hinzufügen der zusätzlichen Konfigurationsparameter in der + MOA-ID-Configuration Konfigurationsdatei + CATALINA_HOME\conf\moa-id-configuration\moa-id-configtool.properties + a.) general.moaconfig.key=..... (Passwort zum Ver- und + Entschlüsseln von Konfigurationsparametern in der Datenbank) + +9. Hinzufügen der zusätzlichen Konfigurationsparameter in der MOA-ID-Auth + Konfigurationsdatei CATALINA_HOME\conf\moa-id\moa-id.properties + a.) configuration.moaconfig.key=..... (Passwort zum Ver- und + Entschlüsseln von Konfigurationsparametern in der Datenbank) + +10. Kopieren der folgenden Dateien + a.) MOA_ID_AUTH_INST/conf/moa-id/htmlTemplates/slo_template.html -> + CATALINA_HOME/conf/moa-id/htmlTemplates/slo_template.html + Sollte die Datei bereits vorhanden sein erstellen Sie ein Backup der + Datei slo_template.html bevor Sie diese durch die neue Version ersetzen. + +11. Update des Cert-Stores. + Kopieren Sie den Inhalt des Verzeichnisses + MOA_ID_INST_AUTH\conf\moa-spss\certstore in das Verzeichnis + CATALINA_HOME\conf\moa-spss\certstore. Wenn Sie gefragt werden, ob Sie + vorhandene Dateien oder Unterverzeichnisse überschreiben sollen, dann + bejahen sie das. + +12. Update der Trust-Profile. Wenn Sie Ihre alten Trust-Profile durch die Neuen ersetzen + wollen, dann gehen Sie vor, wie in Punkt a). Wenn Sie Ihre eigenen Trust-Profile + beibehalten wollen, dann gehen Sie vor, wie in Punkt b). + + a. Gehen Sie wie folgt vor, um die Trust-Profile auszutauschen: + + 1) Löschen Sie das Verzeichnis CATALINA_HOME\conf\moa-spss\trustprofiles. + 2) Kopieren Sie das Verzeichnis + MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles in das Verzeichnis + CATALINA_HOME\conf\moa-spss. + + b. Falls Sie Ihre alten Trust-Profile beibehalten wollen, gehen Sie wie + folgt vor, um die Profile auf den aktuellen Stand zu bringen: + + 1) Ergänzen Sie ihre Trustprofile durch alle Zertifikate aus den + entsprechenden Profilen im Verzeichnis + MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles, die nicht in Ihren + Profilen enthalten sind. Am einfachsten ist es, wenn Sie den Inhalt + der einzelnen Profile aus der Distribution + (MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles) in die entsprechenden + Profile Ihrer Installation (CATALINA_HOME\conf\moa-spss\trustProfiles) + kopieren und dabei die vorhandenen gleichnamigen Zertifikate + überschreiben), also z.B: Kopieren des Inhalts von + MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles\ + MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten nach + CATALINA_HOME\conf\moa-spss\trustProfiles\ + MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten usw. + +13. Starten Sie den Tomcat neu, achten Sie auf eventuelle Fehlermeldungen im + Logging von MOA ID beim Einlesen der Konfiguration. + + +............................................................................... +B.4 Durchführung eines Updates von Version 2.0.1 auf Version 2.1.0 +............................................................................... + 1. Stoppen Sie den Tomcat, in dem Ihre bisherige Installation betrieben wird. + Fertigen Sie eine Sicherungskopie Ihrer kompletten Tomcat-Installation an. + +2. Entpacken Sie die Distribution von MOA-ID-Auth (moa-id-auth-2.1.0.zip) in + ein temporäres Verzeichnis, in weiterer Folge als MOA_ID_AUTH_INST + bezeichnet. + +3. Wechseln Sie in jenes Verzeichnis, das die Webapplikation von MOA ID Auth + beinhaltet (für gewöhnlich ist dieses Verzeichnis CATALINA_HOME_ID/webapps, + wobei CATALINA_HOME_ID für das Basisverzeichnis der Tomcat-Installation + für MOA ID steht). Löschen Sie darin sowohl die Datei moa-id-auth.war als + auch das komplette Verzeichnis moa-id-auth. + +4. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-auth.war nach + CATALINA_HOME_ID/webapps. + +5. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-configuration.war nach + CATALINA_HOME_ID/webapps. + +6. Update der STORK Konfiguration + a.) Kopieren Sie die Dateien aus dem Verzeichnis MOA_ID_INST_AUTH\conf\moa-id\stork + in das Verzeichnis CATALINA_HOME\conf\moa-id\stork. + b.) Passen Sie die STORK Konfiguration laut Handbuch -> Konfiguration -> + 2.4 Konfiguration des SamlEngines an. + +7. Hinzufügen der zusätzlichen Konfigurationsparameter in der MOA-ID-Configuration Konfigurationsdatei + CATALINA_HOME\conf\moa-id-configuration\moa-id-configtool.properties + a.) general.ssl.certstore=certs/certstore + b.) general.ssl.truststore=certs/truststore + +8. Kopieren des folgenden zusätzlichen Ordners MOA_ID_AUTH_INST/conf/moa-id-configuration/certs + nach CATALINA_HOME\conf\moa-id-configuration\ + +9. Hinzufügen der zusätzlichen Konfigurationsparameter in der MOA-ID-Auth Konfigurationsdatei + CATALINA_HOME\conf\moa-id\moa-id.properties und Anpassung an das zu verwendeten Schlüsselpaar. + a.) protocols.pvp2.idp.ks.assertion.encryption.alias=pvp_assertion + protocols.pvp2.idp.ks.assertion.encryption.keypassword=password + +10. Kopieren der folgenden zusätzlichen Ordner aus MOA_ID_AUTH_INST/conf/moa-id/ + nach CATALINA_HOME\conf\moa-id\ + a.) MOA_ID_AUTH_INST/conf/moa-id/SLTemplates -> CATALINA_HOME\conf\moa-id\ + b.) MOA_ID_AUTH_INST/conf/moa-id/htmlTemplates/slo_template.html -> + CATALINA_HOME/conf/moa-id/htmlTemplates/slo_template.html + +11. Neuinitialisieren des Datenbank Schema für die MOA-Session. Hierfür stehen + zwei Varianten zur Verfügung. + a.) Ändern Sie in der Konfigurationsdatei für das Modul MOA-ID-Auth + CATALINA_HOME\conf\moa-id\moa-id.properties die Zeile + moasession.hibernate.hbm2ddl.auto=update + zu + moasession.hibernate.hbm2ddl.auto=create + Danach werden die Tabellen beim nächsten Startvorgang neu generiert. + + b.) Löschen Sie alle Tabellen aus dem Datenbank Schema für die MOA-Sessixson + Informationen per Hand. Alle Tabellen werden beim nächsten Start autmatisch neu generiert. + +12 . Starten Sie den Tomcat neu, achten Sie auf eventuelle Fehlermeldungen im + Logging von MOA ID beim Einlesen der Konfiguration. + + +............................................................................... +B.5 Durchführung eines Updates von Version 2.0-RC1 auf Version 2.0.1 +............................................................................... + +1. Stoppen Sie den Tomcat, in dem Ihre bisherige Installation betrieben wird. + Fertigen Sie eine Sicherungskopie Ihrer kompletten Tomcat-Installation an. + +2. Entpacken Sie die Distribution von MOA-ID-Auth (moa-id-auth-2.0.1.zip) in + ein temporäres Verzeichnis, in weiterer Folge als MOA_ID_AUTH_INST + bezeichnet. + Für MOA ID Proxy: + Entpacken Sie die Distribution von MOA-ID-Proxy (moa-id-proxy-2.0.1.zip) in + ein temporäres Verzeichnis, in weiterer Folge als MOA_ID_PROXY_INST + bezeichnet. + +3. Wechseln Sie in jenes Verzeichnis, das die Webapplikation von MOA ID Auth + beinhaltet (für gewöhnlich ist dieses Verzeichnis CATALINA_HOME_ID/webapps, + wobei CATALINA_HOME_ID für das Basisverzeichnis der Tomcat-Installation + für MOA ID steht). Löschen Sie darin sowohl die Datei moa-id-auth.war als + auch das komplette Verzeichnis moa-id-auth. + +4. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-auth.war nach + CATALINA_HOME_ID/webapps. + +5. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-configuration.war nach + CATALINA_HOME_ID/webapps. + +6. Update des Cert-Stores. + Kopieren Sie den Inhalt des Verzeichnisses + MOA_ID_INST_AUTH\conf\moa-spss\certstore in das Verzeichnis + CATALINA_HOME\conf\moa-spss\certstore. Wenn Sie gefragt werden, ob Sie + vorhandene Dateien oder Unterverzeichnisse überschreiben sollen, dann + bejahen sie das. + +7. Update der Trust-Profile. Wenn Sie Ihre alten Trust-Profile durch die Neuen ersetzen + wollen, dann gehen Sie vor, wie in Punkt a). Wenn Sie Ihre eigenen Trust-Profile + beibehalten wollen, dann gehen Sie vor, wie in Punkt b). + + a. Gehen Sie wie folgt vor, um die Trust-Profile auszutauschen: + + 1) Löschen Sie das Verzeichnis CATALINA_HOME\conf\moa-spss\trustprofiles. + 2) Kopieren Sie das Verzeichnis + MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles in das Verzeichnis + CATALINA_HOME\conf\moa-spss. + + b. Falls Sie Ihre alten Trust-Profile beibehalten wollen, gehen Sie wie + folgt vor, um die Profile auf den aktuellen Stand zu bringen: + + 1) Ergänzen Sie ihre Trustprofile durch alle Zertifikate aus den + entsprechenden Profilen im Verzeichnis + MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles, die nicht in Ihren + Profilen enthalten sind. Am einfachsten ist es, wenn Sie den Inhalt + der einzelnen Profile aus der Distribution + (MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles) in die entsprechenden + Profile Ihrer Installation (CATALINA_HOME\conf\moa-spss\trustProfiles) + kopieren und dabei die vorhandenen gleichnamigen Zertifikate + überschreiben), also z.B: Kopieren des Inhalts von + MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles\ + MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten nach + CATALINA_HOME\conf\moa-spss\trustProfiles\ + MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten usw. + +8. Update der Default html-Templates für die Bürgerkartenauswahl. + + a.) Kopieren Sie die Dateien aus dem Verzeichnis MOA_ID_INST_AUTH\conf\moa-id\htmlTemplates + in das Verzeichnis CATALINA_HOME\conf\moa-id\htmlTemplates. + b.) Kopieren Sie die Dateien aus dem Verzeichnis MOA_ID_INST_AUTH\conf\moa-id-configuration\htmlTemplates + in das Verzeichnis CATALINA_HOME\conf\moa-id-configuration\htmlTemplates. + +9. Update der STORK Konfiguration + a.) Kopieren Sie die Dateien aus dem Verzeichnis MOA_ID_INST_AUTH\conf\moa-id\stork + in das Verzeichnis CATALINA_HOME\conf\moa-id\stork. + b.) Passen Sie die STORK Konfiguration laut Handbuch -> Konfiguration -> + 2.4 Konfiguration des SamlEngines an. + +10. Hinzufügen der zusätzlichen Konfigurationsparameter in der MOA-ID-Auth Konfigurationsdatei + CATALINA_HOME\conf\moa-id\moa-id.properties + + a.) configuration.validation.certificate.QC.ignore=false + b.) protocols.pvp2.assertion.encryption.active=false + +11. Starten Sie den Tomcat neu, achten Sie auf eventuelle Fehlermeldungen im + Logging von MOA ID beim Einlesen der Konfiguration. + + +............................................................................... +B.6 Durchführung eines Updates von Version <= 1.5.1 +............................................................................... + +Bitte führen Sie eine Neuinstallation von MOA ID laut Handbuch durch und passen +Sie die mitgelieferte Musterkonfiguration entsprechend Ihren Bedürfnissen unter +Zuhilfenahme Ihrer bisherigen Konfiguration an. + diff --git a/id/server/auth/pom.xml b/id/server/auth/pom.xml index 53aab2f9e..806e7843c 100644 --- a/id/server/auth/pom.xml +++ b/id/server/auth/pom.xml @@ -202,6 +202,12 @@ <artifactId>xalan</artifactId> <!-- should be provided by the container or jre --> <scope>provided</scope> + <exclusions> + <exclusion> + <groupId>xalan</groupId> + <artifactId>serializer</artifactId> + </exclusion> + </exclusions> </dependency> <dependency> <groupId>xerces</groupId> diff --git a/id/server/auth/src/main/webapp/index.html b/id/server/auth/src/main/webapp/index.html index 18cb15437..d2e7d1e1b 100644 --- a/id/server/auth/src/main/webapp/index.html +++ b/id/server/auth/src/main/webapp/index.html @@ -2,7 +2,7 @@ <html> <head> <meta http-equiv="content-type" content="text/html; charset=utf8" > - <title>MOA-ID 3.0.x</title> + <title>MOA-ID 3.1.x</title> <link rel="stylesheet" href="./common/main.css" type="text/css"> <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1"> <link href='https://fonts.googleapis.com/css?family=Roboto:300,400' rel='stylesheet' type='text/css'> diff --git a/id/server/data/deploy/conf/moa-id-configuration/htmlTemplates/loginFormFull.html b/id/server/data/deploy/conf/moa-id-configuration/htmlTemplates/loginFormFull.html index a29b1d7bb..2b0115d4a 100644 --- a/id/server/data/deploy/conf/moa-id-configuration/htmlTemplates/loginFormFull.html +++ b/id/server/data/deploy/conf/moa-id-configuration/htmlTemplates/loginFormFull.html @@ -405,7 +405,7 @@ #bkulogin { min-width: 190px; - min-height: 155px; + min-height: 170px; } .setAssertionButton_full { @@ -616,6 +616,12 @@ top: 40px; } + + #ssoSessionTransferBlock { + font-size: 0.8em; + margin-left: 5px; + margin-bottom: 5px; + } </style> <!-- MOA-ID 2.x BKUSelection JavaScript fucnctions--> @@ -656,7 +662,6 @@ if (isMetro()) document.getElementById("metroDetected").style.display="block"; document.getElementById("localBKU").style.display="block"; - document.getElementById("bkuButtonOnlineId").disabled = "true"; /* if (checkMandateSSO()) return; */ @@ -673,7 +678,6 @@ generateIFrame(iFrameURL); } function bkuHandyClicked() { - document.getElementById("bkuButtonHandyId").disabled = "true"; document.getElementById("localBKU").style.display="none"; /* if (checkMandateSSO()) return; */ @@ -836,7 +840,7 @@ <h2 id="tabheader" class="dunkel" role="heading">#HEADER_TEXT#</h2> </div> <div id="bkulogin" class="hell" role="form"> - <div id="mandateLogin" style=""> + <div id="mandateLogin" style="#MANDATEVISIBLE#"> <div> <input tabindex="1" type="checkbox" name="Mandate" id="mandateCheckBox" class="verticalcenter" role="checkbox" @@ -854,15 +858,13 @@ <img id="bkuimage" class="bkuimage" src="#CONTEXTPATH#/img/online-bku.png" alt="OnlineBKU" /> <input name="bkuButtonOnline" type="button" onClick="bkuOnlineClicked();" tabindex="2" role="button" - value="Karte" - id="bkuButtonOnlineId"/> + value="Karte" /> </div> <div id="bkuhandy"> <img class="bkuimage" src="#CONTEXTPATH#/img/mobile-bku.png" alt="HandyBKU" /> <input name="bkuButtonHandy" type="button" onClick="bkuHandyClicked();" tabindex="3" role="button" - value="HANDY" - id="bkuButtonHandyId"/> + value="HANDY" /> </div> </div> <div id="localBKU"> @@ -871,19 +873,20 @@ <input type="hidden" name="bkuURI" value="#LOCAL#"> <input type="hidden" name="useMandate" id="useMandate"> <input type="hidden" name="SSO" id="useSSO"> <input - type="hidden" name="CCC" id="ccc"> <input type="hidden" + type="hidden" name="ccc" id="ccc"> <input type="hidden" name="MODUL" value="#MODUL#"> <input type="hidden" name="ACTION" value="#ACTION#"> <input type="hidden" name="MOASessionID" value="#SESSIONID#"> <input type="submit" value=" Lokale Bürgerkartenumgebung " tabindex="4" - role="button" onclick="setMandateSelection();" - > - <!--p> - <small>Alternativ können Sie eine lokal installierte BKU verwenden.</small> - </p--> - </form> + role="button" onclick="setMandateSelection();"> + </form> </div> + <!-- Single Sign-On Session transfer functionality --> + <!--div id="ssoSessionTransferBlock"> + <a href="#AUTH_URL#?MOASessionID=#SESSIONID#&restoreSSOSession=true">>Restore SSO Session from Smartphone</a> + </div--> + <div id="stork" align="center" style="#STORKVISIBLE#"> <h2 id="tabheader" class="dunkel">Home Country Selection</h2> <p> @@ -904,7 +907,7 @@ </div> </div> </div> - <div id="validation"> + <!--div id="validation"> <a href="http://validator.w3.org/check?uri="> <img style="border: 0; width: 88px; height: 31px" src="#CONTEXTPATH#/img/valid-html5-blue.png" alt="HTML5 ist valide!" /> @@ -913,7 +916,7 @@ src="http://jigsaw.w3.org/css-validator/images/vcss-blue" alt="CSS ist valide!" /> </a> - </div> + </div--> </div> </body> </html> diff --git a/id/server/data/deploy/conf/moa-id-configuration/htmlTemplates/sendAssertionFormFull.html b/id/server/data/deploy/conf/moa-id-configuration/htmlTemplates/sendAssertionFormFull.html index 1a3e683de..07d018a94 100644 --- a/id/server/data/deploy/conf/moa-id-configuration/htmlTemplates/sendAssertionFormFull.html +++ b/id/server/data/deploy/conf/moa-id-configuration/htmlTemplates/sendAssertionFormFull.html @@ -600,7 +600,7 @@ </div> </div> </div> - <div id="validation"> + <!--div id="validation"> <a href="http://validator.w3.org/check?uri="> <img style="border:0;width:88px;height:31px" src="#CONTEXTPATH#/img/valid-html5-blue.png" @@ -608,10 +608,10 @@ </a> <a href="http://jigsaw.w3.org/css-validator/"> <img style="border:0;width:88px;height:31px" - src="https://jigsaw.w3.org/css-validator/images/vcss-blue" + src="http://jigsaw.w3.org/css-validator/images/vcss-blue" alt="CSS ist valide!" /> </a> - </div> + </div--> </div> </body> </html> diff --git a/id/server/data/deploy/conf/moa-id/htmlTemplates/loginFormFull.html b/id/server/data/deploy/conf/moa-id/htmlTemplates/loginFormFull.html index a29b1d7bb..2b0115d4a 100644 --- a/id/server/data/deploy/conf/moa-id/htmlTemplates/loginFormFull.html +++ b/id/server/data/deploy/conf/moa-id/htmlTemplates/loginFormFull.html @@ -405,7 +405,7 @@ #bkulogin { min-width: 190px; - min-height: 155px; + min-height: 170px; } .setAssertionButton_full { @@ -616,6 +616,12 @@ top: 40px; } + + #ssoSessionTransferBlock { + font-size: 0.8em; + margin-left: 5px; + margin-bottom: 5px; + } </style> <!-- MOA-ID 2.x BKUSelection JavaScript fucnctions--> @@ -656,7 +662,6 @@ if (isMetro()) document.getElementById("metroDetected").style.display="block"; document.getElementById("localBKU").style.display="block"; - document.getElementById("bkuButtonOnlineId").disabled = "true"; /* if (checkMandateSSO()) return; */ @@ -673,7 +678,6 @@ generateIFrame(iFrameURL); } function bkuHandyClicked() { - document.getElementById("bkuButtonHandyId").disabled = "true"; document.getElementById("localBKU").style.display="none"; /* if (checkMandateSSO()) return; */ @@ -836,7 +840,7 @@ <h2 id="tabheader" class="dunkel" role="heading">#HEADER_TEXT#</h2> </div> <div id="bkulogin" class="hell" role="form"> - <div id="mandateLogin" style=""> + <div id="mandateLogin" style="#MANDATEVISIBLE#"> <div> <input tabindex="1" type="checkbox" name="Mandate" id="mandateCheckBox" class="verticalcenter" role="checkbox" @@ -854,15 +858,13 @@ <img id="bkuimage" class="bkuimage" src="#CONTEXTPATH#/img/online-bku.png" alt="OnlineBKU" /> <input name="bkuButtonOnline" type="button" onClick="bkuOnlineClicked();" tabindex="2" role="button" - value="Karte" - id="bkuButtonOnlineId"/> + value="Karte" /> </div> <div id="bkuhandy"> <img class="bkuimage" src="#CONTEXTPATH#/img/mobile-bku.png" alt="HandyBKU" /> <input name="bkuButtonHandy" type="button" onClick="bkuHandyClicked();" tabindex="3" role="button" - value="HANDY" - id="bkuButtonHandyId"/> + value="HANDY" /> </div> </div> <div id="localBKU"> @@ -871,19 +873,20 @@ <input type="hidden" name="bkuURI" value="#LOCAL#"> <input type="hidden" name="useMandate" id="useMandate"> <input type="hidden" name="SSO" id="useSSO"> <input - type="hidden" name="CCC" id="ccc"> <input type="hidden" + type="hidden" name="ccc" id="ccc"> <input type="hidden" name="MODUL" value="#MODUL#"> <input type="hidden" name="ACTION" value="#ACTION#"> <input type="hidden" name="MOASessionID" value="#SESSIONID#"> <input type="submit" value=" Lokale Bürgerkartenumgebung " tabindex="4" - role="button" onclick="setMandateSelection();" - > - <!--p> - <small>Alternativ können Sie eine lokal installierte BKU verwenden.</small> - </p--> - </form> + role="button" onclick="setMandateSelection();"> + </form> </div> + <!-- Single Sign-On Session transfer functionality --> + <!--div id="ssoSessionTransferBlock"> + <a href="#AUTH_URL#?MOASessionID=#SESSIONID#&restoreSSOSession=true">>Restore SSO Session from Smartphone</a> + </div--> + <div id="stork" align="center" style="#STORKVISIBLE#"> <h2 id="tabheader" class="dunkel">Home Country Selection</h2> <p> @@ -904,7 +907,7 @@ </div> </div> </div> - <div id="validation"> + <!--div id="validation"> <a href="http://validator.w3.org/check?uri="> <img style="border: 0; width: 88px; height: 31px" src="#CONTEXTPATH#/img/valid-html5-blue.png" alt="HTML5 ist valide!" /> @@ -913,7 +916,7 @@ src="http://jigsaw.w3.org/css-validator/images/vcss-blue" alt="CSS ist valide!" /> </a> - </div> + </div--> </div> </body> </html> diff --git a/id/server/data/deploy/conf/moa-id/htmlTemplates/sendAssertionFormFull.html b/id/server/data/deploy/conf/moa-id/htmlTemplates/sendAssertionFormFull.html index 1a3e683de..07d018a94 100644 --- a/id/server/data/deploy/conf/moa-id/htmlTemplates/sendAssertionFormFull.html +++ b/id/server/data/deploy/conf/moa-id/htmlTemplates/sendAssertionFormFull.html @@ -600,7 +600,7 @@ </div> </div> </div> - <div id="validation"> + <!--div id="validation"> <a href="http://validator.w3.org/check?uri="> <img style="border:0;width:88px;height:31px" src="#CONTEXTPATH#/img/valid-html5-blue.png" @@ -608,10 +608,10 @@ </a> <a href="http://jigsaw.w3.org/css-validator/"> <img style="border:0;width:88px;height:31px" - src="https://jigsaw.w3.org/css-validator/images/vcss-blue" + src="http://jigsaw.w3.org/css-validator/images/vcss-blue" alt="CSS ist valide!" /> </a> - </div> + </div--> </div> </body> </html> diff --git a/id/server/data/deploy/conf/moa-id/htmlTemplates/slo_template.html b/id/server/data/deploy/conf/moa-id/htmlTemplates/slo_template.html index 9a621998c..a9d73e0d3 100644 --- a/id/server/data/deploy/conf/moa-id/htmlTemplates/slo_template.html +++ b/id/server/data/deploy/conf/moa-id/htmlTemplates/slo_template.html @@ -444,16 +444,16 @@ </div> </div> </div> - <div id="validation"> + <!--div id="validation"> <a href="http://validator.w3.org/check?uri="> <img style="border: 0; width: 88px; height: 31px" src="$contextpath/img/valid-html5-blue.png" alt="HTML5 ist valide!" /> </a> <a href="http://jigsaw.w3.org/css-validator/"> <img style="border: 0; width: 88px; height: 31px" - src="https://jigsaw.w3.org/css-validator/images/vcss-blue" + src="http://jigsaw.w3.org/css-validator/images/vcss-blue" alt="CSS ist valide!" /> </a> - </div> + </div--> </div> diff --git a/id/server/data/deploy/tomcat/unix/tomcat-start.sh b/id/server/data/deploy/tomcat/unix/tomcat-start.sh index e0aaae973..f6ae86540 100644 --- a/id/server/data/deploy/tomcat/unix/tomcat-start.sh +++ b/id/server/data/deploy/tomcat/unix/tomcat-start.sh @@ -10,7 +10,7 @@ LOGGING_LOGBACK_OPT=-Dlogback.configurationFile=$CATALINA_BASE/conf/moa-id/logba CONFIG_OPT=-Dmoa.id.configuration=$CATALINA_BASE/conf/moa-id/moa-id.properties
SPSS_OPT=-Dmoa.spss.server.configuration=file:$CATALINA_BASE/conf/moa-spss/SampleMOASPSSConfiguration.xml
CONFIGTOOL_OPT=-Dmoa.id.webconfig=file:$CATALINA_BASE/conf/moa-id-configuration/moa-id-configtool.properties
-CONFIGTOOL_USER_OPT=-Duser.properties=":$CATALINA_BASE/conf/moa-id-configuration/userdatabase.properties"
+CONFIGTOOL_USER_OPT=-Duser.properties=$CATALINA_BASE/conf/moa-id-configuration/userdatabase.properties
DEMOOA_OPT=-Dmoa.id.demoOA=$CATALINA_BASE/conf/moa-id-oa/oa.properties
STORK_OPT=-Deu.stork.samlengine.config.location=$CATALINA_BASE/conf/moa-id/stork/
diff --git a/id/server/data/deploy/tomcat/win32/startTomcat.bat b/id/server/data/deploy/tomcat/win32/startTomcat.bat index b45a72ace..325ae1f20 100644 --- a/id/server/data/deploy/tomcat/win32/startTomcat.bat +++ b/id/server/data/deploy/tomcat/win32/startTomcat.bat @@ -15,7 +15,7 @@ set LOGGING_LOGBACK_OPT=-Dlogback.configurationFile=%CATALINA_HOME%/conf/moa-id/ set CONFIG_OPT_SPSS=-Dmoa.spss.server.configuration=%CATALINA_HOME%/conf/moa-spss/SampleMOASPSSConfiguration.xml
set CONFIG_OPT_ID=-Dmoa.id.configuration=file:%CATALINA_HOME%/conf/moa-id/moa-id.properties
set CONFIGTOOL_OPT=-Dmoa.id.webconfig=file:%CATALINA_HOME%/conf/moa-id-configuration/moa-id-configtool.properties
-set CONFIGTOOL_USER_OPT=-Duser.properties=":$CATALINA_BASE/conf/moa-id-configuration/userdatabase.properties"
+set CONFIGTOOL_USER_OPT=-Duser.properties=$CATALINA_BASE/conf/moa-id-configuration/userdatabase.properties
set DEMOOA_OPT=-Dmoa.id.demoOA=%CATALINA_HOME%/conf/moa-id-oa/oa.properties
set STORK_OPT=-Deu.stork.samlengine.config.location=%CATALINA_HOME%/conf/moa-id/stork/
set PROXY_OPT=-Dmoa.id.proxy.configuration=%CATALINA_HOME%/conf/moa-id-proxy/MOAIDConfiguration.xml
diff --git a/id/server/doc/handbook/config/config.html b/id/server/doc/handbook/config/config.html index 4eb5ea2ba..b373fb83d 100644 --- a/id/server/doc/handbook/config/config.html +++ b/id/server/doc/handbook/config/config.html @@ -1002,11 +1002,20 @@ https://<host>:<port>/moa-id-auth/MonitoringServlet</pre> <th>Beschreibung</th> </tr> <tr> - <td><span id="wwlbl_loadGeneralConfig_moaconfig_ssoPublicUrl2">Public URL Prefix</span></td> + <td>Public URL Prefix</td> <td>https://demo.egiz.gv.at/moa-id-auth/</td> - <td>URL-Prefix der MOA-ID Instanz. Diese URL wird für die automatische Generierung von Formularen und Informationen verwendet und MUSS konfiguriert werden.</td> + <td><p>URL-Prefix der MOA-ID Instanz. Diese URL wird für die automatische Generierung von Formularen und Informationen verwendet und MUSS konfiguriert werden.</p> + <p><strong>Hinweis:</strong> Wenn virtuelle IDPs aktiviert sind muss hier für jede virtuelle MOA-ID Instanz, der Public URL Prefix als Comma Separatet Value (CSV) eingetragen werden. <br> + (z.B.: https://demo.egiz.gv.at/moa-id-auth/,https://apps.egiz.gv.at/moa-id-auth/)</p></td> + </tr> + <tr> + <td>Virtuelle IDPs aktiviere</td> + <td> </td> + <td><p>Mit dieser Option können für diese MOA-ID Instanz mehrere virtuelle MOA-ID Instanzen, welche unter schiedenen Domains erreichbar sind aktiviert werden. Der Public URL-Prefix jeder virtuellen MOA-ID Instanz muss als Comma Separatet Value (CSV) im Konfigurationsfeld 'Public URL Prefix' angegeben werden.</p> + <p><strong>Hinweis:</strong> Single Sign-On (SSO) und Single LogOut (SLO) zwischen unterschiedlichen virtuellen IDPs ist NICHT möglich, da die Auslieferung des SSO http-Cookies durch die "Same Origin Policy" des Browers unterbunden wird.</p></td> </tr> </table> +<p> </p> <h4><a name="konfigurationsparameter_allgemein_bku" id="konfigurationsparameter_allgemein_bku"></a>3.1.2 Default BKUs</h4> <p>Hiermit werden die URLs zu den Default Bürgerkartenumgebungen (BKUs) definiert die von MOA-ID-Auth für einen Anmeldevorgang verwendet werden, wenn die Bürgerkartenauswahl nicht bereits auf Seiten der Online-Applikation erfolgt ist (siehe <a href="./../protocol/protocol.html#allgemeines_legacy">Legacy Request</a>) oder in der Online-Applikationskonfiguration keine BKU URLs konfiguriert wurden (siehe <a href="#konfigurationsparameter_oa_bku">Kapitel 3.2.2</a>).</p> <table class="configtable"> @@ -1189,7 +1198,8 @@ Checking</td> </li> <li><strong>Privatwirtschaftlicher Bereich:</strong><strong></strong> Die MOA-ID-Auth Instanz ist einem privatwirtschaftlichen Bereich für SSO zugeordnet, steht SSO nur eingeschränkt zur Verfügung. Da laut E-Governmentgesetz die Errechnung eines wbPK aus der Stammzahl nicht beim Auftraggeber eines privaten Bereichs durchgeführt werden darf (vgl. E-Government Gesetz §12(1).4), und deshalb an die Bürgerkartenumgebung ausgelagert werden muss. In diesem Fall sind Anmeldungen mittels SSO nur für jenen privatwirtschaftlichen Bereich möglich dem auch der SSO Bereich zugeordnet wurde. </li> -</ol> + </ol> +<p><strong>Hinweis:</strong> Single Sign-On (SSO) und Single LogOut (SLO) ist zwischen virtellen IDPs (siehe <a href="#konfigurationsparameter_allgemein_publicurlprefix">Kapitel 3.1.1</a>) ist nicht möglich. Dem zur Folge kann ein Benutzer / eine Benutzerin mehrere aktive SSO Sessions bei unterschiedlichen virtuellen IDPs auf der selben physischen MOA-ID Instanz besitzen welche NICHT mittels SLO gemeinsam geschlossen werden.</p> <table class="configtable"> <tr> <th>Name</th> diff --git a/id/server/doc/handbook/index.html b/id/server/doc/handbook/index.html index 3784075a3..0eab8f187 100644 --- a/id/server/doc/handbook/index.html +++ b/id/server/doc/handbook/index.html @@ -29,7 +29,7 @@ </div> <div class="container"> - <h2>Übersicht zur Dokumentation der Version 3.0.x </h2> + <h2>Übersicht zur Dokumentation der Version 3.1.x </h2> <dl> <dt><a href="./intro/intro.html">Einführung</a></dt> diff --git a/id/server/doc/htmlTemplates/BKU-selection.html b/id/server/doc/htmlTemplates/BKU-selection.html index 123a23837..2b0115d4a 100644 --- a/id/server/doc/htmlTemplates/BKU-selection.html +++ b/id/server/doc/htmlTemplates/BKU-selection.html @@ -405,7 +405,7 @@ #bkulogin { min-width: 190px; - min-height: 155px; + min-height: 170px; } .setAssertionButton_full { @@ -616,6 +616,12 @@ top: 40px; } + + #ssoSessionTransferBlock { + font-size: 0.8em; + margin-left: 5px; + margin-bottom: 5px; + } </style> <!-- MOA-ID 2.x BKUSelection JavaScript fucnctions--> @@ -740,7 +746,7 @@ } } function onChangeChecks() { - if (top.innerWidth < 650) { + if (self.innerWidth < 650) { document.getElementById("moaidform").setAttribute("target","_parent"); } else { document.getElementById("moaidform").removeAttribute("target"); @@ -834,7 +840,7 @@ <h2 id="tabheader" class="dunkel" role="heading">#HEADER_TEXT#</h2> </div> <div id="bkulogin" class="hell" role="form"> - <div id="mandateLogin" style=""> + <div id="mandateLogin" style="#MANDATEVISIBLE#"> <div> <input tabindex="1" type="checkbox" name="Mandate" id="mandateCheckBox" class="verticalcenter" role="checkbox" @@ -867,19 +873,20 @@ <input type="hidden" name="bkuURI" value="#LOCAL#"> <input type="hidden" name="useMandate" id="useMandate"> <input type="hidden" name="SSO" id="useSSO"> <input - type="hidden" name="CCC" id="ccc"> <input type="hidden" + type="hidden" name="ccc" id="ccc"> <input type="hidden" name="MODUL" value="#MODUL#"> <input type="hidden" name="ACTION" value="#ACTION#"> <input type="hidden" name="MOASessionID" value="#SESSIONID#"> <input type="submit" value=" Lokale Bürgerkartenumgebung " tabindex="4" - role="button" onclick="setMandateSelection();" - > - <!--p> - <small>Alternativ können Sie eine lokal installierte BKU verwenden.</small> - </p--> - </form> + role="button" onclick="setMandateSelection();"> + </form> </div> + <!-- Single Sign-On Session transfer functionality --> + <!--div id="ssoSessionTransferBlock"> + <a href="#AUTH_URL#?MOASessionID=#SESSIONID#&restoreSSOSession=true">>Restore SSO Session from Smartphone</a> + </div--> + <div id="stork" align="center" style="#STORKVISIBLE#"> <h2 id="tabheader" class="dunkel">Home Country Selection</h2> <p> @@ -900,7 +907,7 @@ </div> </div> </div> - <div id="validation"> + <!--div id="validation"> <a href="http://validator.w3.org/check?uri="> <img style="border: 0; width: 88px; height: 31px" src="#CONTEXTPATH#/img/valid-html5-blue.png" alt="HTML5 ist valide!" /> @@ -909,7 +916,7 @@ src="http://jigsaw.w3.org/css-validator/images/vcss-blue" alt="CSS ist valide!" /> </a> - </div> + </div--> </div> </body> </html> diff --git a/id/server/doc/htmlTemplates/sendAssertion.html b/id/server/doc/htmlTemplates/sendAssertion.html index 1a3e683de..07d018a94 100644 --- a/id/server/doc/htmlTemplates/sendAssertion.html +++ b/id/server/doc/htmlTemplates/sendAssertion.html @@ -600,7 +600,7 @@ </div> </div> </div> - <div id="validation"> + <!--div id="validation"> <a href="http://validator.w3.org/check?uri="> <img style="border:0;width:88px;height:31px" src="#CONTEXTPATH#/img/valid-html5-blue.png" @@ -608,10 +608,10 @@ </a> <a href="http://jigsaw.w3.org/css-validator/"> <img style="border:0;width:88px;height:31px" - src="https://jigsaw.w3.org/css-validator/images/vcss-blue" + src="http://jigsaw.w3.org/css-validator/images/vcss-blue" alt="CSS ist valide!" /> </a> - </div> + </div--> </div> </body> </html> diff --git a/id/server/idserverlib/pom.xml b/id/server/idserverlib/pom.xml index ee697926b..afc432628 100644 --- a/id/server/idserverlib/pom.xml +++ b/id/server/idserverlib/pom.xml @@ -90,11 +90,7 @@ <artifactId>Commons</artifactId>
<version>1.4.0</version>
</dependency> -->
- <dependency>
- <groupId>eu.stork</groupId>
- <artifactId>SamlEngine</artifactId>
- <version>1.5.1</version>
- </dependency>
+
<dependency>
<groupId>MOA</groupId>
@@ -167,6 +163,11 @@ </exclusions>
</dependency>
+ <dependency>
+ <groupId>commons-collections</groupId>
+ <artifactId>commons-collections</artifactId>
+ </dependency>
+
<dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-rt-frontend-jaxws</artifactId>
@@ -400,78 +401,6 @@ </dependency>
-->
-
-
- <!-- JSON JWT implementation -->
- <dependency>
- <groupId>com.googlecode.jsontoken</groupId>
- <artifactId>jsontoken</artifactId>
- <version>1.1</version>
- <exclusions>
- <exclusion>
- <groupId>javax.servlet</groupId>
- <artifactId>servlet-api</artifactId>
- </exclusion>
- <exclusion>
- <artifactId>google-collections</artifactId>
- <groupId>com.google.collections</groupId>
- </exclusion>
- </exclusions>
- </dependency>
-
- <dependency>
- <groupId>com.google.guava</groupId>
- <artifactId>guava</artifactId>
- <version>18.0</version>
- </dependency>
-
- <dependency>
- <groupId>commons-codec</groupId>
- <artifactId>commons-codec</artifactId>
- <version>1.10</version>
- </dependency>
-
- <!-- Google OAuth Client -->
- <dependency>
- <groupId>com.google.http-client</groupId>
- <artifactId>google-http-client-jackson2</artifactId>
- <version>1.19.0</version>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>com.google.oauth-client</groupId>
- <artifactId>google-oauth-client-jetty</artifactId>
- <version>1.19.0</version>
- <scope>test</scope>
- <exclusions>
- <exclusion>
- <groupId>org.mortbay.jetty</groupId>
- <artifactId>servlet-api</artifactId>
- </exclusion>
- </exclusions>
- </dependency>
-
- <dependency>
- <groupId>eu.stork</groupId>
- <artifactId>DocumentService</artifactId>
- <version>0.0.1-SNAPSHOT</version>
- <classifier>classes</classifier>
- <exclusions>
- <exclusion>
- <artifactId>axis</artifactId>
- <groupId>org.apache.axis</groupId>
- </exclusion>
- <exclusion>
- <artifactId>bcprov-jdk16</artifactId>
- <groupId>org.bouncycastle</groupId>
- </exclusion>
- <exclusion>
- <artifactId>jaxws-tools</artifactId>
- <groupId>com.sun.xml.ws</groupId>
- </exclusion>
- </exclusions>
- </dependency>
-
<!-- the core, which includes Streaming API, shared low-level abstractions (but NOT data-binding) -->
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
@@ -506,7 +435,7 @@ <groupId>com.h2database</groupId>
<artifactId>h2</artifactId>
<version>1.4.178</version>
- <scope>runtime</scope>
+ <scope>test</scope>
</dependency>
<!-- tools -->
@@ -538,6 +467,12 @@ </dependency> -->
+ <dependency>
+ <groupId>eu.stork</groupId>
+ <artifactId>SamlEngine</artifactId>
+ <version>1.5.1</version>
+ </dependency>
+
<!-- spring -->
<dependency>
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/MOAReversionLogger.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/MOAReversionLogger.java index 8ee32c54e..7ac026888 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/MOAReversionLogger.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/MOAReversionLogger.java @@ -23,11 +23,10 @@ package at.gv.egovernment.moa.id.advancedlogging; import java.security.MessageDigest; +import java.util.Arrays; import java.util.Date; import java.util.List; -import com.google.common.primitives.Ints; - import at.gv.e_government.reference.namespace.mandates._20040701_.Mandate; import at.gv.egovernment.moa.id.auth.data.IdentityLink; import at.gv.egovernment.moa.id.config.ConfigurationException; @@ -47,7 +46,7 @@ public class MOAReversionLogger { private static MOAReversionLogger instance = null; - private static final List<Integer> defaultEventCodes = Ints.asList( + private static final List<Integer> defaultEventCodes = Arrays.asList( MOAIDEventConstants.SESSION_CREATED, MOAIDEventConstants.SESSION_DESTROYED, MOAIDEventConstants.SESSION_ERROR, @@ -69,8 +68,9 @@ public class MOAReversionLogger { MOAIDEventConstants.AUTHPROCESS_INTERFEDERATION, MOAIDEventConstants.AUTHPROCESS_STORK_REQUESTED, MOAIDEventConstants.AUTHPROCESS_SERVICEPROVIDER - ); - + ); + + public static synchronized MOAReversionLogger getInstance() { if (instance == null) { instance = new MOAReversionLogger(); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java index bfed65ae2..5487152cf 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java @@ -26,7 +26,6 @@ import java.io.ByteArrayInputStream; import java.io.IOException; import java.io.InputStream; import java.util.Date; -import java.util.List; import javax.xml.bind.JAXBContext; import javax.xml.bind.JAXBException; @@ -34,7 +33,6 @@ import javax.xml.bind.Unmarshaller; import org.apache.commons.lang3.StringEscapeUtils; - import at.gv.e_government.reference.namespace.mandates._20040701_.Mandate; import at.gv.e_government.reference.namespace.mandates._20040701_.Mandator; import at.gv.e_government.reference.namespace.persondata._20020228_.CorporateBodyType; @@ -44,7 +42,6 @@ import at.gv.egovernment.moa.id.auth.exception.MISSimpleClientException; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.auth.exception.ServiceException; import at.gv.egovernment.moa.id.client.SZRGWClientException; - import at.gv.egovernment.moa.id.commons.db.StatisticLogDBUtils; import at.gv.egovernment.moa.id.commons.db.dao.statistic.StatisticLog; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; @@ -68,7 +65,7 @@ public class StatisticLogger { private static final String MANTATORTYPE_JUR = "jur"; private static final String MANTATORTYPE_NAT = "nat"; - private static final int MAXERRORLENGTH = 250; + private static final int MAXERRORLENGTH = 200; private static final String ERRORTYPE_UNKNOWN = "unkown"; private static final String ERRORTYPE_BKU = "bku"; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java index 953a478be..022ec9def 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java @@ -4,7 +4,6 @@ package at.gv.egovernment.moa.id.auth; import iaik.pki.PKIException; -import iaik.pki.jsse.IAIKX509TrustManager; import iaik.security.ecc.provider.ECCProvider; import iaik.security.provider.IAIK; @@ -13,14 +12,11 @@ import java.security.GeneralSecurityException; import javax.activation.CommandMap; import javax.activation.MailcapCommandMap; -import javax.net.ssl.SSLSocketFactory; import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.ConnectionParameter; import at.gv.egovernment.moa.id.config.auth.AuthConfigLoader; import at.gv.egovernment.moa.id.config.auth.AuthConfiguration; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.id.util.AxisSecureSocketFactory; import at.gv.egovernment.moa.id.util.MOAIDMessageProvider; import at.gv.egovernment.moa.id.util.SSLUtils; import at.gv.egovernment.moa.logging.Logger; @@ -137,50 +133,27 @@ public class MOAIDAuthInitializer { "http://www.w3.org/2001/04/xmldsig-more#"); Constants.nSMap.put(Constants.DSIG_PREFIX, Constants.DSIG_NS_URI); - // Loads the configuration + // Initialize configuration provider + AuthConfiguration authConf = AuthConfigurationProviderFactory.reload(); + + //test, if MOA-ID is already configured + authConf.getPublicURLPrefix(); + + // Initialize MOA-SP + //MOA-SP is only use by API calls since MOA-ID 3.0.0 try { - AuthConfiguration authConf = AuthConfigurationProviderFactory.reload(); - - ConnectionParameter moaSPConnParam = authConf - .getMoaSpConnectionParameter(); - - // If MOA-SP API calls: loads MOA-SP configuration and configures IAIK - if (moaSPConnParam == null) { - try { - LoggingContextManager.getInstance().setLoggingContext( - new LoggingContext("startup")); - ConfigurationProvider config = ConfigurationProvider - .getInstance(); - new IaikConfigurator().configure(config); - } catch (at.gv.egovernment.moa.spss.server.config.ConfigurationException ex) { - throw new ConfigurationException("config.10", new Object[] { ex - .toString() }, ex); - } - } - - // Initializes IAIKX509TrustManager logging - /* - String log4jConfigURL = System.getProperty("log4j.configuration"); - Logger.info("Log4J Configuration: " + log4jConfigURL); - if (log4jConfigURL != null) { - IAIKX509TrustManager.initLog(new LoggerConfigImpl(log4jConfigURL)); - } - */ - - // Initializes the Axis secure socket factory for use in calling the - // MOA-SP web service - if (moaSPConnParam != null && moaSPConnParam.isHTTPSURL()) { - SSLSocketFactory ssf = SSLUtils.getSSLSocketFactory(authConf, - moaSPConnParam); - AxisSecureSocketFactory.initialize(ssf); - } - - - } catch (ConfigurationException e) { - Logger.error("MOA-ID-Auth start-up FAILED. Error during application configuration.", e); - System.exit(-1); - - } + LoggingContextManager.getInstance().setLoggingContext( + new LoggingContext("startup")); + ConfigurationProvider config = ConfigurationProvider + .getInstance(); + new IaikConfigurator().configure(config); + + } catch (at.gv.egovernment.moa.spss.server.config.ConfigurationException ex) { + throw new ConfigurationException("config.10", new Object[] { ex + .toString() }, ex); + + } + // Starts the session cleaner thread to remove unpicked authentication data AuthenticationSessionCleaner.start(); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java index 998fa495f..57a5316e8 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java @@ -135,10 +135,12 @@ public class AuthenticationDataBuilder extends MOAIDAuthConstants { AuthenticationData authdata = null; try { - Object saml1Requst = Class.forName("at.gv.egovernment.moa.id.protocols.saml1.SAML1RequestImpl").newInstance(); + //check if SAML1 authentication module is in Classpath + Class<?> saml1RequstTemplate = Class.forName("at.gv.egovernment.moa.id.protocols.saml1.SAML1RequestImpl"); IAuthData saml1authdata = (IAuthData) Class.forName("at.gv.egovernment.moa.id.protocols.saml1.SAML1AuthenticationData").newInstance(); - if (protocolRequest.getClass().isInstance(saml1Requst)) { - //request is SAML1 + if (saml1RequstTemplate != null && + saml1RequstTemplate.isInstance(protocolRequest)) { + //request is SAML1 --> invoke SAML1 protocol specific methods if (session.getExtendedSAMLAttributesOA() == null) { saml1authdata.getClass().getMethod("setExtendedSAMLAttributesOA", List.class).invoke(saml1authdata, new ArrayList<ExtendedSAMLAttribute>()); @@ -310,7 +312,7 @@ public class AuthenticationDataBuilder extends MOAIDAuthConstants { //validate PVP 2.1 response try { SAMLVerificationEngine engine = new SAMLVerificationEngine(); - engine.verifyResponse(intfResp, TrustEngineFactory.getSignatureKnownKeysTrustEngine()); + engine.verifyIDPResponse(intfResp, TrustEngineFactory.getSignatureKnownKeysTrustEngine()); SAMLVerificationEngine.validateAssertion(intfResp, false); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/DataURLBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/DataURLBuilder.java index 899b0fd15..d4350f97b 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/DataURLBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/DataURLBuilder.java @@ -95,6 +95,9 @@ public class DataURLBuilder { // dataURL = individualDataURLPrefix + authServletName; // } else + if (!authBaseURL.endsWith("/")) + authBaseURL += "/"; + dataURL = authBaseURL + authServletName; dataURL = addParameter(dataURL, MOAIDAuthConstants.PARAM_SESSIONID, sessionID); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SendAssertionFormBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SendAssertionFormBuilder.java index 02aaac8cb..d14910319 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SendAssertionFormBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SendAssertionFormBuilder.java @@ -147,6 +147,9 @@ public class SendAssertionFormBuilder { value = value.replace(ACTION, action); value = value.replace(ID, id); value = value.replace(OANAME, oaParam.getFriendlyName()); + + if (contextpath.endsWith("/")) + contextpath = contextpath.substring(0, contextpath.length() - 1); value = value.replace(CONTEXTPATH, contextpath); value = FormBuildUtils.customiceLayoutBKUSelection(value, diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CreateInterfedeartionRequestTask.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CreateInterfedeartionRequestTask.java index 8429baf23..4a6ecd56a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CreateInterfedeartionRequestTask.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CreateInterfedeartionRequestTask.java @@ -152,8 +152,7 @@ public class CreateInterfedeartionRequestTask extends AbstractAuthServletTask { authReq.setAssertionConsumerServiceIndex(0); authReq.setIssueInstant(new DateTime()); Issuer issuer = SAML2Utils.createSAMLObject(Issuer.class); - String serviceURL = PVPConfiguration.getInstance().getIDPPublicPath(); - issuer.setValue(serviceURL); + issuer.setValue(pendingReq.getAuthURLWithOutSlash()); issuer.setFormat(NameIDType.ENTITY); authReq.setIssuer(issuer); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/FinalizeAuthenticationTask.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/FinalizeAuthenticationTask.java index 8add03da7..712ebb731 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/FinalizeAuthenticationTask.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/FinalizeAuthenticationTask.java @@ -59,6 +59,12 @@ public class FinalizeAuthenticationTask extends AbstractAuthServletTask { IRequest pendingReq = RequestStorage.getPendingRequest( (String) executionContext.get("pendingRequestID")); + if (pendingReq == null) { + Logger.info("No PendingRequest with Id: " + executionContext.get("pendingRequestID") + " Maybe, a transaction timeout occure."); + throw new MOAIDException("auth.28", new Object[]{executionContext.get("pendingRequestID")}); + + } + //get Session from context String moasessionid = (String) executionContext.get(PARAM_SESSIONID); AuthenticationSession session = null; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java index 004961116..e659c9447 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java @@ -56,7 +56,8 @@ public class StartAuthentificationParameterParser extends MOAIDAuthConstants{ String ccc, String module, String action, - HttpServletRequest req) throws WrongParametersException, MOAIDException { + HttpServletRequest req, + IRequest protocolReq) throws WrongParametersException, MOAIDException { String targetFriendlyName = null; @@ -223,20 +224,15 @@ public class StartAuthentificationParameterParser extends MOAIDAuthConstants{ throw new WrongParametersException("StartAuthentication", PARAM_OA, "auth.05"); moasession.setOAURLRequested(oaURL); - + //check AuthURL - String authURL = req.getScheme() + "://" + req.getServerName(); - if ((req.getScheme().equalsIgnoreCase("https") && req.getServerPort()!=443) || (req.getScheme().equalsIgnoreCase("http") && req.getServerPort()!=80)) { - authURL = authURL.concat(":" + req.getServerPort()); - } - authURL = authURL.concat(req.getContextPath() + "/"); - + String authURL = protocolReq.getAuthURL(); if (!authURL.startsWith("https:") && !AuthConfigurationProviderFactory.getInstance().isHTTPAuthAllowed()) throw new AuthenticationException("auth.07", new Object[] { authURL + "*" }); //set Auth URL from configuration - moasession.setAuthURL(AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix() + "/"); + moasession.setAuthURL(authURL); //check and set SourceID if (oaParam.getSAML1Parameter() != null) { @@ -318,7 +314,7 @@ public class StartAuthentificationParameterParser extends MOAIDAuthConstants{ oaURL = request.getOAURL(); target = request.getTarget(); - parse(moasession, target, oaURL, bkuURL, templateURL, useMandate, ccc, modul, action, req); + parse(moasession, target, oaURL, bkuURL, templateURL, useMandate, ccc, modul, action, req, request); } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java index 43f4f90ff..fe24d45dd 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java @@ -197,11 +197,6 @@ public class AuthServlet extends HttpServlet { procExc.getCause() instanceof TaskExecutionException) { TaskExecutionException taskExc = (TaskExecutionException) procExc.getCause(); loggedException = taskExc.getOriginalException(); - if (Logger.isDebugEnabled() || Logger.isTraceEnabled()) { - Logger.error(exceptionThrown.getMessage(), exceptionThrown); - - } else - Logger.error(exceptionThrown.getMessage()); } } @@ -213,6 +208,14 @@ public class AuthServlet extends HttpServlet { if (!(loggedException instanceof MOAIDException)) { Logger.error("Receive an internal error: Message=" + loggedException.getMessage(), loggedException); + } else { + if (Logger.isDebugEnabled() || Logger.isTraceEnabled()) { + Logger.error(loggedException.getMessage(), loggedException); + + } else { + Logger.error(loggedException.getMessage()); + + } } IExceptionStore store = DBExceptionStoreImpl.getStore(); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java index 2a63968dd..15d596049 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java @@ -24,8 +24,6 @@ package at.gv.egovernment.moa.id.auth.servlet; import java.io.IOException; import java.util.Enumeration; -import java.util.List; -import java.util.Map; import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; @@ -33,28 +31,18 @@ import javax.servlet.http.HttpServletResponse; import org.apache.commons.lang.StringEscapeUtils; -import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants; -import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger; import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; -import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; +import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; import at.gv.egovernment.moa.id.auth.modules.registration.ModuleRegistration; -import at.gv.egovernment.moa.id.auth.parser.StartAuthentificationParameterParser; - import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; - -import at.gv.egovernment.moa.id.moduls.IRequest; -import at.gv.egovernment.moa.id.moduls.RequestStorage; - import at.gv.egovernment.moa.id.process.ExecutionContextImpl; +import at.gv.egovernment.moa.id.process.ProcessExecutionException; import at.gv.egovernment.moa.id.process.api.ExecutionContext; import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.FileUtils; import at.gv.egovernment.moa.util.MiscUtil; public class GenerateIFrameTemplateServlet extends AuthServlet { @@ -139,6 +127,25 @@ public class GenerateIFrameTemplateServlet extends AuthServlet { catch (MOAIDException ex) { handleError(null, ex, req, resp, pendingRequestID); + + } catch (ProcessExecutionException e) { + Throwable cause = e.getCause(); + if (cause != null && cause instanceof TaskExecutionException) { + Throwable taskCause = cause.getCause(); + if (taskCause != null && taskCause instanceof WrongParametersException) { + WrongParametersException internalEx = (WrongParametersException) taskCause; + handleWrongParameters(internalEx, req, resp); + return; + + } else if (taskCause != null && taskCause instanceof MOAIDException) { + MOAIDException moaTaskCause = (MOAIDException) taskCause; + handleError(null, moaTaskCause, req, resp, pendingRequestID); + return; + + } + } + + Logger.error("BKUSelectionServlet has an interal Error.", e); } catch (Exception e) { Logger.error("BKUSelectionServlet has an interal Error.", e); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java index 0a6d30be7..fe5cd1ac0 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java @@ -45,6 +45,7 @@ import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.NOSLOServiceDescripto import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.NoMetadataInformationException; import at.gv.egovernment.moa.id.storage.AssertionStorage; import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; +import at.gv.egovernment.moa.id.util.HTTPUtils; import at.gv.egovernment.moa.id.util.MOAIDMessageProvider; import at.gv.egovernment.moa.id.util.Random; import at.gv.egovernment.moa.logging.Logger; @@ -62,6 +63,23 @@ public class IDPSingleLogOutServlet extends AuthServlet { protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { Logger.debug("receive IDP SingleLogOut Request"); + + String authURL = HTTPUtils.extractAuthURLFromRequest(req); + try { + if (!AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix().contains(authURL)) { + Logger.warn("Requested URL " + authURL + " is not in PublicPrefix Configuration"); + resp.sendError(HttpServletResponse.SC_FORBIDDEN, "Request not allowed"); + return; + + } + + } catch (MOAIDException e) { + Logger.error("Internal Server Error.", e); + resp.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "Internal Server Error"); + return; + + } + SSOManager ssomanager = SSOManager.getInstance(); String ssoid = ssomanager.getSSOSessionID(req); @@ -109,7 +127,7 @@ public class IDPSingleLogOutServlet extends AuthServlet { AuthenticationSession authSession = AuthenticationSessionStoreage .getSession(moaSessionID); if(authSession != null) { - authmanager.performSingleLogOut(req, resp, authSession, null); + authmanager.performSingleLogOut(req, resp, authSession, authURL); return; } @@ -142,7 +160,7 @@ public class IDPSingleLogOutServlet extends AuthServlet { } else { //print SLO information directly - redirectURL = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix() + "/idpSingleLogout"; + redirectURL = HTTPUtils.extractAuthURLFromRequest(req) + "/idpSingleLogout"; String artifact = Random.nextRandom(); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java index c1e084a59..53187088e 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java @@ -60,6 +60,7 @@ import at.gv.egovernment.moa.id.moduls.AuthenticationManager; import at.gv.egovernment.moa.id.moduls.RequestStorage; import at.gv.egovernment.moa.id.moduls.SSOManager; import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; +import at.gv.egovernment.moa.id.util.HTTPUtils; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; @@ -85,14 +86,14 @@ public class LogOutServlet extends AuthServlet { if (MiscUtil.isEmpty(redirectUrl)) { //set default redirect Target Logger.debug("Set default RedirectURL back to MOA-ID-Auth"); - redirectUrl = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix(); + redirectUrl = HTTPUtils.extractAuthURLFromRequest(req); } else { //return an error if RedirectURL is not a active Online-Applikation OAAuthParameter oa = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(redirectUrl); if (oa == null) { Logger.info("RedirctURL does not match to OA configuration. Set default RedirectURL back to MOA-ID-Auth"); - redirectUrl = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix(); + redirectUrl = HTTPUtils.extractAuthURLFromRequest(req); } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java index 7dd8645c6..a914659b0 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java @@ -36,6 +36,7 @@ import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.moduls.SSOManager; import at.gv.egovernment.moa.id.util.FormBuildUtils; +import at.gv.egovernment.moa.id.util.HTTPUtils; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; import at.gv.egovernment.moa.util.URLEncoder; @@ -64,8 +65,10 @@ public class RedirectServlet extends AuthServlet{ OAAuthParameter oa = null; String redirectTarget = DEFAULT_REDIRECTTARGET; try { - oa = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(url); - if (oa == null && !url.startsWith(AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix())) { + oa = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(url); + String authURL = HTTPUtils.extractAuthURLFromRequest(req); + + if (oa == null && !AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix().contains(authURL)) { resp.sendError(HttpServletResponse.SC_FORBIDDEN, "Parameters not valid"); return; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfiguration.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfiguration.java index c98a7d537..65dcc7bf3 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfiguration.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfiguration.java @@ -81,8 +81,16 @@ public interface AuthConfiguration extends ConfigurationProvider{ public boolean isAdvancedLoggingActive(); - public String getPublicURLPrefix(); + /** + * Returns the PublicURLPrefix. + * + * @return the PublicURLPrefix (one or more) of this IDP instance. All publicURLPrefix URLs are ends without / + * @throws ConfigurationException if no PublicURLPrefix is found. + */ + public List<String> getPublicURLPrefix() throws ConfigurationException; + public boolean isVirtualIDPsEnabled(); + public boolean isPVP2AssertionEncryptionActive(); public boolean isCertifiacteQCActive(); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProviderFactory.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProviderFactory.java index 38135b028..9812f346d 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProviderFactory.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProviderFactory.java @@ -65,7 +65,7 @@ public class AuthConfigurationProviderFactory { instance = new PropertyBasedAuthConfigurationProvider(fileURI); } catch (URISyntaxException e){ - Logger.error("MOA-ID-Auth configuration file does not starts with file:/ as prefix."); + Logger.error("MOA-ID-Auth configuration file does not starts with file:/ as prefix.", e); throw new ConfigurationException("config24", new Object[]{MOAIDAuthConstants.FILE_URI_PREFIX, fileName}); } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/ConfigurationToJSONConverter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/ConfigurationToJSONConverter.java deleted file mode 100644 index e1c1ac49e..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/ConfigurationToJSONConverter.java +++ /dev/null @@ -1,155 +0,0 @@ -//package at.gv.egovernment.moa.id.config.auth; -// -//import java.beans.IntrospectionException; -//import java.beans.Introspector; -//import java.beans.PropertyDescriptor; -//import java.lang.reflect.InvocationTargetException; -//import java.lang.reflect.Method; -//import java.util.Arrays; -//import java.util.List; -// -//import org.springframework.beans.factory.annotation.Autowired; -//import org.springframework.beans.factory.config.AutowireCapableBeanFactory; -//import org.springframework.context.ApplicationContext; -//import org.springframework.context.support.ClassPathXmlApplicationContext; -// -//import at.gv.egovernment.moa.id.commons.config.persistence.MOAIDConfiguration; -//import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead; -//import at.gv.egovernment.moa.id.config.ConfigurationException; -//import at.gv.egovernment.moa.id.config.ConfigurationProvider; -// -//import com.fasterxml.jackson.annotation.JsonIgnore; -//import com.fasterxml.jackson.annotation.JsonProperty; -// -//public class ConfigurationToJSONConverter { -// -// @Autowired -// NewAuthConfigurationProvider configProvider; -// -// @Autowired -// MOAIDConfiguration configDataBase; -// -// public static void main(String[] args) { -// -// try { -// ConfigurationToJSONConverter converter = new ConfigurationToJSONConverter(args[0]); -// converter.writeConfigToJSONDB(); -// System.out.println("====================================="); -// System.out.println("====================================="); -// converter.readConfigFromDB(); -// System.out.println("====================================="); -// System.out.println("====================================="); -// -// // otherwise the database connection is not initialized -// JaxBAuthConfigurationProvider.getInstance(); -// List<String> methodNames = Arrays.asList("getAllOnlineApplications", "getAllUsers", "getMOAIDConfiguration"); -// converter.extractDataViaConfigurationDBRead(methodNames); -// converter.readExtractedConfigurationDBReadData(methodNames); -// -// } catch (ConfigurationException e) { -// e.printStackTrace(); -// System.out.println("Problems reading the configuration file in: " + System.getProperty(ConfigurationProvider.CONFIG_PROPERTY_NAME)); -// System.exit(1); -// } -// -// } -// -// public ConfigurationToJSONConverter(String pathToDBConfigPropertiesFile) throws ConfigurationException { -// -// System.getProperties().setProperty("location", "file:" + pathToDBConfigPropertiesFile); -// ApplicationContext context = new ClassPathXmlApplicationContext("configuration.beans.xml"); -// AutowireCapableBeanFactory acbFactory = context.getAutowireCapableBeanFactory(); -// acbFactory.autowireBean(this); -// -// } -// -// public void extractDataViaConfigurationDBRead(List<String> methodNames) { -// System.out.println("Start extracting"); -// // read objects from db and write to key-value -// for (String name : methodNames) { -// try { -// Method method = ConfigurationDBRead.class.getMethod(name); -// Object tmp = method.invoke(null, new Object[] {}); -// JsonProperty annotation = method.getAnnotation(JsonProperty.class); -// if (annotation != null) { -// configDataBase.set(annotation.value(), tmp); -// } else { -// System.out.println("Annotate Method with name: " + name); -// } -// } catch (NoSuchMethodException | SecurityException | IllegalAccessException | IllegalArgumentException -// | InvocationTargetException e) { -// System.out.println("Problems while extracting ConfigurationDBRead data."); -// } -// } -// } -// -// public void readExtractedConfigurationDBReadData(List<String> methodNames) { -// for (String name : methodNames) { -// Object tmp = configDataBase.get(name); -// System.out.println(">>> OBJECT: " + tmp); -// } -// } -// -// public void writeConfigToJSONDB() { -// -// try { -// // find all getter methods -// for (PropertyDescriptor pd : Introspector.getBeanInfo(NewAuthConfigurationProvider.class).getPropertyDescriptors()) { -// // check if correct methods, and not annotated with @JsonIgnore -// if ((pd.getReadMethod() != null) -// && (!"class".equals(pd.getName())) -// && (pd.getReadMethod().getAnnotation(JsonIgnore.class) == null)) { -// -// JsonProperty name = pd.getReadMethod().getAnnotation(JsonProperty.class); -// // get result of get method -// Object tmp; -// try { -// tmp = pd.getReadMethod().invoke(configProvider); -// // convert result to JSON -// if (name != null) { -// configDataBase.set(name.value(), tmp); -// } else { -// System.out.println("CHECK if '" + pd.getDisplayName() + "' is NOT ANNOTATED"); -// } -// } catch (IllegalAccessException | InvocationTargetException e) { -// System.out.println("Problems while writing the configuration to the database."); -// } -// } -// } -// -// // no static method handling needed -// -// } catch (IllegalArgumentException e) { -// System.out.println("Problems while using reflection to get all getter methods."); -// } catch (IntrospectionException e) { -// System.out.println("Problems while using reflection to get all getter methods."); -// } -// -// } -// -// public void readConfigFromDB() { -// try { -// // find all getter methods -// for (PropertyDescriptor pd : Introspector.getBeanInfo(NewAuthConfigurationProvider.class) -// .getPropertyDescriptors()) { -// // check if correct methods, and not annotated with @JsonIgnore -// if ((pd.getReadMethod() != null) -// && (!"class".equals(pd.getName())) -// && (pd.getReadMethod().getAnnotation(JsonIgnore.class) == null)) { -// JsonProperty name = pd.getReadMethod().getAnnotation(JsonProperty.class); -// // get result of get method -// if (name != null) { -// System.out.println(">>> OBJECT: " + configDataBase.get(name.value())); -// } else { -// System.out.println("CHECK if '" + pd.getDisplayName() + "' is NOT ANNOTATED"); -// } -// } -// } -// } catch (IllegalArgumentException e) { -// System.out.println("Problems while using reflection to get all getter methods."); -// } catch (IntrospectionException e) { -// System.out.println("Problems while using reflection to get all getter methods."); -// } -// } -// -//} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java index 645831479..7b798f522 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java @@ -6,6 +6,7 @@ import java.io.FileNotFoundException; import java.io.IOException; import java.net.MalformedURLException; import java.net.URI; +import java.net.URL; import java.util.ArrayList; import java.util.Arrays; import java.util.Collection; @@ -21,8 +22,15 @@ import org.springframework.context.ApplicationContext; import org.springframework.context.support.ClassPathXmlApplicationContext; import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.commons.MOAIDConstants; import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; import at.gv.egovernment.moa.id.commons.config.persistence.MOAIDConfiguration; +import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.AuthComponentGeneral; +import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.MOASP; +import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OnlineApplication; +import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.SecurityLayer; +import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.VerifyIdentityLink; +import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils; import at.gv.egovernment.moa.id.config.ConfigurationException; import at.gv.egovernment.moa.id.config.ConfigurationProviderImpl; import at.gv.egovernment.moa.id.config.ConfigurationUtils; @@ -48,6 +56,8 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide private final Properties properties = new Properties(); private ApplicationContext context = null; + private boolean requireJDBCBackupImplementation = false; + public PropertyBasedAuthConfigurationProvider() { } @@ -84,6 +94,20 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide AutowireCapableBeanFactory acbFactory = context.getAutowireCapableBeanFactory(); acbFactory.autowireBean(this); + //Some databases do not allow the selection of a lob in SQL where expression + String dbDriver = properties.getProperty("configuration.hibernate.connection.driver_class"); + if (MiscUtil.isNotEmpty(dbDriver)) { + for (String el:MOAIDConstants.JDBC_DRIVER_NEEDS_WORKAROUND) { + if (dbDriver.startsWith(el)) { + requireJDBCBackupImplementation = true; + Logger.info("JDBC driver '" + dbDriver + + "' is blacklisted --> Switch to alternative DB access methode implementation."); + + } + } + } + + } catch (FileNotFoundException e) { throw new ConfigurationException("config.03", null, e); @@ -791,20 +815,47 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide return Boolean.valueOf(prop); } - /** - * Returns the PublicURLPrefix. NOTE: returns {@code null} if no PublicURLPrefix is set. - * - * @return the PublicURLPrefix or {@code null} - */ - public String getPublicURLPrefix() { - try { - return configuration.getStringValue( - MOAIDConfigurationConstants.GENERAL_PUBLICURLPREFIX); + public List<String> getPublicURLPrefix() throws ConfigurationException{ + try { + String publicURLPrefixList = configuration.getStringValue( + MOAIDConfigurationConstants.GENERAL_PUBLICURLPREFIX); + List<String> returnValues = new ArrayList<String>(); + if (publicURLPrefixList != null) { + publicURLPrefixList = KeyValueUtils.normalizeCSVValueString(publicURLPrefixList); + List<String> publicURLPrefixArray = Arrays.asList(publicURLPrefixList.split(",")); + Logger.trace("Found " + publicURLPrefixArray.size() + " PublicURLPrefix in configuration."); + + + for (String el : publicURLPrefixArray) { + try { + new URL(el); + if (el.endsWith("/")) + returnValues.add(el.substring(0, el.length()-1)); + else + returnValues.add(el); + + } catch (MalformedURLException e) { + Logger.warn("IDP PublicURLPrefix URL " + el + " is not a valid URL", e); + } + } + } + + if (returnValues.size() > 0) + return returnValues; + + else { + Logger.warn("MOA-ID PublicURLPrefix is not found in configuration."); + throw new ConfigurationException("config.08", new Object[]{"IDP PublicURLPrefix"}); + + } + } catch (at.gv.egiz.components.configuration.api.ConfigurationException e) { Logger.warn("MOA-ID PublicURLPrefix can not be read from configuration.", e); - return null; + throw new ConfigurationException("config.08", new Object[]{"IDP PublicURLPrefix"}, e); + } + } /** @@ -983,9 +1034,11 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide Logger.trace("Get active OnlineApplication with ID " + id + " from database."); Map<String, String> oaConfig = null; try { - //OracleDB does not allow the selection of a lob in SQL where expression + + //TODO: + //Some databases do not allow the selection of a lob in SQL where expression String dbDriver = properties.getProperty("configuration.hibernate.connection.driver_class"); - if (MiscUtil.isNotEmpty(dbDriver) && dbDriver.startsWith("oracle.jdbc.")) + if (requireJDBCBackupImplementation) oaConfig = configuration.getOnlineApplicationBackupVersion(id); else @@ -1120,4 +1173,24 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide else return getMoaSpIdentityLinkTrustProfileID(); } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.AuthConfiguration#isVirtualIDPsEnabled() + */ + @Override + public boolean isVirtualIDPsEnabled() { + try { + String value = configuration.getStringValue( + MOAIDConfigurationConstants.GENERAL_ISVIRTUALIDPSENABLED); + if (MiscUtil.isNotEmpty(value)) { + return Boolean.valueOf(value); + } + + } catch (at.gv.egiz.components.configuration.api.ConfigurationException e) { + Logger.error("Error during 'isVirutalIDPsEnabled' load operationen." , e); + + } + + return false; + } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/SLOInformationContainer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/SLOInformationContainer.java index d1e04e107..a4bba8b19 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/SLOInformationContainer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/SLOInformationContainer.java @@ -75,6 +75,7 @@ public class SLOInformationContainer implements Serializable { if (sloDesc.getBinding().equals(SAMLConstants.SAML2_SOAP11_BINDING_URI)) activeBackChannelOAs.put(oa.getOaurlprefix(), new SLOInformationImpl( + oa.getAuthURL(), oa.getAssertionSessionID(), oa.getUserNameID(), oa.getUserNameIDFormat(), @@ -84,6 +85,7 @@ public class SLOInformationContainer implements Serializable { else activeFrontChannalOAs.put(oa.getOaurlprefix(), new SLOInformationImpl( + oa.getAuthURL(), oa.getAssertionSessionID(), oa.getUserNameID(), oa.getUserNameIDFormat(), @@ -123,6 +125,7 @@ public class SLOInformationContainer implements Serializable { activeFrontChannalOAs.put(el.getIdpurlprefix(), new SLOInformationImpl( + el.getAuthURL(), el.getSessionIndex(), el.getUserNameID(), NameID.TRANSIENT, diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/SLOInformationImpl.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/SLOInformationImpl.java index 55b213702..55a56056d 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/SLOInformationImpl.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/SLOInformationImpl.java @@ -39,17 +39,23 @@ public class SLOInformationImpl implements SLOInformationInterface, Serializable private String nameIDFormat = null; private String binding = null; private String serviceURL = null; + private String authURL = null; - public SLOInformationImpl(String sessionID, String nameID, String nameIDFormat, String protocolType) { - new SLOInformationImpl(sessionID, nameID, nameIDFormat, protocolType, null); + public SLOInformationImpl(String authURL, String sessionID, String nameID, String nameIDFormat, String protocolType) { + new SLOInformationImpl(authURL, sessionID, nameID, nameIDFormat, protocolType, null); } - public SLOInformationImpl(String sessionID, String nameID, String nameIDFormat, String protocolType, SingleLogoutService sloService) { + public SLOInformationImpl(String authURL, String sessionID, String nameID, String nameIDFormat, String protocolType, SingleLogoutService sloService) { this.sessionIndex = sessionID; this.nameID = nameID; this.nameIDFormat = nameIDFormat; this.protocolType = protocolType; + if (authURL.endsWith("/")) + this.authURL = authURL.substring(0, authURL.length()-1); + else + this.authURL = authURL; + if (sloService != null) { this.binding = sloService.getBinding(); this.serviceURL = sloService.getLocation(); @@ -148,6 +154,13 @@ public class SLOInformationImpl implements SLOInformationInterface, Serializable public String getServiceURL() { return serviceURL; } + + /** + * @return the authURL from requested IDP without ending / + */ + public String getAuthURL() { + return authURL; + } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java index 771c9a35e..ce44db215 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java @@ -33,7 +33,6 @@ import javax.servlet.http.HttpServletResponse; import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants; import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger; import at.gv.egovernment.moa.id.advancedlogging.StatisticLogger; - import at.gv.egovernment.moa.id.advancedlogging.TransactionIDUtils; import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; import at.gv.egovernment.moa.id.auth.MOAIDAuthInitializer; @@ -45,7 +44,7 @@ import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.auth.exception.ProtocolNotActiveException; import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; import at.gv.egovernment.moa.id.auth.servlet.AuthServlet; - +import at.gv.egovernment.moa.id.config.ConfigurationException; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.data.IAuthData; @@ -86,13 +85,18 @@ public class DispatcherServlet extends AuthServlet{ MOAIDAuthInitializer.initialize(); Logger.info(MOAIDMessageProvider.getInstance().getMessage( "init.00", null)); + + Logger.info("Dispatcher Servlet initialization finished."); + } catch (Exception ex) { Logger.fatal( MOAIDMessageProvider.getInstance().getMessage("init.02", null), ex); - throw new ServletException(ex); + + //throw new ServletException(ex); + } - Logger.info("Dispatcher Servlet initialization finished."); + } protected void processRequest(HttpServletRequest req, @@ -364,7 +368,10 @@ public class DispatcherServlet extends AuthServlet{ } catch (AuthnRequestValidatorException e) { //log Error Message StatisticLogger logger = StatisticLogger.getInstance(); - logger.logErrorOperation(e, e.getErrorRequest()); + logger.logErrorOperation(e, e.getErrorRequest()); + + //TODO: maybe add some error message handling??? + return; }catch (InvalidProtocolRequestException e) { @@ -377,6 +384,13 @@ public class DispatcherServlet extends AuthServlet{ "(Errorcode=" + code + " | Description=" + descr + ")"); return; + } catch (ConfigurationException e) { + resp.setContentType("text/html;charset=UTF-8"); + resp.sendError(HttpServletResponse.SC_BAD_REQUEST, "NO valid protocol request received!" + + "(Errorcode=9199" + +" | Description="+ e.getMessage() + ")"); + return; + } catch (MOAIDException e) { Logger.error("Failed to generate a valid protocol request!"); resp.setContentType("text/html;charset=UTF-8"); @@ -544,7 +558,7 @@ public class DispatcherServlet extends AuthServlet{ try { //Store OA specific SSO session information AuthenticationSessionStoreage.addSSOInformation(moasessionID, - newSSOSessionId, assertionID, protocolRequest.getOAURL()); + newSSOSessionId, assertionID, protocolRequest); } catch (AuthenticationException e) { Logger.warn("SSO Session information can not be stored -> SSO is not enabled!"); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java index 39cb5b9c8..c38bbc68f 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java @@ -52,7 +52,6 @@ import org.opensaml.saml2.core.NameIDPolicy; import org.opensaml.saml2.core.NameIDType; import org.opensaml.saml2.core.RequestedAuthnContext; import org.opensaml.saml2.core.StatusCode; -import org.opensaml.saml2.core.Subject; import org.opensaml.saml2.metadata.EntityDescriptor; import org.opensaml.saml2.metadata.SingleLogoutService; import org.opensaml.saml2.metadata.SingleSignOnService; @@ -72,9 +71,10 @@ import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionExtensions; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.exception.BuildException; +import at.gv.egovernment.moa.id.auth.exception.InvalidProtocolRequestException; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; import at.gv.egovernment.moa.id.auth.modules.registration.ModuleRegistration; -import at.gv.egovernment.moa.id.auth.parser.StartAuthentificationParameterParser; import at.gv.egovernment.moa.id.commons.db.dao.session.InterfederationSessionStore; import at.gv.egovernment.moa.id.commons.db.dao.session.OASessionStore; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; @@ -82,12 +82,11 @@ import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.data.SLOInformationContainer; import at.gv.egovernment.moa.id.data.SLOInformationImpl; -import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; - import at.gv.egovernment.moa.id.process.ExecutionContextImpl; import at.gv.egovernment.moa.id.process.ProcessEngine; import at.gv.egovernment.moa.id.process.ProcessExecutionException; import at.gv.egovernment.moa.id.process.api.ExecutionContext; +import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; import at.gv.egovernment.moa.id.protocols.pvp2x.PVPTargetConfiguration; import at.gv.egovernment.moa.id.protocols.pvp2x.binding.IEncoder; import at.gv.egovernment.moa.id.protocols.pvp2x.binding.PostBinding; @@ -98,6 +97,8 @@ import at.gv.egovernment.moa.id.protocols.pvp2x.messages.MOARequest; import at.gv.egovernment.moa.id.protocols.pvp2x.metadata.MOAMetadataProvider; import at.gv.egovernment.moa.id.protocols.pvp2x.utils.MOASAMLSOAPClient; import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils; +import at.gv.egovernment.moa.id.protocols.pvp2x.verification.SAMLVerificationEngine; +import at.gv.egovernment.moa.id.protocols.pvp2x.verification.TrustEngineFactory; import at.gv.egovernment.moa.id.storage.AssertionStorage; import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; import at.gv.egovernment.moa.id.util.MOAIDMessageProvider; @@ -167,7 +168,20 @@ public class AuthenticationManager extends MOAIDAuthConstants { } public void performSingleLogOut(HttpServletRequest httpReq, - HttpServletResponse httpResp, AuthenticationSession session, PVPTargetConfiguration pvpReq) throws MOAIDException { + HttpServletResponse httpResp, AuthenticationSession session, PVPTargetConfiguration pvpReq) throws MOAIDException { + performSingleLogOut(httpReq, httpResp, session, pvpReq, null); + + } + + public void performSingleLogOut(HttpServletRequest httpReq, + HttpServletResponse httpResp, AuthenticationSession session, String authURL) throws MOAIDException { + performSingleLogOut(httpReq, httpResp, session, null, authURL); + + } + + + private void performSingleLogOut(HttpServletRequest httpReq, + HttpServletResponse httpResp, AuthenticationSession session, PVPTargetConfiguration pvpReq, String authURL) throws MOAIDException { String pvpSLOIssuer = null; String inboundRelayState = null; @@ -176,6 +190,7 @@ public class AuthenticationManager extends MOAIDAuthConstants { LogoutRequest logOutReq = (LogoutRequest) samlReq.getSamlRequest(); pvpSLOIssuer = logOutReq.getIssuer().getValue(); inboundRelayState = samlReq.getRelayState(); + } SSOManager ssomanager = SSOManager.getInstance(); @@ -195,7 +210,7 @@ public class AuthenticationManager extends MOAIDAuthConstants { } catch (MOADatabaseException e) { Logger.warn("Delete MOASession FAILED."); - sloContainer.putFailedOA(AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix()); + sloContainer.putFailedOA(pvpReq.getAuthURL()); } @@ -219,8 +234,13 @@ public class AuthenticationManager extends MOAIDAuthConstants { + " FAILED. NO LogOut response received."); sloContainer.putFailedOA(sloReq.getIssuer().getValue()); + } else { + SAMLVerificationEngine engine = new SAMLVerificationEngine(); + engine.verifySLOResponse(sloResp, + TrustEngineFactory.getSignatureKnownKeysTrustEngine()); + } - + SingleLogOutBuilder.checkStatusCode(sloContainer, sloResp); } catch (SOAPException e) { @@ -228,7 +248,7 @@ public class AuthenticationManager extends MOAIDAuthConstants { + " FAILED.", e); sloContainer.putFailedOA(sloReq.getIssuer().getValue()); - } catch (SecurityException e) { + } catch (SecurityException | InvalidProtocolRequestException e) { Logger.warn("Single LogOut for OA " + sloReq.getIssuer().getValue() + " FAILED.", e); sloContainer.putFailedOA(sloReq.getIssuer().getValue()); @@ -258,7 +278,10 @@ public class AuthenticationManager extends MOAIDAuthConstants { AssertionStorage.getInstance().put(relayState, sloContainer); - String timeOutURL = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix() + if (MiscUtil.isEmpty(authURL)) + authURL = pvpReq.getAuthURL(); + + String timeOutURL = authURL + "/idpSingleLogout" + "?restart=" + relayState; @@ -381,7 +404,7 @@ public class AuthenticationManager extends MOAIDAuthConstants { String form = SendAssertionFormBuilder.buildForm(target.requestedModule(), target.requestedAction(), target.getRequestID(), oaParam, - AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix()); + target.getAuthURL()); MOAReversionLogger.getInstance().logEvent(target.getOnlineApplicationConfiguration(), target, MOAIDEventConstants.AUTHPROCESS_SSO_ASK_USER_START); @@ -450,7 +473,7 @@ public class AuthenticationManager extends MOAIDAuthConstants { authReq.setAssertionConsumerServiceIndex(0); authReq.setIssueInstant(new DateTime()); Issuer issuer = SAML2Utils.createSAMLObject(Issuer.class); - String serviceURL = PVPConfiguration.getInstance().getIDPPublicPath(); + String serviceURL = PVPConfiguration.getInstance().getIDPPublicPath().get(0); issuer.setValue(serviceURL); issuer.setFormat(NameIDType.ENTITY); @@ -470,28 +493,27 @@ public class AuthenticationManager extends MOAIDAuthConstants { SAML2Utils.createSAMLObject(AuthnContextClassRef.class); //check if STORK protocol module is in ClassPath - Object storkRequst = null; + Class<?> storkRequstTemplate = null; Integer storkSecClass = null; try { - storkRequst = Class.forName("at.gv.egovernment.moa.id.protocols.stork2.MOASTORKRequest").newInstance(); - if (storkRequst != null && - target.getClass().isInstance(storkRequst)) { + storkRequstTemplate = Class.forName("at.gv.egovernment.moa.id.protocols.stork2.MOASTORKRequest"); + if (storkRequstTemplate != null && + storkRequstTemplate.isInstance(target)) { Object storkAuthnRequest = target.getClass().getMethod("getStorkAuthnRequest", null).invoke(target, null); storkSecClass = (Integer) storkAuthnRequest.getClass().getMethod("getQaa", null).invoke(storkAuthnRequest, null); } - } catch (ClassNotFoundException | InstantiationException | IllegalAccessException | IllegalArgumentException | InvocationTargetException | NoSuchMethodException | java.lang.SecurityException ex) { + } catch (ClassNotFoundException | IllegalAccessException | IllegalArgumentException | InvocationTargetException | NoSuchMethodException | java.lang.SecurityException ex) { } - - - if (sp != null && sp.isSTORKPVPGateway()){ + + if (sp != null && sp.isSTORKPVPGateway()) { //use PVP SecClass instead of STORK QAA level String secClass = null; - if (storkRequst != null && - target.getClass().isInstance(storkRequst)) { + if (storkRequstTemplate != null && + storkRequstTemplate.isInstance(target)) { try { secClass = PVPtoSTORKMapper.getInstance().mapToSecClass( @@ -509,8 +531,8 @@ public class AuthenticationManager extends MOAIDAuthConstants { authnClassRef.setAuthnContextClassRef("http://www.ref.gv.at/ns/names/agiz/pvp/secclass/0-3"); } else { - if (storkRequst != null && - target.getClass().isInstance(storkRequst)) { + if (storkRequstTemplate != null && + storkRequstTemplate.isInstance(target)) { //use requested QAA level from STORK request try { authnClassRef.setAuthnContextClassRef( @@ -525,7 +547,8 @@ public class AuthenticationManager extends MOAIDAuthConstants { } - if (MiscUtil.isEmpty(authnClassRef.getAuthnContextClassRef())) + if (MiscUtil.isEmpty(authnClassRef.getAuthnContextClassRef())) + //TODO: switch to eIDAS QAA-levels authnClassRef.setAuthnContextClassRef("http://www.stork.gov.eu/1.0/citizenQAALevel/4"); } @@ -692,7 +715,9 @@ public class AuthenticationManager extends MOAIDAuthConstants { //Build authentication form - String publicURLPreFix = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix(); + String publicURLPreFix = target.getAuthURL(); + if (publicURLPreFix.endsWith("/")) + publicURLPreFix = publicURLPreFix.substring(0, publicURLPreFix.length() - 1); String loginForm = LoginFormBuilder.buildLoginForm(target.requestedModule(), target.requestedAction(), oaParam, publicURLPreFix, moasession.getSessionID()); @@ -714,6 +739,17 @@ public class AuthenticationManager extends MOAIDAuthConstants { out.flush(); } } catch (ProcessExecutionException e) { + Throwable cause = e.getCause(); + if (cause != null && cause instanceof TaskExecutionException) { + Throwable taskCause = cause.getCause(); + if (taskCause != null && taskCause instanceof MOAIDException) { + MOAIDException moaTaskCause = (MOAIDException) taskCause; + Logger.warn(taskCause); + throw moaTaskCause; + + } + } + throw new MOAIDException("process.01", new Object[] { moasession.getProcessInstanceId(), moasession }, e); } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/IRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/IRequest.java index 6f43b3ee7..4ae271bbc 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/IRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/IRequest.java @@ -49,5 +49,13 @@ public interface IRequest { public List<Attribute> getRequestedAttributes(); public IOAAuthParameters getOnlineApplicationConfiguration(); + /** + * get the IDP URL PreFix, which was used for authentication request + * + * @return IDP URL PreFix <String>. The URL prefix always ends without / + */ + public String getAuthURL(); + public String getAuthURLWithOutSlash(); + //public void setTarget(); } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestImpl.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestImpl.java index 26fb7bd29..cdaade1bb 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestImpl.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestImpl.java @@ -23,15 +23,24 @@ package at.gv.egovernment.moa.id.moduls; import java.io.Serializable; +import java.net.MalformedURLException; +import java.net.URL; import java.util.List; +import javax.servlet.http.HttpServletRequest; + import org.opensaml.saml2.core.Attribute; +import at.gv.egovernment.moa.id.config.ConfigurationException; +import at.gv.egovernment.moa.id.config.auth.AuthConfiguration; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; import at.gv.egovernment.moa.id.protocols.pvp2x.messages.MOAResponse; +import at.gv.egovernment.moa.id.util.HTTPUtils; +import at.gv.egovernment.moa.logging.Logger; public abstract class RequestImpl implements IRequest, Serializable{ - + private static final long serialVersionUID = 1L; private String oaURL; @@ -44,12 +53,79 @@ public abstract class RequestImpl implements IRequest, Serializable{ private String requestID; private String sessionIdentifier; private IOAAuthParameters OAConfiguration = null; + private String authURL = null; //MOA-ID interfederation private String requestedIDP = null; private MOAResponse response = null; /** + * @throws ConfigurationException + * + */ + public RequestImpl(HttpServletRequest req) throws ConfigurationException { + String authURLString = HTTPUtils.extractAuthURLFromRequest(req); + URL authURL; + try { + authURL = new URL(authURLString); + + } catch (MalformedURLException e) { + Logger.error("IDP AuthenticationServiceURL Prefix is not a valid URL." + authURLString, e); + throw new ConfigurationException("1299", null, e); + + } + + AuthConfiguration config = AuthConfigurationProviderFactory.getInstance(); + List<String> configuredPublicURLPrefix = config.getPublicURLPrefix(); + + if (!config.isVirtualIDPsEnabled()) { + Logger.trace("Virtual IDPs are disabled. Use default IDP PublicURLPrefix from configuration: " + configuredPublicURLPrefix.get(0)); + this.authURL = configuredPublicURLPrefix.get(0); + + } else { + Logger.debug("Extract AuthenticationServiceURL: " + authURLString); + URL resultURL = null; + + for (String el : configuredPublicURLPrefix) { + try { + URL configuredURL = new URL(el); + + //get Ports from URL + int configPort = configuredURL.getPort(); + if (configPort == -1) + configPort = configuredURL.getDefaultPort(); + + int authURLPort = authURL.getPort(); + if (authURLPort == -1) + authURLPort = authURL.getDefaultPort(); + + //check AuthURL against ConfigurationURL + if (configuredURL.getHost().equals(authURL.getHost()) && + configPort == authURLPort && + configuredURL.getPath().equals(authURL.getPath())) { + Logger.debug("Select configurated PublicURLPrefix: " + configuredURL + + " for authURL: " + authURLString); + resultURL = configuredURL; + } + + } catch (MalformedURLException e) { + Logger.error("Configurated IDP PublicURLPrefix is not a valid URL." + el); + + } + } + + if (resultURL == null) { + Logger.warn("Extract AuthenticationServiceURL: " + authURL + " is NOT found in configuration."); + throw new ConfigurationException("config.25", new Object[]{authURLString}); + + } else { + this.authURL = resultURL.toExternalForm(); + + } + } + } + + /** * This method map the protocol specific requested attributes to PVP 2.1 attributes. * * @return List of PVP 2.1 attributes with maps all protocol specific attributes @@ -169,4 +245,27 @@ public abstract class RequestImpl implements IRequest, Serializable{ this.OAConfiguration = oaConfig; } + + /** + * @return the authURL + */ + public String getAuthURL() { + return authURL; + } + + public String getAuthURLWithOutSlash() { + if (authURL.endsWith("/")) + return authURL.substring(0, authURL.length()-1); + else + return authURL; + + } + +// /** +// * @param authURL the authURL to set +// */ +// public void setAuthURL(String authURL) { +// this.authURL = authURL; +// } + } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AttributQueryAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AttributQueryAction.java index 9f8b6610f..9327cabd7 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AttributQueryAction.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AttributQueryAction.java @@ -102,10 +102,10 @@ public class AttributQueryAction implements IAction { List<String> attrList = addDefaultAttributes(attrQuery, authData); //build PVP 2.1 assertion - Assertion assertion = PVP2AssertionBuilder.buildAssertion(attrQuery, attrList, authData, date, authData.getSessionIndex()); + Assertion assertion = PVP2AssertionBuilder.buildAssertion(req.getAuthURL(), attrQuery, attrList, authData, date, authData.getSessionIndex()); //build PVP 2.1 response - Response authResponse = AuthResponseBuilder.buildResponse(attrQuery, date, assertion); + Response authResponse = AuthResponseBuilder.buildResponse(req.getAuthURL(), attrQuery, date, assertion); try { SoapBinding decoder = new SoapBinding(); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java index 1b187d82e..50f91df44 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java @@ -110,7 +110,7 @@ public class MetadataAction implements IAction { // .setEntityID(PVPConfiguration.getInstance().getIDPSSOMetadataService()); idpEntityDescriptor - .setEntityID(PVPConfiguration.getInstance().getIDPPublicPath()); + .setEntityID(req.getAuthURLWithOutSlash()); idpEntityDescriptor.setValidUntil(date.plusDays(VALIDUNTIL_IN_HOURS)); @@ -139,10 +139,10 @@ public class MetadataAction implements IAction { idpEntitiesDescriptor.setSignature(signature); //set IDP metadata - idpEntityDescriptor.getRoleDescriptors().add(generateIDPMetadata(keyInfoGenerator)); + idpEntityDescriptor.getRoleDescriptors().add(generateIDPMetadata(req, keyInfoGenerator)); //set SP metadata for interfederation - idpEntityDescriptor.getRoleDescriptors().add(generateSPMetadata(keyInfoGenerator)); + idpEntityDescriptor.getRoleDescriptors().add(generateSPMetadata(req, keyInfoGenerator)); DocumentBuilder builder; DocumentBuilderFactory factory = DocumentBuilderFactory @@ -190,7 +190,7 @@ public class MetadataAction implements IAction { return (PVP2XProtocol.METADATA); } - private RoleDescriptor generateSPMetadata(KeyInfoGenerator keyInfoGenerator) throws CredentialsNotAvailableException, SecurityException, ConfigurationException { + private RoleDescriptor generateSPMetadata(IRequest req, KeyInfoGenerator keyInfoGenerator) throws CredentialsNotAvailableException, SecurityException, ConfigurationException { Logger.debug("Set SP Metadata key information"); @@ -248,7 +248,7 @@ public class MetadataAction implements IAction { postassertionConsumerService.setIndex(0); postassertionConsumerService.setBinding(SAMLConstants.SAML2_POST_BINDING_URI); postassertionConsumerService.setLocation(PVPConfiguration - .getInstance().getSPSSOPostService()); + .getInstance().getSPSSOPostService(req.getAuthURL())); postassertionConsumerService.setIsDefault(true); spSSODescriptor.getAssertionConsumerServices().add(postassertionConsumerService); @@ -257,7 +257,7 @@ public class MetadataAction implements IAction { redirectassertionConsumerService.setIndex(1); redirectassertionConsumerService.setBinding(SAMLConstants.SAML2_REDIRECT_BINDING_URI); redirectassertionConsumerService.setLocation(PVPConfiguration - .getInstance().getSPSSORedirectService()); + .getInstance().getSPSSORedirectService(req.getAuthURL())); spSSODescriptor.getAssertionConsumerServices().add(redirectassertionConsumerService); @@ -273,7 +273,7 @@ public class MetadataAction implements IAction { SingleLogoutService redirectSLOService = SAML2Utils.createSAMLObject(SingleLogoutService.class); redirectSLOService.setLocation(PVPConfiguration - .getInstance().getSPSSORedirectService()); + .getInstance().getSPSSORedirectService(req.getAuthURL())); redirectSLOService .setBinding(SAMLConstants.SAML2_REDIRECT_BINDING_URI); spSSODescriptor.getSingleLogoutServices().add(redirectSLOService); @@ -293,7 +293,7 @@ public class MetadataAction implements IAction { return spSSODescriptor; } - private IDPSSODescriptor generateIDPMetadata(KeyInfoGenerator keyInfoGenerator) throws ConfigurationException, CredentialsNotAvailableException, SecurityException { + private IDPSSODescriptor generateIDPMetadata(IRequest req, KeyInfoGenerator keyInfoGenerator) throws ConfigurationException, CredentialsNotAvailableException, SecurityException { // //set SignatureMethode @@ -325,12 +325,12 @@ public class MetadataAction implements IAction { idpSSODescriptor.setWantAuthnRequestsSigned(true); - if (PVPConfiguration.getInstance().getIDPSSOPostService() != null) { + if (PVPConfiguration.getInstance().getIDPSSOPostService(req.getAuthURL()) != null) { //add SSO descriptor SingleSignOnService postSingleSignOnService = SAML2Utils .createSAMLObject(SingleSignOnService.class); postSingleSignOnService.setLocation(PVPConfiguration - .getInstance().getIDPSSOPostService()); + .getInstance().getIDPSSOPostService(req.getAuthURL())); postSingleSignOnService .setBinding(SAMLConstants.SAML2_POST_BINDING_URI); idpSSODescriptor.getSingleSignOnServices().add( @@ -347,12 +347,12 @@ public class MetadataAction implements IAction { } - if (PVPConfiguration.getInstance().getIDPSSORedirectService() != null) { + if (PVPConfiguration.getInstance().getIDPSSORedirectService(req.getAuthURL()) != null) { //add SSO descriptor SingleSignOnService redirectSingleSignOnService = SAML2Utils .createSAMLObject(SingleSignOnService.class); redirectSingleSignOnService.setLocation(PVPConfiguration - .getInstance().getIDPSSORedirectService()); + .getInstance().getIDPSSORedirectService(req.getAuthURL())); redirectSingleSignOnService .setBinding(SAMLConstants.SAML2_REDIRECT_BINDING_URI); idpSSODescriptor.getSingleSignOnServices().add( @@ -362,7 +362,7 @@ public class MetadataAction implements IAction { SingleLogoutService redirectSLOService = SAML2Utils.createSAMLObject(SingleLogoutService.class); redirectSLOService.setLocation(PVPConfiguration - .getInstance().getIDPSSORedirectService()); + .getInstance().getIDPSSORedirectService(req.getAuthURL())); redirectSLOService .setBinding(SAMLConstants.SAML2_REDIRECT_BINDING_URI); idpSSODescriptor.getSingleLogoutServices().add(redirectSLOService); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java index 0c7502003..c0ec086ed 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java @@ -24,6 +24,7 @@ package at.gv.egovernment.moa.id.protocols.pvp2x; import java.io.IOException; import java.util.ArrayList; +import java.util.Arrays; import java.util.HashMap; import java.util.Iterator; import java.util.List; @@ -55,8 +56,6 @@ import org.opensaml.xml.io.MarshallingException; import org.opensaml.xml.security.SecurityException; import org.opensaml.xml.signature.SignableXMLObject; -import java.util.Arrays; - import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants; import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger; import at.gv.egovernment.moa.id.advancedlogging.TransactionIDUtils; @@ -76,12 +75,9 @@ import at.gv.egovernment.moa.id.moduls.RequestStorage; import at.gv.egovernment.moa.id.moduls.SSOManager; import at.gv.egovernment.moa.id.protocols.pvp2x.binding.IDecoder; import at.gv.egovernment.moa.id.protocols.pvp2x.binding.IEncoder; -import at.gv.egovernment.moa.id.protocols.pvp2x.binding.SoapBinding; -import at.gv.egovernment.moa.id.protocols.pvp2x.messages.InboundMessage; -import at.gv.egovernment.moa.id.protocols.pvp2x.messages.MOARequest; -import at.gv.egovernment.moa.id.protocols.pvp2x.messages.MOAResponse; import at.gv.egovernment.moa.id.protocols.pvp2x.binding.PostBinding; import at.gv.egovernment.moa.id.protocols.pvp2x.binding.RedirectBinding; +import at.gv.egovernment.moa.id.protocols.pvp2x.binding.SoapBinding; import at.gv.egovernment.moa.id.protocols.pvp2x.config.PVPConfiguration; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AssertionValidationExeption; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AttributQueryException; @@ -92,12 +88,16 @@ import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.NameIDFormatNotSuppor import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.NoMetadataInformationException; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.PVP2Exception; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.SLOException; +import at.gv.egovernment.moa.id.protocols.pvp2x.messages.InboundMessage; +import at.gv.egovernment.moa.id.protocols.pvp2x.messages.MOARequest; +import at.gv.egovernment.moa.id.protocols.pvp2x.messages.MOAResponse; import at.gv.egovernment.moa.id.protocols.pvp2x.utils.CheckMandateAttributes; import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils; import at.gv.egovernment.moa.id.protocols.pvp2x.validation.AuthnRequestValidator; import at.gv.egovernment.moa.id.protocols.pvp2x.verification.SAMLVerificationEngine; import at.gv.egovernment.moa.id.protocols.pvp2x.verification.TrustEngineFactory; import at.gv.egovernment.moa.id.util.ErrorResponseUtils; +import at.gv.egovernment.moa.id.util.HTTPUtils; import at.gv.egovernment.moa.id.util.ParamValidatorUtils; import at.gv.egovernment.moa.id.util.VelocityLogAdapter; import at.gv.egovernment.moa.logging.Logger; @@ -210,7 +210,7 @@ public class PVP2XProtocol extends MOAIDAuthConstants implements IModulInfo { if(METADATA.equals(action)) { - return new PVPTargetConfiguration(); + return new PVPTargetConfiguration(request); } @@ -231,7 +231,7 @@ public class PVP2XProtocol extends MOAIDAuthConstants implements IModulInfo { SAMLVerificationEngine engine = new SAMLVerificationEngine(); engine.verify(msg, TrustEngineFactory.getSignatureKnownKeysTrustEngine()); msg.setVerified(true); - + } if (msg instanceof MOARequest && @@ -296,6 +296,8 @@ public class PVP2XProtocol extends MOAIDAuthConstants implements IModulInfo { } } catch (PVP2Exception e) { + String samlRequest = request.getParameter("SAMLRequest"); + Logger.warn("Receive INVALID protocol request: " + samlRequest, e); throw e; } catch (SecurityPolicyException e) { @@ -387,7 +389,7 @@ public class PVP2XProtocol extends MOAIDAuthConstants implements IModulInfo { samlResponse.setIssueInstant(new DateTime()); Issuer nissuer = SAML2Utils.createSAMLObject(Issuer.class); - nissuer.setValue(PVPConfiguration.getInstance().getIDPPublicPath()); + nissuer.setValue(pvpRequest.getAuthURLWithOutSlash()); nissuer.setFormat(NameID.ENTITY); samlResponse.setIssuer(nissuer); @@ -460,7 +462,7 @@ public class PVP2XProtocol extends MOAIDAuthConstants implements IModulInfo { HttpServletResponse response, InboundMessage inMsg, String sessionId, String transactionId) throws MOAIDException { - PVPTargetConfiguration config = new PVPTargetConfiguration(); + PVPTargetConfiguration config = new PVPTargetConfiguration(request); MOARequest msg; if (inMsg instanceof MOARequest && @@ -496,13 +498,24 @@ public class PVP2XProtocol extends MOAIDAuthConstants implements IModulInfo { Logger.debug("PreProcess SLO Response from " + resp.getIssuer()); - if (!resp.getDestination().startsWith( - PVPConfiguration.getInstance().getIDPPublicPath())) { + List<String> allowedPublicURLPrefix = + AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix(); + boolean isAllowedDestination = false; + + for (String prefix : allowedPublicURLPrefix) { + if (!resp.getDestination().startsWith( + prefix)) { + isAllowedDestination = true; + break; + } + } + + if (!isAllowedDestination) { Logger.warn("PVP 2.1 single logout response destination does not match to IDP URL"); throw new AssertionValidationExeption("PVP 2.1 single logout response destination does not match to IDP URL", null); } - + //TODO: check if relayState exists inMsg.getRelayState(); @@ -533,7 +546,7 @@ public class PVP2XProtocol extends MOAIDAuthConstants implements IModulInfo { //validate destination String destinaten = attrQuery.getDestination(); - if (!PVPConfiguration.getInstance().getIDPAttributeQueryService().equals(destinaten)) { + if (!PVPConfiguration.getInstance().getIDPAttributeQueryService(HTTPUtils.extractAuthURLFromRequest(request)).equals(destinaten)) { Logger.warn("AttributeQuery destination does not match IDP AttributeQueryService URL"); throw new AttributQueryException("AttributeQuery destination does not match IDP AttributeQueryService URL", null); @@ -558,7 +571,7 @@ public class PVP2XProtocol extends MOAIDAuthConstants implements IModulInfo { } - PVPTargetConfiguration config = new PVPTargetConfiguration(); + PVPTargetConfiguration config = new PVPTargetConfiguration(request); config.setRequest(moaRequest); config.setOAURL(moaRequest.getEntityID()); config.setOnlineApplicationConfiguration(oa); @@ -586,7 +599,7 @@ public class PVP2XProtocol extends MOAIDAuthConstants implements IModulInfo { if(!(samlReq instanceof AuthnRequest)) { throw new MOAIDException("Unsupported request", new Object[] {}); } - + EntityDescriptor metadata = moaRequest.getEntityMetadata(); if(metadata == null) { throw new NoMetadataInformationException(); @@ -607,14 +620,30 @@ public class PVP2XProtocol extends MOAIDAuthConstants implements IModulInfo { } + //parse AssertionConsumerService AssertionConsumerService consumerService = null; if (MiscUtil.isNotEmpty(authnRequest.getAssertionConsumerServiceURL()) && MiscUtil.isNotEmpty(authnRequest.getProtocolBinding())) { - //use AssertionConsumerServiceURL from request - consumerService = SAML2Utils.createSAMLObject(AssertionConsumerService.class); - consumerService.setBinding(authnRequest.getProtocolBinding()); - consumerService.setLocation(authnRequest.getAssertionConsumerServiceURL()); + //use AssertionConsumerServiceURL from request + + //check requested AssertionConsumingService URL against metadata + List<AssertionConsumerService> metadataAssertionServiceList = spSSODescriptor.getAssertionConsumerServices(); + for (AssertionConsumerService service : metadataAssertionServiceList) { + if (authnRequest.getProtocolBinding().equals(service.getBinding()) + && authnRequest.getAssertionConsumerServiceURL().equals(service.getLocation())) { + consumerService = SAML2Utils.createSAMLObject(AssertionConsumerService.class); + consumerService.setBinding(authnRequest.getProtocolBinding()); + consumerService.setLocation(authnRequest.getAssertionConsumerServiceURL()); + Logger.debug("Requested AssertionConsumerServiceURL is valid."); + } + } + + if (consumerService == null) { + throw new InvalidAssertionConsumerServiceException(authnRequest.getAssertionConsumerServiceURL()); + + } + } else { //use AssertionConsumerServiceIndex and select consumerService from metadata @@ -633,9 +662,10 @@ public class PVP2XProtocol extends MOAIDAuthConstants implements IModulInfo { if (consumerService == null) { throw new InvalidAssertionConsumerServiceException(aIdx); - } + } } + //select AttributeConsumingService from request AttributeConsumingService attributeConsumer = null; Integer aIdx = authnRequest.getAttributeConsumingServiceIndex(); @@ -669,7 +699,7 @@ public class PVP2XProtocol extends MOAIDAuthConstants implements IModulInfo { Logger.info("Dispatch PVP2 AuthnRequest: OAURL=" + oaURL + " Binding=" + consumerService.getBinding()); - PVPTargetConfiguration config = new PVPTargetConfiguration(); + PVPTargetConfiguration config = new PVPTargetConfiguration(request); config.setOAURL(oaURL); config.setOnlineApplicationConfiguration(oa); config.setBinding(consumerService.getBinding()); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPTargetConfiguration.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPTargetConfiguration.java index 74b20356e..0b402a0fd 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPTargetConfiguration.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPTargetConfiguration.java @@ -26,6 +26,8 @@ import java.util.HashMap; import java.util.List; import java.util.Map; +import javax.servlet.http.HttpServletRequest; + import org.opensaml.common.xml.SAMLConstants; import org.opensaml.saml2.core.Attribute; import org.opensaml.saml2.core.impl.AuthnRequestImpl; @@ -46,6 +48,16 @@ import at.gv.egovernment.moa.logging.Logger; public class PVPTargetConfiguration extends RequestImpl { + /** + * @param req + * @throws ConfigurationException + */ + public PVPTargetConfiguration(HttpServletRequest req) + throws ConfigurationException { + super(req); + + } + private static final long serialVersionUID = 4889919265919638188L; InboundMessage request; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java index b567798fa..582f5939d 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java @@ -23,42 +23,20 @@ package at.gv.egovernment.moa.id.protocols.pvp2x; import java.io.Serializable; -import java.io.StringWriter; import java.io.UnsupportedEncodingException; -import java.security.NoSuchAlgorithmException; -import java.util.ArrayList; -import java.util.Collection; -import java.util.Iterator; import java.util.List; -import java.util.Map.Entry; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.apache.commons.lang.SerializationUtils; -import org.apache.velocity.Template; -import org.apache.velocity.VelocityContext; -import org.apache.velocity.app.VelocityEngine; import org.hibernate.HibernateException; import org.hibernate.Query; import org.hibernate.Session; import org.hibernate.Transaction; -import org.opensaml.common.SAMLObject; -import org.opensaml.common.binding.BasicSAMLMessageContext; -import org.opensaml.common.xml.SAMLConstants; import org.opensaml.saml2.core.LogoutRequest; import org.opensaml.saml2.core.LogoutResponse; -import org.opensaml.saml2.core.RequestAbstractType; -import org.opensaml.saml2.core.Status; -import org.opensaml.saml2.core.StatusCode; -import org.opensaml.saml2.core.StatusResponseType; import org.opensaml.saml2.metadata.SingleLogoutService; -import org.opensaml.saml2.metadata.impl.SingleLogoutServiceBuilder; -import org.opensaml.ws.message.encoder.MessageEncodingException; -import org.opensaml.ws.soap.common.SOAPException; -import org.opensaml.xml.XMLObject; -import org.opensaml.xml.security.SecurityException; -import org.opensaml.xml.security.x509.X509Credential; import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; @@ -67,35 +45,22 @@ import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.auth.servlet.RedirectServlet; import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils; import at.gv.egovernment.moa.id.commons.db.dao.session.AssertionStore; -import at.gv.egovernment.moa.id.commons.db.dao.session.InterfederationSessionStore; -import at.gv.egovernment.moa.id.commons.db.dao.session.OASessionStore; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.data.SLOInformationContainer; -import at.gv.egovernment.moa.id.data.SLOInformationImpl; import at.gv.egovernment.moa.id.data.SLOInformationInterface; import at.gv.egovernment.moa.id.moduls.AuthenticationManager; import at.gv.egovernment.moa.id.moduls.IAction; import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.id.moduls.SSOManager; -import at.gv.egovernment.moa.id.opemsaml.MOAStringRedirectDeflateEncoder; -import at.gv.egovernment.moa.id.protocols.pvp2x.binding.IEncoder; -import at.gv.egovernment.moa.id.protocols.pvp2x.binding.PostBinding; -import at.gv.egovernment.moa.id.protocols.pvp2x.binding.RedirectBinding; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.SingleLogOutBuilder; -import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.BindingNotSupportedException; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.SLOException; import at.gv.egovernment.moa.id.protocols.pvp2x.messages.MOARequest; import at.gv.egovernment.moa.id.protocols.pvp2x.messages.MOAResponse; -import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialProvider; -import at.gv.egovernment.moa.id.protocols.pvp2x.utils.MOASAMLSOAPClient; import at.gv.egovernment.moa.id.storage.AssertionStorage; import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; import at.gv.egovernment.moa.id.util.Random; -import at.gv.egovernment.moa.id.util.VelocityProvider; import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.MessageProvider; import at.gv.egovernment.moa.util.MiscUtil; import at.gv.egovernment.moa.util.URLEncoder; @@ -134,7 +99,7 @@ public class SingleLogOutAction implements IAction { SSOManager ssomanager = SSOManager.getInstance(); String ssoID = ssomanager.getSSOSessionID(httpReq); if (MiscUtil.isEmpty(ssoID)) { - Logger.warn("Can not find active Session. Single LogOut not possible!"); + Logger.info("Can not find active Session. Single LogOut not possible!"); SingleLogoutService sloService = SingleLogOutBuilder.getResponseSLODescriptor(pvpReq); //LogoutResponse message = SingleLogOutBuilder.buildSLOErrorResponse(sloService, pvpReq, StatusCode.RESPONDER_URI); LogoutResponse message = SingleLogOutBuilder.buildSLOResponseMessage(sloService, pvpReq, null); @@ -148,7 +113,7 @@ public class SingleLogOutAction implements IAction { session = AuthenticationSessionStoreage.getSession(moasession); } catch (MOADatabaseException e) { - Logger.warn("Can not find active Session. Single LogOut not possible!"); + Logger.info("Can not find active Session. Single LogOut not possible!"); SingleLogoutService sloService = SingleLogOutBuilder.getResponseSLODescriptor(pvpReq); //LogoutResponse message = SingleLogOutBuilder.buildSLOErrorResponse(sloService, pvpReq, StatusCode.RESPONDER_URI); LogoutResponse message = SingleLogOutBuilder.buildSLOResponseMessage(sloService, pvpReq, null); @@ -259,7 +224,7 @@ public class SingleLogOutAction implements IAction { } else { //print SLO information directly - redirectURL = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix() + "/idpSingleLogout"; + redirectURL = req.getAuthURL() + "/idpSingleLogout"; String artifact = Random.nextRandom(); @@ -275,7 +240,7 @@ public class SingleLogOutAction implements IAction { } //redirect to Redirect Servlet - String url = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix() + "/RedirectServlet"; + String url = req.getAuthURL() + "/RedirectServlet"; url = addURLParameter(url, RedirectServlet.REDIRCT_PARAM_URL, URLEncoder.encode(redirectURL, "UTF-8")); url = httpResp.encodeRedirectURL(url); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java index 5402e3dce..8a6b09376 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java @@ -32,27 +32,25 @@ import org.opensaml.common.xml.SAMLConstants; import org.opensaml.saml2.binding.decoding.HTTPPostDecoder; import org.opensaml.saml2.binding.encoding.HTTPPostEncoder; import org.opensaml.saml2.core.RequestAbstractType; -import org.opensaml.saml2.core.Response; import org.opensaml.saml2.core.StatusResponseType; import org.opensaml.saml2.metadata.IDPSSODescriptor; import org.opensaml.saml2.metadata.SPSSODescriptor; -import org.opensaml.saml2.metadata.SingleLogoutService; import org.opensaml.saml2.metadata.SingleSignOnService; import org.opensaml.saml2.metadata.impl.SingleSignOnServiceBuilder; import org.opensaml.ws.message.decoder.MessageDecodingException; import org.opensaml.ws.message.encoder.MessageEncodingException; +import org.opensaml.ws.security.SecurityPolicyResolver; +import org.opensaml.ws.security.provider.BasicSecurityPolicy; +import org.opensaml.ws.security.provider.StaticSecurityPolicyResolver; import org.opensaml.ws.transport.http.HttpServletRequestAdapter; import org.opensaml.ws.transport.http.HttpServletResponseAdapter; import org.opensaml.xml.parse.BasicParserPool; import org.opensaml.xml.security.SecurityException; -import org.opensaml.xml.security.credential.Credential; -import org.opensaml.xml.security.x509.KeyStoreX509CredentialAdapter; import org.opensaml.xml.security.x509.X509Credential; import at.gv.egovernment.moa.id.config.ConfigurationException; import at.gv.egovernment.moa.id.protocols.pvp2x.PVP2XProtocol; import at.gv.egovernment.moa.id.protocols.pvp2x.config.PVPConfiguration; -import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.PVP2Exception; import at.gv.egovernment.moa.id.protocols.pvp2x.messages.InboundMessage; import at.gv.egovernment.moa.id.protocols.pvp2x.messages.InboundMessageInterface; import at.gv.egovernment.moa.id.protocols.pvp2x.messages.MOARequest; @@ -60,6 +58,9 @@ import at.gv.egovernment.moa.id.protocols.pvp2x.messages.MOAResponse; import at.gv.egovernment.moa.id.protocols.pvp2x.metadata.MOAMetadataProvider; import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialProvider; import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialsNotAvailableException; +import at.gv.egovernment.moa.id.protocols.pvp2x.validation.MOAPVPSignedRequestPolicyRule; +import at.gv.egovernment.moa.id.protocols.pvp2x.verification.TrustEngineFactory; +import at.gv.egovernment.moa.id.util.HTTPUtils; import at.gv.egovernment.moa.id.util.VelocityProvider; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; @@ -151,11 +152,11 @@ public class PostBinding implements IDecoder, IEncoder { //set metadata descriptor type if (isSPEndPoint) { messageContext.setPeerEntityRole(IDPSSODescriptor.DEFAULT_ELEMENT_NAME); - decode.setURIComparator(new MOAURICompare(PVPConfiguration.getInstance().getSPSSOPostService())); + decode.setURIComparator(new MOAURICompare(PVPConfiguration.getInstance().getSPSSOPostService(HTTPUtils.extractAuthURLFromRequest(req)))); } else { messageContext.setPeerEntityRole(SPSSODescriptor.DEFAULT_ELEMENT_NAME); - decode.setURIComparator(new MOAURICompare(PVPConfiguration.getInstance().getIDPSSOPostService())); + decode.setURIComparator(new MOAURICompare(PVPConfiguration.getInstance().getIDPSSOPostService(HTTPUtils.extractAuthURLFromRequest(req)))); } } catch (ConfigurationException e) { @@ -163,7 +164,16 @@ public class PostBinding implements IDecoder, IEncoder { } messageContext.setMetadataProvider(MOAMetadataProvider.getInstance()); - + + //set security policy context + BasicSecurityPolicy policy = new BasicSecurityPolicy(); + policy.getPolicyRules().add( + new MOAPVPSignedRequestPolicyRule( + TrustEngineFactory.getSignatureKnownKeysTrustEngine(), + messageContext.getPeerEntityRole())); + SecurityPolicyResolver secResolver = new StaticSecurityPolicyResolver(policy); + messageContext.setSecurityPolicyResolver(secResolver); + decode.decode(messageContext); InboundMessage msg = null; @@ -189,8 +199,9 @@ public class PostBinding implements IDecoder, IEncoder { if (MiscUtil.isEmpty(msg.getEntityID())) Logger.info("No Metadata found for OA with EntityID " + messageContext.getInboundMessageIssuer()); } - - msg.setVerified(false); + + + msg.setVerified(true); msg.setRelayState(messageContext.getRelayState()); return msg; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/RedirectBinding.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/RedirectBinding.java index 81863f48f..0a459a9be 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/RedirectBinding.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/RedirectBinding.java @@ -60,6 +60,7 @@ import at.gv.egovernment.moa.id.protocols.pvp2x.metadata.MOAMetadataProvider; import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialProvider; import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialsNotAvailableException; import at.gv.egovernment.moa.id.protocols.pvp2x.verification.TrustEngineFactory; +import at.gv.egovernment.moa.id.util.HTTPUtils; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; @@ -141,11 +142,11 @@ public class RedirectBinding implements IDecoder, IEncoder { //set metadata descriptor type if (isSPEndPoint) { messageContext.setPeerEntityRole(IDPSSODescriptor.DEFAULT_ELEMENT_NAME); - decode.setURIComparator(new MOAURICompare(PVPConfiguration.getInstance().getSPSSORedirectService())); + decode.setURIComparator(new MOAURICompare(PVPConfiguration.getInstance().getSPSSORedirectService(HTTPUtils.extractAuthURLFromRequest(req)))); } else { messageContext.setPeerEntityRole(SPSSODescriptor.DEFAULT_ELEMENT_NAME); - decode.setURIComparator(new MOAURICompare(PVPConfiguration.getInstance().getIDPSSORedirectService())); + decode.setURIComparator(new MOAURICompare(PVPConfiguration.getInstance().getIDPSSORedirectService(HTTPUtils.extractAuthURLFromRequest(req)))); } } catch (ConfigurationException e) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/SoapBinding.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/SoapBinding.java index a2583c706..2ef861e20 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/SoapBinding.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/SoapBinding.java @@ -36,7 +36,6 @@ import org.opensaml.saml2.core.StatusResponseType; import org.opensaml.saml2.metadata.SPSSODescriptor; import org.opensaml.ws.message.decoder.MessageDecodingException; import org.opensaml.ws.message.encoder.MessageEncodingException; -import org.opensaml.ws.soap.client.BasicSOAPMessageContext; import org.opensaml.ws.soap.soap11.Envelope; import org.opensaml.ws.soap.soap11.decoder.http.HTTPSOAP11Decoder; import org.opensaml.ws.transport.http.HttpServletRequestAdapter; @@ -49,7 +48,6 @@ import org.opensaml.xml.signature.SignableXMLObject; import at.gv.egovernment.moa.id.protocols.pvp2x.PVP2XProtocol; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AttributQueryException; -import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.BindingNotSupportedException; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.PVP2Exception; import at.gv.egovernment.moa.id.protocols.pvp2x.messages.InboundMessageInterface; import at.gv.egovernment.moa.id.protocols.pvp2x.messages.MOARequest; @@ -70,9 +68,23 @@ public class SoapBinding implements IDecoder, IEncoder { messageContext .setInboundMessageTransport(new HttpServletRequestAdapter( req)); - //messageContext.setPeerEntityRole(SPSSODescriptor.DEFAULT_ELEMENT_NAME); messageContext.setMetadataProvider(MOAMetadataProvider.getInstance()); - + + //TODO: update in a futher version: + // requires a special SignedSOAPRequestPolicyRole because + // messageContext.getInboundMessage() is not directly signed + + //set security context +// BasicSecurityPolicy policy = new BasicSecurityPolicy(); +// policy.getPolicyRules().add( +// new MOAPVPSignedRequestPolicyRule( +// TrustEngineFactory.getSignatureKnownKeysTrustEngine(), +// SPSSODescriptor.DEFAULT_ELEMENT_NAME)); +// SecurityPolicyResolver resolver = new StaticSecurityPolicyResolver( +// policy); +// messageContext.setSecurityPolicyResolver(resolver); + + //decode message soapDecoder.decode(messageContext); Envelope inboundMessage = (Envelope) messageContext diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/AttributQueryBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/AttributQueryBuilder.java index 91888df5c..ebbafd4e3 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/AttributQueryBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/AttributQueryBuilder.java @@ -127,7 +127,7 @@ public class AttributQueryBuilder { query.setIssueInstant(now); Issuer nissuer = SAML2Utils.createSAMLObject(Issuer.class); - nissuer.setValue(PVPConfiguration.getInstance().getIDPPublicPath()); + nissuer.setValue(PVPConfiguration.getInstance().getIDPPublicPath().get(0)); nissuer.setFormat(NameID.ENTITY); query.setIssuer(nissuer); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/AuthResponseBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/AuthResponseBuilder.java index 4959df16c..24c2626e3 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/AuthResponseBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/AuthResponseBuilder.java @@ -66,13 +66,15 @@ import at.gv.egovernment.moa.logging.Logger; */ public class AuthResponseBuilder { - public static Response buildResponse(RequestAbstractType req, DateTime date, Assertion assertion) throws InvalidAssertionEncryptionException, ConfigurationException { + public static Response buildResponse(String authURL, RequestAbstractType req, DateTime date, Assertion assertion) throws InvalidAssertionEncryptionException, ConfigurationException { Response authResponse = SAML2Utils.createSAMLObject(Response.class); Issuer nissuer = SAML2Utils.createSAMLObject(Issuer.class); //change to entity value from entity name to IDP EntityID (URL) - nissuer.setValue(PVPConfiguration.getInstance().getIDPPublicPath()); + if (authURL.endsWith("/")) + authURL = authURL.substring(0, authURL.length()-1); + nissuer.setValue(authURL); nissuer.setFormat(NameID.ENTITY); authResponse.setIssuer(nissuer); authResponse.setInResponseTo(req.getID()); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/SingleLogOutBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/SingleLogOutBuilder.java index 50f42d928..dbbc21ec9 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/SingleLogOutBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/SingleLogOutBuilder.java @@ -27,8 +27,11 @@ import java.util.List; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import javax.xml.parsers.DocumentBuilder; +import javax.xml.parsers.DocumentBuilderFactory; import org.joda.time.DateTime; +import org.opensaml.Configuration; import org.opensaml.common.SAMLObject; import org.opensaml.common.binding.BasicSAMLMessageContext; import org.opensaml.common.impl.SecureRandomIdentifierGenerator; @@ -43,15 +46,18 @@ import org.opensaml.saml2.core.StatusCode; import org.opensaml.saml2.core.StatusMessage; import org.opensaml.saml2.core.StatusResponseType; import org.opensaml.saml2.metadata.EntityDescriptor; -import org.opensaml.saml2.metadata.IDPSSODescriptor; -import org.opensaml.saml2.metadata.SPSSODescriptor; import org.opensaml.saml2.metadata.SSODescriptor; import org.opensaml.saml2.metadata.SingleLogoutService; import org.opensaml.saml2.metadata.impl.SingleLogoutServiceBuilder; import org.opensaml.saml2.metadata.provider.MetadataProviderException; import org.opensaml.ws.message.encoder.MessageEncodingException; +import org.opensaml.xml.io.Marshaller; import org.opensaml.xml.security.SecurityException; import org.opensaml.xml.security.x509.X509Credential; +import org.opensaml.xml.signature.Signature; +import org.opensaml.xml.signature.SignatureConstants; +import org.opensaml.xml.signature.Signer; +import org.w3c.dom.Document; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; @@ -63,7 +69,6 @@ import at.gv.egovernment.moa.id.protocols.pvp2x.PVPTargetConfiguration; import at.gv.egovernment.moa.id.protocols.pvp2x.binding.IEncoder; import at.gv.egovernment.moa.id.protocols.pvp2x.binding.PostBinding; import at.gv.egovernment.moa.id.protocols.pvp2x.binding.RedirectBinding; -import at.gv.egovernment.moa.id.protocols.pvp2x.config.PVPConfiguration; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.BindingNotSupportedException; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.NOSLOServiceDescriptorException; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.NoMetadataInformationException; @@ -215,8 +220,8 @@ public class SingleLogOutBuilder { } DateTime now = new DateTime(); - Issuer issuer = SAML2Utils.createSAMLObject(Issuer.class); - issuer.setValue(PVPConfiguration.getInstance().getIDPPublicPath()); + Issuer issuer = SAML2Utils.createSAMLObject(Issuer.class); + issuer.setValue(sloInfo.getAuthURL()); issuer.setFormat(NameID.ENTITY); sloReq.setIssuer(issuer); sloReq.setIssueInstant(now); @@ -228,7 +233,35 @@ public class SingleLogOutBuilder { nameID.setFormat(sloInfo.getUserNameIDFormat()); nameID.setValue(sloInfo.getUserNameIdentifier()); sloReq.setNameID(nameID ); - + + //sign message + try { + X509Credential idpSigningCredential = CredentialProvider.getIDPAssertionSigningCredential(); + + Signature signer = SAML2Utils.createSAMLObject(Signature.class); + signer.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256); + signer.setCanonicalizationAlgorithm(SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS); + signer.setSigningCredential(idpSigningCredential); + sloReq.setSignature(signer); + + DocumentBuilder builder; + DocumentBuilderFactory factory = DocumentBuilderFactory + .newInstance(); + + builder = factory.newDocumentBuilder(); + Document document = builder.newDocument(); + Marshaller out = Configuration.getMarshallerFactory() + .getMarshaller(sloReq); + out.marshall(sloReq, document); + + Signer.signObject(signer); + + } catch (Exception e) { + Logger.error("Single LogOut request signing FAILED!", e); + throw new MOAIDException("pvp2.19", null); + + } + return sloReq; } @@ -277,7 +310,7 @@ public class SingleLogOutBuilder { private static LogoutResponse buildBasicResponse(SingleLogoutService sloService, PVPTargetConfiguration spRequest) throws ConfigurationException, MOAIDException { LogoutResponse sloResp = SAML2Utils.createSAMLObject(LogoutResponse.class); Issuer issuer = SAML2Utils.createSAMLObject(Issuer.class); - issuer.setValue(PVPConfiguration.getInstance().getIDPPublicPath()); + issuer.setValue(spRequest.getAuthURLWithOutSlash()); issuer.setFormat(NameID.ENTITY); sloResp.setIssuer(issuer); sloResp.setIssueInstant(new DateTime()); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java index d80ddba25..7c7941b68 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java @@ -90,7 +90,7 @@ import at.gv.egovernment.moa.util.MiscUtil; public class PVP2AssertionBuilder implements PVPConstants { - public static Assertion buildAssertion(AttributeQuery attrQuery, + public static Assertion buildAssertion(String authURL, AttributeQuery attrQuery, List<String> reqAttributes, IAuthData authData, DateTime date, String sessionIndex) throws ConfigurationException { @@ -136,12 +136,12 @@ public class PVP2AssertionBuilder implements PVPConstants { SubjectConfirmationData subjectConfirmationData = null; - return buildGenericAssertion(attrQuery.getIssuer().getValue(), date, + return buildGenericAssertion(authURL, attrQuery.getIssuer().getValue(), date, authnContextClassRef, attrList, subjectNameID, subjectConfirmationData, sessionIndex, new DateTime(authData.getSsoSessionValidTo().getTime())); } - public static Assertion buildAssertion(AuthnRequest authnRequest, + public static Assertion buildAssertion(String authURL, AuthnRequest authnRequest, IAuthData authData, EntityDescriptor peerEntity, DateTime date, AssertionConsumerService assertionConsumerService, SLOInformationImpl sloInformation) throws MOAIDException { @@ -416,10 +416,25 @@ public class PVP2AssertionBuilder implements PVPConstants { sloInformation.setNameIDFormat(subjectNameID.getFormat()); sloInformation.setSessionIndex(sessionIndex); - return buildGenericAssertion(peerEntity.getEntityID(), date, authnContextClassRef, attrList, subjectNameID, subjectConfirmationData, sessionIndex, subjectConfirmationData.getNotOnOrAfter()); + return buildGenericAssertion(authURL, peerEntity.getEntityID(), date, authnContextClassRef, attrList, subjectNameID, subjectConfirmationData, sessionIndex, subjectConfirmationData.getNotOnOrAfter()); } - public static Assertion buildGenericAssertion(String entityID, DateTime date, + /** + * + * @param authURL IDP PublicURL PreFix + * @param entityID Service Provider EntityID + * @param date + * @param authnContextClassRef + * @param attrList + * @param subjectNameID + * @param subjectConfirmationData + * @param sessionIndex + * @param isValidTo + * @return + * @throws ConfigurationException + */ + + public static Assertion buildGenericAssertion(String authURL, String entityID, DateTime date, AuthnContextClassRef authnContextClassRef, List<Attribute> attrList, NameID subjectNameID, SubjectConfirmationData subjectConfirmationData, String sessionIndex, DateTime isValidTo) throws ConfigurationException { @@ -471,7 +486,9 @@ public class PVP2AssertionBuilder implements PVPConstants { Issuer issuer = SAML2Utils.createSAMLObject(Issuer.class); - issuer.setValue(PVPConfiguration.getInstance().getIDPPublicPath()); + if (authURL.endsWith("/")) + authURL = authURL.substring(0, authURL.length()-1); + issuer.setValue(authURL); issuer.setFormat(NameID.ENTITY); assertion.setIssuer(issuer); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/PVPConfiguration.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/PVPConfiguration.java index dc3b787e4..47d7a29b3 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/PVPConfiguration.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/PVPConfiguration.java @@ -121,43 +121,46 @@ public class PVPConfiguration { } } - public String getIDPPublicPath() throws ConfigurationException { - String publicPath = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix(); - if(publicPath != null) { - if(publicPath.endsWith("/")) { - int length = publicPath.length(); - publicPath = publicPath.substring(0, length-1); - } + public List<String> getIDPPublicPath() throws ConfigurationException { + List<String> publicPath = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix(); + List<String> returnvalue = new ArrayList<String>(); + for (String el : publicPath) { + if(el.endsWith("/")) { + int length = el.length(); + returnvalue.add(el.substring(0, length-1)); + + } else + returnvalue.add(el); } - return publicPath; + return returnvalue; } - public String getSPSSOPostService() throws ConfigurationException { - return getIDPPublicPath() + PVP2_SP_POST; + public String getSPSSOPostService(String publicURLPrefix) throws ConfigurationException { + return publicURLPrefix + PVP2_SP_POST; } - public String getSPSSORedirectService() throws ConfigurationException { - return getIDPPublicPath() + PVP2_SP_REDIRECT; + public String getSPSSORedirectService(String publicURLPrefix) throws ConfigurationException { + return publicURLPrefix + PVP2_SP_REDIRECT; } - public String getIDPSSOPostService() throws ConfigurationException { - return getIDPPublicPath() + PVP2_IDP_POST; + public String getIDPSSOPostService(String publicURLPrefix) throws ConfigurationException { + return publicURLPrefix + PVP2_IDP_POST; } - public String getIDPSSORedirectService() throws ConfigurationException { - return getIDPPublicPath() + PVP2_IDP_REDIRECT; + public String getIDPSSORedirectService(String publicURLPrefix) throws ConfigurationException { + return publicURLPrefix + PVP2_IDP_REDIRECT; } - public String getIDPSSOSOAPService() throws ConfigurationException { - return getIDPPublicPath() + PVP2_IDP_SOAP; + public String getIDPSSOSOAPService(String publicURLPrefix) throws ConfigurationException { + return publicURLPrefix + PVP2_IDP_SOAP; } - public String getIDPAttributeQueryService() throws ConfigurationException { - return getIDPPublicPath() + PVP2_IDP_ATTRIBUTEQUERY; + public String getIDPAttributeQueryService(String publicURLPrefix) throws ConfigurationException { + return publicURLPrefix + PVP2_IDP_ATTRIBUTEQUERY; } - public String getIDPSSOMetadataService() throws ConfigurationException { - return getIDPPublicPath() + PVP2_METADATA; + public String getIDPSSOMetadataService(String publicURLPrefix) throws ConfigurationException { + return publicURLPrefix + PVP2_METADATA; } public String getIDPKeyStoreFilename() { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/exceptions/InvalidAssertionConsumerServiceException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/exceptions/InvalidAssertionConsumerServiceException.java index 94a4e8226..392569366 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/exceptions/InvalidAssertionConsumerServiceException.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/exceptions/InvalidAssertionConsumerServiceException.java @@ -34,6 +34,15 @@ public class InvalidAssertionConsumerServiceException extends PVP2Exception { /** * */ + public InvalidAssertionConsumerServiceException(String wrongURL) { + super("pvp2.23", new Object[]{wrongURL}); + this.statusCodeValue = StatusCode.REQUESTER_URI; + + } + + /** + * + */ private static final long serialVersionUID = 7861790149343943091L; } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java index a31258784..059e68865 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java @@ -82,10 +82,10 @@ public class AuthnRequestHandler implements IRequestHandler, PVPConstants { SLOInformationImpl sloInformation = new SLOInformationImpl(); //build Assertion - Assertion assertion = PVP2AssertionBuilder.buildAssertion(authnRequest, authData, + Assertion assertion = PVP2AssertionBuilder.buildAssertion(obj.getAuthURL(), authnRequest, authData, peerEntity, date, consumerService, sloInformation); - Response authResponse = AuthResponseBuilder.buildResponse(authnRequest, date, assertion); + Response authResponse = AuthResponseBuilder.buildResponse(obj.getAuthURL(), authnRequest, date, assertion); IEncoder binding = null; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/CredentialProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/CredentialProvider.java index fe287a433..d76e6c2f1 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/CredentialProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/CredentialProvider.java @@ -59,6 +59,12 @@ public class CredentialProvider { .getIDPKeyPasswordMetadata().toCharArray()); credentials.setUsageType(UsageType.SIGNING); + if (credentials.getPrivateKey() == null && credentials.getSecretKey() == null) { + Logger.error("IDP Metadata Signing credentials is not found or contains no PrivateKey."); + throw new CredentialsNotAvailableException("IDP Assertion Signing credentials (Alias: " + + config.getIDPKeyAliasMetadata() + ") is not found or contains no PrivateKey.", null); + + } return credentials; } catch (Exception e) { Logger.error("Failed to generate IDP Metadata Signing credentials"); @@ -80,6 +86,13 @@ public class CredentialProvider { .getIDPKeyPasswordAssertionSign().toCharArray()); credentials.setUsageType(UsageType.SIGNING); + if (credentials.getPrivateKey() == null && credentials.getSecretKey() == null) { + Logger.error("IDP Assertion Signing credentials is not found or contains no PrivateKey."); + throw new CredentialsNotAvailableException("IDP Assertion Signing credentials (Alias: " + + config.getIDPKeyAliasAssertionSign() + ") is not found or contains no PrivateKey.", null); + + } + return (X509Credential) credentials; } catch (Exception e) { Logger.error("Failed to generate IDP Assertion Signing credentials"); @@ -105,6 +118,14 @@ public class CredentialProvider { .getIDPKeyPasswordAssertionEncryption().toCharArray()); credentials.setUsageType(UsageType.ENCRYPTION); + + if (credentials.getPrivateKey() == null && credentials.getSecretKey() == null) { + Logger.error("IDP Assertion Encryption credentials is not found or contains no PrivateKey."); + throw new CredentialsNotAvailableException("IDP Assertion Encryption credentials (Alias: " + + config.getIDPKeyAliasAssertionEncryption() + ") is not found or contains no PrivateKey.", null); + + } + return (X509Credential) credentials; } catch (Exception e) { Logger.error("Failed to generate IDP Assertion Encryption credentials"); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/MOASAMLSOAPClient.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/MOASAMLSOAPClient.java index 4d12c38da..75ef7e5a1 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/MOASAMLSOAPClient.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/MOASAMLSOAPClient.java @@ -57,6 +57,15 @@ public class MOASAMLSOAPClient { BasicSOAPMessageContext soapContext = new BasicSOAPMessageContext(); soapContext.setOutboundMessage(soapRequest); + + //set security policy context +// BasicSecurityPolicy policy = new BasicSecurityPolicy(); +// policy.getPolicyRules().add( +// new MOAPVPSignedRequestPolicyRule( +// TrustEngineFactory.getSignatureKnownKeysTrustEngine(), +// SPSSODescriptor.DEFAULT_ELEMENT_NAME)); +// SecurityPolicyResolver secResolver = new StaticSecurityPolicyResolver(policy); +// soapContext.setSecurityPolicyResolver(secResolver); HttpClientBuilder clientBuilder = new HttpClientBuilder(); if (destination.startsWith("https")) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/validation/AbstractRequestSignedSecurityPolicyRule.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/validation/AbstractRequestSignedSecurityPolicyRule.java new file mode 100644 index 000000000..f62410656 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/validation/AbstractRequestSignedSecurityPolicyRule.java @@ -0,0 +1,187 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.protocols.pvp2x.validation; + +import javax.xml.namespace.QName; +import javax.xml.transform.dom.DOMSource; +import javax.xml.validation.Schema; +import javax.xml.validation.Validator; + +import org.opensaml.common.SignableSAMLObject; +import org.opensaml.common.xml.SAMLConstants; +import org.opensaml.common.xml.SAMLSchemaBuilder; +import org.opensaml.security.MetadataCriteria; +import org.opensaml.security.SAMLSignatureProfileValidator; +import org.opensaml.ws.message.MessageContext; +import org.opensaml.ws.security.SecurityPolicyException; +import org.opensaml.ws.security.SecurityPolicyRule; +import org.opensaml.xml.XMLObject; +import org.opensaml.xml.security.CriteriaSet; +import org.opensaml.xml.security.credential.UsageType; +import org.opensaml.xml.security.criteria.EntityIDCriteria; +import org.opensaml.xml.security.criteria.UsageCriteria; +import org.opensaml.xml.signature.SignatureTrustEngine; +import org.opensaml.xml.validation.ValidationException; +import org.w3c.dom.Element; +import org.xml.sax.SAXException; + +import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.SchemaValidationException; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.MiscUtil; + +/** + * @author tlenz + * + */ +public abstract class AbstractRequestSignedSecurityPolicyRule implements SecurityPolicyRule { + + private SignatureTrustEngine trustEngine = null; + private QName peerEntityRole = null; + /** + * @param peerEntityRole + * + */ + public AbstractRequestSignedSecurityPolicyRule(SignatureTrustEngine trustEngine, QName peerEntityRole) { + this.trustEngine = trustEngine; + this.peerEntityRole = peerEntityRole; + + } + + + /** + * Reload the PVP metadata for a given entity + * + * @param entityID for which the metadata should be refreshed. + * @return true if the refresh was successful, otherwise false + */ + protected abstract boolean refreshMetadataProvider(String entityID); + + + protected abstract SignableSAMLObject getSignedSAMLObject(XMLObject inboundData); + + /* (non-Javadoc) + * @see org.opensaml.ws.security.SecurityPolicyRule#evaluate(org.opensaml.ws.message.MessageContext) + */ + @Override + public void evaluate(MessageContext context) throws SecurityPolicyException { + try { + verifySignature(context); + + } catch (SecurityPolicyException e) { + if (MiscUtil.isEmpty(context.getInboundMessageIssuer())) { + throw e; + + } + Logger.debug("PVP2X message validation FAILED. Reload metadata for entityID: " + context.getInboundMessageIssuer()); + if (!refreshMetadataProvider(context.getInboundMessageIssuer())) + throw e; + + else { + Logger.trace("PVP2X metadata reload finished. Check validate message again."); + verifySignature(context); + + } + Logger.trace("Second PVP2X message validation finished"); + + } + + + } + + private void verifySignature(MessageContext context) throws SecurityPolicyException { + SignableSAMLObject samlObj = getSignedSAMLObject(context.getInboundMessage()); + if (samlObj != null && samlObj.getSignature() != null) { + + SAMLSignatureProfileValidator profileValidator = new SAMLSignatureProfileValidator(); + try { + profileValidator.validate(samlObj.getSignature()); + performSchemaValidation(samlObj.getDOM()); + + } catch (ValidationException e) { + Logger.warn("Signature is not conform to SAML signature profile", e); + throw new SecurityPolicyException("Signature is not conform to SAML signature profile"); + + } catch (SchemaValidationException e) { + Logger.warn("Signature is not conform to SAML signature profile", e); + throw new SecurityPolicyException("Signature is not conform to SAML signature profile"); + + } + + + + CriteriaSet criteriaSet = new CriteriaSet(); + criteriaSet.add( new EntityIDCriteria(context.getInboundMessageIssuer()) ); + criteriaSet.add( new MetadataCriteria(peerEntityRole, SAMLConstants.SAML20P_NS) ); + criteriaSet.add( new UsageCriteria(UsageType.SIGNING) ); + + try { + if (!trustEngine.validate(samlObj.getSignature(), criteriaSet)) { + throw new SecurityPolicyException("Signature validation FAILED."); + + } + Logger.debug("PVP AuthnRequest signature valid."); + + } catch (org.opensaml.xml.security.SecurityException e) { + Logger.info("PVP2x message signature validation FAILED. Message:" + e.getMessage()); + throw new SecurityPolicyException("Signature validation FAILED."); + + } + + } else { + throw new SecurityPolicyException("Request is not signed."); + + } + + } + + private void performSchemaValidation(Element source) throws SchemaValidationException { + + String err = null; + try { + Schema test = SAMLSchemaBuilder.getSAML11Schema(); + Validator val = test.newValidator(); + val.validate(new DOMSource(source)); + Logger.debug("Schema validation check done OK"); + return; + + } catch (SAXException e) { + err = e.getMessage(); + if (Logger.isDebugEnabled() || Logger.isTraceEnabled()) + Logger.warn("Schema validation FAILED with exception:", e); + else + Logger.warn("Schema validation FAILED with message: "+ e.getMessage()); + + } catch (Exception e) { + err = e.getMessage(); + if (Logger.isDebugEnabled() || Logger.isTraceEnabled()) + Logger.warn("Schema validation FAILED with exception:", e); + else + Logger.warn("Schema validation FAILED with message: "+ e.getMessage()); + + } + + throw new SchemaValidationException("pvp2.22", new Object[]{err}); + + } + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/validation/MOAPVPSignedRequestPolicyRule.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/validation/MOAPVPSignedRequestPolicyRule.java new file mode 100644 index 000000000..932f3b818 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/validation/MOAPVPSignedRequestPolicyRule.java @@ -0,0 +1,70 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.protocols.pvp2x.validation; + +import javax.xml.namespace.QName; + +import org.opensaml.common.SignableSAMLObject; +import org.opensaml.xml.XMLObject; +import org.opensaml.xml.signature.SignatureTrustEngine; + +import at.gv.egovernment.moa.id.protocols.pvp2x.metadata.MOAMetadataProvider; + +/** + * @author tlenz + * + */ +public class MOAPVPSignedRequestPolicyRule extends + AbstractRequestSignedSecurityPolicyRule { + + /** + * @param trustEngine + * @param peerEntityRole + */ + public MOAPVPSignedRequestPolicyRule(SignatureTrustEngine trustEngine, + QName peerEntityRole) { + super(trustEngine, peerEntityRole); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.validation.AbstractRequestSignedSecurityPolicyRule#refreshMetadataProvider(java.lang.String) + */ + @Override + protected boolean refreshMetadataProvider(String entityID) { + return MOAMetadataProvider.getInstance().refreshMetadataProvider(entityID); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.validation.AbstractRequestSignedSecurityPolicyRule#getSignedSAMLObject(org.opensaml.xml.XMLObject) + */ + @Override + protected SignableSAMLObject getSignedSAMLObject(XMLObject inboundData) { + if (inboundData instanceof SignableSAMLObject) + return (SignableSAMLObject) inboundData; + + else + return null; + } + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerificationEngine.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerificationEngine.java index 70b778c49..812e27a36 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerificationEngine.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerificationEngine.java @@ -25,6 +25,7 @@ package at.gv.egovernment.moa.id.protocols.pvp2x.verification; import java.util.ArrayList; import java.util.List; +import javax.xml.namespace.QName; import javax.xml.transform.dom.DOMSource; import javax.xml.validation.Schema; import javax.xml.validation.Validator; @@ -61,7 +62,7 @@ import org.xml.sax.SAXException; import at.gv.egovernment.moa.id.auth.exception.InvalidProtocolRequestException; import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.protocols.pvp2x.config.PVPConfiguration; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AssertionValidationExeption; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.SchemaValidationException; import at.gv.egovernment.moa.id.protocols.pvp2x.messages.InboundMessage; @@ -74,7 +75,6 @@ import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; public class SAMLVerificationEngine { - public void verify(InboundMessage msg, SignatureTrustEngine sigTrustEngine ) throws org.opensaml.xml.security.SecurityException, Exception { try { @@ -83,7 +83,7 @@ public class SAMLVerificationEngine { verifyRequest(((RequestAbstractType)((MOARequest)msg).getSamlRequest()), sigTrustEngine); else - verifyResponse(((MOAResponse)msg).getResponse(), sigTrustEngine); + verifyIDPResponse(((MOAResponse)msg).getResponse(), sigTrustEngine); } catch (InvalidProtocolRequestException e) { if (MiscUtil.isEmpty(msg.getEntityID())) { @@ -102,15 +102,24 @@ public class SAMLVerificationEngine { verifyRequest(((RequestAbstractType)((MOARequest)msg).getSamlRequest()), sigTrustEngine); else - verifyResponse(((MOAResponse)msg).getResponse(), sigTrustEngine); + verifyIDPResponse(((MOAResponse)msg).getResponse(), sigTrustEngine); } Logger.trace("Second PVP2X message validation finished"); } } + public void verifyIDPResponse(StatusResponseType samlObj, SignatureTrustEngine sigTrustEngine) throws InvalidProtocolRequestException{ + verifyResponse(samlObj, sigTrustEngine, IDPSSODescriptor.DEFAULT_ELEMENT_NAME); + + } - public void verifyResponse(StatusResponseType samlObj, SignatureTrustEngine sigTrustEngine ) throws InvalidProtocolRequestException{ + public void verifySLOResponse(StatusResponseType samlObj, SignatureTrustEngine sigTrustEngine ) throws InvalidProtocolRequestException { + verifyResponse(samlObj, sigTrustEngine, SPSSODescriptor.DEFAULT_ELEMENT_NAME); + + } + + private void verifyResponse(StatusResponseType samlObj, SignatureTrustEngine sigTrustEngine, QName defaultElementName) throws InvalidProtocolRequestException{ SAMLSignatureProfileValidator profileValidator = new SAMLSignatureProfileValidator(); try { profileValidator.validate(samlObj.getSignature()); @@ -127,7 +136,7 @@ public class SAMLVerificationEngine { CriteriaSet criteriaSet = new CriteriaSet(); criteriaSet.add( new EntityIDCriteria(samlObj.getIssuer().getValue()) ); - criteriaSet.add( new MetadataCriteria(IDPSSODescriptor.DEFAULT_ELEMENT_NAME, SAMLConstants.SAML20P_NS) ); + criteriaSet.add( new MetadataCriteria(defaultElementName, SAMLConstants.SAML20P_NS) ); criteriaSet.add( new UsageCriteria(UsageType.SIGNING) ); try { @@ -175,10 +184,20 @@ public class SAMLVerificationEngine { if (samlResp.getStatus().getStatusCode().getValue().equals(StatusCode.SUCCESS_URI)) { List<org.opensaml.saml2.core.Assertion> saml2assertions = new ArrayList<org.opensaml.saml2.core.Assertion>(); - if (validateDestination && !samlResp.getDestination().startsWith( - PVPConfiguration.getInstance().getIDPPublicPath())) { + List<String> allowedPublicURLPrefix = + AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix(); + boolean isValidDestination = false; + for (String allowedPreFix : allowedPublicURLPrefix) { + if (validateDestination && samlResp.getDestination().startsWith( + allowedPreFix)) { + isValidDestination = true; + break; + + } + } + if (!isValidDestination) { Logger.warn("PVP 2.1 assertion destination does not match to IDP URL"); - throw new AssertionValidationExeption("PVP 2.1 assertion destination does not match to IDP URL", null); + throw new AssertionValidationExeption("PVP 2.1 assertion destination does not match to IDP URL", null); } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AssertionStorage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AssertionStorage.java index 704adc80d..3b97f3b08 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AssertionStorage.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AssertionStorage.java @@ -145,22 +145,22 @@ public class AssertionStorage { query.setTimestamp("timeout", expioredate); results = query.list(); session.getTransaction().commit(); - } - - if (results.size() != 0) { - for(AssertionStore result : results) { - try { - cleanDelete(result); - Logger.info("Remove stored information with ID: " + result.getArtifact() - + " after timeout."); - } catch (HibernateException e){ - Logger.warn("Sessioninformation with ID=" + result.getArtifact() - + " not removed after timeout! (Error during Database communication)", e); - } - - } - } + if (results.size() != 0) { + for(AssertionStore result : results) { + try { + cleanDelete(result); + Logger.info("Remove stored information with ID: " + result.getArtifact() + + " after timeout."); + + } catch (HibernateException e){ + Logger.warn("Sessioninformation with ID=" + result.getArtifact() + + " not removed after timeout! (Error during Database communication)", e); + } + + } + } + } } public void remove(String artifact) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java index 829383cb4..9dee39fe8 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java @@ -377,7 +377,7 @@ public class AuthenticationSessionStoreage { } public static void addSSOInformation(String moaSessionID, String SSOSessionID, - SLOInformationInterface SLOInfo, String OAUrl) throws AuthenticationException { + SLOInformationInterface SLOInfo, IRequest protocolRequest) throws AuthenticationException { AuthenticatedSessionStore dbsession; Transaction tx = null; @@ -412,7 +412,7 @@ public class AuthenticationSessionStoreage { //check if OA already has an active OA session if (dbsession.getActiveOAsessions() != null) { for (OASessionStore el : dbsession.getActiveOAsessions()) { - if (el.getOaurlprefix().equals(OAUrl)) + if (el.getOaurlprefix().equals(protocolRequest.getOAURL())) activeOA = el; } } @@ -421,7 +421,7 @@ public class AuthenticationSessionStoreage { activeOA = new OASessionStore(); //set active OA applications - activeOA.setOaurlprefix(OAUrl); + activeOA.setOaurlprefix(protocolRequest.getOAURL()); activeOA.setMoasession(dbsession); activeOA.setCreated(new Date()); @@ -432,6 +432,7 @@ public class AuthenticationSessionStoreage { activeOA.setUserNameIDFormat(SLOInfo.getUserNameIDFormat()); activeOA.setProtocolType(SLOInfo.getProtocolType()); activeOA.setAttributeQueryUsed(false); + activeOA.setAuthURL(protocolRequest.getAuthURL()); } @@ -463,10 +464,10 @@ public class AuthenticationSessionStoreage { tx.commit(); if (SLOInfo != null) - Logger.info("Add SSO-Session login information for OA: " + OAUrl + Logger.info("Add SSO-Session login information for OA: " + protocolRequest.getOAURL() + " and AssertionID: " + SLOInfo.getSessionIndex()); else - Logger.info("Add SSO-Session login information for OA: " + OAUrl); + Logger.info("Add SSO-Session login information for OA: " + protocolRequest.getOAURL()); } @@ -693,19 +694,20 @@ public class AuthenticationSessionStoreage { //send transaction tx.commit(); + + Logger.trace("Found entries: " + result.size()); + + //Assertion requires an unique artifact + if (result.size() != 1) { + Logger.trace("No entries found."); + return false; + + } else { + cleanDelete(result.get(0)); + return true; + } } - Logger.trace("Found entries: " + result.size()); - - //Assertion requires an unique artifact - if (result.size() != 1) { - Logger.trace("No entries found."); - return false; - - } else { - cleanDelete(result.get(0)); - return true; - } } catch (Exception e) { if (tx != null && !tx.wasCommitted()) tx.rollback(); @@ -886,6 +888,7 @@ public class AuthenticationSessionStoreage { idp = new InterfederationSessionStore(); idp.setCreated(now); idp.setIdpurlprefix(req.getInterfederationResponse().getEntityID()); + idp.setAuthURL(req.getAuthURL()); try { OAAuthParameter oa = AuthConfigurationProviderFactory.getInstance(). @@ -1024,21 +1027,22 @@ public class AuthenticationSessionStoreage { query.setTimestamp("timeoutupdate", expioredateupdate); results = query.list(); tx.commit(); - } - - if (results.size() != 0) { - for(AuthenticatedSessionStore result : results) { - try { - cleanDelete(result); - Logger.info("Authenticated session with sessionID=" + result.getSessionid() - + " after session timeout."); - } catch (HibernateException e){ - Logger.warn("Authenticated session with sessionID=" + result.getSessionid() - + " not removed after timeout! (Error during Database communication)", e); - } - } + if (results.size() != 0) { + for(AuthenticatedSessionStore result : results) { + try { + cleanDelete(result); + Logger.info("Authenticated session with sessionID=" + result.getSessionid() + + " after session timeout."); + + } catch (HibernateException e){ + Logger.warn("Authenticated session with sessionID=" + result.getSessionid() + + " not removed after timeout! (Error during Database communication)", e); + } + } + } } + } catch (Exception e) { if (tx != null && !tx.wasCommitted()) tx.rollback(); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBExceptionStoreImpl.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBExceptionStoreImpl.java index 054ad1014..4cddd141b 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBExceptionStoreImpl.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBExceptionStoreImpl.java @@ -126,22 +126,22 @@ public class DBExceptionStoreImpl implements IExceptionStore { query.setTimestamp("timeout", expioredate); results = query.list(); session.getTransaction().commit(); - } - - if (results.size() != 0) { - for(ExceptionStore result : results) { - try { - MOASessionDBUtils.delete(result); - Logger.info("Remove Exception with ID=" + result.getExid() - + " after timeout."); - } catch (HibernateException e){ - Logger.warn("Exception with ID=" + result.getExid() - + " not removed after timeout! (Error during Database communication)", e); - } - - } - } + if (results.size() != 0) { + for(ExceptionStore result : results) { + try { + MOASessionDBUtils.delete(result); + Logger.info("Remove Exception with ID=" + result.getExid() + + " after timeout."); + + } catch (HibernateException e){ + Logger.warn("Exception with ID=" + result.getExid() + + " not removed after timeout! (Error during Database communication)", e); + } + + } + } + } } @SuppressWarnings("rawtypes") diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/HTTPUtils.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/HTTPUtils.java index 1f08d9019..2aceb833c 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/HTTPUtils.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/HTTPUtils.java @@ -156,5 +156,21 @@ public class HTTPUtils { return buffer.toString(); } + + /** + * Extract the IDP PublicURLPrefix from authrequest + * + * @param req HttpServletRequest + * @return PublicURLPrefix <String> which ends always without / + */ + public static String extractAuthURLFromRequest(HttpServletRequest req) { + String authURL = req.getScheme() + "://" + req.getServerName(); + if ((req.getScheme().equalsIgnoreCase("https") && req.getServerPort()!=443) || (req.getScheme().equalsIgnoreCase("http") && req.getServerPort()!=80)) { + authURL = authURL.concat(":" + req.getServerPort()); + } + authURL = authURL.concat(req.getContextPath()); + return authURL; + + } } diff --git a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties index ac5a5be60..cabf1557e 100644 --- a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties +++ b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties @@ -79,6 +79,7 @@ config.21=F\u00FCr diese Online Applikation sind keine Vollmachtsprofile hinterl config.22=F\u00FCr den Interfederation-Gateway mit der ID {0} ist kein Endpunkt zur Weiterleitung konfiguriert.
config.23=Fehler beim initialisieren von OpenSAML
config.24=MOA-ID-Auth Configfile {1} does not start with {0} prefix.
+config.25=Der verwendete IDP PublicURLPrefix {0} ist nicht erlaubt.
parser.00=Leichter Fehler beim Parsen: {0}
parser.01=Fehler beim Parsen: {0}
@@ -265,6 +266,7 @@ pvp2.19=Der Single LogOut Vorgang musste wegen eines unkorregierbaren Fehler abg pvp2.20=F\u00FCr die im Request angegebene EntityID konnten keine g\u00FCltigen Metadaten gefunden werden.
pvp2.21=Die Signature des Requests konnte nicht g\u00FCltig validiert werden.
pvp2.22=Der Request konnte nicht g\u00FCltig validiert werden (Fehler\={0}).
+pvp2.23={0} ist keine gueltige AssertionConsumerServiceURL oder entspricht nicht den Metadaten.
oauth20.01=Fehlerhafte redirect url
oauth20.02=Fehlender oder ung\u00FCltiger Parameter "{0}"
diff --git a/id/server/idserverlib/src/main/resources/resources/properties/protocol_response_statuscodes_de.properties b/id/server/idserverlib/src/main/resources/resources/properties/protocol_response_statuscodes_de.properties index fa332f0c7..abd5d15f3 100644 --- a/id/server/idserverlib/src/main/resources/resources/properties/protocol_response_statuscodes_de.properties +++ b/id/server/idserverlib/src/main/resources/resources/properties/protocol_response_statuscodes_de.properties @@ -58,6 +58,7 @@ config.21=9006 config.22=9008 config.23=9199 config.24=9199 +config.25=9199 parser.00=1101 parser.01=1101 @@ -180,7 +181,11 @@ stork.21=1205 pvp2.01=6100 pvp2.06=6100 +pvp2.10=6100 +pvp2.11=6100 +pvp2.12=6100 pvp2.13=9199 +pvp2.15=6105 pvp2.16=6101 pvp2.17=6102 pvp2.20=6103 diff --git a/id/server/idserverlib/src/main/resources/resources/templates/loginFormFull.html b/id/server/idserverlib/src/main/resources/resources/templates/loginFormFull.html index 123a23837..2b0115d4a 100644 --- a/id/server/idserverlib/src/main/resources/resources/templates/loginFormFull.html +++ b/id/server/idserverlib/src/main/resources/resources/templates/loginFormFull.html @@ -405,7 +405,7 @@ #bkulogin { min-width: 190px; - min-height: 155px; + min-height: 170px; } .setAssertionButton_full { @@ -616,6 +616,12 @@ top: 40px; } + + #ssoSessionTransferBlock { + font-size: 0.8em; + margin-left: 5px; + margin-bottom: 5px; + } </style> <!-- MOA-ID 2.x BKUSelection JavaScript fucnctions--> @@ -740,7 +746,7 @@ } } function onChangeChecks() { - if (top.innerWidth < 650) { + if (self.innerWidth < 650) { document.getElementById("moaidform").setAttribute("target","_parent"); } else { document.getElementById("moaidform").removeAttribute("target"); @@ -834,7 +840,7 @@ <h2 id="tabheader" class="dunkel" role="heading">#HEADER_TEXT#</h2> </div> <div id="bkulogin" class="hell" role="form"> - <div id="mandateLogin" style=""> + <div id="mandateLogin" style="#MANDATEVISIBLE#"> <div> <input tabindex="1" type="checkbox" name="Mandate" id="mandateCheckBox" class="verticalcenter" role="checkbox" @@ -867,19 +873,20 @@ <input type="hidden" name="bkuURI" value="#LOCAL#"> <input type="hidden" name="useMandate" id="useMandate"> <input type="hidden" name="SSO" id="useSSO"> <input - type="hidden" name="CCC" id="ccc"> <input type="hidden" + type="hidden" name="ccc" id="ccc"> <input type="hidden" name="MODUL" value="#MODUL#"> <input type="hidden" name="ACTION" value="#ACTION#"> <input type="hidden" name="MOASessionID" value="#SESSIONID#"> <input type="submit" value=" Lokale Bürgerkartenumgebung " tabindex="4" - role="button" onclick="setMandateSelection();" - > - <!--p> - <small>Alternativ können Sie eine lokal installierte BKU verwenden.</small> - </p--> - </form> + role="button" onclick="setMandateSelection();"> + </form> </div> + <!-- Single Sign-On Session transfer functionality --> + <!--div id="ssoSessionTransferBlock"> + <a href="#AUTH_URL#?MOASessionID=#SESSIONID#&restoreSSOSession=true">>Restore SSO Session from Smartphone</a> + </div--> + <div id="stork" align="center" style="#STORKVISIBLE#"> <h2 id="tabheader" class="dunkel">Home Country Selection</h2> <p> @@ -900,7 +907,7 @@ </div> </div> </div> - <div id="validation"> + <!--div id="validation"> <a href="http://validator.w3.org/check?uri="> <img style="border: 0; width: 88px; height: 31px" src="#CONTEXTPATH#/img/valid-html5-blue.png" alt="HTML5 ist valide!" /> @@ -909,7 +916,7 @@ src="http://jigsaw.w3.org/css-validator/images/vcss-blue" alt="CSS ist valide!" /> </a> - </div> + </div--> </div> </body> </html> diff --git a/id/server/idserverlib/src/main/resources/resources/templates/sendAssertionFormFull.html b/id/server/idserverlib/src/main/resources/resources/templates/sendAssertionFormFull.html index 033a574b9..07d018a94 100644 --- a/id/server/idserverlib/src/main/resources/resources/templates/sendAssertionFormFull.html +++ b/id/server/idserverlib/src/main/resources/resources/templates/sendAssertionFormFull.html @@ -1,554 +1,617 @@ -<!DOCTYPE html> +<!DOCTYPE html> <html> <head> -<meta content="text/html; charset=utf-8" http-equiv="Content-Type"> -<!-- MOA-ID 2.x BKUSelection Layout CSS --> -<style type="text/css"> -@media screen and (min-width: 650px) { - body { - margin: 0; - padding: 0; - color: #000; - background-color: #fff; - text-align: center; - background-color: #6B7B8B; - } - #localBKU p { - font-size: 0.7em; - } - #localBKU input { - font-size: 0.7em; - border-radius: 5px; - } - #bkuselectionarea button { - font-size: 0.85em; - border-radius: 7px; - margin-bottom: 25px; - } - #mandateLogin { - font-size: 0.85em; - } - #bku_header h2 { - font-size: 0.8em; - } - #page { - display: block; - border: 2px solid rgb(0, 0, 0); - width: 650px; - height: 440px; - margin: 0 auto; - margin-top: 5%; - position: relative; - border-radius: 25px; - background: rgb(255, 255, 255); - } - #page1 { - text-align: center; - } - #main { - /* clear:both; */ - position: relative; - margin: 0 auto; - width: 250px; - text-align: center; - } - .OA_header { - /* background-color: white;*/ - font-size: 20pt; - margin-bottom: 25px; - margin-top: 25px; - } - #leftcontent { - width: 300px; - margin-top: 30px; - padding-bottom: 15px; - margin-bottom: 25px; - text-align: left; - border: 1px solid rgb(0, 0, 0); - } - #selectArea { - font-size: 15px; - padding-bottom: 65px; - } - #selectArea h3 { - margin-bottom: 25px; - } - #bku_header { - height: 5%; - padding-bottom: 3px; - padding-top: 3px; - } - #bkulogin { - overflow: hidden; - min-width: 190px; - min-height: 180px; - /*height: 260px;*/ - } - h2#tabheader { - font-size: 1.1em; - padding-left: 2%; - padding-right: 2%; - position: relative; - } - .setAssertionButton_full { - margin-top: 15px; - width: 100px; - height: 30px; - font-size: 1.3em; - min-height: 1.3em; - /* border-radius: 10px;*/ - } - #leftbutton { - width: 30%; - float: left; - margin-left: 40px; - } - #rightbutton { - width: 30%; - float: right; - margin-right: 45px; - text-align: right; - } - button { - height: 25px; - width: 90px; - margin-bottom: 10px; - } - #validation { - position: absolute; - bottom: 0px; - margin-left: 270px; - padding-bottom: 10px; - } -} - -@media screen and (max-width: 205px) { - #localBKU p { - font-size: 0.6em; - } - #localBKU input { - font-size: 0.7em; - min-width: 70px; - min-height: 1.2em; - border-radius: 5px; - } - #bkuselectionarea button,.setAssertionButton_full { - font-size: 0.8em; - min-width: 65px; - min-height: 1.3em; - /* border-radius: 5px; */ - margin-bottom: 2% - } - #mandateLogin { - font-size: 0.65em; - } - #bku_header h2,#selectArea h3 { - font-size: 0.8em; - margin-top: -0.4em; - } -} - -@media screen and (max-width: 249px) and (min-width: 206px) { - #localBKU p { - font-size: 0.7em; - } - #localBKU input { - font-size: 0.85em; - min-width: 80px; - min-height: 0.95em; - border-radius: 6px; - } - #bkuselectionarea button,.setAssertionButton_full { - font-size: 0.85em; - min-width: 70px; - min-height: 0.95em; - /* border-radius: 6px; */ - margin-bottom: 2% - } - #mandateLogin { - font-size: 0.75em; - } - #bku_header h2,#selectArea h3 { - font-size: 0.9em; - margin-top: -0.45em; - } -} - -@media screen and (max-width: 299px) and (min-width: 250px) { - #localBKU p { - font-size: 0.9em; - } - #localBKU input { - font-size: 0.9em; - min-width: 100px; - border-radius: 6px; - } - #bkuselectionarea button,.setAssertionButton_full { - font-size: 1.0em; - min-height: 1.05em; - /* border-radius: 7px; */ - margin-bottom: 5%; - } - #mandateLogin { - font-size: 1em; - } - #bku_header h2,#selectArea h3 { - font-size: 1.0em; - margin-top: -0.50em; - } -} - -@media screen and (max-width: 399px) and (min-width: 300px) { - #localBKU p { - font-size: 0.9em; - } - #localBKU input { - font-size: 0.9em; - min-width: 100px; - border-radius: 6px; - } - #bkuselectionarea button,.setAssertionButton_full { - font-size: 1.1em; - min-height: 1.2em; - /* border-radius: 8px; */ - margin-bottom: 5%; - } - #mandateLogin { - font-size: 1em; - } - #bku_header h2,#selectArea h3 { - font-size: 1.1em; - margin-top: -0.55em; - } -} - -@media screen and (max-width: 649px) and (min-width: 400px) { - #localBKU p { - font-size: 0.9em; - } - #localBKU input { - font-size: 0.9em; - min-width: 100px; - border-radius: 6px; - } - #bkuselectionarea button,.setAssertionButton_full { - font-size: 1.3em; - min-height: 1.3em; - /* border-radius: 10px; */ - margin-bottom: 5%; - } - #mandateLogin { - font-size: 1.2em; - } - #bku_header h2,#selectArea h3 { - font-size: 1.3em; - margin-top: -0.65em; - } -} - -@media screen and (max-width: 649px) { - body { - margin: 0; - padding: 0; - color: #000; - text-align: center; - font-size: 100%; - background-color: #MAIN_BACKGOUNDCOLOR#; - } - #page { - visibility: hidden; - margin-top: 0%; - } - #page1 { - visibility: hidden; - } - #main { - visibility: hidden; - } - #validation { - visibility: hidden; - display: none; - } - .OA_header { - margin-bottom: 0px; - margin-top: 0px; - font-size: 0pt; - visibility: hidden; - } - #leftcontent { - visibility: visible; - margin-bottom: 0px; - text-align: left; - border: none; - min-width: 190px; - /* min-height: 190px; */ - vertical-align: middle; - } - #bku_header { - height: 10%; - min-height: 1.2em; - margin-top: 1%; - } - h2#tabheader { - padding-left: 2%; - padding-right: 2%; - padding-top: 1%; - position: relative; - top: 50%; - } - #bkulogin { - min-width: 190px; - min-height: 150px; - } - .setAssertionButton_full { - margin-top: 15px; - width: 70%; - height: 11%; - min-width: 60px; - min-height: 25px; - } - #selectArea h3 { - margin-top: 2%; - } - button { - height: 11%; - width: 70%; - } -} - -* { - margin: 0; - padding: 0; - /* border: 0; */ - font-family: #FONTTYPE #; -} - -#selectArea { - padding-top: 10px; - padding-bottom: 55px; - padding-left: 10px; -} - -.setAssertionButton { - background: #efefef; - cursor: pointer; - margin-top: 15px; - width: 70px; - height: 25px; -} - -#leftbutton { - width: 35%; - float: left; - margin-left: 15px; -} - -#rightbutton { - width: 35%; - float: right; - margin-right: 25px; - text-align: right; -} - -#stork { - margin-bottom: 10px; - margin-top: 5px; -} - -#mandateLogin { - padding-bottom: 2%; - padding-top: 2%; - height: 10%; - position: relative; - text-align: center; -} - -.verticalcenter { - vertical-align: middle; -} - -#mandateLogin>div { - clear: both; - margin-top: -1%; - position: relative; - top: 50%; -} - -#bkuselectionarea { - position: relative; - display: block; -} - -#localBKU { - padding-left: 5%; - padding-right: 2%; - padding-bottom: 2%; - position: relative; - clear: both; -} - -#bkukarte { - float: left; - text-align: center; - width: 40%; - min-height: 70px; - padding-left: 5%; - padding-top: 2%; -} - -#bkuhandy { - float: right; - text-align: center; - width: 40%; - min-height: 90px; - padding-right: 5%; - padding-top: 2%; -} - -.bkuimage { - width: 90%; - height: auto; -} - -#mandate { - text-align: center; - padding: 5px 5px 5px 5px; -} - -button,.sendButton { - /* background: #BUTTON_BACKGROUNDCOLOR#; + <meta content="text/html; charset=utf-8" http-equiv="Content-Type"> + <!-- MOA-ID 2.x BKUSelection Layout CSS --> + <style type="text/css"> + @media screen and (min-width: 650px) { + + body { + margin:0; + padding:0; + color : #000; + background-color : #fff; + text-align: center; + background-color: #6B7B8B; + } + + #localBKU p { + font-size: 0.7em; + } + + #localBKU input{ + font-size: 0.7em; + border-radius: 5px; + } + + #bkuselectionarea button { + font-size: 0.85em; + border-radius: 7px; + margin-bottom: 25px; + } + + #mandateLogin { + font-size: 0.85em; + } + + #bku_header h2 { + font-size: 0.8em; + } + + + #page { + display: block; + border: 2px solid rgb(0,0,0); + width: 650px; + height: 440px; + margin: 0 auto; + margin-top: 5%; + position: relative; + border-radius: 25px; + background: rgb(255,255,255); + } + + #page1 { + text-align: center; + } + + #main { + /* clear:both; */ + position:relative; + margin: 0 auto; + width: 250px; + text-align: center; + } + + .OA_header { + /* background-color: white;*/ + font-size: 20pt; + margin-bottom: 25px; + margin-top: 25px; + } + + #leftcontent { + width: 300px; + margin-top: 30px; + padding-bottom: 15px; + margin-bottom: 25px; + text-align: left; + border: 1px solid rgb(0,0,0); + } + + #selectArea { + font-size: 15px; + padding-bottom: 65px; + } + + #selectArea h3 { + margin-bottom: 25px; + } + + #bku_header { + height: 5%; + padding-bottom: 3px; + padding-top: 3px; + } + + #bkulogin { + overflow:hidden; + min-width: 190px; + min-height: 180px; + /*height: 260px;*/ + } + + h2#tabheader{ + font-size: 1.1em; + padding-left: 2%; + padding-right: 2%; + position: relative; + } + + .setAssertionButton_full { + margin-top: 15px; + width: 100px; + height: 30px; + font-size: 1.3em; + min-height: 1.3em; +/* border-radius: 10px;*/ + } + + #leftbutton { + width: 30%; + float:left; + margin-left: 40px; + } + + #rightbutton { + width: 30%; + float:right; + margin-right: 45px; + text-align: right; + } + + button { + height: 25px; + width: 90px; + margin-bottom: 10px; + } + + #validation { + position: absolute; + bottom: 0px; + margin-left: 270px; + padding-bottom: 10px; + } + + } + + @media screen and (max-width: 205px) { + #localBKU p { + font-size: 0.6em; + } + + #localBKU input { + font-size: 0.7em; + min-width: 70px; + min-height: 1.2em; + border-radius: 5px; + } + + #bkuselectionarea button, .setAssertionButton_full { + font-size: 0.8em; + min-width: 65px; + min-height: 1.3em; + /* border-radius: 5px; */ + margin-bottom: 2% + } + + #mandateLogin { + font-size: 0.65em; + } + + #bku_header h2, #selectArea h3 { + font-size: 0.8em; + margin-top: -0.4em; + } + } + + @media screen and (max-width: 249px) and (min-width: 206px) { + #localBKU p { + font-size: 0.7em; + } + + #localBKU input { + font-size: 0.85em; + min-width: 80px; + min-height: 0.95em; + border-radius: 6px; + } + + #bkuselectionarea button, .setAssertionButton_full { + font-size: 0.85em; + min-width: 70px; + min-height: 0.95em; + /* border-radius: 6px; */ + margin-bottom: 2% + } + + #mandateLogin { + font-size: 0.75em; + } + + #bku_header h2, #selectArea h3 { + font-size: 0.9em; + margin-top: -0.45em; + } + } + + @media screen and (max-width: 299px) and (min-width: 250px) { + #localBKU p { + font-size: 0.9em; + } + + #localBKU input { + font-size: 0.9em; + min-width: 100px; + border-radius: 6px; + } + + #bkuselectionarea button, .setAssertionButton_full { + font-size: 1.0em; + min-height: 1.05em; + /* border-radius: 7px; */ + margin-bottom: 5%; + } + + #mandateLogin { + font-size: 1em; + } + + #bku_header h2, #selectArea h3 { + font-size: 1.0em; + margin-top: -0.50em; + } + } + + @media screen and (max-width: 399px) and (min-width: 300px) { + #localBKU p { + font-size: 0.9em; + } + + #localBKU input { + font-size: 0.9em; + min-width: 100px; + border-radius: 6px; + } + + #bkuselectionarea button, .setAssertionButton_full { + font-size: 1.1em; + min-height: 1.2em; + /* border-radius: 8px; */ + margin-bottom: 5%; + } + + #mandateLogin { + font-size: 1em; + } + + #bku_header h2, #selectArea h3 { + font-size: 1.1em; + margin-top: -0.55em; + } + } + + @media screen and (max-width: 649px) and (min-width: 400px) { + #localBKU p { + font-size: 0.9em; + } + + #localBKU input { + font-size: 0.9em; + min-width: 100px; + border-radius: 6px; + } + + #bkuselectionarea button, .setAssertionButton_full { + font-size: 1.3em; + min-height: 1.3em; +/* border-radius: 10px; */ + margin-bottom: 5%; + } + + #mandateLogin { + font-size: 1.2em; + } + + #bku_header h2, #selectArea h3 { + font-size: 1.3em; + margin-top: -0.65em; + } + } + + + + @media screen and (max-width: 649px) { + + body { + margin:0; + padding:0; + color : #000; + text-align: center; + font-size: 100%; + background-color: #MAIN_BACKGOUNDCOLOR#; + } + + #page { + visibility: hidden; + margin-top: 0%; + } + + #page1 { + visibility: hidden; + } + + #main { + visibility: hidden; + } + + #validation { + visibility: hidden; + display: none; + } + + .OA_header { + margin-bottom: 0px; + margin-top: 0px; + font-size: 0pt; + visibility: hidden; + } + + #leftcontent { + visibility: visible; + margin-bottom: 0px; + text-align: left; + border:none; + min-width: 190px; +/* min-height: 190px; */ + vertical-align: middle; + + } + + #bku_header { + height: 10%; + min-height: 1.2em; + margin-top: 1%; + } + + h2#tabheader{ + padding-left: 2%; + padding-right: 2%; + padding-top: 1%; + position: relative; + top: 50%; + } + + #bkulogin { + min-width: 190px; + min-height: 150px; + } + + .setAssertionButton_full { + margin-top: 15px; + width: 70%; + height: 11%; + min-width: 60px; + min-height: 25px; + } + + #selectArea h3 { + margin-top: 2%; + } + + button { + height: 11%; + width: 70%; + } + } + + * { + margin: 0; + padding: 0; +/* border: 0; */ + font-family: #FONTTYPE#; + } + + #selectArea { + padding-top: 10px; + padding-bottom: 55px; + padding-left: 10px; + } + + .setAssertionButton { + background: #efefef; + cursor: pointer; + margin-top: 15px; + width: 70px; + height: 25px; + } + + #leftbutton { + width: 35%; + float:left; + margin-left: 15px; + } + + #rightbutton { + width: 35%; + float:right; + margin-right: 25px; + text-align: right; + } + + #stork { + margin-bottom: 10px; + margin-top: 5px; + } + + #mandateLogin { + padding-bottom: 2%; + padding-top: 2%; + height: 10%; + position: relative; + text-align: center; + } + + .verticalcenter { + vertical-align: middle; + } + + #mandateLogin > div { + clear: both; + margin-top: -1%; + position: relative; + top: 50%; + } + + #bkuselectionarea { + position: relative; + display: block; + } + + #localBKU { + padding-left: 5%; + padding-right: 2%; + padding-bottom: 2%; + position: relative; + clear: both; + } + + #bkukarte { + float:left; + text-align:center; + width:40%; + min-height: 70px; + padding-left: 5%; + padding-top: 2%; + } + + #bkuhandy { + float:right; + text-align:center; + width:40%; + min-height: 90px; + padding-right: 5%; + padding-top: 2%; + } + + .bkuimage { + width: 90%; + height: auto; + } + + #mandate{ + text-align:center; + padding : 5px 5px 5px 5px; + } + + button, .sendButton { +/* background: #BUTTON_BACKGROUNDCOLOR#; color: #BUTTON_COLOR#; */ - cursor: pointer; - - /* border:1px solid #000; + cursor: pointer; + +/* border:1px solid #000; box-shadow: 3px 3px 3px #222222; */ -} - -button:hover,button:focus,button:active,.sendButton:hover,.sendButton:focus,.sendButton:active,#mandateCheckBox:hover,#mandateCheckBox:focus,#mandateCheckBox:active - { - /* background: #BUTTON_BACKGROUNDCOLOR_FOCUS#; - color: #BUTTON_COLOR#; */ - cursor: pointer; - - /* border:1px solid #000; + } + + button:hover, button:focus, button:active, + .sendButton:hover , .sendButton:focus, .sendButton:active, + #mandateCheckBox:hover, #mandateCheckBox:focus, #mandateCheckBox:active { +/* background: #BUTTON_BACKGROUNDCOLOR_FOCUS#; + color: #BUTTON_COLOR#; */ + cursor: pointer; + +/* border:1px solid #000; box-shadow: -1px -1px 3px #222222; */ -} - -#installJava,#BrowserNOK { - clear: both; - font-size: 0.8em; - padding: 4px; -} - -.selectText { - -} - -.selectTextHeader { - -} - -#leftcontent a { - text-decoration: none; - color: #000; - /* display:block;*/ - padding: 4px; -} - -#leftcontent a:hover,#leftcontent a:focus,#leftcontent a:active { - text-decoration: underline; - color: #000; -} - -.infobutton { - background-color: #005a00; - color: white; - font-family: serif; - text-decoration: none; - padding-top: 2px; - padding-right: 4px; - padding-bottom: 2px; - padding-left: 4px; - font-weight: bold; -} - -.hell { - background-color: #MAIN_BACKGOUNDCOLOR#; - color: #MAIN_COLOR#; -} - -.dunkel { - background-color: #HEADER_BACKGROUNDCOLOR#; - color: #HEADER_COLOR#; -} - -.main_header { - color: black; - font-size: 32pt; - position: absolute; - right: 10%; - top: 40px; -} -</style> - - -<title>Anmeldung an Online-Applikation</title> + } + + #installJava, #BrowserNOK { + clear:both; + font-size:0.8em; + padding:4px; + } + + .selectText{ + + } + + .selectTextHeader{ + + } + + #leftcontent a { + text-decoration:none; + color: #000; + /* display:block;*/ + padding:4px; + } + + #leftcontent a:hover, #leftcontent a:focus, #leftcontent a:active { + text-decoration:underline; + color: #000; + } + + .infobutton { + background-color: #005a00; + color: white; + font-family: serif; + text-decoration: none; + padding-top: 2px; + padding-right: 4px; + padding-bottom: 2px; + padding-left: 4px; + font-weight: bold; + } + + .hell { + background-color : #MAIN_BACKGOUNDCOLOR#; + color: #MAIN_COLOR#; + } + + .dunkel { + background-color: #HEADER_BACKGROUNDCOLOR#; + color: #HEADER_COLOR#; + } + + .main_header { + color: black; + font-size: 32pt; + position: absolute; + right: 10%; + top: 40px; + + } + + </style> + + + <title>Anmeldung an Online-Applikation</title> </head> <body> - <div id="page"> - - <div id="page1" class="case selected-case" role="main"> - - <!-- <h2 class="OA_header">Anmeldung an: #OAName#</h2> --> - - <div id="main"> - <div id="leftcontent" class="hell"> - <div id="bku_header" class="dunkel"> - <h2 id="tabheader" class="dunkel" role="heading"> - Anmeldeinformationen:</h2> - </div> - - <div id="selectArea" class="hell" role="application"> - <h3>Anmeldung an: #OAName#</h3> - - <!-- <div class="hell"> --> - <div id="leftbutton"> - <form method="post" id="moaidform_yes" action="#URL#"> - <input type="hidden" name="value" value="true"> <input - type="hidden" name="mod" value="#MODUL#"> <input - type="hidden" name="action" value="#ACTION#"> <input - type="hidden" name="identifier" value="#ID#"> <input - type="submit" value="Ja" - class="setAssertionButton_full sendButton" role="button"> - </form> - </div> - <div id="rightbutton"> - <form method="post" id="moaidform_no" action="#URL#"> - <input type="hidden" name="value" value="false"> <input - type="hidden" name="mod" value="#MODUL#"> <input - type="hidden" name="action" value="#ACTION#"> <input - type="hidden" name="identifier" value="#ID#"> <input - type="submit" value="Nein" - class="setAssertionButton_full sendButton" role="button"> - </form> - </div> - + <div id="page"> + + <div id="page1" class="case selected-case" role="main"> + +<!-- <h2 class="OA_header">Anmeldung an: #OAName#</h2> --> + + <div id="main"> + <div id="leftcontent" class="hell"> + <div id="bku_header" class="dunkel"> + <h2 id="tabheader" class="dunkel" role="heading"> + Anmeldeinformationen: + </h2> + </div> + + <div id="selectArea" class="hell" role="application"> + <h3>Anmeldung an: #OAName#</h3> + +<!-- <div class="hell"> --> + <div id="leftbutton"> + <form method="post" id="moaidform_yes" action="#URL#"> + <input type="hidden" name="value" value="true"> + <input type="hidden" name="mod" value="#MODUL#"> + <input type="hidden" name="action" value="#ACTION#"> + <input type="hidden" name="identifier" value="#ID#"> + <input type="submit" value="Ja" class="setAssertionButton_full sendButton" role="button"> + </form> + </div> + <div id="rightbutton"> + <form method="post" id="moaidform_no" action="#URL#"> + <input type="hidden" name="value" value="false"> + <input type="hidden" name="mod" value="#MODUL#"> + <input type="hidden" name="action" value="#ACTION#"> + <input type="hidden" name="identifier" value="#ID#"> + <input type="submit" value="Nein" class="setAssertionButton_full sendButton" role="button"> + </form> + </div> + + </div> </div> </div> - </div> - </div> - <div id="validation"> - <a href="http://validator.w3.org/check?uri="> <img - style="border: 0; width: 88px; height: 31px" - src="#CONTEXTPATH#/img/valid-html5-blue.png" alt="HTML5 ist valide!" /> - </a> <a href="http://jigsaw.w3.org/css-validator/"> <img - style="border: 0; width: 88px; height: 31px" - src="https://jigsaw.w3.org/css-validator/images/vcss-blue" - alt="CSS ist valide!" /> - </a> </div> + <!--div id="validation"> + <a href="http://validator.w3.org/check?uri="> + <img style="border:0;width:88px;height:31px" + src="#CONTEXTPATH#/img/valid-html5-blue.png" + alt="HTML5 ist valide!" /> + </a> + <a href="http://jigsaw.w3.org/css-validator/"> + <img style="border:0;width:88px;height:31px" + src="http://jigsaw.w3.org/css-validator/images/vcss-blue" + alt="CSS ist valide!" /> + </a> + </div--> </div> </body> </html> diff --git a/id/server/idserverlib/src/main/resources/resources/templates/slo_template.html b/id/server/idserverlib/src/main/resources/resources/templates/slo_template.html index 8976b2bd6..a9d73e0d3 100644 --- a/id/server/idserverlib/src/main/resources/resources/templates/slo_template.html +++ b/id/server/idserverlib/src/main/resources/resources/templates/slo_template.html @@ -380,7 +380,21 @@ function sloTimeOut() { window.location.href="$timeoutURL"; - } + } + function RestartAfterDelay() { + var eDate = null; + var MilliSekZeit = 0; + var SysDatumJetzt = new Date(); + var SysDatumJetztMilli = SysDatumJetzt.getTime(); + + do { + eDate = new Date(); + MilliSekZeit = eDate.getTime(); + + } while ((MilliSekZeit-SysDatumJetztMilli) < $timeout); + + sloTimeOut(); + } </script> #end @@ -430,22 +444,21 @@ </div> </div> </div> - <div id="validation"> + <!--div id="validation"> <a href="http://validator.w3.org/check?uri="> <img style="border: 0; width: 88px; height: 31px" src="$contextpath/img/valid-html5-blue.png" alt="HTML5 ist valide!" /> </a> <a href="http://jigsaw.w3.org/css-validator/"> <img style="border: 0; width: 88px; height: 31px" - src="https://jigsaw.w3.org/css-validator/images/vcss-blue" + src="http://jigsaw.w3.org/css-validator/images/vcss-blue" alt="CSS ist valide!" /> </a> - </div> + </div--> </div> #foreach( $el in $redirectURLs ) <iframe src=$el class="reqframe"></iframe> #end - </body> </html>
\ No newline at end of file diff --git a/id/server/moa-id-commons/pom.xml b/id/server/moa-id-commons/pom.xml index a81744edf..d242147f1 100644 --- a/id/server/moa-id-commons/pom.xml +++ b/id/server/moa-id-commons/pom.xml @@ -114,7 +114,19 @@ <version>2.2.11</version> </dependency> - <dependency> + <dependency> + <groupId>org.jvnet.jaxb2_commons</groupId> + <artifactId>jaxb2-commons-lang</artifactId> + <version>2.4</version> + </dependency> + + <dependency> + <groupId>org.jvnet.jaxb2_commons</groupId> + <artifactId>jaxb2-basics-runtime</artifactId> + <version>0.11.0</version> + </dependency> + +<!-- <dependency> <groupId>org.hibernate.javax.persistence</groupId> <artifactId>hibernate-jpa-2.1-api</artifactId> <version>1.0.0.Final</version> @@ -144,7 +156,8 @@ <groupId>org.springframework</groupId> </exclusion> </exclusions> - </dependency> + </dependency> --> + <dependency> <groupId>mysql</groupId> <artifactId>mysql-connector-java</artifactId> @@ -165,7 +178,7 @@ <artifactId>spring-orm</artifactId> </dependency> - <dependency> + <dependency> <groupId>com.fasterxml.jackson.core</groupId> <artifactId>jackson-databind</artifactId> </dependency> @@ -190,12 +203,14 @@ <groupId>cglib</groupId> <artifactId>cglib</artifactId> <version>2.2.2</version> + <scope>test</scope> </dependency> <dependency> <groupId>com.h2database</groupId> <artifactId>h2</artifactId> <version>1.4.178</version> + <scope>test</scope> </dependency> <dependency> @@ -204,6 +219,10 @@ <version>1.4</version> </dependency> + <dependency> + <groupId>org.apache.commons</groupId> + <artifactId>commons-collections4</artifactId> + </dependency> </dependencies> diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/MOAIDConstants.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/MOAIDConstants.java index a04b8f454..a28fe6a7b 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/MOAIDConstants.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/MOAIDConstants.java @@ -61,6 +61,7 @@ public class MOAIDConstants { public static final List<String> ALLOWED_KEYBOXIDENTIFIER; public static final List<String> ALLOWED_REDIRECTTARGETNAMES; public static final List<String> ALLOWED_STORKATTRIBUTEPROVIDERS; + public static final List<String> JDBC_DRIVER_NEEDS_WORKAROUND; static { @@ -105,4 +106,11 @@ public class MOAIDConstants { } + static { + List<String> jdbcDriverWorkaround = new ArrayList<String>(); + jdbcDriverWorkaround.add("oracle.jdbc."); + jdbcDriverWorkaround.add("com.microsoft.sqlserver."); + JDBC_DRIVER_NEEDS_WORKAROUND = Collections.unmodifiableList(jdbcDriverWorkaround); + } + } diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationMigrationUtils.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationMigrationUtils.java index d99f826b6..63d8f463c 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationMigrationUtils.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationMigrationUtils.java @@ -738,6 +738,7 @@ public class ConfigurationMigrationUtils { } dbOA.setIsActive(Boolean.valueOf(oa.get(MOAIDConfigurationConstants.SERVICE_ISACTIVE))); + dbOA.setIsAdminRequired(false); dbOA.setPublicURLPrefix(oa.get(MOAIDConfigurationConstants.SERVICE_UNIQUEIDENTIFIER)); dbOA.setFriendlyName(oa.get(MOAIDConfigurationConstants.SERVICE_FRIENDLYNAME)); @@ -1187,6 +1188,9 @@ public class ConfigurationMigrationUtils { result.put(MOAIDConfigurationConstants.GENERAL_PUBLICURLPREFIX, authgen.getPublicURLPreFix()); + result.put(MOAIDConfigurationConstants.GENERAL_ISVIRTUALIDPSENABLED, + String.valueOf(authgen.isVirtualPublicURLPrefixEnabled())); + TimeOuts timeouts = authgen.getTimeOuts(); if (timeouts != null) { @@ -1394,41 +1398,46 @@ public class ConfigurationMigrationUtils { // to foreclose lazyloading session timeouts if (stork.getCPEPS() != null) { for (int i=0; i<stork.getCPEPS().size(); i++) { - result.put(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST - + "." + String.valueOf(i) + "." - + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST_COUNTRY, - stork.getCPEPS().get(i).getCountryCode()); - result.put(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST - + "." + String.valueOf(i) + "." - + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST_URL, - stork.getCPEPS().get(i).getURL()); - result.put(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST - + "." + String.valueOf(i) + "." - + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST_SUPPORT_XMLDSIG, - String.valueOf(stork.getCPEPS().get(i).isSupportsXMLSignature())); + if( !(stork.getCPEPS().get(i).getURL() == null || + MiscUtil.isEmpty(stork.getCPEPS().get(i).getCountryCode()) || + stork.getCPEPS().get(i).getURL().endsWith("http://")) ) { + result.put(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST + + "." + String.valueOf(i) + "." + + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST_COUNTRY, + stork.getCPEPS().get(i).getCountryCode()); + result.put(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST + + "." + String.valueOf(i) + "." + + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST_URL, + stork.getCPEPS().get(i).getURL()); + result.put(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST + + "." + String.valueOf(i) + "." + + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST_SUPPORT_XMLDSIG, + String.valueOf(stork.getCPEPS().get(i).isSupportsXMLSignature())); + } } } List<StorkAttribute> tmp = stork.getAttributes(); - if(null != tmp) { + if(null != tmp && tmp.size() > 0) { for (int i=0; i<tmp.size(); i++) { - result.put(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_ATTRIBUTES_LIST - + "." + String.valueOf(i) + "." - + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_ATTRIBUTES_LIST_NAME, - tmp.get(i).getName()); - - if (tmp.get(i).isMandatory() != null) - result.put(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_ATTRIBUTES_LIST - + "." + String.valueOf(i) + "." - + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_ATTRIBUTES_LIST_MANDATORY, - tmp.get(i).isMandatory().toString()); - else + if (MiscUtil.isNotEmpty(tmp.get(i).getName())) { result.put(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_ATTRIBUTES_LIST + "." + String.valueOf(i) + "." - + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_ATTRIBUTES_LIST_MANDATORY, - Boolean.FALSE.toString()); + + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_ATTRIBUTES_LIST_NAME, + tmp.get(i).getName()); + if (tmp.get(i).isMandatory() != null) + result.put(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_ATTRIBUTES_LIST + + "." + String.valueOf(i) + "." + + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_ATTRIBUTES_LIST_MANDATORY, + tmp.get(i).isMandatory().toString()); + else + result.put(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_ATTRIBUTES_LIST + + "." + String.valueOf(i) + "." + + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_ATTRIBUTES_LIST_MANDATORY, + Boolean.FALSE.toString()); + } } } @@ -1474,6 +1483,16 @@ public class ConfigurationMigrationUtils { dbauthgeneral.setPublicURLPreFix(moaconfig.get(MOAIDConfigurationConstants.GENERAL_PUBLICURLPREFIX)); + if (MiscUtil.isNotEmpty(moaconfig.get(MOAIDConfigurationConstants.GENERAL_ISVIRTUALIDPSENABLED))) { + dbauthgeneral.setVirtualPublicURLPrefixEnabled( + Boolean.valueOf( + moaconfig.get(MOAIDConfigurationConstants.GENERAL_ISVIRTUALIDPSENABLED))); + + } else { + dbauthgeneral.setVirtualPublicURLPrefixEnabled(false); + + } + if (MiscUtil.isNotEmpty(moaconfig.get(MOAIDConfigurationConstants.GENERAL_AUTH_CERTSTORE_URL))) dbauthgeneral.setCertStoreDirectory(moaconfig.get(MOAIDConfigurationConstants.GENERAL_AUTH_CERTSTORE_URL)); @@ -1679,35 +1698,43 @@ public class ConfigurationMigrationUtils { String index = KeyValueUtils.getFirstChildAfterPrefix(key, MOAIDConfigurationConstants.GENERAL_AUTH_STORK_ATTRIBUTES_LIST); if (!attrMap.containsKey(index)) { StorkAttribute attr = new StorkAttribute(); - attr.setName(moaconfig.get(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_ATTRIBUTES_LIST + String attrName = moaconfig.get(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_ATTRIBUTES_LIST + "." + index + "." - + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_ATTRIBUTES_LIST_NAME)); - attr.setMandatory(Boolean.parseBoolean(moaconfig.get(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_ATTRIBUTES_LIST - + "." + index + "." - + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_ATTRIBUTES_LIST_MANDATORY))); - attr.setHjid(Long.valueOf(index)); - attrMap.put(index, attr); + + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_ATTRIBUTES_LIST_NAME); + if (MiscUtil.isNotEmpty(attrName)) { + attr.setName(attrName); + attr.setMandatory(Boolean.parseBoolean(moaconfig.get(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_ATTRIBUTES_LIST + + "." + index + "." + + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_ATTRIBUTES_LIST_MANDATORY))); + attr.setHjid(Long.valueOf(index)); + attrMap.put(index, attr); + } } } else if (key.startsWith(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST)) { String index = KeyValueUtils.getFirstChildAfterPrefix(key, MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST); if (!cpepsMap.containsKey(index)) { CPEPS attr = new CPEPS(); - attr.setCountryCode(moaconfig.get(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST - + "." + index + "." - + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST_COUNTRY)); - - attr.setURL(moaconfig.get(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST + + String countryCode = moaconfig.get(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST + "." + index + "." - + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST_URL)); + + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST_COUNTRY); - attr.setSupportsXMLSignature(Boolean.parseBoolean(moaconfig.get(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST + String pepsURL = moaconfig.get(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST + "." + index + "." - + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST_SUPPORT_XMLDSIG))); + + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST_URL); - attr.setHjid(Long.valueOf(index)); + if (MiscUtil.isNotEmpty(countryCode) && MiscUtil.isNotEmpty(pepsURL) && + !pepsURL.endsWith("http://")) { + attr.setCountryCode(countryCode); + attr.setURL(pepsURL); + attr.setSupportsXMLSignature(Boolean.parseBoolean(moaconfig.get(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST + + "." + index + "." + + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST_SUPPORT_XMLDSIG))); + attr.setHjid(Long.valueOf(index)); cpepsMap.put(index, attr); + } } } @@ -1774,11 +1801,17 @@ public class ConfigurationMigrationUtils { } // try { - List<TransformsInfoType> trans = new ArrayList<TransformsInfoType>(); - TransformsInfoType elem = new TransformsInfoType(); - elem.setTransformation(moaconfig.get(MOAIDConfigurationConstants.GENERAL_AUTH_AUTHBLOCK_TRANSFORMATION_BASE64).getBytes()); - elem.setFilename(moaconfig.get(MOAIDConfigurationConstants.GENERAL_AUTH_AUTHBLOCK_TRANSFORMATION_NAME)); - trans.add(elem); + List<TransformsInfoType> trans = new ArrayList<TransformsInfoType>(); + if (MiscUtil.isNotEmpty(moaconfig.get(MOAIDConfigurationConstants.GENERAL_AUTH_AUTHBLOCK_TRANSFORMATION_BASE64))) { + TransformsInfoType elem = new TransformsInfoType(); + elem.setTransformation(moaconfig.get(MOAIDConfigurationConstants.GENERAL_AUTH_AUTHBLOCK_TRANSFORMATION_BASE64).getBytes()); + elem.setFilename(moaconfig.get(MOAIDConfigurationConstants.GENERAL_AUTH_AUTHBLOCK_TRANSFORMATION_NAME)); + trans.add(elem); + + } else { + Logger.info("No AuthBlock-Transformation found."); + + } seclayertrans.setTransformsInfo(trans); // } catch (IOException e) { diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationUtil.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationUtil.java index 4130b2c5d..e24cb8606 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationUtil.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationUtil.java @@ -27,8 +27,6 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.STORK; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; -import com.fasterxml.jackson.core.JsonProcessingException; - public class ConfigurationUtil { final boolean isOverwriteData; @@ -83,7 +81,7 @@ public class ConfigurationUtil { * is thrown if problem occurred while serializing one of the * database values */ - public static Properties moaIdConfigToJsonProperties(MOAIDConfiguration config) throws JsonProcessingException { + public static Properties moaIdConfigToJsonProperties(MOAIDConfiguration config) { Properties result = new Properties(); diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MOAIDConfigurationConstants.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MOAIDConfigurationConstants.java index c338c65ba..7d9fc452a 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MOAIDConfigurationConstants.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MOAIDConfigurationConstants.java @@ -186,6 +186,7 @@ public final class MOAIDConfigurationConstants extends MOAIDConstants { //Namespaces for general MOA-ID config public static final String GENERAL_PUBLICURLPREFIX = PREFIX_MOAID_GENERAL + ".publicURLPrefix"; + public static final String GENERAL_ISVIRTUALIDPSENABLED = PREFIX_MOAID_GENERAL + ".isVirtualIDPsEnabled"; private static final String GENERAL_DEFAULTS = PREFIX_MOAID_GENERAL + ".defaults"; private static final String GENERAL_DEFAULTS_BKU = GENERAL_DEFAULTS + "." + BKU; diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/persistence/JsonMapper.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/persistence/JsonMapper.java deleted file mode 100644 index 6138d571b..000000000 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/persistence/JsonMapper.java +++ /dev/null @@ -1,73 +0,0 @@ -package at.gv.egovernment.moa.id.commons.config.persistence; - -import java.io.IOException; - -import com.fasterxml.jackson.annotation.JsonAutoDetect.Visibility; -import com.fasterxml.jackson.annotation.PropertyAccessor; -import com.fasterxml.jackson.core.JsonParseException; -import com.fasterxml.jackson.core.JsonProcessingException; -import com.fasterxml.jackson.databind.JavaType; -import com.fasterxml.jackson.databind.JsonMappingException; -import com.fasterxml.jackson.databind.ObjectMapper; -import com.fasterxml.jackson.databind.SerializationFeature; -import com.fasterxml.jackson.databind.type.TypeFactory; - -/** - * Helper class to handle the JSON (de-)serialization. - * - */ -public class JsonMapper { - - private ObjectMapper mapper = new ObjectMapper(); - - /** - * The default constructor where the default pretty printer is disabled. - */ - public JsonMapper() { - this(false); - } - - /** - * The constructor. - * @param prettyPrint enables or disables the default pretty printer - */ - public JsonMapper(boolean prettyPrint) { - mapper.setVisibility(PropertyAccessor.ALL, Visibility.NONE); - mapper.setVisibility(PropertyAccessor.GETTER, Visibility.PUBLIC_ONLY); - mapper.setVisibility(PropertyAccessor.IS_GETTER, Visibility.PUBLIC_ONLY); - if (prettyPrint) { - mapper.enable(SerializationFeature.INDENT_OUTPUT); - } - } - - /** - * Serialize an object to a JSON string. - * @param value the object to serialize - * @return a JSON string - * @throws JsonProcessingException thrown when an error occurs during serialization - */ - public String serialize(Object value) throws JsonProcessingException { - return mapper.writeValueAsString(value); - } - - /** - * Deserialize a JSON string. - * - * @param value the JSON string to deserialize - * @param clazz optional parameter that determines the type of the returned object. If not set, an {@link Object} is returned. - * @return the deserialized JSON string as an object of type {@code clazz} or {@link Object} - * @throws JsonParseException if the JSON string contains invalid content. - * @throws JsonMappingException if the input JSON structure does not match structure expected for result type - * @throws IOException if an I/O problem occurs (e.g. unexpected end-of-input) - */ - public <T> Object deserialize(String value, Class<T> clazz) throws JsonParseException, JsonMappingException, IOException{ - - ObjectMapper mapper = new ObjectMapper(); - if (clazz != null) { - JavaType javaType = TypeFactory.defaultInstance().constructType(clazz); - return mapper.readValue(value, javaType); - } else { - return mapper.readValue(value, Object.class); - } - } -} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBRead.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBRead.java deleted file mode 100644 index 3836d5a1e..000000000 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBRead.java +++ /dev/null @@ -1,403 +0,0 @@ -///******************************************************************************* -// * Copyright 2014 Federal Chancellery Austria -// * MOA-ID has been developed in a cooperation between BRZ, the Federal -// * Chancellery Austria - ICT staff unit, and Graz University of Technology. -// * -// * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by -// * the European Commission - subsequent versions of the EUPL (the "Licence"); -// * You may not use this work except in compliance with the Licence. -// * You may obtain a copy of the Licence at: -// * http://www.osor.eu/eupl/ -// * -// * Unless required by applicable law or agreed to in writing, software -// * distributed under the Licence is distributed on an "AS IS" basis, -// * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// * See the Licence for the specific language governing permissions and -// * limitations under the Licence. -// * -// * This product combines work with different licenses. See the "NOTICE" text -// * file for details on the various modules and licenses. -// * The "NOTICE" text file is part of the distribution. Any derivative works -// * that you distribute must include a readable copy of the "NOTICE" text file. -// *******************************************************************************/ -//package at.gv.egovernment.moa.id.commons.db; -// -//import java.util.ArrayList; -//import java.util.HashMap; -//import java.util.List; -//import java.util.Map; -// -//import javax.persistence.EntityManager; -// -//import org.apache.commons.lang3.StringEscapeUtils; -// -//import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration; -//import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; -//import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase; -//import at.gv.egovernment.moa.logging.Logger; -//import at.gv.egovernment.moa.util.MiscUtil; -////import org.apache.commons.lang.StringEscapeUtils; -// -//import com.fasterxml.jackson.annotation.JsonProperty; -// -///** -// * -// * @author tlenz -// * -// * @deprecated -// */ -// -//@SuppressWarnings("rawtypes") -//public class ConfigurationDBRead { -// -// private static Map<String, String> QUERIES = new HashMap<String, String>(); -// -// static { -// QUERIES.put("getActiveOnlineApplicationWithID", "select onlineapplication from OnlineApplication onlineapplication where onlineapplication.publicURLPrefix = SUBSTRING(:id, 1, LENGTH(onlineapplication.publicURLPrefix)) and onlineapplication.isActive = '1'"); -// QUERIES.put("getOnlineApplicationWithID", "select onlineapplication from OnlineApplication onlineapplication where onlineapplication.publicURLPrefix = SUBSTRING(:id, 1, LENGTH(onlineapplication.publicURLPrefix))"); -// QUERIES.put("getOnlineApplicationWithDBID", "select onlineapplication from OnlineApplication onlineapplication where onlineapplication.hjid = :id"); -// QUERIES.put("getAllOnlineApplications", "select onlineapplication from OnlineApplication onlineapplication"); -// QUERIES.put("getAllActiveOnlineApplications", "select onlineapplication from OnlineApplication onlineapplication where onlineapplication.isActive = '1'"); -// QUERIES.put("getAllNewOnlineApplications", "select onlineapplication from OnlineApplication onlineapplication where onlineapplication.isActive = '0' and onlineapplication.isAdminRequired = '1'"); -// QUERIES.put("getMOAIDConfiguration", "select moaidconfiguration from MOAIDConfiguration moaidconfiguration"); -// QUERIES.put("getUserWithUserID", "select userdatabase from UserDatabase userdatabase where userdatabase.hjid = :id"); -// QUERIES.put("getNewUserWithUserTokken", "select userdatabase from UserDatabase userdatabase where userdatabase.userRequestTokken = :tokken"); -// QUERIES.put("getAllNewUsers", "select userdatabase from UserDatabase userdatabase where userdatabase.userRequestTokken is null and userdatabase.isAdminRequest = '1' and userdatabase.isMailAddressVerified = '1'"); -// QUERIES.put("getAllOpenUsersRequests", "select userdatabase from UserDatabase userdatabase where userdatabase.userRequestTokken is not null and userdatabase.isAdminRequest = '1' and userdatabase.isMailAddressVerified = '0'"); -// QUERIES.put("getUserWithUserBPKWBPK", "select userdatabase from UserDatabase userdatabase where userdatabase.bpk = :bpk"); -// QUERIES.put("getUserWithUserUsername", "select userdatabase from UserDatabase userdatabase where userdatabase.username = :username"); -// QUERIES.put("getAllUsers", "select userdatabase from UserDatabase userdatabase"); -// QUERIES.put("getUsersWithOADBID", "select userdatabase from UserDatabase userdatabase inner join userdatabase.onlineApplication oa where oa.hjid = :id"); -// QUERIES.put("searchOnlineApplicationsWithID", "select onlineapplication from OnlineApplication onlineapplication where onlineapplication.friendlyName like :id"); -// } -// -//// public static OnlineApplication getActiveOnlineApplication(String id) { -//// MiscUtil.assertNotNull(id, "OnlineApplictionID"); -//// Logger.trace("Getting OnlineApplication with ID " + id + " from database."); -//// -//// List result; -//// EntityManager session = ConfigurationDBUtils.getCurrentSession(); -//// -//// javax.persistence.Query query = session.createQuery(QUERIES.get("getActiveOnlineApplicationWithID")); -//// //query.setParameter("id", id+"%"); -//// query.setParameter("id", StringEscapeUtils.escapeHtml4(id)); -//// result = query.getResultList(); -//// -//// Logger.trace("Found entries: " + result.size()); -//// -//// if (result.size() == 0) { -//// Logger.debug("No entries found."); -//// return null; -//// } -//// -//// if (result.size() > 1) { -//// Logger.warn("OAIdentifier match to more then one DB-entry!"); -//// return null; -//// } -//// -//// return (OnlineApplication) result.get(0); -//// } -//// -//// public static OnlineApplication getOnlineApplication(String id) { -//// MiscUtil.assertNotNull(id, "OnlineApplictionID"); -//// Logger.trace("Getting OnlineApplication with ID " + id + " from database."); -//// -//// List result; -//// EntityManager session = ConfigurationDBUtils.getCurrentSession(); -//// -//// javax.persistence.Query query = session.createQuery(QUERIES.get("getOnlineApplicationWithID")); -//// //query.setParameter("id", id+"%"); -//// query.setParameter("id", id); -//// result = query.getResultList(); -//// -//// Logger.trace("Found entries: " + result.size()); -//// -//// if (result.size() == 0) { -//// Logger.trace("No entries found."); -//// return null; -//// } -//// -//// if (result.size() > 1) { -//// Logger.warn("OAIdentifier match to more then one DB-entry!"); -//// return null; -//// } -//// -//// return (OnlineApplication) result.get(0); -//// } -//// -//// public static OnlineApplication getOnlineApplication(long dbid) { -//// MiscUtil.assertNotNull(dbid, "OnlineApplictionID"); -//// Logger.trace("Getting OnlineApplication with DBID " + dbid + " from database."); -//// -//// List result; -//// EntityManager session = ConfigurationDBUtils.getCurrentSession(); -//// -//// javax.persistence.Query query = session.createQuery(QUERIES.get("getOnlineApplicationWithDBID")); -//// //query.setParameter("id", id+"%"); -//// query.setParameter("id", dbid); -//// result = query.getResultList(); -//// -//// Logger.trace("Found entries: " + result.size()); -//// -//// if (result.size() == 0) { -//// Logger.trace("No entries found."); -//// return null; -//// } -//// -//// return (OnlineApplication) result.get(0); -//// } -//// -//// @JsonProperty("getMOAIDConfiguration") -//// public static MOAIDConfiguration getMOAIDConfiguration() { -//// Logger.trace("Load MOAID Configuration from database."); -//// -//// List<MOAIDConfiguration> result; -//// EntityManager session = ConfigurationDBUtils.getCurrentSession(); -//// -//// javax.persistence.Query query = session.createQuery(QUERIES.get("getMOAIDConfiguration")); -//// result = query.getResultList(); -//// -//// Logger.trace("Found entries: " + result.size()); -//// -//// if (result.size() == 0) { -//// Logger.trace("No entries found. Create fresh instance."); -//// return null; -//// } -//// -//// return (MOAIDConfiguration) result.get(0); -//// } -//// -//// @JsonProperty("getAllOnlineApplications") -//// public static List<OnlineApplication> getAllOnlineApplications() { -//// Logger.trace("Get All OnlineApplications from database."); -//// -//// List<OnlineApplication> result = null; -//// EntityManager session = ConfigurationDBUtils.getCurrentSession(); -//// -//// javax.persistence.Query query = session.createQuery(QUERIES.get("getAllOnlineApplications")); -//// result = query.getResultList(); -//// -//// Logger.trace("Found entries: " + result.size()); -//// -//// if (result.size() == 0) { -//// Logger.trace("No entries found."); -//// return null; -//// } -//// return result; -//// } -//// -//// public static List<OnlineApplication> getAllNewOnlineApplications() { -//// Logger.trace("Get All OnlineApplications from database."); -//// -//// List<OnlineApplication> result; -//// EntityManager session = ConfigurationDBUtils.getCurrentSession(); -//// -//// javax.persistence.Query query = session.createQuery(QUERIES.get("getAllNewOnlineApplications")); -//// result = query.getResultList(); -//// -//// Logger.trace("Found entries: " + result.size()); -//// -//// if (result.size() == 0) { -//// Logger.trace("No entries found."); -//// return null; -//// } -//// return result; -//// } -//// -//// @JsonProperty("getAllUsers") -//// public static List<UserDatabase> getAllUsers() { -//// Logger.trace("Get All OnlineApplications from database."); -//// -//// List<UserDatabase> result; -//// EntityManager session = ConfigurationDBUtils.getCurrentSession(); -//// -//// javax.persistence.Query query = session.createQuery(QUERIES.get("getAllUsers")); -//// result = query.getResultList(); -//// -//// Logger.trace("Found entries: " + result.size()); -//// -//// if (result.size() == 0) { -//// Logger.trace("No entries found."); -//// return null; -//// } -//// return result; -//// } -//// -//// public static List<OnlineApplication> getAllActiveOnlineApplications() { -//// Logger.trace("Get All active OnlineApplications from database."); -//// -//// List<OnlineApplication> result; -//// EntityManager session = ConfigurationDBUtils.getCurrentSession(); -//// -//// javax.persistence.Query query = session.createQuery(QUERIES.get("getAllActiveOnlineApplications")); -//// result = query.getResultList(); -//// -//// Logger.trace("Found entries: " + result.size()); -//// -//// if (result.size() == 0) { -//// Logger.trace("No entries found."); -//// result = new ArrayList<OnlineApplication>(); -//// -//// } -//// return result; -//// } -//// -//// @SuppressWarnings("rawtypes") -//// public static List<OnlineApplication> searchOnlineApplications(String id) { -//// MiscUtil.assertNotNull(id, "OnlineApplictionID"); -//// Logger.trace("Getting OnlineApplication with ID " + id + " from database."); -//// -//// List<OnlineApplication> result; -//// EntityManager session = ConfigurationDBUtils.getCurrentSession(); -//// -//// javax.persistence.Query query = session.createQuery(QUERIES.get("searchOnlineApplicationsWithID")); -//// query.setParameter("id", "%" + id + "%"); -//// -//// result = query.getResultList(); -//// -//// Logger.trace("Found entries: " + result.size()); -//// -//// if (result.size() == 0) { -//// Logger.trace("No entries found."); -//// return null; -//// } -//// -//// return result; -//// } -//// -//// public static UserDatabase getUserWithID(long id) { -//// MiscUtil.assertNotNull(id, "UserID"); -//// Logger.trace("Getting Userinformation with ID " + id + " from database."); -//// -//// List<UserDatabase> result; -//// EntityManager session = ConfigurationDBUtils.getCurrentSession(); -//// -//// javax.persistence.Query query = session.createQuery(QUERIES.get("getUserWithUserID")); -//// query.setParameter("id", id); -//// result = query.getResultList(); -//// -//// Logger.trace("Found entries: " + result.size()); -//// -//// if (result.size() == 0) { -//// Logger.trace("No entries found."); -//// return null; -//// } -//// return (UserDatabase) result.get(0); -//// } -//// -//// public static UserDatabase getUsersWithOADBID(long id) { -//// MiscUtil.assertNotNull(id, "OADBID"); -//// Logger.trace("Getting Userinformation with OADBID " + id + " from database."); -//// -//// List<UserDatabase> result; -//// EntityManager session = ConfigurationDBUtils.getCurrentSession(); -//// -//// javax.persistence.Query query = session.createQuery(QUERIES.get("getUsersWithOADBID")); -//// query.setParameter("id", id); -//// result = query.getResultList(); -//// -//// Logger.trace("Found entries: " + result.size()); -//// -//// if (result.size() == 0) { -//// Logger.trace("No entries found."); -//// return null; -//// } -//// return (UserDatabase) result.get(0); -//// } -//// -//// public static UserDatabase getUserWithUserName(String username) { -//// MiscUtil.assertNotNull(username, "UserName"); -//// Logger.trace("Getting Userinformation with ID " + username + " from database."); -//// -//// List<UserDatabase> result; -//// EntityManager session = ConfigurationDBUtils.getCurrentSession(); -//// -//// javax.persistence.Query query = session.createQuery(QUERIES.get("getUserWithUserUsername")); -//// query.setParameter("username", username); -//// result = query.getResultList(); -//// -//// Logger.trace("Found entries: " + result.size()); -//// -//// if (result.size() == 0) { -//// Logger.trace("No entries found."); -//// return null; -//// } -//// return (UserDatabase) result.get(0); -//// } -//// -//// public static UserDatabase getUserWithUserBPKWBPK(String bpkwbpk) { -//// MiscUtil.assertNotNull(bpkwbpk, "bpk/wbpk"); -//// Logger.trace("Getting Userinformation with ID " + bpkwbpk + " from database."); -//// -//// List<UserDatabase> result; -//// EntityManager session = ConfigurationDBUtils.getCurrentSession(); -//// -//// javax.persistence.Query query = session.createQuery(QUERIES.get("getUserWithUserBPKWBPK")); -//// query.setParameter("bpk", bpkwbpk); -//// result = query.getResultList(); -//// -//// Logger.trace("Found entries: " + result.size()); -//// -//// if (result.size() == 0) { -//// Logger.trace("No entries found."); -//// return null; -//// } -//// return (UserDatabase) result.get(0); -//// } -//// -//// public static UserDatabase getNewUserWithTokken(String tokken) { -//// MiscUtil.assertNotNull(tokken, "bpk/wbpk"); -//// Logger.trace("Getting Userinformation with Tokken " + tokken + " from database."); -//// -//// List<UserDatabase> result; -//// EntityManager session = ConfigurationDBUtils.getCurrentSession(); -//// -//// javax.persistence.Query query = session.createQuery(QUERIES.get("getNewUserWithUserTokken")); -//// query.setParameter("tokken", tokken); -//// result = query.getResultList(); -//// -//// Logger.trace("Found entries: " + result.size()); -//// -//// if (result.size() == 0) { -//// Logger.trace("No entries found."); -//// return null; -//// } -//// return (UserDatabase) result.get(0); -//// } -//// -//// public static List<UserDatabase> getAllNewUsers() { -//// Logger.trace("Get all new Users from Database"); -//// -//// List<UserDatabase> result; -//// EntityManager session = ConfigurationDBUtils.getCurrentSession(); -//// -//// javax.persistence.Query query = session.createQuery(QUERIES.get("getAllNewUsers")); -//// result = query.getResultList(); -//// -//// Logger.trace("Found entries: " + result.size()); -//// -//// if (result.size() == 0) { -//// Logger.trace("No entries found."); -//// return null; -//// } -//// return result; -//// } -//// -//// public static List<UserDatabase> getAllOpenUsersRequests() { -//// Logger.trace("Get all new Users from Database"); -//// -//// List<UserDatabase> result; -//// EntityManager session = ConfigurationDBUtils.getCurrentSession(); -//// -//// javax.persistence.Query query = session.createQuery(QUERIES.get("getAllOpenUsersRequests")); -//// result = query.getResultList(); -//// -//// Logger.trace("Found entries: " + result.size()); -//// -//// if (result.size() == 0) { -//// Logger.trace("No entries found."); -//// return null; -//// } -//// return result; -//// } -//} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBUtils.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBUtils.java deleted file mode 100644 index 7f996cca7..000000000 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBUtils.java +++ /dev/null @@ -1,233 +0,0 @@ -///******************************************************************************* -// * Copyright 2014 Federal Chancellery Austria -// * MOA-ID has been developed in a cooperation between BRZ, the Federal -// * Chancellery Austria - ICT staff unit, and Graz University of Technology. -// * -// * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by -// * the European Commission - subsequent versions of the EUPL (the "Licence"); -// * You may not use this work except in compliance with the Licence. -// * You may obtain a copy of the Licence at: -// * http://www.osor.eu/eupl/ -// * -// * Unless required by applicable law or agreed to in writing, software -// * distributed under the Licence is distributed on an "AS IS" basis, -// * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// * See the Licence for the specific language governing permissions and -// * limitations under the Licence. -// * -// * This product combines work with different licenses. See the "NOTICE" text -// * file for details on the various modules and licenses. -// * The "NOTICE" text file is part of the distribution. Any derivative works -// * that you distribute must include a readable copy of the "NOTICE" text file. -// *******************************************************************************/ -//package at.gv.egovernment.moa.id.commons.db; -// -//import java.util.Properties; -// -//import javax.persistence.EntityManager; -//import javax.persistence.EntityManagerFactory; -//import javax.persistence.EntityTransaction; -//import javax.persistence.Persistence; -// -//import org.hibernate.HibernateException; -// -//import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; -//import at.gv.egovernment.moa.logging.Logger; -// -//public final class ConfigurationDBUtils { -// -// private static EntityManagerFactory entitymanagerfactory; -// -// @SuppressWarnings("rawtypes") -// private static final ThreadLocal THREAD_LOCAL_CONFIG = new ThreadLocal(); -// private static boolean automaticSessionHandling = false; -// -// protected ConfigurationDBUtils() { } -// -// public static void initHibernate(Properties props) throws MOADatabaseException { -// -//// try { -//// -//// Logger.debug("Creating initial session factory..."); -//// -//// entitymanagerfactory = -//// Persistence.createEntityManagerFactory("at.gv.egovernment.moa.id.commons.db.dao.config", -//// props); -//// -//// Logger.debug("Initial ConfigDB session factory successfully created."); -//// -//// -//// } catch (Throwable ex) { -//// Logger.error("Initial session factory creation failed: " + ex.getMessage()); -//// throw new MOADatabaseException("Initialization of Configuration Hibernate session factory failed.",ex); -//// } -// } -// -// -//// /** -//// * Checks if a session factory is currently available. If necessary a new -//// * session factory is created. -//// * -//// * @return current (or new) session factory -//// * @throws HibernateException -//// * thrown if a hibernate error occurs -//// */ -//// public static EntityManager getCurrentSession() { -//// if (automaticSessionHandling) { -//// -//// return entitymanagerfactory.createEntityManager(); -//// } -//// -//// EntityManager session = (EntityManager) THREAD_LOCAL_CONFIG.get(); -//// -//// if (session != null && session.isOpen()) { -//// -//// //maybe a hack, but sometimes we do not know if the session is closed (session already closed but isOpen()=true) -//// try { -//// javax.persistence.Query query = session.createQuery("select userdatabase from UserDatabase userdatabase"); -//// query.getResultList(); -//// -//// } catch (Throwable e) { -//// Logger.warn("JPA Session Handling Warning!!!! - This error should not occur."); -//// session = getNewSession(); -//// } -//// -//// } else -//// session = getNewSession(); -//// -//// return session; -//// } -//// -//// @SuppressWarnings("unchecked") -//// public static EntityManager getNewSession() { -//// if (automaticSessionHandling) { -//// Logger.warn("Session is being automatically handled by hibernate. Therefore this session maybe not being newly created. Use HibernateUtil.getCurrentSession() instead."); -//// return entitymanagerfactory.createEntityManager(); -//// } -//// EntityManager session = (EntityManager) THREAD_LOCAL_CONFIG.get(); -//// if (session != null ) { -//// Logger.warn("Previous session has not been closed; closing ConfigDB session now."); -//// closeSession(); -//// } -//// Logger.debug("Opening new ConfigDB hibernate session..."); -//// try { -//// session = entitymanagerfactory.createEntityManager(); -//// THREAD_LOCAL_CONFIG.set(session); -//// } catch (HibernateException hex) { -//// Logger.error(hex.getMessage()); -//// } -//// return session; -//// } -// -// /** -// * Closes the current session. -// * -// * @throws HibernateException -// * thrown if session is already closed or a hibernate error -// * occurs. -// * -// * @deprecated -// */ -//@SuppressWarnings("unchecked") -//public static void closeSession() { -// -//} -// -//// /** -//// * Closes the current session. -//// * -//// * @throws HibernateException -//// * thrown if session is already closed or a hibernate error -//// * occurs. -//// */ -//// @SuppressWarnings("unchecked") -//// public static void closeSession() { -//// if (automaticSessionHandling) { -//// Logger.warn("Session is being automatically handled by hibernate. Therefore the current session cannot be closed on demand."); -//// return; -//// } -//// Logger.debug("Closing current ConfigDB hibernate session..."); -//// EntityManager session = (EntityManager) THREAD_LOCAL_CONFIG.get(); -//// THREAD_LOCAL_CONFIG.set(null); -//// if (session != null) { -//// try { -//// session.close(); -//// -//// } catch (HibernateException hex) { -//// Logger.error(hex.getMessage()); -//// } -//// } -//// } -//// -//// public static boolean save(Object dbo) throws MOADatabaseException { -//// EntityTransaction tx = null; -//// -//// try { -//// EntityManager session = ConfigurationDBUtils.getCurrentSession(); -//// tx = session.getTransaction(); -//// -//// synchronized (session) { -//// tx.begin(); -//// session.merge(dbo); -//// tx.commit(); -//// -//// session.clear(); -//// } -//// return true; -//// -//// } catch(HibernateException e) { -//// Logger.warn("Error during Config database saveOrUpdate. Rollback.", e); -//// tx.rollback(); -//// throw new MOADatabaseException(e); -//// } -//// } -//// -//// -//// public static boolean saveOrUpdate(Object dbo) throws MOADatabaseException { -//// EntityTransaction tx = null; -//// -//// try { -//// EntityManager session = ConfigurationDBUtils.getCurrentSession(); -//// tx = session.getTransaction(); -//// -//// synchronized (session) { -//// tx.begin(); -//// -//// session.merge(dbo); -//// session.flush(); -//// -//// tx.commit(); -//// -//// //session.clear(); -//// } -//// return true; -//// -//// } catch(HibernateException e) { -//// Logger.warn("Error during Config database saveOrUpdate. Rollback.", e); -//// tx.rollback(); -//// throw new MOADatabaseException(e); -//// } -//// } -//// -//// public static boolean delete(Object dbo) { -//// EntityTransaction tx = null; -//// try { -//// EntityManager session = ConfigurationDBUtils.getCurrentSession(); -//// tx = session.getTransaction(); -//// -//// synchronized (session) { -//// tx.begin(); -//// session.remove(session.contains(dbo) ? dbo : session.merge(dbo)); -//// tx.commit(); -//// } -//// -//// return true; -//// -//// } catch(HibernateException e) { -//// Logger.warn("Error during Config database delete. Rollback.", e); -//// tx.rollback(); -//// return false; -//// } -//// } -// -//} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/MOASessionDBUtils.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/MOASessionDBUtils.java index 49e0634cb..ecb13ef34 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/MOASessionDBUtils.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/MOASessionDBUtils.java @@ -32,7 +32,6 @@ import org.hibernate.Transaction; import org.hibernate.boot.registry.StandardServiceRegistryBuilder; import org.hibernate.cfg.Configuration; import org.hibernate.service.ServiceRegistry; -import org.hibernate.service.ServiceRegistryBuilder; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; import at.gv.egovernment.moa.logging.Logger; diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/NewConfigurationDBRead.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/NewConfigurationDBRead.java index c049eebc4..28c705c71 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/NewConfigurationDBRead.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/NewConfigurationDBRead.java @@ -12,8 +12,6 @@ import at.gv.egovernment.moa.id.commons.config.ConfigurationMigrationUtils; import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; import at.gv.egovernment.moa.id.commons.config.persistence.MOAIDConfiguration; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OnlineApplication; - -import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase; import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils; import at.gv.egovernment.moa.logging.Logger; diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/NewConfigurationDBWrite.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/NewConfigurationDBWrite.java deleted file mode 100644 index ccc7f33f1..000000000 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/NewConfigurationDBWrite.java +++ /dev/null @@ -1,52 +0,0 @@ -//package at.gv.egovernment.moa.id.commons.db; -// -//import java.util.Date; -//import java.util.List; -// -//import org.springframework.beans.factory.annotation.Autowired; -//import org.springframework.stereotype.Component; -// -//import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; -//import at.gv.egovernment.moa.id.commons.config.persistence.MOAIDConfiguration; -//import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.AuthComponentGeneral; -//import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.ChainingModes; -//import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.DefaultBKUs; -//import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.GenericConfiguration; -//import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OnlineApplication; -//import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.SLRequestTemplates; -//import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase; -//import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; -// -///** -// * This class is used for writing to the key-value database. -// */ -//@Component -//public class NewConfigurationDBWrite { -// -// private static MOAIDConfiguration conf; -// -// @Autowired(required = true) -// public void setConfiguration(MOAIDConfiguration conf) { -// // https://jira.spring.io/browse/SPR-3845 -// NewConfigurationDBWrite.conf = conf; -// } -// -// -// -// /** -// * @param user -// */ -// public void saveOrUpdate(UserDatabase user) throws MOADatabaseException{ -// // TODO Auto-generated method stub -// -// } -// -// /** -// * @param dbuser -// */ -// public void delete(UserDatabase dbuser) { -// // TODO Auto-generated method stub -// -// } -// -//} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/StatisticLogDBUtils.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/StatisticLogDBUtils.java index eac47f93f..7e031cc76 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/StatisticLogDBUtils.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/StatisticLogDBUtils.java @@ -32,7 +32,6 @@ import org.hibernate.Transaction; import org.hibernate.boot.registry.StandardServiceRegistryBuilder; import org.hibernate.cfg.Configuration; import org.hibernate.service.ServiceRegistry; -import org.hibernate.service.ServiceRegistryBuilder; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; import at.gv.egovernment.moa.logging.Logger; diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/CPEPS.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/CPEPS.java index 11eca81f5..6dacc2ec4 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/CPEPS.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/CPEPS.java @@ -11,20 +11,10 @@ package at.gv.egovernment.moa.id.commons.db.dao.config.deprecated; import java.io.Serializable; import java.util.ArrayList; import java.util.List; -import javax.persistence.Basic; + import javax.persistence.CascadeType; -import javax.persistence.Column; -import javax.persistence.Entity; -import javax.persistence.GeneratedValue; -import javax.persistence.GenerationType; -import javax.persistence.Id; -import javax.persistence.Inheritance; -import javax.persistence.InheritanceType; -import javax.persistence.JoinColumn; import javax.persistence.JoinTable; import javax.persistence.ManyToMany; -import javax.persistence.OneToMany; -import javax.persistence.Table; import javax.persistence.Transient; import javax.xml.bind.annotation.XmlAccessType; import javax.xml.bind.annotation.XmlAccessorType; @@ -35,8 +25,7 @@ import javax.xml.bind.annotation.XmlSchemaType; import javax.xml.bind.annotation.XmlType; import javax.xml.bind.annotation.adapters.CollapsedStringAdapter; import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter; -import com.sun.tools.xjc.runtime.ZeroOneBooleanAdapter; -import org.jvnet.hyperjaxb3.item.ItemUtils; + import org.jvnet.jaxb2_commons.lang.Equals; import org.jvnet.jaxb2_commons.lang.EqualsStrategy; import org.jvnet.jaxb2_commons.lang.HashCode; @@ -46,6 +35,8 @@ import org.jvnet.jaxb2_commons.lang.JAXBHashCodeStrategy; import org.jvnet.jaxb2_commons.locator.ObjectLocator; import org.jvnet.jaxb2_commons.locator.util.LocatorUtils; +import com.sun.tools.xjc.runtime.ZeroOneBooleanAdapter; + /** * <p>Java class for anonymous complex type. @@ -99,7 +90,7 @@ public class CPEPS protected Boolean supportsXMLSignature; @XmlAttribute(name = "Hjid") protected Long hjid; - protected transient List<CPEPSAttributeValueItem> attributeValueItems; + // protected transient List<CPEPSAttributeValueItem> attributeValueItems; /** * Gets the value of the attributeValue property. @@ -293,31 +284,31 @@ public class CPEPS this.hjid = value; } - @OneToMany(targetEntity = CPEPSAttributeValueItem.class, cascade = { - CascadeType.ALL - }) - - public List<CPEPSAttributeValueItem> getAttributeValueItems() { - if (this.attributeValueItems == null) { - this.attributeValueItems = new ArrayList<CPEPSAttributeValueItem>(); - } - if (ItemUtils.shouldBeWrapped(this.attributeValue)) { - this.attributeValue = ItemUtils.wrap(this.attributeValue, this.attributeValueItems, CPEPSAttributeValueItem.class); - } - return this.attributeValueItems; - } - - public void setAttributeValueItems(List<CPEPSAttributeValueItem> value) { - this.attributeValue = null; - this.attributeValueItems = null; - this.attributeValueItems = value; - if (this.attributeValueItems == null) { - this.attributeValueItems = new ArrayList<CPEPSAttributeValueItem>(); - } - if (ItemUtils.shouldBeWrapped(this.attributeValue)) { - this.attributeValue = ItemUtils.wrap(this.attributeValue, this.attributeValueItems, CPEPSAttributeValueItem.class); - } - } +// @OneToMany(targetEntity = CPEPSAttributeValueItem.class, cascade = { +// CascadeType.ALL +// }) +// +// public List<CPEPSAttributeValueItem> getAttributeValueItems() { +// if (this.attributeValueItems == null) { +// this.attributeValueItems = new ArrayList<CPEPSAttributeValueItem>(); +// } +// if (ItemUtils.shouldBeWrapped(this.attributeValue)) { +// this.attributeValue = ItemUtils.wrap(this.attributeValue, this.attributeValueItems, CPEPSAttributeValueItem.class); +// } +// return this.attributeValueItems; +// } +// +// public void setAttributeValueItems(List<CPEPSAttributeValueItem> value) { +// this.attributeValue = null; +// this.attributeValueItems = null; +// this.attributeValueItems = value; +// if (this.attributeValueItems == null) { +// this.attributeValueItems = new ArrayList<CPEPSAttributeValueItem>(); +// } +// if (ItemUtils.shouldBeWrapped(this.attributeValue)) { +// this.attributeValue = ItemUtils.wrap(this.attributeValue, this.attributeValueItems, CPEPSAttributeValueItem.class); +// } +// } public boolean equals(ObjectLocator thisLocator, ObjectLocator thatLocator, Object object, EqualsStrategy strategy) { if (!(object instanceof CPEPS)) { diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/CPEPSAttributeValueItem.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/CPEPSAttributeValueItem.java deleted file mode 100644 index 0af8c64b4..000000000 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/CPEPSAttributeValueItem.java +++ /dev/null @@ -1,93 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2015.07.20 at 12:19:30 PM CEST -// - - -package at.gv.egovernment.moa.id.commons.db.dao.config.deprecated; - -import java.io.Serializable; -import javax.persistence.Basic; -import javax.persistence.Column; -import javax.persistence.Entity; -import javax.persistence.GeneratedValue; -import javax.persistence.GenerationType; -import javax.persistence.Id; -import javax.persistence.Inheritance; -import javax.persistence.InheritanceType; -import javax.persistence.Table; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlElement; -import org.jvnet.hyperjaxb3.item.Item; - -@XmlAccessorType(XmlAccessType.FIELD) - - - -public class CPEPSAttributeValueItem - implements Serializable, Item<String> -{ - - @XmlElement(name = "AttributeValue", namespace = "http://www.buergerkarte.at/namespaces/moaconfig#") - protected String item; - @XmlAttribute(name = "Hjid") - protected Long hjid; - - /** - * Gets the value of the item property. - * - * @return - * possible object is - * {@link String } - * - */ - - - public String getItem() { - return item; - } - - /** - * Sets the value of the item property. - * - * @param value - * allowed object is - * {@link String } - * - */ - public void setItem(String value) { - this.item = value; - } - - /** - * Gets the value of the hjid property. - * - * @return - * possible object is - * {@link Long } - * - */ - - - - public Long getHjid() { - return hjid; - } - - /** - * Sets the value of the hjid property. - * - * @param value - * allowed object is - * {@link Long } - * - */ - public void setHjid(Long value) { - this.hjid = value; - } - -} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/Contact.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/Contact.java index 38835db05..25a9c03ea 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/Contact.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/Contact.java @@ -11,18 +11,7 @@ package at.gv.egovernment.moa.id.commons.db.dao.config.deprecated; import java.io.Serializable; import java.util.ArrayList; import java.util.List; -import javax.persistence.Basic; -import javax.persistence.CascadeType; -import javax.persistence.Column; -import javax.persistence.Entity; -import javax.persistence.GeneratedValue; -import javax.persistence.GenerationType; -import javax.persistence.Id; -import javax.persistence.Inheritance; -import javax.persistence.InheritanceType; -import javax.persistence.JoinColumn; -import javax.persistence.OneToMany; -import javax.persistence.Table; + import javax.persistence.Transient; import javax.xml.bind.annotation.XmlAccessType; import javax.xml.bind.annotation.XmlAccessorType; @@ -32,7 +21,7 @@ import javax.xml.bind.annotation.XmlRootElement; import javax.xml.bind.annotation.XmlType; import javax.xml.bind.annotation.adapters.CollapsedStringAdapter; import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter; -import org.jvnet.hyperjaxb3.item.ItemUtils; + import org.jvnet.jaxb2_commons.lang.Equals; import org.jvnet.jaxb2_commons.lang.EqualsStrategy; import org.jvnet.jaxb2_commons.lang.HashCode; @@ -41,6 +30,7 @@ import org.jvnet.jaxb2_commons.lang.JAXBEqualsStrategy; import org.jvnet.jaxb2_commons.lang.JAXBHashCodeStrategy; import org.jvnet.jaxb2_commons.locator.ObjectLocator; import org.jvnet.jaxb2_commons.locator.util.LocatorUtils; +//import org.jvnet.hyperjaxb3.item.ItemUtils; /** @@ -109,8 +99,8 @@ public class Contact protected List<String> phone; @XmlAttribute(name = "Hjid") protected Long hjid; - protected transient List<ContactMailItem> mailItems; - protected transient List<ContactPhoneItem> phoneItems; +// protected transient List<ContactMailItem> mailItems; +// protected transient List<ContactPhoneItem> phoneItems; /** * Gets the value of the surName property. @@ -319,57 +309,57 @@ public class Contact this.hjid = value; } - @OneToMany(targetEntity = ContactMailItem.class, cascade = { - CascadeType.ALL - }) - - public List<ContactMailItem> getMailItems() { - if (this.mailItems == null) { - this.mailItems = new ArrayList<ContactMailItem>(); - } - if (ItemUtils.shouldBeWrapped(this.mail)) { - this.mail = ItemUtils.wrap(this.mail, this.mailItems, ContactMailItem.class); - } - return this.mailItems; - } - - public void setMailItems(List<ContactMailItem> value) { - this.mail = null; - this.mailItems = null; - this.mailItems = value; - if (this.mailItems == null) { - this.mailItems = new ArrayList<ContactMailItem>(); - } - if (ItemUtils.shouldBeWrapped(this.mail)) { - this.mail = ItemUtils.wrap(this.mail, this.mailItems, ContactMailItem.class); - } - } - - @OneToMany(targetEntity = ContactPhoneItem.class, cascade = { - CascadeType.ALL - }) - - public List<ContactPhoneItem> getPhoneItems() { - if (this.phoneItems == null) { - this.phoneItems = new ArrayList<ContactPhoneItem>(); - } - if (ItemUtils.shouldBeWrapped(this.phone)) { - this.phone = ItemUtils.wrap(this.phone, this.phoneItems, ContactPhoneItem.class); - } - return this.phoneItems; - } - - public void setPhoneItems(List<ContactPhoneItem> value) { - this.phone = null; - this.phoneItems = null; - this.phoneItems = value; - if (this.phoneItems == null) { - this.phoneItems = new ArrayList<ContactPhoneItem>(); - } - if (ItemUtils.shouldBeWrapped(this.phone)) { - this.phone = ItemUtils.wrap(this.phone, this.phoneItems, ContactPhoneItem.class); - } - } +// @OneToMany(targetEntity = ContactMailItem.class, cascade = { +// CascadeType.ALL +// }) +// +// public List<ContactMailItem> getMailItems() { +// if (this.mailItems == null) { +// this.mailItems = new ArrayList<ContactMailItem>(); +// } +// if (ItemUtils.shouldBeWrapped(this.mail)) { +// this.mail = ItemUtils.wrap(this.mail, this.mailItems, ContactMailItem.class); +// } +// return this.mailItems; +// } +// +// public void setMailItems(List<ContactMailItem> value) { +// this.mail = null; +// this.mailItems = null; +// this.mailItems = value; +// if (this.mailItems == null) { +// this.mailItems = new ArrayList<ContactMailItem>(); +// } +// if (ItemUtils.shouldBeWrapped(this.mail)) { +// this.mail = ItemUtils.wrap(this.mail, this.mailItems, ContactMailItem.class); +// } +// } +// +// @OneToMany(targetEntity = ContactPhoneItem.class, cascade = { +// CascadeType.ALL +// }) +// +// public List<ContactPhoneItem> getPhoneItems() { +// if (this.phoneItems == null) { +// this.phoneItems = new ArrayList<ContactPhoneItem>(); +// } +// if (ItemUtils.shouldBeWrapped(this.phone)) { +// this.phone = ItemUtils.wrap(this.phone, this.phoneItems, ContactPhoneItem.class); +// } +// return this.phoneItems; +// } +// +// public void setPhoneItems(List<ContactPhoneItem> value) { +// this.phone = null; +// this.phoneItems = null; +// this.phoneItems = value; +// if (this.phoneItems == null) { +// this.phoneItems = new ArrayList<ContactPhoneItem>(); +// } +// if (ItemUtils.shouldBeWrapped(this.phone)) { +// this.phone = ItemUtils.wrap(this.phone, this.phoneItems, ContactPhoneItem.class); +// } +// } public boolean equals(ObjectLocator thisLocator, ObjectLocator thatLocator, Object object, EqualsStrategy strategy) { if (!(object instanceof Contact)) { diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/ContactMailItem.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/ContactMailItem.java deleted file mode 100644 index d7c656bd7..000000000 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/ContactMailItem.java +++ /dev/null @@ -1,93 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2015.07.20 at 12:19:30 PM CEST -// - - -package at.gv.egovernment.moa.id.commons.db.dao.config.deprecated; - -import java.io.Serializable; -import javax.persistence.Basic; -import javax.persistence.Column; -import javax.persistence.Entity; -import javax.persistence.GeneratedValue; -import javax.persistence.GenerationType; -import javax.persistence.Id; -import javax.persistence.Inheritance; -import javax.persistence.InheritanceType; -import javax.persistence.Table; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlElement; -import org.jvnet.hyperjaxb3.item.Item; - -@XmlAccessorType(XmlAccessType.FIELD) - - - -public class ContactMailItem - implements Serializable, Item<String> -{ - - @XmlElement(name = "Mail", namespace = "http://www.buergerkarte.at/namespaces/moaconfig#") - protected String item; - @XmlAttribute(name = "Hjid") - protected Long hjid; - - /** - * Gets the value of the item property. - * - * @return - * possible object is - * {@link String } - * - */ - - - public String getItem() { - return item; - } - - /** - * Sets the value of the item property. - * - * @param value - * allowed object is - * {@link String } - * - */ - public void setItem(String value) { - this.item = value; - } - - /** - * Gets the value of the hjid property. - * - * @return - * possible object is - * {@link Long } - * - */ - - - - public Long getHjid() { - return hjid; - } - - /** - * Sets the value of the hjid property. - * - * @param value - * allowed object is - * {@link Long } - * - */ - public void setHjid(Long value) { - this.hjid = value; - } - -} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/ContactPhoneItem.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/ContactPhoneItem.java deleted file mode 100644 index ae9c57ea0..000000000 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/ContactPhoneItem.java +++ /dev/null @@ -1,93 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2015.07.20 at 12:19:30 PM CEST -// - - -package at.gv.egovernment.moa.id.commons.db.dao.config.deprecated; - -import java.io.Serializable; -import javax.persistence.Basic; -import javax.persistence.Column; -import javax.persistence.Entity; -import javax.persistence.GeneratedValue; -import javax.persistence.GenerationType; -import javax.persistence.Id; -import javax.persistence.Inheritance; -import javax.persistence.InheritanceType; -import javax.persistence.Table; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlElement; -import org.jvnet.hyperjaxb3.item.Item; - -@XmlAccessorType(XmlAccessType.FIELD) - - - -public class ContactPhoneItem - implements Serializable, Item<String> -{ - - @XmlElement(name = "Phone", namespace = "http://www.buergerkarte.at/namespaces/moaconfig#") - protected String item; - @XmlAttribute(name = "Hjid") - protected Long hjid; - - /** - * Gets the value of the item property. - * - * @return - * possible object is - * {@link String } - * - */ - - - public String getItem() { - return item; - } - - /** - * Sets the value of the item property. - * - * @param value - * allowed object is - * {@link String } - * - */ - public void setItem(String value) { - this.item = value; - } - - /** - * Gets the value of the hjid property. - * - * @return - * possible object is - * {@link Long } - * - */ - - - - public Long getHjid() { - return hjid; - } - - /** - * Sets the value of the hjid property. - * - * @param value - * allowed object is - * {@link Long } - * - */ - public void setHjid(Long value) { - this.hjid = value; - } - -} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/GeneralConfiguration.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/GeneralConfiguration.java index 883245da8..d3e454e51 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/GeneralConfiguration.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/GeneralConfiguration.java @@ -27,6 +27,7 @@ import javax.xml.bind.annotation.XmlAttribute; import javax.xml.bind.annotation.XmlElement; import javax.xml.bind.annotation.XmlRootElement; import javax.xml.bind.annotation.XmlSchemaType; +import javax.xml.bind.annotation.XmlTransient; import javax.xml.bind.annotation.XmlType; import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter; import com.sun.tools.xjc.runtime.ZeroOneBooleanAdapter; @@ -107,6 +108,9 @@ public class GeneralConfiguration @XmlAttribute(name = "Hjid") protected Long hjid; + @XmlTransient + protected boolean virtualPublicURLPrefixEnabled = false; + /** * Gets the value of the timeOuts property. * @@ -322,7 +326,24 @@ public class GeneralConfiguration return true; } - public boolean equals(Object object) { + + + /** + * @return the virtualPublicURLPrefixEnabled + */ + public boolean isVirtualPublicURLPrefixEnabled() { + return virtualPublicURLPrefixEnabled; + } + + /** + * @param virtualPublicURLPrefixEnabled the virtualPublicURLPrefixEnabled to set + */ + public void setVirtualPublicURLPrefixEnabled( + boolean virtualPublicURLPrefixEnabled) { + this.virtualPublicURLPrefixEnabled = virtualPublicURLPrefixEnabled; + } + + public boolean equals(Object object) { final EqualsStrategy strategy = JAXBEqualsStrategy.INSTANCE; return equals(null, null, object, strategy); } diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/IdentityLinkSigners.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/IdentityLinkSigners.java index c48d4522d..90f46efe1 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/IdentityLinkSigners.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/IdentityLinkSigners.java @@ -11,24 +11,14 @@ package at.gv.egovernment.moa.id.commons.db.dao.config.deprecated; import java.io.Serializable; import java.util.ArrayList; import java.util.List; -import javax.persistence.CascadeType; -import javax.persistence.Column; -import javax.persistence.Entity; -import javax.persistence.GeneratedValue; -import javax.persistence.GenerationType; -import javax.persistence.Id; -import javax.persistence.Inheritance; -import javax.persistence.InheritanceType; -import javax.persistence.JoinColumn; -import javax.persistence.OneToMany; -import javax.persistence.Table; + import javax.persistence.Transient; import javax.xml.bind.annotation.XmlAccessType; import javax.xml.bind.annotation.XmlAccessorType; import javax.xml.bind.annotation.XmlAttribute; import javax.xml.bind.annotation.XmlElement; import javax.xml.bind.annotation.XmlType; -import org.jvnet.hyperjaxb3.item.ItemUtils; + import org.jvnet.jaxb2_commons.lang.Equals; import org.jvnet.jaxb2_commons.lang.EqualsStrategy; import org.jvnet.jaxb2_commons.lang.HashCode; @@ -73,7 +63,7 @@ public class IdentityLinkSigners protected List<String> x509SubjectName; @XmlAttribute(name = "Hjid") protected Long hjid; - protected transient List<IdentityLinkSignersX509SubjectNameItem> x509SubjectNameItems; +// protected transient List<IdentityLinkSignersX509SubjectNameItem> x509SubjectNameItems; /** * Gets the value of the x509SubjectName property. @@ -140,31 +130,31 @@ public class IdentityLinkSigners this.hjid = value; } - @OneToMany(targetEntity = IdentityLinkSignersX509SubjectNameItem.class, cascade = { - CascadeType.ALL - }) - - public List<IdentityLinkSignersX509SubjectNameItem> getX509SubjectNameItems() { - if (this.x509SubjectNameItems == null) { - this.x509SubjectNameItems = new ArrayList<IdentityLinkSignersX509SubjectNameItem>(); - } - if (ItemUtils.shouldBeWrapped(this.x509SubjectName)) { - this.x509SubjectName = ItemUtils.wrap(this.x509SubjectName, this.x509SubjectNameItems, IdentityLinkSignersX509SubjectNameItem.class); - } - return this.x509SubjectNameItems; - } - - public void setX509SubjectNameItems(List<IdentityLinkSignersX509SubjectNameItem> value) { - this.x509SubjectName = null; - this.x509SubjectNameItems = null; - this.x509SubjectNameItems = value; - if (this.x509SubjectNameItems == null) { - this.x509SubjectNameItems = new ArrayList<IdentityLinkSignersX509SubjectNameItem>(); - } - if (ItemUtils.shouldBeWrapped(this.x509SubjectName)) { - this.x509SubjectName = ItemUtils.wrap(this.x509SubjectName, this.x509SubjectNameItems, IdentityLinkSignersX509SubjectNameItem.class); - } - } +// @OneToMany(targetEntity = IdentityLinkSignersX509SubjectNameItem.class, cascade = { +// CascadeType.ALL +// }) +// +// public List<IdentityLinkSignersX509SubjectNameItem> getX509SubjectNameItems() { +// if (this.x509SubjectNameItems == null) { +// this.x509SubjectNameItems = new ArrayList<IdentityLinkSignersX509SubjectNameItem>(); +// } +// if (ItemUtils.shouldBeWrapped(this.x509SubjectName)) { +// this.x509SubjectName = ItemUtils.wrap(this.x509SubjectName, this.x509SubjectNameItems, IdentityLinkSignersX509SubjectNameItem.class); +// } +// return this.x509SubjectNameItems; +// } +// +// public void setX509SubjectNameItems(List<IdentityLinkSignersX509SubjectNameItem> value) { +// this.x509SubjectName = null; +// this.x509SubjectNameItems = null; +// this.x509SubjectNameItems = value; +// if (this.x509SubjectNameItems == null) { +// this.x509SubjectNameItems = new ArrayList<IdentityLinkSignersX509SubjectNameItem>(); +// } +// if (ItemUtils.shouldBeWrapped(this.x509SubjectName)) { +// this.x509SubjectName = ItemUtils.wrap(this.x509SubjectName, this.x509SubjectNameItems, IdentityLinkSignersX509SubjectNameItem.class); +// } +// } public boolean equals(ObjectLocator thisLocator, ObjectLocator thatLocator, Object object, EqualsStrategy strategy) { if (!(object instanceof IdentityLinkSigners)) { diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/IdentityLinkSignersX509SubjectNameItem.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/IdentityLinkSignersX509SubjectNameItem.java deleted file mode 100644 index c0679df1c..000000000 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/IdentityLinkSignersX509SubjectNameItem.java +++ /dev/null @@ -1,93 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2015.07.20 at 12:19:30 PM CEST -// - - -package at.gv.egovernment.moa.id.commons.db.dao.config.deprecated; - -import java.io.Serializable; -import javax.persistence.Basic; -import javax.persistence.Column; -import javax.persistence.Entity; -import javax.persistence.GeneratedValue; -import javax.persistence.GenerationType; -import javax.persistence.Id; -import javax.persistence.Inheritance; -import javax.persistence.InheritanceType; -import javax.persistence.Table; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlElement; -import org.jvnet.hyperjaxb3.item.Item; - -@XmlAccessorType(XmlAccessType.FIELD) - - - -public class IdentityLinkSignersX509SubjectNameItem - implements Serializable, Item<String> -{ - - @XmlElement(name = "X509SubjectName", namespace = "http://www.buergerkarte.at/namespaces/moaconfig#") - protected String item; - @XmlAttribute(name = "Hjid") - protected Long hjid; - - /** - * Gets the value of the item property. - * - * @return - * possible object is - * {@link String } - * - */ - - - public String getItem() { - return item; - } - - /** - * Sets the value of the item property. - * - * @param value - * allowed object is - * {@link String } - * - */ - public void setItem(String value) { - this.item = value; - } - - /** - * Gets the value of the hjid property. - * - * @return - * possible object is - * {@link Long } - * - */ - - - - public Long getHjid() { - return hjid; - } - - /** - * Sets the value of the hjid property. - * - * @param value - * allowed object is - * {@link Long } - * - */ - public void setHjid(Long value) { - this.hjid = value; - } - -} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/LegacyAllowed.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/LegacyAllowed.java index 12a48c88e..1a45642d1 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/LegacyAllowed.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/LegacyAllowed.java @@ -11,24 +11,14 @@ package at.gv.egovernment.moa.id.commons.db.dao.config.deprecated; import java.io.Serializable; import java.util.ArrayList; import java.util.List; -import javax.persistence.CascadeType; -import javax.persistence.Column; -import javax.persistence.Entity; -import javax.persistence.GeneratedValue; -import javax.persistence.GenerationType; -import javax.persistence.Id; -import javax.persistence.Inheritance; -import javax.persistence.InheritanceType; -import javax.persistence.JoinColumn; -import javax.persistence.OneToMany; -import javax.persistence.Table; + import javax.persistence.Transient; import javax.xml.bind.annotation.XmlAccessType; import javax.xml.bind.annotation.XmlAccessorType; import javax.xml.bind.annotation.XmlAttribute; import javax.xml.bind.annotation.XmlElement; import javax.xml.bind.annotation.XmlType; -import org.jvnet.hyperjaxb3.item.ItemUtils; + import org.jvnet.jaxb2_commons.lang.Equals; import org.jvnet.jaxb2_commons.lang.EqualsStrategy; import org.jvnet.jaxb2_commons.lang.HashCode; @@ -73,7 +63,7 @@ public class LegacyAllowed protected List<String> protocolName; @XmlAttribute(name = "Hjid") protected Long hjid; - protected transient List<LegacyAllowedProtocolNameItem> protocolNameItems; +// protected transient List<LegacyAllowedProtocolNameItem> protocolNameItems; /** * Gets the value of the protocolName property. @@ -140,31 +130,31 @@ public class LegacyAllowed this.hjid = value; } - @OneToMany(targetEntity = LegacyAllowedProtocolNameItem.class, cascade = { - CascadeType.ALL - }) - - public List<LegacyAllowedProtocolNameItem> getProtocolNameItems() { - if (this.protocolNameItems == null) { - this.protocolNameItems = new ArrayList<LegacyAllowedProtocolNameItem>(); - } - if (ItemUtils.shouldBeWrapped(this.protocolName)) { - this.protocolName = ItemUtils.wrap(this.protocolName, this.protocolNameItems, LegacyAllowedProtocolNameItem.class); - } - return this.protocolNameItems; - } - - public void setProtocolNameItems(List<LegacyAllowedProtocolNameItem> value) { - this.protocolName = null; - this.protocolNameItems = null; - this.protocolNameItems = value; - if (this.protocolNameItems == null) { - this.protocolNameItems = new ArrayList<LegacyAllowedProtocolNameItem>(); - } - if (ItemUtils.shouldBeWrapped(this.protocolName)) { - this.protocolName = ItemUtils.wrap(this.protocolName, this.protocolNameItems, LegacyAllowedProtocolNameItem.class); - } - } +// @OneToMany(targetEntity = LegacyAllowedProtocolNameItem.class, cascade = { +// CascadeType.ALL +// }) +// +// public List<LegacyAllowedProtocolNameItem> getProtocolNameItems() { +// if (this.protocolNameItems == null) { +// this.protocolNameItems = new ArrayList<LegacyAllowedProtocolNameItem>(); +// } +// if (ItemUtils.shouldBeWrapped(this.protocolName)) { +// this.protocolName = ItemUtils.wrap(this.protocolName, this.protocolNameItems, LegacyAllowedProtocolNameItem.class); +// } +// return this.protocolNameItems; +// } +// +// public void setProtocolNameItems(List<LegacyAllowedProtocolNameItem> value) { +// this.protocolName = null; +// this.protocolNameItems = null; +// this.protocolNameItems = value; +// if (this.protocolNameItems == null) { +// this.protocolNameItems = new ArrayList<LegacyAllowedProtocolNameItem>(); +// } +// if (ItemUtils.shouldBeWrapped(this.protocolName)) { +// this.protocolName = ItemUtils.wrap(this.protocolName, this.protocolNameItems, LegacyAllowedProtocolNameItem.class); +// } +// } public boolean equals(ObjectLocator thisLocator, ObjectLocator thatLocator, Object object, EqualsStrategy strategy) { if (!(object instanceof LegacyAllowed)) { diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/LegacyAllowedProtocolNameItem.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/LegacyAllowedProtocolNameItem.java deleted file mode 100644 index 91aae9742..000000000 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/LegacyAllowedProtocolNameItem.java +++ /dev/null @@ -1,93 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2015.07.20 at 12:19:30 PM CEST -// - - -package at.gv.egovernment.moa.id.commons.db.dao.config.deprecated; - -import java.io.Serializable; -import javax.persistence.Basic; -import javax.persistence.Column; -import javax.persistence.Entity; -import javax.persistence.GeneratedValue; -import javax.persistence.GenerationType; -import javax.persistence.Id; -import javax.persistence.Inheritance; -import javax.persistence.InheritanceType; -import javax.persistence.Table; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlElement; -import org.jvnet.hyperjaxb3.item.Item; - -@XmlAccessorType(XmlAccessType.FIELD) - - - -public class LegacyAllowedProtocolNameItem - implements Serializable, Item<String> -{ - - @XmlElement(name = "ProtocolName", namespace = "http://www.buergerkarte.at/namespaces/moaconfig#") - protected String item; - @XmlAttribute(name = "Hjid") - protected Long hjid; - - /** - * Gets the value of the item property. - * - * @return - * possible object is - * {@link String } - * - */ - - - public String getItem() { - return item; - } - - /** - * Sets the value of the item property. - * - * @param value - * allowed object is - * {@link String } - * - */ - public void setItem(String value) { - this.item = value; - } - - /** - * Gets the value of the hjid property. - * - * @return - * possible object is - * {@link Long } - * - */ - - - - public Long getHjid() { - return hjid; - } - - /** - * Sets the value of the hjid property. - * - * @param value - * allowed object is - * {@link Long } - * - */ - public void setHjid(Long value) { - this.hjid = value; - } - -} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/MOAIDConfiguration.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/MOAIDConfiguration.java index 64e4be82b..810139c84 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/MOAIDConfiguration.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/MOAIDConfiguration.java @@ -12,19 +12,10 @@ import java.io.Serializable; import java.util.ArrayList; import java.util.Date; import java.util.List; -import javax.persistence.Basic; + import javax.persistence.CascadeType; -import javax.persistence.Column; -import javax.persistence.Entity; -import javax.persistence.GeneratedValue; -import javax.persistence.GenerationType; -import javax.persistence.Id; -import javax.persistence.Inheritance; -import javax.persistence.InheritanceType; -import javax.persistence.JoinColumn; import javax.persistence.ManyToOne; import javax.persistence.OneToMany; -import javax.persistence.Table; import javax.persistence.Temporal; import javax.persistence.TemporalType; import javax.persistence.Transient; @@ -37,8 +28,7 @@ import javax.xml.bind.annotation.XmlSchemaType; import javax.xml.bind.annotation.XmlTransient; import javax.xml.bind.annotation.XmlType; import javax.xml.datatype.XMLGregorianCalendar; -import org.jvnet.hyperjaxb3.xml.bind.annotation.adapters.XMLGregorianCalendarAsDateTime; -import org.jvnet.hyperjaxb3.xml.bind.annotation.adapters.XmlAdapterUtils; + import org.jvnet.jaxb2_commons.lang.Equals; import org.jvnet.jaxb2_commons.lang.EqualsStrategy; import org.jvnet.jaxb2_commons.lang.HashCode; @@ -511,22 +501,24 @@ public class MOAIDConfiguration @Temporal(TemporalType.TIMESTAMP) public Date getTimestampItem() { - return XmlAdapterUtils.unmarshall(XMLGregorianCalendarAsDateTime.class, this.getTimestamp()); + //return XmlAdapterUtils.unmarshall(XMLGregorianCalendarAsDateTime.class, this.getTimestamp()); + return new Date(); } public void setTimestampItem(Date target) { - setTimestamp(XmlAdapterUtils.marshall(XMLGregorianCalendarAsDateTime.class, target)); + //setTimestamp(XmlAdapterUtils.marshall(XMLGregorianCalendarAsDateTime.class, target)); } @Temporal(TemporalType.TIMESTAMP) public Date getPvp2RefreshItem() { - return XmlAdapterUtils.unmarshall(XMLGregorianCalendarAsDateTime.class, this.getPvp2Refresh()); + //return XmlAdapterUtils.unmarshall(XMLGregorianCalendarAsDateTime.class, this.getPvp2Refresh()); + return new Date(); } public void setPvp2RefreshItem(Date target) { - setPvp2Refresh(XmlAdapterUtils.marshall(XMLGregorianCalendarAsDateTime.class, target)); + //setPvp2Refresh(XmlAdapterUtils.marshall(XMLGregorianCalendarAsDateTime.class, target)); } public boolean equals(ObjectLocator thisLocator, ObjectLocator thatLocator, Object object, EqualsStrategy strategy) { diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/Mandates.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/Mandates.java index 247be940c..a87a6d1f6 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/Mandates.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/Mandates.java @@ -11,25 +11,14 @@ package at.gv.egovernment.moa.id.commons.db.dao.config.deprecated; import java.io.Serializable; import java.util.ArrayList; import java.util.List; -import javax.persistence.Basic; -import javax.persistence.CascadeType; -import javax.persistence.Column; -import javax.persistence.Entity; -import javax.persistence.GeneratedValue; -import javax.persistence.GenerationType; -import javax.persistence.Id; -import javax.persistence.Inheritance; -import javax.persistence.InheritanceType; -import javax.persistence.JoinColumn; -import javax.persistence.OneToMany; -import javax.persistence.Table; + import javax.persistence.Transient; import javax.xml.bind.annotation.XmlAccessType; import javax.xml.bind.annotation.XmlAccessorType; import javax.xml.bind.annotation.XmlAttribute; import javax.xml.bind.annotation.XmlElement; import javax.xml.bind.annotation.XmlType; -import org.jvnet.hyperjaxb3.item.ItemUtils; + import org.jvnet.jaxb2_commons.lang.Equals; import org.jvnet.jaxb2_commons.lang.EqualsStrategy; import org.jvnet.jaxb2_commons.lang.HashCode; @@ -38,6 +27,7 @@ import org.jvnet.jaxb2_commons.lang.JAXBEqualsStrategy; import org.jvnet.jaxb2_commons.lang.JAXBHashCodeStrategy; import org.jvnet.jaxb2_commons.locator.ObjectLocator; import org.jvnet.jaxb2_commons.locator.util.LocatorUtils; +//import org.jvnet.hyperjaxb3.item.ItemUtils; /** @@ -78,7 +68,7 @@ public class Mandates protected List<String> profileName; @XmlAttribute(name = "Hjid") protected Long hjid; - protected transient List<MandatesProfileNameItem> profileNameItems; +// protected transient List<MandatesProfileNameItem> profileNameItems; /** * Gets the value of the profiles property. @@ -171,31 +161,31 @@ public class Mandates this.hjid = value; } - @OneToMany(targetEntity = MandatesProfileNameItem.class, cascade = { - CascadeType.ALL - }) - - public List<MandatesProfileNameItem> getProfileNameItems() { - if (this.profileNameItems == null) { - this.profileNameItems = new ArrayList<MandatesProfileNameItem>(); - } - if (ItemUtils.shouldBeWrapped(this.profileName)) { - this.profileName = ItemUtils.wrap(this.profileName, this.profileNameItems, MandatesProfileNameItem.class); - } - return this.profileNameItems; - } - - public void setProfileNameItems(List<MandatesProfileNameItem> value) { - this.profileName = null; - this.profileNameItems = null; - this.profileNameItems = value; - if (this.profileNameItems == null) { - this.profileNameItems = new ArrayList<MandatesProfileNameItem>(); - } - if (ItemUtils.shouldBeWrapped(this.profileName)) { - this.profileName = ItemUtils.wrap(this.profileName, this.profileNameItems, MandatesProfileNameItem.class); - } - } +// @OneToMany(targetEntity = MandatesProfileNameItem.class, cascade = { +// CascadeType.ALL +// }) +// +// public List<MandatesProfileNameItem> getProfileNameItems() { +// if (this.profileNameItems == null) { +// this.profileNameItems = new ArrayList<MandatesProfileNameItem>(); +// } +// if (ItemUtils.shouldBeWrapped(this.profileName)) { +// this.profileName = ItemUtils.wrap(this.profileName, this.profileNameItems, MandatesProfileNameItem.class); +// } +// return this.profileNameItems; +// } +// +// public void setProfileNameItems(List<MandatesProfileNameItem> value) { +// this.profileName = null; +// this.profileNameItems = null; +// this.profileNameItems = value; +// if (this.profileNameItems == null) { +// this.profileNameItems = new ArrayList<MandatesProfileNameItem>(); +// } +// if (ItemUtils.shouldBeWrapped(this.profileName)) { +// this.profileName = ItemUtils.wrap(this.profileName, this.profileNameItems, MandatesProfileNameItem.class); +// } +// } public boolean equals(ObjectLocator thisLocator, ObjectLocator thatLocator, Object object, EqualsStrategy strategy) { if (!(object instanceof Mandates)) { diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/MandatesProfileNameItem.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/MandatesProfileNameItem.java deleted file mode 100644 index 0ef09c0dc..000000000 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/MandatesProfileNameItem.java +++ /dev/null @@ -1,93 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2015.07.20 at 12:19:30 PM CEST -// - - -package at.gv.egovernment.moa.id.commons.db.dao.config.deprecated; - -import java.io.Serializable; -import javax.persistence.Basic; -import javax.persistence.Column; -import javax.persistence.Entity; -import javax.persistence.GeneratedValue; -import javax.persistence.GenerationType; -import javax.persistence.Id; -import javax.persistence.Inheritance; -import javax.persistence.InheritanceType; -import javax.persistence.Table; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlElement; -import org.jvnet.hyperjaxb3.item.Item; - -@XmlAccessorType(XmlAccessType.FIELD) - - - -public class MandatesProfileNameItem - implements Serializable, Item<String> -{ - - @XmlElement(name = "ProfileName", namespace = "http://www.buergerkarte.at/namespaces/moaconfig#") - protected String item; - @XmlAttribute(name = "Hjid") - protected Long hjid; - - /** - * Gets the value of the item property. - * - * @return - * possible object is - * {@link String } - * - */ - - - public String getItem() { - return item; - } - - /** - * Sets the value of the item property. - * - * @param value - * allowed object is - * {@link String } - * - */ - public void setItem(String value) { - this.item = value; - } - - /** - * Gets the value of the hjid property. - * - * @return - * possible object is - * {@link Long } - * - */ - - - - public Long getHjid() { - return hjid; - } - - /** - * Sets the value of the hjid property. - * - * @param value - * allowed object is - * {@link Long } - * - */ - public void setHjid(Long value) { - this.hjid = value; - } - -} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/OAPVP2.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/OAPVP2.java index d5cee7b83..ea34d7a06 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/OAPVP2.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/OAPVP2.java @@ -10,16 +10,8 @@ package at.gv.egovernment.moa.id.commons.db.dao.config.deprecated; import java.io.Serializable; import java.util.Date; -import javax.persistence.Basic; -import javax.persistence.Column; -import javax.persistence.Entity; -import javax.persistence.GeneratedValue; -import javax.persistence.GenerationType; -import javax.persistence.Id; -import javax.persistence.Inheritance; -import javax.persistence.InheritanceType; + import javax.persistence.Lob; -import javax.persistence.Table; import javax.persistence.Temporal; import javax.persistence.TemporalType; import javax.persistence.Transient; @@ -31,8 +23,7 @@ import javax.xml.bind.annotation.XmlRootElement; import javax.xml.bind.annotation.XmlSchemaType; import javax.xml.bind.annotation.XmlType; import javax.xml.datatype.XMLGregorianCalendar; -import org.jvnet.hyperjaxb3.xml.bind.annotation.adapters.XMLGregorianCalendarAsDateTime; -import org.jvnet.hyperjaxb3.xml.bind.annotation.adapters.XmlAdapterUtils; + import org.jvnet.jaxb2_commons.lang.Equals; import org.jvnet.jaxb2_commons.lang.EqualsStrategy; import org.jvnet.jaxb2_commons.lang.HashCode; @@ -196,11 +187,12 @@ public class OAPVP2 @Temporal(TemporalType.TIMESTAMP) public Date getUpdateRequiredItem() { - return XmlAdapterUtils.unmarshall(XMLGregorianCalendarAsDateTime.class, this.getUpdateRequired()); + //return XmlAdapterUtils.unmarshall(XMLGregorianCalendarAsDateTime.class, this.getUpdateRequired()); + return new Date(); } public void setUpdateRequiredItem(Date target) { - setUpdateRequired(XmlAdapterUtils.marshall(XMLGregorianCalendarAsDateTime.class, target)); + //setUpdateRequired(XmlAdapterUtils.marshall(XMLGregorianCalendarAsDateTime.class, target)); } public boolean equals(ObjectLocator thisLocator, ObjectLocator thatLocator, Object object, EqualsStrategy strategy) { diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/TestCredentials.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/TestCredentials.java index 2e80cb0d5..673e7b9ce 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/TestCredentials.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/TestCredentials.java @@ -11,18 +11,7 @@ package at.gv.egovernment.moa.id.commons.db.dao.config.deprecated; import java.io.Serializable; import java.util.ArrayList; import java.util.List; -import javax.persistence.Basic; -import javax.persistence.CascadeType; -import javax.persistence.Column; -import javax.persistence.Entity; -import javax.persistence.GeneratedValue; -import javax.persistence.GenerationType; -import javax.persistence.Id; -import javax.persistence.Inheritance; -import javax.persistence.InheritanceType; -import javax.persistence.JoinColumn; -import javax.persistence.OneToMany; -import javax.persistence.Table; + import javax.persistence.Transient; import javax.xml.bind.annotation.XmlAccessType; import javax.xml.bind.annotation.XmlAccessorType; @@ -31,8 +20,7 @@ import javax.xml.bind.annotation.XmlSchemaType; import javax.xml.bind.annotation.XmlTransient; import javax.xml.bind.annotation.XmlType; import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter; -import com.sun.tools.xjc.runtime.ZeroOneBooleanAdapter; -import org.jvnet.hyperjaxb3.item.ItemUtils; + import org.jvnet.jaxb2_commons.lang.Equals; import org.jvnet.jaxb2_commons.lang.EqualsStrategy; import org.jvnet.jaxb2_commons.lang.HashCode; @@ -42,6 +30,8 @@ import org.jvnet.jaxb2_commons.lang.JAXBHashCodeStrategy; import org.jvnet.jaxb2_commons.locator.ObjectLocator; import org.jvnet.jaxb2_commons.locator.util.LocatorUtils; +import com.sun.tools.xjc.runtime.ZeroOneBooleanAdapter; + /** * <p>Java class for anonymous complex type. @@ -81,7 +71,7 @@ public class TestCredentials protected Boolean enableTestCredentials; @XmlAttribute(name = "Hjid") protected Long hjid; - protected transient List<TestCredentialsCredentialOIDItem> credentialOIDItems; + //protected transient List<TestCredentialsCredentialOIDItem> credentialOIDItems; @XmlTransient protected boolean useTestIDLTrustStore; @@ -185,31 +175,31 @@ public class TestCredentials this.hjid = value; } - @OneToMany(targetEntity = TestCredentialsCredentialOIDItem.class, cascade = { - CascadeType.ALL - }) - - public List<TestCredentialsCredentialOIDItem> getCredentialOIDItems() { - if (this.credentialOIDItems == null) { - this.credentialOIDItems = new ArrayList<TestCredentialsCredentialOIDItem>(); - } - if (ItemUtils.shouldBeWrapped(this.credentialOID)) { - this.credentialOID = ItemUtils.wrap(this.credentialOID, this.credentialOIDItems, TestCredentialsCredentialOIDItem.class); - } - return this.credentialOIDItems; - } - - public void setCredentialOIDItems(List<TestCredentialsCredentialOIDItem> value) { - this.credentialOID = null; - this.credentialOIDItems = null; - this.credentialOIDItems = value; - if (this.credentialOIDItems == null) { - this.credentialOIDItems = new ArrayList<TestCredentialsCredentialOIDItem>(); - } - if (ItemUtils.shouldBeWrapped(this.credentialOID)) { - this.credentialOID = ItemUtils.wrap(this.credentialOID, this.credentialOIDItems, TestCredentialsCredentialOIDItem.class); - } - } +// @OneToMany(targetEntity = TestCredentialsCredentialOIDItem.class, cascade = { +// CascadeType.ALL +// }) +// +// public List<TestCredentialsCredentialOIDItem> getCredentialOIDItems() { +// if (this.credentialOIDItems == null) { +// this.credentialOIDItems = new ArrayList<TestCredentialsCredentialOIDItem>(); +// } +// if (ItemUtils.shouldBeWrapped(this.credentialOID)) { +// this.credentialOID = ItemUtils.wrap(this.credentialOID, this.credentialOIDItems, TestCredentialsCredentialOIDItem.class); +// } +// return this.credentialOIDItems; +// } +// +// public void setCredentialOIDItems(List<TestCredentialsCredentialOIDItem> value) { +// this.credentialOID = null; +// this.credentialOIDItems = null; +// this.credentialOIDItems = value; +// if (this.credentialOIDItems == null) { +// this.credentialOIDItems = new ArrayList<TestCredentialsCredentialOIDItem>(); +// } +// if (ItemUtils.shouldBeWrapped(this.credentialOID)) { +// this.credentialOID = ItemUtils.wrap(this.credentialOID, this.credentialOIDItems, TestCredentialsCredentialOIDItem.class); +// } +// } diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/TestCredentialsCredentialOIDItem.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/TestCredentialsCredentialOIDItem.java deleted file mode 100644 index 3e386be66..000000000 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/TestCredentialsCredentialOIDItem.java +++ /dev/null @@ -1,93 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2015.07.20 at 12:19:30 PM CEST -// - - -package at.gv.egovernment.moa.id.commons.db.dao.config.deprecated; - -import java.io.Serializable; -import javax.persistence.Basic; -import javax.persistence.Column; -import javax.persistence.Entity; -import javax.persistence.GeneratedValue; -import javax.persistence.GenerationType; -import javax.persistence.Id; -import javax.persistence.Inheritance; -import javax.persistence.InheritanceType; -import javax.persistence.Table; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlElement; -import org.jvnet.hyperjaxb3.item.Item; - -@XmlAccessorType(XmlAccessType.FIELD) - - - -public class TestCredentialsCredentialOIDItem - implements Serializable, Item<String> -{ - - @XmlElement(name = "credentialOID", namespace = "http://www.buergerkarte.at/namespaces/moaconfig#") - protected String item; - @XmlAttribute(name = "Hjid") - protected Long hjid; - - /** - * Gets the value of the item property. - * - * @return - * possible object is - * {@link String } - * - */ - - - public String getItem() { - return item; - } - - /** - * Sets the value of the item property. - * - * @param value - * allowed object is - * {@link String } - * - */ - public void setItem(String value) { - this.item = value; - } - - /** - * Gets the value of the hjid property. - * - * @return - * possible object is - * {@link Long } - * - */ - - - - public Long getHjid() { - return hjid; - } - - /** - * Sets the value of the hjid property. - * - * @param value - * allowed object is - * {@link Long } - * - */ - public void setHjid(Long value) { - this.hjid = value; - } - -} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/VerifyAuthBlock.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/VerifyAuthBlock.java index 155863b03..01a5c9b1b 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/VerifyAuthBlock.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/VerifyAuthBlock.java @@ -11,18 +11,7 @@ package at.gv.egovernment.moa.id.commons.db.dao.config.deprecated; import java.io.Serializable; import java.util.ArrayList; import java.util.List; -import javax.persistence.Basic; -import javax.persistence.CascadeType; -import javax.persistence.Column; -import javax.persistence.Entity; -import javax.persistence.GeneratedValue; -import javax.persistence.GenerationType; -import javax.persistence.Id; -import javax.persistence.Inheritance; -import javax.persistence.InheritanceType; -import javax.persistence.JoinColumn; -import javax.persistence.OneToMany; -import javax.persistence.Table; + import javax.persistence.Transient; import javax.xml.bind.annotation.XmlAccessType; import javax.xml.bind.annotation.XmlAccessorType; @@ -30,7 +19,7 @@ import javax.xml.bind.annotation.XmlAttribute; import javax.xml.bind.annotation.XmlElement; import javax.xml.bind.annotation.XmlTransient; import javax.xml.bind.annotation.XmlType; -import org.jvnet.hyperjaxb3.item.ItemUtils; + import org.jvnet.jaxb2_commons.lang.Equals; import org.jvnet.jaxb2_commons.lang.EqualsStrategy; import org.jvnet.jaxb2_commons.lang.HashCode; @@ -39,6 +28,7 @@ import org.jvnet.jaxb2_commons.lang.JAXBEqualsStrategy; import org.jvnet.jaxb2_commons.lang.JAXBHashCodeStrategy; import org.jvnet.jaxb2_commons.locator.ObjectLocator; import org.jvnet.jaxb2_commons.locator.util.LocatorUtils; +//import org.jvnet.hyperjaxb3.item.ItemUtils; /** @@ -79,7 +69,7 @@ public class VerifyAuthBlock protected List<String> verifyTransformsInfoProfileID; @XmlAttribute(name = "Hjid") protected Long hjid; - protected transient List<VerifyAuthBlockVerifyTransformsInfoProfileIDItem> verifyTransformsInfoProfileIDItems; +// protected List<VerifyAuthBlockVerifyTransformsInfoProfileIDItem> verifyTransformsInfoProfileIDItems; @XmlTransient protected String TestTrustProfileID; @@ -192,31 +182,31 @@ public class VerifyAuthBlock this.hjid = value; } - @OneToMany(targetEntity = VerifyAuthBlockVerifyTransformsInfoProfileIDItem.class, cascade = { - CascadeType.ALL - }) +// @OneToMany(targetEntity = VerifyAuthBlockVerifyTransformsInfoProfileIDItem.class, cascade = { +// CascadeType.ALL +// }) - public List<VerifyAuthBlockVerifyTransformsInfoProfileIDItem> getVerifyTransformsInfoProfileIDItems() { - if (this.verifyTransformsInfoProfileIDItems == null) { - this.verifyTransformsInfoProfileIDItems = new ArrayList<VerifyAuthBlockVerifyTransformsInfoProfileIDItem>(); - } - if (ItemUtils.shouldBeWrapped(this.verifyTransformsInfoProfileID)) { - this.verifyTransformsInfoProfileID = ItemUtils.wrap(this.verifyTransformsInfoProfileID, this.verifyTransformsInfoProfileIDItems, VerifyAuthBlockVerifyTransformsInfoProfileIDItem.class); - } - return this.verifyTransformsInfoProfileIDItems; - } - - public void setVerifyTransformsInfoProfileIDItems(List<VerifyAuthBlockVerifyTransformsInfoProfileIDItem> value) { - this.verifyTransformsInfoProfileID = null; - this.verifyTransformsInfoProfileIDItems = null; - this.verifyTransformsInfoProfileIDItems = value; - if (this.verifyTransformsInfoProfileIDItems == null) { - this.verifyTransformsInfoProfileIDItems = new ArrayList<VerifyAuthBlockVerifyTransformsInfoProfileIDItem>(); - } - if (ItemUtils.shouldBeWrapped(this.verifyTransformsInfoProfileID)) { - this.verifyTransformsInfoProfileID = ItemUtils.wrap(this.verifyTransformsInfoProfileID, this.verifyTransformsInfoProfileIDItems, VerifyAuthBlockVerifyTransformsInfoProfileIDItem.class); - } - } +// public List<VerifyAuthBlockVerifyTransformsInfoProfileIDItem> getVerifyTransformsInfoProfileIDItems() { +// if (this.verifyTransformsInfoProfileIDItems == null) { +// this.verifyTransformsInfoProfileIDItems = new ArrayList<VerifyAuthBlockVerifyTransformsInfoProfileIDItem>(); +// } +// if (ItemUtils.shouldBeWrapped(this.verifyTransformsInfoProfileID)) { +// this.verifyTransformsInfoProfileID = ItemUtils.wrap(this.verifyTransformsInfoProfileID, this.verifyTransformsInfoProfileIDItems, VerifyAuthBlockVerifyTransformsInfoProfileIDItem.class); +// } +// return this.verifyTransformsInfoProfileIDItems; +// } +// +// public void setVerifyTransformsInfoProfileIDItems(List<VerifyAuthBlockVerifyTransformsInfoProfileIDItem> value) { +// this.verifyTransformsInfoProfileID = null; +// this.verifyTransformsInfoProfileIDItems = null; +// this.verifyTransformsInfoProfileIDItems = value; +// if (this.verifyTransformsInfoProfileIDItems == null) { +// this.verifyTransformsInfoProfileIDItems = new ArrayList<VerifyAuthBlockVerifyTransformsInfoProfileIDItem>(); +// } +// if (ItemUtils.shouldBeWrapped(this.verifyTransformsInfoProfileID)) { +// this.verifyTransformsInfoProfileID = ItemUtils.wrap(this.verifyTransformsInfoProfileID, this.verifyTransformsInfoProfileIDItems, VerifyAuthBlockVerifyTransformsInfoProfileIDItem.class); +// } +// } public boolean equals(ObjectLocator thisLocator, ObjectLocator thatLocator, Object object, EqualsStrategy strategy) { if (!(object instanceof VerifyAuthBlock)) { diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/VerifyAuthBlockVerifyTransformsInfoProfileIDItem.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/VerifyAuthBlockVerifyTransformsInfoProfileIDItem.java deleted file mode 100644 index 8955525dd..000000000 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/VerifyAuthBlockVerifyTransformsInfoProfileIDItem.java +++ /dev/null @@ -1,93 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2015.07.20 at 12:19:30 PM CEST -// - - -package at.gv.egovernment.moa.id.commons.db.dao.config.deprecated; - -import java.io.Serializable; -import javax.persistence.Basic; -import javax.persistence.Column; -import javax.persistence.Entity; -import javax.persistence.GeneratedValue; -import javax.persistence.GenerationType; -import javax.persistence.Id; -import javax.persistence.Inheritance; -import javax.persistence.InheritanceType; -import javax.persistence.Table; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlElement; -import org.jvnet.hyperjaxb3.item.Item; - -@XmlAccessorType(XmlAccessType.FIELD) - - - -public class VerifyAuthBlockVerifyTransformsInfoProfileIDItem - implements Serializable, Item<String> -{ - - @XmlElement(name = "VerifyTransformsInfoProfileID", namespace = "http://www.buergerkarte.at/namespaces/moaconfig#") - protected String item; - @XmlAttribute(name = "Hjid") - protected Long hjid; - - /** - * Gets the value of the item property. - * - * @return - * possible object is - * {@link String } - * - */ - - - public String getItem() { - return item; - } - - /** - * Sets the value of the item property. - * - * @param value - * allowed object is - * {@link String } - * - */ - public void setItem(String value) { - this.item = value; - } - - /** - * Gets the value of the hjid property. - * - * @return - * possible object is - * {@link Long } - * - */ - - - - public Long getHjid() { - return hjid; - } - - /** - * Sets the value of the hjid property. - * - * @param value - * allowed object is - * {@link Long } - * - */ - public void setHjid(Long value) { - this.hjid = value; - } - -} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/InterfederationSessionStore.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/InterfederationSessionStore.java index 7b298a7d9..54216edc4 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/InterfederationSessionStore.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/InterfederationSessionStore.java @@ -62,6 +62,9 @@ public class InterfederationSessionStore implements Serializable{ @Column(name = "QAALevel", unique=false, nullable=false) private String QAALevel; + @Column(name = "authURL", unique=false, nullable=false) + private String authURL; + @Column(name = "attributesRequested", unique=false, nullable=true) private boolean attributesRequested; @@ -207,6 +210,20 @@ public class InterfederationSessionStore implements Serializable{ this.storeSSOInformation = storeSSOInformation; } + /** + * @return the authURL + */ + public String getAuthURL() { + return authURL; + } + + /** + * @param authURL the authURL to set + */ + public void setAuthURL(String authURL) { + this.authURL = authURL; + } + } diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/OASessionStore.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/OASessionStore.java index 0daeba40e..8b720e901 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/OASessionStore.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/OASessionStore.java @@ -65,6 +65,9 @@ public class OASessionStore implements Serializable{ @Column(name = "protocolType", unique=false, nullable=true) private String protocolType; + @Column(name = "authURL", unique=false, nullable=false) + private String authURL; + @Column(name = "attributequeryused", unique=false, nullable=false) private boolean attributeQueryUsed = false; @@ -183,6 +186,20 @@ public class OASessionStore implements Serializable{ this.userNameIDFormat = userNameIDFormat; } + /** + * @return the authURL + */ + public String getAuthURL() { + return authURL; + } + + /** + * @param authURL the authURL to set + */ + public void setAuthURL(String authURL) { + this.authURL = authURL; + } + diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/KeyValueUtils.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/KeyValueUtils.java index 8f3a8402d..cbdd13d0e 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/KeyValueUtils.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/KeyValueUtils.java @@ -31,6 +31,8 @@ import java.util.Map; import java.util.Map.Entry; import java.util.Set; +import org.apache.commons.lang3.StringUtils; + import at.gv.egovernment.moa.util.MiscUtil; /** @@ -40,6 +42,7 @@ import at.gv.egovernment.moa.util.MiscUtil; public class KeyValueUtils { public static final String KEY_DELIMITER = "."; + public static final String CSV_DELIMITER = ","; /** * Extract the first child of an input key after a the prefix @@ -237,7 +240,8 @@ public class KeyValueUtils { * Normalize a CSV encoded list of value of an key/value pair * * This method removes all whitespace at the begin or the - * end of CSV values + * end of CSV values and remove newLine signs at the end of value. + * The ',' is used as list delimiter * * @param value CSV encoded input data * @return normalized CSV encoded data or null if {value} is null or empty @@ -245,7 +249,7 @@ public class KeyValueUtils { public static String normalizeCSVValueString(String value) { String normalizedCodes = null; if (MiscUtil.isNotEmpty(value)) { - String[] codes = value.split(","); + String[] codes = value.split(CSV_DELIMITER); for (String el: codes) { if (normalizedCodes == null) normalizedCodes = el.trim(); @@ -256,4 +260,39 @@ public class KeyValueUtils { } return normalizedCodes; } + + + /** + * Check a String if it is a comma separated list of values + * + * This method uses the ',' as list delimiter. + * + * @param value CSV encoded input data + * @return true if the input data contains a ',' and has more then 1 list element, otherwise false + */ + public static boolean isCSVValueString(String value) { + if (MiscUtil.isNotEmpty(value)) { + String[] codes = value.split(CSV_DELIMITER); + if (codes.length >= 2) { + if (MiscUtil.isNotEmpty(codes[1].trim())) + return true; + + } + } + + return false; + } + + + /** + * This method remove all newline delimiter (\n or \r\n) from input data + * + * @param value Input String + * @return Input String without newline characters + */ + public static String removeAllNewlineFromString(String value) { + return value.replaceAll("(\\t|\\r?\\n)+", ""); + + } + } diff --git a/id/server/moa-id-commons/src/main/java/org/apache/commons/httpclient/MOAHttpClient.java b/id/server/moa-id-commons/src/main/java/org/apache/commons/httpclient/MOAHttpClient.java index 758209193..edf7ce268 100644 --- a/id/server/moa-id-commons/src/main/java/org/apache/commons/httpclient/MOAHttpClient.java +++ b/id/server/moa-id-commons/src/main/java/org/apache/commons/httpclient/MOAHttpClient.java @@ -50,7 +50,7 @@ public class MOAHttpClient extends HttpClient { else port = url.getPort(); - Protocol authhttps = new Protocol("https", protoSocketFactory, port); + Protocol authhttps = new Protocol("https", protoSocketFactory, 443); getHostConfiguration().setHost(url.getHost(), port, authhttps); } diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/pom.xml b/id/server/modules/moa-id-modul-citizencard_authentication/pom.xml index a65d02070..49293420c 100644 --- a/id/server/modules/moa-id-modul-citizencard_authentication/pom.xml +++ b/id/server/modules/moa-id-modul-citizencard_authentication/pom.xml @@ -51,6 +51,12 @@ <artifactId>junit</artifactId> <scope>test</scope> </dependency> + + <dependency> + <groupId>org.apache.commons</groupId> + <artifactId>commons-lang3</artifactId> + </dependency> + </dependencies> </project>
\ No newline at end of file diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java index 0850bb676..11917d0c3 100644 --- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java @@ -371,6 +371,7 @@ public class AuthenticationServer extends BaseAuthenticationServer { * containg the authentication block, meant to be returned to the security * layer implementation</li> * </ul> + * @param pendingReq * * @param sessionID ID of associated authentication session data * @param infoboxReadResponseParameters The parameters from the response returned from the BKU @@ -379,7 +380,7 @@ public class AuthenticationServer extends BaseAuthenticationServer { * <code><CreateXMLSignatureRequest></code> */ public String verifyCertificate(AuthenticationSession session, - X509Certificate certificate) throws AuthenticationException, + X509Certificate certificate, IRequest pendingReq) throws AuthenticationException, BuildException, ParseException, ConfigurationException, ValidateException, ServiceException, MOAIDException { @@ -409,7 +410,7 @@ public class AuthenticationServer extends BaseAuthenticationServer { .getOnlineApplicationParameter(session.getPublicOAURLPrefix()); String returnvalue = getCreateXMLSignatureRequestAuthBlockOrRedirect(session, - authConf, oaParam); + authConf, oaParam, pendingReq); return returnvalue; } @@ -471,6 +472,7 @@ public class AuthenticationServer extends BaseAuthenticationServer { * @param session * @param authConf * @param oaParam + * @param pendingReq * @return * @throws ConfigurationException * @throws BuildException @@ -478,7 +480,7 @@ public class AuthenticationServer extends BaseAuthenticationServer { */ public String getCreateXMLSignatureRequestAuthBlockOrRedirect( AuthenticationSession session, AuthConfiguration authConf, - OAAuthParameter oaParam) throws ConfigurationException, + OAAuthParameter oaParam, IRequest pendingReq) throws ConfigurationException, BuildException, ValidateException { // // check for intermediate processing of the infoboxes @@ -493,7 +495,7 @@ public class AuthenticationServer extends BaseAuthenticationServer { session.getPublicOAURLPrefix()); // builds the AUTH-block - String authBlock = buildAuthenticationBlock(session, oaParam); + String authBlock = buildAuthenticationBlock(session, oaParam, pendingReq); // builds the <CreateXMLSignatureRequest> List<String> transformsInfos = authConf.getTransformsInfos(); @@ -665,12 +667,13 @@ public class AuthenticationServer extends BaseAuthenticationServer { * given session data. * * @param session authentication session + * @param pendingReq * @return <code><saml:Assertion></code> as a String * @throws BuildException If an error occurs on serializing an extended SAML attribute * to be appended to the AUTH-Block. */ private String buildAuthenticationBlock(AuthenticationSession session, - OAAuthParameter oaParam) throws BuildException { + OAAuthParameter oaParam, IRequest pendingReq) throws BuildException { IdentityLink identityLink = session.getIdentityLink(); String issuer = identityLink.getName(); @@ -726,15 +729,10 @@ public class AuthenticationServer extends BaseAuthenticationServer { if (session.isSsoRequested()) { - String oaURL = new String(); - try { - oaURL = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix(); - - if (MiscUtil.isNotEmpty(oaURL)) - oaURL = oaURL.replaceAll("&", "&"); + String oaURL = pendingReq.getAuthURL(); + if (MiscUtil.isNotEmpty(oaURL)) + oaURL = oaURL.replaceAll("&", "&"); - } catch (ConfigurationException e) { - } String authBlock = new AuthenticationBlockAssertionBuilder() .buildAuthBlockSSO(issuer, issueInstant, authURL, target, targetFriendlyName, identificationValue, @@ -1087,9 +1085,9 @@ public class AuthenticationServer extends BaseAuthenticationServer { } // validates <CreateXMLSignatureResponse> if (session.isSsoRequested()) - new CreateXMLSignatureResponseValidator().validateSSO(csresp, session); + new CreateXMLSignatureResponseValidator().validateSSO(csresp, session, pendingReq); else - new CreateXMLSignatureResponseValidator().validate(csresp, session); + new CreateXMLSignatureResponseValidator().validate(csresp, session, pendingReq); // builds a <VerifyXMLSignatureRequest> for a MOA-SPSS call List<String> vtids = authConf.getMoaSpAuthBlockVerifyTransformsInfoIDs(); diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CreateIdentityLinkFormTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CreateIdentityLinkFormTask.java index 20f102571..307074ee2 100644 --- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CreateIdentityLinkFormTask.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CreateIdentityLinkFormTask.java @@ -1,6 +1,6 @@ package at.gv.egovernment.moa.id.auth.modules.internal.tasks; -import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.*; +import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.PARAM_SESSIONID; import java.io.PrintWriter; @@ -21,7 +21,6 @@ import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask; import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; import at.gv.egovernment.moa.id.auth.servlet.GenerateIFrameTemplateServlet; - import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.id.moduls.RequestStorage; @@ -119,7 +118,7 @@ public class CreateIdentityLinkFormTask extends AbstractAuthServletTask { } catch (MOAIDException ex) { -// handleError(null, ex, req, resp, pendingRequestID); + Logger.info("GetIdentityLink request generation FAILED. Reason:" + ex.getMessage()); throw new TaskExecutionException(ex.getMessage(), ex); } catch (Exception e) { diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/InitializeBKUAuthenticationTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/InitializeBKUAuthenticationTask.java index feab1ec66..1dd4780f7 100644 --- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/InitializeBKUAuthenticationTask.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/InitializeBKUAuthenticationTask.java @@ -36,7 +36,6 @@ import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask; import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; import at.gv.egovernment.moa.id.auth.parser.StartAuthentificationParameterParser; -import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.MOAAuthDataType; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; @@ -158,7 +157,8 @@ public class InitializeBKUAuthenticationTask extends AbstractAuthServletTask { ccc, moasession.getModul(), moasession.getAction(), - request); + request, + pendingReq); } } @@ -175,6 +175,7 @@ public class InitializeBKUAuthenticationTask extends AbstractAuthServletTask { } catch (MOADatabaseException | MOAIDException e) { + Logger.info("Initialize BKUAuthentication FAILED. Reason:" + e.getMessage()); throw new TaskExecutionException(e.getMessage(), e); } catch (Exception e) { diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareAuthBlockSignatureTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareAuthBlockSignatureTask.java index 469ca91a9..49888c136 100644 --- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareAuthBlockSignatureTask.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareAuthBlockSignatureTask.java @@ -17,6 +17,8 @@ import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; import at.gv.egovernment.moa.id.config.auth.AuthConfiguration; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; +import at.gv.egovernment.moa.id.moduls.IRequest; +import at.gv.egovernment.moa.id.moduls.RequestStorage; import at.gv.egovernment.moa.id.process.api.ExecutionContext; import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; import at.gv.egovernment.moa.id.util.CitizenCardServletUtils; @@ -66,7 +68,9 @@ public class PrepareAuthBlockSignatureTask extends AbstractAuthServletTask { } pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(sessionID); - + IRequest pendingReq = RequestStorage.getPendingRequest( + (String) executionContext.get("pendingRequestID")); + AuthenticationSession session = AuthenticationServer.getSession(sessionID); // change MOASessionID @@ -77,7 +81,7 @@ public class PrepareAuthBlockSignatureTask extends AbstractAuthServletTask { AuthConfiguration authConf = AuthConfigurationProviderFactory.getInstance(); String createXMLSignatureRequest = AuthenticationServer.getInstance() - .getCreateXMLSignatureRequestAuthBlockOrRedirect(session, authConf, oaParam); + .getCreateXMLSignatureRequestAuthBlockOrRedirect(session, authConf, oaParam, pendingReq); AuthenticationSessionStoreage.storeSession(session); diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyCertificateTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyCertificateTask.java index d99ba873d..2734d1027 100644 --- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyCertificateTask.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyCertificateTask.java @@ -110,7 +110,7 @@ public class VerifyCertificateTask extends AbstractAuthServletTask { if (useMandate) { // verify certificate for OrganWalter - String createXMLSignatureRequestOrRedirect = AuthenticationServer.getInstance().verifyCertificate(session, cert); + String createXMLSignatureRequestOrRedirect = AuthenticationServer.getInstance().verifyCertificate(session, cert, pendingReq); try { AuthenticationSessionStoreage.storeSession(session); diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java index e1ab0025e..8a9c19c80 100644 --- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java @@ -67,6 +67,7 @@ import at.gv.egovernment.moa.id.config.ConfigurationException; import at.gv.egovernment.moa.id.config.TargetToSectorNameMapper; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; +import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.Constants; import at.gv.egovernment.moa.util.MiscUtil; @@ -124,9 +125,10 @@ public class CreateXMLSignatureResponseValidator { * The Method validate is used for validating an explicit {@link CreateXMLSignatureResponse} * @param createXMLSignatureResponse * @param session + * @param pendingReq * @throws ValidateException */ - public void validate(CreateXMLSignatureResponse createXMLSignatureResponse, AuthenticationSession session) + public void validate(CreateXMLSignatureResponse createXMLSignatureResponse, AuthenticationSession session, IRequest pendingReq) throws ValidateException { // A3.056: more then one /saml:Assertion/saml:AttributeStatement/saml:Subject/saml:NameIdentifier @@ -411,20 +413,15 @@ public class CreateXMLSignatureResponseValidator { * The Method validate is used for validating an explicit {@link CreateXMLSignatureResponse} * @param createXMLSignatureResponse * @param session + * @param pendingReq * @throws ValidateException */ - public void validateSSO(CreateXMLSignatureResponse createXMLSignatureResponse, AuthenticationSession session) + public void validateSSO(CreateXMLSignatureResponse createXMLSignatureResponse, AuthenticationSession session, IRequest pendingReq) throws ValidateException { - // A3.056: more then one /saml:Assertion/saml:AttributeStatement/saml:Subject/saml:NameIdentifier - - String oaURL; - try { - oaURL = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix(); - } catch (ConfigurationException e1) { - oaURL = new String(); - } - + // A3.056: more then one /saml:Assertion/saml:AttributeStatement/saml:Subject/saml:NameIdentifier + String oaURL = pendingReq.getAuthURL(); + IdentityLink identityLink = session.getIdentityLink(); Element samlAssertion = createXMLSignatureResponse.getSamlAssertion(); diff --git a/id/server/modules/moa-id-module-openID/pom.xml b/id/server/modules/moa-id-module-openID/pom.xml index 2a953bcab..080d5ae0b 100644 --- a/id/server/modules/moa-id-module-openID/pom.xml +++ b/id/server/modules/moa-id-module-openID/pom.xml @@ -20,6 +20,12 @@ <dependencies> <dependency> + <groupId>commons-codec</groupId> + <artifactId>commons-codec</artifactId> + <version>1.10</version> + </dependency> + + <dependency> <groupId>org.springframework</groupId> <artifactId>spring-test</artifactId> <scope>test</scope> @@ -35,13 +41,13 @@ <dependency> <groupId>com.google.http-client</groupId> <artifactId>google-http-client-jackson2</artifactId> - <version>1.19.0</version> + <version>1.21.0</version> <scope>test</scope> </dependency> <dependency> <groupId>com.google.oauth-client</groupId> <artifactId>google-oauth-client-jetty</artifactId> - <version>1.19.0</version> + <version>1.21.0</version> <scope>test</scope> <exclusions> <exclusion> @@ -67,11 +73,11 @@ </exclusions> </dependency> - <dependency> +<!-- <dependency> <groupId>com.google.guava</groupId> <artifactId>guava</artifactId> - <version>18.0</version> - </dependency> + <version>19.0</version> + </dependency> --> <!-- TestNG --> <dependency> diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthAction.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthAction.java index 94a1d14d0..88e26da76 100644 --- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthAction.java +++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthAction.java @@ -105,7 +105,7 @@ class OAuth20AuthAction implements IAction { //TODO: maybe add bPK / wbPK to SLO information - SLOInformationInterface sloInformation = new SLOInformationImpl(accessToken, null, null, req.requestedModule()); + SLOInformationInterface sloInformation = new SLOInformationImpl(req.getAuthURL(), accessToken, null, null, req.requestedModule()); return sloInformation; } diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java index b9556b815..e5d8db873 100644 --- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java +++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java @@ -48,6 +48,15 @@ import at.gv.egovernment.moa.logging.Logger; public class OAuth20AuthRequest extends OAuth20BaseRequest { + /** + * @param req + * @throws ConfigurationException + */ + public OAuth20AuthRequest(HttpServletRequest req) + throws ConfigurationException { + super(req); + } + private static final long serialVersionUID = 1L; private String responseType; diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20BaseRequest.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20BaseRequest.java index bd3fdb3e8..5fcac0b2f 100644 --- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20BaseRequest.java +++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20BaseRequest.java @@ -31,8 +31,6 @@ import javax.servlet.http.HttpServletRequest; import org.apache.commons.lang.StringEscapeUtils; import org.apache.commons.lang.StringUtils; -import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants; -import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger; import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; import at.gv.egovernment.moa.id.config.ConfigurationException; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; @@ -52,8 +50,8 @@ abstract class OAuth20BaseRequest extends RequestImpl { protected Set<String> allowedParameters = new HashSet<String>(); - protected OAuth20BaseRequest() { - + public OAuth20BaseRequest(HttpServletRequest req) throws ConfigurationException { + super(req); } protected String getParam(final HttpServletRequest request, final String name, final boolean isNeeded) throws OAuth20Exception { @@ -124,15 +122,21 @@ abstract class OAuth20BaseRequest extends RequestImpl { public static OAuth20BaseRequest newInstance(final String action, final HttpServletRequest request, String sessionId, String transactionId) throws OAuth20Exception { OAuth20BaseRequest res; - - if (action.equals(OAuth20Protocol.AUTH_ACTION)) { - res = new OAuth20AuthRequest(); + try { + if (action.equals(OAuth20Protocol.AUTH_ACTION)) { + res = new OAuth20AuthRequest(request); - } else if (action.equals(OAuth20Protocol.TOKEN_ACTION)) { - res = new OAuth20TokenRequest(); + } else if (action.equals(OAuth20Protocol.TOKEN_ACTION)) { + res = new OAuth20TokenRequest(request); - } else { + } else { + throw new OAuth20InvalidRequestException(); + } + + } catch (ConfigurationException e) { + Logger.warn(e.getMessage()); throw new OAuth20InvalidRequestException(); + } res.setAction(action); diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java index 56d86df72..70c29359e 100644 --- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java +++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java @@ -104,7 +104,7 @@ public class OAuth20Protocol implements IModulInfo { // get error code and description String errorCode; String errorDescription; - String errorUri = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix() + String errorUri = protocolRequest.getAuthURL() +"/" + OAuth20Constants.ERRORPAGE; String moaError = null; diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenRequest.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenRequest.java index 6bebe5a6a..abfe4ce15 100644 --- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenRequest.java +++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenRequest.java @@ -41,6 +41,15 @@ import at.gv.egovernment.moa.logging.Logger; class OAuth20TokenRequest extends OAuth20BaseRequest { + /** + * @param req + * @throws ConfigurationException + */ + public OAuth20TokenRequest(HttpServletRequest req) + throws ConfigurationException { + super(req); + } + private static final long serialVersionUID = 1L; private String code; diff --git a/id/server/modules/moa-id-module-ssoTransfer/pom.xml b/id/server/modules/moa-id-module-ssoTransfer/pom.xml index 61af328d3..a6399391a 100644 --- a/id/server/modules/moa-id-module-ssoTransfer/pom.xml +++ b/id/server/modules/moa-id-module-ssoTransfer/pom.xml @@ -15,6 +15,24 @@ <artifactId>qrgen</artifactId> <version>1.4</version> </dependency> + + <!-- JSON JWT implementation --> + <dependency> + <groupId>com.googlecode.jsontoken</groupId> + <artifactId>jsontoken</artifactId> + <version>1.1</version> + <exclusions> + <exclusion> + <groupId>javax.servlet</groupId> + <artifactId>servlet-api</artifactId> + </exclusion> + <exclusion> + <artifactId>google-collections</artifactId> + <groupId>com.google.collections</groupId> + </exclusion> + </exclusions> + </dependency> + </dependencies> </project>
\ No newline at end of file diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferGUIServlet.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferGUIServlet.java index fa7d59beb..fae1b6f4d 100644 --- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferGUIServlet.java +++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferGUIServlet.java @@ -31,10 +31,6 @@ import javax.servlet.annotation.WebServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import net.glxn.qrgen.QRCode; -import net.glxn.qrgen.image.ImageType; - -import org.apache.commons.codec.binary.Base64OutputStream; import org.apache.velocity.VelocityContext; import com.google.gson.JsonObject; @@ -46,17 +42,17 @@ import at.gv.egovernment.moa.id.auth.modules.ssotransfer.utils.GUIUtils; import at.gv.egovernment.moa.id.auth.modules.ssotransfer.utils.SSOContainerUtils; import at.gv.egovernment.moa.id.auth.servlet.AuthServlet; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; -import at.gv.egovernment.moa.id.config.ConfigurationException; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.id.moduls.AuthenticationManager; import at.gv.egovernment.moa.id.moduls.SSOManager; import at.gv.egovernment.moa.id.storage.AssertionStorage; import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; -import at.gv.egovernment.moa.id.util.MOAIDMessageProvider; +import at.gv.egovernment.moa.id.util.HTTPUtils; import at.gv.egovernment.moa.id.util.Random; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.Base64Utils; import at.gv.egovernment.moa.util.MiscUtil; +import net.glxn.qrgen.QRCode; +import net.glxn.qrgen.image.ImageType; @@ -93,13 +89,21 @@ public class SSOTransferGUIServlet extends AuthServlet { } else { //create first step of SSO Transfer GUI + String authURL = HTTPUtils.extractAuthURLFromRequest(req); + if (!AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix(). + contains(authURL)) { + Logger.warn("Requested URL is not allowed.");; + resp.sendError(500, "Requested URL is not allowed."); + + } + String moaSessionID = AuthenticationSessionStoreage.getMOASessionSSOID(ssoid); if (MiscUtil.isNotEmpty(moaSessionID)) { AuthenticationSession authSession = AuthenticationSessionStoreage .getSession(moaSessionID); if(authSession != null) { Date now = new Date(); - String encodedSSOContainer = SSOContainerUtils.generateSignedAndEncryptedSSOContainer(authSession, now); + String encodedSSOContainer = SSOContainerUtils.generateSignedAndEncryptedSSOContainer(authURL, authSession, now); String token = Random.nextRandom(); AssertionStorage.getInstance().put(token, encodedSSOContainer); diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/RestoreSSOSessionTask.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/RestoreSSOSessionTask.java index 884633a1e..270264099 100644 --- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/RestoreSSOSessionTask.java +++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/RestoreSSOSessionTask.java @@ -26,8 +26,6 @@ import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.PARAM_SESSIONID; import java.io.BufferedReader; import java.io.IOException; -import java.util.Enumeration; -import java.util.List; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @@ -35,7 +33,6 @@ import javax.servlet.http.HttpServletResponse; import org.apache.commons.lang3.BooleanUtils; import org.apache.velocity.VelocityContext; import org.joda.time.DateTime; -import org.opensaml.saml2.core.Assertion; import org.opensaml.saml2.core.Response; import com.google.gson.JsonObject; @@ -52,7 +49,6 @@ import at.gv.egovernment.moa.id.auth.modules.ssotransfer.SSOTransferConstants; import at.gv.egovernment.moa.id.auth.modules.ssotransfer.utils.GUIUtils; import at.gv.egovernment.moa.id.auth.modules.ssotransfer.utils.SSOContainerUtils; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; -import at.gv.egovernment.moa.id.config.ConfigurationException; import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.id.moduls.RequestStorage; import at.gv.egovernment.moa.id.process.api.ExecutionContext; @@ -127,7 +123,7 @@ public class RestoreSSOSessionTask extends AbstractAuthServletTask { if (PVPConfiguration.getInstance().getIDPPublicPath().equals(entityID)) { // stored SSO session data is from this IDP - start local session reconstruction Response ssoInformation = SSOContainerUtils.validateReceivedSSOContainer(sessionBlob); - SSOContainerUtils.parseSSOContainerToMOASessionDataObject(moasession, ssoInformation); + SSOContainerUtils.parseSSOContainerToMOASessionDataObject(pendingReq, moasession, ssoInformation); // store MOASession into database try { diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/SSOContainerUtils.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/SSOContainerUtils.java index 8980d3ea7..861dcbf58 100644 --- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/SSOContainerUtils.java +++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/SSOContainerUtils.java @@ -22,8 +22,6 @@ */ package at.gv.egovernment.moa.id.auth.modules.ssotransfer.utils; -import iaik.x509.X509Certificate; - import java.io.ByteArrayInputStream; import java.io.IOException; import java.io.StringWriter; @@ -87,7 +85,6 @@ import org.w3c.dom.NodeList; import com.google.gson.JsonObject; -import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.auth.exception.ParseException; @@ -100,10 +97,10 @@ import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.data.MISMandate; +import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.PVPAttributeBuilder; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.assertion.PVP2AssertionBuilder; -import at.gv.egovernment.moa.id.protocols.pvp2x.config.PVPConfiguration; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AssertionAttributeExtractorExeption; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.NoCredentialsException; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.SAMLRequestNotSignedException; @@ -116,6 +113,7 @@ import at.gv.egovernment.moa.id.util.Random; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.Base64Utils; import at.gv.egovernment.moa.util.MiscUtil; +import iaik.x509.X509Certificate; /** * @author tlenz @@ -142,10 +140,10 @@ public class SSOContainerUtils { REQUIRED_ATTRIBUTES = Collections.unmodifiableList(tmp); } - public static void parseSSOContainerToMOASessionDataObject(AuthenticationSession moasession, Response ssoInformation) throws AssertionAttributeExtractorExeption, ConfigurationException { + public static void parseSSOContainerToMOASessionDataObject(IRequest pendingReq, AuthenticationSession moasession, Response ssoInformation) throws AssertionAttributeExtractorExeption, ConfigurationException { AssertionAttributeExtractor attributeExtractor = new AssertionAttributeExtractor(ssoInformation); - String authServiceURL = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix(); + String authServiceURL = pendingReq.getAuthURL(); if (authServiceURL.endsWith("/")) moasession.setAuthURL(authServiceURL); else @@ -313,10 +311,10 @@ public class SSOContainerUtils { } - public static String generateSignedAndEncryptedSSOContainer( + public static String generateSignedAndEncryptedSSOContainer(String authURL, AuthenticationSession authSession, Date date) { try { - String entityID = PVPConfiguration.getInstance().getIDPPublicPath(); + String entityID = authURL; AuthnContextClassRef authnContextClassRef = SAML2Utils .createSAMLObject(AuthnContextClassRef.class); authnContextClassRef.setAuthnContextClassRef(authSession.getQAALevel()); @@ -347,6 +345,7 @@ public class SSOContainerUtils { IAuthData authData = new SSOTransferAuthenticationData(authSession); Assertion assertion = PVP2AssertionBuilder.buildGenericAssertion( + authURL, entityID, new DateTime(date.getTime()), authnContextClassRef, @@ -356,7 +355,7 @@ public class SSOContainerUtils { sessionIndex, subjectConfirmationData.getNotOnOrAfter()); - String ssoDataBlob = buildSSOContainerObject(assertion, new DateTime(date.getTime())); + String ssoDataBlob = buildSSOContainerObject(authURL, assertion, new DateTime(date.getTime())); JsonObject container = new JsonObject(); container.addProperty(SSOTransferConstants.SSOCONTAINER_KEY_TYPE, "SSO"); @@ -377,13 +376,13 @@ public class SSOContainerUtils { return null; } - private static String buildSSOContainerObject(Assertion assertion, DateTime date) throws ConfigurationException, EncryptionException, CredentialsNotAvailableException, SecurityException, ParserConfigurationException, MarshallingException, SignatureException, TransformerFactoryConfigurationError, TransformerException, IOException { + private static String buildSSOContainerObject(String authURL, Assertion assertion, DateTime date) throws ConfigurationException, EncryptionException, CredentialsNotAvailableException, SecurityException, ParserConfigurationException, MarshallingException, SignatureException, TransformerFactoryConfigurationError, TransformerException, IOException { Response authResponse = SAML2Utils.createSAMLObject(Response.class); Issuer nissuer = SAML2Utils.createSAMLObject(Issuer.class); //change to entity value from entity name to IDP EntityID (URL) - nissuer.setValue(PVPConfiguration.getInstance().getIDPPublicPath()); + nissuer.setValue(authURL); nissuer.setFormat(NameID.ENTITY); authResponse.setIssuer(nissuer); diff --git a/id/server/modules/moa-id-modules-saml1/pom.xml b/id/server/modules/moa-id-modules-saml1/pom.xml index 26a082431..9c43ae277 100644 --- a/id/server/modules/moa-id-modules-saml1/pom.xml +++ b/id/server/modules/moa-id-modules-saml1/pom.xml @@ -18,6 +18,22 @@ </properties> <dependencies> + + <dependency> + <groupId>MOA.id.server</groupId> + <artifactId>moa-id-lib</artifactId> + <scope>test</scope> + <type>test-jar</type> + <version>3.0.3-Snapshot</version> + </dependency> + + <dependency> + <groupId>MOA</groupId> + <artifactId>moa-common</artifactId> + <type>test-jar</type> + <scope>test</scope> + </dependency> + <dependency> <groupId>MOA.id.server.modules</groupId> <artifactId>moa-id-modul-citizencard_authentication</artifactId> diff --git a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java index b94348856..d4e73690f 100644 --- a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java +++ b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java @@ -80,7 +80,7 @@ public class GetArtifactAction implements IAction { String samlArtifactBase64 = saml1server.BuildSAMLArtifact(oaParam, authData, sourceID); if (authData.isSsoSession()) { - String url = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix() + "/RedirectServlet"; + String url = req.getAuthURL() + "/RedirectServlet"; url = addURLParameter(url, RedirectServlet.REDIRCT_PARAM_URL, URLEncoder.encode(oaURL, "UTF-8")); if (!oaParam.getBusinessService()) url = addURLParameter(url, MOAIDAuthConstants.PARAM_TARGET, URLEncoder.encode(req.getTarget(), "UTF-8")); @@ -109,7 +109,7 @@ public class GetArtifactAction implements IAction { } SLOInformationInterface sloInformation = - new SLOInformationImpl(authData.getAssertionID(), null, null, req.requestedModule()); + new SLOInformationImpl(req.getAuthURL(), authData.getAssertionID(), null, null, req.requestedModule()); return sloInformation; diff --git a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java index eb869756e..04e50baac 100644 --- a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java +++ b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java @@ -38,9 +38,6 @@ import org.apache.commons.lang3.StringEscapeUtils; import org.w3c.dom.Element; import org.xml.sax.SAXException; -import eu.stork.peps.auth.commons.IPersonalAttributeList; -import eu.stork.peps.auth.commons.PersonalAttribute; - import at.gv.egovernment.moa.id.auth.AuthenticationServer; import at.gv.egovernment.moa.id.auth.builder.AuthenticationDataAssertionBuilder; import at.gv.egovernment.moa.id.auth.builder.BPKBuilder; @@ -77,6 +74,8 @@ import at.gv.util.xsd.persondata.IdentificationType.Value; import at.gv.util.xsd.persondata.PersonNameType; import at.gv.util.xsd.persondata.PersonNameType.FamilyName; import at.gv.util.xsd.persondata.PhysicalPersonType; +import eu.stork.peps.auth.commons.IPersonalAttributeList; +import eu.stork.peps.auth.commons.PersonalAttribute; public class SAML1AuthenticationServer extends AuthenticationServer { @@ -108,7 +107,7 @@ public class SAML1AuthenticationServer extends AuthenticationServer { samlArtifact, ex.toString() }); } Throwable error = null; - synchronized (authenticationDataStore) { + //synchronized (authenticationDataStore) { try { error = authenticationDataStore .get(samlArtifact, Throwable.class); @@ -120,7 +119,7 @@ public class SAML1AuthenticationServer extends AuthenticationServer { throw new AuthenticationException("1206", new Object[] { samlArtifact }); } - } + //} return error; } @@ -179,7 +178,7 @@ public class SAML1AuthenticationServer extends AuthenticationServer { samlArtifact, ex.toString() }); } String authData = null; - synchronized (authenticationDataStore) { + //synchronized (authenticationDataStore) { // System.out.println("assertionHandle: " + assertionHandle); try { @@ -190,7 +189,7 @@ public class SAML1AuthenticationServer extends AuthenticationServer { Logger.error("Assertion not found for SAML Artifact: " + samlArtifact); throw new AuthenticationException("1206", new Object[] { samlArtifact }); } - } + //} authenticationDataStore.remove(samlArtifact); @@ -617,11 +616,11 @@ public class SAML1AuthenticationServer extends AuthenticationServer { new Object[] { samlArtifact }); parser.parseAssertionHandle(); - synchronized (authenticationDataStore) { + //synchronized (authenticationDataStore) { Logger.debug("Assertion stored for SAML Artifact: " + samlArtifact); authenticationDataStore.put(samlArtifact, samlAssertion); - } + //} } catch (AuthenticationException ex) { throw ex; diff --git a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java index 7416dfb00..6573270e4 100644 --- a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java +++ b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java @@ -101,7 +101,7 @@ public class SAML1Protocol extends MOAIDAuthConstants implements IModulInfo { public IRequest preProcess(HttpServletRequest request, HttpServletResponse response, String action, String sessionId, String transactionId) throws MOAIDException { - SAML1RequestImpl config = new SAML1RequestImpl(); + SAML1RequestImpl config = new SAML1RequestImpl(request); if (!AuthConfigurationProviderFactory.getInstance().getAllowedProtocols().isSAML1Active()) { Logger.info("SAML1 is deaktivated!"); @@ -185,7 +185,7 @@ public class SAML1Protocol extends MOAIDAuthConstants implements IModulInfo { SAML1AuthenticationServer saml1authentication = SAML1AuthenticationServer.getInstace(); String samlArtifactBase64 = saml1authentication.BuildErrorAssertion(e, protocolRequest); - String url = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix() + "/RedirectServlet"; + String url = protocolRequest.getAuthURL() + "/RedirectServlet"; url = addURLParameter(url, RedirectServlet.REDIRCT_PARAM_URL, URLEncoder.encode(protocolRequest.getOAURL(), "UTF-8")); url = addURLParameter(url, PARAM_SAMLARTIFACT, URLEncoder.encode(samlArtifactBase64, "UTF-8")); url = response.encodeRedirectURL(url); diff --git a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1RequestImpl.java b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1RequestImpl.java index 5370573a7..3da7cab80 100644 --- a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1RequestImpl.java +++ b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1RequestImpl.java @@ -25,6 +25,8 @@ package at.gv.egovernment.moa.id.protocols.saml1; import java.util.ArrayList; import java.util.List; +import javax.servlet.http.HttpServletRequest; + import org.opensaml.saml2.core.Attribute; import at.gv.egovernment.moa.id.config.ConfigurationException; @@ -42,6 +44,16 @@ import at.gv.egovernment.moa.logging.Logger; */ public class SAML1RequestImpl extends RequestImpl { + /** + * @param req + * @throws ConfigurationException + */ + public SAML1RequestImpl(HttpServletRequest req) + throws ConfigurationException { + super(req); + + } + private static final long serialVersionUID = -4961979968425683115L; private String sourceID = null; diff --git a/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/DatabaseTestModule.java b/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/DatabaseTestModule.java index 9896f2454..13fb59038 100644 --- a/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/DatabaseTestModule.java +++ b/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/DatabaseTestModule.java @@ -93,7 +93,7 @@ public class DatabaseTestModule implements TestModuleInterface{ private String testMOAConfigurationDatabase() throws Exception{ - String publicURLPreFix = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix(); + List<String> publicURLPreFix = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix(); if (MiscUtil.isEmpty(publicURLPreFix)) return ("MOA-ID 2.x configuration can not be loaded from Database."); diff --git a/id/server/modules/module-stork/pom.xml b/id/server/modules/module-stork/pom.xml index 234c8d28a..b52c10391 100644 --- a/id/server/modules/module-stork/pom.xml +++ b/id/server/modules/module-stork/pom.xml @@ -22,6 +22,33 @@ <dependencies> <dependency> + <groupId>eu.stork</groupId> + <artifactId>DocumentService</artifactId> + <version>0.0.1-SNAPSHOT</version> + <classifier>classes</classifier> + <exclusions> + <exclusion> + <artifactId>axis</artifactId> + <groupId>org.apache.axis</groupId> + </exclusion> + <exclusion> + <artifactId>bcprov-jdk16</artifactId> + <groupId>org.bouncycastle</groupId> + </exclusion> + <exclusion> + <artifactId>jaxws-tools</artifactId> + <groupId>com.sun.xml.ws</groupId> + </exclusion> + </exclusions> + </dependency> + + <dependency> + <groupId>eu.stork</groupId> + <artifactId>SamlEngine</artifactId> + <version>1.5.1</version> + </dependency> + + <dependency> <groupId>org.springframework</groupId> <artifactId>spring-test</artifactId> <scope>test</scope> diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/CreateStorkAuthRequestFormTask.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/CreateStorkAuthRequestFormTask.java index ef61739f8..138776976 100644 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/CreateStorkAuthRequestFormTask.java +++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/CreateStorkAuthRequestFormTask.java @@ -1,6 +1,6 @@ package at.gv.egovernment.moa.id.auth.modules.stork.tasks;
-import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.*;
+import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.PARAM_SESSIONID;
import java.io.IOException;
import java.io.StringWriter;
@@ -17,7 +17,6 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse;
import org.apache.commons.io.IOUtils;
-import org.apache.commons.lang.StringEscapeUtils;
import org.apache.commons.lang3.BooleanUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.velocity.Template;
@@ -27,22 +26,8 @@ import org.opensaml.common.IdentifierGenerator; import org.opensaml.common.impl.SecureRandomIdentifierGenerator;
import org.w3c.dom.DOMException;
-import eu.stork.oasisdss.api.AdditionalProfiles;
-import eu.stork.oasisdss.api.ApiUtils;
-import eu.stork.oasisdss.api.Profiles;
-import eu.stork.oasisdss.api.QualityLevels;
-import eu.stork.oasisdss.api.SignatureTypes;
-import eu.stork.oasisdss.api.exceptions.ApiUtilsException;
-import eu.stork.oasisdss.profile.AnyType;
-import eu.stork.oasisdss.profile.DocumentType;
-import eu.stork.oasisdss.profile.SignRequest;
-import eu.stork.peps.auth.commons.PEPSUtil;
-import eu.stork.peps.auth.commons.PersonalAttribute;
-import eu.stork.peps.auth.commons.PersonalAttributeList;
-import eu.stork.peps.auth.commons.STORKAuthnRequest;
-import eu.stork.peps.auth.engine.STORKSAMLEngine;
-import eu.stork.peps.exceptions.STORKSAMLEngineException;
-
+import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
+import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger;
import at.gv.egovernment.moa.id.auth.BaseAuthenticationServer;
import at.gv.egovernment.moa.id.auth.builder.CreateXMLSignatureRequestBuilder;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
@@ -51,7 +36,6 @@ import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask;
import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
-
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
import at.gv.egovernment.moa.id.config.ConfigurationException;
import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
@@ -59,9 +43,6 @@ import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.config.stork.CPEPS;
import at.gv.egovernment.moa.id.config.stork.STORKConfig;
import at.gv.egovernment.moa.id.config.stork.StorkAttribute;
-
-import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
-import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger;
import at.gv.egovernment.moa.id.moduls.IRequest;
import at.gv.egovernment.moa.id.moduls.RequestStorage;
import at.gv.egovernment.moa.id.process.api.ExecutionContext;
@@ -69,6 +50,21 @@ import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
import at.gv.egovernment.moa.id.util.VelocityProvider;
import at.gv.egovernment.moa.logging.Logger;
+import eu.stork.oasisdss.api.AdditionalProfiles;
+import eu.stork.oasisdss.api.ApiUtils;
+import eu.stork.oasisdss.api.Profiles;
+import eu.stork.oasisdss.api.QualityLevels;
+import eu.stork.oasisdss.api.SignatureTypes;
+import eu.stork.oasisdss.api.exceptions.ApiUtilsException;
+import eu.stork.oasisdss.profile.AnyType;
+import eu.stork.oasisdss.profile.DocumentType;
+import eu.stork.oasisdss.profile.SignRequest;
+import eu.stork.peps.auth.commons.PEPSUtil;
+import eu.stork.peps.auth.commons.PersonalAttribute;
+import eu.stork.peps.auth.commons.PersonalAttributeList;
+import eu.stork.peps.auth.commons.STORKAuthnRequest;
+import eu.stork.peps.auth.engine.STORKSAMLEngine;
+import eu.stork.peps.exceptions.STORKSAMLEngineException;
/**
* Creates a SAML2 STORK authentication request, embeds it in a form (in order to satisfy saml post binging) and returns the form withing the HttpServletResponse.<p/>
@@ -118,6 +114,8 @@ public class CreateStorkAuthRequestFormTask extends AbstractAuthServletTask { sessionID = (String) executionContext.get(PARAM_SESSIONID);
pendingRequestID = (String) executionContext.get("pendingRequestID");
+ String ccc = (String) executionContext.get("CCC");
+
// check parameter
if (!ParamValidatorUtils.isValidSessionID(sessionID)) {
@@ -126,7 +124,7 @@ public class CreateStorkAuthRequestFormTask extends AbstractAuthServletTask { AuthenticationSession moasession = BaseAuthenticationServer.getSession(sessionID);
IRequest pendingReq = RequestStorage.getPendingRequest(pendingRequestID);
- if (StringUtils.isEmpty(moasession.getCcc())) {
+ if (StringUtils.isEmpty(ccc)) {
// illegal state; task should not have been executed without a selected country
throw new AuthenticationException("stork.22", new Object[] { sessionID });
@@ -140,10 +138,13 @@ public class CreateStorkAuthRequestFormTask extends AbstractAuthServletTask { // STORK authentication
// cpeps cannot be null
- CPEPS cpeps = storkConfig.getCPEPS(moasession.getCcc());
+ CPEPS cpeps = storkConfig.getCPEPS(ccc);
Logger.debug("Found C-PEPS configuration for citizen of country: " + moasession.getCcc());
executionContext.put(PROCESS_CTX_KEY_CPEPS_ISXMLSIGSUPPORTED, cpeps.isXMLSignatureSupported());
+ //add selected Country-Code to MOASession DAO
+ moasession.setCcc(ccc);
+
Logger.info("Starting STORK authentication for a citizen of country: " + moasession.getCcc());
startSTORKAuthentication(req, resp, moasession, pendingReq);
@@ -202,7 +203,7 @@ public class CreateStorkAuthRequestFormTask extends AbstractAuthServletTask { Logger.debug("C-PEPS URL: " + destination);
- String issuerValue = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix();
+ String issuerValue = pendingReq.getAuthURL();
// String acsURL = new DataURLBuilder().buildDataURL(issuerValue,
// PEPSConnectorServlet.PEPSCONNECTOR_SERVLET_URL_PATTERN, moasession.getSessionID());
diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleResponseWithoutSignatureTask.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleResponseWithoutSignatureTask.java index 304e5f495..e84c33d5d 100644 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleResponseWithoutSignatureTask.java +++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleResponseWithoutSignatureTask.java @@ -32,7 +32,9 @@ import at.gv.egovernment.moa.id.auth.stork.STORKResponseProcessor; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
import at.gv.egovernment.moa.id.config.stork.StorkAttributeProviderPlugin;
+import at.gv.egovernment.moa.id.moduls.IRequest;
import at.gv.egovernment.moa.id.moduls.ModulUtils;
+import at.gv.egovernment.moa.id.moduls.RequestStorage;
import at.gv.egovernment.moa.id.process.api.ExecutionContext;
import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
import at.gv.egovernment.moa.id.util.HTTPUtils;
@@ -185,7 +187,8 @@ public class PepsConnectorHandleResponseWithoutSignatureTask extends AbstractPep // throw new WrongParametersException("VerifyAuthenticationBlock", PARAM_SESSIONID, "auth.12");
pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(moaSessionID);
-
+ IRequest pendingReq = RequestStorage.getPendingRequest(pendingRequestID);
+
// load MOASession from database
AuthenticationSession moaSession = BaseAuthenticationServer.getSession(moaSessionID);
// change MOASessionID
@@ -289,7 +292,7 @@ public class PepsConnectorHandleResponseWithoutSignatureTask extends AbstractPep // set return url to PEPSConnectorWithLocalSigningServlet and add newMOASessionID
// signRequest
- String issuerValue = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix();
+ String issuerValue = pendingReq.getAuthURL();
String acsURL = issuerValue
+ AbstractPepsConnectorWithLocalSigningTask.PEPSCONNECTOR_SERVLET_URL_PATTERN;
diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index 25cb952d7..2e72f216a 100644 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -83,7 +83,7 @@ public class AttributeCollector implements IAction { if (httpReq.getParameter("SAMLResponse") != null) { Logger.info("Got SAML response from external attribute provider."); - MOASTORKResponse STORK2Response = new MOASTORKResponse(); + MOASTORKResponse STORK2Response = new MOASTORKResponse(httpReq); //extract STORK Response from HTTP Request byte[] decSamlToken; @@ -173,7 +173,7 @@ public class AttributeCollector implements IAction { SLOInformationImpl sloInfo = (SLOInformationImpl) processRequest(container, httpReq, httpResp, authData, oaParam); if (sloInfo == null) { - sloInfo = new SLOInformationImpl(null, null, null, req.requestedModule()); + sloInfo = new SLOInformationImpl(req.getAuthURL(), null, null, null, req.requestedModule()); } return sloInfo; @@ -297,7 +297,7 @@ public class AttributeCollector implements IAction { Logger.info(e.getAp().getClass().getSimpleName() + " is going to ask an external service provider for the requested attributes"); // add container-key to redirect embedded within the return URL - e.getAp().performRedirect(AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix() + "/stork2/ResumeAuthentication?" + ARTIFACT_ID + "=" + newArtifactId, request, response, oaParam); + e.getAp().performRedirect(AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix().get(0) + "/stork2/ResumeAuthentication?" + ARTIFACT_ID + "=" + newArtifactId, request, response, oaParam); } catch (Exception e1) { // TODO should we return the response as is to the PEPS? diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java index 4d3c01bee..f16f7c9a8 100644 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java +++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java @@ -85,7 +85,7 @@ public class AuthenticationRequest implements IAction { if (oaParam == null) throw new AuthenticationException("stork.12", new Object[]{req.getOAURL()}); - MOASTORKResponse moaStorkResponse = new MOASTORKResponse(); + MOASTORKResponse moaStorkResponse = new MOASTORKResponse(httpReq); // check if it is attribute query if (moaStorkRequest.isAttrRequest()) { @@ -217,9 +217,9 @@ public class AuthenticationRequest implements IAction { String destinationURL = null; try { - issuer = new URL(AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix()).toString(); + issuer = new URL(moaStorkRequest.getAuthURL()).toString(); destinationURL = AuthConfigurationProviderFactory.getInstance().getStorkConfig().getCPEPS(citizenCountryCode).getPepsURL().toString(); - publicURLPrefix = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix(); + publicURLPrefix = moaStorkRequest.getAuthURL(); assertionConsumerURL = publicURLPrefix + "/stork2/SendPEPSAuthnRequest"; } catch (MalformedURLException ex) { Logger.error("Wrong PublicURLPrefix setting of MOA instance: " + AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix(), ex); diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java index 947accf8e..2b7d4e045 100644 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java +++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java @@ -145,7 +145,7 @@ public class ConsentEvaluator implements IAction { Template template = velocityEngine.getTemplate("/resources/templates/stork2_consent.html"); VelocityContext context = new VelocityContext(); - context.put("action", AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix() + "/stork2/GetConsent?" + ARTIFACT_ID + "=" + newArtifactId); + context.put("action", AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix().get(0) + "/stork2/GetConsent?" + ARTIFACT_ID + "=" + newArtifactId); // assemble table String table = ""; diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java index 11eb01453..4e666c21c 100644 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java +++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java @@ -26,6 +26,8 @@ import java.util.ArrayList; import java.util.Arrays; import java.util.List; +import javax.servlet.http.HttpServletRequest; + import org.opensaml.saml2.core.Attribute; import at.gv.egovernment.moa.id.auth.builder.DynamicOAAuthParameterBuilder; @@ -52,6 +54,15 @@ import eu.stork.peps.auth.commons.STORKAuthnResponse; */ public class MOASTORKRequest extends RequestImpl { + /** + * @param req + * @throws ConfigurationException + */ + public MOASTORKRequest(HttpServletRequest req) + throws ConfigurationException { + super(req); + } + public static final List<String> DEFAULTREQUESTEDATTRFORINTERFEDERATION = Arrays.asList( new String[] { PVPConstants.BPK_NAME, diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKResponse.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKResponse.java index d2cf2e813..a233835bf 100644 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKResponse.java +++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKResponse.java @@ -22,6 +22,7 @@ *******************************************************************************/ package at.gv.egovernment.moa.id.protocols.stork2; +import at.gv.egovernment.moa.id.config.ConfigurationException; import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.id.moduls.RequestImpl; import at.gv.egovernment.moa.logging.Logger; @@ -33,6 +34,8 @@ import eu.stork.peps.auth.commons.STORKAuthnResponse; import java.io.Serializable; import java.util.List; +import javax.servlet.http.HttpServletRequest; + import org.opensaml.saml2.core.Attribute; /** @@ -43,6 +46,15 @@ import org.opensaml.saml2.core.Attribute; public class MOASTORKResponse extends RequestImpl { /** + * @param req + * @throws ConfigurationException + */ + public MOASTORKResponse(HttpServletRequest req) + throws ConfigurationException { + super(req); + } + + /** * The Constant serialVersionUID. */ private static final long serialVersionUID = -5798803155055518747L; diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java index e58fe804f..2351450e4 100644 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java +++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java @@ -92,7 +92,7 @@ public class MandateRetrievalRequest implements IAction { if (oaParam == null) throw new AuthenticationException("stork.12", new Object[]{req.getOAURL()}); - MOASTORKResponse moaStorkResponse = new MOASTORKResponse(); + MOASTORKResponse moaStorkResponse = new MOASTORKResponse(httpReq); STORKAttrQueryResponse attrResponse = new STORKAttrQueryResponse(); this.authData = authData; diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java index 071b5ae8a..c4f9658e4 100644 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java +++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java @@ -91,8 +91,8 @@ public class STORKProtocol extends MOAIDAuthConstants implements IModulInfo { Logger.debug("Request content length: " + request.getContentLength()); Logger.debug("Initiating action: " + action); - MOASTORKRequest STORK2Request = new MOASTORKRequest(); - MOASTORKResponse STORK2Response = new MOASTORKResponse(); + MOASTORKRequest STORK2Request = new MOASTORKRequest(request); + MOASTORKResponse STORK2Response = new MOASTORKResponse(request); if (AttributeCollector.class.getSimpleName().equals(action) || ConsentEvaluator.class.getSimpleName().equals(action)) diff --git a/id/server/modules/pom.xml b/id/server/modules/pom.xml index 094f3954b..1018abf9c 100644 --- a/id/server/modules/pom.xml +++ b/id/server/modules/pom.xml @@ -41,6 +41,10 @@ <groupId>ch.qos.logback</groupId> <artifactId>logback-classic</artifactId> </exclusion> + <exclusion> + <artifactId>DocumentService</artifactId> + <groupId>eu.stork</groupId> + </exclusion> </exclusions> </dependency> <dependency> @@ -22,32 +22,33 @@ --> <!-- Project Version --> - <moa-commons-version>3.0.3-Snapshot</moa-commons-version> - <moa-id-version>3.0.3-Snapshot</moa-id-version> + <moa-commons-version>3.1.0-RC1</moa-commons-version> + <moa-id-version>3.1.0-RC1</moa-id-version> <moa-id-proxy-version>2.0.1-Snapshot</moa-id-proxy-version> - <moa-spss-version>2.0.5-Snapshot</moa-spss-version> - <configtool-version>2.0.3-Snapshot</configtool-version> - <demo-oa-version>2.0.5-Snapshot</demo-oa-version> + <moa-spss-version>2.0.5-RC1</moa-spss-version> + <configtool-version>2.1.0-RC1</configtool-version> + <demo-oa-version>2.0.5</demo-oa-version> <!-- Library Versions --> - <org.springframework.version>4.1.6.RELEASE</org.springframework.version> + <org.springframework.version>4.2.4.RELEASE</org.springframework.version> <surefire.version>2.18.1</surefire.version> <opensaml.version>2.6.5</opensaml.version> <xmltooling.version>1.4.5</xmltooling.version> - <cxf.version>3.0.4</cxf.version> - <struts.version>2.3.20</struts.version> + <cxf.version>3.1.4</cxf.version> + <struts.version>2.3.24.1</struts.version> <egovutils.version>2.0.0</egovutils.version> - <slf4j.version>1.7.12</slf4j.version> - <hibernate.version>4.3.8.Final</hibernate.version> - <mysql-connector.java>5.1.35</mysql-connector.java> + <slf4j.version>1.7.13</slf4j.version> + <hibernate.version>4.3.11.Final</hibernate.version> + <mysql-connector.java>5.1.38</mysql-connector.java> <junit.version>4.11</junit.version> <org.apache.commons.io.version>2.4</org.apache.commons.io.version> <org.apache.commons.lang3.version>3.4</org.apache.commons.lang3.version> - <org.apache.commons.collections4.version>4.0</org.apache.commons.collections4.version> + <org.apache.commons.collections4.version>4.1</org.apache.commons.collections4.version> + <org.apache.commons.collections3.version>3.2.2</org.apache.commons.collections3.version> <jodatime.version>2.7</jodatime.version> - <jackson-version>2.5.4</jackson-version> - <apache-cli-version>1.2</apache-cli-version> + <jackson-version>2.7.0</jackson-version> + <apache-cli-version>1.3.1</apache-cli-version> <spring-orm-version>3.1.1.RELEASE</spring-orm-version> </properties> @@ -280,6 +281,11 @@ <version>${cxf.version}</version> </dependency> + <dependency> + <groupId>commons-collections</groupId> + <artifactId>commons-collections</artifactId> + <version>${org.apache.commons.collections3.version}</version> + </dependency> <dependency> <groupId>org.apache.struts</groupId> @@ -386,7 +392,7 @@ <dependency> <groupId>org.apache.httpcomponents</groupId> <artifactId>httpclient</artifactId> - <version>4.4.1</version> + <version>4.5.1</version> </dependency> <dependency> <groupId>dav4j</groupId> @@ -715,7 +721,7 @@ <dependency> <groupId>org.easymock</groupId> <artifactId>easymock</artifactId> - <version>3.3.1</version> + <version>3.4</version> </dependency> <dependency> <groupId>org.unitils</groupId> diff --git a/spss/server/serverlib/pom.xml b/spss/server/serverlib/pom.xml index f0a1711ba..cafd8341b 100644 --- a/spss/server/serverlib/pom.xml +++ b/spss/server/serverlib/pom.xml @@ -69,12 +69,12 @@ <dependency>
<groupId>xalan-bin-dist</groupId>
<artifactId>xalan</artifactId>
- <scope>provided</scope>
+ <!-- <scope>provided</scope> -->
</dependency>
<dependency>
<groupId>xerces</groupId>
<artifactId>xercesImpl</artifactId>
- <scope>provided</scope>
+ <!-- <scope>provided</scope> -->
</dependency>
<dependency>
<groupId>xalan-bin-dist</groupId>
@@ -83,7 +83,7 @@ <dependency>
<groupId>xalan-bin-dist</groupId>
<artifactId>serializer</artifactId>
- <scope>provided</scope>
+ <!-- <scope>provided</scope> -->
</dependency>
<dependency>
<groupId>iaik.prod</groupId>
|
