diff options
783 files changed, 9247 insertions, 33592 deletions
diff --git a/common/.gitignore b/common/.gitignore deleted file mode 100644 index ea8c4bf7f..000000000 --- a/common/.gitignore +++ /dev/null @@ -1 +0,0 @@ -/target diff --git a/common/moa-common.iml b/common/moa-common.iml deleted file mode 100644 index d9cc344fc..000000000 --- a/common/moa-common.iml +++ /dev/null @@ -1,30 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<module org.jetbrains.idea.maven.project.MavenProjectsManager.isMavenModule="true" type="JAVA_MODULE" version="4"> - <component name="NewModuleRootManager" LANGUAGE_LEVEL="JDK_1_5" inherit-compiler-output="false"> - <output url="file://$MODULE_DIR$/target/classes" /> - <output-test url="file://$MODULE_DIR$/target/test-classes" /> - <content url="file://$MODULE_DIR$"> - <sourceFolder url="file://$MODULE_DIR$/src/main/java" isTestSource="false" /> - <sourceFolder url="file://$MODULE_DIR$/src/test/java" isTestSource="true" /> - <sourceFolder url="file://$MODULE_DIR$/src/main/resources" type="java-resource" /> - <excludeFolder url="file://$MODULE_DIR$/target" /> - </content> - <orderEntry type="inheritedJdk" /> - <orderEntry type="sourceFolder" forTests="false" /> - <orderEntry type="library" name="Maven: org.slf4j:slf4j-api:1.7.2" level="project" /> - <orderEntry type="library" name="Maven: commons-logging:commons-logging:1.0.4" level="project" /> - <orderEntry type="library" name="Maven: iaik.prod:iaik_jce_full:5.101" level="project" /> - <orderEntry type="library" name="Maven: iaik.prod:iaik_moa:1.5" level="project" /> - <orderEntry type="library" scope="TEST" name="Maven: junit:junit:3.8.1" level="project" /> - <orderEntry type="library" name="Maven: jaxen:jaxen:1.0-FCS" level="project" /> - <orderEntry type="library" name="Maven: saxpath:saxpath:1.0-FCS" level="project" /> - <orderEntry type="library" name="Maven: xalan-bin-dist:xalan:2.7.1" level="project" /> - <orderEntry type="library" name="Maven: xalan:serializer:2.7.1" level="project" /> - <orderEntry type="library" name="Maven: xml-apis:xml-apis:1.3.04" level="project" /> - <orderEntry type="library" name="Maven: xerces:xercesImpl:2.9.0" level="project" /> - <orderEntry type="library" name="Maven: xalan-bin-dist:xml-apis:2.7.1" level="project" /> - <orderEntry type="library" scope="RUNTIME" name="Maven: xalan-bin-dist:serializer:2.7.1" level="project" /> - <orderEntry type="library" name="Maven: joda-time:joda-time:1.6.2" level="project" /> - </component> -</module> - diff --git a/common/pom.xml b/common/pom.xml deleted file mode 100644 index 8f18a1b92..000000000 --- a/common/pom.xml +++ /dev/null @@ -1,162 +0,0 @@ -<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> - <parent> - <groupId>MOA</groupId> - <artifactId>MOA</artifactId> - <version>2.x</version> - </parent> - <modelVersion>4.0.0</modelVersion> - <artifactId>moa-common</artifactId> - <version>${moa-commons-version}</version> - <packaging>jar</packaging> - <name>MOA common library</name> - - <properties> - <repositoryPath>${basedir}/../repository</repositoryPath> - </properties> - - <dependencies> - <dependency> - <groupId>commons-logging</groupId> - <artifactId>commons-logging</artifactId> - </dependency> - <dependency> - <groupId>iaik.prod</groupId> - <artifactId>iaik_jce_full</artifactId> - </dependency> - <dependency> - <groupId>iaik.prod</groupId> - <artifactId>iaik_moa</artifactId> - </dependency> - <dependency> - <groupId>junit</groupId> - <artifactId>junit</artifactId> - <scope>test</scope> - </dependency> - <dependency> - <groupId>jaxen</groupId> - <artifactId>jaxen</artifactId> - </dependency> - <dependency> - <groupId>saxpath</groupId> - <artifactId>saxpath</artifactId> - </dependency> - <dependency> - <groupId>xalan-bin-dist</groupId> - <artifactId>xalan</artifactId> - <scope>compile</scope> - <optional>true</optional> - </dependency> - <dependency> - <groupId>xerces</groupId> - <artifactId>xercesImpl</artifactId> - <optional>true</optional> - </dependency> - <dependency> - <groupId>xalan-bin-dist</groupId> - <artifactId>xml-apis</artifactId> - <scope>compile</scope> - <optional>true</optional> - </dependency> - <dependency> - <groupId>xalan-bin-dist</groupId> - <artifactId>serializer</artifactId> - <scope>runtime</scope> - <optional>true</optional> - </dependency> - <dependency> - <groupId>joda-time</groupId> - <artifactId>joda-time</artifactId> - <version>${jodatime.version}</version> - </dependency> - <dependency> - <groupId>org.slf4j</groupId> - <artifactId>slf4j-api</artifactId> - </dependency> - <dependency> - <groupId>org.slf4j</groupId> - <artifactId>jcl-over-slf4j</artifactId> - </dependency> - <dependency> - <groupId>org.slf4j</groupId> - <artifactId>jul-to-slf4j</artifactId> - </dependency> - <dependency> - <groupId>org.slf4j</groupId> - <artifactId>slf4j-log4j12</artifactId> - </dependency> - <dependency> - <groupId>log4j</groupId> - <artifactId>log4j</artifactId> - </dependency> - </dependencies> - - <build> - <plugins> -<!-- <plugin> - <groupId>org.codehaus.mojo</groupId> - <artifactId>properties-maven-plugin</artifactId> - <version>1.0-alpha-2</version> - <executions> - <execution> - <phase>initialize</phase> - <goals> - <goal>read-project-properties</goal> - </goals> - <configuration> - <files> - <file>${basedir}/../moa-id.properties</file> - </files> - </configuration> - </execution> - </executions> - </plugin> --> - - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-jar-plugin</artifactId> - <configuration> - <archive> - <addMavenDescriptor>false</addMavenDescriptor> - </archive> - </configuration> - <executions> - <execution> - <goals> - <goal>test-jar</goal> - </goals> - </execution> - </executions> - </plugin> - <plugin> - <artifactId>maven-enforcer-plugin</artifactId> - <version>1.1.1</version> - <executions> - <execution> - <id>enforce-banned-dependencies</id> - <goals> - <goal>enforce</goal> - </goals> - <configuration> - <rules> - <bannedDependencies> - <searchTransitive>true</searchTransitive> - <excludes> - <!-- <exclude>commons-logging</exclude> --> - <exclude>org.slf4j:1.5*</exclude> - <exclude>org.slf4j:1.6*</exclude> - <!-- <exclude>org.springframework:2.*</exclude> - <exclude>org.springframework:3.0.*</exclude> --> - </excludes> - </bannedDependencies> - </rules> - <fail>true</fail> - </configuration> - </execution> - </executions> - </plugin> - </plugins> - </build> - - -</project> diff --git a/common/src/main/java/at/gv/egovernment/moa/logging/LogMsg.java b/common/src/main/java/at/gv/egovernment/moa/logging/LogMsg.java deleted file mode 100644 index 51667f010..000000000 --- a/common/src/main/java/at/gv/egovernment/moa/logging/LogMsg.java +++ /dev/null @@ -1,67 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.logging; - -/** - * A unified message type to log messages from inside the MOA subsystem. - * - * @author Patrick Peck - * @version $Id$ - */ -public class LogMsg { - /** The message to log. */ - private Object message; - - /** - * Create a <code>LogMsg</code> object. - * - * @param message The actual message to log. May be <code>null</code>. - */ - public LogMsg(Object message) { - this.message = message; - } - - /** - * Convert this log message to a <code>String</code>. - * - * @return The <code>String</code> representation of this log message. - */ - public String toString() { - StringBuffer msg = new StringBuffer(); - LoggingContext ctx = - LoggingContextManager.getInstance().getLoggingContext(); - String tid = ctx != null ? ctx.getTransactionID() : null; - String nodeId = ctx != null ? ctx.getNodeID() : null; - - msg.append("TID="); - msg.append(tid != null ? tid : "<null>"); - msg.append(" NID="); - msg.append(nodeId != null ? nodeId : "<null>"); - msg.append(" MSG="); - msg.append(message != null ? message.toString() : "<null>"); - - return msg.toString(); - } -} diff --git a/common/src/main/java/at/gv/egovernment/moa/logging/Logger.java b/common/src/main/java/at/gv/egovernment/moa/logging/Logger.java deleted file mode 100644 index 3730b36ce..000000000 --- a/common/src/main/java/at/gv/egovernment/moa/logging/Logger.java +++ /dev/null @@ -1,252 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.logging; - -import java.util.HashMap; -import java.util.Map; - -/** - * A utility class acting as a facade to the logging subsystem. - * - * Configure the logging defaultHierarchy that the <code>Logger</code> uses by - * calling <code>setHierarchy</code> once before calling any of the logging - * output functions. - * - * @author Patrick Peck - * @version $Id$ - */ -public class Logger { - - /** - * Set the default hierarchy to which the <code>Logger</code> should send its - * logging output. - * @param hierarchy The logging defaultHierarchy. - */ - public static void setHierarchy(String hierarchy) { - // there is no need for that anymore - } - - - /** The Constant instances. */ - private static final Map<String, org.slf4j.Logger> instances = new HashMap<String, org.slf4j.Logger>(); - - /** - * Gets the logger. - * - * @return the logger - */ - private static synchronized org.slf4j.Logger getLogger() { - StackTraceElement[] stacktrace = Thread.currentThread().getStackTrace(); - - int i; - for(i = 2; i < stacktrace.length; i++) - if(!stacktrace[i].getClassName().equals(Logger.class.getName())) - break; - - String className = stacktrace[i].getClassName(); - - org.slf4j.Logger logger = instances.get(className); - if (logger != null) { - return logger; - } - - logger = org.slf4j.LoggerFactory.getLogger(className); - instances.put(className, logger); - - return logger; - } - - /** - * Prepare the message for printing it as string. - * <p>Mainly introduce because the <code>message</code> might be <code>null</code>. - * - * @param message the message - * @return the string - */ - private static String prepareMessage(Object message) { - if(null == message) - return "no message given"; - return message.toString(); - } - - /** - * Test, if the trace log level is enabled. - * - * @return boolean <code>true</code>, if tracing output is enabled - * <code>false</code> otherwise. - */ - public static boolean isTraceEnabled() { - org.slf4j.Logger logger = getLogger(); - return logger.isTraceEnabled(); - } - - /** - * Test, if the trace log level is enabled for a given hierarchy. - * - * @param hierarchy requested log hierarchy - * @return boolean <code>true</code>, if tracing output is enabled - * <code>false</code> otherwise. - */ - public static boolean isTraceEnabled(String hierarchy) { - org.slf4j.Logger logger = getLogger(); - return logger.isTraceEnabled(); - } - - /** - * Trace a message. - * - * @param message The message to trace. - */ - public static void trace(Object message) { - org.slf4j.Logger logger = getLogger(); - logger.trace(prepareMessage(message)); - } - - /** - * Test, if the debug log level is enabled. - * - * @return boolean <code>true</code>, if debug output is enabled - * <code>false</code> otherwise. - */ - public static boolean isDebugEnabled() { - org.slf4j.Logger logger = getLogger(); - return logger.isDebugEnabled(); - } - - /** - * Test, if the debug log level is enabled for a given hierarchy. - * - * @param hierarchy requested log hierarchy - * @return boolean <code>true</code>, if debug output is enabled - * <code>false</code> otherwise. - */ - public static boolean isDebugEnabled(String hierarchy) { - org.slf4j.Logger logger = getLogger(); - return logger.isDebugEnabled(); - } - - /** - * Log a debug message. - * - * @param message The message to log. - */ - public static void debug(Object message) { - org.slf4j.Logger logger = getLogger(); - logger.debug(prepareMessage(message)); - } - -/** - * Log an info message. - * - * @param message The message to log. - */ - public static void info(Object message) { - org.slf4j.Logger logger = getLogger(); - logger.info(prepareMessage(message)); - } - - /** - * Info. - * - * @param string the string - * @param args the objects - */ - public static void info(String message, Object[] args) { - org.slf4j.Logger logger = getLogger(); - logger.info(prepareMessage(message), args); - } - - /** - * Log a warning message. - * - * @param message The message to log. - */ - public static void warn(Object message) { - org.slf4j.Logger logger = getLogger(); - logger.warn(prepareMessage(message)); - } - - /** - * Log a warning message. - * - * @param message The message to log. - * @param t An exception that may be the cause of the warning. - */ - public static void warn(Object message, Throwable t) { - org.slf4j.Logger logger = getLogger(); - logger.warn(prepareMessage(message), t); - } - - /** - * Log an error message. - * - * @param message The message to log. - */ - public static void error(Object message) { - org.slf4j.Logger logger = getLogger(); - logger.error(prepareMessage(message)); - } - - /** - * Log an error message. - * - * @param message The message to log. - * @param t An exception that may be the cause of the error. - */ - public static void error(Object message, Throwable t) { - org.slf4j.Logger logger = getLogger(); - logger.error(prepareMessage(message), t); - } - - /** - * Log an error message with additional information. - * - * @param message The message to log. - * @param variables The values to substitute {} of the logmessage with. - */ - public static void error(Object message, Object[] variables) { - org.slf4j.Logger logger = getLogger(); - logger.error(prepareMessage(message), variables); - } - - /** - * Log a fatal error message. - * - * @param message The message to log. - */ - public static void fatal(Object message) { - error(message); - } - - /** - * Log a fatal error message. - * - * @param message The message to log. - * @param t An exception that may be the cause of the error. - */ - public static void fatal(Object message, Throwable t) { - error(message, t); - } -} diff --git a/common/src/main/java/at/gv/egovernment/moa/logging/LoggingContext.java b/common/src/main/java/at/gv/egovernment/moa/logging/LoggingContext.java deleted file mode 100644 index db4b93a0b..000000000 --- a/common/src/main/java/at/gv/egovernment/moa/logging/LoggingContext.java +++ /dev/null @@ -1,70 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.logging; - -/** - * Encapsulates contextual information (i.e. per request information) for - * logging purposes. - * - * @author Patrick Peck - * @version $Id$ - */ -public class LoggingContext { - /** The name of the node ID system property. */ - public static final String NODE_ID_PROPERTY = "moa.node-id"; - - /** The current transaction ID. */ - private String transactionID; - /** The node ID. */ - private String nodeID; - - /** - * Create a new <code>LoggingContext</code>. - * - * @param transactionID The transaction ID. May be <code>null</code>. - */ - public LoggingContext(String transactionID) { - this.transactionID = transactionID; - this.nodeID = System.getProperty(NODE_ID_PROPERTY); - } - - /** - * Return the transaction ID. - * - * @return The transaction ID. - */ - public String getTransactionID() { - return transactionID; - } - - /** - * Return the node ID. - * - * @return The node ID. - */ - public String getNodeID() { - return nodeID; - } -} diff --git a/common/src/main/java/at/gv/egovernment/moa/logging/LoggingContextManager.java b/common/src/main/java/at/gv/egovernment/moa/logging/LoggingContextManager.java deleted file mode 100644 index f0d7b4c07..000000000 --- a/common/src/main/java/at/gv/egovernment/moa/logging/LoggingContextManager.java +++ /dev/null @@ -1,80 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.logging; - -/** - * Provides each thread with a single instance of <code>LoggingContext</code>. - * - * @author Patrick Peck - * @version $Id$ - */ -public class LoggingContextManager { - /** The single instance of this class. */ - private static LoggingContextManager instance = null; - - /** The <code>LoggingContext</code> for each thread. */ - private ThreadLocal context; - - /** - * Get the single instance of the <code>LoggingContextManager</code> class. - * - * @return LoggingContextManager The single instance. - */ - public static synchronized LoggingContextManager getInstance() { - if (instance == null) { - instance = new LoggingContextManager(); - } - return instance; - } - - /** - * Creates a new <code>LoggingContextManager</code>. - * - * Protected to disallow direct instantiation. - */ - protected LoggingContextManager() { - context = new ThreadLocal(); - } - - /** - * Set the <code>LoggingContext</code> context for the current thread. - * - * @param ctx The <code>LoggingContext</code> for the current thread. - */ - public void setLoggingContext(LoggingContext ctx) { - context.set(ctx); - } - - /** - * Return the <code>LoggingContext</code> for the current thread. - * - * @return LoggingContext The <code>LoggingContext</code> for the current - * thread, or <code>null</code> if none has been set. - */ - public LoggingContext getLoggingContext() { - return (LoggingContext) context.get(); - } - -} diff --git a/common/src/main/java/at/gv/egovernment/moa/util/Base64Utils.java b/common/src/main/java/at/gv/egovernment/moa/util/Base64Utils.java deleted file mode 100644 index 66bf50316..000000000 --- a/common/src/main/java/at/gv/egovernment/moa/util/Base64Utils.java +++ /dev/null @@ -1,153 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.util; - -import java.io.ByteArrayInputStream; -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.io.InputStream; -import java.io.UnsupportedEncodingException; - -import iaik.utils.Base64InputStream; -import iaik.utils.Base64OutputStream; - -/** - * Utitility functions for encoding/decoding Base64 strings. - * - * @author Patrick Peck - * @version $Id$ - */ -public class Base64Utils { - - /** - * Read the bytes encoded in a Base64 encoded <code>String</code>. - * - * @param base64String The <code>String</code> containing the Base64 encoded - * bytes. - * @param ignoreInvalidChars Whether to ignore invalid Base64 characters. - * @return byte[] The raw bytes contained in the <code>base64String</code>. - * @throws IOException Failed to read the Base64 data. - */ - public static byte[] decode(String base64String, boolean ignoreInvalidChars, String encoding) - throws IOException { - - Base64InputStream in = - new Base64InputStream( - new ByteArrayInputStream(base64String.getBytes(encoding)), - ignoreInvalidChars); - ByteArrayOutputStream out = new ByteArrayOutputStream(); - byte[] bytes = new byte[256]; - int bytesRead; - - while ((bytesRead = in.read(bytes)) > 0) { - out.write(bytes, 0, bytesRead); - } - in.close(); - - return out.toByteArray(); - } - - public static byte[] decode(String base64String, boolean ignoreInvalidChars) throws IOException { - return decode(base64String, ignoreInvalidChars, "UTF-8"); - } - - /** - * Read the bytes encoded in a Base64 encoded <code>String</code> and provide - * them via an <code>InputStream</code>. - * - * @param base64String The <code>String</code> containing the Base64 encoded - * bytes. - * @param ignoreInvalidChars Whether to ignore invalid Base64 characters. - * @return The <code>InputStream</code> from which the binary content of the - * <code>base64String</code> can be read. - */ - public static InputStream decodeToStream( - String base64String, - boolean ignoreInvalidChars, - String encoding) { - - try { - ByteArrayInputStream bin = - new ByteArrayInputStream(base64String.getBytes(encoding)); - Base64InputStream in = new Base64InputStream(bin, ignoreInvalidChars); - - return in; - } catch (UnsupportedEncodingException e) { - // cannot occur, since UTF-8 is required to be supported by every JRE - return null; - } - } - - public static InputStream decodeToStream( - String base64String, - boolean ignoreInvalidChars) { - return decodeToStream(base64String, ignoreInvalidChars, "UTF-8"); - - } - - /** - * Convert a byte array to a Base64 encoded <code>String</code>. - * - * @param bytes The bytes to encode. - * @return String The Base64 encoded representation of the <code>bytes</code>. - * @throws IOException Failed to write the bytes as Base64 data. - */ - public static String encode(byte[] bytes) throws IOException { - return encode(new ByteArrayInputStream(bytes), "UTF-8"); - } - - public static String encode(byte[] bytes, String encoding) throws IOException { - return encode(new ByteArrayInputStream(bytes), encoding); - } - - public static String encode(InputStream inputStream) throws IOException { - return encode(inputStream, "UTF-8"); - } - /** - * Convert the data contained in the given stream to a Base64 encoded - * <code>String</code>. - * - * @param inputStream The stream containing the data to encode. - * @return The Base64 encoded data of <code>inputStream</code>, as a - * <code>String</code>. - * @throws IOException Failed to convert the data in the stream. - */ - public static String encode(InputStream inputStream, String encoding) throws IOException { - ByteArrayOutputStream byteStream = new ByteArrayOutputStream(); - Base64OutputStream base64Stream = new Base64OutputStream(byteStream, "\n".getBytes()); - byte[] bytes = new byte[256]; - int bytesRead; - - while ((bytesRead = inputStream.read(bytes)) > 0) { - base64Stream.write(bytes, 0, bytesRead); - } - base64Stream.flush(); - base64Stream.close(); - inputStream.close(); - - return byteStream.toString(encoding); - } - -} diff --git a/common/src/main/java/at/gv/egovernment/moa/util/BoolUtils.java b/common/src/main/java/at/gv/egovernment/moa/util/BoolUtils.java deleted file mode 100644 index 492aca994..000000000 --- a/common/src/main/java/at/gv/egovernment/moa/util/BoolUtils.java +++ /dev/null @@ -1,48 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.util; - -/** - * Utility class for parsing XML schema boolean values. - * - * @author Patrick Peck - * @version $Id$ - */ -public class BoolUtils { - - /** - * Return the boolean value of an <code>xsd:boolean</code> type of DOM - * element/attribute. - * - * @param boolStr The value of the <code>xsd:boolean</code> element/attribute. - * @return <code>true</code>, if <code>boolStr</code> equals - * <code>"true"</code> or <code>"1;"</code>. Otherwise, - * <code>false</code> is returned. - */ - public static boolean valueOf(String boolStr) { - return "true".equals(boolStr) || "1".equals(boolStr); - } - -} diff --git a/common/src/main/java/at/gv/egovernment/moa/util/CollectionUtils.java b/common/src/main/java/at/gv/egovernment/moa/util/CollectionUtils.java deleted file mode 100644 index 8597e1eec..000000000 --- a/common/src/main/java/at/gv/egovernment/moa/util/CollectionUtils.java +++ /dev/null @@ -1,60 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.util; - -import java.util.Iterator; -import java.util.List; - -/** - * Various utility methods for dealing with <code>java.util.Collection</code> - * classes. - * - * @author Patrick Peck - * @version $Id$ - */ -public class CollectionUtils { - - /** - * Convert a <code>List</code> of <code>Number</code> objects to an - * <code>int</code> array. - * - * @param nums The <code>List</code> containing the numbers whose integer - * value to put into the result. - * @return The <code>int</code> values of the <code>Number</code>s contained - * in <code>nums</code>. - */ - public static int[] toIntArray(List nums) { - int[] result = new int[nums.size()]; - Iterator iter; - int i; - - for (i = 0, iter = nums.iterator(); iter.hasNext(); i++) { - Number num = (Number) iter.next(); - result[i] = num.intValue(); - } - - return result; - } -} diff --git a/common/src/main/java/at/gv/egovernment/moa/util/Constants.java b/common/src/main/java/at/gv/egovernment/moa/util/Constants.java deleted file mode 100644 index 5a5f4edac..000000000 --- a/common/src/main/java/at/gv/egovernment/moa/util/Constants.java +++ /dev/null @@ -1,514 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.util; - -import java.util.HashMap; - -/** - * Contains various constants used throughout the system. - * - * @author Patrick Peck - * @version $Id$ - */ -public interface Constants { - /** Root location of the schema files. */ - public static final String SCHEMA_ROOT = "/resources/schemas/"; - - /** URI of the Widerrufregister XML namespace. */ - public static final String WRR_NS_URI = - "http://reference.e-government.gv.at/namespace/moavv/20041223"; - - /** Prefix used for the Widerrufregister XML namespace */ - public static final String WRR_PREFIX = "wrr"; - - /** URI of the StandardTextBlock XML namespace. */ - public static final String STB_NS_URI = - "http://reference.e-government.gv.at/namespace/standardtextblock/20041105#"; - - /** Prefix used for the standard text block XML namespace */ - public static final String STB_PREFIX = "stb"; - - /** URI of the MOA XML namespace. */ - public static final String MOA_NS_URI = - "http://reference.e-government.gv.at/namespace/moa/20020822#"; - - /** Name of the mandates infobox */ - public static final String INFOBOXIDENTIFIER_MANDATES = "Mandates"; - - /** Prefix used for the Mandate XML namespace */ - public static final String MD_PREFIX = "md"; - - /** URI of the Mandate XML namespace. */ - public static final String MD_NS_URI = - "http://reference.e-government.gv.at/namespace/mandates/20040701#"; - - /** Prefix used for the Mandate XML namespace */ - public static final String MVV_PREFIX = "mvv"; - - /** URI of the Mandate XML namespace. */ - public static final String MVV_NS_URI = - "http://reference.e-government.gv.at/namespace/moavv/app2mvv/20041125"; - - /** Prefix used for the MandateCheckProfile XML namespace */ - public static final String MDP_PREFIX = "mdp"; - - /** URI of the Mandate XML namespace. */ - public static final String MDP_NS_URI = - "http://reference.e-government.gv.at/namespace/mandateprofile/20041105#"; - - /** Prefix used for the MOA XML namespace */ - public static final String MOA_PREFIX = "moa"; - - /** Local location of the MOA XML schema definition. */ - public static final String MOA_SCHEMA_LOCATION = - SCHEMA_ROOT + "MOA-SPSS-2.0.0.xsd"; - - /** URI of the MOA configuration XML namespace. */ - public static final String MOA_CONFIG_NS_URI = - "http://reference.e-government.gv.at/namespace/moaconfig/20021122#"; - - /** URI of the MOA ID configuration XML namespace. */ - public static final String MOA_ID_CONFIG_NS_URI = - "http://www.buergerkarte.at/namespaces/moaconfig#"; - - /** Prefix used for the MOA configuration XML namespace */ - public static final String MOA_CONFIG_PREFIX = "conf"; - - /** Prefix used for the MOA configuration XML namespace */ - public static final String MOA_ID_CONFIG_PREFIX = "confID"; - - /** Local location of the MOA configuration XML schema definition. */ - public static final String MOA_CONFIG_SCHEMA_LOCATION = - SCHEMA_ROOT + "MOA-SPSS-config-2.0.0.xsd"; - - /** Local location of the MOA ID configuration XML schema definition. */ - public static final String MOA_ID_CONFIG_SCHEMA_LOCATION = - SCHEMA_ROOT + "MOA-ID-Configuration-1.5.2.xsd"; - - /** URI of the Security Layer 1.0 namespace. */ - public static final String SL10_NS_URI = - "http://www.buergerkarte.at/namespaces/securitylayer/20020225#"; - - /** Prefix used for the Security Layer 1.0 XML namespace */ - public static final String SL10_PREFIX = "sl10"; - - /** Local location of the Security Layer 1.0 XML schema definition */ - public static final String SL10_SCHEMA_LOCATION = - SCHEMA_ROOT + "Core.20020225.xsd"; - - /** URI of the Security Layer 1.1 XML namespace */ - public static final String SL11_NS_URI = - "http://www.buergerkarte.at/namespaces/securitylayer/20020831#"; - - /** Prefix used for the Security Layer 1.1 XML namespace */ - public static final String SL11_PREFIX = "sl11"; - - /** Local location of the Security Layer 1.1 XML schema definition */ - public static final String SL11_SCHEMA_LOCATION = - SCHEMA_ROOT + "Core.20020831.xsd"; - - /** URI of the Security Layer 1.2 XML namespace */ - public static final String SL12_NS_URI = - "http://www.buergerkarte.at/namespaces/securitylayer/1.2#"; - - /** Prefix used for the Security Layer 1.2 XML namespace */ - public static final String SL12_PREFIX = "sl"; - - /** Local location of the Security Layer 1.2 XML schema definition */ - public static final String SL12_SCHEMA_LOCATION = - SCHEMA_ROOT + "Core-1.2.xsd"; - - /** URI of the ECDSA XML namespace */ - public static final String ECDSA_NS_URI = - "http://www.w3.org/2001/04/xmldsig-more#"; - - /** Prefix used for ECDSA namespace */ - public static final String ECDSA_PREFIX = "ecdsa"; - - /** Local location of ECDSA XML schema definition */ - public static final String ECDSA_SCHEMA_LOCATION = - SCHEMA_ROOT + "ECDSAKeyValue.xsd"; - - /** URI of the PersonData XML namespace. */ - public static final String PD_NS_URI = - "http://reference.e-government.gv.at/namespace/persondata/20020228#"; - - /** Prefix used for the PersonData XML namespace */ - public static final String PD_PREFIX = "pr"; - -// /** Local location of the PersonData XML schema definition */ -// public static final String PD_SCHEMA_LOCATION = -// SCHEMA_ROOT + "PersonData.xsd"; - - /** Local location of the PersonData XML schema definition */ - public static final String PD_SCHEMA_LOCATION = - SCHEMA_ROOT + "PersonData_20_en_moaWID.xsd"; - - /** URI of the SAML namespace. */ - public static final String SAML_NS_URI = - "urn:oasis:names:tc:SAML:1.0:assertion"; - - /** Prefix used for the SAML XML namespace */ - public static final String SAML_PREFIX = "saml"; - - /** Local location of the SAML XML schema definition. */ - public static final String SAML_SCHEMA_LOCATION = - SCHEMA_ROOT + "cs-sstc-schema-assertion-01.xsd"; - - /** URI of the SAML request-response protocol namespace. */ - public static final String SAMLP_NS_URI = - "urn:oasis:names:tc:SAML:1.0:protocol"; - - /** Prefix used for the SAML request-response protocol namespace */ - public static final String SAMLP_PREFIX = "samlp"; - - /** Local location of the SAML request-response protocol schema definition. */ - public static final String SAMLP_SCHEMA_LOCATION = - SCHEMA_ROOT + "cs-sstc-schema-protocol-01.xsd"; - - /** URI of the XML namespace. */ - public static final String XML_NS_URI = - "http://www.w3.org/XML/1998/namespace"; - - /** Prefix used for the XML namespace */ - public static final String XML_PREFIX = "xml"; - - /** Local location of the XML schema definition. */ - public static final String XML_SCHEMA_LOCATION = SCHEMA_ROOT + "xml.xsd"; - - /** URI of the XMLNS namespace */ - public static final String XMLNS_NS_URI = "http://www.w3.org/2000/xmlns/"; - - /** Prefix used for the XSI namespace */ - public static final String XSI_PREFIX = "xsi"; - - /** Local location of the XSI schema definition. */ - public static final String XSI_SCHEMA_LOCATION = - SCHEMA_ROOT + "XMLSchema-instance.xsd"; - - /** URI of the XSI XMLNS namespace */ - public static final String XSI_NS_URI = - "http://www.w3.org/2001/XMLSchema-instance"; - - /** URI of the XSLT XML namespace */ - public static final String XSLT_NS_URI = - "http://www.w3.org/1999/XSL/Transform"; - - /** Prefix used for the XSLT XML namespace */ - public static final String XSLT_PREFIX = "xsl"; - - /** URI of the XMLDSig XML namespace. */ - public static final String DSIG_NS_URI = "http://www.w3.org/2000/09/xmldsig#"; - - /** Prefix used for the XMLDSig XML namespace */ - public static final String DSIG_PREFIX = "dsig"; - - /** Local location of the XMLDSig XML schema. */ - public static final String DSIG_SCHEMA_LOCATION = - SCHEMA_ROOT + "xmldsig-core-schema.xsd"; - - /** URI of the XMLDSig XPath Filter XML namespace. */ - public static final String DSIG_FILTER2_NS_URI = - "http://www.w3.org/2002/06/xmldsig-filter2"; - - /** Prefix used for the XMLDSig XPath Filter XML namespace */ - public static final String DSIG_FILTER2_PREFIX = "dsig-filter2"; - - /** Local location of the XMLDSig XPath Filter XML schema definition. */ - public static final String DSIG_FILTER2_SCHEMA_LOCATION = - SCHEMA_ROOT + "xmldsig-filter2.xsd"; - - /** URI of the Exclusive Canonicalization XML namespace */ - public static final String DSIG_EC_NS_URI = - "http://www.w3.org/2001/10/xml-exc-c14n#"; - - /** Prefix used for the Exclusive Canonicalization XML namespace */ - public static final String DSIG_EC_PREFIX = "ec"; - - /** Local location of the Exclusive Canonicalizaion XML schema definition */ - public static final String DSIG_EC_SCHEMA_LOCATION = - SCHEMA_ROOT + "exclusive-canonicalization.xsd"; - - /** URI of the XMLLoginParameterResolver Configuration XML namespace */ - public static final String XMLLPR_NS_URI="http://reference.e-government.gv.at/namespace/moa/20020822#/xmllpr20030814"; - - /** Local location of the XMLLoginParameterResolver Configuration XML schema definition */ - public static final String XMLLPR_SCHEMA_LOCATION = - SCHEMA_ROOT + "MOAIdentities.xsd"; - - /** Local location of the XAdES v1.1.1 schema definition */ - public static final String XADES_1_1_1_SCHEMA_LOCATION = - SCHEMA_ROOT + "XAdES-1.1.1.xsd"; - - /** URI of the XAdES v1.1.1 namespace */ - public static final String XADES_1_1_1_NS_URI = "http://uri.etsi.org/01903/v1.1.1#"; - - public static final String XADES_1_1_1_NS_PREFIX = "xades111"; - - /** Local location of the XAdES v1.2.2 schema definition */ - public static final String XADES_1_2_2_SCHEMA_LOCATION = - SCHEMA_ROOT + "XAdES-1.2.2.xsd"; - - /** URI of the XAdES v1.2.2 namespace */ - public static final String XADES_1_2_2_NS_URI = "http://uri.etsi.org/01903/v1.2.2#"; - - public static final String XADES_1_2_2_NS_PREFIX = "xades122"; - - /** Local location of the XAdES v1.1.1 schema definition */ - public static final String XADES_1_3_2_SCHEMA_LOCATION = - SCHEMA_ROOT + "XAdES-1.3.2.xsd"; - - /** URI of the XAdES v1.3.2 namespace */ - public static final String XADES_1_3_2_NS_URI = "http://uri.etsi.org/01903/v1.3.2#"; - - public static final String XADES_1_3_2_NS_PREFIX = "xades132"; - - /** Local location of the XAdES v1.4.1 schema definition */ - public static final String XADES_1_4_1_SCHEMA_LOCATION = - SCHEMA_ROOT + "XAdES-1.4.1.xsd"; - - /** URI of the XAdES v1.4.1 namespace */ - public static final String XADES_1_4_1_NS_URI = "http://uri.etsi.org/01903/v1.4.1#"; - - public static final String XADES_1_4_1_NS_PREFIX = "xades141"; - /** URI of the SAML 2.0 namespace. */ - public static final String SAML2_NS_URI = - "urn:oasis:names:tc:SAML:2.0:assertion"; - - /** Prefix used for the SAML 2.0 XML namespace */ - public static final String SAML2_PREFIX = "saml2"; - - /** Local location of the SAML 2.0 XML schema definition. */ - public static final String SAML2_SCHEMA_LOCATION = - SCHEMA_ROOT + "saml-schema-assertion-2.0.xsd"; - - /** URI of the SAML 2.0 protocol namespace. */ - public static final String SAML2P_NS_URI = - "urn:oasis:names:tc:SAML:2.0:protocol"; - - /** Prefix used for the SAML 2.0 protocol XML namespace */ - public static final String SAML2P_PREFIX = "saml2p"; - - /** Local location of the SAML 2.0 protocol XML schema definition. */ - public static final String SAML2P_SCHEMA_LOCATION = - SCHEMA_ROOT + "saml-schema-protocol-2.0.xsd"; - - /** URI of the STORK namespace. */ - public static final String STORK_NS_URI = - "urn:eu:stork:names:tc:STORK:1.0:assertion"; - - /** Prefix used for the STORK XML namespace */ - public static final String STORK_PREFIX = "stork"; - - /** Local location of the STORK XML schema definition. */ - public static final String STORK_SCHEMA_LOCATION = - SCHEMA_ROOT + "stork-schema-assertion-1.0.xsd"; - - /** URI of the STORK protocol namespace. */ - public static final String STORKP_NS_URI = - "urn:eu:stork:names:tc:STORK:1.0:protocol"; - - /** Prefix used for the STORK protocol XML namespace */ - public static final String STORKP_PREFIX = "storkp"; - - /** Local location of the STORK protocol XML schema definition. */ - public static final String STORKP_SCHEMA_LOCATION = - SCHEMA_ROOT + "stork-schema-protocol-1.0.xsd"; - - /** URI of the TSL namespace. */ - public static final String TSL_NS_URI = - "http://uri.etsi.org/02231/v2#"; - - /** Prefix used for the TSL namespace */ - public static final String TSL_PREFIX = "tsl1"; - - /** Local location of the TSL schema definition. */ - public static final String TSL_SCHEMA_LOCATION = - SCHEMA_ROOT + "ts_119612v010201_xsd.xsd"; - - /** URI of the TSL SIE namespace. */ - public static final String TSL_SIE_NS_URI = - "http://uri.etsi.org/TrstSvc/SvcInfoExt/eSigDir-1999-93-EC-TrustedList/#"; - - /** Prefix used for the TSL SIE namespace */ - public static final String TSL_SIE_PREFIX = "tslsie"; - - /** Local location of the TSL SIE schema definition. */ - public static final String TSL_SIE_SCHEMA_LOCATION = - SCHEMA_ROOT + "ts_119612v010201_sie_xsd.xsd"; - - /** URI of the TSL additional types namespace. */ - public static final String TSL_ADDTYPES_NS_URI = - "http://uri.etsi.org/02231/v2/additionaltypes#"; - - /** Prefix used for the TSL additional types namespace */ - public static final String TSL_ADDTYPES_PREFIX = "tsltype"; - - /** Local location of the TSL additional types schema definition. */ - public static final String TSL_ADDTYPES_SCHEMA_LOCATION = - SCHEMA_ROOT + "ts_ts_119612v010201_additionaltypes_xsd.xsd"; - - /** URI of the XML Encryption namespace. */ - public static final String XENC_NS_URI = - "http://www.w3.org/2001/04/xmlenc#"; - - /** Prefix used for the XML Encryption XML namespace */ - public static final String XENC_PREFIX = "xenc"; - - /** Local location of the XML Encryption XML schema definition. */ - public static final String XENC_SCHEMA_LOCATION = - SCHEMA_ROOT + "xenc-schema.xsd"; - - /** Prefix used for the XML Encryption XML namespace */ - public static final String SAML2_METADATA_PREFIX = "md"; - - /** Prefix used for the XML Encryption XML namespace */ - public static final String SAML2_METADATA_URI = "urn:oasis:names:tc:SAML:2.0:metadata"; - - /** Local location of the XML Encryption XML schema definition. */ - public static final String SAML2_METADATA_SCHEMA_LOCATION = - SCHEMA_ROOT + "saml-schema-metadata-2.0.xsd"; - - /** - * Contains all namespaces and local schema locations for XML schema - * definitions relevant for MOA. For use in validating XML parsers. - */ - public static final String ALL_SCHEMA_LOCATIONS = - (MOA_NS_URI + " " + MOA_SCHEMA_LOCATION + " ") - + (MOA_CONFIG_NS_URI + " " + MOA_CONFIG_SCHEMA_LOCATION + " ") - + (MOA_ID_CONFIG_NS_URI + " " + MOA_ID_CONFIG_SCHEMA_LOCATION + " ") - + (SL10_NS_URI + " " + SL10_SCHEMA_LOCATION + " ") - + (SL11_NS_URI + " " + SL11_SCHEMA_LOCATION + " ") - + (SL12_NS_URI + " " + SL12_SCHEMA_LOCATION + " ") - + (ECDSA_NS_URI + " " + ECDSA_SCHEMA_LOCATION + " ") - + (PD_NS_URI + " " + PD_SCHEMA_LOCATION + " ") - + (SAML_NS_URI + " " + SAML_SCHEMA_LOCATION + " ") - + (SAMLP_NS_URI + " " + SAMLP_SCHEMA_LOCATION + " ") - + (XML_NS_URI + " " + XML_SCHEMA_LOCATION + " ") - + (XSI_NS_URI + " " + XSI_SCHEMA_LOCATION + " ") - + (DSIG_NS_URI + " " + DSIG_SCHEMA_LOCATION + " ") - + (DSIG_FILTER2_NS_URI + " " + DSIG_FILTER2_SCHEMA_LOCATION + " ") - + (DSIG_EC_NS_URI + " " + DSIG_EC_SCHEMA_LOCATION + " ") - + (XMLLPR_NS_URI + " " + XMLLPR_SCHEMA_LOCATION + " ") - + (XADES_1_1_1_NS_URI + " " + XADES_1_1_1_SCHEMA_LOCATION + " ") - + (XADES_1_2_2_NS_URI + " " + XADES_1_2_2_SCHEMA_LOCATION + " ") - + (XADES_1_3_2_NS_URI + " " + XADES_1_3_2_SCHEMA_LOCATION + " ") - + (XADES_1_4_1_NS_URI + " " + XADES_1_4_1_SCHEMA_LOCATION + " ") - + (TSL_NS_URI + " " + TSL_SCHEMA_LOCATION + " ") - + (TSL_SIE_NS_URI + " " + TSL_SIE_SCHEMA_LOCATION + " ") - + (TSL_ADDTYPES_NS_URI + " " + TSL_ADDTYPES_SCHEMA_LOCATION + " ") - + (SAML2_NS_URI + " " + SAML2_SCHEMA_LOCATION + " ") - + (SAML2P_NS_URI + " " + SAML2P_SCHEMA_LOCATION + " ") - + (STORK_NS_URI + " " + STORK_SCHEMA_LOCATION + " ") - + (STORKP_NS_URI + " " + STORKP_SCHEMA_LOCATION + " ") - + (SAML2_METADATA_URI + " " + SAML2_METADATA_SCHEMA_LOCATION + " ") - + (XENC_NS_URI + " " + XENC_SCHEMA_LOCATION); - - /** URN prefix for bPK and wbPK. */ - public static final String URN_PREFIX = "urn:publicid:gv.at"; - - /** URN prefix for context dependent id. */ - public static final String URN_PREFIX_CDID = URN_PREFIX + ":cdid"; - - /** URN prefix for context dependent id (bPK). */ - public static final String URN_PREFIX_BPK = URN_PREFIX_CDID + "+bpk"; - - /** URN prefix for context dependent id (HPI). */ - public static final String URN_PREFIX_HPI = URN_PREFIX_CDID + "+EHSP"; - - /** URN prefix for context dependent id (wbPK). */ - public static final String URN_PREFIX_WBPK = URN_PREFIX + ":wbpk"; - - /** URN prefix for context dependent id (stork). */ - public static final String URN_PREFIX_STORK = URN_PREFIX + ":storkid"; - - //TODO: update to eIDAS prefix - /** URN prefix for context dependent id (eIDAS). */ - public static final String URN_PREFIX_EIDAS = URN_PREFIX + ":storkid"; - - /** URN prefix for context dependent id. */ - public static final String URN_PREFIX_BASEID = URN_PREFIX + ":baseid"; - - /** Security Layer manifest type URI. */ - public static final String SL_MANIFEST_TYPE_URI = - "http://www.buergerkarte.at/specifications/Security-Layer/20020225#SignatureManifest"; - - /** URI of the SHA1 digest algorithm */ - public static final String SHA1_URI = - "http://www.w3.org/2000/09/xmldsig#sha1"; - - /** URI of the SHA1 digest algorithm */ - public static final String SHA256_URI = - "http://www.w3.org/2000/09/xmldsig#sha256"; - - /** URI of the SHA1 digest algorithm */ - public static final String SHA384_URI = - "http://www.w3.org/2000/09/xmldsig#sha384"; - - /** URI of the SHA1 digest algorithm */ - public static final String SHA512_URI = - "http://www.w3.org/2000/09/xmldsig#sha512"; - - /** URI of the Canonical XML algorithm */ - public static final String C14N_URI = - "http://www.w3.org/TR/2001/REC-xml-c14n-20010315"; - - /** URI of the Canoncial XML with comments algorithm */ - public static final String C14N_WITH_COMMENTS_URI = - "http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"; - - /** URI of the Exclusive Canonical XML algorithm */ - public static final String EXC_C14N_URI = - "http://www.w3.org/2001/10/xml-exc-c14n#"; - - /** URI of the Exclusive Canonical XML with commments algorithm */ - public static final String EXC_C14N_WITH_COMMENTS_URI = - "http://www.w3.org/2001/10/xml-exc-c14n#WithComments"; - - // - // Local names for elements of the MOA SPSS schema - // - - /** - * Local name of request for creating an XML signature. - */ - public static final String MOA_SPSS_CREATE_XML_REQUEST = "CreateXMLSignatureRequest"; - - /** - * Local name of request for creating a CMS signature. - */ - public static final String MOA_SPSS_CREATE_CMS_REQUEST = "CreateCMSSignatureRequest"; - - /** - * Local name of request for verifying an XML signature. - */ - public static final String MOA_SPSS_VERIFY_XML_REQUEST = "VerifiyXMLSignatureRequest"; - - /** - * A map used to map namespace prefixes to namespace URIs - */ - public static HashMap<String, String> nSMap = new HashMap<String, String>(5); - -} diff --git a/common/src/main/java/at/gv/egovernment/moa/util/DOMUtils.java b/common/src/main/java/at/gv/egovernment/moa/util/DOMUtils.java deleted file mode 100644 index 0a07fc4a7..000000000 --- a/common/src/main/java/at/gv/egovernment/moa/util/DOMUtils.java +++ /dev/null @@ -1,1172 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.util; - -import java.io.ByteArrayInputStream; -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.io.InputStream; -import java.util.HashMap; -import java.util.HashSet; -import java.util.Iterator; -import java.util.List; -import java.util.Map; -import java.util.Set; -import java.util.Vector; - -import javax.xml.parsers.DocumentBuilder; -import javax.xml.parsers.DocumentBuilderFactory; -import javax.xml.parsers.ParserConfigurationException; -import javax.xml.transform.OutputKeys; -import javax.xml.transform.Result; -import javax.xml.transform.Source; -import javax.xml.transform.Transformer; -import javax.xml.transform.TransformerException; -import javax.xml.transform.TransformerFactory; -import javax.xml.transform.dom.DOMSource; -import javax.xml.transform.stream.StreamResult; - -import org.apache.xerces.parsers.DOMParser; -import org.apache.xerces.parsers.SAXParser; -import org.apache.xerces.parsers.XMLGrammarPreparser; -import org.apache.xerces.util.SymbolTable; -import org.apache.xerces.util.XMLGrammarPoolImpl; -import org.apache.xerces.xni.grammars.XMLGrammarDescription; -import org.apache.xerces.xni.grammars.XMLGrammarPool; -import org.apache.xerces.xni.parser.XMLInputSource; -import org.w3c.dom.Attr; -import org.w3c.dom.Document; -import org.w3c.dom.DocumentFragment; -import org.w3c.dom.Element; -import org.w3c.dom.NamedNodeMap; -import org.w3c.dom.Node; -import org.w3c.dom.NodeList; -import org.xml.sax.EntityResolver; -import org.xml.sax.ErrorHandler; -import org.xml.sax.InputSource; -import org.xml.sax.SAXException; - -import at.gv.egovernment.moa.logging.Logger; - -/** - * Various utility functions for handling XML DOM trees. - * - * The parsing methods in this class make use of some features internal to the - * Xerces DOM parser, mainly for performance reasons. As soon as JAXP - * (currently at version 1.2) is better at schema handling, it should be used as - * the parser interface. - * - * @author Patrick Peck - * @version $Id$ - */ -public class DOMUtils { - - /** Feature URI for namespace aware parsing. */ - private static final String NAMESPACES_FEATURE = - "http://xml.org/sax/features/namespaces"; - /** Feature URI for validating parsing. */ - private static final String VALIDATION_FEATURE = - "http://xml.org/sax/features/validation"; - /** Feature URI for schema validating parsing. */ - private static final String SCHEMA_VALIDATION_FEATURE = - "http://apache.org/xml/features/validation/schema"; - /** Feature URI for normalization of element/attribute values. */ - private static final String NORMALIZED_VALUE_FEATURE = - "http://apache.org/xml/features/validation/schema/normalized-value"; - /** Feature URI for parsing ignorable whitespace. */ - private static final String INCLUDE_IGNORABLE_WHITESPACE_FEATURE = - "http://apache.org/xml/features/dom/include-ignorable-whitespace"; - /** Feature URI for creating EntityReference nodes in the DOM tree. */ - private static final String CREATE_ENTITY_REF_NODES_FEATURE = - "http://apache.org/xml/features/dom/create-entity-ref-nodes"; - /** Property URI for providing external schema locations. */ - private static final String EXTERNAL_SCHEMA_LOCATION_PROPERTY = - "http://apache.org/xml/properties/schema/external-schemaLocation"; - /** Property URI for providing the external schema location for elements - * without a namespace. */ - private static final String EXTERNAL_NO_NAMESPACE_SCHEMA_LOCATION_PROPERTY = - "http://apache.org/xml/properties/schema/external-noNamespaceSchemaLocation"; - - private static final String EXTERNAL_GENERAL_ENTITIES_FEATURE = - "http://xml.org/sax/features/external-general-entities"; - - private static final String EXTERNAL_PARAMETER_ENTITIES_FEATURE = - "http://xml.org/sax/features/external-parameter-entities"; - - private static final String DISALLOW_DOCTYPE_FEATURE = - "http://apache.org/xml/features/disallow-doctype-decl"; - - - - /** Property URI for the Xerces grammar pool. */ - private static final String GRAMMAR_POOL = - org.apache.xerces.impl.Constants.XERCES_PROPERTY_PREFIX - + org.apache.xerces.impl.Constants.XMLGRAMMAR_POOL_PROPERTY; - /** A prime number for initializing the symbol table. */ - private static final int BIG_PRIME = 2039; - /** Symbol table for the grammar pool. */ - private static SymbolTable symbolTable = new SymbolTable(BIG_PRIME); - /** Xerces schema grammar pool. */ - private static XMLGrammarPool grammarPool = new XMLGrammarPoolImpl(); - /** Set holding the NamespaceURIs of the grammarPool, to prevent multiple - * entries of same grammars to the pool */ - private static Set grammarNamespaces; - - static { - grammarPool.lockPool(); - grammarNamespaces = new HashSet(); - } - - /** - * Preparse a schema and add it to the schema pool. - * The method only adds the schema to the pool if a schema having the same - * <code>systemId</code> (namespace URI) is not already present in the pool. - * - * @param inputStream An <code>InputStream</code> providing the contents of - * the schema. - * @param systemId The systemId (namespace URI) to use for the schema. - * @throws IOException An error occurred reading the schema. - */ - public static void addSchemaToPool(InputStream inputStream, String systemId) - throws IOException { - XMLGrammarPreparser preparser; - - if (!grammarNamespaces.contains(systemId)) { - - grammarNamespaces.add(systemId); - - // unlock the pool so that we can add another grammar - grammarPool.unlockPool(); - - // prepare the preparser - preparser = new XMLGrammarPreparser(symbolTable); - preparser.registerPreparser(XMLGrammarDescription.XML_SCHEMA, null); - preparser.setProperty(GRAMMAR_POOL, grammarPool); - preparser.setFeature(NAMESPACES_FEATURE, true); - preparser.setFeature(VALIDATION_FEATURE, true); - - // add the grammar to the pool - preparser.preparseGrammar( - XMLGrammarDescription.XML_SCHEMA, - new XMLInputSource(null, systemId, null, inputStream, null)); - - // lock the pool again so that schemas are not added automatically - grammarPool.lockPool(); - } - } - - /** - * Parse an XML document from an <code>InputStream</code>. - * - * @param inputStream The <code>InputStream</code> containing the XML - * document. - * @param validating If <code>true</code>, parse validating. - * @param externalSchemaLocations A <code>String</code> containing namespace - * URI to schema location pairs, the same way it is accepted by the <code>xsi: - * schemaLocation</code> attribute. - * @param externalNoNamespaceSchemaLocation The schema location of the - * schema for elements without a namespace, the same way it is accepted by the - * <code>xsi:noNamespaceSchemaLocation</code> attribute. - * @param entityResolver An <code>EntityResolver</code> to resolve external - * entities (schemas and DTDs). If <code>null</code>, it will not be set. - * @param errorHandler An <code>ErrorHandler</code> to decide what to do - * with parsing errors. If <code>null</code>, it will not be set. - * @return The parsed XML document as a DOM tree. - * @throws SAXException An error occurred parsing the document. - * @throws IOException An error occurred reading the document. - * @throws ParserConfigurationException An error occurred configuring the XML - * parser. - */ - public static Document parseDocument( - InputStream inputStream, - boolean validating, - String externalSchemaLocations, - String externalNoNamespaceSchemaLocation, - EntityResolver entityResolver, - ErrorHandler errorHandler) - throws SAXException, IOException, ParserConfigurationException { - - DOMParser parser; - -// class MyEntityResolver implements EntityResolver { -// -// public InputSource resolveEntity(String publicId, String systemId) -// throws SAXException, IOException { -// return new InputSource(new ByteArrayInputStream(new byte[0])); -// } -// } - - - //if Debug is enabled make a copy of inputStream to enable debug output in case of SAXException - byte buffer [] = null; - ByteArrayInputStream baStream = null; - if(true == Logger.isDebugEnabled()) { - int len = inputStream.available(); - buffer = new byte[len]; - inputStream.read(buffer); - baStream = new ByteArrayInputStream(buffer); - } - - // create the DOM parser - if (symbolTable != null) { - parser = new DOMParser(symbolTable, grammarPool); - } else { - parser = new DOMParser(); - } - - // set parser features and properties - try { - parser.setFeature(NAMESPACES_FEATURE, true); - parser.setFeature(VALIDATION_FEATURE, validating); - parser.setFeature(SCHEMA_VALIDATION_FEATURE, validating); - parser.setFeature(NORMALIZED_VALUE_FEATURE, false); - parser.setFeature(INCLUDE_IGNORABLE_WHITESPACE_FEATURE, true); - parser.setFeature(CREATE_ENTITY_REF_NODES_FEATURE, false); - parser.setFeature(EXTERNAL_GENERAL_ENTITIES_FEATURE, false); - parser.setFeature(EXTERNAL_PARAMETER_ENTITIES_FEATURE, false); - - //fix XXE problem - parser.setFeature("http://apache.org/xml/features/disallow-doctype-decl", true); - - - if (validating) { - if (externalSchemaLocations != null) { - parser.setProperty( - EXTERNAL_SCHEMA_LOCATION_PROPERTY, - externalSchemaLocations); - } - if (externalNoNamespaceSchemaLocation != null) { - parser.setProperty( - EXTERNAL_NO_NAMESPACE_SCHEMA_LOCATION_PROPERTY, - externalNoNamespaceSchemaLocation); - } - } - - // set entity resolver and error handler - if (entityResolver != null) { - parser.setEntityResolver(entityResolver); - } - if (errorHandler != null) { - parser.setErrorHandler(errorHandler); - } - - // parse the document and return it - // if debug is enabled: use copy of strem (baStream) else use orig stream - if(null != baStream) - parser.parse(new InputSource(baStream)); - else - parser.parse(new InputSource(inputStream)); - } catch(SAXException e) { - if(true == Logger.isDebugEnabled() && null != buffer) { - String xmlContent = new String(buffer); - Logger.debug("SAXException in:\n" + xmlContent); - } - throw(e); - } - - return parser.getDocument(); - } - - /** - * Parse an XML document from an <code>InputStream</code>. - * - * @param inputStream The <code>InputStream</code> containing the XML - * document. - * @param validating If <code>true</code>, parse validating. - * @param externalSchemaLocations A <code>String</code> containing namespace - * URI to schema location pairs, the same way it is accepted by the <code>xsi: - * schemaLocation</code> attribute. - * @param externalNoNamespaceSchemaLocation The schema location of the - * schema for elements without a namespace, the same way it is accepted by the - * <code>xsi:noNamespaceSchemaLocation</code> attribute. - * @param entityResolver An <code>EntityResolver</code> to resolve external - * entities (schemas and DTDs). If <code>null</code>, it will not be set. - * @param errorHandler An <code>ErrorHandler</code> to decide what to do - * with parsing errors. If <code>null</code>, it will not be set. - * @return The parsed XML document as a DOM tree. - * @throws SAXException An error occurred parsing the document. - * @throws IOException An error occurred reading the document. - * @throws ParserConfigurationException An error occurred configuring the XML - * parser. - */ - public static Document parseDocumentSimple(InputStream inputStream) - throws SAXException, IOException, ParserConfigurationException { - - DOMParser parser; - - parser = new DOMParser(); - // set parser features and properties - parser.setFeature(NAMESPACES_FEATURE, true); - parser.setFeature(VALIDATION_FEATURE, false); - parser.setFeature(SCHEMA_VALIDATION_FEATURE, false); - parser.setFeature(NORMALIZED_VALUE_FEATURE, false); - parser.setFeature(INCLUDE_IGNORABLE_WHITESPACE_FEATURE, true); - parser.setFeature(CREATE_ENTITY_REF_NODES_FEATURE, false); - - parser.parse(new InputSource(inputStream)); - - return parser.getDocument(); - } - - - /** - * Parse an XML document from an <code>InputStream</code>. - * - * It uses a <code>MOAEntityResolver</code> as the <code>EntityResolver</code> - * and a <code>MOAErrorHandler</code> as the <code>ErrorHandler</code>. - * - * @param inputStream The <code>InputStream</code> containing the XML - * document. - * @param validating If <code>true</code>, parse validating. - * @param externalSchemaLocations A <code>String</code> containing namespace - * URI to schema location pairs, the same way it is accepted by the <code>xsi: - * schemaLocation</code> attribute. - * @param externalNoNamespaceSchemaLocation The schema location of the - * schema for elements without a namespace, the same way it is accepted by the - * <code>xsi:noNamespaceSchemaLocation</code> attribute. - * @return The parsed XML document as a DOM tree. - * @throws SAXException An error occurred parsing the document. - * @throws IOException An error occurred reading the document. - * @throws ParserConfigurationException An error occurred configuring the XML - * parser. - */ - public static Document parseDocument( - InputStream inputStream, - boolean validating, - String externalSchemaLocations, - String externalNoNamespaceSchemaLocation) - throws SAXException, IOException, ParserConfigurationException { - - - - return parseDocument( - inputStream, - validating, - externalSchemaLocations, - externalNoNamespaceSchemaLocation, - new MOAEntityResolver(), - new MOAErrorHandler()); - } - - /** - * Parse an XML document from a <code>String</code>. - * - * It uses a <code>MOAEntityResolver</code> as the <code>EntityResolver</code> - * and a <code>MOAErrorHandler</code> as the <code>ErrorHandler</code>. - * - * @param xmlString The <code>String</code> containing the XML document. - * @param encoding The encoding of the XML document. - * @param validating If <code>true</code>, parse validating. - * @param externalSchemaLocations A <code>String</code> containing namespace - * URI to schema location pairs, the same way it is accepted by the <code>xsi: - * schemaLocation</code> attribute. - * @param externalNoNamespaceSchemaLocation The schema location of the - * schema for elements without a namespace, the same way it is accepted by the - * <code>xsi:noNamespaceSchemaLocation</code> attribute. - * @return The parsed XML document as a DOM tree. - * @throws SAXException An error occurred parsing the document. - * @throws IOException An error occurred reading the document. - * @throws ParserConfigurationException An error occurred configuring the XML - * parser. - */ - public static Document parseDocument( - String xmlString, - String encoding, - boolean validating, - String externalSchemaLocations, - String externalNoNamespaceSchemaLocation) - throws SAXException, IOException, ParserConfigurationException { - - InputStream in = new ByteArrayInputStream(xmlString.getBytes(encoding)); - return parseDocument( - in, - validating, - externalSchemaLocations, - externalNoNamespaceSchemaLocation); - } - - /** - * Parse an UTF-8 encoded XML document from a <code>String</code>. - * - * @param xmlString The <code>String</code> containing the XML document. - * @param validating If <code>true</code>, parse validating. - * @param externalSchemaLocations A <code>String</code> containing namespace - * URI to schema location pairs, the same way it is accepted by the <code>xsi: - * schemaLocation</code> attribute. - * @param externalNoNamespaceSchemaLocation The schema location of the - * schema for elements without a namespace, the same way it is accepted by the - * <code>xsi:noNamespaceSchemaLocation</code> attribute. - * @return The parsed XML document as a DOM tree. - * @throws SAXException An error occurred parsing the document. - * @throws IOException An error occurred reading the document. - * @throws ParserConfigurationException An error occurred configuring the XML - * parser. - */ - public static Document parseDocument( - String xmlString, - boolean validating, - String externalSchemaLocations, - String externalNoNamespaceSchemaLocation) - throws SAXException, IOException, ParserConfigurationException { - - return parseDocument( - xmlString, - "UTF-8", - validating, - externalSchemaLocations, - externalNoNamespaceSchemaLocation); - } - - /** - * A convenience method to parse an XML document validating. - * - * @param inputStream The <code>InputStream</code> containing the XML - * document. - * @return The root element of the parsed XML document. - * @throws SAXException An error occurred parsing the document. - * @throws IOException An error occurred reading the document. - * @throws ParserConfigurationException An error occurred configuring the XML - * parser. - */ - public static Element parseXmlValidating(InputStream inputStream) - throws ParserConfigurationException, SAXException, IOException { - return DOMUtils - .parseDocument(inputStream, true, Constants.ALL_SCHEMA_LOCATIONS, null) - .getDocumentElement(); - } - - /** - * A convenience method to parse an XML document non validating. - * - * @param inputStream The <code>InputStream</code> containing the XML - * document. - * @return The root element of the parsed XML document. - * @throws SAXException An error occurred parsing the document. - * @throws IOException An error occurred reading the document. - * @throws ParserConfigurationException An error occurred configuring the XML - * parser. - */ - public static Element parseXmlNonValidating(InputStream inputStream) - throws ParserConfigurationException, SAXException, IOException { - return DOMUtils - .parseDocument(inputStream, false, Constants.ALL_SCHEMA_LOCATIONS, null) - .getDocumentElement(); - } - - /** - * Schema validate a given DOM element. - * - * @param element The element to validate. - * @param externalSchemaLocations A <code>String</code> containing namespace - * URI to schema location pairs, the same way it is accepted by the <code>xsi: - * schemaLocation</code> attribute. - * @param externalNoNamespaceSchemaLocation The schema location of the - * schema for elements without a namespace, the same way it is accepted by the - * <code>xsi:noNamespaceSchemaLocation</code> attribute. - * @return <code>true</code>, if the <code>element</code> validates against - * the schemas declared in it. - * @throws SAXException An error occurred parsing the document. - * @throws IOException An error occurred reading the document from its - * serialized representation. - * @throws ParserConfigurationException An error occurred configuring the XML - * @throws TransformerException An error occurred serializing the element. - */ - public static boolean validateElement( - Element element, - String externalSchemaLocations, - String externalNoNamespaceSchemaLocation) - throws - ParserConfigurationException, - IOException, - SAXException, - TransformerException { - - byte[] docBytes; - SAXParser parser; - - // create the SAX parser - if (symbolTable != null) { - parser = new SAXParser(symbolTable, grammarPool); - } else { - parser = new SAXParser(); - } - - // serialize the document - docBytes = serializeNode(element, "UTF-8"); - - // set up parser features and attributes - parser.setFeature(NAMESPACES_FEATURE, true); - parser.setFeature(VALIDATION_FEATURE, true); - parser.setFeature(SCHEMA_VALIDATION_FEATURE, true); - parser.setFeature(EXTERNAL_GENERAL_ENTITIES_FEATURE, false); - parser.setFeature(DISALLOW_DOCTYPE_FEATURE, true); - - - if (externalSchemaLocations != null) { - parser.setProperty( - EXTERNAL_SCHEMA_LOCATION_PROPERTY, - externalSchemaLocations); - } - if (externalNoNamespaceSchemaLocation != null) { - parser.setProperty( - EXTERNAL_NO_NAMESPACE_SCHEMA_LOCATION_PROPERTY, - "externalNoNamespaceSchemaLocation"); - } - - // set up entity resolver and error handler - parser.setEntityResolver(new MOAEntityResolver()); - parser.setErrorHandler(new MOAErrorHandler()); - - // parse validating - parser.parse(new InputSource(new ByteArrayInputStream(docBytes))); - return true; - } - - - /** - * Schema validate a given DOM element. - * - * @param element The element to validate. - * @param externalSchemaLocations A <code>String</code> containing namespace - * URI to schema location pairs, the same way it is accepted by the <code>xsi: - * schemaLocation</code> attribute. - * @param externalNoNamespaceSchemaLocation The schema location of the - * schema for elements without a namespace, the same way it is accepted by the - * <code>xsi:noNamespaceSchemaLocation</code> attribute. - * @return <code>true</code>, if the <code>element</code> validates against - * the schemas declared in it. - * @throws SAXException An error occurred parsing the document. - * @throws IOException An error occurred reading the document from its - * serialized representation. - * @throws ParserConfigurationException An error occurred configuring the XML - * @throws TransformerException An error occurred serializing the element. - */ - public static boolean validateElement( - Element element, - String externalSchemaLocations, - String externalNoNamespaceSchemaLocation, - EntityResolver entityResolver) - throws - ParserConfigurationException, - IOException, - SAXException, - TransformerException { - - byte[] docBytes; - SAXParser parser; - - // create the SAX parser - if (symbolTable != null) { - parser = new SAXParser(symbolTable, grammarPool); - } else { - parser = new SAXParser(); - } - - // serialize the document - docBytes = serializeNode(element, "UTF-8"); - - // set up parser features and attributes - parser.setFeature(NAMESPACES_FEATURE, true); - parser.setFeature(VALIDATION_FEATURE, true); - parser.setFeature(SCHEMA_VALIDATION_FEATURE, true); - - if (externalSchemaLocations != null) { - parser.setProperty( - EXTERNAL_SCHEMA_LOCATION_PROPERTY, - externalSchemaLocations); - } - if (externalNoNamespaceSchemaLocation != null) { - parser.setProperty( - EXTERNAL_NO_NAMESPACE_SCHEMA_LOCATION_PROPERTY, - "externalNoNamespaceSchemaLocation"); - } - - // set up entity resolver and error handler - parser.setEntityResolver(entityResolver); - parser.setErrorHandler(new MOAErrorHandler()); - - // parse validating - parser.parse(new InputSource(new ByteArrayInputStream(docBytes))); - return true; - } - - /** - * Serialize the given DOM node. - * - * The node will be serialized using the UTF-8 encoding. - * - * @param node The node to serialize. - * @return String The <code>String</code> representation of the given DOM - * node. - * @throws TransformerException An error occurred transforming the - * node to a <code>String</code>. - * @throws IOException An IO error occurred writing the node to a byte array. - */ - public static String serializeNode(Node node) - throws TransformerException, IOException { - return new String(serializeNode(node, "UTF-8", false), "UTF-8"); - } - - - /** - * Serialize the given DOM node. - * - * The node will be serialized using the UTF-8 encoding. - * - * @param node The node to serialize. - * @param omitXmlDeclaration The boolean value for omitting the XML Declaration. - * @return String The <code>String</code> representation of the given DOM - * node. - * @throws TransformerException An error occurred transforming the - * node to a <code>String</code>. - * @throws IOException An IO error occurred writing the node to a byte array. - */ - public static String serializeNode(Node node, boolean omitXmlDeclaration) - throws TransformerException, IOException { - return new String(serializeNode(node, "UTF-8", omitXmlDeclaration), "UTF-8"); - } - - /** - * Serialize the given DOM node. - * - * The node will be serialized using the UTF-8 encoding. - * - * @param node The node to serialize. - * @param omitXmlDeclaration The boolean value for omitting the XML Declaration. - * @param lineSeperator Sets the line seperator String of the parser - * @return String The <code>String</code> representation of the given DOM - * node. - * @throws TransformerException An error occurred transforming the - * node to a <code>String</code>. - * @throws IOException An IO error occurred writing the node to a byte array. - */ - public static String serializeNode(Node node, boolean omitXmlDeclaration, String lineSeperator) - throws TransformerException, IOException { - return new String(serializeNode(node, "UTF-8", omitXmlDeclaration, lineSeperator), "UTF-8"); - } - - /** - * Serialize the given DOM node to a byte array. - * - * @param node The node to serialize. - * @param xmlEncoding The XML encoding to use. - * @return The serialized node, as a byte array. Using a compatible encoding - * this can easily be converted into a <code>String</code>. - * @throws TransformerException An error occurred transforming the node to a - * byte array. - * @throws IOException An IO error occurred writing the node to a byte array. - */ - public static byte[] serializeNode(Node node, String xmlEncoding) - throws TransformerException, IOException { - return serializeNode(node, xmlEncoding, false); - } - - /** - * Serialize the given DOM node to a byte array. - * - * @param node The node to serialize. - * @param xmlEncoding The XML encoding to use. - * @param omitDeclaration The boolean value for omitting the XML Declaration. - * @return The serialized node, as a byte array. Using a compatible encoding - * this can easily be converted into a <code>String</code>. - * @throws TransformerException An error occurred transforming the node to a - * byte array. - * @throws IOException An IO error occurred writing the node to a byte array. - */ - public static byte[] serializeNode(Node node, String xmlEncoding, boolean omitDeclaration) - throws TransformerException, IOException { - return serializeNode(node, xmlEncoding, omitDeclaration, null); - } - - - /** - * Serialize the given DOM node to a byte array. - * - * @param node The node to serialize. - * @param xmlEncoding The XML encoding to use. - * @param omitDeclaration The boolean value for omitting the XML Declaration. - * @param lineSeperator Sets the line seperator String of the parser - * @return The serialized node, as a byte array. Using a compatible encoding - * this can easily be converted into a <code>String</code>. - * @throws TransformerException An error occurred transforming the node to a - * byte array. - * @throws IOException An IO error occurred writing the node to a byte array. - */ - public static byte[] serializeNode(Node node, String xmlEncoding, boolean omitDeclaration, String lineSeperator) - throws TransformerException, IOException { - - TransformerFactory transformerFactory = TransformerFactory.newInstance(); - Transformer transformer = transformerFactory.newTransformer(); - ByteArrayOutputStream bos = new ByteArrayOutputStream(16384); - - transformer.setOutputProperty(OutputKeys.METHOD, "xml"); - transformer.setOutputProperty(OutputKeys.ENCODING, xmlEncoding); - String omit = omitDeclaration ? "yes" : "no"; - transformer.setOutputProperty(OutputKeys.OMIT_XML_DECLARATION, omit); - if (null!=lineSeperator) { - transformer.setOutputProperty("{http://xml.apache.org/xalan}line-separator", lineSeperator);//does not work for xalan <= 2.5.1 - } - transformer.transform(new DOMSource(node), new StreamResult(bos)); - - bos.flush(); - bos.close(); - - return bos.toByteArray(); - } - - /** - * Return the text that a node contains. - * - * This routine: - * <ul> - * <li>Ignores comments and processing instructions.</li> - * <li>Concatenates TEXT nodes, CDATA nodes, and the results recursively - * processing EntityRef nodes.</li> - * <li>Ignores any element nodes in the sublist. (Other possible options are - * to recurse into element sublists or throw an exception.)</li> - * </ul> - * - * @param node A DOM node from which to extract text. - * @return A String representing its contents. - */ - public static String getText(Node node) { - if (!node.hasChildNodes()) { - return ""; - } - - StringBuffer result = new StringBuffer(); - NodeList list = node.getChildNodes(); - - for (int i = 0; i < list.getLength(); i++) { - Node subnode = list.item(i); - if (subnode.getNodeType() == Node.TEXT_NODE) { - result.append(subnode.getNodeValue()); - } else if (subnode.getNodeType() == Node.CDATA_SECTION_NODE) { - result.append(subnode.getNodeValue()); - } else if (subnode.getNodeType() == Node.ENTITY_REFERENCE_NODE) { - // Recurse into the subtree for text - // (and ignore comments) - result.append(getText(subnode)); - } - } - return result.toString(); - } - - /** - * Build the namespace prefix to namespace URL mapping in effect for a given - * node. - * - * @param node The context node for which build the map. - * @return The namespace prefix to namespace URL mapping ( - * a <code>String</code> value to <code>String</code> value mapping). - */ - public static Map getNamespaceDeclarations(Node node) { - Map nsDecls = new HashMap(); - int i; - - do { - if (node.hasAttributes()) { - NamedNodeMap attrs = node.getAttributes(); - - for (i = 0; i < attrs.getLength(); i++) { - Attr attr = (Attr) attrs.item(i); - - // add prefix mapping if none exists - if ("xmlns".equals(attr.getPrefix()) - || "xmlns".equals(attr.getName())) { - - String nsPrefix = - attr.getPrefix() != null ? attr.getLocalName() : ""; - - if (nsDecls.get(nsPrefix) == null) { - nsDecls.put(nsPrefix, attr.getValue()); - } - } - } - } - } while ((node = node.getParentNode()) != null); - - return nsDecls; - } - - /** - * Add all namespace declarations declared in the parent(s) of a given - * element and used in the subtree of the given element to the given element. - * - * @param context The element to which to add the namespaces. - */ - public static void localizeNamespaceDeclarations(Element context) { - Node parent = context.getParentNode(); - - if (parent != null) { - Map namespaces = getNamespaceDeclarations(context.getParentNode()); - Set nsUris = collectNamespaceURIs(context); - Iterator iter; - - for (iter = namespaces.entrySet().iterator(); iter.hasNext();) { - Map.Entry e = (Map.Entry) iter.next(); - - if (nsUris.contains(e.getValue())) { - String prefix = (String) e.getKey(); - String nsUri = (String) e.getValue(); - String nsAttrName = "".equals(prefix) ? "xmlns" : "xmlns:" + prefix; - - context.setAttributeNS(Constants.XMLNS_NS_URI, nsAttrName, nsUri); - } - } - } - } - - /** - * Collect all the namespace URIs used in the subtree of a given element. - * - * @param context The element that should be searched for namespace URIs. - * @return All namespace URIs used in the subtree of <code>context</code>, - * including the ones used in <code>context</code> itself. - */ - public static Set collectNamespaceURIs(Element context) { - Set result = new HashSet(); - - collectNamespaceURIsImpl(context, result); - return result; - } - - /** - * A recursive method to do the work of <code>collectNamespaceURIs</code>. - * - * @param context The context element to evaluate. - * @param result The result, passed as a parameter to avoid unnecessary - * instantiations of <code>Set</code>. - */ - private static void collectNamespaceURIsImpl(Element context, Set result) { - NamedNodeMap attrs = context.getAttributes(); - NodeList childNodes = context.getChildNodes(); - String nsUri; - int i; - - // add the namespace of the context element - nsUri = context.getNamespaceURI(); - if (nsUri != null && nsUri != Constants.XMLNS_NS_URI) { - result.add(nsUri); - } - - // add all namespace URIs from attributes - for (i = 0; i < attrs.getLength(); i++) { - nsUri = attrs.item(i).getNamespaceURI(); - if (nsUri != null && nsUri != Constants.XMLNS_NS_URI) { - result.add(nsUri); - } - } - - // add all namespaces from subelements - for (i = 0; i < childNodes.getLength(); i++) { - Node node = childNodes.item(i); - - if (node.getNodeType() == Node.ELEMENT_NODE) { - collectNamespaceURIsImpl((Element) node, result); - } - } - } - - /** - * Check, that each attribute node in the given <code>NodeList</code> has its - * parent in the <code>NodeList</code> as well. - * - * @param nodes The <code>NodeList</code> to check. - * @return <code>true</code>, if each attribute node in <code>nodes</code> - * has its parent in <code>nodes</code> as well. - */ - public static boolean checkAttributeParentsInNodeList(NodeList nodes) { - Set nodeSet = new HashSet(); - int i; - - // put the nodes into the nodeSet - for (i = 0; i < nodes.getLength(); i++) { - nodeSet.add(nodes.item(i)); - } - - // check that each attribute node's parent is in the node list - for (i = 0; i < nodes.getLength(); i++) { - Node n = nodes.item(i); - - if (n.getNodeType() == Node.ATTRIBUTE_NODE) { - Attr attr = (Attr) n; - Element owner = attr.getOwnerElement(); - - if (owner == null) { - if (!isNamespaceDeclaration(attr)) { - return false; - } - } - - if (!nodeSet.contains(owner) && !isNamespaceDeclaration(attr)) { - return false; - } - } - } - - return true; - } - - /** - * Convert an unstructured <code>NodeList</code> into a - * <code>DocumentFragment</code>. - * - * @param nodeList Contains the node list to be converted into a DOM - * DocumentFragment. - * @return the resulting DocumentFragment. The DocumentFragment will be - * backed by a new DOM Document, i.e. all noded of the node list will be - * cloned. - * @throws ParserConfigurationException An error occurred creating the - * DocumentFragment. - * @precondition The nodes in the node list appear in document order - * @precondition for each Attr node in the node list, the owning Element is - * in the node list as well. - * @precondition each Element or Attr node in the node list is namespace - * aware. - */ - public static DocumentFragment nodeList2DocumentFragment(NodeList nodeList) - throws ParserConfigurationException { - - DocumentBuilder builder = - DocumentBuilderFactory.newInstance().newDocumentBuilder(); - Document doc = builder.newDocument(); - DocumentFragment result = doc.createDocumentFragment(); - - if (null == nodeList || nodeList.getLength() == 0) { - return result; - } - - int currPos = 0; - currPos = - nodeList2DocumentFragment(nodeList, currPos, result, null, null) + 1; - - while (currPos < nodeList.getLength()) { - currPos = - nodeList2DocumentFragment(nodeList, currPos, result, null, null) + 1; - } - return result; - } - - /** - * Helper method for the <code>nodeList2DocumentFragment</code>. - * - * @param nodeList The <code>NodeList</code> to convert. - * @param currPos The current position in the <code>nodeList</code>. - * @param result The resulting <code>DocumentFragment</code>. - * @param currOrgElem The current original element. - * @param currClonedElem The current cloned element. - * @return The current position. - */ - private static int nodeList2DocumentFragment( - NodeList nodeList, - int currPos, - DocumentFragment result, - Element currOrgElem, - Element currClonedElem) { - - while (currPos < nodeList.getLength()) { - Node currentNode = nodeList.item(currPos); - switch (currentNode.getNodeType()) { - case Node.COMMENT_NODE : - case Node.PROCESSING_INSTRUCTION_NODE : - case Node.TEXT_NODE : - { - // Append current node either to resulting DocumentFragment or to - // current cloned Element - if (null == currClonedElem) { - result.appendChild( - result.getOwnerDocument().importNode(currentNode, false)); - } else { - // Stop processing if current Node is not a descendant of - // current Element - if (!isAncestor(currOrgElem, currentNode)) { - return --currPos; - } - - currClonedElem.appendChild( - result.getOwnerDocument().importNode(currentNode, false)); - } - break; - } - - case Node.ELEMENT_NODE : - { - Element nextCurrOrgElem = (Element) currentNode; - Element nextCurrClonedElem = - result.getOwnerDocument().createElementNS( - nextCurrOrgElem.getNamespaceURI(), - nextCurrOrgElem.getNodeName()); - - // Append current Node either to resulting DocumentFragment or to - // current cloned Element - if (null == currClonedElem) { - result.appendChild(nextCurrClonedElem); - currOrgElem = nextCurrOrgElem; - currClonedElem = nextCurrClonedElem; - } else { - // Stop processing if current Node is not a descendant of - // current Element - if (!isAncestor(currOrgElem, currentNode)) { - return --currPos; - } - - currClonedElem.appendChild(nextCurrClonedElem); - } - - // Process current Node (of type Element) recursively - currPos = - nodeList2DocumentFragment( - nodeList, - ++currPos, - result, - nextCurrOrgElem, - nextCurrClonedElem); - - break; - } - - case Node.ATTRIBUTE_NODE : - { - Attr currAttr = (Attr) currentNode; - - // GK 20030411: Hack to overcome problems with IAIK IXSIL - if (currAttr.getOwnerElement() == null) - break; - if (currClonedElem == null) - break; - - // currClonedElem must be the owner Element of currAttr if - // preconditions are met - currClonedElem.setAttributeNS( - currAttr.getNamespaceURI(), - currAttr.getNodeName(), - currAttr.getValue()); - break; - } - - default : - { - // All other nodes will be ignored - } - } - - currPos++; - } - - return currPos; - } - - /** - * Check, if the given attribute is a namespace declaration. - * - * @param attr The attribute to check. - * @return <code>true</code>, if the attribute is a namespace declaration, - * <code>false</code> otherwise. - */ - private static boolean isNamespaceDeclaration(Attr attr) { - return Constants.XMLNS_NS_URI.equals(attr.getNamespaceURI()); - } - - /** - * Check, if a given DOM element is an ancestor of a given node. - * - * @param candAnc The DOM element to check for being the ancestor. - * @param cand The node to check for being the child. - * @return <code>true</code>, if <code>candAnc</code> is an (indirect) - * ancestor of <code>cand</code>; <code>false</code> otherwise. - */ - public static boolean isAncestor(Element candAnc, Node cand) { - Node currPar = cand.getParentNode(); - - while (currPar != null) { - if (candAnc == currPar) - return true; - currPar = currPar.getParentNode(); - } - return false; - } - - /** - * Selects the (first) element from a node list and returns it. - * - * @param nl The NodeList to get the element from. - * @return The (first) element included in the node list or <code>null</code> - * if the node list is <code>null</code> or empty or no element is - * included in the list. - */ - public static Element getElementFromNodeList (NodeList nl) { - if ((nl == null) || (nl.getLength() == 0)) { - return null; - } - for (int i=0; i<nl.getLength(); i++) { - Node node = nl.item(i); - if (node.getNodeType() == Node.ELEMENT_NODE) { - return (Element)node; - } - } - return null; - } - - /** - * Returns all child elements of the given element. - * - * @param parent The element to get the child elements from. - * - * @return A list including all child elements of the given element. - * Maybe empty if the parent element has no child elements. - */ - public static List getChildElements (Element parent) { - Vector v = new Vector(); - NodeList nl = parent.getChildNodes(); - int length = nl.getLength(); - for (int i=0; i < length; i++) { - Node node = nl.item(i); - if (node.getNodeType() == Node.ELEMENT_NODE) { - v.add((Element)node); - } - } - return v; - } - - /** - * Returns a byte array from given node. - * @param node - * @return - * @throws TransformerException - */ - public static byte[] nodeToByteArray(Node node) throws TransformerException { - Source source = new DOMSource(node); - ByteArrayOutputStream out = new ByteArrayOutputStream(); - //StringWriter stringWriter = new StringWriter(); - Result result = new StreamResult(out); - TransformerFactory factory = TransformerFactory.newInstance(); - Transformer transformer = factory.newTransformer(); - transformer.transform(source, result); - return out.toByteArray(); - } - - -} diff --git a/common/src/main/java/at/gv/egovernment/moa/util/DateTimeUtils.java b/common/src/main/java/at/gv/egovernment/moa/util/DateTimeUtils.java deleted file mode 100644 index a2e0965d4..000000000 --- a/common/src/main/java/at/gv/egovernment/moa/util/DateTimeUtils.java +++ /dev/null @@ -1,515 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.util; - -import java.io.StringWriter; -import java.text.DateFormat; -import java.text.ParseException; -import java.text.SimpleDateFormat; -import java.util.Calendar; -import java.util.Date; -import java.util.GregorianCalendar; -import java.util.TimeZone; - -import org.joda.time.DateTime; -import org.joda.time.format.DateTimeFormat; -import org.joda.time.format.DateTimeFormatter; - -/** - * Utility for parsing and building XML type <code>dateTime</code>, - * according to ISO 8601. - * - * @author Patrick Peck - * @version $Id$ - * @see <code>http://www.w3.org/2001/XMLSchema-datatypes"</code> - */ -public class DateTimeUtils { - /** Error messages. */ - private static MessageProvider msg = MessageProvider.getInstance(); - -// /** -// * Builds a <code>dateTime</code> value from a <code>Calendar</code> value. -// * @param cal the <code>Calendar</code> value -// * @return the <code>dateTime</code> value -// */ -// public static String buildDateTime(Calendar cal, boolean useUTC) { -// -// if (useUTC) -// return buildDateTimeUTC(cal); -// else { -// StringWriter out = new StringWriter(); -// out.write("" + cal.get(Calendar.YEAR)); -// out.write("-"); -// out.write(to2DigitString(cal.get(Calendar.MONTH) + 1)); -// out.write("-"); -// out.write(to2DigitString(cal.get(Calendar.DAY_OF_MONTH))); -// out.write("T"); -// out.write(to2DigitString(cal.get(Calendar.HOUR_OF_DAY))); -// out.write(":"); -// out.write(to2DigitString(cal.get(Calendar.MINUTE))); -// out.write(":"); -// out.write(to2DigitString(cal.get(Calendar.SECOND))); -// int tzOffsetMilliseconds = -// cal.get(Calendar.ZONE_OFFSET) + cal.get(Calendar.DST_OFFSET); -// if (tzOffsetMilliseconds != 0) { -// int tzOffsetMinutes = tzOffsetMilliseconds / (1000 * 60); -// int tzOffsetHours = tzOffsetMinutes / 60; -// tzOffsetMinutes -= tzOffsetHours * 60; -// if (tzOffsetMilliseconds > 0) { -// out.write("+"); -// out.write(to2DigitString(tzOffsetHours)); -// out.write(":"); -// out.write(to2DigitString(tzOffsetMinutes)); -// } else { -// out.write("-"); -// out.write(to2DigitString(-tzOffsetHours)); -// out.write(":"); -// out.write(to2DigitString(-tzOffsetMinutes)); -// } -// } -// return out.toString(); -// } -// } - - /** - * Builds a <code>dateTime</code> value in UTC from a <code>Calendar</code> value. - * @param cal the <code>Calendar</code> value - * @return the <code>dateTime</code> value - */ - public static String buildDateTimeUTC(Calendar cal) { - - SimpleDateFormat f = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss'Z'"); - f.setTimeZone(TimeZone.getTimeZone("UTC")); - - return f.format(cal.getTime()); - } - - /** - * Builds a <code>dateTime</code> value in UTC from a <code>Calendar</code> value. - * @param cal the <code>Calendar</code> value - * @return the <code>dateTime</code> value - */ - public static String buildDateTimeUTC(Date cal) { - - SimpleDateFormat f = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss'Z'"); - f.setTimeZone(TimeZone.getTimeZone("UTC")); - - return f.format(cal); - - } - - /** - * Builds a <code>dateTime</code> value from a <code>Calendar</code> value. - * @param cal the <code>Calendar</code> value - * @return the <code>dateTime</code> value - */ - public static String buildDate(Calendar cal) { - StringWriter out = new StringWriter(); - out.write("" + cal.get(Calendar.YEAR)); - out.write("-"); - out.write(to2DigitString(cal.get(Calendar.MONTH) + 1)); - out.write("-"); - out.write(to2DigitString(cal.get(Calendar.DAY_OF_MONTH))); - return out.toString(); - } - - /** - * Builds a <code>dateTime</code> value from a <code>Calendar</code> value. - * @param cal the <code>Calendar</code> value - * @return the <code>dateTime</code> value - */ - public static String buildTime(Calendar cal) { - StringWriter out = new StringWriter(); - out.write(to2DigitString(cal.get(Calendar.HOUR_OF_DAY))); - out.write(":"); - out.write(to2DigitString(cal.get(Calendar.MINUTE))); - out.write(":"); - out.write(to2DigitString(cal.get(Calendar.SECOND))); - - return out.toString(); - } - - /** - * Converts month, day, hour, minute, or second value - * to a 2 digit String. - * @param number the month, day, hour, minute, or second value - * @return 2 digit String - */ - private static String to2DigitString(int number) { - if (number < 10) - return "0" + number; - else - return "" + number; - } - - /** - * Parse a <code>String</code> containing a date and time instant, given in - * ISO 8601 format. - * - * @param dateTime The <code>String</code> to parse. - * @return The <code>Date</code> representation of the contents of - * <code>dateTime</code>. - * @throws ParseException Parsing the <code>dateTime</code> failed. - */ - public static Date parseDateTime(String dateTime) throws ParseException { - GregorianCalendar calendar; - long time; - int yearSign = 1, year, month, day; - int hour, minute, second; - double fraction = 0.0; - int tzSign = 1, tzHour = 0, tzMinute = 0; - int curPos = 0; - String fractStr; - boolean localTime = false; - char c; - - // parse year sign - ensureChars(dateTime, curPos, 1); - c = dateTime.charAt(curPos); - if (c == '+' || c == '-') { - yearSign = c == '+' ? 1 : -1; - curPos++; - } - - // parse year - year = parseInt(dateTime, curPos, 4); - curPos += 4; - - // parse '-' - ensureChar(dateTime, curPos, '-'); - curPos++; - - // parse month - month = parseInt(dateTime, curPos, 2); - ensureValue(month, 1, 12, curPos); - curPos += 2; - - // parse '-' - ensureChar(dateTime, curPos, '-'); - curPos++; - - // parse day - day = parseInt(dateTime, curPos, 2); - ensureValue(day, 1, 31, curPos); - curPos += 2; - - // parse 'T' - ensureChar(dateTime, curPos, 'T'); - curPos++; - - // parse hour - hour = parseInt(dateTime, curPos, 2); - ensureValue(hour, 0, 23, curPos); - curPos += 2; - - // parse ':' - ensureChar(dateTime, curPos, ':'); - curPos++; - - // parse minute - minute = parseInt(dateTime, curPos, 2); - ensureValue(minute, 0, 59, curPos); - curPos += 2; - - // parse ':' - ensureChar(dateTime, curPos, ':'); - curPos++; - - // parse second - second = parseInt(dateTime, curPos, 2); - ensureValue(second, 0, 59, curPos); - curPos += 2; - - // parse a fraction - if (dateTime.length() > curPos && dateTime.charAt(curPos) == '.') { - curPos++; - ensureDigits(dateTime, curPos, 1); - fractStr = "0."; - fractStr - += dateTime.substring(curPos, curPos + countDigits(dateTime, curPos)); - fraction = Double.parseDouble(fractStr); - curPos += countDigits(dateTime, curPos); - } - - // parse a time zone - if (dateTime.length() > curPos) { - c = dateTime.charAt(curPos); - if (c == 'Z') { - curPos++; - } else if (c == '+' || c == '-') { - // parse time zone sign - tzSign = c == '+' ? 1 : -1; - curPos++; - - // parse time zone hour - tzHour = parseInt(dateTime, curPos, 2); - ensureValue(tzHour, 0, 14, curPos); - curPos += 2; - - // parse ':' - ensureChar(dateTime, curPos, ':'); - curPos++; - - // parse time zone minute - tzMinute = parseInt(dateTime, curPos, 2); - ensureValue(tzMinute, 0, 59, curPos); - curPos += 2; - } - } else { - localTime = true; - } - - // if we have characters left, it's an error - if (dateTime.length() != curPos) { - throw new ParseException(msg.getMessage("datetime.00", null), curPos); - } - - // build the Date object - year = year * yearSign; - try { - calendar = new GregorianCalendar(TimeZone.getTimeZone("GMT")); - calendar.set(year, month - 1, day, hour, minute, second); - calendar.set(Calendar.MILLISECOND, 0); - time = calendar.getTime().getTime(); - time += (long) (fraction * 1000.0); - time -= tzSign * ((tzHour * 60) + tzMinute) * 60 * 1000; - if (localTime) { - time -= TimeZone.getDefault().getRawOffset(); - } - return new Date(time); - } catch (IllegalArgumentException e) { - throw new ParseException(msg.getMessage("datetime.00", null), curPos); - } - - } - - /** - * Parse an integer value. - * - * @param str The <code>String</code> containing the digits. - * @param curPos The starting position. - * @param digits The number of digist making up the integer value. - * @return int The integer representation of the digits contained in - * <code>str</code>. - * @throws ParseException Parsing the integer value failed. - */ - private static int parseInt(String str, int curPos, int digits) - throws ParseException { - - ensureDigits(str, curPos, digits); - return Integer.parseInt(str.substring(curPos, curPos + digits)); - } - - /** - * Count the number of digits following <code>curPos</code>. - * - * @param str The <code>String</code> in which to count digits. - * @param curPos The starting position. - * @return int The number of digits. - */ - private static int countDigits(String str, int curPos) { - int i; - - for (i = curPos; i < str.length() && Character.isDigit(str.charAt(i)); i++); - return i - curPos; - } - - /** - * Ensure that a value falls in a given min/max range. - * - * @param value The value to check. - * @param min The minimum allowed value. - * @param max The maximum allowed value. - * @param curPos To indicate the parsing position in the - * <code>ParseException</code>. - * @throws ParseException Thrown, if <code>value < min || value > - * max</code> - */ - private static void ensureValue(int value, int min, int max, int curPos) - throws ParseException { - - if (value < min || value > max) { - throw new ParseException(msg.getMessage("datetime.00", null), curPos); - } - } - - /** - * Ensure that the given <code>String</code> has a number of characters left. - * - * @param str The <code>String</code> to check for its length. - * @param curPos The starting position. - * @param count The minimum number of characters that <code>str</code> must - * contain, starting at from <code>curPos</code>. - * @throws ParseException Thrown, if - * <code>curPos + count > str.length()</code>. - */ - private static void ensureChars(String str, int curPos, int count) - throws ParseException { - if (curPos + count > str.length()) { - throw new ParseException(msg.getMessage("datetime.00", null), curPos); - } - } - - /** - * Ensure that a given <code>String</code> contains a certain character at a - * certain position. - * - * @param str The <code>String</code> in which to look up the character. - * @param curPos The position in <code>str</code> that must contain the - * character. - * @param c The character value that must be contained at position - * <code>curPos</code>. - * @throws ParseException Thrown, if the characters do not match or - * <code>curPos</code> is out of range. - */ - private static void ensureChar(String str, int curPos, char c) - throws ParseException { - - ensureChars(str, curPos, 1); - if (str.charAt(curPos) != c) { - throw new ParseException(msg.getMessage("datetime.00", null), curPos); - } - } - - /** - * Ensure that a given <code>String</code> contains a number of digits, - * starting at a given position. - * - * @param str The <code>String</code> to scan for digits. - * @param curPos The starting postion. - * @param count The number of digits that must be contained in - * <code>str</code>, starting at <code>curPos</code>. - * @throws ParseException Thrown, if <code>str</code> is not long enough, or - * one of the characters following <code>curPos</code> in <code>str</code> is - * not a digit. - */ - private static void ensureDigits(String str, int curPos, int count) - throws ParseException { - - ensureChars(str, curPos, count); - for (int i = curPos; i < curPos + count; i++) { - if (!Character.isDigit(str.charAt(i))) { - throw new ParseException(msg.getMessage("datetime.00", null), curPos); - } - } - } - - /** - * Calculates the age if date of birth is given (for a calendar time stamp) - * @param dateOfBirth Date of Birth - * @param now Calendar time stamp at which the age needs to be calculated for - * @return Age of a person - */ - public static int calcAge(Calendar dateOfBirth, Calendar now) { - int age = now.get(Calendar.YEAR) - dateOfBirth.get(Calendar.YEAR); - - int nowM = now.get(Calendar.MONTH); - int dobM = dateOfBirth.get(Calendar.MONTH); - int nowDOM = now.get(Calendar.DAY_OF_MONTH); - int dobDOM = dateOfBirth.get(Calendar.DAY_OF_MONTH); - - if ((nowM < dobM) || ((nowM == dobM) && (nowDOM < dobDOM))) { - age--; - } - - if (age < 0) { - throw new IllegalArgumentException("Calculated age results in negative value."); - } - return age; - } - - /** - * Calculates the age if date of birth is given as Calendar object - * @param dateOfBirth Date of Birth as Calendar object - * @return Age of a person - */ - public static int calcAge(Calendar dateOfBirth) { - return calcAge(dateOfBirth, Calendar.getInstance()); - } - - /** - * Calculates the age if date of birth is given (for a date time stamp) - * @param dateOfBirth Date of Birth - * @param now Date time stamp at which the age needs to be calculated for - * @return Age of a person - */ - public static int calcAge(Date dateOfBirth, Date now) { - Calendar dob = Calendar.getInstance(); - dob.setTime(dateOfBirth); - Calendar nowCal = Calendar.getInstance(); - nowCal.setTime(now); - return calcAge(dob, nowCal); - } - - /** - * Calculates the age if date of birth is given as Date object - * @param dateOfBirth Date of Birth as Date object - * @return Age of a person - */ - public static int calcAge(Date dateOfBirth) { - return calcAge(dateOfBirth, new Date()); - } - - public static String formatPEPSDateToMOADate(String pepsDate) { - - if (StringUtils.isEmpty(pepsDate)) { - return null; - } - - DateTimeFormatter fmt = null; - - switch (pepsDate.length()) { - case 4: - fmt = DateTimeFormat.forPattern("yyyy"); - break; - case 6: - fmt = DateTimeFormat.forPattern("yyyyMM"); - break; - case 8: - fmt = DateTimeFormat.forPattern("yyyyMMdd"); - break; - default: - fmt = DateTimeFormat.forPattern("yyyy-MM-dd"); - break; - } - - DateTime dt = fmt.parseDateTime(pepsDate); - DateTimeFormatter fmt2 = DateTimeFormat.forPattern("yyyy-MM-dd"); - return fmt2.print(dt); - - } - - /** - * Returns a date as String using a provided format - * @param format Format the date/time should be returned - * @return Date/Time as String formatted according the provided format - */ - public static String getDateTimeWithFormat(String format) { - DateFormat dateFormat = new SimpleDateFormat(format); - Date date = new Date(); - return dateFormat.format(date); - } - -} diff --git a/common/src/main/java/at/gv/egovernment/moa/util/Empty.java b/common/src/main/java/at/gv/egovernment/moa/util/Empty.java deleted file mode 100644 index 533b39b6b..000000000 --- a/common/src/main/java/at/gv/egovernment/moa/util/Empty.java +++ /dev/null @@ -1,31 +0,0 @@ -/* - * Copyright 2011 Federal Chancellery Austria and - * Graz University of Technology - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package at.gv.egovernment.moa.util; - -/** - * @author <a href="mailto:thomas.knall@iaik.tugraz.at">Thomas Knall</a> - */ -public interface Empty { - - /** - * Returns {@code true} if underlying object is empty. - * - * @return {@code true} if empty, {@code false} if not empty. - */ - boolean isEmpty(); - -} diff --git a/common/src/main/java/at/gv/egovernment/moa/util/EntityResolverChain.java b/common/src/main/java/at/gv/egovernment/moa/util/EntityResolverChain.java deleted file mode 100644 index 7213d036b..000000000 --- a/common/src/main/java/at/gv/egovernment/moa/util/EntityResolverChain.java +++ /dev/null @@ -1,76 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.util; - -import java.io.IOException; -import java.util.ArrayList; -import java.util.Iterator; -import java.util.List; - -import org.xml.sax.EntityResolver; -import org.xml.sax.InputSource; -import org.xml.sax.SAXException; - -/** - * Implementation of the <code>org.xml.sax.EntityResolver</code>, - * for use by a <code>org.apache.xerces.parsers.DOMParser</code>. - * - * @author Patrick Peck - * @version $Id$ - */ -public class EntityResolverChain implements EntityResolver { - /** The <code>EntityResolver</code>s in the chain. */ - private List resolvers = new ArrayList(); - - /** - * @see org.xml.sax.EntityResolver#resolveEntity(java.lang.String, java.lang.String) - */ - public InputSource resolveEntity(String publicId, String systemId) - throws SAXException, IOException { - - Iterator iter; - - for (iter = resolvers.iterator(); iter.hasNext(); ) { - EntityResolver resolver = (EntityResolver) iter.next(); - InputSource is = resolver.resolveEntity(publicId, systemId); - - if (is != null) { - return is; - } - } - - return null; - } - - /** - * Add an <code>EntityResolver</code> to the chain. - * - * @param entityResolver The <code>EntityResolver</code> to add. - */ - public void addEntityResolver(EntityResolver entityResolver) { - resolvers.add(entityResolver); - } - -} diff --git a/common/src/main/java/at/gv/egovernment/moa/util/FileUtils.java b/common/src/main/java/at/gv/egovernment/moa/util/FileUtils.java deleted file mode 100644 index a70d62e1e..000000000 --- a/common/src/main/java/at/gv/egovernment/moa/util/FileUtils.java +++ /dev/null @@ -1,179 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.util; - -import java.io.BufferedInputStream; -import java.io.File; -import java.io.FileInputStream; -import java.io.FileOutputStream; -import java.io.IOException; -import java.io.InputStream; -import java.io.OutputStream; -import java.net.URL; - -/** - * Utility for accessing files on the file system, and for reading from input streams. - * @author Paul Ivancsics - * @version $Id$ - */ -public class FileUtils { - - /** - * Reads a file, given by URL, into a byte array. - * @param urlString file URL - * @return file content - * @throws IOException on any exception thrown - */ - public static byte[] readURL(String urlString) throws IOException { - URL url = new URL(urlString); - InputStream in = new BufferedInputStream(url.openStream()); - byte[] content = StreamUtils.readStream(in); - in.close(); - return content; - } - /** - * Reads a file, given by URL, into a String. - * @param urlString file URL - * @param encoding character encoding - * @return file content - * @throws IOException on any exception thrown - */ - public static String readURL(String urlString, String encoding) throws IOException { - byte[] content = readURL(urlString); - return new String(content, encoding); - } - /** - * Reads a file, given by filename, into a byte array. - * @param filename filename - * @return file content - * @throws IOException on any exception thrown - */ - public static byte[] readFile(String filename) throws IOException { - BufferedInputStream in = new BufferedInputStream(new FileInputStream(filename)); - byte[] content = StreamUtils.readStream(in); - in.close(); - return content; - } - /** - * Reads a file, given by filename, into a String. - * @param filename filename - * @param encoding character encoding - * @return file content - * @throws IOException on any exception thrown - */ - public static String readFile(String filename, String encoding) throws IOException { - byte[] content = readFile(filename); - return new String(content, encoding); - } - /** - * Reads a file from a resource. - * @param name resource name - * @return file content as a byte array - * @throws IOException on any exception thrown - */ - public static byte[] readResource(String name) throws IOException { - ClassLoader cl = FileUtils.class.getClassLoader(); - BufferedInputStream in = new BufferedInputStream(cl.getResourceAsStream(name)); - byte[] content = StreamUtils.readStream(in); - in.close(); - return content; - } - /** - * Reads a file from a resource. - * @param name filename - * @param encoding character encoding - * @return file content - * @throws IOException on any exception thrown - */ - public static String readResource(String name, String encoding) throws IOException { - byte[] content = readResource(name); - return new String(content, encoding); - } - - /** - * Returns the absolute URL of a given url which is relative to the parameter root - * @param url - * @param root - * @return String - */ - public static String makeAbsoluteURL(String url, String root) { - //if url is relative to rootConfigFileDirName make it absolute - - File keyFile; - String newURL = url; - - if(null == url) return null; - - if (url.startsWith("http:/") || url.startsWith("https:/") || url.startsWith("file:/") || url.startsWith("ftp:/")) { - return url; - } else { - // check if absolute - if not make it absolute - keyFile = new File(url); - if (!keyFile.isAbsolute()) { - keyFile = new File(root, url); - - if (keyFile.toString().startsWith("file:")) - newURL = keyFile.toString(); - - else - newURL = keyFile.toURI().toString(); - - } - return newURL; - } - } - - - private static void copy( InputStream fis, OutputStream fos ) - { - try - { - byte[] buffer = new byte[ 0xFFFF ]; - for ( int len; (len = fis.read(buffer)) != -1; ) - fos.write( buffer, 0, len ); - } - catch( IOException e ) { - System.err.println( e ); - } - finally { - if ( fis != null ) - try { fis.close(); } catch ( IOException e ) { e.printStackTrace(); } - if ( fos != null ) - try { fos.close(); } catch ( IOException e ) { e.printStackTrace(); } - } - } - - public static void copyFile(File src, File dest) - { - try - { - copy( new FileInputStream( src ), new FileOutputStream( dest ) ); - } - catch( IOException e ) { - e.printStackTrace(); - } - } - -} diff --git a/common/src/main/java/at/gv/egovernment/moa/util/KeyStoreUtils.java b/common/src/main/java/at/gv/egovernment/moa/util/KeyStoreUtils.java deleted file mode 100644 index 3d28f4f2b..000000000 --- a/common/src/main/java/at/gv/egovernment/moa/util/KeyStoreUtils.java +++ /dev/null @@ -1,223 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.util; - -import iaik.x509.X509Certificate; - -import java.io.BufferedInputStream; -import java.io.File; -import java.io.FileInputStream; -import java.io.FileNotFoundException; -import java.io.IOException; -import java.io.InputStream; -import java.net.URL; -import java.security.GeneralSecurityException; -import java.security.KeyStore; -import java.security.KeyStoreException; -import java.security.cert.Certificate; - -/** - * Utility for creating and loading key stores. - * - * @author Paul Ivancsics - * @version $Id$ - */ -public class KeyStoreUtils { - - /** - * JAVA KeyStore - */ - private static final String KEYSTORE_TYPE_JKS = "JKS"; - - /** - * PKCS12 KeyStore - */ - private static final String KEYSTORE_TYPE_PKCS12 = "PKCS12"; - - - - /** - * Loads a key store from file. - * - * @param keystoreType key store type - * @param urlString URL of key store - * @param password password protecting the key store - * @return key store loaded - * @throws IOException thrown while reading the key store from file - * @throws GeneralSecurityException thrown while creating the key store - */ - public static KeyStore loadKeyStore( - String keystoreType, - String urlString, - String password) - throws IOException, GeneralSecurityException { - - URL keystoreURL = new URL(urlString); - InputStream in = keystoreURL.openStream(); - return loadKeyStore(keystoreType, in, password); - } - /** - * Loads a key store from an <code>InputStream</code>, and - * closes the <code>InputStream</code>. - * - * @param keystoreType key store type - * @param in input stream - * @param password password protecting the key store - * @return key store loaded - * @throws IOException thrown while reading the key store from the stream - * @throws GeneralSecurityException thrown while creating the key store - */ - public static KeyStore loadKeyStore( - String keystoreType, - InputStream in, - String password) - throws IOException, GeneralSecurityException { - - char[] chPassword = null; - if (password != null) - chPassword = password.toCharArray(); - KeyStore ks = KeyStore.getInstance(keystoreType); - ks.load(in, chPassword); - in.close(); - return ks; - } - /** - * Creates a key store from X509 certificate files, aliasing them with - * the index in the <code>String[]</code>, starting with <code>"0"</code>. - * - * @param keyStoreType key store type - * @param certFilenames certificate filenames - * @return key store created - * @throws IOException thrown while reading the certificates from file - * @throws GeneralSecurityException thrown while creating the key store - */ - public static KeyStore createKeyStore( - String keyStoreType, - String[] certFilenames) - throws IOException, GeneralSecurityException { - - KeyStore ks = KeyStore.getInstance(keyStoreType); - ks.load(null, null); - for (int i = 0; i < certFilenames.length; i++) { - Certificate cert = loadCertificate(certFilenames[i]); - ks.setCertificateEntry("" + i, cert); - } - return ks; - } - /** - * Creates a key store from a directory containg X509 certificate files, - * aliasing them with the index in the <code>String[]</code>, starting with <code>"0"</code>. - * All the files in the directory are considered to be certificates. - * - * @param keyStoreType key store type - * @param certDirURLString file URL of directory containing certificate filenames - * @return key store created - * @throws IOException thrown while reading the certificates from file - * @throws GeneralSecurityException thrown while creating the key store - */ - public static KeyStore createKeyStoreFromCertificateDirectory( - String keyStoreType, - String certDirURLString) - throws IOException, GeneralSecurityException { - - URL certDirURL = new URL(certDirURLString); - String certDirname = certDirURL.getFile(); - File certDir = new File(certDirname); - String[] certFilenames = certDir.list(); - String separator = - (certDirname.endsWith(File.separator) ? "" : File.separator); - for (int i = 0; i < certFilenames.length; i++) { - certFilenames[i] = certDirname + separator + certFilenames[i]; - } - return createKeyStore(keyStoreType, certFilenames); - } - - /** - * Loads an X509 certificate from file. - * @param certFilename filename - * @return the certificate loaded - * @throws IOException thrown while reading the certificate from file - * @throws GeneralSecurityException thrown while creating the certificate - */ - private static Certificate loadCertificate(String certFilename) - throws IOException, GeneralSecurityException { - - FileInputStream in = new FileInputStream(certFilename); - Certificate cert = new X509Certificate(in); - in.close(); - return cert; - } - - - /** - * Loads a keyStore without knowing the keyStore type - * @param keyStorePath URL to the keyStore - * @param password Password protecting the keyStore - * @return keyStore loaded - * @throws KeyStoreException thrown if keyStore cannot be loaded - * @throws FileNotFoundException - * @throws IOException - */ - public static KeyStore loadKeyStore(String keyStorePath, String password) throws KeyStoreException, IOException{ - - //InputStream is = new FileInputStream(keyStorePath); - URL keystoreURL = new URL(keyStorePath); - InputStream in = keystoreURL.openStream(); - InputStream isBuffered = new BufferedInputStream(in); - return loadKeyStore(isBuffered, password); - - } - - /** - * Loads a keyStore without knowing the keyStore type - * @param in input stream - * @param password Password protecting the keyStore - * @return keyStore loaded - * @throws KeyStoreException thrown if keyStore cannot be loaded - * @throws FileNotFoundException - * @throws IOException - */ -public static KeyStore loadKeyStore(InputStream is, String password) throws KeyStoreException, IOException{ - is.mark(1024*1024); - KeyStore ks = null; - try { - try { - ks = loadKeyStore(KEYSTORE_TYPE_PKCS12, is, password); - } catch (IOException e2) { - is.reset(); - ks = loadKeyStore(KEYSTORE_TYPE_JKS, is, password); - } - } catch(Exception e) { - e.printStackTrace(); - //throw new KeyStoreException(e); - } - return ks; - - } - - - - -} diff --git a/common/src/main/java/at/gv/egovernment/moa/util/MOADefaultHandler.java b/common/src/main/java/at/gv/egovernment/moa/util/MOADefaultHandler.java deleted file mode 100644 index 7a79bd9e5..000000000 --- a/common/src/main/java/at/gv/egovernment/moa/util/MOADefaultHandler.java +++ /dev/null @@ -1,106 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.util; - -import java.io.IOException; - -import org.xml.sax.EntityResolver; -import org.xml.sax.ErrorHandler; -import org.xml.sax.InputSource; -import org.xml.sax.SAXException; -import org.xml.sax.SAXParseException; -import org.xml.sax.helpers.DefaultHandler; - -/** - * A <code>DefaultHandler</code> that uses a <code>MOAEntityResolver</code> and - * a <code>MOAErrorHandler</code>. - * - * @author Patrick Peck - * @version $Id$ - */ -public class MOADefaultHandler extends DefaultHandler { - /** The <code>EntityResolver</code> to use. */ - private EntityResolver entityResolver; - /** The <code>ErrorHandler</code> to use. */ - private ErrorHandler errorHandler; - - /** - * Create a new <code>MOADefaultHandler</code>. - */ - public MOADefaultHandler() { - entityResolver = new MOAEntityResolver(); - errorHandler = new MOAErrorHandler(); - } - - /** - * Create a new <code>MOADefaultHandler</code>. - * - * @param entityResolver The <code>EntityResolver</code> to use for resolving - * external entities. - * @param errorHandler The <code>ErrorHandler</code> to use for reporting - * parsing errors. - */ - public MOADefaultHandler( - EntityResolver entityResolver, - ErrorHandler errorHandler) { - - this.entityResolver = entityResolver; - this.errorHandler = errorHandler; - } - - /** - * @see org.xml.sax.EntityResolver#resolveEntity(java.lang.String, java.lang.String) - */ - public InputSource resolveEntity(String publicId, String systemId) - throws SAXException { - try { - return entityResolver.resolveEntity(publicId, systemId); - } catch (IOException e) { - return null; - } - } - - /** - * @see org.xml.sax.ErrorHandler#warning(org.xml.sax.SAXParseException) - */ - public void warning(SAXParseException exception) throws SAXException { - errorHandler.warning(exception); - } - - /** - * @see org.xml.sax.ErrorHandler#error(org.xml.sax.SAXParseException) - */ - public void error(SAXParseException exception) throws SAXException { - errorHandler.error(exception); - } - - /** - * @see org.xml.sax.ErrorHandler#fatalError(org.xml.sax.SAXParseException) - */ - public void fatalError(SAXParseException exception) throws SAXException { - errorHandler.fatalError(exception); - } - -} diff --git a/common/src/main/java/at/gv/egovernment/moa/util/MOAEntityResolver.java b/common/src/main/java/at/gv/egovernment/moa/util/MOAEntityResolver.java deleted file mode 100644 index 8f3ffd4c6..000000000 --- a/common/src/main/java/at/gv/egovernment/moa/util/MOAEntityResolver.java +++ /dev/null @@ -1,129 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.util; - -import java.io.InputStream; - -import org.apache.xerces.util.URI; -import org.apache.xerces.util.URI.MalformedURIException; -import org.xml.sax.EntityResolver; -import org.xml.sax.InputSource; - -import at.gv.egovernment.moa.logging.LogMsg; -import at.gv.egovernment.moa.logging.Logger; - -/** - * An <code>EntityResolver</code> that looks up entities stored as - * local resources. - * - * <p>The following DTDs are mapped to local resources: - * <ul> - * <li>The XMLSchema.dtd</li> - * <li>The datatypes.dtd</li> - * </ul> - * </p> - * <p>For all other resources, an attempt is made to resolve them as resources, - * either absolute or relative to <code>Constants.SCHEMA_ROOT</code>. - * - * @author Patrick Peck - * @author Sven Aigner - */ -public class MOAEntityResolver implements EntityResolver { - - /** - * Resolve an entity. - * - * The <code>systemId</code> parameter is used to perform the lookup of the - * entity as a resource, either by interpreting the <code>systemId</code> as - * an absolute resource path, or by appending the last path component of - * <code>systemId</code> to <code>Constants.SCHEMA_ROOT</code>. - * - * @param publicId The public ID of the resource. - * @param systemId The system ID of the resource. - * @return An <code>InputSource</code> from which the entity can be read, or - * <code>null</code>, if the entity could not be found. - * @see org.xml.sax.EntityResolver#resolveEntity(java.lang.String, java.lang.String) - */ - public InputSource resolveEntity(String publicId, String systemId) { - InputStream stream; - int slashPos; - - if (Logger.isDebugEnabled()) { - Logger.debug( - new LogMsg("resolveEntity: p=" + publicId + " s=" + systemId)); - } - - if (publicId != null) { - // check if we can resolve some standard dtd's - if (publicId.equalsIgnoreCase("-//W3C//DTD XMLSchema 200102//EN")) { - return new InputSource( - getClass().getResourceAsStream( - Constants.SCHEMA_ROOT + "XMLSchema.dtd")); - } else if (publicId.equalsIgnoreCase("datatypes")) { - return new InputSource( - getClass().getResourceAsStream( - Constants.SCHEMA_ROOT + "datatypes.dtd")); - } - } else if (systemId != null) { - // get the URI path - try { - URI uri = new URI(systemId); - systemId = uri.getPath(); - - if (!"file".equals(uri.getScheme()) || "".equals(systemId.trim())) { - return null; - } - - } catch (MalformedURIException e) { - return null; - } - - // try to get the resource from the full path - stream = getClass().getResourceAsStream(systemId); - if (stream != null) { - InputSource source = new InputSource(stream); - - source.setSystemId(systemId); - return source; - } - - // try to get the resource from the last path component - slashPos = systemId.lastIndexOf('/'); - if (slashPos >= 0 && systemId.length() > slashPos) { - systemId = systemId.substring(slashPos + 1, systemId.length()); - stream = - getClass().getResourceAsStream(Constants.SCHEMA_ROOT + systemId); - if (stream != null) { - InputSource source = new InputSource(stream); - - source.setSystemId(systemId); - return source; - } - } - } - - return null; // nothing found - let the parser handle the entity - } -}
\ No newline at end of file diff --git a/common/src/main/java/at/gv/egovernment/moa/util/MOAErrorHandler.java b/common/src/main/java/at/gv/egovernment/moa/util/MOAErrorHandler.java deleted file mode 100644 index 3769b264d..000000000 --- a/common/src/main/java/at/gv/egovernment/moa/util/MOAErrorHandler.java +++ /dev/null @@ -1,115 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.util; - -import org.apache.xml.utils.DefaultErrorHandler; -import org.xml.sax.SAXException; -import org.xml.sax.SAXParseException; - -import at.gv.egovernment.moa.logging.LogMsg; -import at.gv.egovernment.moa.logging.Logger; - -/** - * An <code>ErrorHandler</code> that logs a message and throws a - * <code>SAXException</code> upon <code>error</code> and <code>fatal</code> - * parsing errors. - * - * @author Patrick Peck - * @author Sven Aigner - */ -public class MOAErrorHandler extends DefaultErrorHandler { - - - /** - * Logs a warning message. - * - * @see org.xml.sax.ErrorHandler#warning(SAXParseException) - */ - public void warning(SAXParseException exception) throws SAXException { - warn("parser.00", messageParams(exception), null); - } - - /** - * Logs a warning and rethrows the <code>exception</code>. - * - * @see org.xml.sax.ErrorHandler#error(SAXParseException) - */ - public void error(SAXParseException exception) throws SAXException { - warn("parser.01", messageParams(exception), null); - - // if Target attribute is missing in QualifyingProperties - don't throw exception (bug fix for old MOCCA signatures) - if (exception.getMessage().startsWith("cvc-complex-type.4: Attribute 'Target' must appear on element")) - warn("parser.04", new Object[] {"Attribute 'Target' must appear on element 'QualifyingProperties' - ignored for compatibility reasons."}, null); - else - throw exception; - } - - /** - * Logs a warning and rethrows the <code>exception</code>. - * - * @see org.xml.sax.ErrorHandler#fatalError(SAXParseException) - */ - public void fatalError(SAXParseException exception) throws SAXException { - warn("parser.02", messageParams(exception), null); - throw exception; - } - - /** - * Log a warning message. - * - * @param messageId The message ID to log. - * @param parameters Additional message parameters. - * @param t The <code>Throwable</code> to log; usually the cause of this - * warning. - */ - private static void warn( - String messageId, - Object[] parameters, - Throwable t) { - - MessageProvider msg = MessageProvider.getInstance(); - Logger.warn(new LogMsg(msg.getMessage(messageId, parameters)), t); - } - - /** - * Put the system id, line and column number information from the exception - * into an <code>Object</code> array, to provide it as a - * <code>MessageFormat</code> parameter. - * - * @param e The <code>SAXParseException</code> containing the - * source system id and line/column numbers. - * @return An array containing the system id (a <code>String</code>) as well - * as line/column numbers (2 <code>Integer</code> objects) from the - * <code>SAXParseException</code>. - */ - private static Object[] messageParams(SAXParseException e) { - return new Object[] { - e.getMessage(), - e.getSystemId(), - new Integer(e.getLineNumber()), - new Integer(e.getColumnNumber())}; - } - -}
\ No newline at end of file diff --git a/common/src/main/java/at/gv/egovernment/moa/util/MOATimer.java b/common/src/main/java/at/gv/egovernment/moa/util/MOATimer.java deleted file mode 100644 index acc380d1d..000000000 --- a/common/src/main/java/at/gv/egovernment/moa/util/MOATimer.java +++ /dev/null @@ -1,134 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.util; - -import java.util.Map; -import java.util.WeakHashMap; - -/** - * A timer utility for named timers. - * - * @author Sven Aigner - */ -public class MOATimer { - - /** The single instance of this class. */ - private static MOATimer instance = null; - /** The starting points of single timings. */ - private static Map timemapstart = new WeakHashMap(); - /** The end points of single timings. */ - private static Map timemapend = new WeakHashMap(); - - /** - * Return the single instance of this class. - * - * @return The single instance of this class. - */ - public static MOATimer getInstance() { - if (instance == null) { - instance = new MOATimer(); - } - return instance; - } - - /** - * Create a new <code>MOATimer</code>. - * - * Protected to disallow multiple instances. - */ - protected MOATimer() { - super(); - } - - /** - * Start timing a certain action. - * - * The timing belonging to the action ID is garbage collected as soon as there - * exists no other reference to the action ID. - * - * @param id The action ID. - */ - public void startTiming(Object id) { - timemapstart.put(id, new Long(System.currentTimeMillis())); - } - - /** - * Stop timing an action. - * - * @param id The action ID. - */ - public void stopTiming(Object id) { - timemapend.put(id, new Long(System.currentTimeMillis())); - } - - /** - * Get the duration of an action. - * - * @param id The action ID for which to compute the duration. - * @return long The duration in milliseconds between calls to - * <code>startTiming()</code> and <code>stopTiming()</code>. If - * only <code>startTiming()</code> has been called for the action, then - * current difference to the system time is returned. If no timing exists for - * the action, <code>- 1</code> is returned. - */ - public long duration(Object id) { - if (timemapstart.containsKey(id)) { - long start = ((Long) timemapstart.get(id)).longValue(); - if (timemapend.containsKey(id)) { - long end = ((Long) timemapend.get(id)).longValue(); - return end - start; - } else { - return System.currentTimeMillis() - start; - } - } else - return -1; - } - - /** - * Get the duration of an action, as a nicely formatted <code>String</code>. - * - * @param id The action ID. - * @return String The <code>duration()</code> as a <code>String</code>. - */ - public String durationAsString(Object id) { - long dur = duration(id); - long second = dur / 1000; - long mil = (dur) - (second * 1000); - return "Duration: " + second + "." + mil + " seconds"; - } - - /** - * Remove a timing. - * - * @param id The action ID. - */ - public void clearTiming(String id) { - if (timemapstart.containsKey(id)) - timemapstart.remove(id); - if (timemapend.containsKey(id)) - timemapend.remove(id); - } - -} diff --git a/common/src/main/java/at/gv/egovernment/moa/util/MessageProvider.java b/common/src/main/java/at/gv/egovernment/moa/util/MessageProvider.java deleted file mode 100644 index 1623ff1b3..000000000 --- a/common/src/main/java/at/gv/egovernment/moa/util/MessageProvider.java +++ /dev/null @@ -1,87 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.util; - -import java.util.Locale; - -/** - * A singleton wrapper around a <code>Message</code> object. - * - * Provides the messages used in the common project. - * - * @author Patrick Peck - * @version $Id$ - */ -public class MessageProvider { - /** The location of the default message resources. */ - private static final String[] DEFAULT_MESSAGE_RESOURCES = - { "resources/properties/common_messages" }; - /** The locale of the default message resources. */ - private static final Locale[] DEFAULT_MESSAGE_LOCALES = - new Locale[] { new Locale("de", "AT") }; - /** The single instance of this class. */ - private static MessageProvider instance; - - /** The messages provided by this <code>MessageProvider</code>. */ - private Messages messages; - - /** - * Return the single instance of the <code>MessageProvider</code>. - * - * Intialilizes the <code>MessageProvider</code> with the default message - * locations: <code>/resources/properties/common_messages</code>. - * - * @return The single <code>MessageProvider</code>. - */ - public static synchronized MessageProvider getInstance() { - if (instance == null) { - instance = - new MessageProvider(DEFAULT_MESSAGE_RESOURCES, DEFAULT_MESSAGE_LOCALES); - } - return instance; - } - - /** - * Create a <code>MessageProvider</code>. - * - * @param resourceNames The names of the resources containing the messages. - * @param locales The corresponding locales. - */ - protected MessageProvider(String[] resourceNames, Locale[] locales) { - this.messages = new Messages(resourceNames, locales); - } - - /** - * Get the message corresponding to a given message ID. - * - * @param messageId The ID of the message. - * @param parameters The parameters to fill in into the message arguments. - * @return The formatted message. - */ - public String getMessage(String messageId, Object[] parameters) { - return messages.getMessage(messageId, parameters); - } - -} diff --git a/common/src/main/java/at/gv/egovernment/moa/util/Messages.java b/common/src/main/java/at/gv/egovernment/moa/util/Messages.java deleted file mode 100644 index 20de46b43..000000000 --- a/common/src/main/java/at/gv/egovernment/moa/util/Messages.java +++ /dev/null @@ -1,141 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.util; - -import java.text.MessageFormat; -import java.util.Locale; -import java.util.MissingResourceException; -import java.util.PropertyResourceBundle; - -import at.gv.egovernment.moa.logging.Logger; - -/** - * Provides access to the system messages resource used for exception handling - * and logging messages. - * - * Messages must be provided as a resource bundle at the path. - * - * @author Patrick Peck - * @version $Id$ - */ -public class Messages { - /** Error message indicating that no messages are avaiable. */ - private static final String ERROR_MESSAGES_UNAVAILABLE = - "Fehler in der Server-Konfiguration. " - + "Die Fehlertexte konnten nicht geladen werden."; - /** Error message indicating that the message is not available. */ - private static final String ERROR_NO_MESSAGE = - "No errormesseage for error with number.={0}"; - - /** The names of the resources containing the messages. */ - private String[] resourceNames; - /** The corresponding <code>Locale</code>s of the resources. */ - private Locale[] locales; - /** The <code>ResourceBundle</code>s containing the messages. */ - private ResourceBundleChain messages; - - /** - * Create a new <code>Message</code> object containing the messages - * in the given resources. - * - * @param resourceNames The names of the resources containing the messages. - * @param locales The corresponding locales. - */ - public Messages(String[] resourceNames, Locale[] locales) { - this.resourceNames = resourceNames; - this.locales = locales; - this.messages = null; - } - - /** - * Get the message corresponding to a given message ID. - * - * @param messageId The ID of the message. - * @param parameters The parameters to fill in into the message arguments. - * @return The formatted message. - */ - public String getMessage(String messageId, Object[] parameters) { - // initialize messages - if (messages == null) { - initMessages(); - } - - // create the message - if (messages == null) { - return ERROR_MESSAGES_UNAVAILABLE; - } else { - try { - String rawMessage = messages.getString(messageId); - return MessageFormat.format(rawMessage, parameters); - } catch (MissingResourceException e2) { - // couldn't find any message -> set to default error message - return MessageFormat.format( - ERROR_NO_MESSAGE, - new Object[] { messageId }); - } - } - } - - /** - * Return the names of the resources containing the messages. - * - * @return String[] The names of the resource bundles containing the messages. - */ - private String[] getResourceNames() { - return resourceNames; - } - - /** - * Return the <code>Locale</code>s of the resources containing the messages. - * - * @return Locale[] The <code>Locale</code>s of the resource bundles - * containing the messages. - */ - private Locale[] getLocales() { - return locales; - } - - /** - * Initialize the <code>messages</code> <code>ResourceBundle</code> containing - * the MOA error messages. - */ - private void initMessages() { - messages = new ResourceBundleChain(); - int i; - - // initialize the message resources - for (i = 0; i < resourceNames.length; i++) { - try { - messages.addResourceBundle( - PropertyResourceBundle.getBundle( - getResourceNames()[i], - getLocales()[i])); - } catch (MissingResourceException e) { - Logger.error(ERROR_MESSAGES_UNAVAILABLE, e); - } - } - } - -} diff --git a/common/src/main/java/at/gv/egovernment/moa/util/MiscUtil.java b/common/src/main/java/at/gv/egovernment/moa/util/MiscUtil.java deleted file mode 100644 index 246b0eb31..000000000 --- a/common/src/main/java/at/gv/egovernment/moa/util/MiscUtil.java +++ /dev/null @@ -1,315 +0,0 @@ -/* - * Copyright 2011 Federal Chancellery Austria and - * Graz University of Technology - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package at.gv.egovernment.moa.util; - -import iaik.logging.Log; -import iaik.logging.LogFactory; - -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.io.InputStream; -import java.io.OutputStream; -import java.lang.reflect.InvocationTargetException; -import java.nio.channels.Channels; -import java.nio.channels.ReadableByteChannel; -import java.security.cert.CertificateException; -import java.security.cert.CertificateFactory; -import java.security.cert.X509Certificate; -import java.text.ParseException; -import java.text.SimpleDateFormat; -import java.util.Collection; -import java.util.Date; -import java.util.GregorianCalendar; -import java.util.Iterator; -import java.util.Properties; - -import javax.xml.datatype.DatatypeConfigurationException; -import javax.xml.datatype.DatatypeFactory; -import javax.xml.datatype.XMLGregorianCalendar; -import javax.xml.parsers.DocumentBuilder; -import javax.xml.parsers.DocumentBuilderFactory; -import javax.xml.parsers.ParserConfigurationException; -import javax.xml.transform.OutputKeys; -import javax.xml.transform.Source; -import javax.xml.transform.Transformer; -import javax.xml.transform.TransformerException; -import javax.xml.transform.TransformerFactory; -import javax.xml.transform.stream.StreamResult; - -import org.w3c.dom.Document; -import org.xml.sax.SAXException; - -import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.ex.EgovUtilException; - - - -/** - * Class providing several utility methods. - * - * @author <a href="mailto:Arne.Tauber@egiz.gv.at">Arne Tauber</a> - * - */ -public class MiscUtil { - - public static final String DEFAULT_SLASH = "/"; - - private static final int IO_BUFFER_SIZE = 4 * 1024; - - public static void copyStream(InputStream is, OutputStream os) throws IOException { - byte[] b = new byte[IO_BUFFER_SIZE]; - int read; - while ((read = is.read(b)) != -1) { - os.write(b, 0, read); - } - } - - public static void assertNotNull(Object param, String name) { - if (param == null) { - throw new NullPointerException(name + " must not be null."); - } - } - - public static boolean areAllNull(Object... objects) { - for (Object o : objects) { - if (o != null) { - return false; - } - } - return true; - } - - public static String extractContentType(String contentTypeString) { - if (contentTypeString == null) { - return ""; - } - if (contentTypeString.indexOf(";") != -1) { - return contentTypeString.substring(0, contentTypeString.indexOf(";")); - } - return contentTypeString; - } - - public static XMLGregorianCalendar getXMLGregorianCalendar(Date date) - throws DatatypeConfigurationException { - GregorianCalendar cal = (GregorianCalendar) GregorianCalendar.getInstance(); - cal.setTime(date); - return DatatypeFactory.newInstance().newXMLGregorianCalendar(cal); - } - - public static XMLGregorianCalendar getXMLGregorianCalendar(String str) - throws DatatypeConfigurationException { - return DatatypeFactory.newInstance().newXMLGregorianCalendar(str); - } - - public static X509Certificate readCertificate(InputStream certStream) - throws CertificateException { - CertificateFactory cf = CertificateFactory.getInstance("X.509"); - return (X509Certificate) cf.generateCertificate(certStream); - } - - public static boolean isEmpty(String str) { - return str == null || "".equals(str); - } - - public static boolean isNotEmpty(String str) { - return str != null && !"".equals(str); - } - - public static byte[] sourceToByteArray(Source result) - throws TransformerException { - TransformerFactory factory = TransformerFactory.newInstance(); - Transformer transformer = factory.newTransformer(); - transformer.setOutputProperty(OutputKeys.OMIT_XML_DECLARATION, "yes"); - transformer.setOutputProperty(OutputKeys.METHOD, "xml"); - ByteArrayOutputStream out = new ByteArrayOutputStream(); - StreamResult streamResult = new StreamResult(); - streamResult.setOutputStream(out); - transformer.transform(result, streamResult); - return out.toByteArray(); - } - -// public static Document parseDocument(InputStream inputStream) -// throws IOException { -// try { -// DocumentBuilderFactory docBuilderFactory = DocumentBuilderFactory -// .newInstance(); -// docBuilderFactory.setNamespaceAware(true); -// DocumentBuilder docBuilder = docBuilderFactory.newDocumentBuilder(); -// return docBuilder.parse(inputStream); -// } catch (ParserConfigurationException e) { -// throw new IOException(e); -// } catch (SAXException e) { -// throw new IOException(e); -// } -// } - - public static String removePrecedingSlash(String path, String slash) { - assertNotEmpty(slash, "Shash"); - if (!isEmpty(path)) { - while (path.startsWith(slash)) { - path = path.substring(slash.length(), path.length()); - } - } - return path; - } - - public static String removePrecedingSlash(String path) { - return removePrecedingSlash(path, DEFAULT_SLASH); - } - - public static void assertNotEmpty(String param, String name) { - if (param == null) { - throw new NullPointerException(name + " must not be null."); - } - if (param.length() == 0) { - throw new IllegalArgumentException(name + " must not be empty."); - } - } - - @SuppressWarnings("rawtypes") - public static boolean isEmpty(Properties props) { - if (props == null || props.isEmpty()) { - return true; - } - Iterator it = props.values().iterator(); - while (it.hasNext()) { - if (MiscUtil.isNotEmpty((String) it.next())) { - return false; - } - } - return true; - } - - public static boolean isEmpty(Empty empty) { - return empty == null || empty.isEmpty(); - } - - public static boolean isNotEmpty(Empty empty) { - return !isEmpty(empty); - } - - public static boolean isEmpty(byte[] data) { - return data == null || data.length == 0; - } - - public static boolean isNotEmpty(byte[] data) { - return !isEmpty(data); - } - - public static <T> boolean isEmpty(Collection<T> c) { - return c == null || c.isEmpty(); - } - - public static <T> boolean isNotEmpty(Collection<T> c) { - return !isEmpty(c); - } - - public static boolean areAllEmpty(String... strings) { - for (String s : strings) { - if (s != null && s.trim().length() != 0) { - return false; - } - } - return true; - } - - public static boolean areAllEmpty(Empty... empties) { - if (empties != null) { - for (Empty e : empties) { - if (e != null && !e.isEmpty()) { - return false; - } - } - } - return true; - } - - public static <T> void assertNotEmpty(T[] param, String name) { - if (param == null) { - throw new NullPointerException(name + " must not be null."); - } - if (param.length == 0) { - throw new IllegalArgumentException(name + " must not be empty."); - } - } - - public static void assertNotEmpty(Empty empty, String name) { - if (empty == null) { - throw new NullPointerException(name + " must not be null."); - } - if (empty.isEmpty()) { - throw new IllegalArgumentException(name + " must not be empty."); - } - } - - public static void assertNotEmpty(byte[] param, String name) { - if (param == null) { - throw new NullPointerException(name + " must not be null."); - } - if (param.length == 0) { - throw new IllegalArgumentException(name + " must not be empty."); - } - } - - public static Date parseXMLDate(String xmlDate) throws EgovUtilException { - if (xmlDate == null) { - return null; - } - SimpleDateFormat sdf = new SimpleDateFormat("yyyy-MM-dd"); - try { - return sdf.parse(xmlDate); - } catch (ParseException e) { - throw new EgovUtilException(e); - } - } - - public static <T> boolean isEmpty(T[] array) { - return array == null || array.length == 0; - } - - public static <T> boolean isNotEmpty(T[] array) { - return !isEmpty(array); - } - - public static String convertDateFromStandardToXML(String dateString) { - MiscUtil.assertNotNull(dateString, "dateString"); - Date date = parseDate(dateString); - return formatDate(date, "yyyy-MM-dd"); - } - - public static Date parseDate(String dateString) { - return parseDate(dateString, "dd.MM.yyyy"); - } - - public static Date parseDate(String dateString, String pattern) { - MiscUtil.assertNotNull(dateString, "dateString"); - MiscUtil.assertNotNull(pattern, "pattern"); - SimpleDateFormat sdf = new SimpleDateFormat(pattern); - try { - return sdf.parse(dateString); - } catch (ParseException e) { - Logger.warn("Error parsing date.", e); - return null; - } - } - - public static String formatDate(Date date, String format) { - SimpleDateFormat sdf = new SimpleDateFormat(format); - return sdf.format(date); - } - -} diff --git a/common/src/main/java/at/gv/egovernment/moa/util/NodeIteratorAdapter.java b/common/src/main/java/at/gv/egovernment/moa/util/NodeIteratorAdapter.java deleted file mode 100644 index fdc823229..000000000 --- a/common/src/main/java/at/gv/egovernment/moa/util/NodeIteratorAdapter.java +++ /dev/null @@ -1,111 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.util; - -import java.util.ListIterator; - -import org.w3c.dom.DOMException; -import org.w3c.dom.Node; -import org.w3c.dom.traversal.NodeFilter; -import org.w3c.dom.traversal.NodeIterator; - -/** - * A <code>NodeIterator</code> implementation based on a - * <code>ListIterator</code>. - * - * @see java.util.ListIterator - * @see org.w3c.dom.traversal.NodeIterator - * - * @author Patrick Peck - * @version $Id$ - */ -public class NodeIteratorAdapter implements NodeIterator { - - /** The <code>ListIterator</code> to wrap. */ - private ListIterator nodeIterator; - - /** - * Create a new <code>NodeIteratorAdapter</code>. - * @param nodeIterator The <code>ListIterator</code> to iterate over. - */ - public NodeIteratorAdapter(ListIterator nodeIterator) { - this.nodeIterator = nodeIterator; - } - - /** - * @see org.w3c.dom.traversal.NodeIterator#getRoot() - */ - public Node getRoot() { - return null; - } - - /** - * @see org.w3c.dom.traversal.NodeIterator#getWhatToShow() - */ - public int getWhatToShow() { - return NodeFilter.SHOW_ALL; - } - - /** - * @see org.w3c.dom.traversal.NodeIterator#getFilter() - */ - public NodeFilter getFilter() { - return null; - } - - /** - * @see org.w3c.dom.traversal.NodeIterator#getExpandEntityReferences() - */ - public boolean getExpandEntityReferences() { - return false; - } - - /** - * @see org.w3c.dom.traversal.NodeIterator#nextNode() - */ - public Node nextNode() throws DOMException { - if (nodeIterator.hasNext()) { - return (Node) nodeIterator.next(); - } - return null; - } - - /** - * @see org.w3c.dom.traversal.NodeIterator#previousNode() - */ - public Node previousNode() throws DOMException { - if (nodeIterator.hasPrevious()) { - return (Node) nodeIterator.previous(); - } - return null; - } - - /** - * @see org.w3c.dom.traversal.NodeIterator#detach() - */ - public void detach() { - } - -} diff --git a/common/src/main/java/at/gv/egovernment/moa/util/NodeListAdapter.java b/common/src/main/java/at/gv/egovernment/moa/util/NodeListAdapter.java deleted file mode 100644 index e39cc0291..000000000 --- a/common/src/main/java/at/gv/egovernment/moa/util/NodeListAdapter.java +++ /dev/null @@ -1,68 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.util; - -import java.util.List; - -import org.w3c.dom.Node; -import org.w3c.dom.NodeList; - -/** - * A <code>NodeList</code> implementation based on a <code>List</code>. - * - * @see java.util.List - * @see org.w3c.dom.NodeList - * - * @author Patrick Peck - * @version $Id$ - */ -public class NodeListAdapter implements NodeList { - /** The <code>List</code> to wrap. */ - private List nodeList; - - /** - * Create a new <code>NodeListAdapter</code>. - * - * @param nodeList The <code>List</code> containing the nodes. - */ - public NodeListAdapter(List nodeList) { - this.nodeList = nodeList; - } - - /** - * @see org.w3c.dom.NodeList#item(int) - */ - public Node item(int index) { - return (Node) nodeList.get(index); - } - - /** - * @see org.w3c.dom.NodeList#getLength() - */ - public int getLength() { - return nodeList.size(); - } - -} diff --git a/common/src/main/java/at/gv/egovernment/moa/util/OutputXML2File.java b/common/src/main/java/at/gv/egovernment/moa/util/OutputXML2File.java deleted file mode 100644 index e3f8f75a1..000000000 --- a/common/src/main/java/at/gv/egovernment/moa/util/OutputXML2File.java +++ /dev/null @@ -1,102 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -/* - * Created on 26.04.2004 - * - * @author rschamberger - * $ID$ - */ -package at.gv.egovernment.moa.util; - -import org.w3c.dom.Element; - -import at.gv.egovernment.moa.logging.Logger; - -/** - * utility functions to write XML data to files - * @author rschamberger - * @version $Id$ - */ -public class OutputXML2File { - - /** - * writes an XML structure to file if debug is enabled in hierarchy (Encoding: UTF-8) - * - * @param filename file name - * @param rootElem root element in DOM tree - * @param hierarchy of the Logger - */ - public static void debugOutputXML2File(String filename, Element rootElem, String hierarchy) { - if (Logger.isDebugEnabled(hierarchy)) { - outputXML2File(filename, rootElem); - } - } - - /** - * writes an XML structure to file if debug is enabled in hierarchy (Encoding: UTF-8) - * - * @param filename file name - * @param xmlString XML string - * @param hierarchy of the Logger - */ - public static void debugOutputXML2File(String filename, String xmlString, String hierarchy) { - if (Logger.isDebugEnabled(hierarchy)) { - outputXML2File(filename, xmlString); - } - } - - /** - * writes an XML structure to file (Encoding: UTF-8) - * - * @param filename file name - * @param rootElem root element in DOM tree - */ - public static void outputXML2File(String filename, Element rootElem) { - try { - String xmlString = new String(DOMUtils.serializeNode(rootElem)); - outputXML2File(filename, xmlString); - } catch (Exception ex) { - ex.printStackTrace(); - } - } - - /** - * writes an XML structure to file (Encoding: UTF-8) - * - * @param filename file name - * @param xmlString XML string - */ - public static void outputXML2File(String filename, String xmlString) { - try { - java.io.OutputStream fout = new java.io.FileOutputStream(filename); - byte[] xmlData = xmlString.getBytes("UTF-8"); - fout.write(xmlData); - fout.close(); - } catch (Exception ex) { - ex.printStackTrace(); - } - } - -} diff --git a/common/src/main/java/at/gv/egovernment/moa/util/ResourceBundleChain.java b/common/src/main/java/at/gv/egovernment/moa/util/ResourceBundleChain.java deleted file mode 100644 index 234ed89df..000000000 --- a/common/src/main/java/at/gv/egovernment/moa/util/ResourceBundleChain.java +++ /dev/null @@ -1,90 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.util; - -import java.util.ArrayList; -import java.util.Iterator; -import java.util.List; -import java.util.MissingResourceException; -import java.util.ResourceBundle; - -/** - * A class to chain <code>ResourceBundle</code>s. - * - * @author Patrick Peck - * @version $Id$ - */ -public class ResourceBundleChain { - /** Error message indicating the resource is not available. */ - private static final String ERROR_MISSING_RESOURCE = "Missing resource"; - /** The <code>ResourceBundle</code>s contained in this chain. */ - private List resourceBundles = new ArrayList(); - - /** - * Add a <code>ResourceBundle</code> to the chain. - * - * @param resourceBundle The <code>ResourceBundle</code> to add. - */ - public void addResourceBundle(ResourceBundle resourceBundle) { - resourceBundles.add(resourceBundle); - } - - /** - * Return the value of the resource. - * - * @param key The key to access the <code>String</code> resource. - * @return The resource value. All the registered <code>ResourceBundle</code>s - * are searched in the order in which they have previously been added to this - * <code>ResourceBundleChain</code>. - * @throws MissingResourceException The resource coult not be found in any of - * the bundles. - */ - public String getString(String key) throws MissingResourceException { - MissingResourceException lastException = null; - Iterator iter; - - // handle case where no resource bundles have been added - if (resourceBundles.size() == 0) { - throw new MissingResourceException( - ERROR_MISSING_RESOURCE, - this.getClass().getName(), - key); - } - - // try to find the resource in one of the bundles; if it cannot be found, - // return the exception thrown by the last bundle in the list - for (iter = resourceBundles.iterator(); iter.hasNext();) { - ResourceBundle resourceBundle = (ResourceBundle) iter.next(); - try { - String value = resourceBundle.getString(key); - return value; - } catch (MissingResourceException e) { - lastException = e; - } - } - throw lastException; - } - -} diff --git a/common/src/main/java/at/gv/egovernment/moa/util/SSLUtils.java b/common/src/main/java/at/gv/egovernment/moa/util/SSLUtils.java deleted file mode 100644 index c2c67ec58..000000000 --- a/common/src/main/java/at/gv/egovernment/moa/util/SSLUtils.java +++ /dev/null @@ -1,244 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.util; - -import java.io.IOException; -import java.io.InputStream; -import java.security.GeneralSecurityException; -import java.security.KeyStore; - -import javax.net.ssl.KeyManager; -import javax.net.ssl.KeyManagerFactory; -import javax.net.ssl.SSLContext; -import javax.net.ssl.SSLSocketFactory; -import javax.net.ssl.TrustManager; -import javax.net.ssl.TrustManagerFactory; - -/** - * Utility for connecting to server applications via SSL. - * - * @author Paul Ivancsics - * @version $Id$ - */ -public class SSLUtils { - - /** - * Creates an <code>SSLSocketFactory</code> which utilizes the given trust store. - * - * @param trustStoreType key store type of trust store - * @param trustStoreInputStream input stream for reading JKS trust store containing - * trusted server certificates; if <code>null</code>, the default - * trust store will be utilized - * @param trustStorePassword if provided, it will be used to check - * the integrity of the trust store; if omitted, it will not be checked - * @return <code>SSLSocketFactory</code> to be used by an <code>HttpsURLConnection</code> - * @throws IOException thrown while reading from the input stream - * @throws GeneralSecurityException thrown while creating the socket factory - */ - public static SSLSocketFactory getSSLSocketFactory( - String trustStoreType, - InputStream trustStoreInputStream, - String trustStorePassword) - throws IOException, GeneralSecurityException { - - TrustManager[] tms = getTrustManagers(trustStoreType, trustStoreInputStream, trustStorePassword); - SSLContext ctx = SSLContext.getInstance("TLS"); - ctx.init(null, tms, null); - - SSLSocketFactory sf = ctx.getSocketFactory(); - return sf; - } - /** - * Creates an <code>SSLSocketFactory</code> which utilizes the - * given trust store and keystore. - * - * @param trustStore trust store containing trusted server certificates; - * if <code>null</code>, the default trust store will be utilized - * @param clientKeyStoreType key store type of <code>clientKeyStore</code> - * @param clientKeyStoreURL URL of key store containing keys to be used for - * client authentication; if <code>null</code>, the default key store will be utilized - * @param clientKeyStorePassword if provided, it will be used to check - * the integrity of the client key store; if omitted, it will not be checked - * @return <code>SSLSocketFactory</code> to be used by an <code>HttpsURLConnection</code> - * @throws IOException thrown while reading key store file - * @throws GeneralSecurityException thrown while creating the socket factory - */ - public static SSLSocketFactory getSSLSocketFactory( - KeyStore trustStore, - String clientKeyStoreType, - String clientKeyStoreURL, - String clientKeyStorePassword) - throws IOException, GeneralSecurityException { - - SSLContext ctx = getSSLContext( - trustStore, clientKeyStoreType, clientKeyStoreURL, clientKeyStorePassword); - SSLSocketFactory sf = ctx.getSocketFactory(); - return sf; - } - /** - * Creates an <code>SSLContext</code> initialized for the - * given trust store and keystore. - * - * @param trustStore trust store containing trusted server certificates; - * if <code>null</code>, the default trust store will be utilized - * @param clientKeyStoreType key store type of <code>clientKeyStore</code> - * @param clientKeyStoreURL URL of key store containing keys to be used for - * client authentication; if <code>null</code>, the default key store will be utilized - * @param clientKeyStorePassword if provided, it will be used to check - * the integrity of the client key store; if omitted, it will not be checked - * @return <code>SSLContext</code> to be used for creating an <code>SSLSocketFactory</code> - * @throws IOException thrown while reading key store file - * @throws GeneralSecurityException thrown while creating the SSL context - */ - public static SSLContext getSSLContext( - KeyStore trustStore, - String clientKeyStoreType, - String clientKeyStoreURL, - String clientKeyStorePassword) - throws IOException, GeneralSecurityException { - - TrustManager[] tms = getTrustManagers(trustStore); - KeyManager[] kms = getKeyManagers(clientKeyStoreType, clientKeyStoreURL, clientKeyStorePassword); - SSLContext ctx = SSLContext.getInstance("TLS"); - ctx.init(kms, tms, null); - return ctx; - } - /** - * Loads the trust store from an input stream and gets the - * <code>TrustManager</code>s from a default <code>TrustManagerFactory</code>, - * initialized from the given trust store. - * @param trustStoreType key store type of trust store - * @param trustStoreInputStream input stream for reading JKS trust store containing - * trusted server certificates; if <code>null</code>, the default - * trust store will be utilized - * @param trustStorePassword if provided, it will be used to check - * the integrity of the trust store; if omitted, it will not be checked - * @return <code>TrustManager</code>s to be used for creating an - * <code>SSLSocketFactory</code> utilizing the given trust store - * @throws IOException thrown while reading from the input stream - * @throws GeneralSecurityException thrown while initializing the - * default <code>TrustManagerFactory</code> - */ - protected static TrustManager[] getTrustManagers( - String trustStoreType, - InputStream trustStoreInputStream, - String trustStorePassword) - throws IOException, GeneralSecurityException { - - if (trustStoreInputStream == null) - return null; - - // Set up the TrustStore to use. We need to load the file into - // a KeyStore instance. - KeyStore trustStore = KeyStoreUtils.loadKeyStore(trustStoreType, trustStoreInputStream, trustStorePassword); - return getTrustManagers(trustStore); - } - /** - * Gets the <code>TrustManager</code>s from a default <code>TrustManagerFactory</code>, - * initialized from the given trust store. - * - * @param trustStore the trust store to use - * @return <code>TrustManager</code>s to be used for creating an - * <code>SSLSocketFactory</code> utilizing the given trust store - * @throws GeneralSecurityException thrown while initializing the - * default <code>TrustManagerFactory</code> - */ - protected static TrustManager[] getTrustManagers(KeyStore trustStore) - throws GeneralSecurityException { - - if (trustStore == null) - return null; - - // Initialize the default TrustManagerFactory with this KeyStore - String alg=TrustManagerFactory.getDefaultAlgorithm(); - TrustManagerFactory tmFact=TrustManagerFactory.getInstance(alg); - tmFact.init(trustStore); - - // And now get the TrustManagers - TrustManager[] tms=tmFact.getTrustManagers(); - return tms; - } - /** - * Loads the client key store from file and gets the - * <code>KeyManager</code>s from a default <code>KeyManagerFactory</code>, - * initialized from the given client key store. - * @param clientKeyStoreType key store type of <code>clientKeyStore</code> - * @param clientKeyStoreURL URL of key store containing keys to be used for - * client authentication; if <code>null</code>, the default key store will be utilized - * @param clientKeyStorePassword password used to check the integrity of the client key store; - * if <code>null</code>, it will not be checked - * @return <code>KeyManager</code>s to be used for creating an - * <code>SSLSocketFactory</code> utilizing the given client key store - * @throws IOException thrown while reading from the key store file - * @throws GeneralSecurityException thrown while initializing the - * default <code>KeyManagerFactory</code> - */ - public static KeyManager[] getKeyManagers ( - String clientKeyStoreType, - String clientKeyStoreURL, - String clientKeyStorePassword) - throws IOException, GeneralSecurityException { - - if (clientKeyStoreURL == null) - return null; - - // Set up the KeyStore to use. We need to load the file into - // a KeyStore instance. - KeyStore clientKeyStore = KeyStoreUtils.loadKeyStore( - clientKeyStoreType, clientKeyStoreURL, clientKeyStorePassword); - return getKeyManagers(clientKeyStore, clientKeyStorePassword); - } - /** - * Gets the <code>KeyManager</code>s from a default <code>KeyManagerFactory</code>, - * initialized from the given client key store. - * @param clientKeyStore client key store - * @param clientKeyStorePassword if provided, it will be used to check - * the integrity of the client key store; if omitted, it will not be checked - * @return <code>KeyManager</code>s to be used for creating an - * <code>SSLSocketFactory</code> utilizing the given client key store - * @throws GeneralSecurityException thrown while initializing the - * default <code>KeyManagerFactory</code> - */ - public static KeyManager[] getKeyManagers ( - KeyStore clientKeyStore, - String clientKeyStorePassword) - throws GeneralSecurityException { - - if (clientKeyStore == null) - return null; - - // Now we initialize the default KeyManagerFactory with this KeyStore - String alg=KeyManagerFactory.getDefaultAlgorithm(); - KeyManagerFactory kmFact=KeyManagerFactory.getInstance(alg); - char[] password = null; - if (clientKeyStorePassword != null) - password = clientKeyStorePassword.toCharArray(); - kmFact.init(clientKeyStore, password); - - // And now get the KeyManagers - KeyManager[] kms=kmFact.getKeyManagers(); - return kms; - } -} diff --git a/common/src/main/java/at/gv/egovernment/moa/util/StreamEntityResolver.java b/common/src/main/java/at/gv/egovernment/moa/util/StreamEntityResolver.java deleted file mode 100644 index b3bc8ae47..000000000 --- a/common/src/main/java/at/gv/egovernment/moa/util/StreamEntityResolver.java +++ /dev/null @@ -1,88 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.util; - -import java.io.IOException; -import java.io.InputStream; -import java.util.Map; - -import org.xml.sax.EntityResolver; -import org.xml.sax.InputSource; -import org.xml.sax.SAXException; - -/** - * An <code>EntityResolver</code> that maps system IDs to - * <code>InputStream</code>s. - * - * @author Patrick Peck - * @version $Id$ - */ -public class StreamEntityResolver implements EntityResolver { - - /** A mapping from Public ID or System ID to an <code>InputStream</code> - * containing the entity. */ - private Map mappedEntities; - - /** - * Create a <code>StreamEntityResolver</code>. - * - * @param mappedEntities A mapping from public or system IDs - * (<code>String</code> objects) to <code>InputStream</code>s. - */ - public StreamEntityResolver(Map mappedEntities) { - this.mappedEntities = mappedEntities; - } - - /** - * Resolve an entity by looking it up in the mapped entities. - * - * First, the public ID is looked up in the mapping, then the system ID. - * - * @param publicId The public ID of the entity. - * @param systemId The system ID of the entity. - * @return An <code>InputStream</code> containing the entity or - * <code>null</code> if no entity could be found. - * @throws SAXException Signalling a parsing exception. - * @throws IOException Error reading the entity. - */ - public InputSource resolveEntity(String publicId, String systemId) - throws SAXException, IOException { - - InputSource src = null; - - if (publicId != null && mappedEntities.get(publicId) != null) { - src = new InputSource((InputStream) mappedEntities.get(publicId)); - } else if (systemId != null && mappedEntities.get(systemId) != null) { - src = new InputSource((InputStream) mappedEntities.get(systemId)); - } - - if (src != null) { - src.setPublicId(publicId); - src.setSystemId(systemId); - } - - return src; - } -} diff --git a/common/src/main/java/at/gv/egovernment/moa/util/StreamUtils.java b/common/src/main/java/at/gv/egovernment/moa/util/StreamUtils.java deleted file mode 100644 index e4ccd127f..000000000 --- a/common/src/main/java/at/gv/egovernment/moa/util/StreamUtils.java +++ /dev/null @@ -1,197 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.util; - -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.io.InputStream; -import java.io.OutputStream; -import java.io.PrintStream; - -/** - * Utility methods for streams. - * - * @author Patrick Peck - * @version $Id$ - */ -public class StreamUtils { - - /** - * Compare the contents of two <code>InputStream</code>s. - * - * @param is1 The 1st <code>InputStream</code> to compare. - * @param is2 The 2nd <code>InputStream</code> to compare. - * @return boolean <code>true</code>, if both streams contain the exactly the - * same content, <code>false</code> otherwise. - * @throws IOException An error occurred reading one of the streams. - */ - public static boolean compareStreams(InputStream is1, InputStream is2) - throws IOException { - - byte[] buf1 = new byte[256]; - byte[] buf2 = new byte[256]; - int length1; - int length2; - - try { - while (true) { - length1 = is1.read(buf1); - length2 = is2.read(buf2); - - if (length1 != length2) { - return false; - } - if (length1 <= 0) { - return true; - } - if (!compareBytes(buf1, buf2, length1)) { - return false; - } - } - } catch (IOException e) { - throw e; - } finally { - // close both streams - try { - is1.close(); - is2.close(); - } catch (IOException e) { - // ignore this - } - } - } - - /** - * Compare two byte arrays, up to a given maximum length. - * - * @param b1 1st byte array to compare. - * @param b2 2nd byte array to compare. - * @param length The maximum number of bytes to compare. - * @return <code>true</code>, if the byte arrays are equal, <code>false</code> - * otherwise. - */ - private static boolean compareBytes(byte[] b1, byte[] b2, int length) { - if (b1.length != b2.length) { - return false; - } - - for (int i = 0; i < b1.length && i < length; i++) { - if (b1[i] != b2[i]) { - return false; - } - } - - return true; - } - - /** - * Reads a byte array from a stream. - * @param in The <code>InputStream</code> to read. - * @return The bytes contained in the given <code>InputStream</code>. - * @throws IOException on any exception thrown - */ - public static byte[] readStream(InputStream in) throws IOException { - - ByteArrayOutputStream out = new ByteArrayOutputStream(); - copyStream(in, out, null); - - /* - ByteArrayOutputStream out = new ByteArrayOutputStream(); - int b; - while ((b = in.read()) >= 0) - out.write(b); - - */ - in.close(); - return out.toByteArray(); - } - - /** - * Reads a <code>String</code> from a stream, using given encoding. - * @param in The <code>InputStream</code> to read. - * @param encoding The character encoding to use for converting the bytes - * of the <code>InputStream</code> into a <code>String</code>. - * @return The content of the given <code>InputStream</code> converted into - * a <code>String</code>. - * @throws IOException on any exception thrown - */ - public static String readStream(InputStream in, String encoding) throws IOException { - ByteArrayOutputStream out = new ByteArrayOutputStream(); - copyStream(in, out, null); - - /* - ByteArrayOutputStream out = new ByteArrayOutputStream(); - int b; - while ((b = in.read()) >= 0) - out.write(b); - */ - in.close(); - return out.toString(encoding); - } - - /** - * Reads all data (until EOF is reached) from the given source to the - * destination stream. If the destination stream is null, all data is dropped. - * It uses the given buffer to read data and forward it. If the buffer is - * null, this method allocates a buffer. - * - * @param source The stream providing the data. - * @param destination The stream that takes the data. If this is null, all - * data from source will be read and discarded. - * @param buffer The buffer to use for forwarding. If it is null, the method - * allocates a buffer. - * @exception IOException If reading from the source or writing to the - * destination fails. - */ - private static void copyStream(InputStream source, OutputStream destination, byte[] buffer) throws IOException { - if (source == null) { - throw new NullPointerException("Argument \"source\" must not be null."); - } - if (buffer == null) { - buffer = new byte[8192]; - } - - if (destination != null) { - int bytesRead; - while ((bytesRead = source.read(buffer)) >= 0) { - destination.write(buffer, 0, bytesRead); - } - } else { - while (source.read(buffer) >= 0); - } - } - - /** - * Gets the stack trace of the <code>Throwable</code> passed in as a string. - * @param t The <code>Throwable</code>. - * @return a String representing the stack trace of the <code>Throwable</code>. - */ - public static String getStackTraceAsString(Throwable t) - { - ByteArrayOutputStream stackTraceBIS = new ByteArrayOutputStream(); - t.printStackTrace(new PrintStream(stackTraceBIS)); - return new String(stackTraceBIS.toByteArray()); - } -} diff --git a/common/src/main/java/at/gv/egovernment/moa/util/StringUtils.java b/common/src/main/java/at/gv/egovernment/moa/util/StringUtils.java deleted file mode 100644 index ad879d2b6..000000000 --- a/common/src/main/java/at/gv/egovernment/moa/util/StringUtils.java +++ /dev/null @@ -1,178 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.util; - -import java.util.StringTokenizer; - -/** - * Utitility functions for string manipulations. - * - * @author Harald Bratko - */ -public class StringUtils { - - /** - * Removes all blanks and tabs from the given string. - * - * @param s The string to remove all blanks and tabs from. - * @return The input string with all blanks and tabs removed from. - */ - public static String removeBlanks(String s) { - StringTokenizer st = new StringTokenizer(s); - StringBuffer sb = new StringBuffer(s.length()); - while (st.hasMoreTokens()) { - sb.append(st.nextToken()); - } - return sb.toString(); - } - - /** - * Removes all occurences of the specified token from the the given string. - * - * @param s The string to remove all occurences of the specified token from. - * @return The input string with all occurences of the specified token removed from. - */ - public static String removeToken(String s, String token) { - StringTokenizer st = new StringTokenizer(s, token); - StringBuffer sb = new StringBuffer(s.length()); - while (st.hasMoreTokens()) { - sb.append(st.nextToken()); - } - return sb.toString(); - } - - /** - * Removes all leading zeros from the input string. - * - * @param s The string remove the leading zeros from. - * @return The input string with the leading zeros removed from. - */ - public static String deleteLeadingZeros(String s) { - StringBuffer sb = new StringBuffer(s); - int l = sb.length(); - int j = 0; - for (int i=0; i<l; i++) { - if (sb.charAt(i) == '0') { - j++; - } else { - break; - } - } - return sb.substring(j, l); - } - - /** - * Replaces each substring of string <code>s</code> that matches the given - * <code>search</code> string by the given <code>replace</code> string. - * - * @param s The string where the replacement should take place. - * @param search The pattern that should be replaced. - * @param replace The string that should replace all each <code>search</code> - * string within <code>s</code>. - * @return A string where all occurrence of <code>search</code> are - * replaced with <code>replace</code>. - */ - public static String replaceAll (String s, String search, String replace) - { - StringBuffer sb = new StringBuffer(); - int i = 0, j = 0; - int len = search.length(); - while (j > -1) - { - j = s.indexOf(search, i); - - if (j > -1) - { - sb.append(s.substring(i,j)); - sb.append(replace); - i = j + len; - } - } - - sb.append(s.substring(i, s.length())); - - return sb.toString(); - } - - /** - * Changes the SecurityLayer version in the given string. - * This method usually takes as input an XML structure represented in a string - * format and changes the SecurityLayer namespaces prefixes and URIs from - * one SecurityLayer version to another. - * e.g.: code>sl10</code> to <code>sl</code> and - * <code>http://www.buergerkarte.at/namespaces/securitylayer/20020225#</code> - * to - * <code>http://www.buergerkarte.at/namespaces/securitylayer/1.2#</code> - * - * @param s The string (usally an XML structure) where the - * SecurityLayer version should be changed. - * @param slPrefixOld The SecurityLayer namespace prefix that should be - * replaced by the new one. - * @param slPrefixNew The new SecurityLayer namespace prefix that should - * replace the old one. - * @param slNSUriOld The SecurityLayer namespace URI that should be - * replaced by the new one. - * @param slNSUriNew The new SecurityLayer namespace URI that should - * replace the old one. - * @return A string where the SecurityLayer namespace prefixes - * and URIs are replaced by new ones. - */ - public static String changeSLVersion(String s, String slPrefixOld, String slPrefixNew, String slNSUriOld, String slNSUriNew) { - String retString = replaceAll(s, slPrefixOld, slPrefixNew); - retString = replaceAll(retString, slNSUriOld, slNSUriNew); - return retString ; - } - - /** - * Removes the XML declaration from an XML expression. - * - * @param xmlString XML expression as String - * - * @return XML expression, XML declaration removed - */ - public static String removeXMLDeclaration(String xmlString) { - if (xmlString!=null && xmlString.startsWith("<?xml")) { - int firstElement = xmlString.indexOf("<", 1); - return xmlString.substring(firstElement); - } else { - return xmlString; - } - } - - /** - * Checks if String is empty - * @param s String to be checked if empty - * @return True if String is empty, false otherwise - */ - public static boolean isEmpty(String s) { - if (s == null || s.length() == 0) - return true; - else - return false; - - } - - -} diff --git a/common/src/main/java/at/gv/egovernment/moa/util/URLDecoder.java b/common/src/main/java/at/gv/egovernment/moa/util/URLDecoder.java deleted file mode 100644 index 66739a7a4..000000000 --- a/common/src/main/java/at/gv/egovernment/moa/util/URLDecoder.java +++ /dev/null @@ -1,84 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.util; - -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.io.StringReader; -import java.io.UnsupportedEncodingException; - -/** - * Decodes an URL encoded String using a specified character encoding. - * Provides a function missing in JDK 1.3. - * @author Paul Ivancsics - * @version $Id$ - */ -public class URLDecoder { - - /** - * Decodes an <code>application/x-www-form-urlencoded</code> string using a specific encoding scheme. - * @param s the string to decode - * @param encoding name of character encoding - * @return the newly decoded string - * @throws UnsupportedEncodingException if the encoding is not supported - */ - public static String decode(String s, String encoding) throws UnsupportedEncodingException { - StringReader in = new StringReader(s); - ByteArrayOutputStream bout = new ByteArrayOutputStream(); - for (int b = read(in); b >= 0; b = read(in)) - bout.write(b); - return bout.toString(encoding); - } - /** - * Decodes the next byte from the string reader. - * @param in string reader - * @return the next byte decoded; - * -1 upon end of string, on erroneous data, and on any exception caught - * @todo syntax check on string - */ - private static int read(StringReader in) { - try { - int b = in.read(); - if (b == '+') - return ' '; - if (b == '%') { - char[] hex = new char[2]; - if (in.read(hex, 0, 2) >= 0) { - String hexString = new String(hex); - return Integer.valueOf(hexString, 16).intValue(); - } - else - return -1; - } - return b; - } - catch (IOException ex) { - return -1; - } - catch (NumberFormatException ex) { - return -1; - } - } -} diff --git a/common/src/main/java/at/gv/egovernment/moa/util/URLEncoder.java b/common/src/main/java/at/gv/egovernment/moa/util/URLEncoder.java deleted file mode 100644 index e6df1fd33..000000000 --- a/common/src/main/java/at/gv/egovernment/moa/util/URLEncoder.java +++ /dev/null @@ -1,89 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.util; - -import java.io.ByteArrayInputStream; -import java.io.StringWriter; -import java.io.UnsupportedEncodingException; - -/** - * Translates a string into mime format "x-www-form-urlencoded". - * Provides a function missing in JDK 1.3. - * @author Paul Ivancsics - * @version $Id$ - */ -public class URLEncoder { - - /** - * Translates a string into x-www-form-urlencoded format. - * @param s the string to be translated - * @param encoding the encoding to use - * @return the translated string - * @throws UnsupportedEncodingException when the desired encoding is not supported - */ - public static String encode(String s, String encoding) throws UnsupportedEncodingException { -// if (MiscUtil.isEmpty(s)) -// return null; - byte[] barr = s.getBytes(encoding); - ByteArrayInputStream bin = new ByteArrayInputStream(barr); - StringWriter out = new StringWriter(); - for (int b = bin.read(); b >= 0; b = bin.read()) - encode(b, out); - return out.toString(); - } - - /** - * Encode a character. - * @param ch The character to encode. - * @param out The <code>StringWriter</code> containing the result. - */ - private static void encode(int ch, StringWriter out) { - if ((ch >= 'a' && ch <= 'z') - || (ch >= 'A' && ch <= 'Z') - || (ch >= '0' && ch <= '9') - || ch == '.' || ch == '-' || ch == '*' || ch == '_') - out.write(ch); - else if (ch == ' ') - out.write('+'); - else - encodeHex(ch, out); - } - - /** - * Encode a character as an escaped hex value. - * @param ch The character to encode. - * @param out The <code>StringWriter</code> containing the result. - */ - private static void encodeHex(int ch, StringWriter out) { - out.write('%'); - String hex = Integer.toHexString(ch).toUpperCase(); - if (hex.length() < 2) - out.write('0'); - else - out.write(hex.charAt(hex.length() - 2)); - out.write(hex.charAt(hex.length() - 1)); - } - -} diff --git a/common/src/main/java/at/gv/egovernment/moa/util/XPathException.java b/common/src/main/java/at/gv/egovernment/moa/util/XPathException.java deleted file mode 100644 index 206245a68..000000000 --- a/common/src/main/java/at/gv/egovernment/moa/util/XPathException.java +++ /dev/null @@ -1,86 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.util; - -import java.io.PrintStream; -import java.io.PrintWriter; - -/** - * An exception occurred evaluating an XPath. - * - * @author Patrick Peck - * @version $Id$ - */ -public class XPathException extends RuntimeException { - /** - * - */ - private static final long serialVersionUID = 1736311265333034392L; -/** The wrapped exception. */ - private Throwable wrapped; - - /** - * Create a <code>XPathException</code>. - * - * @param message The exception message. - * @param wrapped The exception being the likely cause of this exception. - */ - public XPathException(String message, Throwable wrapped) { - super(message); - this.wrapped = wrapped; - } - - /** - * Return the wrapped exception. - * - * @return The wrapped exception being the likely cause of this exception. - */ - public Throwable getWrapped() { - return wrapped; - } - - /** - * @see java.lang.Throwable#printStackTrace(java.io.PrintStream) - */ - public void printStackTrace(PrintStream s) { - super.printStackTrace(s); - if (getWrapped() != null) { - s.print("Caused by: "); - getWrapped().printStackTrace(s); - } - } - - /** - * @see java.lang.Throwable#printStackTrace(java.io.PrintWriter) - */ - public void printStackTrace(PrintWriter s) { - super.printStackTrace(s); - if (getWrapped() != null) { - s.print("Caused by: "); - getWrapped().printStackTrace(s); - } - } - -} diff --git a/common/src/main/java/at/gv/egovernment/moa/util/XPathUtils.java b/common/src/main/java/at/gv/egovernment/moa/util/XPathUtils.java deleted file mode 100644 index 89aeaf3d1..000000000 --- a/common/src/main/java/at/gv/egovernment/moa/util/XPathUtils.java +++ /dev/null @@ -1,557 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.util; - -import java.util.List; -import java.util.Map; - -import org.w3c.dom.Attr; -import org.w3c.dom.Element; -import org.w3c.dom.Node; -import org.w3c.dom.NodeList; -import org.w3c.dom.traversal.NodeIterator; - -import org.jaxen.JaxenException; -import org.jaxen.NamespaceContext; -import org.jaxen.Navigator; -import org.jaxen.SimpleNamespaceContext; -import org.jaxen.dom.DOMXPath; -import org.jaxen.dom.DocumentNavigator; - -/** - * Utility methods to evaluate XPath expressions on DOM nodes. - * - * @author Patrick Peck - * @version $Id$ - */ -public class XPathUtils { - - /** - * The XPath expression selecting all nodes under a given root (including the - * root node itself). - */ - public static final String ALL_NODES_XPATH = - "(.//. | .//@* | .//namespace::*)"; - - /** The <code>DocumentNavigator</code> to use for navigating the document. */ - private static Navigator documentNavigator = - DocumentNavigator.getInstance(); - /** The default namespace prefix to namespace URI mappings. */ - private static NamespaceContext NS_CONTEXT; - - static { - SimpleNamespaceContext ctx = new SimpleNamespaceContext(); - ctx.addNamespace(Constants.MOA_PREFIX, Constants.MOA_NS_URI); - ctx.addNamespace(Constants.MOA_CONFIG_PREFIX, Constants.MOA_CONFIG_NS_URI); - ctx.addNamespace(Constants.MOA_ID_CONFIG_PREFIX, Constants.MOA_ID_CONFIG_NS_URI); - ctx.addNamespace(Constants.SL10_PREFIX, Constants.SL10_NS_URI); - ctx.addNamespace(Constants.SL11_PREFIX, Constants.SL11_NS_URI); - ctx.addNamespace(Constants.SL12_PREFIX, Constants.SL12_NS_URI); - ctx.addNamespace(Constants.ECDSA_PREFIX, Constants.ECDSA_NS_URI); - ctx.addNamespace(Constants.PD_PREFIX, Constants.PD_NS_URI); - ctx.addNamespace(Constants.SAML_PREFIX, Constants.SAML_NS_URI); - ctx.addNamespace(Constants.SAMLP_PREFIX, Constants.SAMLP_NS_URI); - ctx.addNamespace(Constants.DSIG_PREFIX, Constants.DSIG_NS_URI); - ctx.addNamespace(Constants.XSLT_PREFIX, Constants.XSLT_NS_URI); - ctx.addNamespace(Constants.XSI_PREFIX, Constants.XSI_NS_URI); - ctx.addNamespace(Constants.DSIG_FILTER2_PREFIX, Constants.DSIG_FILTER2_NS_URI); - ctx.addNamespace(Constants.DSIG_EC_PREFIX, Constants.DSIG_EC_NS_URI); - ctx.addNamespace(Constants.MD_PREFIX, Constants.MD_NS_URI); - ctx.addNamespace(Constants.MDP_PREFIX, Constants.MDP_NS_URI); - ctx.addNamespace(Constants.MVV_PREFIX, Constants.MVV_NS_URI); - ctx.addNamespace(Constants.STB_PREFIX, Constants.STB_NS_URI); - ctx.addNamespace(Constants.WRR_PREFIX, Constants.WRR_NS_URI); - ctx.addNamespace(Constants.STORK_PREFIX, Constants.STORK_NS_URI); - ctx.addNamespace(Constants.STORKP_PREFIX, Constants.STORKP_NS_URI); - ctx.addNamespace(Constants.SAML2_PREFIX, Constants.SAML2_NS_URI); - ctx.addNamespace(Constants.SAML2P_PREFIX, Constants.SAML2P_NS_URI); - ctx.addNamespace(Constants.XENC_PREFIX, Constants.XENC_NS_URI); - ctx.addNamespace(Constants.XADES_1_1_1_NS_PREFIX, Constants.XADES_1_1_1_NS_URI); - NS_CONTEXT = ctx; - } - - /** - * Return a <code>NodeIterator</code> over the nodes matching the XPath - * expression. - * - * All namespace URIs and prefixes declared in the <code>Constants</code> - * interface are used for resolving namespaces. - * - * @param contextNode The root node from which to evaluate the XPath - * expression. - * @param exp The XPath expression to evaluate. - * @return An iterator over the resulting nodes. - * @throws XPathException An error occurred evaluating the XPath expression. - */ - public static NodeIterator selectNodeIterator(Node contextNode, String exp) - throws XPathException { - - return selectNodeIterator(contextNode, NS_CONTEXT, exp); - } - - /** - * Return a <code>NodeIterator</code> over the nodes matching the XPath - * expression. - * - * @param contextNode The root node from which to evaluate the XPath - * expression. - * @param namespaceElement An element from which to build the - * namespace mapping for evaluating the XPath expression - * @param exp The XPath expression to evaluate. - * @return An iterator over the resulting nodes. - * @throws XPathException An error occurred evaluating the XPath expression. - */ - public static NodeIterator selectNodeIterator( - Node contextNode, - Element namespaceElement, - String exp) - throws XPathException { - - try { - SimpleNamespaceContext ctx = new SimpleNamespaceContext(); - ctx.addElementNamespaces(documentNavigator, namespaceElement); - return selectNodeIterator(contextNode, ctx, exp); - } catch (JaxenException e) { - MessageProvider msg = MessageProvider.getInstance(); - String message = msg.getMessage("xpath.00", new Object[] { exp }); - throw new XPathException(message, e); - } - } - - /** - * Return a <code>NodeIterator</code> over the nodes matching the XPath - * expression. - * - * @param contextNode The root node from which to evaluate the XPath - * expression. - * @param namespaceMapping A namespace prefix to namespace URI mapping - * (<code>String</code> to <code>String</code>) for evaluating the XPath - * expression. - * @param exp The XPath expression to evaluate. - * @return An iterator over the resulting nodes. - * @throws XPathException An error occurred evaluating the XPath expression. - */ - public static NodeIterator selectNodeIterator( - Node contextNode, - Map namespaceMapping, - String exp) - throws XPathException { - - SimpleNamespaceContext ctx = new SimpleNamespaceContext(namespaceMapping); - - return selectNodeIterator(contextNode, ctx, exp); - } - - /** - * Return a <code>NodeIterator</code> over the nodes matching the XPath - * expression. - * - * @param contextNode The root node from which to evaluate the XPath - * expression. - * @param nsContext The <code>NamespaceContext</code> for resolving namespace - * prefixes to namespace URIs for evaluating the XPath expression. - * @param exp The XPath expression to evaluate. - * @return An iterator over the resulting nodes. - * @throws XPathException An error occurred evaluating the XPath expression. - */ - private static NodeIterator selectNodeIterator( - Node contextNode, - NamespaceContext nsContext, - String exp) - throws XPathException { - - try { - DOMXPath xpath = new DOMXPath(exp); - List nodes; - - xpath.setNamespaceContext(nsContext); - nodes = xpath.selectNodes(contextNode); - return new NodeIteratorAdapter(nodes.listIterator()); - } catch (JaxenException e) { - MessageProvider msg = MessageProvider.getInstance(); - String message = msg.getMessage("xpath.00", new Object[] { exp }); - throw new XPathException(message, e); - } - } - - /** - * Return a <code>NodeList</code> of all the nodes matching the XPath - * expression. - * - * All namespace URIs and prefixes declared in the <code>Constants</code> - * interface are used for resolving namespaces. - * - * @param contextNode The root node from which to evaluate the XPath - * expression. - * @param exp The XPath expression to evaluate. - * @return A <code>NodeList</code> containing the matching nodes. - * @throws XPathException An error occurred evaluating the XPath expression. - */ - public static NodeList selectNodeList(Node contextNode, String exp) - throws XPathException { - - return selectNodeList(contextNode, NS_CONTEXT, exp); - } - - /** - * Return a <code>NodeList</code> of all the nodes matching the XPath - * expression. - * - * @param contextNode The root node from which to evaluate the XPath - * expression. - * @param namespaceElement An element from which to build the - * namespace mapping for evaluating the XPath expression - * @param exp The XPath expression to evaluate. - * @return A <code>NodeList</code> containing the matching nodes. - * @throws XPathException An error occurred evaluating the XPath expression. - */ - public static NodeList selectNodeList( - Node contextNode, - Element namespaceElement, - String exp) - throws XPathException { - - try { - SimpleNamespaceContext ctx = new SimpleNamespaceContext(); - - ctx.addElementNamespaces(documentNavigator, namespaceElement); - return selectNodeList(contextNode, ctx, exp); - } catch (JaxenException e) { - MessageProvider msg = MessageProvider.getInstance(); - String message = msg.getMessage("xpath.00", new Object[] { exp }); - throw new XPathException(message, e); - } - } - - /** - * Return a <code>NodeList</code> of all the nodes matching the XPath - * expression. - * - * @param contextNode The root node from which to evaluate the XPath - * expression. - * @param namespaceMapping A namespace prefix to namespace URI mapping - * (<code>String</code> to <code>String</code>) for evaluating the XPath - * expression. - * @param exp The XPath expression to evaluate. - * @return A <code>NodeList</code> containing the matching nodes. - * @throws XPathException An error occurred evaluating the XPath expression. - */ - public static NodeList selectNodeList( - Node contextNode, - Map namespaceMapping, - String exp) - throws XPathException { - - SimpleNamespaceContext ctx = new SimpleNamespaceContext(namespaceMapping); - - return selectNodeList(contextNode, ctx, exp); - } - - /** - * Return a <code>NodeList</code> of all the nodes matching the XPath - * expression. - * - * @param contextNode The root node from which to evaluate the XPath - * expression. - * @param nsContext The <code>NamespaceContext</code> for resolving namespace - * prefixes to namespace URIs for evaluating the XPath expression. - * @param exp The XPath expression to evaluate. - * @return A <code>NodeList</code> containing the matching nodes. - * @throws XPathException An error occurred evaluating the XPath expression. - */ - private static NodeList selectNodeList( - Node contextNode, - NamespaceContext nsContext, - String exp) - throws XPathException { - - try { - DOMXPath xpath = new DOMXPath(exp); - List nodes; - - xpath.setNamespaceContext(nsContext); - nodes = xpath.selectNodes(contextNode); - return new NodeListAdapter(nodes); - } catch (JaxenException e) { - MessageProvider msg = MessageProvider.getInstance(); - String message = msg.getMessage("xpath.00", new Object[] { exp }); - throw new XPathException(message, e); - } - } - - /** - * Select the first node matching an XPath expression. - * - * All namespace URIs and prefixes declared in the <code>Constants</code> - * interface are used for resolving namespaces. - * - * @param contextNode The root node from which to evaluate the XPath - * expression. - * @param exp The XPath expression to evaluate. - * @return Node The first node matching the XPath expression, or - * <code>null</code>, if no node matched. - * @throws XPathException An error occurred evaluating the XPath expression. - */ - public static Node selectSingleNode(Node contextNode, String exp) - throws XPathException { - - return selectSingleNode(contextNode, NS_CONTEXT, exp); - } - - /** - * Select the first node matching an XPath expression. - * - * @param contextNode The root node from which to evaluate the XPath - * expression. - * @param namespaceElement An element from which to build the - * namespace mapping for evaluating the XPath expression - * @param exp The XPath expression to evaluate. - * @return Node The first node matching the XPath expression, or - * <code>null</code>, if no node matched. - * @throws XPathException An error occurred evaluating the XPath expression. - */ - public static Node selectSingleNode( - Node contextNode, - Element namespaceElement, - String exp) - throws XPathException { - - try { - SimpleNamespaceContext ctx = new SimpleNamespaceContext(); - ctx.addElementNamespaces(documentNavigator, namespaceElement); - - return selectSingleNode(contextNode, ctx, exp); - } catch (JaxenException e) { - MessageProvider msg = MessageProvider.getInstance(); - String message = msg.getMessage("xpath.00", new Object[] { exp }); - throw new XPathException(message, e); - } - } - - /** - * Select the first node matching an XPath expression. - * - * @param contextNode The root node from which to evaluate the XPath - * expression. - * @param namespaceMapping A namespace prefix to namespace URI mapping - * (<code>String</code> to <code>String</code>) for evaluating the XPath - * expression. - * @param exp The XPath expression to evaluate. - * @return Node The first node matching the XPath expression, or - * <code>null</code>, if no node matched. - * @throws XPathException An error occurred evaluating the XPath expression. - */ - public static Node selectSingleNode( - Node contextNode, - Map namespaceMapping, - String exp) - throws XPathException { - - SimpleNamespaceContext ctx = new SimpleNamespaceContext(namespaceMapping); - - return selectSingleNode(contextNode, ctx, exp); - } - - /** - * Select the first node matching an XPath expression. - * - * @param contextNode The root node from which to evaluate the XPath - * expression. - * @param nsContext The <code>NamespaceContext</code> for resolving namespace - * prefixes to namespace URIs for evaluating the XPath expression. - * @param exp The XPath expression to evaluate. - * @return Node The first node matching the XPath expression, or - * <code>null</code>, if no node matched. - * @throws XPathException An error occurred evaluating the XPath expression. - */ - public static Node selectSingleNode( - Node contextNode, - NamespaceContext nsContext, - String exp) - throws XPathException { - - try { - DOMXPath xpath = new DOMXPath(exp); - xpath.setNamespaceContext(nsContext); - return (Node) xpath.selectSingleNode(contextNode); - } catch (JaxenException e) { - MessageProvider msg = MessageProvider.getInstance(); - String message = msg.getMessage("xpath.00", new Object[] { exp }); - throw new XPathException(message, e); - } - } - - /** - * Return the value of a DOM element whose location is given by an XPath - * expression. - * - * @param root The root element from which to evaluate the XPath. - * @param xpath The XPath expression pointing to the element whose value - * to return. - * @param def The default value to return, if no element can be found using - * the given <code>xpath</code>. - * @return The element value, if it can be located using the - * <code>xpath</code>. Otherwise, <code>def</code> is returned. - */ - public static String getElementValue( - Element root, - String xpath, - String def) { - - Element elem = (Element) XPathUtils.selectSingleNode(root, xpath); - return elem != null ? DOMUtils.getText(elem) : def; - } - - /** - * Return the value of a DOM attribute whose location is given by an XPath - * expression. - * - * @param root The root element from which to evaluate the XPath. - * @param xpath The XPath expression pointing to the attribute whose value to - * return. - * @param def The default value to return, if no attribute can be found using - * the given <code>xpath</code>. - * @return The element value, if it can be located using the - * <code>xpath</code>. Otherwise, <code>def</code> is returned. - */ - public static String getAttributeValue( - Element root, - String xpath, - String def) { - - Attr attr = (Attr) XPathUtils.selectSingleNode(root, xpath); - return attr != null ? attr.getValue() : def; - } - - /** - * Returns the namespace prefix used within <code>XPathUtils</code> for referring to - * the namespace of the specified (Security Layer command) element. - * - * This namespace prefix can be used in various XPath expression evaluation methods - * within <code> XPathUtils</code> without explicitely binding it to the particular - * namespace. - * - * @param contextElement The (Security Layer command) element. - * - * @return the namespace prefix used within <code>XPathUtils</code> for referring to - * the namespace of the specified (Security Layer command) element. - * - * throws XpathException If the specified element has a namespace other than the ones - * known by this implementation as valid Security Layer namespaces (cf. - * @link Constants#SL10_NS_URI, @link Constants#SL11_NS_URI, @link Constants#SL12_NS_URI). - */ - public static String getSlPrefix (Element contextElement) throws XPathException - { - String sLNamespace = contextElement.getNamespaceURI(); - String sLPrefix = null; - - if (sLNamespace.equals(Constants.SL10_NS_URI)) - { - sLPrefix = Constants.SL10_PREFIX; - } - else if (sLNamespace.equals(Constants.SL12_NS_URI)) - { - sLPrefix = Constants.SL12_PREFIX; - } - else if (sLNamespace.equals(Constants.SL11_NS_URI)) - { - sLPrefix = Constants.SL11_PREFIX; - } - else - { - MessageProvider msg = MessageProvider.getInstance(); - String message = msg.getMessage("xpath.00", new Object[] { "Ung�ltiger Security Layer Namespace: \"" + sLNamespace + "\"."}); - throw new XPathException(message, null); - } - - return sLPrefix; - } - - - /** - * Return the SecurityLayer namespace prefix of the context element. - * If the context element is not the element that lies within the - * SecurityLayer namespace. The Securitylayer namespace is derived from - * the <code>xmlns:sl10</code>, <code>sl11</code> or <code>sl</code> - * attribute of the context element. - * - * The returned prefix is needed for evaluating XPATH expressions. - * - * @param contextElement The element to get a prefix for the Securitylayer namespace, - * that is used within the corresponding document. - * - * @return The string <code>sl10</code>, <code>sl11</code> or <code>sl</code>, - * depending on the SecurityLayer namespace of the contextElement. - * - * throws XPathException If no (vlalid) SecurityLayer namespace prefix or namespace - * is defined. - */ - public static String getSlPrefixFromNoRoot (Element contextElement) throws XPathException { - - String slPrefix = checkSLnsDeclaration(contextElement, Constants.SL10_PREFIX, Constants.SL10_NS_URI); - if (slPrefix == null) { - slPrefix = checkSLnsDeclaration(contextElement, Constants.SL11_PREFIX, Constants.SL11_NS_URI); - } - if (slPrefix == null) { - slPrefix = checkSLnsDeclaration(contextElement, Constants.SL12_PREFIX, Constants.SL12_NS_URI); - } - - return slPrefix; - - } - - /** - * Checks if the context element has an attribute <code>xmlns:slPrefix</code> and - * if the prefix of that attribute corresponds with a valid SecurityLayer namespace. - * - * @param contextElement The element to be checked. - * @param slPrefix The prefix which should be checked. Must be a valid SecurityLayer - * namespace prefix. - * @param slNameSpace The SecurityLayer namespace that corresponds to the specified prefix. - * - * @return The valid SecurityLayer prefix or <code>null</code> if this prefix is - * not used. - * @throws XPathException - */ - private static String checkSLnsDeclaration(Element contextElement, String slPrefix, String slNameSpace) - throws XPathException - { - String nsAtt = "xmlns:" + slPrefix; - String nameSpace = contextElement.getAttribute(nsAtt); - if (nameSpace == "") { - return null; - } else { - // check if namespace is correct - if (nameSpace.equals(slNameSpace)) { - return slPrefix; - } else { - MessageProvider msg = MessageProvider.getInstance(); - String message = msg.getMessage("xpath.00", new Object[] { "Ung�ltiger SecurityLayer Namespace: \"" + nameSpace + "\"."}); - throw new XPathException(message, null); - } - } - } - -} diff --git a/common/src/main/resources/resources/properties/common_messages_de.properties b/common/src/main/resources/resources/properties/common_messages_de.properties deleted file mode 100644 index a58d07625..000000000 --- a/common/src/main/resources/resources/properties/common_messages_de.properties +++ /dev/null @@ -1,17 +0,0 @@ -# This file contains exception messages in the standard Java properties -# format. The messages may contain formatting patterns as definied in the -# java.text.MessageFormat class. - - -# -# Messages private to the MOA common subsystem -# - -parser.00=Leichter Fehler beim Parsen: {0}, SystemID={1}, Zeile={2}, Spalte={3} -parser.01=Fehler beim Parsen: {0}, SystemID={1}, Zeile={2}, Spalte={3} -parser.02=Schwerer Fehler beim Parsen: {0}, SystemID={1}, Zeile={2}, Spalte={3} -parser.04=Fehler beim Parsen: {0} - -xpath.00=Fehler beim Auswerten des XPath-Ausdruckes: {0} - -datetime.00=Fehler beim Parsen der DateTime
\ No newline at end of file diff --git a/common/src/main/resources/resources/schemas/Core-1.2.xsd b/common/src/main/resources/resources/schemas/Core-1.2.xsd deleted file mode 100644 index 864fee6d5..000000000 --- a/common/src/main/resources/resources/schemas/Core-1.2.xsd +++ /dev/null @@ -1,881 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> - -<!-- Securitylayer, Schnittstellenspezifikation --> - -<!-- XML-Schema fuer Schnittstellenspezifikation Version 1.2.2 --> - -<!-- 01. 03. 2005, Bundeskanzleramt, Stabsstelle IKT-Strategie, Technik und Standards --> - -<xsd:schema targetNamespace="http://www.buergerkarte.at/namespaces/securitylayer/1.2#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.2.1" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://www.buergerkarte.at/namespaces/securitylayer/1.2#"> - <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/> - <xsd:import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="http://www.w3.org/2001/xml.xsd"/> - <!--###################################################################### --> - <!--# Create CMS Signature # --> - <!--###################################################################### --> - <!--====================================================================== --> - <!--= Create CMS Signature Request = --> - <!--====================================================================== --> - <xsd:element name="CreateCMSSignatureRequest" type="CreateCMSSignatureRequestType"/> - <xsd:complexType name="CreateCMSSignatureRequestType"> - <xsd:sequence> - <xsd:element name="KeyboxIdentifier" type="BoxIdentifierType"/> - <xsd:element name="DataObject" type="CMSDataObjectRequiredMetaType"/> - </xsd:sequence> - <xsd:attribute name="Structure" use="required"> - <xsd:simpleType> - <xsd:restriction base="xsd:string"> - <xsd:enumeration value="detached"/> - <xsd:enumeration value="enveloping"/> - </xsd:restriction> - </xsd:simpleType> - </xsd:attribute> - </xsd:complexType> - <xsd:complexType name="CMSDataObjectRequiredMetaType"> - <xsd:complexContent> - <xsd:restriction base="CMSDataObjectOptionalMetaType"> - <xsd:sequence> - <xsd:element name="MetaInfo" type="MetaInfoType"/> - <xsd:element name="Content" type="Base64OptRefContentType"/> - </xsd:sequence> - </xsd:restriction> - </xsd:complexContent> - </xsd:complexType> - <xsd:complexType name="CMSDataObjectOptionalMetaType"> - <xsd:sequence> - <xsd:element name="MetaInfo" type="MetaInfoType" minOccurs="0"/> - <xsd:element name="Content" type="Base64OptRefContentType"/> - </xsd:sequence> - </xsd:complexType> - <!--====================================================================== --> - <!--= Create CMS Siganture Response = --> - <!--====================================================================== --> - <xsd:element name="CreateCMSSignatureResponse" type="CreateCMSSignatureResponseType"/> - <xsd:complexType name="CreateCMSSignatureResponseType"> - <xsd:sequence> - <xsd:element name="CMSSignature" type="xsd:base64Binary"/> - </xsd:sequence> - </xsd:complexType> - <!--###################################################################### --> - <!--# Create XML Signature # --> - <!--###################################################################### --> - <!--====================================================================== --> - <!--= Create XML Signature Request = --> - <!--====================================================================== --> - <xsd:element name="CreateXMLSignatureRequest" type="CreateXMLSignatureRequestType"/> - <xsd:complexType name="CreateXMLSignatureRequestType"> - <xsd:sequence> - <xsd:element name="KeyboxIdentifier" type="BoxIdentifierType"/> - <xsd:element name="DataObjectInfo" type="DataObjectInfoType" maxOccurs="unbounded"/> - <xsd:element name="SignatureInfo" type="SignatureInfoCreationType" minOccurs="0"/> - </xsd:sequence> - </xsd:complexType> - <xsd:complexType name="SignatureInfoCreationType"> - <xsd:sequence> - <xsd:element name="SignatureEnvironment" type="Base64XMLOptRefContentType"/> - <xsd:element name="SignatureLocation"> - <xsd:complexType> - <xsd:simpleContent> - <xsd:extension base="xsd:token"> - <xsd:attribute name="Index" type="xsd:nonNegativeInteger" use="required"/> - </xsd:extension> - </xsd:simpleContent> - </xsd:complexType> - </xsd:element> - <xsd:element name="Supplement" type="DataObjectAssociationType" minOccurs="0" maxOccurs="unbounded"/> - </xsd:sequence> - </xsd:complexType> - <xsd:complexType name="MetaInfoType"> - <xsd:sequence> - <xsd:element name="MimeType" type="MimeTypeType"/> - <xsd:element name="Description" type="xsd:string" minOccurs="0"/> - <xsd:any namespace="##other" minOccurs="0" maxOccurs="unbounded"/> - </xsd:sequence> - </xsd:complexType> - <xsd:complexType name="DataObjectInfoType"> - <xsd:sequence> - <xsd:element name="DataObject" type="Base64XMLLocRefOptRefContentType"/> - <xsd:element name="TransformsInfo" type="TransformsInfoType" maxOccurs="unbounded"/> - <xsd:element name="Supplement" type="DataObjectAssociationType" minOccurs="0" maxOccurs="unbounded"/> - </xsd:sequence> - <xsd:attribute name="Structure" use="required"> - <xsd:simpleType> - <xsd:restriction base="xsd:string"> - <xsd:enumeration value="detached"/> - <xsd:enumeration value="enveloping"/> - </xsd:restriction> - </xsd:simpleType> - </xsd:attribute> - </xsd:complexType> - <xsd:complexType name="TransformsInfoType"> - <xsd:sequence> - <xsd:element ref="dsig:Transforms" minOccurs="0"/> - <xsd:element name="FinalDataMetaInfo" type="MetaInfoType"/> - </xsd:sequence> - </xsd:complexType> - <!--====================================================================== --> - <!--= Create XML Signature Response = --> - <!--====================================================================== --> - <xsd:element name="CreateXMLSignatureResponse" type="CreateXMLSignatureResponseType"/> - <xsd:complexType name="CreateXMLSignatureResponseType"> - <xsd:sequence> - <xsd:any namespace="##any" processContents="lax"/> - </xsd:sequence> - </xsd:complexType> - <!--###################################################################### --> - <!--# Verify CMS Signature # --> - <!--###################################################################### --> - <!--====================================================================== --> - <!--= Verify CMS Signature Request = --> - <!--====================================================================== --> - <xsd:element name="VerifyCMSSignatureRequest" type="VerifyCMSSignatureRequestType"/> - <xsd:complexType name="VerifyCMSSignatureRequestType"> - <xsd:sequence> - <xsd:element name="DateTime" type="xsd:dateTime" minOccurs="0"/> - <xsd:element name="CMSSignature" type="xsd:base64Binary"/> - <xsd:element name="DataObject" type="CMSDataObjectOptionalMetaType" minOccurs="0"/> - </xsd:sequence> - <xsd:attribute name="Signatories" type="SignatoriesType" use="optional" default="1"/> - </xsd:complexType> - <xsd:simpleType name="SignatoriesType"> - <xsd:union memberTypes="AllSignatoriesType"> - <xsd:simpleType> - <xsd:list itemType="xsd:positiveInteger"/> - </xsd:simpleType> - </xsd:union> - </xsd:simpleType> - <xsd:simpleType name="AllSignatoriesType"> - <xsd:restriction base="xsd:string"> - <xsd:enumeration value="all"/> - </xsd:restriction> - </xsd:simpleType> - <!--====================================================================== --> - <!--= Verify CMS Signature Response = --> - <!--====================================================================== --> - <xsd:element name="VerifyCMSSignatureResponse" type="VerifyCMSSignatureResponseType"/> - <xsd:complexType name="VerifyCMSSignatureResponseType"> - <xsd:sequence maxOccurs="unbounded"> - <xsd:element name="SignerInfo" type="dsig:KeyInfoType"/> - <xsd:element name="SignatureCheck" type="CheckResultType"/> - <xsd:element name="CertificateCheck" type="CheckResultType"/> - </xsd:sequence> - </xsd:complexType> - <xsd:element name="QualifiedCertificate"/> - <!--###################################################################### --> - <!--# Verify XML Signature # --> - <!--###################################################################### --> - <!--====================================================================== --> - <!--= Verify XML Signature Request = --> - <!--====================================================================== --> - <xsd:element name="VerifyXMLSignatureRequest" type="VerifyXMLSignatureRequestType"/> - <xsd:complexType name="VerifyXMLSignatureRequestType"> - <xsd:sequence> - <xsd:element name="DateTime" type="xsd:dateTime" minOccurs="0"/> - <xsd:element name="SignatureInfo" type="SignatureInfoVerificationType"/> - <xsd:element name="Supplement" type="DataObjectAssociationType" minOccurs="0" maxOccurs="unbounded"/> - </xsd:sequence> - </xsd:complexType> - <xsd:complexType name="SignatureInfoVerificationType"> - <xsd:sequence> - <xsd:element name="SignatureEnvironment" type="Base64XMLOptRefContentType"/> - <xsd:element name="SignatureLocation" type="xsd:token"/> - </xsd:sequence> - </xsd:complexType> - <!--====================================================================== --> - <!--= Verify XML Signature Response = --> - <!--====================================================================== --> - <xsd:element name="VerifyXMLSignatureResponse" type="VerifyXMLSignatureResponseType"/> - <xsd:complexType name="VerifyXMLSignatureResponseType"> - <xsd:sequence> - <xsd:element name="SignerInfo" type="dsig:KeyInfoType"/> - <xsd:element name="SignatureCheck" type="ReferencesCheckResultType"/> - <xsd:element name="SignatureManifestCheck" type="ReferencesCheckResultType"/> - <xsd:element name="XMLDSIGManifestCheck" type="ManifestRefsCheckResultType" minOccurs="0" maxOccurs="unbounded"/> - <xsd:element name="CertificateCheck" type="CheckResultType"/> - </xsd:sequence> - </xsd:complexType> - <xsd:complexType name="ReferencesCheckResultType"> - <xsd:sequence> - <xsd:element name="Code" type="xsd:nonNegativeInteger"/> - <xsd:element name="Info" type="ReferencesCheckResultInfoType" minOccurs="0"/> - </xsd:sequence> - </xsd:complexType> - <xsd:complexType name="ReferencesCheckResultInfoType" mixed="true"> - <xsd:sequence> - <xsd:element name="FailedReference" type="xsd:positiveInteger" minOccurs="0" maxOccurs="unbounded"/> - <xsd:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/> - </xsd:sequence> - </xsd:complexType> - <xsd:complexType name="ManifestRefsCheckResultType"> - <xsd:sequence> - <xsd:element name="Code" type="xsd:nonNegativeInteger"/> - <xsd:element name="Info" type="ManifestRefsCheckResultInfoType"/> - </xsd:sequence> - </xsd:complexType> - <xsd:complexType name="ManifestRefsCheckResultInfoType" mixed="true"> - <xsd:sequence> - <xsd:element name="ReferringSigReference" type="xsd:positiveInteger"/> - <xsd:element name="FailedReference" type="xsd:positiveInteger" minOccurs="0" maxOccurs="unbounded"/> - <xsd:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/> - </xsd:sequence> - </xsd:complexType> - <xsd:complexType name="CheckResultType"> - <xsd:sequence> - <xsd:element name="Code" type="xsd:nonNegativeInteger"/> - <xsd:element name="Info" type="AnyMixedChildrenType" minOccurs="0"/> - </xsd:sequence> - </xsd:complexType> - <!--###################################################################### --> - <!--# Encrypt a CMS message # --> - <!--###################################################################### --> - <!--====================================================================== --> - <!--= Encrypt a CMS message: Request = --> - <!--====================================================================== --> - <xsd:element name="EncryptCMSRequest" type="EncryptCMSRequestType"/> - <xsd:complexType name="EncryptCMSRequestType"> - <xsd:sequence> - <xsd:element name="RecipientPublicKey" type="CMSRecipientPublicKeyType" maxOccurs="unbounded"/> - <xsd:element name="ToBeEncrypted" type="CMSToBeEncryptedType"/> - </xsd:sequence> - <xsd:attribute name="ReturnBinaryResult" type="xsd:boolean" use="optional" default="false"/> - </xsd:complexType> - <xsd:complexType name="CMSToBeEncryptedType"> - <xsd:sequence> - <xsd:element name="MetaInfo" type="MetaInfoType"/> - <xsd:element name="Content" type="Base64OptRefContentType"/> - </xsd:sequence> - </xsd:complexType> - <xsd:complexType name="CMSRecipientPublicKeyType"> - <xsd:choice> - <xsd:element name="X509Certificate" type="xsd:base64Binary"/> - </xsd:choice> - </xsd:complexType> - <!--====================================================================== --> - <!--= Encrypt a CMS message: Response = --> - <!--====================================================================== --> - <xsd:element name="EncryptCMSResponse" type="EncryptCMSResponseType"/> - <xsd:complexType name="EncryptCMSResponseType"> - <xsd:sequence> - <xsd:element name="CMSMessage" type="xsd:base64Binary"/> - </xsd:sequence> - </xsd:complexType> - <!--###################################################################### --> - <!--# Decrypt a CMS message # --> - <!--###################################################################### --> - <!--====================================================================== --> - <!--= Decrypt a CMS message: Request = --> - <!--====================================================================== --> - <xsd:element name="DecryptCMSRequest" type="DecryptCMSRequestType"/> - <xsd:complexType name="DecryptCMSRequestType"> - <xsd:sequence> - <xsd:element name="CMSMessage" type="xsd:base64Binary"/> - <xsd:element name="EncryptedContent" type="CMSEncryptedContentType" minOccurs="0"/> - </xsd:sequence> - <xsd:attribute name="ReturnResult" type="ReturnResultType" use="optional" default="xml"/> - </xsd:complexType> - <xsd:complexType name="CMSEncryptedContentType"> - <xsd:sequence> - <xsd:element name="MetaInfo" type="MetaInfoType" minOccurs="0"/> - <xsd:element name="Content" type="Base64OptRefContentType" minOccurs="0"/> - </xsd:sequence> - </xsd:complexType> - <xsd:simpleType name="ReturnResultType"> - <xsd:restriction base="xsd:string"> - <xsd:enumeration value="binary"/> - <xsd:enumeration value="xml"/> - <xsd:enumeration value="none"/> - </xsd:restriction> - </xsd:simpleType> - <!--====================================================================== --> - <!--= Decrypt a CMS message: Response = --> - <!--====================================================================== --> - <xsd:element name="DecryptCMSResponse" type="DecryptCMSResponseType"/> - <xsd:complexType name="DecryptCMSResponseType"> - <xsd:sequence> - <xsd:element name="DecryptedData" type="xsd:base64Binary"/> - </xsd:sequence> - </xsd:complexType> - <!--###################################################################### --> - <!--# Encrypt an XML document # --> - <!--###################################################################### --> - <!--====================================================================== --> - <!--= Encrypt an XML document: Request = --> - <!--====================================================================== --> - <xsd:element name="EncryptXMLRequest"> - <xsd:complexType> - <xsd:complexContent> - <xsd:extension base="EncryptXMLRequestType"/> - </xsd:complexContent> - </xsd:complexType> - </xsd:element> - <xsd:complexType name="EncryptXMLRequestType"> - <xsd:sequence> - <xsd:element name="RecipientPublicKey" type="XMLRecipientPublicKeyType" maxOccurs="unbounded"/> - <xsd:element name="ToBeEncrypted" type="ToBeEncryptedType" maxOccurs="unbounded"/> - <xsd:element name="EncryptionInfo" type="EncryptionInfoType" minOccurs="0"/> - </xsd:sequence> - </xsd:complexType> - <xsd:complexType name="ToBeEncryptedType"> - <xsd:choice> - <xsd:element name="Element"> - <xsd:complexType> - <xsd:attribute name="Selector" type="xsd:token" use="required"/> - <xsd:attribute name="EncDataReference" type="xsd:anyURI" use="optional"/> - </xsd:complexType> - </xsd:element> - <xsd:element name="ElementContent"> - <xsd:complexType> - <xsd:attribute name="Selector" type="xsd:token" use="required"/> - <xsd:attribute name="EncDataReference" type="xsd:anyURI" use="optional"/> - </xsd:complexType> - </xsd:element> - <xsd:element name="New" type="XMLToBeEncryptedNewType"/> - </xsd:choice> - </xsd:complexType> - <xsd:complexType name="XMLToBeEncryptedNewType"> - <xsd:sequence> - <xsd:element name="MetaInfo" type="MetaInfoType"/> - <xsd:element name="Content" type="XMLToBeEncryptedNewContentType"/> - </xsd:sequence> - <xsd:attribute name="ParentSelector" type="xsd:token" use="required"/> - <xsd:attribute name="NodeCount" type="xsd:nonNegativeInteger" use="required"/> - </xsd:complexType> - <xsd:complexType name="XMLToBeEncryptedNewContentType"> - <xsd:complexContent> - <xsd:extension base="Base64XMLLocRefContentType"> - <xsd:attribute name="EncDataReference" type="xsd:anyURI" use="optional"/> - </xsd:extension> - </xsd:complexContent> - </xsd:complexType> - <xsd:complexType name="XMLRecipientPublicKeyType"> - <xsd:choice> - <xsd:element ref="dsig:KeyValue"/> - <xsd:element name="X509Certificate" type="xsd:base64Binary"/> - </xsd:choice> - </xsd:complexType> - <xsd:complexType name="EncryptionInfoType"> - <xsd:sequence> - <xsd:element name="EncryptionEnvironment" type="Base64XMLOptRefContentType"/> - <xsd:element name="EncryptedKeyLocation" minOccurs="0"> - <xsd:complexType> - <xsd:attribute name="ParentSelector" type="xsd:token" use="required"/> - <xsd:attribute name="NodeCount" type="xsd:nonNegativeInteger" use="required"/> - </xsd:complexType> - </xsd:element> - <xsd:element name="Supplement" type="DataObjectAssociationType" minOccurs="0" maxOccurs="unbounded"/> - </xsd:sequence> - </xsd:complexType> - <!--====================================================================== --> - <!--= Encrypt an XML document: Response = --> - <!--====================================================================== --> - <xsd:element name="EncryptXMLResponse" type="EncryptXMLResponseType"/> - <xsd:complexType name="EncryptXMLResponseType"> - <xsd:sequence> - <xsd:element name="EncryptionEnvironment"> - <xsd:complexType> - <xsd:sequence> - <xsd:any namespace="##any" processContents="lax"/> - </xsd:sequence> - </xsd:complexType> - </xsd:element> - <xsd:element name="EncryptedData" type="EncryptedDataType" minOccurs="0" maxOccurs="unbounded"/> - </xsd:sequence> - </xsd:complexType> - <xsd:complexType name="EncryptedDataType"> - <xsd:simpleContent> - <xsd:extension base="xsd:base64Binary"> - <xsd:attribute name="EncDataReference" type="xsd:anyURI" use="required"/> - </xsd:extension> - </xsd:simpleContent> - </xsd:complexType> - <!--###################################################################### --> - <!--# Decrypt an XML document # --> - <!--###################################################################### --> - <!--====================================================================== --> - <!--= Decrypt an XML document: Request = --> - <!--====================================================================== --> - <xsd:element name="DecryptXMLRequest" type="DecryptXMLRequestType"/> - <xsd:complexType name="DecryptXMLRequestType"> - <xsd:sequence> - <xsd:element name="EncryptedContent" type="Base64XMLOptRefContentType"/> - <xsd:element name="EncrElemsSelector" type="xsd:string"/> - <xsd:element name="Supplement" type="DataObjectAssociationType" minOccurs="0" maxOccurs="unbounded"/> - </xsd:sequence> - <xsd:attribute name="ReturnResult" type="ReturnResultType" use="optional" default="xml"/> - </xsd:complexType> - <!--====================================================================== --> - <!--= Decrypt an XML document: Response = --> - <!--====================================================================== --> - <xsd:element name="DecryptXMLResponse" type="DecryptXMLResponseType"/> - <xsd:complexType name="DecryptXMLResponseType"> - <xsd:sequence minOccurs="0"> - <xsd:element name="CandidateDocument" type="XMLContentType"/> - <xsd:element name="DecryptedBinaryData" minOccurs="0" maxOccurs="unbounded"> - <xsd:complexType> - <xsd:simpleContent> - <xsd:extension base="xsd:base64Binary"> - <xsd:attribute name="EncrElemSelector" type="xsd:string" use="required"/> - <xsd:attribute name="MimeType" type="xsd:string" use="optional"/> - <xsd:attribute name="Encoding" type="xsd:anyURI" use="optional"/> - </xsd:extension> - </xsd:simpleContent> - </xsd:complexType> - </xsd:element> - </xsd:sequence> - </xsd:complexType> - <!--###################################################################### --> - <!--# Hashing # --> - <!--###################################################################### --> - <!--====================================================================== --> - <!--= Hash Computation Request = --> - <!--====================================================================== --> - <xsd:element name="CreateHashRequest" type="CreateHashRequestType"/> - <xsd:complexType name="CreateHashRequestType"> - <xsd:sequence> - <xsd:element name="HashInfo" type="CreateHashInfoRequestType" maxOccurs="unbounded"/> - </xsd:sequence> - </xsd:complexType> - <xsd:complexType name="CreateHashInfoRequestType"> - <xsd:sequence> - <xsd:element name="HashData" type="HashDataType"/> - <xsd:element name="HashAlgorithm" type="xsd:anyURI"/> - <xsd:element name="FriendlyName" type="xsd:string" minOccurs="0"/> - </xsd:sequence> - <xsd:attribute name="RespondHashData" type="xsd:boolean" use="required"/> - </xsd:complexType> - <xsd:complexType name="HashDataType"> - <xsd:sequence> - <xsd:element name="MetaInfo" type="MetaInfoType"/> - <xsd:element name="Content" type="Base64XMLOptRefContentType"/> - </xsd:sequence> - </xsd:complexType> - <!--====================================================================== --> - <!--= Hash Computation Response = --> - <!--====================================================================== --> - <xsd:element name="CreateHashResponse" type="CreateHashResponseType"/> - <xsd:complexType name="CreateHashResponseType"> - <xsd:sequence> - <xsd:element name="HashInfo" type="CreateHashInfoResponseType" maxOccurs="unbounded"/> - </xsd:sequence> - </xsd:complexType> - <xsd:complexType name="CreateHashInfoResponseType"> - <xsd:sequence> - <xsd:element name="HashData" type="HashDataType" minOccurs="0"/> - <xsd:element name="HashAlgorithm" type="xsd:anyURI"/> - <xsd:element name="FriendlyName" type="xsd:string" minOccurs="0"/> - <xsd:element name="HashValue" type="xsd:base64Binary"/> - </xsd:sequence> - </xsd:complexType> - <!--====================================================================== --> - <!--= Hash Verification Request = --> - <!--====================================================================== --> - <xsd:element name="VerifyHashRequest" type="VerifyHashRequestType"/> - <xsd:complexType name="VerifyHashRequestType"> - <xsd:sequence> - <xsd:element name="HashInfo" type="VerifyHashInfoRequestType" maxOccurs="unbounded"/> - </xsd:sequence> - </xsd:complexType> - <xsd:complexType name="VerifyHashInfoRequestType"> - <xsd:sequence> - <xsd:element name="HashData" type="HashDataType"/> - <xsd:element name="HashAlgorithm" type="xsd:anyURI"/> - <xsd:element name="FriendlyName" type="xsd:string" minOccurs="0"/> - <xsd:element name="HashValue" type="xsd:base64Binary"/> - </xsd:sequence> - </xsd:complexType> - <!--====================================================================== --> - <!--= Hash Verification Response = --> - <!--====================================================================== --> - <xsd:element name="VerifyHashResponse" type="VerifyHashResponseType"/> - <xsd:complexType name="VerifyHashResponseType"> - <xsd:sequence> - <xsd:element name="VerificationResult" type="VerificationResultType" maxOccurs="unbounded"/> - </xsd:sequence> - </xsd:complexType> - <xsd:complexType name="VerificationResultType"> - <xsd:sequence> - <xsd:element name="FriendlyName" type="xsd:string" minOccurs="0"/> - <xsd:element name="Result" type="xsd:boolean"/> - </xsd:sequence> - </xsd:complexType> - <!--###################################################################### --> - <!--# Infobox Commands # --> - <!--###################################################################### --> - <!--====================================================================== --> - <!--= Check Available Infoboxes Request = --> - <!--====================================================================== --> - <xsd:element name="InfoboxAvailableRequest" type="InfoboxAvailableRequestType"/> - <xsd:complexType name="InfoboxAvailableRequestType"/> - <!--====================================================================== --> - <!--= Check Available Infoboxes Response = --> - <!--====================================================================== --> - <xsd:element name="InfoboxAvailableResponse" type="InfoboxAvailableResponseType"/> - <xsd:complexType name="InfoboxAvailableResponseType"> - <xsd:sequence minOccurs="0" maxOccurs="unbounded"> - <xsd:element name="InfoboxIdentifier" type="BoxIdentifierType"/> - </xsd:sequence> - </xsd:complexType> - <!--====================================================================== --> - <!--= Create Infobox Request = --> - <!--====================================================================== --> - <xsd:element name="InfoboxCreateRequest" type="InfoboxCreateRequestType"/> - <xsd:complexType name="InfoboxCreateRequestType"> - <xsd:sequence> - <xsd:element name="InfoboxIdentifier" type="BoxIdentifierType"/> - <xsd:element name="InfoboxType" type="InfoboxTypeType"/> - <xsd:element name="Creator" type="xsd:string"/> - <xsd:element name="Purpose" type="xsd:string"/> - <xsd:element name="ReadAccessAuthorization" type="AccessAuthorizationType" minOccurs="0"/> - <xsd:element name="UpdateAccessAuthorization" type="AccessAuthorizationType" minOccurs="0"/> - <xsd:element name="ReadUserConfirmation" type="UserConfirmationType" minOccurs="0"/> - <xsd:element name="UpdateUserConfirmation" type="UserConfirmationType" minOccurs="0"/> - </xsd:sequence> - </xsd:complexType> - <xsd:simpleType name="InfoboxTypeType"> - <xsd:restriction base="xsd:string"> - <xsd:enumeration value="BinaryFile"/> - <xsd:enumeration value="AssocArray"/> - </xsd:restriction> - </xsd:simpleType> - <xsd:complexType name="AccessAuthorizationType"> - <xsd:sequence> - <xsd:element name="RequesterID" type="RequesterIDType" maxOccurs="unbounded"/> - </xsd:sequence> - <xsd:attribute name="UserMayChange" type="xsd:boolean" use="required"/> - </xsd:complexType> - <xsd:simpleType name="RequesterIDSimpleType"> - <xsd:restriction base="xsd:string"/> - </xsd:simpleType> - <xsd:complexType name="RequesterIDType"> - <xsd:simpleContent> - <xsd:extension base="RequesterIDSimpleType"> - <xsd:attribute name="AuthenticationClass" type="AuthenticationClassType" use="required"/> - </xsd:extension> - </xsd:simpleContent> - </xsd:complexType> - <xsd:complexType name="UserConfirmationType"> - <xsd:simpleContent> - <xsd:extension base="UserConfirmationSimpleType"> - <xsd:attribute name="UserMayChange" type="xsd:boolean" use="required"/> - </xsd:extension> - </xsd:simpleContent> - </xsd:complexType> - <xsd:simpleType name="UserConfirmationSimpleType"> - <xsd:restriction base="xsd:string"> - <xsd:enumeration value="none"/> - <xsd:enumeration value="info"/> - <xsd:enumeration value="confirm"/> - <xsd:enumeration value="confirmWithSecret"/> - </xsd:restriction> - </xsd:simpleType> - <xsd:simpleType name="AuthenticationClassType"> - <xsd:restriction base="xsd:string"> - <xsd:enumeration value="anonym"/> - <xsd:enumeration value="pseudoanonym"/> - <xsd:enumeration value="certified"/> - <xsd:enumeration value="certifiedGovAgency"/> - </xsd:restriction> - </xsd:simpleType> - <!--====================================================================== --> - <!--= Create Infobox Response = --> - <!--====================================================================== --> - <xsd:element name="InfoboxCreateResponse" type="InfoboxCreateResponseType"/> - <xsd:complexType name="InfoboxCreateResponseType"/> - <!--====================================================================== --> - <!--= Delete Infobox Request = --> - <!--====================================================================== --> - <xsd:element name="InfoboxDeleteRequest" type="InfoboxDeleteRequestType"/> - <xsd:complexType name="InfoboxDeleteRequestType"> - <xsd:sequence> - <xsd:element name="InfoboxIdentifier" type="BoxIdentifierType"/> - </xsd:sequence> - </xsd:complexType> - <!--====================================================================== --> - <!--= Delete Infobox Response = --> - <!--====================================================================== --> - <xsd:element name="InfoboxDeleteResponse" type="InfoboxDeleteResponseType"/> - <xsd:complexType name="InfoboxDeleteResponseType"/> - <!--====================================================================== --> - <!--= Read Infobox Request = --> - <!--====================================================================== --> - <xsd:element name="InfoboxReadRequest" type="InfoboxReadRequestType"/> - <xsd:complexType name="InfoboxReadRequestType"> - <xsd:sequence> - <xsd:element name="InfoboxIdentifier" type="BoxIdentifierType"/> - <xsd:choice> - <xsd:element name="BinaryFileParameters" type="InfoboxReadParamsBinaryFileType"/> - <xsd:element name="AssocArrayParameters" type="InfoboxReadParamsAssocArrayType"/> - </xsd:choice> - <xsd:element name="BoxSpecificParameters" type="AnyChildrenType" minOccurs="0"/> - </xsd:sequence> - </xsd:complexType> - <xsd:complexType name="InfoboxReadParamsBinaryFileType"> - <xsd:attribute name="ContentIsXMLEntity" type="xsd:boolean" use="optional" default="false"/> - </xsd:complexType> - <xsd:complexType name="InfoboxReadParamsAssocArrayType"> - <xsd:choice> - <xsd:element name="ReadKeys"> - <xsd:complexType> - <xsd:attribute name="SearchString" type="WildCardSearchStringType" use="required"/> - <xsd:attribute name="UserMakesUnique" type="xsd:boolean" use="optional" default="false"/> - </xsd:complexType> - </xsd:element> - <xsd:element name="ReadPairs"> - <xsd:complexType> - <xsd:attribute name="SearchString" type="WildCardSearchStringType" use="required"/> - <xsd:attribute name="UserMakesUnique" type="xsd:boolean" use="optional" default="false"/> - <xsd:attribute name="ValuesAreXMLEntities" type="xsd:boolean" use="optional" default="false"/> - </xsd:complexType> - </xsd:element> - <xsd:element name="ReadValue"> - <xsd:complexType> - <xsd:attribute name="Key" type="BoxIdentifierType" use="required"/> - <xsd:attribute name="ValueIsXMLEntity" type="xsd:boolean" use="optional" default="false"/> - </xsd:complexType> - </xsd:element> - </xsd:choice> - </xsd:complexType> - <xsd:element name="IdentityLinkDomainIdentifier" type="xsd:anyURI"/> - <!--====================================================================== --> - <!--= Read Infobox Response = --> - <!--====================================================================== --> - <xsd:element name="InfoboxReadResponse" type="InfoboxReadResponseType"/> - <xsd:complexType name="InfoboxReadResponseType"> - <xsd:choice> - <xsd:element name="BinaryFileData" type="Base64XMLContentType"/> - <xsd:element name="AssocArrayData" type="InfoboxReadDataAssocArrayType"/> - </xsd:choice> - </xsd:complexType> - <xsd:complexType name="InfoboxReadDataAssocArrayType"> - <xsd:choice> - <xsd:sequence minOccurs="0" maxOccurs="unbounded"> - <xsd:element name="Key" type="BoxIdentifierType"/> - </xsd:sequence> - <xsd:sequence minOccurs="0" maxOccurs="unbounded"> - <xsd:element name="Pair" type="InfoboxAssocArrayPairType"/> - </xsd:sequence> - </xsd:choice> - </xsd:complexType> - <!--====================================================================== --> - <!--= Update Infobox Request = --> - <!--====================================================================== --> - <xsd:element name="InfoboxUpdateRequest" type="InfoboxUpdateRequestType"/> - <xsd:complexType name="InfoboxUpdateRequestType"> - <xsd:sequence> - <xsd:element name="InfoboxIdentifier" type="BoxIdentifierType"/> - <xsd:choice> - <xsd:element name="BinaryFileParameters" type="Base64XMLContentType"/> - <xsd:element name="AssocArrayParameters" type="InfoboxUpdateParamsAssocArrayType"/> - </xsd:choice> - <xsd:element name="BoxSpecificParameters" type="AnyChildrenType" minOccurs="0"/> - </xsd:sequence> - </xsd:complexType> - <xsd:complexType name="InfoboxUpdateParamsAssocArrayType"> - <xsd:choice> - <xsd:element name="UpdateKey"> - <xsd:complexType> - <xsd:attribute name="Key" type="xsd:token" use="required"/> - <xsd:attribute name="NewKey" type="xsd:token" use="required"/> - </xsd:complexType> - </xsd:element> - <xsd:element name="UpdateValue" type="InfoboxAssocArrayPairType"/> - <xsd:element name="DeletePair"> - <xsd:complexType> - <xsd:attribute name="Key" type="xsd:token" use="required"/> - </xsd:complexType> - </xsd:element> - </xsd:choice> - </xsd:complexType> - <!--====================================================================== --> - <!--= Update Infobox Response = --> - <!--====================================================================== --> - <xsd:element name="InfoboxUpdateResponse" type="InfoboxUpdateResponseType"/> - <xsd:complexType name="InfoboxUpdateResponseType"/> - <!--###################################################################### --> - <!--# Null-Operation # --> - <!--###################################################################### --> - <!--====================================================================== --> - <!--= Null-Operation ReQuest = --> - <!--====================================================================== --> - <xsd:element name="NullOperationRequest" type="NullOperationRequestType"/> - <xsd:complexType name="NullOperationRequestType"/> - <!--====================================================================== --> - <!--= Null-Operation Response = --> - <!--====================================================================== --> - <xsd:element name="NullOperationResponse" type="NullOperationResponseType"/> - <xsd:complexType name="NullOperationResponseType"/> - <!--###################################################################### --> - <!--# Get Properties # --> - <!--###################################################################### --> - <xsd:element name="GetPropertiesRequest"> - <xsd:complexType> - <xsd:complexContent> - <xsd:extension base="GetPropertiesRequestType"/> - </xsd:complexContent> - </xsd:complexType> - </xsd:element> - <xsd:complexType name="GetPropertiesRequestType"/> - <!--====================================================================== --> - <!--= Get Properties Response = --> - <!--====================================================================== --> - <xsd:element name="GetPropertiesResponse" type="GetPropertiesResponseType"/> - <xsd:complexType name="GetPropertiesResponseType"> - <xsd:sequence> - <xsd:element name="ViewerMediaType" type="MimeTypeType" maxOccurs="unbounded"/> - <xsd:element name="XMLSignatureTransform" type="xsd:anyURI" maxOccurs="unbounded"/> - <xsd:element name="KeyboxIdentifier" type="QualifiedBoxIdentifierType" minOccurs="0" maxOccurs="unbounded"/> - <xsd:element name="Binding" type="BindingType" maxOccurs="unbounded"/> - <xsd:element name="ProtocolVersion" type="xsd:token" maxOccurs="unbounded"/> - <xsd:any namespace="##other" minOccurs="0" maxOccurs="unbounded"/> - </xsd:sequence> - </xsd:complexType> - <xsd:complexType name="BindingType"> - <xsd:complexContent> - <xsd:extension base="AnyChildrenType"> - <xsd:attribute name="Identifier" type="xsd:token" use="required"/> - </xsd:extension> - </xsd:complexContent> - </xsd:complexType> - <xsd:complexType name="QualifiedBoxIdentifierType"> - <xsd:simpleContent> - <xsd:extension base="BoxIdentifierType"> - <xsd:attribute name="Signature" type="xsd:boolean" use="required"/> - <xsd:attribute name="Encryption" type="xsd:boolean" use="required"/> - </xsd:extension> - </xsd:simpleContent> - </xsd:complexType> - <!--###################################################################### --> - <!--# Get Token Status # --> - <!--###################################################################### --> - <!--====================================================================== --> - <!--= Get Token Status Request = --> - <!--====================================================================== --> - <xsd:element name="GetStatusRequest" type="GetStatusRequestType"/> - <xsd:complexType name="GetStatusRequestType"> - <xsd:sequence minOccurs="0"> - <xsd:element name="TokenStatus" type="TokenStatusType"/> - <xsd:element name="MaxDelay" type="xsd:nonNegativeInteger"/> - </xsd:sequence> - </xsd:complexType> - <!--====================================================================== --> - <!--= Get Token Status Response = --> - <!--====================================================================== --> - <xsd:element name="GetStatusResponse" type="GetStatusResponseType"/> - <xsd:complexType name="GetStatusResponseType"> - <xsd:sequence> - <xsd:element name="TokenStatus" type="TokenStatusType"/> - </xsd:sequence> - </xsd:complexType> - <xsd:simpleType name="TokenStatusType"> - <xsd:restriction base="xsd:string"> - <xsd:enumeration value="ready"/> - <xsd:enumeration value="removed"/> - </xsd:restriction> - </xsd:simpleType> - <!--###################################################################### --> - <!--# Error Response # --> - <!--###################################################################### --> - <xsd:element name="ErrorResponse" type="ErrorResponseType"/> - <xsd:complexType name="ErrorResponseType"> - <xsd:sequence> - <xsd:element name="ErrorCode" type="ErrorCodeType"/> - <xsd:element name="Info" type="xsd:string"/> - </xsd:sequence> - </xsd:complexType> - <xsd:simpleType name="ErrorCodeType"> - <xsd:restriction base="xsd:integer"> - <xsd:minInclusive value="1000"/> - <xsd:maxInclusive value="99999"/> - </xsd:restriction> - </xsd:simpleType> - <!--###################################################################### --> - <!--# Auxiliary Types # --> - <!--###################################################################### --> - <xsd:simpleType name="BoxIdentifierType"> - <xsd:restriction base="xsd:token"/> - </xsd:simpleType> - <xsd:simpleType name="MimeTypeType"> - <xsd:restriction base="xsd:token"/> - </xsd:simpleType> - <xsd:simpleType name="WildCardSearchStringType"> - <xsd:restriction base="xsd:string"> - <xsd:pattern value="[^\*/]*(\*[^\*/]*)?(/[^\*/]*(\*[^\*/]*)?)*"/> - <xsd:pattern value="\*\*"/> - </xsd:restriction> - </xsd:simpleType> - <xsd:complexType name="InfoboxAssocArrayPairType"> - <xsd:complexContent> - <xsd:extension base="Base64XMLContentType"> - <xsd:attribute name="Key" type="xsd:string" use="required"/> - </xsd:extension> - </xsd:complexContent> - </xsd:complexType> - <xsd:complexType name="AnyChildrenType" mixed="false"> - <xsd:sequence minOccurs="0" maxOccurs="unbounded"> - <xsd:any namespace="##any" processContents="lax"/> - </xsd:sequence> - </xsd:complexType> - <xsd:complexType name="AnyMixedChildrenType" mixed="true"> - <xsd:sequence minOccurs="0" maxOccurs="unbounded"> - <xsd:any namespace="##any" processContents="skip"/> - </xsd:sequence> - </xsd:complexType> - <xsd:complexType name="XMLContentType" mixed="true"> - <xsd:complexContent mixed="true"> - <xsd:extension base="AnyMixedChildrenType"> - <xsd:attribute ref="xml:space" use="optional"/> - </xsd:extension> - </xsd:complexContent> - </xsd:complexType> - <xsd:complexType name="Base64XMLLocRefOptRefContentType"> - <xsd:complexContent> - <xsd:extension base="Base64XMLLocRefContentType"> - <xsd:attribute name="Reference" type="xsd:anyURI" use="optional"/> - </xsd:extension> - </xsd:complexContent> - </xsd:complexType> - <xsd:complexType name="Base64XMLLocRefReqRefContentType"> - <xsd:complexContent> - <xsd:extension base="Base64XMLLocRefContentType"> - <xsd:attribute name="Reference" type="xsd:anyURI" use="required"/> - </xsd:extension> - </xsd:complexContent> - </xsd:complexType> - <xsd:complexType name="Base64XMLOptRefContentType"> - <xsd:complexContent> - <xsd:extension base="Base64XMLContentType"> - <xsd:attribute name="Reference" type="xsd:anyURI" use="optional"/> - </xsd:extension> - </xsd:complexContent> - </xsd:complexType> - <xsd:complexType name="Base64OptRefContentType"> - <xsd:complexContent> - <xsd:extension base="Base64ContentType"> - <xsd:attribute name="Reference" type="xsd:anyURI" use="optional"/> - </xsd:extension> - </xsd:complexContent> - </xsd:complexType> - <xsd:complexType name="Base64ContentType"> - <xsd:choice minOccurs="0"> - <xsd:element name="Base64Content" type="xsd:base64Binary"/> - </xsd:choice> - </xsd:complexType> - <xsd:complexType name="Base64XMLContentType"> - <xsd:choice minOccurs="0"> - <xsd:element name="Base64Content" type="xsd:base64Binary"/> - <xsd:element name="XMLContent" type="XMLContentType"/> - </xsd:choice> - </xsd:complexType> - <xsd:complexType name="Base64XMLLocRefContentType"> - <xsd:choice minOccurs="0"> - <xsd:element name="Base64Content" type="xsd:base64Binary"/> - <xsd:element name="XMLContent" type="XMLContentType"/> - <xsd:element name="LocRefContent" type="xsd:anyURI"/> - </xsd:choice> - </xsd:complexType> - <xsd:complexType name="DataObjectAssociationType"> - <xsd:sequence> - <xsd:element name="MetaInfo" type="MetaInfoType" minOccurs="0"/> - <xsd:element name="Content" type="Base64XMLLocRefReqRefContentType"/> - </xsd:sequence> - </xsd:complexType> -</xsd:schema> diff --git a/common/src/main/resources/resources/schemas/Core.20020225.xsd b/common/src/main/resources/resources/schemas/Core.20020225.xsd deleted file mode 100644 index 5dd2836a0..000000000 --- a/common/src/main/resources/resources/schemas/Core.20020225.xsd +++ /dev/null @@ -1,399 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?>
-<!-- Securitylayer, Schnittstellenspezifikation -->
-<!-- XML-Schema für Schnittstellenspezifikation Version 1.1.0, Protokollelemente im datierten Namespace 20020225 -->
-<!-- 31. 08. 2002, Operative Unit, CIO, BMOeLS -->
-<xsd:schema xmlns="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" targetNamespace="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.1.0">
- <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/>
- <xsd:import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="http://www.w3.org/2001/xml.xsd"/>
- <!--########### Create CMS Signature ###-->
- <!--### Create CMS Signature Request ###-->
- <xsd:element name="CreateCMSSignatureRequest" type="CreateCMSSignatureRequestType"/>
- <xsd:complexType name="CreateCMSSignatureRequestType">
- <xsd:sequence>
- <xsd:element name="KeyboxIdentifier" type="BoxIdentifierType"/>
- <xsd:element name="DataObject" type="CMSDataObjectRequiredMetaType"/>
- </xsd:sequence>
- <xsd:attribute name="Structure" use="required">
- <xsd:simpleType>
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="detached"/>
- <xsd:enumeration value="enveloping"/>
- </xsd:restriction>
- </xsd:simpleType>
- </xsd:attribute>
- </xsd:complexType>
- <xsd:complexType name="CMSDataObjectRequiredMetaType">
- <xsd:complexContent>
- <xsd:restriction base="CMSDataObjectOptionalMetaType">
- <xsd:sequence>
- <xsd:element name="MetaInfo" type="MetaInfoType"/>
- <xsd:element name="Content" type="CMSContentBaseType"/>
- </xsd:sequence>
- </xsd:restriction>
- </xsd:complexContent>
- </xsd:complexType>
- <xsd:complexType name="CMSDataObjectOptionalMetaType">
- <xsd:sequence>
- <xsd:element name="MetaInfo" type="MetaInfoType" minOccurs="0"/>
- <xsd:element name="Content" type="CMSContentBaseType"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="CMSContentBaseType">
- <xsd:complexContent>
- <xsd:restriction base="ContentOptionalRefType">
- <xsd:choice minOccurs="0">
- <xsd:element name="Base64Content" type="xsd:base64Binary"/>
- </xsd:choice>
- </xsd:restriction>
- </xsd:complexContent>
- </xsd:complexType>
- <!--### Create CMS Siganture Response ###-->
- <xsd:element name="CreateCMSSignatureResponse" type="CreateCMSSignatureResponseType"/>
- <xsd:complexType name="CreateCMSSignatureResponseType">
- <xsd:sequence>
- <xsd:element name="CMSSignature" type="xsd:base64Binary"/>
- </xsd:sequence>
- </xsd:complexType>
- <!--########## Create XML Signature ###-->
- <!--### Create XML Signature Request ###-->
- <xsd:element name="CreateXMLSignatureRequest" type="CreateXMLSignatureRequestType"/>
- <xsd:complexType name="CreateXMLSignatureRequestType">
- <xsd:sequence>
- <xsd:element name="KeyboxIdentifier" type="BoxIdentifierType"/>
- <xsd:element name="DataObjectInfo" type="DataObjectInfoType" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="MetaInfoType">
- <xsd:sequence>
- <xsd:element name="MimeType" type="MimeTypeType"/>
- <xsd:element name="Description" type="xsd:anyURI" minOccurs="0"/>
- <xsd:any namespace="##other" minOccurs="0" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="DataObjectInfoType">
- <xsd:sequence>
- <xsd:element name="DataObject" type="ContentOptionalRefType"/>
- <xsd:element name="TransformsInfo" type="TransformsInfoType" maxOccurs="unbounded"/>
- <xsd:element name="Supplement" type="XMLDataObjectAssociationType" minOccurs="0" maxOccurs="unbounded"/>
- </xsd:sequence>
- <xsd:attribute name="Structure" use="required">
- <xsd:simpleType>
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="detached"/>
- <xsd:enumeration value="enveloping"/>
- </xsd:restriction>
- </xsd:simpleType>
- </xsd:attribute>
- </xsd:complexType>
- <xsd:complexType name="TransformsInfoType">
- <xsd:sequence>
- <xsd:element ref="dsig:Transforms" minOccurs="0"/>
- <xsd:element name="FinalDataMetaInfo" type="MetaInfoType"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="XMLDataObjectAssociationType">
- <xsd:sequence>
- <xsd:element name="MetaInfo" type="MetaInfoType" minOccurs="0"/>
- <xsd:element name="Content" type="ContentRequiredRefType"/>
- </xsd:sequence>
- </xsd:complexType>
- <!--### Create XML Signature Response ###-->
- <xsd:element name="CreateXMLSignatureResponse" type="CreateXMLSignatureResponseType"/>
- <xsd:complexType name="CreateXMLSignatureResponseType">
- <xsd:sequence>
- <xsd:element ref="dsig:Signature"/>
- </xsd:sequence>
- </xsd:complexType>
- <!--########## Verify CMS Signature ###-->
- <!--### Verifiy CMS Signature Request ###-->
- <xsd:element name="VerifyCMSSignatureRequest" type="VerifyCMSSignatureRequestType"/>
- <xsd:complexType name="VerifyCMSSignatureRequestType">
- <xsd:sequence>
- <xsd:element name="DateTime" type="xsd:dateTime" minOccurs="0"/>
- <xsd:element name="CMSSignature" type="xsd:base64Binary"/>
- <xsd:element name="DataObject" type="CMSDataObjectOptionalMetaType" minOccurs="0"/>
- </xsd:sequence>
- </xsd:complexType>
- <!--### Verify CMS Signature Response ###-->
- <xsd:element name="VerifyCMSSignatureResponse" type="VerifyCMSSignatureResponseType"/>
- <xsd:complexType name="VerifyCMSSignatureResponseType">
- <xsd:sequence>
- <xsd:element name="SignerInfo" type="dsig:KeyInfoType"/>
- <xsd:element name="SignatureCheck" type="CheckResultType"/>
- <xsd:element name="CertificateCheck" type="CheckResultType"/>
- </xsd:sequence>
- </xsd:complexType>
- <!--########## Verify XML Signature ###-->
- <!--### Verify XML Signature Request ###-->
- <xsd:element name="VerifyXMLSignatureRequest" type="VerifyXMLSignatureRequestType"/>
- <xsd:complexType name="VerifyXMLSignatureRequestType">
- <xsd:sequence>
- <xsd:element name="DateTime" type="xsd:dateTime" minOccurs="0"/>
- <xsd:element name="SignatureInfo">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="SignatureEnvironment">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:any namespace="##any" processContents="skip"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="SignatureLocation" type="xsd:token"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="Supplement" type="XMLDataObjectAssociationType" minOccurs="0" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- <!--### Verify XML Signature Response ###-->
- <xsd:element name="VerifyXMLSignatureResponse" type="VerifyXMLSignatureResponseType"/>
- <xsd:complexType name="VerifyXMLSignatureResponseType">
- <xsd:sequence>
- <xsd:element name="SignerInfo" type="dsig:KeyInfoType"/>
- <xsd:element name="SignatureCheck" type="CheckResultType"/>
- <xsd:element name="SignatureManifestCheck" type="CheckResultType"/>
- <xsd:element name="CertificateCheck" type="CheckResultType"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="CheckResultType">
- <xsd:sequence>
- <xsd:element name="Code" type="xsd:nonNegativeInteger"/>
- <xsd:element name="Info" type="AnyChildrenType" minOccurs="0"/>
- </xsd:sequence>
- </xsd:complexType>
- <!--########## Infobox Commands ###-->
- <!--### Check Available Infoboxes Request ###-->
- <xsd:element name="InfoboxAvailableRequest" type="InfoboxAvailableRequestType"/>
- <xsd:complexType name="InfoboxAvailableRequestType"/>
- <!--### Check Available Infoboxes Response ###-->
- <xsd:element name="InfoboxAvailableResponse" type="InfoboxAvailableResponseType"/>
- <xsd:complexType name="InfoboxAvailableResponseType">
- <xsd:sequence minOccurs="0" maxOccurs="unbounded">
- <xsd:element name="InfoboxIdentifier" type="BoxIdentifierType"/>
- </xsd:sequence>
- </xsd:complexType>
- <!--### Read Infobox Request ###-->
- <xsd:element name="InfoboxReadRequest" type="InfoboxReadRequestType"/>
- <xsd:complexType name="InfoboxReadRequestType">
- <xsd:sequence>
- <xsd:element name="InfoboxIdentifier" type="BoxIdentifierType"/>
- <xsd:choice>
- <xsd:element name="BinaryFileParameters" type="InfoboxReadParamsBinaryFileType"/>
- <xsd:element name="AssocArrayParameters" type="InfoboxReadParamsAssocArrayType"/>
- </xsd:choice>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="InfoboxReadParamsBinaryFileType">
- <xsd:attribute name="ContentIsXMLEntity" type="xsd:boolean" use="optional" default="false"/>
- </xsd:complexType>
- <xsd:complexType name="InfoboxReadParamsAssocArrayType">
- <xsd:choice>
- <xsd:element name="ReadKeys">
- <xsd:complexType>
- <xsd:attribute name="SearchString" type="WildCardSearchStringType" use="required"/>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="ReadPairs">
- <xsd:complexType>
- <xsd:attribute name="SearchString" type="WildCardSearchStringType" use="required"/>
- <xsd:attribute name="ValuesAreXMLEntities" type="xsd:boolean" use="optional" default="false"/>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="ReadValue">
- <xsd:complexType>
- <xsd:attribute name="Key" type="BoxIdentifierType" use="required"/>
- <xsd:attribute name="ValueIsXMLEntity" type="xsd:boolean" use="optional" default="false"/>
- </xsd:complexType>
- </xsd:element>
- </xsd:choice>
- </xsd:complexType>
- <!--### Read Infobox Response ###-->
- <xsd:element name="InfoboxReadResponse" type="InfoboxReadResponseType"/>
- <xsd:complexType name="InfoboxReadResponseType">
- <xsd:choice>
- <xsd:element name="BinaryFileData" type="ContentBaseType"/>
- <xsd:element name="AssocArrayData" type="InfoboxReadDataAssocArrayType"/>
- </xsd:choice>
- </xsd:complexType>
- <xsd:complexType name="InfoboxReadDataAssocArrayType">
- <xsd:choice>
- <xsd:sequence minOccurs="0" maxOccurs="unbounded">
- <xsd:element name="Key" type="BoxIdentifierType"/>
- </xsd:sequence>
- <xsd:sequence minOccurs="0" maxOccurs="unbounded">
- <xsd:element name="Pair" type="InfoboxAssocArrayPairType"/>
- </xsd:sequence>
- </xsd:choice>
- </xsd:complexType>
- <!--### Update Infobox Request ###-->
- <xsd:element name="InfoboxUpdateRequest" type="InfoboxUpdateRequestType"/>
- <xsd:complexType name="InfoboxUpdateRequestType">
- <xsd:sequence>
- <xsd:element name="InfoboxIdentifier" type="BoxIdentifierType"/>
- <xsd:choice>
- <xsd:element name="BinaryFileParameters" type="ContentBaseType"/>
- <xsd:element name="AssocArrayParameters" type="InfoboxUpdateParamsAssocArrayType"/>
- </xsd:choice>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="InfoboxUpdateParamsAssocArrayType">
- <xsd:choice>
- <xsd:element name="UpdateKey">
- <xsd:complexType>
- <xsd:attribute name="Key" type="xsd:token" use="required"/>
- <xsd:attribute name="NewKey" type="xsd:token" use="required"/>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="UpdateValue" type="InfoboxAssocArrayPairType"/>
- <xsd:element name="DeletePair">
- <xsd:complexType>
- <xsd:attribute name="Key" type="xsd:token" use="required"/>
- </xsd:complexType>
- </xsd:element>
- </xsd:choice>
- </xsd:complexType>
- <!--### Update Infobox Response ###-->
- <xsd:element name="InfoboxUpdateResponse" type="InfoboxUpdateResponseType"/>
- <xsd:complexType name="InfoboxUpdateResponseType"/>
- <!--########## Create Session Certificate ###-->
- <!--### Create Session Certificate Request ###-->
- <xsd:element name="CreateSessionKeyRequest" type="CreateSessionKeyRequestType"/>
- <xsd:complexType name="CreateSessionKeyRequestType">
- <xsd:sequence>
- <xsd:element name="KeyboxIdentifier" type="BoxIdentifierType"/>
- <xsd:element name="Password" type="xsd:string"/>
- <xsd:element name="Minutes" type="xsd:positiveInteger"/>
- </xsd:sequence>
- </xsd:complexType>
- <!--### Create Session Certificate Response ###-->
- <xsd:element name="CreateSessionKeyResponse" type="CreateSessionKeyResponseType"/>
- <xsd:complexType name="CreateSessionKeyResponseType">
- <xsd:sequence>
- <xsd:element name="PKCS12Object" type="xsd:base64Binary"/>
- <xsd:element name="Certificate" type="xsd:base64Binary"/>
- </xsd:sequence>
- </xsd:complexType>
- <!--########## Create Symmetric Key ###-->
- <!--### Create SymmetricKey Request ###-->
- <xsd:element name="CreateSymmetricSecretRequest" type="CreateSymmetricSecretRequestType"/>
- <xsd:complexType name="CreateSymmetricSecretRequestType" mixed="false">
- <xsd:sequence>
- <xsd:element name="KeyboxIdentifier" type="BoxIdentifierType"/>
- <xsd:element ref="dsig:KeyInfo"/>
- </xsd:sequence>
- </xsd:complexType>
- <!--### Create SymmetricKey Response ###-->
- <xsd:element name="CreateSymmetricSecretResponse" type="CreateSymmetricSecretResponseType"/>
- <xsd:complexType name="CreateSymmetricSecretResponseType" mixed="false">
- <xsd:sequence>
- <xsd:element name="SymmetricSecretValue" type="xsd:base64Binary"/>
- </xsd:sequence>
- </xsd:complexType>
- <!--########## Get Properties ###-->
- <!--### Get Properties Request ###-->
- <xsd:element name="GetPropertiesRequest" type="GetPropertiesRequestType"/>
- <xsd:complexType name="GetPropertiesRequestType"/>
- <!--### Get Properties Response ###-->
- <xsd:element name="GetPropertiesResponse" type="GetPropertiesResponseType"/>
- <xsd:complexType name="GetPropertiesResponseType">
- <xsd:sequence>
- <xsd:element name="ViewerMediaType" type="MimeTypeType" maxOccurs="unbounded"/>
- <xsd:element name="XMLSignatureTransform" type="xsd:anyURI" minOccurs="5" maxOccurs="unbounded"/>
- <xsd:element name="KeyboxIdentifier" type="BoxIdentifierType" minOccurs="2" maxOccurs="unbounded"/>
- <xsd:element name="Binding" type="BindingType" minOccurs="2" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="BindingType" mixed="true">
- <xsd:complexContent mixed="true">
- <xsd:extension base="AnyChildrenType">
- <xsd:attribute name="Identifier" type="xsd:token" use="required"/>
- </xsd:extension>
- </xsd:complexContent>
- </xsd:complexType>
- <!--########### Get Token Status ###-->
- <!--### Get Token Status Reqeust ###-->
- <xsd:element name="GetStatusRequest" type="GetStatusRequestType"/>
- <xsd:complexType name="GetStatusRequestType">
- <xsd:sequence minOccurs="0">
- <xsd:element name="TokenStatus" type="TokenStatusType"/>
- <xsd:element name="MaxDelay" type="xsd:nonNegativeInteger"/>
- </xsd:sequence>
- </xsd:complexType>
- <!--### Get Token Status Response ###-->
- <xsd:element name="GetStatusResponse" type="GetStatusResponseType"/>
- <xsd:complexType name="GetStatusResponseType">
- <xsd:sequence>
- <xsd:element name="TokenStatus" type="TokenStatusType"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:simpleType name="TokenStatusType">
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="ready"/>
- <xsd:enumeration value="removed"/>
- </xsd:restriction>
- </xsd:simpleType>
- <!--########## Error Response ###-->
- <xsd:element name="ErrorResponse" type="ErrorResponseType"/>
- <xsd:complexType name="ErrorResponseType">
- <xsd:sequence>
- <xsd:element name="ErrorCode" type="xsd:integer"/>
- <xsd:element name="Info" type="xsd:string"/>
- </xsd:sequence>
- </xsd:complexType>
- <!--########## Auxiliary Types ###-->
- <xsd:simpleType name="BoxIdentifierType">
- <xsd:restriction base="xsd:token"/>
- </xsd:simpleType>
- <xsd:simpleType name="MimeTypeType">
- <xsd:restriction base="xsd:token"/>
- </xsd:simpleType>
- <xsd:simpleType name="WildCardSearchStringType">
- <xsd:restriction base="xsd:string">
- <xsd:pattern value="[^\*/]*(\*[^\*/]*)?(/[^\*/]*(\*[^\*/]*)?)*"/>
- </xsd:restriction>
- </xsd:simpleType>
- <xsd:complexType name="AnyChildrenType" mixed="true">
- <xsd:sequence minOccurs="0" maxOccurs="unbounded">
- <xsd:any namespace="##any" processContents="skip"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="XMLContentType" mixed="true">
- <xsd:complexContent mixed="true">
- <xsd:extension base="AnyChildrenType">
- <xsd:attribute ref="xml:space" use="optional"/>
- </xsd:extension>
- </xsd:complexContent>
- </xsd:complexType>
- <xsd:complexType name="ContentBaseType">
- <xsd:choice minOccurs="0">
- <xsd:element name="Base64Content" type="xsd:base64Binary"/>
- <xsd:element name="XMLContent" type="XMLContentType"/>
- </xsd:choice>
- </xsd:complexType>
- <xsd:complexType name="ContentOptionalRefType">
- <xsd:complexContent>
- <xsd:extension base="ContentBaseType">
- <xsd:attribute name="Reference" type="xsd:anyURI" use="optional"/>
- </xsd:extension>
- </xsd:complexContent>
- </xsd:complexType>
- <xsd:complexType name="ContentRequiredRefType">
- <xsd:complexContent>
- <xsd:restriction base="ContentOptionalRefType">
- <xsd:choice>
- <xsd:element name="Base64Content" type="xsd:base64Binary"/>
- <xsd:element name="XMLContent" type="XMLContentType"/>
- </xsd:choice>
- <xsd:attribute name="Reference" type="xsd:anyURI" use="required"/>
- </xsd:restriction>
- </xsd:complexContent>
- </xsd:complexType>
- <xsd:complexType name="InfoboxAssocArrayPairType">
- <xsd:complexContent>
- <xsd:extension base="ContentBaseType">
- <xsd:attribute name="Key" type="xsd:string" use="required"/>
- </xsd:extension>
- </xsd:complexContent>
- </xsd:complexType>
-</xsd:schema>
diff --git a/common/src/main/resources/resources/schemas/Core.20020831.xsd b/common/src/main/resources/resources/schemas/Core.20020831.xsd deleted file mode 100644 index 6ec40be63..000000000 --- a/common/src/main/resources/resources/schemas/Core.20020831.xsd +++ /dev/null @@ -1,153 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?>
-<!-- Securitylayer, Schnittstellenspezifikation -->
-<!-- XML-Schema für Schnittstellenspezifikation Version 1.1.0, Protokollelemente im datierten Namespace 20020831 -->
-<!-- 31. 08. 2002, Operative Unit, CIO, BMOeLS -->
-<xsd:schema targetNamespace="http://www.buergerkarte.at/namespaces/securitylayer/20020831#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://www.buergerkarte.at/namespaces/securitylayer/20020831#" xmlns:sl10="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.1.0">
- <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/>
- <xsd:import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="http://www.w3.org/2001/xml.xsd"/>
- <xsd:import namespace="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" schemaLocation="Core.20020225.xsd"/>
- <!--########## Create XML Signature ###-->
- <!--### Create XML Signature Request ###-->
- <xsd:element name="CreateXMLSignatureRequest" type="CreateXMLSignatureRequestType"/>
- <xsd:complexType name="CreateXMLSignatureRequestType">
- <xsd:sequence>
- <xsd:element name="KeyboxIdentifier" type="sl10:BoxIdentifierType"/>
- <xsd:element name="DataObjectInfo" type="sl10:DataObjectInfoType" maxOccurs="unbounded"/>
- <xsd:element name="SignatureInfo" type="SignatureInfoCreationType" minOccurs="0"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="SignatureInfoCreationType">
- <xsd:sequence>
- <xsd:element name="SignatureEnvironment" type="sl10:ContentOptionalRefType"/>
- <xsd:element name="SignatureLocation">
- <xsd:complexType>
- <xsd:simpleContent>
- <xsd:extension base="xsd:token">
- <xsd:attribute name="Index" type="xsd:nonNegativeInteger" use="required"/>
- </xsd:extension>
- </xsd:simpleContent>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="Supplement" type="sl10:XMLDataObjectAssociationType" minOccurs="0" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- <!--### Create XML Signature Response ###-->
- <xsd:element name="CreateXMLSignatureResponse" type="CreateXMLSignatureResponseType"/>
- <xsd:complexType name="CreateXMLSignatureResponseType">
- <xsd:sequence>
- <xsd:any namespace="##any" processContents="lax"/>
- </xsd:sequence>
- </xsd:complexType>
- <!--########## Verify CMS Signature ###-->
- <!--### Verifiy CMS Signature Request ###-->
- <xsd:element name="VerifyCMSSignatureRequest" type="VerifyCMSSignatureRequestType"/>
- <xsd:complexType name="VerifyCMSSignatureRequestType">
- <xsd:sequence>
- <xsd:element name="DateTime" type="xsd:dateTime" minOccurs="0"/>
- <xsd:element name="CMSSignature" type="xsd:base64Binary"/>
- <xsd:element name="DataObject" type="sl10:CMSDataObjectOptionalMetaType" minOccurs="0"/>
- </xsd:sequence>
- <xsd:attribute name="Signatories" type="SignatoriesType" use="optional" default="1"/>
- </xsd:complexType>
- <xsd:simpleType name="SignatoriesType">
- <xsd:union memberTypes="AllSignatoriesType">
- <xsd:simpleType>
- <xsd:list itemType="xsd:positiveInteger"/>
- </xsd:simpleType>
- </xsd:union>
- </xsd:simpleType>
- <xsd:simpleType name="AllSignatoriesType">
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="all"/>
- </xsd:restriction>
- </xsd:simpleType>
- <!--### Verify CMS Signature Response ###-->
- <xsd:element name="VerifyCMSSignatureResponse" type="VerifyCMSSignatureResponseType"/>
- <xsd:complexType name="VerifyCMSSignatureResponseType">
- <xsd:sequence maxOccurs="unbounded">
- <xsd:element name="SignerInfo" type="dsig:KeyInfoType"/>
- <xsd:element name="SignatureCheck" type="sl10:CheckResultType"/>
- <xsd:element name="CertificateCheck" type="sl10:CheckResultType"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:element name="QualifiedCertificate"/>
- <!--########## Verify XML Signature ###-->
- <!--### Verify XML Signature Request ###-->
- <xsd:element name="VerifyXMLSignatureRequest" type="VerifyXMLSignatureRequestType"/>
- <xsd:complexType name="VerifyXMLSignatureRequestType">
- <xsd:sequence>
- <xsd:element name="DateTime" type="xsd:dateTime" minOccurs="0"/>
- <xsd:element name="SignatureInfo" type="SignatureInfoVerificationType"/>
- <xsd:element name="Supplement" type="sl10:XMLDataObjectAssociationType" minOccurs="0" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="SignatureInfoVerificationType">
- <xsd:sequence>
- <xsd:element name="SignatureEnvironment" type="sl10:ContentOptionalRefType"/>
- <xsd:element name="SignatureLocation" type="xsd:token"/>
- </xsd:sequence>
- </xsd:complexType>
- <!--### Verify XML Signature Response ###-->
- <xsd:element name="VerifyXMLSignatureResponse" type="VerifyXMLSignatureResponseType"/>
- <xsd:complexType name="VerifyXMLSignatureResponseType">
- <xsd:sequence>
- <xsd:element name="SignerInfo" type="dsig:KeyInfoType"/>
- <xsd:element name="SignatureCheck" type="ReferencesCheckResultType"/>
- <xsd:element name="SignatureManifestCheck" type="ReferencesCheckResultType"/>
- <xsd:element name="XMLDSIGManifestCheck" type="ManifestRefsCheckResultType" minOccurs="0" maxOccurs="unbounded"/>
- <xsd:element name="CertificateCheck" type="sl10:CheckResultType"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="ReferencesCheckResultType">
- <xsd:complexContent>
- <xsd:restriction base="sl10:CheckResultType">
- <xsd:sequence>
- <xsd:element name="Code" type="xsd:nonNegativeInteger"/>
- <xsd:element name="Info" type="ReferencesCheckResultInfoType" minOccurs="0"/>
- </xsd:sequence>
- </xsd:restriction>
- </xsd:complexContent>
- </xsd:complexType>
- <xsd:complexType name="ReferencesCheckResultInfoType" mixed="true">
- <xsd:complexContent mixed="true">
- <xsd:restriction base="sl10:AnyChildrenType">
- <xsd:sequence>
- <xsd:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
- <xsd:element name="FailedReference" type="xsd:positiveInteger" minOccurs="0" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:restriction>
- </xsd:complexContent>
- </xsd:complexType>
- <xsd:complexType name="ManifestRefsCheckResultType">
- <xsd:complexContent>
- <xsd:restriction base="sl10:CheckResultType">
- <xsd:sequence>
- <xsd:element name="Code" type="xsd:nonNegativeInteger"/>
- <xsd:element name="Info" type="ManifestRefsCheckResultInfoType"/>
- </xsd:sequence>
- </xsd:restriction>
- </xsd:complexContent>
- </xsd:complexType>
- <xsd:complexType name="ManifestRefsCheckResultInfoType" mixed="true">
- <xsd:complexContent mixed="true">
- <xsd:extension base="ReferencesCheckResultInfoType">
- <xsd:sequence>
- <xsd:element name="ReferringSigReference" type="xsd:positiveInteger"/>
- </xsd:sequence>
- </xsd:extension>
- </xsd:complexContent>
- </xsd:complexType>
- <!--########## Get Properties ###-->
- <!--### Get Properties Response ###-->
- <xsd:element name="GetPropertiesResponse" type="GetPropertiesResponseType"/>
- <xsd:complexType name="GetPropertiesResponseType">
- <xsd:sequence>
- <xsd:element name="ViewerMediaType" type="sl10:MimeTypeType" maxOccurs="unbounded"/>
- <xsd:element name="XMLSignatureTransform" type="xsd:anyURI" maxOccurs="unbounded"/>
- <xsd:element name="KeyboxIdentifier" type="sl10:BoxIdentifierType" maxOccurs="unbounded"/>
- <xsd:element name="Binding" type="sl10:BindingType" maxOccurs="unbounded"/>
- <xsd:element name="ProtocolVersion" type="xsd:anyURI" maxOccurs="unbounded"/>
- <xsd:any namespace="##other" minOccurs="0" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
-</xsd:schema>
diff --git a/common/src/main/resources/resources/schemas/ECDSAKeyValue.ancient.xsd b/common/src/main/resources/resources/schemas/ECDSAKeyValue.ancient.xsd deleted file mode 100644 index 833d327f2..000000000 --- a/common/src/main/resources/resources/schemas/ECDSAKeyValue.ancient.xsd +++ /dev/null @@ -1,122 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<xs:schema targetNamespace="http://www.buergerkarte.at/namespaces/ecdsa/200206030#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:ecdsa="http://www.buergerkarte.at/namespaces/ecdsa/200206030#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="0.3"> - <!--ECDSA key value root element--> - <xs:element name="ECDSAKeyValue" type="ecdsa:ECDSAKeyValueType"/> - <xs:complexType name="ECDSAKeyValueType"> - <xs:sequence> - <xs:element name="DomainParameters" type="ecdsa:DomainParamsType" minOccurs="0"/> - <xs:element name="PublicKey" type="ecdsa:ECPointType"/> - </xs:sequence> - </xs:complexType> - <!--EC domain parameters--> - <xs:complexType name="DomainParamsType"> - <xs:choice> - <xs:element name="ExplicitParams" type="ecdsa:ExplicitParamsType"/> - <xs:element name="NamedCurve"> - <xs:complexType> - <xs:attribute name="URN" type="xs:anyURI" use="required"/> - </xs:complexType> - </xs:element> - </xs:choice> - </xs:complexType> - <xs:complexType name="FieldParamsType" abstract="true"/> - <xs:complexType name="PrimeFieldParamsType"> - <xs:complexContent> - <xs:extension base="ecdsa:FieldParamsType"> - <xs:sequence> - <xs:element name="P" type="xs:positiveInteger"/> - </xs:sequence> - </xs:extension> - </xs:complexContent> - </xs:complexType> - <xs:complexType name="CharTwoFieldParamsType" abstract="true"> - <xs:complexContent> - <xs:extension base="ecdsa:FieldParamsType"> - <xs:sequence> - <xs:element name="M" type="xs:positiveInteger"/> - </xs:sequence> - </xs:extension> - </xs:complexContent> - </xs:complexType> - <xs:complexType name="OddCharExtensionFieldParamsType"> - <xs:complexContent> - <xs:extension base="ecdsa:FieldParamsType"> - <xs:sequence> - <xs:element name="M" type="xs:positiveInteger"/> - <xs:element name="W" type="xs:positiveInteger"/> - </xs:sequence> - </xs:extension> - </xs:complexContent> - </xs:complexType> - <xs:complexType name="TnBFieldParamsType"> - <xs:complexContent> - <xs:extension base="ecdsa:CharTwoFieldParamsType"> - <xs:sequence> - <xs:element name="K" type="xs:positiveInteger"/> - </xs:sequence> - </xs:extension> - </xs:complexContent> - </xs:complexType> - <xs:complexType name="PnBFieldParamsType"> - <xs:complexContent> - <xs:extension base="ecdsa:CharTwoFieldParamsType"> - <xs:sequence> - <xs:element name="K1" type="xs:positiveInteger"/> - <xs:element name="K2" type="xs:positiveInteger"/> - <xs:element name="K3" type="xs:positiveInteger"/> - </xs:sequence> - </xs:extension> - </xs:complexContent> - </xs:complexType> - <xs:complexType name="ExplicitParamsType"> - <xs:sequence> - <xs:element name="FieldParams" type="ecdsa:FieldParamsType"/> - <xs:element name="CurveParams" type="ecdsa:CurveParamsType"/> - <xs:element name="BasePointParams" type="ecdsa:BasePointParamsType"/> - </xs:sequence> - </xs:complexType> - <xs:complexType name="CurveParamsType"> - <xs:sequence> - <xs:element name="A" type="ecdsa:FieldElemType"/> - <xs:element name="B" type="ecdsa:FieldElemType"/> - <xs:element name="Seed" type="xs:hexBinary" minOccurs="0"/> - </xs:sequence> - </xs:complexType> - <xs:complexType name="BasePointParamsType"> - <xs:sequence> - <xs:element name="BasePoint" type="ecdsa:ECPointType"/> - <xs:element name="Order" type="xs:positiveInteger"/> - <xs:element name="Cofactor" type="xs:positiveInteger" minOccurs="0"/> - </xs:sequence> - </xs:complexType> - <!--EC point--> - <xs:complexType name="ECPointType"> - <xs:sequence minOccurs="0"> - <xs:element name="X" type="ecdsa:FieldElemType"/> - <xs:element name="Y" type="ecdsa:FieldElemType"/> - </xs:sequence> - </xs:complexType> - <!--Field element--> - <xs:complexType name="FieldElemType" abstract="true"/> - <xs:complexType name="PrimeFieldElemType"> - <xs:complexContent> - <xs:extension base="ecdsa:FieldElemType"> - <xs:attribute name="Value" type="xs:nonNegativeInteger" use="required"/> - </xs:extension> - </xs:complexContent> - </xs:complexType> - <xs:complexType name="CharTwoFieldElemType"> - <xs:complexContent> - <xs:extension base="ecdsa:FieldElemType"> - <xs:attribute name="Value" type="xs:hexBinary" use="required"/> - </xs:extension> - </xs:complexContent> - </xs:complexType> - <xs:complexType name="OddCharExtensionFieldElemType"> - <xs:complexContent> - <xs:extension base="ecdsa:FieldElemType"> - <xs:attribute name="Value" type="xs:nonNegativeInteger" use="required"/> - </xs:extension> - </xs:complexContent> - </xs:complexType> -</xs:schema> diff --git a/common/src/main/resources/resources/schemas/ECDSAKeyValue.wrong.xsd b/common/src/main/resources/resources/schemas/ECDSAKeyValue.wrong.xsd deleted file mode 100644 index db83c9df5..000000000 --- a/common/src/main/resources/resources/schemas/ECDSAKeyValue.wrong.xsd +++ /dev/null @@ -1,122 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<xs:schema targetNamespace="http://www.w3.org/2004/01/xmldsig-more#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:ecdsa="http://www.w3.org/2004/01/xmldsig-more#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="0.3"> - <!--ECDSA key value root element--> - <xs:element name="ECDSAKeyValue" type="ecdsa:ECDSAKeyValueType"/> - <xs:complexType name="ECDSAKeyValueType"> - <xs:sequence> - <xs:element name="DomainParameters" type="ecdsa:DomainParamsType" minOccurs="0"/> - <xs:element name="PublicKey" type="ecdsa:ECPointType"/> - </xs:sequence> - </xs:complexType> - <!--EC domain parameters--> - <xs:complexType name="DomainParamsType"> - <xs:choice> - <xs:element name="ExplicitParams" type="ecdsa:ExplicitParamsType"/> - <xs:element name="NamedCurve"> - <xs:complexType> - <xs:attribute name="URN" type="xs:anyURI" use="required"/> - </xs:complexType> - </xs:element> - </xs:choice> - </xs:complexType> - <xs:complexType name="FieldParamsType" abstract="true"/> - <xs:complexType name="PrimeFieldParamsType"> - <xs:complexContent> - <xs:extension base="ecdsa:FieldParamsType"> - <xs:sequence> - <xs:element name="P" type="xs:positiveInteger"/> - </xs:sequence> - </xs:extension> - </xs:complexContent> - </xs:complexType> - <xs:complexType name="CharTwoFieldParamsType" abstract="true"> - <xs:complexContent> - <xs:extension base="ecdsa:FieldParamsType"> - <xs:sequence> - <xs:element name="M" type="xs:positiveInteger"/> - </xs:sequence> - </xs:extension> - </xs:complexContent> - </xs:complexType> - <xs:complexType name="OddCharExtensionFieldParamsType"> - <xs:complexContent> - <xs:extension base="ecdsa:FieldParamsType"> - <xs:sequence> - <xs:element name="M" type="xs:positiveInteger"/> - <xs:element name="W" type="xs:positiveInteger"/> - </xs:sequence> - </xs:extension> - </xs:complexContent> - </xs:complexType> - <xs:complexType name="TnBFieldParamsType"> - <xs:complexContent> - <xs:extension base="ecdsa:CharTwoFieldParamsType"> - <xs:sequence> - <xs:element name="K" type="xs:positiveInteger"/> - </xs:sequence> - </xs:extension> - </xs:complexContent> - </xs:complexType> - <xs:complexType name="PnBFieldParamsType"> - <xs:complexContent> - <xs:extension base="ecdsa:CharTwoFieldParamsType"> - <xs:sequence> - <xs:element name="K1" type="xs:positiveInteger"/> - <xs:element name="K2" type="xs:positiveInteger"/> - <xs:element name="K3" type="xs:positiveInteger"/> - </xs:sequence> - </xs:extension> - </xs:complexContent> - </xs:complexType> - <xs:complexType name="ExplicitParamsType"> - <xs:sequence> - <xs:element name="FieldParams" type="ecdsa:FieldParamsType"/> - <xs:element name="CurveParams" type="ecdsa:CurveParamsType"/> - <xs:element name="BasePointParams" type="ecdsa:BasePointParamsType"/> - </xs:sequence> - </xs:complexType> - <xs:complexType name="CurveParamsType"> - <xs:sequence> - <xs:element name="A" type="ecdsa:FieldElemType"/> - <xs:element name="B" type="ecdsa:FieldElemType"/> - <xs:element name="Seed" type="xs:hexBinary" minOccurs="0"/> - </xs:sequence> - </xs:complexType> - <xs:complexType name="BasePointParamsType"> - <xs:sequence> - <xs:element name="BasePoint" type="ecdsa:ECPointType"/> - <xs:element name="Order" type="xs:positiveInteger"/> - <xs:element name="Cofactor" type="xs:positiveInteger" minOccurs="0"/> - </xs:sequence> - </xs:complexType> - <!--EC point--> - <xs:complexType name="ECPointType"> - <xs:sequence minOccurs="0"> - <xs:element name="X" type="ecdsa:FieldElemType"/> - <xs:element name="Y" type="ecdsa:FieldElemType"/> - </xs:sequence> - </xs:complexType> - <!--Field element--> - <xs:complexType name="FieldElemType" abstract="true"/> - <xs:complexType name="PrimeFieldElemType"> - <xs:complexContent> - <xs:extension base="ecdsa:FieldElemType"> - <xs:attribute name="Value" type="xs:nonNegativeInteger" use="required"/> - </xs:extension> - </xs:complexContent> - </xs:complexType> - <xs:complexType name="CharTwoFieldElemType"> - <xs:complexContent> - <xs:extension base="ecdsa:FieldElemType"> - <xs:attribute name="Value" type="xs:hexBinary" use="required"/> - </xs:extension> - </xs:complexContent> - </xs:complexType> - <xs:complexType name="OddCharExtensionFieldElemType"> - <xs:complexContent> - <xs:extension base="ecdsa:FieldElemType"> - <xs:attribute name="Value" type="xs:nonNegativeInteger" use="required"/> - </xs:extension> - </xs:complexContent> - </xs:complexType> -</xs:schema> diff --git a/common/src/main/resources/resources/schemas/ECDSAKeyValue.xsd b/common/src/main/resources/resources/schemas/ECDSAKeyValue.xsd deleted file mode 100644 index 7a01b23d1..000000000 --- a/common/src/main/resources/resources/schemas/ECDSAKeyValue.xsd +++ /dev/null @@ -1,122 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<xs:schema targetNamespace="http://www.w3.org/2001/04/xmldsig-more#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:ecdsa="http://www.w3.org/2001/04/xmldsig-more#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="0.3"> - <!--ECDSA key value root element--> - <xs:element name="ECDSAKeyValue" type="ecdsa:ECDSAKeyValueType"/> - <xs:complexType name="ECDSAKeyValueType"> - <xs:sequence> - <xs:element name="DomainParameters" type="ecdsa:DomainParamsType" minOccurs="0"/> - <xs:element name="PublicKey" type="ecdsa:ECPointType"/> - </xs:sequence> - </xs:complexType> - <!--EC domain parameters--> - <xs:complexType name="DomainParamsType"> - <xs:choice> - <xs:element name="ExplicitParams" type="ecdsa:ExplicitParamsType"/> - <xs:element name="NamedCurve"> - <xs:complexType> - <xs:attribute name="URN" type="xs:anyURI" use="required"/> - </xs:complexType> - </xs:element> - </xs:choice> - </xs:complexType> - <xs:complexType name="FieldParamsType" abstract="true"/> - <xs:complexType name="PrimeFieldParamsType"> - <xs:complexContent> - <xs:extension base="ecdsa:FieldParamsType"> - <xs:sequence> - <xs:element name="P" type="xs:positiveInteger"/> - </xs:sequence> - </xs:extension> - </xs:complexContent> - </xs:complexType> - <xs:complexType name="CharTwoFieldParamsType" abstract="true"> - <xs:complexContent> - <xs:extension base="ecdsa:FieldParamsType"> - <xs:sequence> - <xs:element name="M" type="xs:positiveInteger"/> - </xs:sequence> - </xs:extension> - </xs:complexContent> - </xs:complexType> - <xs:complexType name="OddCharExtensionFieldParamsType"> - <xs:complexContent> - <xs:extension base="ecdsa:FieldParamsType"> - <xs:sequence> - <xs:element name="M" type="xs:positiveInteger"/> - <xs:element name="W" type="xs:positiveInteger"/> - </xs:sequence> - </xs:extension> - </xs:complexContent> - </xs:complexType> - <xs:complexType name="TnBFieldParamsType"> - <xs:complexContent> - <xs:extension base="ecdsa:CharTwoFieldParamsType"> - <xs:sequence> - <xs:element name="K" type="xs:positiveInteger"/> - </xs:sequence> - </xs:extension> - </xs:complexContent> - </xs:complexType> - <xs:complexType name="PnBFieldParamsType"> - <xs:complexContent> - <xs:extension base="ecdsa:CharTwoFieldParamsType"> - <xs:sequence> - <xs:element name="K1" type="xs:positiveInteger"/> - <xs:element name="K2" type="xs:positiveInteger"/> - <xs:element name="K3" type="xs:positiveInteger"/> - </xs:sequence> - </xs:extension> - </xs:complexContent> - </xs:complexType> - <xs:complexType name="ExplicitParamsType"> - <xs:sequence> - <xs:element name="FieldParams" type="ecdsa:FieldParamsType"/> - <xs:element name="CurveParams" type="ecdsa:CurveParamsType"/> - <xs:element name="BasePointParams" type="ecdsa:BasePointParamsType"/> - </xs:sequence> - </xs:complexType> - <xs:complexType name="CurveParamsType"> - <xs:sequence> - <xs:element name="A" type="ecdsa:FieldElemType"/> - <xs:element name="B" type="ecdsa:FieldElemType"/> - <xs:element name="Seed" type="xs:hexBinary" minOccurs="0"/> - </xs:sequence> - </xs:complexType> - <xs:complexType name="BasePointParamsType"> - <xs:sequence> - <xs:element name="BasePoint" type="ecdsa:ECPointType"/> - <xs:element name="Order" type="xs:positiveInteger"/> - <xs:element name="Cofactor" type="xs:positiveInteger" minOccurs="0"/> - </xs:sequence> - </xs:complexType> - <!--EC point--> - <xs:complexType name="ECPointType"> - <xs:sequence minOccurs="0"> - <xs:element name="X" type="ecdsa:FieldElemType"/> - <xs:element name="Y" type="ecdsa:FieldElemType"/> - </xs:sequence> - </xs:complexType> - <!--Field element--> - <xs:complexType name="FieldElemType" abstract="true"/> - <xs:complexType name="PrimeFieldElemType"> - <xs:complexContent> - <xs:extension base="ecdsa:FieldElemType"> - <xs:attribute name="Value" type="xs:nonNegativeInteger" use="required"/> - </xs:extension> - </xs:complexContent> - </xs:complexType> - <xs:complexType name="CharTwoFieldElemType"> - <xs:complexContent> - <xs:extension base="ecdsa:FieldElemType"> - <xs:attribute name="Value" type="xs:hexBinary" use="required"/> - </xs:extension> - </xs:complexContent> - </xs:complexType> - <xs:complexType name="OddCharExtensionFieldElemType"> - <xs:complexContent> - <xs:extension base="ecdsa:FieldElemType"> - <xs:attribute name="Value" type="xs:nonNegativeInteger" use="required"/> - </xs:extension> - </xs:complexContent> - </xs:complexType> -</xs:schema> diff --git a/common/src/main/resources/resources/schemas/MOA-ID-Configuration-1.2.xsd b/common/src/main/resources/resources/schemas/MOA-ID-Configuration-1.2.xsd deleted file mode 100644 index 4b018db64..000000000 --- a/common/src/main/resources/resources/schemas/MOA-ID-Configuration-1.2.xsd +++ /dev/null @@ -1,350 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?>
-<!-- edited with XMLSPY v5 rel. 4 U (http://www.xmlspy.com) by Rudolf Schamberger (Stabsstelle IKT-Strategie) (Bundesrechenzentrum GmbH) -->
-<xsd:schema targetNamespace="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:sl10="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.1.1">
- <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/>
- <xsd:import namespace="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" schemaLocation="http://www.buergerkarte.at/konzept/securitylayer/spezifikation/20020831/core/Core.20020225.xsd"/>
- <xsd:element name="Configuration">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="LoginType" type="LoginType" default="stateful"/>
- <xsd:element name="Binding" minOccurs="0" maxOccurs="1">
- <xsd:simpleType>
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="full"/>
- <xsd:enumeration value="userName"/>
- <xsd:enumeration value="none"/>
- </xsd:restriction>
- </xsd:simpleType>
- </xsd:element>
- <xsd:choice>
- <xsd:element ref="ParamAuth"/>
- <xsd:element ref="BasicAuth"/>
- <xsd:element ref="HeaderAuth"/>
- </xsd:choice>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:simpleType name="LoginType">
- <xsd:restriction base="xsd:token">
- <xsd:enumeration value="stateless"/>
- <xsd:enumeration value="stateful"/>
- </xsd:restriction>
- </xsd:simpleType>
- <xsd:element name="ParamAuth">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element ref="Parameter" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="Parameter">
- <xsd:complexType>
- <xsd:attribute name="Name" type="xsd:token" use="required"/>
- <xsd:attribute name="Value" type="MOAAuthDataType" use="required"/>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="BasicAuth">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="UserID" type="MOAAuthDataType"/>
- <xsd:element name="Password" type="MOAAuthDataType"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="HeaderAuth">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element ref="Header" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="Header">
- <xsd:complexType>
- <xsd:attribute name="Name" type="xsd:token" use="required"/>
- <xsd:attribute name="Value" type="MOAAuthDataType" use="required"/>
- </xsd:complexType>
- </xsd:element>
- <xsd:simpleType name="MOAAuthDataType">
- <xsd:restriction base="xsd:token">
- <xsd:enumeration value="MOAGivenName"/>
- <xsd:enumeration value="MOAFamilyName"/>
- <xsd:enumeration value="MOADateOfBirth"/>
- <xsd:enumeration value="MOABPK"/>
- <xsd:enumeration value="MOAPublicAuthority"/>
- <xsd:enumeration value="MOABKZ"/>
- <xsd:enumeration value="MOAQualifiedCertificate"/>
- <xsd:enumeration value="MOAStammzahl"/>
- <xsd:enumeration value="MOAIdentificationValueType"/>
- <xsd:enumeration value="MOAIPAddress"/>
- </xsd:restriction>
- </xsd:simpleType>
- <xsd:simpleType name="MOAKeyBoxSelector">
- <xsd:restriction base="xsd:token">
- <xsd:enumeration value="SecureSignatureKeypair"/>
- <xsd:enumeration value="CertifiedKeypair"/>
- </xsd:restriction>
- </xsd:simpleType>
- <!--Konfiguration für Authentisierungs- und Proxy-Komponente und Online-Applikation-->
- <xsd:element name="MOA-IDConfiguration">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="AuthComponent" type="AuthComponentType" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter der
- Authentisierungs-Komponente</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="ProxyComponent" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Konfigurationsparameter der
- Proxy-Komponente</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="AuthComponent">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter für die Kommunikation zw.
- Proxykomponente und Authenttisierungskomponente</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter für die SOAP-Verbindung von der
- Proxy-Komponente zur Auth-Komponente (vgl.
- AuthComponent/MOA-SP/ConnectionParameter)</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="OnlineApplication" maxOccurs="unbounded">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter für die OA</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:complexContent>
- <xsd:extension base="OnlineApplicationType">
- <xsd:attribute name="publicURLPrefix" type="xsd:anyURI" use="required"/>
- <xsd:attribute name="keyBoxIdentifier" type="MOAKeyBoxSelector" use="optional" default="SecureSignatureKeypair"/>
- </xsd:extension>
- </xsd:complexContent>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="ChainingModes" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>spezifiziert den Algorithmus ("pkix" oder "chaining") für die
- Zertifikatspfadvalidierung</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence minOccurs="0" maxOccurs="unbounded">
- <xsd:element name="TrustAnchor">
- <xsd:annotation>
- <xsd:documentation>ein vom SystemDefaultMode abweichender ChiningMode kann
- für jeden TrustAnchor gesetzt werden</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:complexContent>
- <xsd:extension base="dsig:X509IssuerSerialType">
- <xsd:attribute name="mode" type="ChainingModeType" use="required"/>
- </xsd:extension>
- </xsd:complexContent>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- <xsd:attribute name="systemDefaultMode" type="ChainingModeType" use="optional" default="pkix"/>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="TrustedCACertificates" type="xsd:anyURI" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>verweist auf ein Verzeichnis, das vertrauenswürdige CA
- (Zwischen-CA, Wurzel-CA) Zertifikate enthält.</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="GenericConfiguration" minOccurs="0" maxOccurs="unbounded">
- <xsd:complexType>
- <xsd:attribute name="name" type="xsd:string" use="required"/>
- <xsd:attribute name="value" type="xsd:string" use="required"/>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:complexType name="AuthComponentType">
- <xsd:sequence>
- <xsd:element name="BKUSelection" minOccurs="0">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="ConnectionParameter" type="ConnectionParameterServerAuthType"/>
- </xsd:sequence>
- <xsd:attribute name="BKUSelectionAlternative" type="BKUSelectionType" use="optional" default="HTMLComplete"/>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="SecurityLayer">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter für die Kommunikation mit dem
- Security-Layer</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="TransformsInfo" maxOccurs="unbounded">
- <xsd:annotation>
- <xsd:documentation>das Attribut filename verweist auf eine Datei mit globalem
- Element TransformsInfo vom Typ sl10:TransformsInfo; diese TransformsInfo
- werden in den CreateXMLSignatureRequest für die Signatur des AUTH-Blocks
- inkludiert</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:attribute name="filename" type="xsd:anyURI" use="required"/>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="MOA-SP">
- <xsd:annotation>
- <xsd:documentation>enthält Konfiguratiosnparameter für die Kommunikation mit dem MOA
- SP Modul</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter für die SOAP-Verbindung von der
- AUTH-Komponente zu MOA-SP; das Attribut URL enthält den Endpunkt des Server;
- wird das Schema "https" verwendet müssen die Kind-Elemente angegeben werden;
- wird das Schema "http" verwendet dürfen keine Kind-Elemente angegeben
- werden; wird das Element nicht verwendet dann wird MOA-SP über das API
- aufgerufen</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="VerifyIdentityLink">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter für die Überprüfung der
- Personenbindung</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element ref="TrustProfileID"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="VerifyAuthBlock">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter für die Überprüfung des
- AUTH-Blocks</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element ref="TrustProfileID"/>
- <xsd:element name="VerifyTransformsInfoProfileID" type="xsd:string" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="IdentityLinkSigners">
- <xsd:annotation>
- <xsd:documentation>enthält Informationen über akzeptierte Signers des
- IdentityLinks</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="X509SubjectName" type="xsd:string" maxOccurs="unbounded">
- <xsd:annotation>
- <xsd:documentation>akzeptierte Signer des IdentityLinks werden per
- X509SubjectName (Kodierung nach RFC 2253) identifiziert</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="ProxyComponentType"/>
- <xsd:complexType name="OnlineApplicationType">
- <xsd:sequence>
- <xsd:element name="AuthComponent" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter über die OA, die die
- Authentisierungs-Komponente betreffen</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:attribute name="provideStammzahl" type="xsd:boolean" use="optional" default="false"/>
- <xsd:attribute name="provideAUTHBlock" type="xsd:boolean" use="optional" default="false"/>
- <xsd:attribute name="provideIdentityLink" type="xsd:boolean" use="optional" default="false"/>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="ProxyComponent" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter über die OA, die die Proxy-Komponente
- betreffen</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter über die OA, die die Proxy-Komponente
- betreffen</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- <xsd:attribute name="configFileURL" type="xsd:anyURI" use="optional"/>
- <xsd:attribute name="sessionTimeOut" type="xsd:int" use="optional"/>
- <xsd:attribute name="loginParameterResolverImpl" type="xsd:string" use="optional"/>
- <xsd:attribute name="loginParameterResolverConfiguration" type="xsd:string" use="optional"/>
- <xsd:attribute name="connectionBuilderImpl" type="xsd:string" use="optional"/>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="ConnectionParameterServerAuthType">
- <xsd:sequence>
- <xsd:element name="AcceptedServerCertificates" type="xsd:anyURI" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>URL zu einem Verzeichnis, das akzeptierte Server-Zertifikate der
- TLS-Verbindung enthält (keine CA-Zertifikate)</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- <xsd:attribute name="URL" type="xsd:anyURI" use="required"/>
- </xsd:complexType>
- <xsd:complexType name="ConnectionParameterClientAuthType">
- <xsd:complexContent>
- <xsd:extension base="ConnectionParameterServerAuthType">
- <xsd:sequence>
- <xsd:element name="ClientKeyStore" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>URL zu einem KeyStore, der den privaten Schlüssel, der für
- die TLS-Client-Authentisierung verwendetwird, enthält</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:simpleContent>
- <xsd:extension base="xsd:anyURI">
- <xsd:attribute name="password" type="xsd:string" use="optional"/>
- </xsd:extension>
- </xsd:simpleContent>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- </xsd:extension>
- </xsd:complexContent>
- </xsd:complexType>
- <xsd:element name="TrustProfileID" type="xsd:string"/>
- <xsd:simpleType name="ChainingModeType">
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="chaining"/>
- <xsd:enumeration value="pkix"/>
- </xsd:restriction>
- </xsd:simpleType>
- <xsd:simpleType name="BKUSelectionType">
- <xsd:restriction base="xsd:token">
- <xsd:enumeration value="HTMLComplete"/>
- <xsd:enumeration value="HTMLSelect"/>
- </xsd:restriction>
- </xsd:simpleType>
-</xsd:schema>
diff --git a/common/src/main/resources/resources/schemas/MOA-ID-Configuration-1.3.xsd b/common/src/main/resources/resources/schemas/MOA-ID-Configuration-1.3.xsd deleted file mode 100644 index 66c6e1832..000000000 --- a/common/src/main/resources/resources/schemas/MOA-ID-Configuration-1.3.xsd +++ /dev/null @@ -1,424 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?>
-<!-- edited with XMLSPY v5 rel. 4 U (http://www.xmlspy.com) by Rudolf Schamberger (Stabsstelle IKT-Strategie) (Bundesrechenzentrum GmbH) -->
-<xsd:schema targetNamespace="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:sl10="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.1.1">
- <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/>
- <xsd:import namespace="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" schemaLocation="http://www.buergerkarte.at/konzept/securitylayer/spezifikation/20020831/core/Core.20020225.xsd"/>
- <xsd:import namespace="http://reference.e-government.gv.at/namespace/persondata/20020228#" schemaLocation="PersonData_20_en_moaWID.xsd"/>
- <xsd:element name="Configuration">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="LoginType" type="LoginType" default="stateful"/>
- <xsd:element name="Binding" minOccurs="0">
- <xsd:simpleType>
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="full"/>
- <xsd:enumeration value="userName"/>
- <xsd:enumeration value="none"/>
- </xsd:restriction>
- </xsd:simpleType>
- </xsd:element>
- <xsd:choice>
- <xsd:element ref="ParamAuth"/>
- <xsd:element ref="BasicAuth"/>
- <xsd:element ref="HeaderAuth"/>
- </xsd:choice>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:simpleType name="LoginType">
- <xsd:restriction base="xsd:token">
- <xsd:enumeration value="stateless"/>
- <xsd:enumeration value="stateful"/>
- </xsd:restriction>
- </xsd:simpleType>
- <xsd:element name="ParamAuth">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element ref="Parameter" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="Parameter">
- <xsd:complexType>
- <xsd:attribute name="Name" type="xsd:token" use="required"/>
- <xsd:attribute name="Value" type="MOAAuthDataType" use="required"/>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="BasicAuth">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="UserID" type="MOAAuthDataType"/>
- <xsd:element name="Password" type="MOAAuthDataType"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="HeaderAuth">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element ref="Header" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="Header">
- <xsd:complexType>
- <xsd:attribute name="Name" type="xsd:token" use="required"/>
- <xsd:attribute name="Value" type="MOAAuthDataType" use="required"/>
- </xsd:complexType>
- </xsd:element>
- <xsd:simpleType name="MOAAuthDataType">
- <xsd:restriction base="xsd:token">
- <xsd:enumeration value="MOAGivenName"/>
- <xsd:enumeration value="MOAFamilyName"/>
- <xsd:enumeration value="MOADateOfBirth"/>
- <xsd:enumeration value="MOABPK"/>
- <xsd:enumeration value="MOAWBPK"/>
- <xsd:enumeration value="MOAPublicAuthority"/>
- <xsd:enumeration value="MOABKZ"/>
- <xsd:enumeration value="MOAQualifiedCertificate"/>
- <xsd:enumeration value="MOAStammzahl"/>
- <xsd:enumeration value="MOAIdentificationValueType"/>
- <xsd:enumeration value="MOAIPAddress"/>
- </xsd:restriction>
- </xsd:simpleType>
- <xsd:simpleType name="MOAKeyBoxSelector">
- <xsd:restriction base="xsd:token">
- <xsd:enumeration value="SecureSignatureKeypair"/>
- <xsd:enumeration value="CertifiedKeypair"/>
- </xsd:restriction>
- </xsd:simpleType>
- <!--Konfiguration für Authentisierungs- und Proxy-Komponente und Online-Applikation-->
- <xsd:element name="MOA-IDConfiguration">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="AuthComponent" type="AuthComponentType" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter der
- Authentisierungs-Komponente</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="ProxyComponent" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Konfigurationsparameter der
- Proxy-Komponente</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="AuthComponent">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter für die Kommunikation zw.
- Proxykomponente und Authenttisierungskomponente</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter für die SOAP-Verbindung von der
- Proxy-Komponente zur Auth-Komponente (vgl.
- AuthComponent/MOA-SP/ConnectionParameter)</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="OnlineApplication" maxOccurs="unbounded">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter für die OA</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:complexContent>
- <xsd:extension base="OnlineApplicationType">
- <xsd:attribute name="publicURLPrefix" type="xsd:anyURI" use="required"/>
- <xsd:attribute name="keyBoxIdentifier" type="MOAKeyBoxSelector" use="optional" default="SecureSignatureKeypair"/>
- <xsd:attribute name="type" use="optional" default="publicService">
- <xsd:simpleType>
- <xsd:restriction base="xsd:NMTOKEN">
- <xsd:enumeration value="businessService"/>
- <xsd:enumeration value="publicService"/>
- </xsd:restriction>
- </xsd:simpleType>
- </xsd:attribute>
- </xsd:extension>
- </xsd:complexContent>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="ChainingModes" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>spezifiziert den Algorithmus ("pkix" oder "chaining") für die
- Zertifikatspfadvalidierung</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence minOccurs="0" maxOccurs="unbounded">
- <xsd:element name="TrustAnchor">
- <xsd:annotation>
- <xsd:documentation>ein vom SystemDefaultMode abweichender ChiningMode kann
- für jeden TrustAnchor gesetzt werden</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:complexContent>
- <xsd:extension base="dsig:X509IssuerSerialType">
- <xsd:attribute name="mode" type="ChainingModeType" use="required"/>
- </xsd:extension>
- </xsd:complexContent>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- <xsd:attribute name="systemDefaultMode" type="ChainingModeType" use="optional" default="pkix"/>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="TrustedCACertificates" type="xsd:anyURI" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>verweist auf ein Verzeichnis, das vertrauenswürdige CA
- (Zwischen-CA, Wurzel-CA) Zertifikate enthält.</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="GenericConfiguration" minOccurs="0" maxOccurs="unbounded">
- <xsd:complexType>
- <xsd:attribute name="name" use="required">
- <xsd:simpleType>
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="DirectoryCertStoreParameters.RootDir"/>
- <xsd:enumeration value="AuthenticationSession.TimeOut"/>
- <xsd:enumeration value="AuthenticationData.TimeOut"/>
- <xsd:enumeration value="TrustManager.RevocationChecking"/>
- <xsd:enumeration value="FrontendServlets.EnableHTTPConnection"/>
- <xsd:enumeration value="FrontendServlets.DataURLPrefix"/>
- </xsd:restriction>
- </xsd:simpleType>
- </xsd:attribute>
- <xsd:attribute name="value" type="xsd:string" use="required"/>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:complexType name="AuthComponentType">
- <xsd:sequence>
- <xsd:element name="BKUSelection" minOccurs="0">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="ConnectionParameter" type="ConnectionParameterServerAuthType"/>
- </xsd:sequence>
- <xsd:attribute name="BKUSelectionAlternative" type="BKUSelectionType" use="optional" default="HTMLComplete"/>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="Templates" type="TemplatesType" minOccurs="0" maxOccurs="1" />
- <xsd:element name="SecurityLayer">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter für die Kommunikation mit dem
- Security-Layer</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="TransformsInfo" type="TransformsInfoType" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="MOA-SP">
- <xsd:annotation>
- <xsd:documentation>enthält Konfiguratiosnparameter für die Kommunikation mit dem MOA
- SP Modul</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter für die SOAP-Verbindung von der
- AUTH-Komponente zu MOA-SP; das Attribut URL enthält den Endpunkt des Server;
- wird das Schema "https" verwendet müssen die Kind-Elemente angegeben werden;
- wird das Schema "http" verwendet dürfen keine Kind-Elemente angegeben
- werden; wird das Element nicht verwendet dann wird MOA-SP über das API
- aufgerufen</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="VerifyIdentityLink">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter für die Überprüfung der
- Personenbindung</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element ref="TrustProfileID"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="VerifyAuthBlock">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter für die Überprüfung des
- AUTH-Blocks</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element ref="TrustProfileID"/>
- <xsd:element name="VerifyTransformsInfoProfileID" type="xsd:string" minOccurs="0" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="IdentityLinkSigners">
- <xsd:annotation>
- <xsd:documentation>enthält Informationen über akzeptierte Signers des
- IdentityLinks</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="X509SubjectName" type="xsd:string" maxOccurs="unbounded">
- <xsd:annotation>
- <xsd:documentation>akzeptierte Signer des IdentityLinks werden per
- X509SubjectName (Kodierung nach RFC 2253) identifiziert</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="TransformsInfoType">
- <xsd:annotation>
- <xsd:documentation>das Attribut filename verweist auf eine Datei mit globalem
- Element TransformsInfo vom Typ sl10:TransformsInfo; diese TransformsInfo
- werden in den CreateXMLSignatureRequest für die Signatur des AUTH-Blocks
- inkludiert</xsd:documentation>
- </xsd:annotation>
- <xsd:attribute name="filename" type="xsd:anyURI" use="required"/>
- </xsd:complexType>
- <xsd:complexType name="TemplatesType">
- <xsd:sequence>
- <xsd:element name="BKUSelectionTemplate" type="TemplateType" minOccurs="0" maxOccurs="1"/>
- <xsd:element name="Template" type="TemplateType" minOccurs="0" maxOccurs="1"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="TemplateType">
- <xsd:annotation>
- <xsd:documentation>das Attribut URL spezifiziert die Lage des Templates</xsd:documentation>
- </xsd:annotation>
- <xsd:attribute name="URL" type="xsd:anyURI" use="required"/>
- </xsd:complexType>
- <xsd:complexType name="ProxyComponentType"/>
- <xsd:complexType name="OnlineApplicationType">
- <xsd:sequence>
- <xsd:element name="AuthComponent" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter über die OA, die die
- Authentisierungs-Komponente betreffen</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <!--xsd:element name="IdentificationNumber" minOccurs="0">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element ref="pr:AbstractSimpleIdentification"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element-->
- <xsd:element name="IdentificationNumber" minOccurs="0">
- <xsd:complexType>
- <xsd:choice>
- <xsd:element ref="pr:Firmenbuchnummer"/>
- <xsd:element ref="pr:ZMRzahl"/>
- <xsd:element ref="pr:Vereinsnummer"/>
- <xsd:element ref="pr:ERJPZahl"/>
- <xsd:element name="AnyNumber">
- <xsd:complexType>
- <xsd:simpleContent>
- <xsd:extension base="xsd:string">
- <xsd:attribute name="Identifier" type="xsd:string" use="required"/>
- </xsd:extension>
- </xsd:simpleContent>
- </xsd:complexType>
- </xsd:element>
- </xsd:choice>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="Templates" type="TemplatesType" minOccurs="0" maxOccurs="1" />
- <xsd:element name="TransformsInfo" type="TransformsInfoType" minOccurs="0" maxOccurs="unbounded"/>
- </xsd:sequence>
- <xsd:attribute name="slVersion" use="optional" default="1.1">
- <xsd:simpleType>
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="1.1"/>
- <xsd:enumeration value="1.2"/>
- </xsd:restriction>
- </xsd:simpleType>
- </xsd:attribute>
- <xsd:attribute name="provideStammzahl" type="xsd:boolean" use="optional" default="false"/>
- <xsd:attribute name="provideAUTHBlock" type="xsd:boolean" use="optional" default="false"/>
- <xsd:attribute name="provideIdentityLink" type="xsd:boolean" use="optional" default="false"/>
- <xsd:attribute name="provideCertificate" type="xsd:boolean" use="optional" default="false"/>
- <!--xsd:element ref="pr:AbstractSimpleIdentification" minOccurs="0" maxOccurs="1"/-->
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="ProxyComponent" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter über die OA, die die Proxy-Komponente
- betreffen</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter über die OA, die die Proxy-Komponente
- betreffen</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- <xsd:attribute name="configFileURL" type="xsd:anyURI" use="optional"/>
- <xsd:attribute name="sessionTimeOut" type="xsd:int" use="optional"/>
- <xsd:attribute name="loginParameterResolverImpl" type="xsd:string" use="optional"/>
- <xsd:attribute name="loginParameterResolverConfiguration" type="xsd:string" use="optional"/>
- <xsd:attribute name="connectionBuilderImpl" type="xsd:string" use="optional"/>
- </xsd:complexType>
- </xsd:element>
- <!--xsd:element ref="pr:CorporateBody" minOccurs="0" maxOccurs="1"/-->
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="ConnectionParameterServerAuthType">
- <xsd:sequence>
- <xsd:element name="AcceptedServerCertificates" type="xsd:anyURI" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>URL zu einem Verzeichnis, das akzeptierte Server-Zertifikate der
- TLS-Verbindung enthält (keine CA-Zertifikate)</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- <xsd:attribute name="URL" type="xsd:anyURI" use="required"/>
- </xsd:complexType>
- <xsd:complexType name="ConnectionParameterClientAuthType">
- <xsd:complexContent>
- <xsd:extension base="ConnectionParameterServerAuthType">
- <xsd:sequence>
- <xsd:element name="ClientKeyStore" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>URL zu einem KeyStore, der den privaten Schlüssel, der für
- die TLS-Client-Authentisierung verwendetwird, enthält</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:simpleContent>
- <xsd:extension base="xsd:anyURI">
- <xsd:attribute name="password" type="xsd:string" use="optional"/>
- </xsd:extension>
- </xsd:simpleContent>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- </xsd:extension>
- </xsd:complexContent>
- </xsd:complexType>
- <xsd:element name="TrustProfileID" type="xsd:string"/>
- <xsd:simpleType name="ChainingModeType">
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="chaining"/>
- <xsd:enumeration value="pkix"/>
- </xsd:restriction>
- </xsd:simpleType>
- <xsd:simpleType name="BKUSelectionType">
- <xsd:restriction base="xsd:token">
- <xsd:enumeration value="HTMLComplete"/>
- <xsd:enumeration value="HTMLSelect"/>
- </xsd:restriction>
- </xsd:simpleType>
-</xsd:schema>
diff --git a/common/src/main/resources/resources/schemas/MOA-ID-Configuration-1.4.2.xsd b/common/src/main/resources/resources/schemas/MOA-ID-Configuration-1.4.2.xsd deleted file mode 100644 index 360789834..000000000 --- a/common/src/main/resources/resources/schemas/MOA-ID-Configuration-1.4.2.xsd +++ /dev/null @@ -1,616 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?>
-<xsd:schema xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" targetNamespace="http://www.buergerkarte.at/namespaces/moaconfig#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.4.2">
- <!-- es werden lokale Schemas referenziert für real aufgelöste Schemas bitte ersetzen: http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd -->
- <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd"/>
- <xsd:import namespace="http://reference.e-government.gv.at/namespace/persondata/20020228#" schemaLocation="PersonData_20_en_moaWID.xsd"/>
- <xsd:element name="Configuration">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="LoginType" type="LoginType" default="stateful"/>
- <xsd:element name="Binding" minOccurs="0">
- <xsd:simpleType>
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="full"/>
- <xsd:enumeration value="userName"/>
- <xsd:enumeration value="none"/>
- </xsd:restriction>
- </xsd:simpleType>
- </xsd:element>
- <xsd:choice>
- <xsd:element ref="ParamAuth"/>
- <xsd:element ref="BasicAuth"/>
- <xsd:element ref="HeaderAuth"/>
- </xsd:choice>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:simpleType name="LoginType">
- <xsd:restriction base="xsd:token">
- <xsd:enumeration value="stateless"/>
- <xsd:enumeration value="stateful"/>
- </xsd:restriction>
- </xsd:simpleType>
- <xsd:element name="ParamAuth">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element ref="Parameter" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="Parameter">
- <xsd:complexType>
- <xsd:attribute name="Name" type="xsd:token" use="required"/>
- <xsd:attribute name="Value" type="MOAAuthDataType" use="required"/>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="BasicAuth">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="UserID" type="MOAAuthDataType"/>
- <xsd:element name="Password" type="MOAAuthDataType"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="HeaderAuth">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element ref="Header" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="Header">
- <xsd:complexType>
- <xsd:attribute name="Name" type="xsd:token" use="required"/>
- <xsd:attribute name="Value" type="MOAAuthDataType" use="required"/>
- </xsd:complexType>
- </xsd:element>
- <xsd:simpleType name="MOAAuthDataType">
- <xsd:restriction base="xsd:token">
- <xsd:enumeration value="MOAGivenName"/>
- <xsd:enumeration value="MOAFamilyName"/>
- <xsd:enumeration value="MOADateOfBirth"/>
- <xsd:enumeration value="MOABPK"/>
- <xsd:enumeration value="MOAWBPK"/>
- <xsd:enumeration value="MOAPublicAuthority"/>
- <xsd:enumeration value="MOABKZ"/>
- <xsd:enumeration value="MOAQualifiedCertificate"/>
- <xsd:enumeration value="MOAStammzahl"/>
- <xsd:enumeration value="MOAIdentificationValueType"/>
- <xsd:enumeration value="MOAIPAddress"/>
- </xsd:restriction>
- </xsd:simpleType>
- <xsd:simpleType name="MOAKeyBoxSelector">
- <xsd:restriction base="xsd:token">
- <xsd:enumeration value="SecureSignatureKeypair"/>
- <xsd:enumeration value="CertifiedKeypair"/>
- </xsd:restriction>
- </xsd:simpleType>
- <!--Konfiguration für Authentisierungs- und Proxy-Komponente und Online-Applikation-->
- <xsd:element name="MOA-IDConfiguration">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="AuthComponent" type="AuthComponentType" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter der Authentisierungs-Komponente</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="ProxyComponent" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Konfigurationsparameter der Proxy-Komponente</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="AuthComponent">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter für die Kommunikation zw. Proxykomponente und Authenttisierungskomponente</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter für die SOAP-Verbindung von der Proxy-Komponente zur Auth-Komponente (vgl. AuthComponent/MOA-SP/ConnectionParameter)</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="OnlineApplication" maxOccurs="unbounded">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter für die OA</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:complexContent>
- <xsd:extension base="OnlineApplicationType">
- <xsd:attribute name="publicURLPrefix" type="xsd:anyURI" use="required"/>
- <xsd:attribute name="keyBoxIdentifier" type="MOAKeyBoxSelector" use="optional" default="SecureSignatureKeypair"/>
- <xsd:attribute name="type" use="optional" default="publicService">
- <xsd:simpleType>
- <xsd:restriction base="xsd:NMTOKEN">
- <xsd:enumeration value="businessService"/>
- <xsd:enumeration value="publicService"/>
- </xsd:restriction>
- </xsd:simpleType>
- </xsd:attribute>
- <xsd:attribute name="calculateHPI" type="xsd:boolean" use="optional" default="false"/>
- </xsd:extension>
- </xsd:complexContent>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="ChainingModes" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>spezifiziert den Algorithmus ("pkix" oder "chaining") für die Zertifikatspfadvalidierung</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence minOccurs="0" maxOccurs="unbounded">
- <xsd:element name="TrustAnchor">
- <xsd:annotation>
- <xsd:documentation>ein vom SystemDefaultMode abweichender ChiningMode kann für jeden TrustAnchor gesetzt werden</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:complexContent>
- <xsd:extension base="dsig:X509IssuerSerialType">
- <xsd:attribute name="mode" type="ChainingModeType" use="required"/>
- </xsd:extension>
- </xsd:complexContent>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- <xsd:attribute name="systemDefaultMode" type="ChainingModeType" use="optional" default="pkix"/>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="TrustedCACertificates" type="xsd:anyURI" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>verweist auf ein Verzeichnis, das vertrauenswürdige CA (Zwischen-CA, Wurzel-CA) Zertifikate enthält.</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="GenericConfiguration" minOccurs="0" maxOccurs="unbounded">
- <xsd:complexType>
- <xsd:attribute name="name" use="required">
- <xsd:simpleType>
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="DirectoryCertStoreParameters.RootDir"/>
- <xsd:enumeration value="AuthenticationSession.TimeOut"/>
- <xsd:enumeration value="AuthenticationData.TimeOut"/>
- <xsd:enumeration value="TrustManager.RevocationChecking"/>
- <xsd:enumeration value="FrontendServlets.EnableHTTPConnection"/>
- <xsd:enumeration value="FrontendServlets.DataURLPrefix"/>
- <xsd:enumeration value="AuthenticationServer.KeepAssertion"/>
- <xsd:enumeration value="AuthenticationServer.WriteAssertionToFile"/>
- </xsd:restriction>
- </xsd:simpleType>
- </xsd:attribute>
- <xsd:attribute name="value" type="xsd:string" use="required"/>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:complexType name="AuthComponentType">
- <xsd:sequence>
- <xsd:element name="BKUSelection" minOccurs="0">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="ConnectionParameter" type="ConnectionParameterServerAuthType"/>
- </xsd:sequence>
- <xsd:attribute name="BKUSelectionAlternative" type="BKUSelectionType" use="optional" default="HTMLComplete"/>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="Templates" type="TemplatesType" minOccurs="0"/>
- <xsd:element name="SecurityLayer">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter für die Kommunikation mit dem Security-Layer</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="TransformsInfo" type="TransformsInfoType" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="MOA-SP">
- <xsd:annotation>
- <xsd:documentation>enthält Konfiguratiosnparameter für die Kommunikation mit dem MOA SP Modul</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter für die SOAP-Verbindung von der AUTH-Komponente zu MOA-SP; das Attribut URL enthält den Endpunkt des Server; wird das Schema "https" verwendet müssen die Kind-Elemente angegeben werden; wird das Schema "http" verwendet dürfen keine Kind-Elemente angegeben werden; wird das Element nicht verwendet dann wird MOA-SP über das API aufgerufen</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="VerifyIdentityLink">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter für die Überprüfung der Personenbindung</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element ref="TrustProfileID"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="VerifyAuthBlock">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter für die Überprüfung des AUTH-Blocks</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element ref="TrustProfileID"/>
- <xsd:element name="VerifyTransformsInfoProfileID" type="xsd:string" minOccurs="0" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="IdentityLinkSigners" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Informationen über akzeptierte Signers des IdentityLinks</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="X509SubjectName" type="xsd:string" maxOccurs="unbounded">
- <xsd:annotation>
- <xsd:documentation>akzeptierte Signer des IdentityLinks werden per X509SubjectName (Kodierung nach RFC 2253) identifiziert</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="VerifyInfoboxes" type="VerifyInfoboxesType" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Defaultparameter für die Überprüfung weiterer Infoboxen</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="TransformsInfoType">
- <xsd:annotation>
- <xsd:documentation>das Attribut filename verweist auf eine Datei mit globalem Element TransformsInfo vom Typ sl10:TransformsInfo; diese TransformsInfo werden in den CreateXMLSignatureRequest für die Signatur des AUTH-Blocks inkludiert</xsd:documentation>
- </xsd:annotation>
- <xsd:attribute name="filename" type="xsd:anyURI" use="required"/>
- </xsd:complexType>
- <xsd:complexType name="TemplatesType">
- <xsd:sequence>
- <xsd:element name="BKUSelectionTemplate" type="TemplateType" minOccurs="0"/>
- <xsd:element name="Template" type="TemplateType" minOccurs="0"/>
- <xsd:element name="InputProcessorSignTemplate" type="TemplateType" minOccurs="0"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="TemplateType">
- <xsd:annotation>
- <xsd:documentation>das Attribut URL spezifiziert die Lage des Templates</xsd:documentation>
- </xsd:annotation>
- <xsd:attribute name="URL" type="xsd:anyURI" use="required"/>
- </xsd:complexType>
- <xsd:complexType name="VerifyInfoboxesType">
- <xsd:annotation>
- <xsd:documentation>Verifikation zusätzlicher Infoboxen</xsd:documentation>
- </xsd:annotation>
- <xsd:sequence>
- <xsd:element name="DefaultTrustProfile" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>Optionales DefaultTrustprofil für die Überprüfung aller weiteren Infoboxen</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element ref="TrustProfileID"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="Infobox" type="InfoboxType" minOccurs="0" maxOccurs="unbounded">
- <xsd:annotation>
- <xsd:documentation>Parameter für Überprüfung weiterer Infoboxen</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="InfoboxType">
- <xsd:annotation>
- <xsd:documentation>Parameter zur Überprüfung einzelner Infoboxen</xsd:documentation>
- </xsd:annotation>
- <xsd:sequence>
- <xsd:element name="FriendlyName" type="xsd:string" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>optionalervName, der für Fehlermeldungen verwendet werden soll; z.B.: "Stellvertretungen" für "Mandates"; fehlt dieser Parameter, dann wird das Identifier-Attribut verwendet</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="TrustProfileID" type="xsd:string" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>TrustProfil, das für die Überprüfung der Infobox verwendet werden soll</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="ValidatorClass" type="xsd:string" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>Validatorklasse, die für die Prüfung der Infobox verwendet werden soll; muss gesetzt werden, wenn Package- und Klassenname vom Default Package- und Klassennamen abweichen</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="SchemaLocations" type="SchemaLocationType" minOccurs="0"/>
- <xsd:element name="ApplicationSpecificParameters" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>Infobox spezifische Parameter, die der jeweiligen Prüfapplikation übergeben werden</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:any namespace="##any" processContents="skip" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="ParepSpecificParameters" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>Infobox spezifische Parameter, die der Prüfapplikation für berufliche Parteienvertretung übergeben werden. Dies ist logisch Teil der ApplicationSpecificParameters, kann jedoch aufgrund der Strukturierung validierend geparst werden und dadurch wird eine funktionierende Konfiguration bei Programmstart garantiert.</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element ref="CompatibilityMode" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>Legt fest ob Machtgeber und Machtnehmer in den Anmeldedaten ausgetauscht werden sollen. Lediglich die übermittelte Vollmacht gibt dann Aufschluss darüber, dass eine Vertretung vorliegt. Ziel dieses Schalters ist, dass bisherige Applikationen mit Vollmachten und beruflicher Parteienvertretung nachgerüstet werden können, ohne der Erfordernis Änderungen durchführen zu müssen.</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element ref="EnableInfoboxValidator" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>Falls Infoboxinhalte für die berufliche Parteienvertretung in der Vollmachten Infobox "mandates" abgelegt werden und Vertretung für berufliche Parteienvertreter aktiviert ist, so kann mit diesem Schalter die Vollmachtsprüfung für normale Vollmachten deaktiviert werden. Damit wird erreicht, dass mittels der Vollmachten Infobox ausschließlich berufliche Parteienvertretung aktiviert ist. Dieser Schalter ist nur für die Vollmachten Infobox "mandates" relevant.</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="PartyRepresentation" type="PartyRepresentationType">
- <xsd:annotation>
- <xsd:documentation>Eigentlicher Konfigurationsteil für berufliche Parteienvertretung</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- <xsd:attribute name="Identifier" type="xsd:string" use="required"/>
- <xsd:attribute name="required" type="xsd:boolean" use="optional" default="false"/>
- <xsd:attribute name="provideStammzahl" type="xsd:boolean" use="optional" default="false"/>
- <xsd:attribute name="provideIdentityLink" type="xsd:boolean" use="optional" default="false"/>
- </xsd:complexType>
- <xsd:complexType name="SchemaLocationType">
- <xsd:annotation>
- <xsd:documentation>Spezifiziert die Lage von XML Schemas</xsd:documentation>
- </xsd:annotation>
- <xsd:sequence>
- <xsd:element name="Schema" maxOccurs="unbounded">
- <xsd:complexType>
- <xsd:attribute name="namespace" type="xsd:anyURI" use="required"/>
- <xsd:attribute name="schemaLocation" type="xsd:anyURI" use="required"/>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="ProxyComponentType"/>
- <xsd:complexType name="OnlineApplicationType">
- <xsd:sequence>
- <xsd:element name="AuthComponent" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter über die OA, die die Authentisierungs-Komponente betreffen</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <!--xsd:element name="IdentificationNumber" minOccurs="0">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element ref="pr:AbstractSimpleIdentification"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element-->
- <xsd:element name="IdentificationNumber" minOccurs="0">
- <xsd:complexType>
- <xsd:choice>
- <xsd:element ref="pr:Firmenbuchnummer"/>
- <xsd:element ref="pr:ZMRzahl"/>
- <xsd:element ref="pr:Vereinsnummer"/>
- <xsd:element ref="pr:ERJPZahl"/>
- <xsd:element name="AnyNumber">
- <xsd:complexType>
- <xsd:simpleContent>
- <xsd:extension base="xsd:string">
- <xsd:attribute name="Identifier" type="xsd:string" use="required"/>
- </xsd:extension>
- </xsd:simpleContent>
- </xsd:complexType>
- </xsd:element>
- </xsd:choice>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="Templates" type="TemplatesType" minOccurs="0"/>
- <xsd:element name="TransformsInfo" type="TransformsInfoType" minOccurs="0" maxOccurs="unbounded"/>
- <xsd:element name="VerifyInfoboxes" type="VerifyInfoboxesType" minOccurs="0"/>
- </xsd:sequence>
- <xsd:attribute name="slVersion" use="optional" default="1.1">
- <xsd:simpleType>
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="1.1"/>
- <xsd:enumeration value="1.2"/>
- </xsd:restriction>
- </xsd:simpleType>
- </xsd:attribute>
- <xsd:attribute name="provideStammzahl" type="xsd:boolean" use="optional" default="false"/>
- <xsd:attribute name="provideAUTHBlock" type="xsd:boolean" use="optional" default="false"/>
- <xsd:attribute name="provideIdentityLink" type="xsd:boolean" use="optional" default="false"/>
- <xsd:attribute name="provideCertificate" type="xsd:boolean" use="optional" default="false"/>
- <!--xsd:element ref="pr:AbstractSimpleIdentification" minOccurs="0" maxOccurs="1"/-->
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="ProxyComponent" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter über die OA, die die Proxy-Komponente betreffen</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter über die OA, die die Proxy-Komponente betreffen</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- <xsd:attribute name="configFileURL" type="xsd:anyURI" use="optional"/>
- <xsd:attribute name="sessionTimeOut" type="xsd:int" use="optional"/>
- <xsd:attribute name="loginParameterResolverImpl" type="xsd:string" use="optional"/>
- <xsd:attribute name="loginParameterResolverConfiguration" type="xsd:string" use="optional"/>
- <xsd:attribute name="connectionBuilderImpl" type="xsd:string" use="optional"/>
- </xsd:complexType>
- </xsd:element>
- <!--xsd:element ref="pr:CorporateBody" minOccurs="0" maxOccurs="1"/-->
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="ConnectionParameterServerAuthType">
- <xsd:sequence>
- <xsd:element name="AcceptedServerCertificates" type="xsd:anyURI" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>URL zu einem Verzeichnis, das akzeptierte Server-Zertifikate der TLS-Verbindung enthält (keine CA-Zertifikate)</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- <xsd:attribute name="URL" type="xsd:anyURI" use="required"/>
- </xsd:complexType>
- <xsd:complexType name="ConnectionParameterClientAuthType">
- <xsd:complexContent>
- <xsd:extension base="ConnectionParameterServerAuthType">
- <xsd:sequence>
- <xsd:element name="ClientKeyStore" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>URL zu einem KeyStore, der den privaten Schlüssel, der für die TLS-Client-Authentisierung verwendet wird, enthält</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:simpleContent>
- <xsd:extension base="xsd:anyURI">
- <xsd:attribute name="password" type="xsd:string" use="optional"/>
- </xsd:extension>
- </xsd:simpleContent>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- </xsd:extension>
- </xsd:complexContent>
- </xsd:complexType>
- <xsd:element name="TrustProfileID" type="xsd:string"/>
- <xsd:simpleType name="ChainingModeType">
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="chaining"/>
- <xsd:enumeration value="pkix"/>
- </xsd:restriction>
- </xsd:simpleType>
- <xsd:simpleType name="BKUSelectionType">
- <xsd:restriction base="xsd:token">
- <xsd:enumeration value="HTMLComplete"/>
- <xsd:enumeration value="HTMLSelect"/>
- </xsd:restriction>
- </xsd:simpleType>
- <xsd:element name="CompatibilityMode" default="false">
- <xsd:simpleType>
- <xsd:restriction base="xsd:boolean"/>
- </xsd:simpleType>
- </xsd:element>
- <xsd:element name="EnableInfoboxValidator" default="true">
- <xsd:simpleType>
- <xsd:restriction base="xsd:boolean"/>
- </xsd:simpleType>
- </xsd:element>
- <xsd:element name="AlwaysShowForm" default="false">
- <xsd:annotation>
- <xsd:documentation>Soll nicht nur bei leerer oder standardisierter Vollmacht mit unvollständigen Daten, sondern beispielsweise zu Kontrollzwecken das Eingabeformular immer angezeigt werden, wenn ein Einschreiten durch berufliche Parteienvertretung geschieht so kann dies mittels dieses Schalters veranlasst werden</xsd:documentation>
- </xsd:annotation>
- <xsd:simpleType>
- <xsd:restriction base="xsd:boolean"/>
- </xsd:simpleType>
- </xsd:element>
- <xsd:complexType name="InputProcessorType">
- <xsd:simpleContent>
- <xsd:extension base="xsd:string">
- <xsd:attribute name="template" type="xsd:anyURI" use="optional">
- <xsd:annotation>
- <xsd:documentation>Das Attribut spezifiziert die Lage des Templates, welches der InputProcessor zur Darstellung des Eingabeformulars nutzen soll</xsd:documentation>
- </xsd:annotation>
- </xsd:attribute>
- </xsd:extension>
- </xsd:simpleContent>
- </xsd:complexType>
- <xsd:complexType name="PartyRepresentationType">
- <xsd:sequence>
- <xsd:element name="InputProcessor" type="InputProcessorType" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>Default InputProcessor. Konfiguration eines vom Standardprozess abweichenden Verarbeitungsvorgangs bei der beruflichen Parteienvertretung. Der Wert dieses Elements ist der vollständige Klassenname des InputProzessors</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element ref="AlwaysShowForm" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>Default Wert für Formularanzeige. Soll nicht nur bei leerer oder standardisierter Vollmacht mit unvollständigen Daten, sondern beispielsweise zu Kontrollzwecken das Eingabeformular zur vervollständigung der Vertretenendaten immer angezeigt werden, wenn ein Einschreiten durch berufliche Parteienvertretung geschieht so kann dies mittels dieses Schalters veranlasst werden</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>Default Verbindungsparameter zum SZR-Gateway (für den EGIZ-Demonstrator im internen Netzwerk: https://129.27.142.5:8443/szr-gateway/services/MandateCreation)</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="PartyRepresentative" type="PartyRepresentativeType" minOccurs="0" maxOccurs="unbounded">
- <xsd:annotation>
- <xsd:documentation>Falls keine speziellen beruflichen ParteienvertreterInnen definiert sind (Element kommt nicht vor), werden ausschließlich standardisierte Vollmachten mit einer MandateID="*" akzeptiert</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="PartyRepresentativeType">
- <xsd:sequence>
- <xsd:element name="InputProcessor" type="InputProcessorType" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>Konfiguration eines vom Standardprozess abweichenden Verarbeitungsvorgangs bei der beruflichen Parteienvertretung. Der Wert dieses Elements ist der vollständige Klassenname des InputProzessors</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element ref="AlwaysShowForm" minOccurs="0"/>
- <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>Optionale Verbindungsparameter zu speziellem (SZR-)Gateway</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- <xsd:attribute name="oid" use="required">
- <xsd:annotation>
- <xsd:documentation>OID der Parteienvertretung lt. "Object Identifier der öffentlichen Verwaltung" - Konvention, Empfehlung. Diese ID muss mit der MandateID der übermittelten standardisierten Vollmacht übereinstimmen. Eine Parteienvertretung für standardisierte Vollmachten mit der MandateID "*" muss nicht definiert werden und erlaubt eine allgemeine berufliche Parteienvertretung mit Standardtexten. In anderen Fällen ist eine erlaubte OID mitttels dieses Attributs zu definieren</xsd:documentation>
- </xsd:annotation>
- <!--xsd:simpleType>
- <xsd:restriction/>
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="1.2.40.0.10.3.1"/>
- <xsd:enumeration value="1.2.40.0.10.3.2"/>
- <xsd:enumeration value="1.2.40.0.10.3.3"/>
- <xsd:enumeration value="1.2.40.0.10.3.10"/>
- <xsd:enumeration value="1.2.40.0.10.3.10.IdentifiedVoiceChannel"/>
- </xsd:restriction>
- </xsd:simpleType-->
- </xsd:attribute>
- <xsd:attribute name="representPhysicalParty" use="optional" default="false">
- <xsd:annotation>
- <xsd:documentation>Legt fest, ob berufliche Parteienvertretung für natürliche Personen erlaubt ist</xsd:documentation>
- </xsd:annotation>
- <xsd:simpleType>
- <xsd:restriction base="xsd:boolean"/>
- </xsd:simpleType>
- </xsd:attribute>
- <xsd:attribute name="representCorporateParty" use="optional" default="false">
- <xsd:annotation>
- <xsd:documentation>Legt fest, ob berufliche Parteienvertretung für juristische Personen erlaubt ist (welche z.B. ein Organwalter nicht vertreten darf und dieser Wert aus diesem Grund dort false sein muss)</xsd:documentation>
- </xsd:annotation>
- <xsd:simpleType>
- <xsd:restriction base="xsd:boolean"/>
- </xsd:simpleType>
- </xsd:attribute>
- <xsd:attribute name="representationText" use="optional">
- <xsd:annotation>
- <xsd:documentation>Beschreibender Text, der an Stelle des Standardtexts bei der Signatur der Anmeldedaten im Falle einer vorliegenden beruflichen Parteienvertretung zur Signatur vorgelegt wird</xsd:documentation>
- </xsd:annotation>
- <!--xsd:simpleType>
- <xsd:restriction/>
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="berufsmäßige(r) Parteienvertreter(in) mit Notariatseigenschaft"/>
- <xsd:enumeration value="berufsmäßige(r) Parteienvertreter(in) mit Rechtsanwaltseigenschaft"/>
- <xsd:enumeration value="berufsmäßige(r) Parteienvertreter(in) mit Ziviltechnikerinneneigenschaft)"/>
- <xsd:enumeration value="Organwalter"/>
- <xsd:enumeration value="Parteienvertreter(in) über einen identifizierten Sprachkanal"/>
- </xsd:restriction>
- </xsd:simpleType-->
- </xsd:attribute>
- </xsd:complexType>
-</xsd:schema>
diff --git a/common/src/main/resources/resources/schemas/MOA-ID-Configuration-1.4.3.xsd b/common/src/main/resources/resources/schemas/MOA-ID-Configuration-1.4.3.xsd deleted file mode 100644 index 570bebd37..000000000 --- a/common/src/main/resources/resources/schemas/MOA-ID-Configuration-1.4.3.xsd +++ /dev/null @@ -1,612 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?>
-<xsd:schema xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" targetNamespace="http://www.buergerkarte.at/namespaces/moaconfig#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.4.3">
- <!-- es werden lokale Schemas referenziert für real aufgelöste Schemas bitte ersetzen: http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd -->
- <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd"/>
- <xsd:import namespace="http://reference.e-government.gv.at/namespace/persondata/20020228#" schemaLocation="PersonData_20_en_moaWID.xsd"/>
- <xsd:element name="Configuration">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="LoginType" type="LoginType" default="stateful"/>
- <xsd:element name="Binding" minOccurs="0">
- <xsd:simpleType>
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="full"/>
- <xsd:enumeration value="userName"/>
- <xsd:enumeration value="none"/>
- </xsd:restriction>
- </xsd:simpleType>
- </xsd:element>
- <xsd:choice>
- <xsd:element ref="ParamAuth"/>
- <xsd:element ref="BasicAuth"/>
- <xsd:element ref="HeaderAuth"/>
- </xsd:choice>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:simpleType name="LoginType">
- <xsd:restriction base="xsd:token">
- <xsd:enumeration value="stateless"/>
- <xsd:enumeration value="stateful"/>
- </xsd:restriction>
- </xsd:simpleType>
- <xsd:element name="ParamAuth">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element ref="Parameter" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="Parameter">
- <xsd:complexType>
- <xsd:attribute name="Name" type="xsd:token" use="required"/>
- <xsd:attribute name="Value" type="MOAAuthDataType" use="required"/>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="BasicAuth">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="UserID" type="MOAAuthDataType"/>
- <xsd:element name="Password" type="MOAAuthDataType"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="HeaderAuth">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element ref="Header" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="Header">
- <xsd:complexType>
- <xsd:attribute name="Name" type="xsd:token" use="required"/>
- <xsd:attribute name="Value" type="MOAAuthDataType" use="required"/>
- </xsd:complexType>
- </xsd:element>
- <xsd:simpleType name="MOAAuthDataType">
- <xsd:restriction base="xsd:token">
- <xsd:enumeration value="MOAGivenName"/>
- <xsd:enumeration value="MOAFamilyName"/>
- <xsd:enumeration value="MOADateOfBirth"/>
- <xsd:enumeration value="MOABPK"/>
- <xsd:enumeration value="MOAWBPK"/>
- <xsd:enumeration value="MOAPublicAuthority"/>
- <xsd:enumeration value="MOABKZ"/>
- <xsd:enumeration value="MOAQualifiedCertificate"/>
- <xsd:enumeration value="MOAStammzahl"/>
- <xsd:enumeration value="MOAIdentificationValueType"/>
- <xsd:enumeration value="MOAIPAddress"/>
- </xsd:restriction>
- </xsd:simpleType>
- <xsd:simpleType name="MOAKeyBoxSelector">
- <xsd:restriction base="xsd:token">
- <xsd:enumeration value="SecureSignatureKeypair"/>
- <xsd:enumeration value="CertifiedKeypair"/>
- </xsd:restriction>
- </xsd:simpleType>
- <!--Konfiguration für Authentisierungs- und Proxy-Komponente und Online-Applikation-->
- <xsd:element name="MOA-IDConfiguration">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="AuthComponent" type="AuthComponentType" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter der Authentisierungs-Komponente</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="ProxyComponent" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Konfigurationsparameter der Proxy-Komponente</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="AuthComponent">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter für die Kommunikation zw. Proxykomponente und Authenttisierungskomponente</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter für die SOAP-Verbindung von der Proxy-Komponente zur Auth-Komponente (vgl. AuthComponent/MOA-SP/ConnectionParameter)</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="OnlineApplication" maxOccurs="unbounded">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter für die OA</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:complexContent>
- <xsd:extension base="OnlineApplicationType">
- <xsd:attribute name="publicURLPrefix" type="xsd:anyURI" use="required"/>
- <xsd:attribute name="keyBoxIdentifier" type="MOAKeyBoxSelector" use="optional" default="SecureSignatureKeypair"/>
- <xsd:attribute name="type" use="optional" default="publicService">
- <xsd:simpleType>
- <xsd:restriction base="xsd:NMTOKEN">
- <xsd:enumeration value="businessService"/>
- <xsd:enumeration value="publicService"/>
- </xsd:restriction>
- </xsd:simpleType>
- </xsd:attribute>
- <xsd:attribute name="calculateHPI" type="xsd:boolean" use="optional" default="false"/>
- </xsd:extension>
- </xsd:complexContent>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="ChainingModes" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>spezifiziert den Algorithmus ("pkix" oder "chaining") für die Zertifikatspfadvalidierung</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence minOccurs="0" maxOccurs="unbounded">
- <xsd:element name="TrustAnchor">
- <xsd:annotation>
- <xsd:documentation>ein vom SystemDefaultMode abweichender ChiningMode kann für jeden TrustAnchor gesetzt werden</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:complexContent>
- <xsd:extension base="dsig:X509IssuerSerialType">
- <xsd:attribute name="mode" type="ChainingModeType" use="required"/>
- </xsd:extension>
- </xsd:complexContent>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- <xsd:attribute name="systemDefaultMode" type="ChainingModeType" use="optional" default="pkix"/>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="TrustedCACertificates" type="xsd:anyURI" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>verweist auf ein Verzeichnis, das vertrauenswürdige CA (Zwischen-CA, Wurzel-CA) Zertifikate enthält.</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="GenericConfiguration" minOccurs="0" maxOccurs="unbounded">
- <xsd:complexType>
- <xsd:attribute name="name" use="required">
- <xsd:simpleType>
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="DirectoryCertStoreParameters.RootDir"/>
- <xsd:enumeration value="AuthenticationSession.TimeOut"/>
- <xsd:enumeration value="AuthenticationData.TimeOut"/>
- <xsd:enumeration value="TrustManager.RevocationChecking"/>
- <xsd:enumeration value="FrontendServlets.EnableHTTPConnection"/>
- <xsd:enumeration value="FrontendServlets.DataURLPrefix"/>
- <xsd:enumeration value="AuthenticationServer.KeepAssertion"/>
- <xsd:enumeration value="AuthenticationServer.WriteAssertionToFile"/>
- <xsd:enumeration value="AuthenticationServer.SourceID"/>
- </xsd:restriction>
- </xsd:simpleType>
- </xsd:attribute>
- <xsd:attribute name="value" type="xsd:string" use="required"/>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:complexType name="AuthComponentType">
- <xsd:sequence>
- <xsd:element name="BKUSelection" minOccurs="0">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="ConnectionParameter" type="ConnectionParameterServerAuthType"/>
- </xsd:sequence>
- <xsd:attribute name="BKUSelectionAlternative" type="BKUSelectionType" use="optional" default="HTMLComplete"/>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="Templates" type="TemplatesType" minOccurs="0"/>
- <xsd:element name="SecurityLayer">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter für die Kommunikation mit dem Security-Layer</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="TransformsInfo" type="TransformsInfoType" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="MOA-SP">
- <xsd:annotation>
- <xsd:documentation>enthält Konfiguratiosnparameter für die Kommunikation mit dem MOA SP Modul</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter für die SOAP-Verbindung von der AUTH-Komponente zu MOA-SP; das Attribut URL enthält den Endpunkt des Server; wird das Schema "https" verwendet müssen die Kind-Elemente angegeben werden; wird das Schema "http" verwendet dürfen keine Kind-Elemente angegeben werden; wird das Element nicht verwendet dann wird MOA-SP über das API aufgerufen</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="VerifyIdentityLink">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter für die Überprüfung der Personenbindung</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element ref="TrustProfileID"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="VerifyAuthBlock">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter für die Überprüfung des AUTH-Blocks</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element ref="TrustProfileID"/>
- <xsd:element name="VerifyTransformsInfoProfileID" type="xsd:string" minOccurs="0" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="IdentityLinkSigners" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Informationen über akzeptierte Signers des IdentityLinks</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="X509SubjectName" type="xsd:string" maxOccurs="unbounded">
- <xsd:annotation>
- <xsd:documentation>akzeptierte Signer des IdentityLinks werden per X509SubjectName (Kodierung nach RFC 2253) identifiziert</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="VerifyInfoboxes" type="VerifyInfoboxesType" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Defaultparameter für die Überprüfung weiterer Infoboxen</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="TransformsInfoType">
- <xsd:annotation>
- <xsd:documentation>das Attribut filename verweist auf eine Datei mit globalem Element TransformsInfo vom Typ sl10:TransformsInfo; diese TransformsInfo werden in den CreateXMLSignatureRequest für die Signatur des AUTH-Blocks inkludiert</xsd:documentation>
- </xsd:annotation>
- <xsd:attribute name="filename" type="xsd:anyURI" use="required"/>
- </xsd:complexType>
- <xsd:complexType name="TemplatesType">
- <xsd:sequence>
- <xsd:element name="BKUSelectionTemplate" type="TemplateType" minOccurs="0"/>
- <xsd:element name="Template" type="TemplateType" minOccurs="0"/>
- <xsd:element name="InputProcessorSignTemplate" type="TemplateType" minOccurs="0"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="TemplateType">
- <xsd:annotation>
- <xsd:documentation>das Attribut URL spezifiziert die Lage des Templates</xsd:documentation>
- </xsd:annotation>
- <xsd:attribute name="URL" type="xsd:anyURI" use="required"/>
- </xsd:complexType>
- <xsd:complexType name="VerifyInfoboxesType">
- <xsd:annotation>
- <xsd:documentation>Verifikation zusätzlicher Infoboxen</xsd:documentation>
- </xsd:annotation>
- <xsd:sequence>
- <xsd:element name="DefaultTrustProfile" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>Optionales DefaultTrustprofil für die Überprüfung aller weiteren Infoboxen</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element ref="TrustProfileID"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="Infobox" type="InfoboxType" minOccurs="0" maxOccurs="unbounded">
- <xsd:annotation>
- <xsd:documentation>Parameter für Überprüfung weiterer Infoboxen</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="InfoboxType">
- <xsd:annotation>
- <xsd:documentation>Parameter zur Überprüfung einzelner Infoboxen</xsd:documentation>
- </xsd:annotation>
- <xsd:sequence>
- <xsd:element name="FriendlyName" type="xsd:string" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>optionalervName, der für Fehlermeldungen verwendet werden soll; z.B.: "Stellvertretungen" für "Mandates"; fehlt dieser Parameter, dann wird das Identifier-Attribut verwendet</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="TrustProfileID" type="xsd:string" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>TrustProfil, das für die Überprüfung der Infobox verwendet werden soll</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="ValidatorClass" type="xsd:string" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>Validatorklasse, die für die Prüfung der Infobox verwendet werden soll; muss gesetzt werden, wenn Package- und Klassenname vom Default Package- und Klassennamen abweichen</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="SchemaLocations" type="SchemaLocationType" minOccurs="0"/>
- <xsd:element name="ApplicationSpecificParameters" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>Infobox spezifische Parameter, die der jeweiligen Prüfapplikation übergeben werden</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:any namespace="##any" processContents="skip" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="ParepSpecificParameters" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>Infobox spezifische Parameter, die der Prüfapplikation für berufliche Parteienvertretung übergeben werden. Dies ist logisch Teil der ApplicationSpecificParameters, kann jedoch aufgrund der Strukturierung validierend geparst werden und dadurch wird eine funktionierende Konfiguration bei Programmstart garantiert.</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element ref="EnableInfoboxValidator" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>Falls Infoboxinhalte für die berufliche Parteienvertretung in der Vollmachten Infobox "mandates" abgelegt werden und Vertretung für berufliche Parteienvertreter aktiviert ist, so kann mit diesem Schalter die Vollmachtsprüfung für normale Vollmachten deaktiviert werden. Damit wird erreicht, dass mittels der Vollmachten Infobox ausschließlich berufliche Parteienvertretung aktiviert ist. Dieser Schalter ist nur für die Vollmachten Infobox "mandates" relevant.</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="PartyRepresentation" type="PartyRepresentationType">
- <xsd:annotation>
- <xsd:documentation>Eigentlicher Konfigurationsteil für berufliche Parteienvertretung</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- <xsd:attribute name="Identifier" type="xsd:string" use="required"/>
- <xsd:attribute name="required" type="xsd:boolean" use="optional" default="false"/>
- <xsd:attribute name="provideStammzahl" type="xsd:boolean" use="optional" default="false"/>
- <xsd:attribute name="provideIdentityLink" type="xsd:boolean" use="optional" default="false"/>
- </xsd:complexType>
- <xsd:complexType name="SchemaLocationType">
- <xsd:annotation>
- <xsd:documentation>Spezifiziert die Lage von XML Schemas</xsd:documentation>
- </xsd:annotation>
- <xsd:sequence>
- <xsd:element name="Schema" maxOccurs="unbounded">
- <xsd:complexType>
- <xsd:attribute name="namespace" type="xsd:anyURI" use="required"/>
- <xsd:attribute name="schemaLocation" type="xsd:anyURI" use="required"/>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="ProxyComponentType"/>
- <xsd:complexType name="OnlineApplicationType">
- <xsd:sequence>
- <xsd:element name="AuthComponent" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter über die OA, die die Authentisierungs-Komponente betreffen</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <!--xsd:element name="IdentificationNumber" minOccurs="0">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element ref="pr:AbstractSimpleIdentification"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element-->
- <xsd:element name="IdentificationNumber" minOccurs="0">
- <xsd:complexType>
- <xsd:choice>
- <xsd:element ref="pr:Firmenbuchnummer"/>
- <xsd:element ref="pr:ZMRzahl"/>
- <xsd:element ref="pr:Vereinsnummer"/>
- <xsd:element ref="pr:ERJPZahl"/>
- <xsd:element name="AnyNumber">
- <xsd:complexType>
- <xsd:simpleContent>
- <xsd:extension base="xsd:string">
- <xsd:attribute name="Identifier" type="xsd:string" use="required"/>
- </xsd:extension>
- </xsd:simpleContent>
- </xsd:complexType>
- </xsd:element>
- </xsd:choice>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="Templates" type="TemplatesType" minOccurs="0"/>
- <xsd:element name="TransformsInfo" type="TransformsInfoType" minOccurs="0" maxOccurs="unbounded"/>
- <xsd:element name="VerifyInfoboxes" type="VerifyInfoboxesType" minOccurs="0"/>
- </xsd:sequence>
- <xsd:attribute name="slVersion" use="optional" default="1.1">
- <xsd:simpleType>
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="1.1"/>
- <xsd:enumeration value="1.2"/>
- </xsd:restriction>
- </xsd:simpleType>
- </xsd:attribute>
- <xsd:attribute name="provideStammzahl" type="xsd:boolean" use="optional" default="false"/>
- <xsd:attribute name="provideAUTHBlock" type="xsd:boolean" use="optional" default="false"/>
- <xsd:attribute name="provideIdentityLink" type="xsd:boolean" use="optional" default="false"/>
- <xsd:attribute name="provideCertificate" type="xsd:boolean" use="optional" default="false"/>
- <!--xsd:element ref="pr:AbstractSimpleIdentification" minOccurs="0" maxOccurs="1"/-->
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="ProxyComponent" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter über die OA, die die Proxy-Komponente betreffen</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter über die OA, die die Proxy-Komponente betreffen</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- <xsd:attribute name="configFileURL" type="xsd:anyURI" use="optional"/>
- <xsd:attribute name="sessionTimeOut" type="xsd:int" use="optional"/>
- <xsd:attribute name="loginParameterResolverImpl" type="xsd:string" use="optional"/>
- <xsd:attribute name="loginParameterResolverConfiguration" type="xsd:string" use="optional"/>
- <xsd:attribute name="connectionBuilderImpl" type="xsd:string" use="optional"/>
- </xsd:complexType>
- </xsd:element>
- <!--xsd:element ref="pr:CorporateBody" minOccurs="0" maxOccurs="1"/-->
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="ConnectionParameterServerAuthType">
- <xsd:sequence>
- <xsd:element name="AcceptedServerCertificates" type="xsd:anyURI" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>URL zu einem Verzeichnis, das akzeptierte Server-Zertifikate der TLS-Verbindung enthält (keine CA-Zertifikate)</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- <xsd:attribute name="URL" type="xsd:anyURI" use="required"/>
- </xsd:complexType>
- <xsd:complexType name="ConnectionParameterClientAuthType">
- <xsd:complexContent>
- <xsd:extension base="ConnectionParameterServerAuthType">
- <xsd:sequence>
- <xsd:element name="ClientKeyStore" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>URL zu einem KeyStore, der den privaten Schlüssel, der für die TLS-Client-Authentisierung verwendet wird, enthält</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:simpleContent>
- <xsd:extension base="xsd:anyURI">
- <xsd:attribute name="password" type="xsd:string" use="optional"/>
- </xsd:extension>
- </xsd:simpleContent>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- </xsd:extension>
- </xsd:complexContent>
- </xsd:complexType>
- <xsd:element name="TrustProfileID" type="xsd:string"/>
- <xsd:simpleType name="ChainingModeType">
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="chaining"/>
- <xsd:enumeration value="pkix"/>
- </xsd:restriction>
- </xsd:simpleType>
- <xsd:simpleType name="BKUSelectionType">
- <xsd:restriction base="xsd:token">
- <xsd:enumeration value="HTMLComplete"/>
- <xsd:enumeration value="HTMLSelect"/>
- </xsd:restriction>
- </xsd:simpleType>
- <xsd:element name="CompatibilityMode" default="false">
- <xsd:simpleType>
- <xsd:restriction base="xsd:boolean"/>
- </xsd:simpleType>
- </xsd:element>
- <xsd:element name="EnableInfoboxValidator" default="true">
- <xsd:simpleType>
- <xsd:restriction base="xsd:boolean"/>
- </xsd:simpleType>
- </xsd:element>
- <xsd:element name="AlwaysShowForm" default="false">
- <xsd:annotation>
- <xsd:documentation>Soll nicht nur bei leerer oder standardisierter Vollmacht mit unvollständigen Daten, sondern beispielsweise zu Kontrollzwecken das Eingabeformular immer angezeigt werden, wenn ein Einschreiten durch berufliche Parteienvertretung geschieht so kann dies mittels dieses Schalters veranlasst werden</xsd:documentation>
- </xsd:annotation>
- <xsd:simpleType>
- <xsd:restriction base="xsd:boolean"/>
- </xsd:simpleType>
- </xsd:element>
- <xsd:complexType name="InputProcessorType">
- <xsd:simpleContent>
- <xsd:extension base="xsd:string">
- <xsd:attribute name="template" type="xsd:anyURI" use="optional">
- <xsd:annotation>
- <xsd:documentation>Das Attribut spezifiziert die Lage des Templates, welches der InputProcessor zur Darstellung des Eingabeformulars nutzen soll</xsd:documentation>
- </xsd:annotation>
- </xsd:attribute>
- </xsd:extension>
- </xsd:simpleContent>
- </xsd:complexType>
- <xsd:complexType name="PartyRepresentationType">
- <xsd:sequence>
- <xsd:element name="InputProcessor" type="InputProcessorType" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>Default InputProcessor. Konfiguration eines vom Standardprozess abweichenden Verarbeitungsvorgangs bei der beruflichen Parteienvertretung. Der Wert dieses Elements ist der vollständige Klassenname des InputProzessors</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element ref="AlwaysShowForm" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>Default Wert für Formularanzeige. Soll nicht nur bei leerer oder standardisierter Vollmacht mit unvollständigen Daten, sondern beispielsweise zu Kontrollzwecken das Eingabeformular zur vervollständigung der Vertretenendaten immer angezeigt werden, wenn ein Einschreiten durch berufliche Parteienvertretung geschieht so kann dies mittels dieses Schalters veranlasst werden</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>Default Verbindungsparameter zum SZR-Gateway (für den EGIZ-Demonstrator im internen Netzwerk: https://129.27.142.5:8443/szr-gateway/services/MandateCreation)</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="PartyRepresentative" type="PartyRepresentativeType" minOccurs="0" maxOccurs="unbounded">
- <xsd:annotation>
- <xsd:documentation>Falls keine speziellen beruflichen ParteienvertreterInnen definiert sind (Element kommt nicht vor), werden ausschließlich standardisierte Vollmachten mit einer MandateID="*" akzeptiert</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="PartyRepresentativeType">
- <xsd:sequence>
- <xsd:element name="InputProcessor" type="InputProcessorType" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>Konfiguration eines vom Standardprozess abweichenden Verarbeitungsvorgangs bei der beruflichen Parteienvertretung. Der Wert dieses Elements ist der vollständige Klassenname des InputProzessors</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element ref="AlwaysShowForm" minOccurs="0"/>
- <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>Optionale Verbindungsparameter zu speziellem (SZR-)Gateway</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- <xsd:attribute name="oid" use="required">
- <xsd:annotation>
- <xsd:documentation>OID der Parteienvertretung lt. "Object Identifier der öffentlichen Verwaltung" - Konvention, Empfehlung. Diese ID muss mit der MandateID der übermittelten standardisierten Vollmacht übereinstimmen. Eine Parteienvertretung für standardisierte Vollmachten mit der MandateID "*" muss nicht definiert werden und erlaubt eine allgemeine berufliche Parteienvertretung mit Standardtexten. In anderen Fällen ist eine erlaubte OID mitttels dieses Attributs zu definieren</xsd:documentation>
- </xsd:annotation>
- <!--xsd:simpleType>
- <xsd:restriction/>
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="1.2.40.0.10.3.1"/>
- <xsd:enumeration value="1.2.40.0.10.3.2"/>
- <xsd:enumeration value="1.2.40.0.10.3.3"/>
- <xsd:enumeration value="1.2.40.0.10.3.10"/>
- <xsd:enumeration value="1.2.40.0.10.3.10.IdentifiedVoiceChannel"/>
- </xsd:restriction>
- </xsd:simpleType-->
- </xsd:attribute>
- <xsd:attribute name="representPhysicalParty" use="optional" default="false">
- <xsd:annotation>
- <xsd:documentation>Legt fest, ob berufliche Parteienvertretung für natürliche Personen erlaubt ist</xsd:documentation>
- </xsd:annotation>
- <xsd:simpleType>
- <xsd:restriction base="xsd:boolean"/>
- </xsd:simpleType>
- </xsd:attribute>
- <xsd:attribute name="representCorporateParty" use="optional" default="false">
- <xsd:annotation>
- <xsd:documentation>Legt fest, ob berufliche Parteienvertretung für juristische Personen erlaubt ist (welche z.B. ein Organwalter nicht vertreten darf und dieser Wert aus diesem Grund dort false sein muss)</xsd:documentation>
- </xsd:annotation>
- <xsd:simpleType>
- <xsd:restriction base="xsd:boolean"/>
- </xsd:simpleType>
- </xsd:attribute>
- <xsd:attribute name="representationText" use="optional">
- <xsd:annotation>
- <xsd:documentation>Beschreibender Text, der an Stelle des Standardtexts bei der Signatur der Anmeldedaten im Falle einer vorliegenden beruflichen Parteienvertretung zur Signatur vorgelegt wird</xsd:documentation>
- </xsd:annotation>
- <!--xsd:simpleType>
- <xsd:restriction/>
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="berufsmäßige(r) Parteienvertreter(in) mit Notariatseigenschaft"/>
- <xsd:enumeration value="berufsmäßige(r) Parteienvertreter(in) mit Rechtsanwaltseigenschaft"/>
- <xsd:enumeration value="berufsmäßige(r) Parteienvertreter(in) mit Ziviltechnikerinneneigenschaft)"/>
- <xsd:enumeration value="Organwalter"/>
- <xsd:enumeration value="Parteienvertreter(in) über einen identifizierten Sprachkanal"/>
- </xsd:restriction>
- </xsd:simpleType-->
- </xsd:attribute>
- </xsd:complexType>
-</xsd:schema>
diff --git a/common/src/main/resources/resources/schemas/MOA-ID-Configuration-1.4.7.xsd b/common/src/main/resources/resources/schemas/MOA-ID-Configuration-1.4.7.xsd deleted file mode 100644 index dffca2167..000000000 --- a/common/src/main/resources/resources/schemas/MOA-ID-Configuration-1.4.7.xsd +++ /dev/null @@ -1,625 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?>
-<!-- edited with XMLSpy v2010 (http://www.altova.com) by ks (ks) -->
-<xsd:schema xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" targetNamespace="http://www.buergerkarte.at/namespaces/moaconfig#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.4.3">
- <!-- es werden lokale Schemas referenziert für real aufgelöste Schemas bitte ersetzen: http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd -->
- <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd"/>
- <xsd:import namespace="http://reference.e-government.gv.at/namespace/persondata/20020228#" schemaLocation="PersonData_20_en_moaWID.xsd"/>
- <xsd:element name="Configuration">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="LoginType" type="LoginType" default="stateful"/>
- <xsd:element name="Binding" minOccurs="0">
- <xsd:simpleType>
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="full"/>
- <xsd:enumeration value="userName"/>
- <xsd:enumeration value="none"/>
- </xsd:restriction>
- </xsd:simpleType>
- </xsd:element>
- <xsd:choice>
- <xsd:element ref="ParamAuth"/>
- <xsd:element ref="BasicAuth"/>
- <xsd:element ref="HeaderAuth"/>
- </xsd:choice>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:simpleType name="LoginType">
- <xsd:restriction base="xsd:token">
- <xsd:enumeration value="stateless"/>
- <xsd:enumeration value="stateful"/>
- </xsd:restriction>
- </xsd:simpleType>
- <xsd:element name="ParamAuth">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element ref="Parameter" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="Parameter">
- <xsd:complexType>
- <xsd:attribute name="Name" type="xsd:token" use="required"/>
- <xsd:attribute name="Value" type="MOAAuthDataType" use="required"/>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="BasicAuth">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="UserID" type="MOAAuthDataType"/>
- <xsd:element name="Password" type="MOAAuthDataType"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="HeaderAuth">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element ref="Header" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="Header">
- <xsd:complexType>
- <xsd:attribute name="Name" type="xsd:token" use="required"/>
- <xsd:attribute name="Value" type="MOAAuthDataType" use="required"/>
- </xsd:complexType>
- </xsd:element>
- <xsd:simpleType name="MOAAuthDataType">
- <xsd:restriction base="xsd:token">
- <xsd:enumeration value="MOAGivenName"/>
- <xsd:enumeration value="MOAFamilyName"/>
- <xsd:enumeration value="MOADateOfBirth"/>
- <xsd:enumeration value="MOABPK"/>
- <xsd:enumeration value="MOAWBPK"/>
- <xsd:enumeration value="MOAPublicAuthority"/>
- <xsd:enumeration value="MOABKZ"/>
- <xsd:enumeration value="MOAQualifiedCertificate"/>
- <xsd:enumeration value="MOAStammzahl"/>
- <xsd:enumeration value="MOAIdentificationValueType"/>
- <xsd:enumeration value="MOAIPAddress"/>
- </xsd:restriction>
- </xsd:simpleType>
- <xsd:simpleType name="MOAKeyBoxSelector">
- <xsd:restriction base="xsd:token">
- <xsd:enumeration value="SecureSignatureKeypair"/>
- <xsd:enumeration value="CertifiedKeypair"/>
- </xsd:restriction>
- </xsd:simpleType>
- <!--Konfiguration für Authentisierungs- und Proxy-Komponente und Online-Applikation-->
- <xsd:element name="MOA-IDConfiguration">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="AuthComponent" type="AuthComponentType" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter der Authentisierungs-Komponente</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="ProxyComponent" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Konfigurationsparameter der Proxy-Komponente</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="AuthComponent">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter für die Kommunikation zw. Proxykomponente und Authenttisierungskomponente</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter für die SOAP-Verbindung von der Proxy-Komponente zur Auth-Komponente (vgl. AuthComponent/MOA-SP/ConnectionParameter)</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="OnlineApplication" maxOccurs="unbounded">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter für die OA</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:complexContent>
- <xsd:extension base="OnlineApplicationType">
- <xsd:attribute name="publicURLPrefix" type="xsd:anyURI" use="required"/>
- <xsd:attribute name="keyBoxIdentifier" type="MOAKeyBoxSelector" use="optional" default="SecureSignatureKeypair"/>
- <xsd:attribute name="type" use="optional" default="publicService">
- <xsd:simpleType>
- <xsd:restriction base="xsd:NMTOKEN">
- <xsd:enumeration value="businessService"/>
- <xsd:enumeration value="publicService"/>
- </xsd:restriction>
- </xsd:simpleType>
- </xsd:attribute>
- <xsd:attribute name="calculateHPI" type="xsd:boolean" use="optional" default="false"/>
- <xsd:attribute name="friendlyName" type="xsd:string" use="optional"/>
- </xsd:extension>
- </xsd:complexContent>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="ChainingModes" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>spezifiziert den Algorithmus ("pkix" oder "chaining") für die Zertifikatspfadvalidierung</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence minOccurs="0" maxOccurs="unbounded">
- <xsd:element name="TrustAnchor">
- <xsd:annotation>
- <xsd:documentation>ein vom SystemDefaultMode abweichender ChiningMode kann für jeden TrustAnchor gesetzt werden</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:complexContent>
- <xsd:extension base="dsig:X509IssuerSerialType">
- <xsd:attribute name="mode" type="ChainingModeType" use="required"/>
- </xsd:extension>
- </xsd:complexContent>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- <xsd:attribute name="systemDefaultMode" type="ChainingModeType" use="optional" default="pkix"/>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="TrustedCACertificates" type="xsd:anyURI" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>verweist auf ein Verzeichnis, das vertrauenswürdige CA (Zwischen-CA, Wurzel-CA) Zertifikate enthält.</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="GenericConfiguration" minOccurs="0" maxOccurs="unbounded">
- <xsd:complexType>
- <xsd:attribute name="name" use="required">
- <xsd:simpleType>
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="DirectoryCertStoreParameters.RootDir"/>
- <xsd:enumeration value="AuthenticationSession.TimeOut"/>
- <xsd:enumeration value="AuthenticationData.TimeOut"/>
- <xsd:enumeration value="TrustManager.RevocationChecking"/>
- <xsd:enumeration value="FrontendServlets.EnableHTTPConnection"/>
- <xsd:enumeration value="FrontendServlets.DataURLPrefix"/>
- <xsd:enumeration value="AuthenticationServer.KeepAssertion"/>
- <xsd:enumeration value="AuthenticationServer.WriteAssertionToFile"/>
- <xsd:enumeration value="AuthenticationServer.SourceID"/>
- </xsd:restriction>
- </xsd:simpleType>
- </xsd:attribute>
- <xsd:attribute name="value" type="xsd:string" use="required"/>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:complexType name="AuthComponentType">
- <xsd:sequence>
- <xsd:element name="BKUSelection" minOccurs="0">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="ConnectionParameter" type="ConnectionParameterServerAuthType"/>
- </xsd:sequence>
- <xsd:attribute name="BKUSelectionAlternative" type="BKUSelectionType" use="optional" default="HTMLComplete"/>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="Templates" type="TemplatesType" minOccurs="0"/>
- <xsd:element name="SecurityLayer">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter für die Kommunikation mit dem Security-Layer</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="TransformsInfo" type="TransformsInfoType" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="MOA-SP">
- <xsd:annotation>
- <xsd:documentation>enthält Konfiguratiosnparameter für die Kommunikation mit dem MOA SP Modul</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter für die SOAP-Verbindung von der AUTH-Komponente zu MOA-SP; das Attribut URL enthält den Endpunkt des Server; wird das Schema "https" verwendet müssen die Kind-Elemente angegeben werden; wird das Schema "http" verwendet dürfen keine Kind-Elemente angegeben werden; wird das Element nicht verwendet dann wird MOA-SP über das API aufgerufen</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="VerifyIdentityLink">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter für die Überprüfung der Personenbindung</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element ref="TrustProfileID"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="VerifyAuthBlock">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter für die Überprüfung des AUTH-Blocks</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element ref="TrustProfileID"/>
- <xsd:element name="VerifyTransformsInfoProfileID" type="xsd:string" minOccurs="0" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="IdentityLinkSigners" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Informationen über akzeptierte Signers des IdentityLinks</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="X509SubjectName" type="xsd:string" maxOccurs="unbounded">
- <xsd:annotation>
- <xsd:documentation>akzeptierte Signer des IdentityLinks werden per X509SubjectName (Kodierung nach RFC 2253) identifiziert</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="VerifyInfoboxes" type="VerifyInfoboxesType" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Defaultparameter für die Überprüfung weiterer Infoboxen</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="ForeignIdentities" minOccurs="0">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType">
- <xsd:annotation>
- <xsd:documentation>Default Verbindungsparameter zum SZR-Gateway (GetIdentityLink)</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="TransformsInfoType">
- <xsd:annotation>
- <xsd:documentation>das Attribut filename verweist auf eine Datei mit globalem Element TransformsInfo vom Typ sl10:TransformsInfo; diese TransformsInfo werden in den CreateXMLSignatureRequest für die Signatur des AUTH-Blocks inkludiert</xsd:documentation>
- </xsd:annotation>
- <xsd:attribute name="filename" type="xsd:anyURI" use="required"/>
- </xsd:complexType>
- <xsd:complexType name="TemplatesType">
- <xsd:sequence>
- <xsd:element name="BKUSelectionTemplate" type="TemplateType" minOccurs="0"/>
- <xsd:element name="Template" type="TemplateType" minOccurs="0"/>
- <xsd:element name="InputProcessorSignTemplate" type="TemplateType" minOccurs="0"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="TemplateType">
- <xsd:annotation>
- <xsd:documentation>das Attribut URL spezifiziert die Lage des Templates</xsd:documentation>
- </xsd:annotation>
- <xsd:attribute name="URL" type="xsd:anyURI" use="required"/>
- </xsd:complexType>
- <xsd:complexType name="VerifyInfoboxesType">
- <xsd:annotation>
- <xsd:documentation>Verifikation zusätzlicher Infoboxen</xsd:documentation>
- </xsd:annotation>
- <xsd:sequence>
- <xsd:element name="DefaultTrustProfile" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>Optionales DefaultTrustprofil für die Überprüfung aller weiteren Infoboxen</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element ref="TrustProfileID"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="Infobox" type="InfoboxType" minOccurs="0" maxOccurs="unbounded">
- <xsd:annotation>
- <xsd:documentation>Parameter für Überprüfung weiterer Infoboxen</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="InfoboxType">
- <xsd:annotation>
- <xsd:documentation>Parameter zur Überprüfung einzelner Infoboxen</xsd:documentation>
- </xsd:annotation>
- <xsd:sequence>
- <xsd:element name="FriendlyName" type="xsd:string" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>optionalervName, der für Fehlermeldungen verwendet werden soll; z.B.: "Stellvertretungen" für "Mandates"; fehlt dieser Parameter, dann wird das Identifier-Attribut verwendet</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="TrustProfileID" type="xsd:string" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>TrustProfil, das für die Überprüfung der Infobox verwendet werden soll</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="ValidatorClass" type="xsd:string" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>Validatorklasse, die für die Prüfung der Infobox verwendet werden soll; muss gesetzt werden, wenn Package- und Klassenname vom Default Package- und Klassennamen abweichen</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="SchemaLocations" type="SchemaLocationType" minOccurs="0"/>
- <xsd:element name="ApplicationSpecificParameters" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>Infobox spezifische Parameter, die der jeweiligen Prüfapplikation übergeben werden</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:any namespace="##any" processContents="skip" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="ParepSpecificParameters" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>Infobox spezifische Parameter, die der Prüfapplikation für berufliche Parteienvertretung übergeben werden. Dies ist logisch Teil der ApplicationSpecificParameters, kann jedoch aufgrund der Strukturierung validierend geparst werden und dadurch wird eine funktionierende Konfiguration bei Programmstart garantiert.</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element ref="EnableInfoboxValidator" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>Falls Infoboxinhalte für die berufliche Parteienvertretung in der Vollmachten Infobox "mandates" abgelegt werden und Vertretung für berufliche Parteienvertreter aktiviert ist, so kann mit diesem Schalter die Vollmachtsprüfung für normale Vollmachten deaktiviert werden. Damit wird erreicht, dass mittels der Vollmachten Infobox ausschließlich berufliche Parteienvertretung aktiviert ist. Dieser Schalter ist nur für die Vollmachten Infobox "mandates" relevant.</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="PartyRepresentation" type="PartyRepresentationType">
- <xsd:annotation>
- <xsd:documentation>Eigentlicher Konfigurationsteil für berufliche Parteienvertretung</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- <xsd:attribute name="Identifier" type="xsd:string" use="required"/>
- <xsd:attribute name="required" type="xsd:boolean" use="optional" default="false"/>
- <xsd:attribute name="provideStammzahl" type="xsd:boolean" use="optional" default="false"/>
- <xsd:attribute name="provideIdentityLink" type="xsd:boolean" use="optional" default="false"/>
- </xsd:complexType>
- <xsd:complexType name="SchemaLocationType">
- <xsd:annotation>
- <xsd:documentation>Spezifiziert die Lage von XML Schemas</xsd:documentation>
- </xsd:annotation>
- <xsd:sequence>
- <xsd:element name="Schema" maxOccurs="unbounded">
- <xsd:complexType>
- <xsd:attribute name="namespace" type="xsd:anyURI" use="required"/>
- <xsd:attribute name="schemaLocation" type="xsd:anyURI" use="required"/>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="ProxyComponentType"/>
- <xsd:complexType name="OnlineApplicationType">
- <xsd:sequence>
- <xsd:element name="AuthComponent" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter über die OA, die die Authentisierungs-Komponente betreffen</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <!--xsd:element name="IdentificationNumber" minOccurs="0">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element ref="pr:AbstractSimpleIdentification"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element-->
- <xsd:element name="IdentificationNumber" minOccurs="0">
- <xsd:complexType>
- <xsd:choice>
- <xsd:element ref="pr:Firmenbuchnummer"/>
- <xsd:element ref="pr:ZMRzahl"/>
- <xsd:element ref="pr:Vereinsnummer"/>
- <xsd:element ref="pr:ERJPZahl"/>
- <xsd:element name="AnyNumber">
- <xsd:complexType>
- <xsd:simpleContent>
- <xsd:extension base="xsd:string">
- <xsd:attribute name="Identifier" type="xsd:string" use="required"/>
- </xsd:extension>
- </xsd:simpleContent>
- </xsd:complexType>
- </xsd:element>
- </xsd:choice>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="Templates" type="TemplatesType" minOccurs="0"/>
- <xsd:element name="TransformsInfo" type="TransformsInfoType" minOccurs="0" maxOccurs="unbounded"/>
- <xsd:element name="VerifyInfoboxes" type="VerifyInfoboxesType" minOccurs="0"/>
- </xsd:sequence>
- <xsd:attribute name="slVersion" use="optional" default="1.1">
- <xsd:simpleType>
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="1.1"/>
- <xsd:enumeration value="1.2"/>
- </xsd:restriction>
- </xsd:simpleType>
- </xsd:attribute>
- <xsd:attribute name="provideStammzahl" type="xsd:boolean" use="optional" default="false"/>
- <xsd:attribute name="provideAUTHBlock" type="xsd:boolean" use="optional" default="false"/>
- <xsd:attribute name="provideIdentityLink" type="xsd:boolean" use="optional" default="false"/>
- <xsd:attribute name="provideCertificate" type="xsd:boolean" use="optional" default="false"/>
- <!--xsd:element ref="pr:AbstractSimpleIdentification" minOccurs="0" maxOccurs="1"/-->
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="ProxyComponent" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter über die OA, die die Proxy-Komponente betreffen</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter über die OA, die die Proxy-Komponente betreffen</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- <xsd:attribute name="configFileURL" type="xsd:anyURI" use="optional"/>
- <xsd:attribute name="sessionTimeOut" type="xsd:int" use="optional"/>
- <xsd:attribute name="loginParameterResolverImpl" type="xsd:string" use="optional"/>
- <xsd:attribute name="loginParameterResolverConfiguration" type="xsd:string" use="optional"/>
- <xsd:attribute name="connectionBuilderImpl" type="xsd:string" use="optional"/>
- </xsd:complexType>
- </xsd:element>
- <!--xsd:element ref="pr:CorporateBody" minOccurs="0" maxOccurs="1"/-->
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="ConnectionParameterServerAuthType">
- <xsd:sequence>
- <xsd:element name="AcceptedServerCertificates" type="xsd:anyURI" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>URL zu einem Verzeichnis, das akzeptierte Server-Zertifikate der TLS-Verbindung enthält (keine CA-Zertifikate)</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- <xsd:attribute name="URL" type="xsd:anyURI" use="required"/>
- </xsd:complexType>
- <xsd:complexType name="ConnectionParameterClientAuthType">
- <xsd:complexContent>
- <xsd:extension base="ConnectionParameterServerAuthType">
- <xsd:sequence>
- <xsd:element name="ClientKeyStore" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>URL zu einem KeyStore, der den privaten Schlüssel, der für die TLS-Client-Authentisierung verwendet wird, enthält</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:simpleContent>
- <xsd:extension base="xsd:anyURI">
- <xsd:attribute name="password" type="xsd:string" use="optional"/>
- </xsd:extension>
- </xsd:simpleContent>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- </xsd:extension>
- </xsd:complexContent>
- </xsd:complexType>
- <xsd:element name="TrustProfileID" type="xsd:string"/>
- <xsd:simpleType name="ChainingModeType">
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="chaining"/>
- <xsd:enumeration value="pkix"/>
- </xsd:restriction>
- </xsd:simpleType>
- <xsd:simpleType name="BKUSelectionType">
- <xsd:restriction base="xsd:token">
- <xsd:enumeration value="HTMLComplete"/>
- <xsd:enumeration value="HTMLSelect"/>
- </xsd:restriction>
- </xsd:simpleType>
- <xsd:element name="CompatibilityMode" default="false">
- <xsd:simpleType>
- <xsd:restriction base="xsd:boolean"/>
- </xsd:simpleType>
- </xsd:element>
- <xsd:element name="EnableInfoboxValidator" default="true">
- <xsd:simpleType>
- <xsd:restriction base="xsd:boolean"/>
- </xsd:simpleType>
- </xsd:element>
- <xsd:element name="AlwaysShowForm" default="false">
- <xsd:annotation>
- <xsd:documentation>Soll nicht nur bei leerer oder standardisierter Vollmacht mit unvollständigen Daten, sondern beispielsweise zu Kontrollzwecken das Eingabeformular immer angezeigt werden, wenn ein Einschreiten durch berufliche Parteienvertretung geschieht so kann dies mittels dieses Schalters veranlasst werden</xsd:documentation>
- </xsd:annotation>
- <xsd:simpleType>
- <xsd:restriction base="xsd:boolean"/>
- </xsd:simpleType>
- </xsd:element>
- <xsd:complexType name="InputProcessorType">
- <xsd:simpleContent>
- <xsd:extension base="xsd:string">
- <xsd:attribute name="template" type="xsd:anyURI" use="optional">
- <xsd:annotation>
- <xsd:documentation>Das Attribut spezifiziert die Lage des Templates, welches der InputProcessor zur Darstellung des Eingabeformulars nutzen soll</xsd:documentation>
- </xsd:annotation>
- </xsd:attribute>
- </xsd:extension>
- </xsd:simpleContent>
- </xsd:complexType>
- <xsd:complexType name="PartyRepresentationType">
- <xsd:sequence>
- <xsd:element name="InputProcessor" type="InputProcessorType" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>Default InputProcessor. Konfiguration eines vom Standardprozess abweichenden Verarbeitungsvorgangs bei der beruflichen Parteienvertretung. Der Wert dieses Elements ist der vollständige Klassenname des InputProzessors</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element ref="AlwaysShowForm" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>Default Wert für Formularanzeige. Soll nicht nur bei leerer oder standardisierter Vollmacht mit unvollständigen Daten, sondern beispielsweise zu Kontrollzwecken das Eingabeformular zur vervollständigung der Vertretenendaten immer angezeigt werden, wenn ein Einschreiten durch berufliche Parteienvertretung geschieht so kann dies mittels dieses Schalters veranlasst werden</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>Default Verbindungsparameter zum SZR-Gateway (für den EGIZ-Demonstrator im internen Netzwerk: https://129.27.142.5:8443/szr-gateway/services/MandateCreation)</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="PartyRepresentative" type="PartyRepresentativeType" minOccurs="0" maxOccurs="unbounded">
- <xsd:annotation>
- <xsd:documentation>Falls keine speziellen beruflichen ParteienvertreterInnen definiert sind (Element kommt nicht vor), werden ausschließlich standardisierte Vollmachten mit einer MandateID="*" akzeptiert</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="PartyRepresentativeType">
- <xsd:sequence>
- <xsd:element name="InputProcessor" type="InputProcessorType" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>Konfiguration eines vom Standardprozess abweichenden Verarbeitungsvorgangs bei der beruflichen Parteienvertretung. Der Wert dieses Elements ist der vollständige Klassenname des InputProzessors</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element ref="AlwaysShowForm" minOccurs="0"/>
- <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>Optionale Verbindungsparameter zu speziellem (SZR-)Gateway</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- <xsd:attribute name="oid" use="required">
- <xsd:annotation>
- <xsd:documentation>OID der Parteienvertretung lt. "Object Identifier der öffentlichen Verwaltung" - Konvention, Empfehlung. Diese ID muss mit der MandateID der übermittelten standardisierten Vollmacht übereinstimmen. Eine Parteienvertretung für standardisierte Vollmachten mit der MandateID "*" muss nicht definiert werden und erlaubt eine allgemeine berufliche Parteienvertretung mit Standardtexten. In anderen Fällen ist eine erlaubte OID mitttels dieses Attributs zu definieren</xsd:documentation>
- </xsd:annotation>
- <!--xsd:simpleType>
- <xsd:restriction/>
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="1.2.40.0.10.3.1"/>
- <xsd:enumeration value="1.2.40.0.10.3.2"/>
- <xsd:enumeration value="1.2.40.0.10.3.3"/>
- <xsd:enumeration value="1.2.40.0.10.3.10"/>
- <xsd:enumeration value="1.2.40.0.10.3.10.IdentifiedVoiceChannel"/>
- </xsd:restriction>
- </xsd:simpleType-->
- </xsd:attribute>
- <xsd:attribute name="representPhysicalParty" use="optional" default="false">
- <xsd:annotation>
- <xsd:documentation>Legt fest, ob berufliche Parteienvertretung für natürliche Personen erlaubt ist</xsd:documentation>
- </xsd:annotation>
- <xsd:simpleType>
- <xsd:restriction base="xsd:boolean"/>
- </xsd:simpleType>
- </xsd:attribute>
- <xsd:attribute name="representCorporateParty" use="optional" default="false">
- <xsd:annotation>
- <xsd:documentation>Legt fest, ob berufliche Parteienvertretung für juristische Personen erlaubt ist (welche z.B. ein Organwalter nicht vertreten darf und dieser Wert aus diesem Grund dort false sein muss)</xsd:documentation>
- </xsd:annotation>
- <xsd:simpleType>
- <xsd:restriction base="xsd:boolean"/>
- </xsd:simpleType>
- </xsd:attribute>
- <xsd:attribute name="representationText" use="optional">
- <xsd:annotation>
- <xsd:documentation>Beschreibender Text, der an Stelle des Standardtexts bei der Signatur der Anmeldedaten im Falle einer vorliegenden beruflichen Parteienvertretung zur Signatur vorgelegt wird</xsd:documentation>
- </xsd:annotation>
- <!--xsd:simpleType>
- <xsd:restriction/>
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="berufsmäßige(r) Parteienvertreter(in) mit Notariatseigenschaft"/>
- <xsd:enumeration value="berufsmäßige(r) Parteienvertreter(in) mit Rechtsanwaltseigenschaft"/>
- <xsd:enumeration value="berufsmäßige(r) Parteienvertreter(in) mit Ziviltechnikerinneneigenschaft)"/>
- <xsd:enumeration value="Organwalter"/>
- <xsd:enumeration value="Parteienvertreter(in) über einen identifizierten Sprachkanal"/>
- </xsd:restriction>
- </xsd:simpleType-->
- </xsd:attribute>
- </xsd:complexType>
-</xsd:schema>
diff --git a/common/src/main/resources/resources/schemas/MOA-ID-Configuration-1.4.xsd b/common/src/main/resources/resources/schemas/MOA-ID-Configuration-1.4.xsd deleted file mode 100644 index 66a9c0ed4..000000000 --- a/common/src/main/resources/resources/schemas/MOA-ID-Configuration-1.4.xsd +++ /dev/null @@ -1,505 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?>
-<!-- edited with XMLSPY v5 rel. 4 U (http://www.xmlspy.com) by Rudolf Schamberger (Stabsstelle IKT-Strategie) (Bundesrechenzentrum GmbH) -->
-<xsd:schema xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" targetNamespace="http://www.buergerkarte.at/namespaces/moaconfig#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.1.1">
- <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/>
- <xsd:import namespace="http://reference.e-government.gv.at/namespace/persondata/20020228#" schemaLocation="PersonData_20_en_moaWID.xsd"/>
- <xsd:element name="Configuration">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="LoginType" type="LoginType" default="stateful"/>
- <xsd:element name="Binding" minOccurs="0">
- <xsd:simpleType>
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="full"/>
- <xsd:enumeration value="userName"/>
- <xsd:enumeration value="none"/>
- </xsd:restriction>
- </xsd:simpleType>
- </xsd:element>
- <xsd:choice>
- <xsd:element ref="ParamAuth"/>
- <xsd:element ref="BasicAuth"/>
- <xsd:element ref="HeaderAuth"/>
- </xsd:choice>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:simpleType name="LoginType">
- <xsd:restriction base="xsd:token">
- <xsd:enumeration value="stateless"/>
- <xsd:enumeration value="stateful"/>
- </xsd:restriction>
- </xsd:simpleType>
- <xsd:element name="ParamAuth">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element ref="Parameter" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="Parameter">
- <xsd:complexType>
- <xsd:attribute name="Name" type="xsd:token" use="required"/>
- <xsd:attribute name="Value" type="MOAAuthDataType" use="required"/>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="BasicAuth">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="UserID" type="MOAAuthDataType"/>
- <xsd:element name="Password" type="MOAAuthDataType"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="HeaderAuth">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element ref="Header" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="Header">
- <xsd:complexType>
- <xsd:attribute name="Name" type="xsd:token" use="required"/>
- <xsd:attribute name="Value" type="MOAAuthDataType" use="required"/>
- </xsd:complexType>
- </xsd:element>
- <xsd:simpleType name="MOAAuthDataType">
- <xsd:restriction base="xsd:token">
- <xsd:enumeration value="MOAGivenName"/>
- <xsd:enumeration value="MOAFamilyName"/>
- <xsd:enumeration value="MOADateOfBirth"/>
- <xsd:enumeration value="MOABPK"/>
- <xsd:enumeration value="MOAWBPK"/>
- <xsd:enumeration value="MOAPublicAuthority"/>
- <xsd:enumeration value="MOABKZ"/>
- <xsd:enumeration value="MOAQualifiedCertificate"/>
- <xsd:enumeration value="MOAStammzahl"/>
- <xsd:enumeration value="MOAIdentificationValueType"/>
- <xsd:enumeration value="MOAIPAddress"/>
- </xsd:restriction>
- </xsd:simpleType>
- <xsd:simpleType name="MOAKeyBoxSelector">
- <xsd:restriction base="xsd:token">
- <xsd:enumeration value="SecureSignatureKeypair"/>
- <xsd:enumeration value="CertifiedKeypair"/>
- </xsd:restriction>
- </xsd:simpleType>
- <!--Konfiguration für Authentisierungs- und Proxy-Komponente und Online-Applikation-->
- <xsd:element name="MOA-IDConfiguration">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="AuthComponent" type="AuthComponentType" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter der
- Authentisierungs-Komponente</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="ProxyComponent" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Konfigurationsparameter der
- Proxy-Komponente</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="AuthComponent">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter für die Kommunikation zw.
- Proxykomponente und Authenttisierungskomponente</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter für die SOAP-Verbindung von der
- Proxy-Komponente zur Auth-Komponente (vgl.
- AuthComponent/MOA-SP/ConnectionParameter)</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="OnlineApplication" maxOccurs="unbounded">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter für die OA</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:complexContent>
- <xsd:extension base="OnlineApplicationType">
- <xsd:attribute name="publicURLPrefix" type="xsd:anyURI" use="required"/>
- <xsd:attribute name="keyBoxIdentifier" type="MOAKeyBoxSelector" use="optional" default="SecureSignatureKeypair"/>
- <xsd:attribute name="type" use="optional" default="publicService">
- <xsd:simpleType>
- <xsd:restriction base="xsd:NMTOKEN">
- <xsd:enumeration value="businessService"/>
- <xsd:enumeration value="publicService"/>
- </xsd:restriction>
- </xsd:simpleType>
- </xsd:attribute>
- <xsd:attribute name="calculateHPI" type="xsd:boolean" use="optional" default="false"/>
- </xsd:extension>
- </xsd:complexContent>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="ChainingModes" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>spezifiziert den Algorithmus ("pkix" oder "chaining") für die
- Zertifikatspfadvalidierung</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence minOccurs="0" maxOccurs="unbounded">
- <xsd:element name="TrustAnchor">
- <xsd:annotation>
- <xsd:documentation>ein vom SystemDefaultMode abweichender ChiningMode kann
- für jeden TrustAnchor gesetzt werden</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:complexContent>
- <xsd:extension base="dsig:X509IssuerSerialType">
- <xsd:attribute name="mode" type="ChainingModeType" use="required"/>
- </xsd:extension>
- </xsd:complexContent>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- <xsd:attribute name="systemDefaultMode" type="ChainingModeType" use="optional" default="pkix"/>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="TrustedCACertificates" type="xsd:anyURI" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>verweist auf ein Verzeichnis, das vertrauenswürdige CA
- (Zwischen-CA, Wurzel-CA) Zertifikate enthält.</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="GenericConfiguration" minOccurs="0" maxOccurs="unbounded">
- <xsd:complexType>
- <xsd:attribute name="name" use="required">
- <xsd:simpleType>
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="DirectoryCertStoreParameters.RootDir"/>
- <xsd:enumeration value="AuthenticationSession.TimeOut"/>
- <xsd:enumeration value="AuthenticationData.TimeOut"/>
- <xsd:enumeration value="TrustManager.RevocationChecking"/>
- <xsd:enumeration value="FrontendServlets.EnableHTTPConnection"/>
- <xsd:enumeration value="FrontendServlets.DataURLPrefix"/>
- </xsd:restriction>
- </xsd:simpleType>
- </xsd:attribute>
- <xsd:attribute name="value" type="xsd:string" use="required"/>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:complexType name="AuthComponentType">
- <xsd:sequence>
- <xsd:element name="BKUSelection" minOccurs="0">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="ConnectionParameter" type="ConnectionParameterServerAuthType"/>
- </xsd:sequence>
- <xsd:attribute name="BKUSelectionAlternative" type="BKUSelectionType" use="optional" default="HTMLComplete"/>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="Templates" type="TemplatesType" minOccurs="0"/>
- <xsd:element name="SecurityLayer">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter für die Kommunikation mit dem
- Security-Layer</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="TransformsInfo" type="TransformsInfoType" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="MOA-SP">
- <xsd:annotation>
- <xsd:documentation>enthält Konfiguratiosnparameter für die Kommunikation mit dem MOA
- SP Modul</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter für die SOAP-Verbindung von der
- AUTH-Komponente zu MOA-SP; das Attribut URL enthält den Endpunkt des Server;
- wird das Schema "https" verwendet müssen die Kind-Elemente angegeben werden;
- wird das Schema "http" verwendet dürfen keine Kind-Elemente angegeben
- werden; wird das Element nicht verwendet dann wird MOA-SP über das API
- aufgerufen</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="VerifyIdentityLink">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter für die Überprüfung der
- Personenbindung</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element ref="TrustProfileID"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="VerifyAuthBlock">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter für die Überprüfung des
- AUTH-Blocks</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element ref="TrustProfileID"/>
- <xsd:element name="VerifyTransformsInfoProfileID" type="xsd:string" minOccurs="0" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="IdentityLinkSigners" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Informationen über akzeptierte Signers des
- IdentityLinks</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="X509SubjectName" type="xsd:string" maxOccurs="unbounded">
- <xsd:annotation>
- <xsd:documentation>akzeptierte Signer des IdentityLinks werden per
- X509SubjectName (Kodierung nach RFC 2253) identifiziert</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="VerifyInfoboxes" type="VerifyInfoboxesType" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Defaultparameter für die Überprüfung weiterer Infoboxen</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="TransformsInfoType">
- <xsd:annotation>
- <xsd:documentation>das Attribut filename verweist auf eine Datei mit globalem
- Element TransformsInfo vom Typ sl10:TransformsInfo; diese TransformsInfo
- werden in den CreateXMLSignatureRequest für die Signatur des AUTH-Blocks
- inkludiert</xsd:documentation>
- </xsd:annotation>
- <xsd:attribute name="filename" type="xsd:anyURI" use="required"/>
- </xsd:complexType>
- <xsd:complexType name="TemplatesType">
- <xsd:sequence>
- <xsd:element name="BKUSelectionTemplate" type="TemplateType" minOccurs="0"/>
- <xsd:element name="Template" type="TemplateType" minOccurs="0"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="TemplateType">
- <xsd:annotation>
- <xsd:documentation>das Attribut URL spezifiziert die Lage des Templates</xsd:documentation>
- </xsd:annotation>
- <xsd:attribute name="URL" type="xsd:anyURI" use="required"/>
- </xsd:complexType>
- <xsd:complexType name="VerifyInfoboxesType">
- <xsd:annotation>
- <xsd:documentation>Verifikation zusätzlicher Infoboxen</xsd:documentation>
- </xsd:annotation>
- <xsd:sequence>
- <xsd:element name="DefaultTrustProfile" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>Optionales DefaultTrustprofil für die Überprüfung aller weiteren Infoboxen</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element ref="TrustProfileID"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="Infobox" maxOccurs="unbounded">
- <xsd:annotation>
- <xsd:documentation>Parameter für Überprüfung weiterer Infoboxen</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="FriendlyName" type="xsd:string" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>optionalervName, der für Fehlermeldungen verwendet werden soll;
- z.B.: "Stellvertretungen" für "Mandates"; fehlt dieser Parameter, dann wird
- das Identifier-Attribut verwendet</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="TrustProfileID" type="xsd:string" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>TrustProfil, das für die Überprüfung der Infobox
- verwendet werden soll</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="ValidatorClass" type="xsd:string" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>Validatorklasse, die für die Prüfung der Infobox
- verwendet werden soll; muss gesetzt werden, wenn Package- und Klassenname
- vom Default Package- und Klassennamen abweichen</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="SchemaLocations" type="SchemaLocationType" minOccurs="0"/>
- <xsd:element name="ApplicationSpecificParameters" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>Infobox spezifische Parameter, die der jeweiligen Prüfapplikation
- übergeben werden</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:any namespace="##any" processContents="skip" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- <xsd:attribute name="Identifier" type="xsd:string" use="required"/>
- <xsd:attribute name="required" type="xsd:boolean" use="optional" default="false"/>
- <xsd:attribute name="provideStammzahl" type="xsd:boolean" use="optional" default="false"/>
- <xsd:attribute name="provideIdentityLink" type="xsd:boolean" use="optional" default="false"/>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="SchemaLocationType">
- <xsd:annotation>
- <xsd:documentation>Spezifiziert die Lage von XML Schemas</xsd:documentation>
- </xsd:annotation>
- <xsd:sequence>
- <xsd:element name="Schema" maxOccurs="unbounded">
- <xsd:complexType>
- <xsd:attribute name="namespace" type="xsd:anyURI" use="required"/>
- <xsd:attribute name="schemaLocation" type="xsd:anyURI" use="required"/>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="ProxyComponentType"/>
- <xsd:complexType name="OnlineApplicationType">
- <xsd:sequence>
- <xsd:element name="AuthComponent" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter über die OA, die die
- Authentisierungs-Komponente betreffen</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <!--xsd:element name="IdentificationNumber" minOccurs="0">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element ref="pr:AbstractSimpleIdentification"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element-->
- <xsd:element name="IdentificationNumber" minOccurs="0">
- <xsd:complexType>
- <xsd:choice>
- <xsd:element ref="pr:Firmenbuchnummer"/>
- <xsd:element ref="pr:ZMRzahl"/>
- <xsd:element ref="pr:Vereinsnummer"/>
- <xsd:element ref="pr:ERJPZahl"/>
- <xsd:element name="AnyNumber">
- <xsd:complexType>
- <xsd:simpleContent>
- <xsd:extension base="xsd:string">
- <xsd:attribute name="Identifier" type="xsd:string" use="required"/>
- </xsd:extension>
- </xsd:simpleContent>
- </xsd:complexType>
- </xsd:element>
- </xsd:choice>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="Templates" type="TemplatesType" minOccurs="0"/>
- <xsd:element name="TransformsInfo" type="TransformsInfoType" minOccurs="0" maxOccurs="unbounded"/>
- <xsd:element name="VerifyInfoboxes" type="VerifyInfoboxesType" minOccurs="0"/>
- </xsd:sequence>
- <xsd:attribute name="slVersion" use="optional" default="1.1">
- <xsd:simpleType>
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="1.1"/>
- <xsd:enumeration value="1.2"/>
- </xsd:restriction>
- </xsd:simpleType>
- </xsd:attribute>
- <xsd:attribute name="provideStammzahl" type="xsd:boolean" use="optional" default="false"/>
- <xsd:attribute name="provideAUTHBlock" type="xsd:boolean" use="optional" default="false"/>
- <xsd:attribute name="provideIdentityLink" type="xsd:boolean" use="optional" default="false"/>
- <xsd:attribute name="provideCertificate" type="xsd:boolean" use="optional" default="false"/>
- <!--xsd:element ref="pr:AbstractSimpleIdentification" minOccurs="0" maxOccurs="1"/-->
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="ProxyComponent" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter über die OA, die die Proxy-Komponente
- betreffen</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter über die OA, die die Proxy-Komponente
- betreffen</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- <xsd:attribute name="configFileURL" type="xsd:anyURI" use="optional"/>
- <xsd:attribute name="sessionTimeOut" type="xsd:int" use="optional"/>
- <xsd:attribute name="loginParameterResolverImpl" type="xsd:string" use="optional"/>
- <xsd:attribute name="loginParameterResolverConfiguration" type="xsd:string" use="optional"/>
- <xsd:attribute name="connectionBuilderImpl" type="xsd:string" use="optional"/>
- </xsd:complexType>
- </xsd:element>
- <!--xsd:element ref="pr:CorporateBody" minOccurs="0" maxOccurs="1"/-->
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="ConnectionParameterServerAuthType">
- <xsd:sequence>
- <xsd:element name="AcceptedServerCertificates" type="xsd:anyURI" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>URL zu einem Verzeichnis, das akzeptierte Server-Zertifikate der
- TLS-Verbindung enthält (keine CA-Zertifikate)</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- <xsd:attribute name="URL" type="xsd:anyURI" use="required"/>
- </xsd:complexType>
- <xsd:complexType name="ConnectionParameterClientAuthType">
- <xsd:complexContent>
- <xsd:extension base="ConnectionParameterServerAuthType">
- <xsd:sequence>
- <xsd:element name="ClientKeyStore" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>URL zu einem KeyStore, der den privaten Schlüssel, der für
- die TLS-Client-Authentisierung verwendetwird, enthält</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:simpleContent>
- <xsd:extension base="xsd:anyURI">
- <xsd:attribute name="password" type="xsd:string" use="optional"/>
- </xsd:extension>
- </xsd:simpleContent>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- </xsd:extension>
- </xsd:complexContent>
- </xsd:complexType>
- <xsd:element name="TrustProfileID" type="xsd:string"/>
- <xsd:simpleType name="ChainingModeType">
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="chaining"/>
- <xsd:enumeration value="pkix"/>
- </xsd:restriction>
- </xsd:simpleType>
- <xsd:simpleType name="BKUSelectionType">
- <xsd:restriction base="xsd:token">
- <xsd:enumeration value="HTMLComplete"/>
- <xsd:enumeration value="HTMLSelect"/>
- </xsd:restriction>
- </xsd:simpleType>
-</xsd:schema>
diff --git a/common/src/main/resources/resources/schemas/MOA-ID-Configuration-1.5.0.xsd b/common/src/main/resources/resources/schemas/MOA-ID-Configuration-1.5.0.xsd deleted file mode 100644 index 19b793fdb..000000000 --- a/common/src/main/resources/resources/schemas/MOA-ID-Configuration-1.5.0.xsd +++ /dev/null @@ -1,665 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?>
-<!-- edited with XMLSpy v2006 sp2 U (http://www.altova.com) by Klaus Stranacher (Technische Universität Graz) -->
-<xsd:schema xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" targetNamespace="http://www.buergerkarte.at/namespaces/moaconfig#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.4.3">
- <!-- es werden lokale Schemas referenziert für real aufgelöste Schemas bitte ersetzen: http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd -->
- <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd"/>
- <xsd:import namespace="http://reference.e-government.gv.at/namespace/persondata/20020228#" schemaLocation="PersonData_20_en_moaWID.xsd"/>
- <xsd:element name="Configuration">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="LoginType" type="LoginType" default="stateful"/>
- <xsd:element name="Binding" minOccurs="0">
- <xsd:simpleType>
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="full"/>
- <xsd:enumeration value="userName"/>
- <xsd:enumeration value="none"/>
- </xsd:restriction>
- </xsd:simpleType>
- </xsd:element>
- <xsd:choice>
- <xsd:element ref="ParamAuth"/>
- <xsd:element ref="BasicAuth"/>
- <xsd:element ref="HeaderAuth"/>
- </xsd:choice>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:simpleType name="LoginType">
- <xsd:restriction base="xsd:token">
- <xsd:enumeration value="stateless"/>
- <xsd:enumeration value="stateful"/>
- </xsd:restriction>
- </xsd:simpleType>
- <xsd:element name="ParamAuth">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element ref="Parameter" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="Parameter">
- <xsd:complexType>
- <xsd:attribute name="Name" type="xsd:token" use="required"/>
- <xsd:attribute name="Value" type="MOAAuthDataType" use="required"/>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="BasicAuth">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="UserID" type="MOAAuthDataType"/>
- <xsd:element name="Password" type="MOAAuthDataType"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="HeaderAuth">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element ref="Header" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="Header">
- <xsd:complexType>
- <xsd:attribute name="Name" type="xsd:token" use="required"/>
- <xsd:attribute name="Value" type="MOAAuthDataType" use="required"/>
- </xsd:complexType>
- </xsd:element>
- <xsd:simpleType name="MOAAuthDataType">
- <xsd:restriction base="xsd:token">
- <xsd:enumeration value="MOAGivenName"/>
- <xsd:enumeration value="MOAFamilyName"/>
- <xsd:enumeration value="MOADateOfBirth"/>
- <xsd:enumeration value="MOABPK"/>
- <xsd:enumeration value="MOAWBPK"/>
- <xsd:enumeration value="MOAPublicAuthority"/>
- <xsd:enumeration value="MOABKZ"/>
- <xsd:enumeration value="MOAQualifiedCertificate"/>
- <xsd:enumeration value="MOAStammzahl"/>
- <xsd:enumeration value="MOAIdentificationValueType"/>
- <xsd:enumeration value="MOAIPAddress"/>
- </xsd:restriction>
- </xsd:simpleType>
- <xsd:simpleType name="MOAKeyBoxSelector">
- <xsd:restriction base="xsd:token">
- <xsd:enumeration value="SecureSignatureKeypair"/>
- <xsd:enumeration value="CertifiedKeypair"/>
- </xsd:restriction>
- </xsd:simpleType>
- <!--Konfiguration für Authentisierungs- und Proxy-Komponente und Online-Applikation-->
- <xsd:element name="MOA-IDConfiguration">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="AuthComponent" type="AuthComponentType" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter der Authentisierungs-Komponente</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="ProxyComponent" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Konfigurationsparameter der Proxy-Komponente</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="AuthComponent">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter für die Kommunikation zw. Proxykomponente und Authenttisierungskomponente</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter für die SOAP-Verbindung von der Proxy-Komponente zur Auth-Komponente (vgl. AuthComponent/MOA-SP/ConnectionParameter)</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="OnlineApplication" maxOccurs="unbounded">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter für die OA</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:complexContent>
- <xsd:extension base="OnlineApplicationType">
- <xsd:attribute name="publicURLPrefix" type="xsd:anyURI" use="required"/>
- <xsd:attribute name="keyBoxIdentifier" type="MOAKeyBoxSelector" use="optional" default="SecureSignatureKeypair"/>
- <xsd:attribute name="type" use="optional" default="publicService">
- <xsd:simpleType>
- <xsd:restriction base="xsd:NMTOKEN">
- <xsd:enumeration value="businessService"/>
- <xsd:enumeration value="publicService"/>
- </xsd:restriction>
- </xsd:simpleType>
- </xsd:attribute>
- <xsd:attribute name="calculateHPI" type="xsd:boolean" use="optional" default="false"/>
- <xsd:attribute name="friendlyName" type="xsd:string" use="optional"/>
- </xsd:extension>
- </xsd:complexContent>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="ChainingModes" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>spezifiziert den Algorithmus ("pkix" oder "chaining") für die Zertifikatspfadvalidierung</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence minOccurs="0" maxOccurs="unbounded">
- <xsd:element name="TrustAnchor">
- <xsd:annotation>
- <xsd:documentation>ein vom SystemDefaultMode abweichender ChiningMode kann für jeden TrustAnchor gesetzt werden</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:complexContent>
- <xsd:extension base="dsig:X509IssuerSerialType">
- <xsd:attribute name="mode" type="ChainingModeType" use="required"/>
- </xsd:extension>
- </xsd:complexContent>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- <xsd:attribute name="systemDefaultMode" type="ChainingModeType" use="optional" default="pkix"/>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="TrustedCACertificates" type="xsd:anyURI" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>verweist auf ein Verzeichnis, das vertrauenswürdige CA (Zwischen-CA, Wurzel-CA) Zertifikate enthält.</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="GenericConfiguration" minOccurs="0" maxOccurs="unbounded">
- <xsd:complexType>
- <xsd:attribute name="name" use="required">
- <xsd:simpleType>
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="DirectoryCertStoreParameters.RootDir"/>
- <xsd:enumeration value="AuthenticationSession.TimeOut"/>
- <xsd:enumeration value="AuthenticationData.TimeOut"/>
- <xsd:enumeration value="TrustManager.RevocationChecking"/>
- <xsd:enumeration value="FrontendServlets.EnableHTTPConnection"/>
- <xsd:enumeration value="FrontendServlets.DataURLPrefix"/>
- <xsd:enumeration value="AuthenticationServer.KeepAssertion"/>
- <xsd:enumeration value="AuthenticationServer.WriteAssertionToFile"/>
- <xsd:enumeration value="AuthenticationServer.SourceID"/>
- </xsd:restriction>
- </xsd:simpleType>
- </xsd:attribute>
- <xsd:attribute name="value" type="xsd:string" use="required"/>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="TrustedBKUs" minOccurs="0">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="BKUURL" type="xsd:anyURI" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:complexType name="AuthComponentType">
- <xsd:sequence>
- <xsd:element name="BKUSelection" minOccurs="0">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="ConnectionParameter" type="ConnectionParameterServerAuthType"/>
- </xsd:sequence>
- <xsd:attribute name="BKUSelectionAlternative" type="BKUSelectionType" use="optional" default="HTMLComplete"/>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="Templates" type="TemplatesType" minOccurs="0"/>
- <xsd:element name="SecurityLayer">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter für die Kommunikation mit dem Security-Layer</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="TransformsInfo" type="TransformsInfoType" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="MOA-SP">
- <xsd:annotation>
- <xsd:documentation>enthält Konfiguratiosnparameter für die Kommunikation mit dem MOA SP Modul</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter für die SOAP-Verbindung von der AUTH-Komponente zu MOA-SP; das Attribut URL enthält den Endpunkt des Server; wird das Schema "https" verwendet müssen die Kind-Elemente angegeben werden; wird das Schema "http" verwendet dürfen keine Kind-Elemente angegeben werden; wird das Element nicht verwendet dann wird MOA-SP über das API aufgerufen</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="VerifyIdentityLink">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter für die Überprüfung der Personenbindung</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element ref="TrustProfileID"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="VerifyAuthBlock">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter für die Überprüfung des AUTH-Blocks</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element ref="TrustProfileID"/>
- <xsd:element name="VerifyTransformsInfoProfileID" type="xsd:string" minOccurs="0" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="IdentityLinkSigners" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Informationen über akzeptierte Signers des IdentityLinks</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="X509SubjectName" type="xsd:string" maxOccurs="unbounded">
- <xsd:annotation>
- <xsd:documentation>akzeptierte Signer des IdentityLinks werden per X509SubjectName (Kodierung nach RFC 2253) identifiziert</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="VerifyInfoboxes" type="VerifyInfoboxesType" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Defaultparameter für die Überprüfung weiterer Infoboxen</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="ForeignIdentities" minOccurs="0">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType">
- <xsd:annotation>
- <xsd:documentation>Verbindungsparameter zum SZR-Gateway (GetIdentityLink)</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="OnlineMandates" minOccurs="0">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType">
- <xsd:annotation>
- <xsd:documentation>Verbindungsparameter zum Online-Vollmachten-Service</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="TransformsInfoType">
- <xsd:annotation>
- <xsd:documentation>das Attribut filename verweist auf eine Datei mit globalem Element TransformsInfo vom Typ sl10:TransformsInfo; diese TransformsInfo werden in den CreateXMLSignatureRequest für die Signatur des AUTH-Blocks inkludiert</xsd:documentation>
- </xsd:annotation>
- <xsd:attribute name="filename" type="xsd:anyURI" use="required"/>
- </xsd:complexType>
- <xsd:complexType name="TemplatesType">
- <xsd:sequence>
- <xsd:element name="BKUSelectionTemplate" type="TemplateType" minOccurs="0"/>
- <xsd:element name="Template" type="TemplateType" minOccurs="0"/>
- <xsd:element name="InputProcessorSignTemplate" type="TemplateType" minOccurs="0"/>
- <xsd:element name="OnlineMandates" minOccurs="0">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="BKU" maxOccurs="unbounded">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="MOA-ID-Template" type="TemplateType"/>
- <xsd:element name="MandateTemplate" type="TemplateType"/>
- </xsd:sequence>
- <xsd:attribute name="URL" use="required"/>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="TemplateType">
- <xsd:annotation>
- <xsd:documentation>das Attribut URL spezifiziert die Lage des Templates</xsd:documentation>
- </xsd:annotation>
- <xsd:attribute name="URL" type="xsd:anyURI" use="required"/>
- </xsd:complexType>
- <xsd:complexType name="VerifyInfoboxesType">
- <xsd:annotation>
- <xsd:documentation>Verifikation zusätzlicher Infoboxen</xsd:documentation>
- </xsd:annotation>
- <xsd:sequence>
- <xsd:element name="DefaultTrustProfile" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>Optionales DefaultTrustprofil für die Überprüfung aller weiteren Infoboxen</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element ref="TrustProfileID"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="Infobox" type="InfoboxType" minOccurs="0" maxOccurs="unbounded">
- <xsd:annotation>
- <xsd:documentation>Parameter für Überprüfung weiterer Infoboxen</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="InfoboxType">
- <xsd:annotation>
- <xsd:documentation>Parameter zur Überprüfung einzelner Infoboxen</xsd:documentation>
- </xsd:annotation>
- <xsd:sequence>
- <xsd:element name="FriendlyName" type="xsd:string" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>optionalervName, der für Fehlermeldungen verwendet werden soll; z.B.: "Stellvertretungen" für "Mandates"; fehlt dieser Parameter, dann wird das Identifier-Attribut verwendet</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="TrustProfileID" type="xsd:string" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>TrustProfil, das für die Überprüfung der Infobox verwendet werden soll</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="ValidatorClass" type="xsd:string" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>Validatorklasse, die für die Prüfung der Infobox verwendet werden soll; muss gesetzt werden, wenn Package- und Klassenname vom Default Package- und Klassennamen abweichen</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="SchemaLocations" type="SchemaLocationType" minOccurs="0"/>
- <xsd:element name="ApplicationSpecificParameters" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>Infobox spezifische Parameter, die der jeweiligen Prüfapplikation übergeben werden</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:any namespace="##any" processContents="skip" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="ParepSpecificParameters" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>Infobox spezifische Parameter, die der Prüfapplikation für berufliche Parteienvertretung übergeben werden. Dies ist logisch Teil der ApplicationSpecificParameters, kann jedoch aufgrund der Strukturierung validierend geparst werden und dadurch wird eine funktionierende Konfiguration bei Programmstart garantiert.</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element ref="EnableInfoboxValidator" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>Falls Infoboxinhalte für die berufliche Parteienvertretung in der Vollmachten Infobox "mandates" abgelegt werden und Vertretung für berufliche Parteienvertreter aktiviert ist, so kann mit diesem Schalter die Vollmachtsprüfung für normale Vollmachten deaktiviert werden. Damit wird erreicht, dass mittels der Vollmachten Infobox ausschließlich berufliche Parteienvertretung aktiviert ist. Dieser Schalter ist nur für die Vollmachten Infobox "mandates" relevant.</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="PartyRepresentation" type="PartyRepresentationType">
- <xsd:annotation>
- <xsd:documentation>Eigentlicher Konfigurationsteil für berufliche Parteienvertretung</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- <xsd:attribute name="Identifier" type="xsd:string" use="required"/>
- <xsd:attribute name="required" type="xsd:boolean" use="optional" default="false"/>
- <xsd:attribute name="provideStammzahl" type="xsd:boolean" use="optional" default="false"/>
- <xsd:attribute name="provideIdentityLink" type="xsd:boolean" use="optional" default="false"/>
- </xsd:complexType>
- <xsd:complexType name="SchemaLocationType">
- <xsd:annotation>
- <xsd:documentation>Spezifiziert die Lage von XML Schemas</xsd:documentation>
- </xsd:annotation>
- <xsd:sequence>
- <xsd:element name="Schema" maxOccurs="unbounded">
- <xsd:complexType>
- <xsd:attribute name="namespace" type="xsd:anyURI" use="required"/>
- <xsd:attribute name="schemaLocation" type="xsd:anyURI" use="required"/>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="ProxyComponentType"/>
- <xsd:complexType name="OnlineApplicationType">
- <xsd:sequence>
- <xsd:element name="AuthComponent" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter über die OA, die die Authentisierungs-Komponente betreffen</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <!--xsd:element name="IdentificationNumber" minOccurs="0">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element ref="pr:AbstractSimpleIdentification"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element-->
- <xsd:element name="IdentificationNumber" minOccurs="0">
- <xsd:complexType>
- <xsd:choice>
- <xsd:element ref="pr:Firmenbuchnummer"/>
- <xsd:element ref="pr:ZMRzahl"/>
- <xsd:element ref="pr:Vereinsnummer"/>
- <xsd:element ref="pr:ERJPZahl"/>
- <xsd:element name="AnyNumber">
- <xsd:complexType>
- <xsd:simpleContent>
- <xsd:extension base="xsd:string">
- <xsd:attribute name="Identifier" type="xsd:string" use="required"/>
- </xsd:extension>
- </xsd:simpleContent>
- </xsd:complexType>
- </xsd:element>
- </xsd:choice>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="Templates" type="TemplatesType" minOccurs="0"/>
- <xsd:element name="TransformsInfo" type="TransformsInfoType" minOccurs="0" maxOccurs="unbounded"/>
- <xsd:element name="VerifyInfoboxes" type="VerifyInfoboxesType" minOccurs="0"/>
- <xsd:element name="Mandates" minOccurs="0">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="Profiles" type="xsd:string"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- <xsd:attribute name="slVersion" use="optional" default="1.1">
- <xsd:simpleType>
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="1.1"/>
- <xsd:enumeration value="1.2"/>
- </xsd:restriction>
- </xsd:simpleType>
- </xsd:attribute>
- <xsd:attribute name="provideStammzahl" type="xsd:boolean" use="optional" default="false"/>
- <xsd:attribute name="provideAUTHBlock" type="xsd:boolean" use="optional" default="false"/>
- <xsd:attribute name="provideIdentityLink" type="xsd:boolean" use="optional" default="false"/>
- <xsd:attribute name="provideCertificate" type="xsd:boolean" use="optional" default="false"/>
- <!--xsd:element ref="pr:AbstractSimpleIdentification" minOccurs="0" maxOccurs="1"/-->
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="ProxyComponent" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter über die OA, die die Proxy-Komponente betreffen</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter über die OA, die die Proxy-Komponente betreffen</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- <xsd:attribute name="configFileURL" type="xsd:anyURI" use="optional"/>
- <xsd:attribute name="sessionTimeOut" type="xsd:int" use="optional"/>
- <xsd:attribute name="loginParameterResolverImpl" type="xsd:string" use="optional"/>
- <xsd:attribute name="loginParameterResolverConfiguration" type="xsd:string" use="optional"/>
- <xsd:attribute name="connectionBuilderImpl" type="xsd:string" use="optional"/>
- </xsd:complexType>
- </xsd:element>
- <!--xsd:element ref="pr:CorporateBody" minOccurs="0" maxOccurs="1"/-->
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="ConnectionParameterServerAuthType">
- <xsd:sequence>
- <xsd:element name="AcceptedServerCertificates" type="xsd:anyURI" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>URL zu einem Verzeichnis, das akzeptierte Server-Zertifikate der TLS-Verbindung enthält (keine CA-Zertifikate)</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- <xsd:attribute name="URL" type="xsd:anyURI" use="required"/>
- </xsd:complexType>
- <xsd:complexType name="ConnectionParameterClientAuthType">
- <xsd:complexContent>
- <xsd:extension base="ConnectionParameterServerAuthType">
- <xsd:sequence>
- <xsd:element name="ClientKeyStore" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>URL zu einem KeyStore, der den privaten Schlüssel, der für die TLS-Client-Authentisierung verwendet wird, enthält</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:simpleContent>
- <xsd:extension base="xsd:anyURI">
- <xsd:attribute name="password" type="xsd:string" use="optional"/>
- </xsd:extension>
- </xsd:simpleContent>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- </xsd:extension>
- </xsd:complexContent>
- </xsd:complexType>
- <xsd:element name="TrustProfileID" type="xsd:string"/>
- <xsd:simpleType name="ChainingModeType">
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="chaining"/>
- <xsd:enumeration value="pkix"/>
- </xsd:restriction>
- </xsd:simpleType>
- <xsd:simpleType name="BKUSelectionType">
- <xsd:restriction base="xsd:token">
- <xsd:enumeration value="HTMLComplete"/>
- <xsd:enumeration value="HTMLSelect"/>
- </xsd:restriction>
- </xsd:simpleType>
- <xsd:element name="CompatibilityMode" default="false">
- <xsd:simpleType>
- <xsd:restriction base="xsd:boolean"/>
- </xsd:simpleType>
- </xsd:element>
- <xsd:element name="EnableInfoboxValidator" default="true">
- <xsd:simpleType>
- <xsd:restriction base="xsd:boolean"/>
- </xsd:simpleType>
- </xsd:element>
- <xsd:element name="AlwaysShowForm" default="false">
- <xsd:annotation>
- <xsd:documentation>Soll nicht nur bei leerer oder standardisierter Vollmacht mit unvollständigen Daten, sondern beispielsweise zu Kontrollzwecken das Eingabeformular immer angezeigt werden, wenn ein Einschreiten durch berufliche Parteienvertretung geschieht so kann dies mittels dieses Schalters veranlasst werden</xsd:documentation>
- </xsd:annotation>
- <xsd:simpleType>
- <xsd:restriction base="xsd:boolean"/>
- </xsd:simpleType>
- </xsd:element>
- <xsd:complexType name="InputProcessorType">
- <xsd:simpleContent>
- <xsd:extension base="xsd:string">
- <xsd:attribute name="template" type="xsd:anyURI" use="optional">
- <xsd:annotation>
- <xsd:documentation>Das Attribut spezifiziert die Lage des Templates, welches der InputProcessor zur Darstellung des Eingabeformulars nutzen soll</xsd:documentation>
- </xsd:annotation>
- </xsd:attribute>
- </xsd:extension>
- </xsd:simpleContent>
- </xsd:complexType>
- <xsd:complexType name="PartyRepresentationType">
- <xsd:sequence>
- <xsd:element name="InputProcessor" type="InputProcessorType" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>Default InputProcessor. Konfiguration eines vom Standardprozess abweichenden Verarbeitungsvorgangs bei der beruflichen Parteienvertretung. Der Wert dieses Elements ist der vollständige Klassenname des InputProzessors</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element ref="AlwaysShowForm" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>Default Wert für Formularanzeige. Soll nicht nur bei leerer oder standardisierter Vollmacht mit unvollständigen Daten, sondern beispielsweise zu Kontrollzwecken das Eingabeformular zur vervollständigung der Vertretenendaten immer angezeigt werden, wenn ein Einschreiten durch berufliche Parteienvertretung geschieht so kann dies mittels dieses Schalters veranlasst werden</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>Default Verbindungsparameter zum SZR-Gateway (für den EGIZ-Demonstrator im internen Netzwerk: https://129.27.142.5:8443/szr-gateway/services/MandateCreation)</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="PartyRepresentative" type="PartyRepresentativeType" minOccurs="0" maxOccurs="unbounded">
- <xsd:annotation>
- <xsd:documentation>Falls keine speziellen beruflichen ParteienvertreterInnen definiert sind (Element kommt nicht vor), werden ausschließlich standardisierte Vollmachten mit einer MandateID="*" akzeptiert</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="PartyRepresentativeType">
- <xsd:sequence>
- <xsd:element name="InputProcessor" type="InputProcessorType" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>Konfiguration eines vom Standardprozess abweichenden Verarbeitungsvorgangs bei der beruflichen Parteienvertretung. Der Wert dieses Elements ist der vollständige Klassenname des InputProzessors</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element ref="AlwaysShowForm" minOccurs="0"/>
- <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>Optionale Verbindungsparameter zu speziellem (SZR-)Gateway</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- <xsd:attribute name="oid" use="required">
- <xsd:annotation>
- <xsd:documentation>OID der Parteienvertretung lt. "Object Identifier der öffentlichen Verwaltung" - Konvention, Empfehlung. Diese ID muss mit der MandateID der übermittelten standardisierten Vollmacht übereinstimmen. Eine Parteienvertretung für standardisierte Vollmachten mit der MandateID "*" muss nicht definiert werden und erlaubt eine allgemeine berufliche Parteienvertretung mit Standardtexten. In anderen Fällen ist eine erlaubte OID mitttels dieses Attributs zu definieren</xsd:documentation>
- </xsd:annotation>
- <!--xsd:simpleType>
- <xsd:restriction/>
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="1.2.40.0.10.3.1"/>
- <xsd:enumeration value="1.2.40.0.10.3.2"/>
- <xsd:enumeration value="1.2.40.0.10.3.3"/>
- <xsd:enumeration value="1.2.40.0.10.3.10"/>
- <xsd:enumeration value="1.2.40.0.10.3.10.IdentifiedVoiceChannel"/>
- </xsd:restriction>
- </xsd:simpleType-->
- </xsd:attribute>
- <xsd:attribute name="representPhysicalParty" use="optional" default="false">
- <xsd:annotation>
- <xsd:documentation>Legt fest, ob berufliche Parteienvertretung für natürliche Personen erlaubt ist</xsd:documentation>
- </xsd:annotation>
- <xsd:simpleType>
- <xsd:restriction base="xsd:boolean"/>
- </xsd:simpleType>
- </xsd:attribute>
- <xsd:attribute name="representCorporateParty" use="optional" default="false">
- <xsd:annotation>
- <xsd:documentation>Legt fest, ob berufliche Parteienvertretung für juristische Personen erlaubt ist (welche z.B. ein Organwalter nicht vertreten darf und dieser Wert aus diesem Grund dort false sein muss)</xsd:documentation>
- </xsd:annotation>
- <xsd:simpleType>
- <xsd:restriction base="xsd:boolean"/>
- </xsd:simpleType>
- </xsd:attribute>
- <xsd:attribute name="representationText" use="optional">
- <xsd:annotation>
- <xsd:documentation>Beschreibender Text, der an Stelle des Standardtexts bei der Signatur der Anmeldedaten im Falle einer vorliegenden beruflichen Parteienvertretung zur Signatur vorgelegt wird</xsd:documentation>
- </xsd:annotation>
- <!--xsd:simpleType>
- <xsd:restriction/>
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="berufsmäßige(r) Parteienvertreter(in) mit Notariatseigenschaft"/>
- <xsd:enumeration value="berufsmäßige(r) Parteienvertreter(in) mit Rechtsanwaltseigenschaft"/>
- <xsd:enumeration value="berufsmäßige(r) Parteienvertreter(in) mit Ziviltechnikerinneneigenschaft)"/>
- <xsd:enumeration value="Organwalter"/>
- <xsd:enumeration value="Parteienvertreter(in) über einen identifizierten Sprachkanal"/>
- </xsd:restriction>
- </xsd:simpleType-->
- </xsd:attribute>
- </xsd:complexType>
-</xsd:schema>
diff --git a/common/src/main/resources/resources/schemas/MOA-ID-Configuration-1.5.1.xsd b/common/src/main/resources/resources/schemas/MOA-ID-Configuration-1.5.1.xsd deleted file mode 100644 index d16953eab..000000000 --- a/common/src/main/resources/resources/schemas/MOA-ID-Configuration-1.5.1.xsd +++ /dev/null @@ -1,659 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?>
-<xsd:schema xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" targetNamespace="http://www.buergerkarte.at/namespaces/moaconfig#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.4.3">
- <!-- es werden lokale Schemas referenziert für real aufgelöste Schemas bitte ersetzen: http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd -->
- <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd"/>
- <xsd:import namespace="http://reference.e-government.gv.at/namespace/persondata/20020228#" schemaLocation="PersonData_20_en_moaWID.xsd"/>
- <xsd:element name="Configuration">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="LoginType" type="LoginType" default="stateful"/>
- <xsd:element name="Binding" minOccurs="0">
- <xsd:simpleType>
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="full"/>
- <xsd:enumeration value="userName"/>
- <xsd:enumeration value="none"/>
- </xsd:restriction>
- </xsd:simpleType>
- </xsd:element>
- <xsd:choice>
- <xsd:element ref="ParamAuth"/>
- <xsd:element ref="BasicAuth"/>
- <xsd:element ref="HeaderAuth"/>
- </xsd:choice>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:simpleType name="LoginType">
- <xsd:restriction base="xsd:token">
- <xsd:enumeration value="stateless"/>
- <xsd:enumeration value="stateful"/>
- </xsd:restriction>
- </xsd:simpleType>
- <xsd:element name="ParamAuth">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element ref="Parameter" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="Parameter">
- <xsd:complexType>
- <xsd:attribute name="Name" type="xsd:token" use="required"/>
- <xsd:attribute name="Value" type="MOAAuthDataType" use="required"/>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="BasicAuth">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="UserID" type="MOAAuthDataType"/>
- <xsd:element name="Password" type="MOAAuthDataType"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="HeaderAuth">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element ref="Header" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="Header">
- <xsd:complexType>
- <xsd:attribute name="Name" type="xsd:token" use="required"/>
- <xsd:attribute name="Value" type="MOAAuthDataType" use="required"/>
- </xsd:complexType>
- </xsd:element>
- <xsd:simpleType name="MOAAuthDataType">
- <xsd:restriction base="xsd:token">
- <xsd:enumeration value="MOAGivenName"/>
- <xsd:enumeration value="MOAFamilyName"/>
- <xsd:enumeration value="MOADateOfBirth"/>
- <xsd:enumeration value="MOABPK"/>
- <xsd:enumeration value="MOAWBPK"/>
- <xsd:enumeration value="MOAPublicAuthority"/>
- <xsd:enumeration value="MOABKZ"/>
- <xsd:enumeration value="MOAQualifiedCertificate"/>
- <xsd:enumeration value="MOAStammzahl"/>
- <xsd:enumeration value="MOAIdentificationValueType"/>
- <xsd:enumeration value="MOAIPAddress"/>
- </xsd:restriction>
- </xsd:simpleType>
- <xsd:simpleType name="MOAKeyBoxSelector">
- <xsd:restriction base="xsd:token">
- <xsd:enumeration value="SecureSignatureKeypair"/>
- <xsd:enumeration value="CertifiedKeypair"/>
- </xsd:restriction>
- </xsd:simpleType>
- <!--Konfiguration für Authentisierungs- und Proxy-Komponente und Online-Applikation-->
- <xsd:element name="MOA-IDConfiguration">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="AuthComponent" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter der Authentisierungs-Komponente</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:complexContent>
- <xsd:extension base="AuthComponentType">
- </xsd:extension>
- </xsd:complexContent>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="ProxyComponent" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Konfigurationsparameter der Proxy-Komponente</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="AuthComponent">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter für die Kommunikation zw. Proxykomponente und Authenttisierungskomponente</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter für die SOAP-Verbindung von der Proxy-Komponente zur Auth-Komponente (vgl. AuthComponent/MOA-SP/ConnectionParameter)</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="OnlineApplication" maxOccurs="unbounded">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter für die OA</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:complexContent>
- <xsd:extension base="OnlineApplicationType">
- <xsd:attribute name="publicURLPrefix" type="xsd:anyURI" use="required"/>
- <xsd:attribute name="keyBoxIdentifier" type="MOAKeyBoxSelector" use="optional" default="SecureSignatureKeypair"/>
- <xsd:attribute name="type" use="optional" default="publicService">
- <xsd:simpleType>
- <xsd:restriction base="xsd:NMTOKEN">
- <xsd:enumeration value="businessService"/>
- <xsd:enumeration value="publicService"/>
- </xsd:restriction>
- </xsd:simpleType>
- </xsd:attribute>
- <xsd:attribute name="calculateHPI" type="xsd:boolean" use="optional" default="false"/>
- <xsd:attribute name="friendlyName" type="xsd:string" use="optional"/>
- <xsd:attribute name="target" type="xsd:string" use="optional"/>
- <xsd:attribute name="targetFriendlyName" type="xsd:string" use="optional"/>
- </xsd:extension>
- </xsd:complexContent>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="ChainingModes" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>spezifiziert den Algorithmus ("pkix" oder "chaining") für die Zertifikatspfadvalidierung</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence minOccurs="0" maxOccurs="unbounded">
- <xsd:element name="TrustAnchor">
- <xsd:annotation>
- <xsd:documentation>ein vom SystemDefaultMode abweichender ChiningMode kann für jeden TrustAnchor gesetzt werden</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:complexContent>
- <xsd:extension base="dsig:X509IssuerSerialType">
- <xsd:attribute name="mode" type="ChainingModeType" use="required"/>
- </xsd:extension>
- </xsd:complexContent>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- <xsd:attribute name="systemDefaultMode" type="ChainingModeType" use="optional" default="pkix"/>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="TrustedCACertificates" type="xsd:anyURI" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>verweist auf ein Verzeichnis, das vertrauenswürdige CA (Zwischen-CA, Wurzel-CA) Zertifikate enthält.</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="GenericConfiguration" minOccurs="0" maxOccurs="unbounded">
- <xsd:complexType>
- <xsd:attribute name="name" use="required">
- <xsd:simpleType>
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="DirectoryCertStoreParameters.RootDir"/>
- <xsd:enumeration value="AuthenticationSession.TimeOut"/>
- <xsd:enumeration value="AuthenticationData.TimeOut"/>
- <xsd:enumeration value="TrustManager.RevocationChecking"/>
- <xsd:enumeration value="FrontendServlets.EnableHTTPConnection"/>
- <xsd:enumeration value="FrontendServlets.DataURLPrefix"/>
- <xsd:enumeration value="AuthenticationServer.KeepAssertion"/>
- <xsd:enumeration value="AuthenticationServer.WriteAssertionToFile"/>
- <xsd:enumeration value="AuthenticationServer.SourceID"/>
- </xsd:restriction>
- </xsd:simpleType>
- </xsd:attribute>
- <xsd:attribute name="value" type="xsd:string" use="required"/>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="TrustedBKUs" minOccurs="0">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="BKUURL" type="xsd:anyURI" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:complexType name="AuthComponentType">
- <xsd:sequence>
- <xsd:element name="BKUSelection" minOccurs="0">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="ConnectionParameter" type="ConnectionParameterServerAuthType"/>
- </xsd:sequence>
- <xsd:attribute name="BKUSelectionAlternative" type="BKUSelectionType" use="optional" default="HTMLComplete"/>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="Templates" type="TemplatesType" minOccurs="0"/>
- <xsd:element name="SecurityLayer">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter für die Kommunikation mit dem Security-Layer</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="TransformsInfo" type="TransformsInfoType" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="MOA-SP">
- <xsd:annotation>
- <xsd:documentation>enthält Konfiguratiosnparameter für die Kommunikation mit dem MOA SP Modul</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter für die SOAP-Verbindung von der AUTH-Komponente zu MOA-SP; das Attribut URL enthält den Endpunkt des Server; wird das Schema "https" verwendet müssen die Kind-Elemente angegeben werden; wird das Schema "http" verwendet dürfen keine Kind-Elemente angegeben werden; wird das Element nicht verwendet dann wird MOA-SP über das API aufgerufen</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="VerifyIdentityLink">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter für die Überprüfung der Personenbindung</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element ref="TrustProfileID"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="VerifyAuthBlock">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter für die Überprüfung des AUTH-Blocks</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element ref="TrustProfileID"/>
- <xsd:element name="VerifyTransformsInfoProfileID" type="xsd:string" minOccurs="0" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="IdentityLinkSigners" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Informationen über akzeptierte Signers des IdentityLinks</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="X509SubjectName" type="xsd:string" maxOccurs="unbounded">
- <xsd:annotation>
- <xsd:documentation>akzeptierte Signer des IdentityLinks werden per X509SubjectName (Kodierung nach RFC 2253) identifiziert</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="VerifyInfoboxes" type="VerifyInfoboxesType" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Defaultparameter für die Überprüfung weiterer Infoboxen</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="ForeignIdentities" minOccurs="0">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType">
- <xsd:annotation>
- <xsd:documentation>Verbindungsparameter zum SZR-Gateway (GetIdentityLink)</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="OnlineMandates" minOccurs="0">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType">
- <xsd:annotation>
- <xsd:documentation>Verbindungsparameter zum Online-Vollmachten-Service</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="TransformsInfoType">
- <xsd:annotation>
- <xsd:documentation>das Attribut filename verweist auf eine Datei mit globalem Element TransformsInfo vom Typ sl10:TransformsInfo; diese TransformsInfo werden in den CreateXMLSignatureRequest für die Signatur des AUTH-Blocks inkludiert</xsd:documentation>
- </xsd:annotation>
- <xsd:attribute name="filename" type="xsd:anyURI" use="required"/>
- </xsd:complexType>
- <xsd:complexType name="TemplatesType">
- <xsd:sequence>
- <xsd:element name="BKUSelectionTemplate" type="TemplateType" minOccurs="0"/>
- <xsd:element name="Template" type="TemplateType" minOccurs="0"/>
- <xsd:element name="InputProcessorSignTemplate" type="TemplateType" minOccurs="0"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="TemplateType">
- <xsd:annotation>
- <xsd:documentation>das Attribut URL spezifiziert die Lage des Templates</xsd:documentation>
- </xsd:annotation>
- <xsd:attribute name="URL" type="xsd:anyURI" use="required"/>
- </xsd:complexType>
- <xsd:complexType name="VerifyInfoboxesType">
- <xsd:annotation>
- <xsd:documentation>Verifikation zusätzlicher Infoboxen</xsd:documentation>
- </xsd:annotation>
- <xsd:sequence>
- <xsd:element name="DefaultTrustProfile" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>Optionales DefaultTrustprofil für die Überprüfung aller weiteren Infoboxen</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element ref="TrustProfileID"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="Infobox" type="InfoboxType" minOccurs="0" maxOccurs="unbounded">
- <xsd:annotation>
- <xsd:documentation>Parameter für Überprüfung weiterer Infoboxen</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="InfoboxType">
- <xsd:annotation>
- <xsd:documentation>Parameter zur Überprüfung einzelner Infoboxen</xsd:documentation>
- </xsd:annotation>
- <xsd:sequence>
- <xsd:element name="FriendlyName" type="xsd:string" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>optionalervName, der für Fehlermeldungen verwendet werden soll; z.B.: "Stellvertretungen" für "Mandates"; fehlt dieser Parameter, dann wird das Identifier-Attribut verwendet</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="TrustProfileID" type="xsd:string" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>TrustProfil, das für die Überprüfung der Infobox verwendet werden soll</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="ValidatorClass" type="xsd:string" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>Validatorklasse, die für die Prüfung der Infobox verwendet werden soll; muss gesetzt werden, wenn Package- und Klassenname vom Default Package- und Klassennamen abweichen</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="SchemaLocations" type="SchemaLocationType" minOccurs="0"/>
- <xsd:element name="ApplicationSpecificParameters" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>Infobox spezifische Parameter, die der jeweiligen Prüfapplikation übergeben werden</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:any namespace="##any" processContents="skip" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="ParepSpecificParameters" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>Infobox spezifische Parameter, die der Prüfapplikation für berufliche Parteienvertretung übergeben werden. Dies ist logisch Teil der ApplicationSpecificParameters, kann jedoch aufgrund der Strukturierung validierend geparst werden und dadurch wird eine funktionierende Konfiguration bei Programmstart garantiert.</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element ref="EnableInfoboxValidator" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>Falls Infoboxinhalte für die berufliche Parteienvertretung in der Vollmachten Infobox "mandates" abgelegt werden und Vertretung für berufliche Parteienvertreter aktiviert ist, so kann mit diesem Schalter die Vollmachtsprüfung für normale Vollmachten deaktiviert werden. Damit wird erreicht, dass mittels der Vollmachten Infobox ausschließlich berufliche Parteienvertretung aktiviert ist. Dieser Schalter ist nur für die Vollmachten Infobox "mandates" relevant.</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="PartyRepresentation" type="PartyRepresentationType">
- <xsd:annotation>
- <xsd:documentation>Eigentlicher Konfigurationsteil für berufliche Parteienvertretung</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- <xsd:attribute name="Identifier" type="xsd:string" use="required"/>
- <xsd:attribute name="required" type="xsd:boolean" use="optional" default="false"/>
- <xsd:attribute name="provideStammzahl" type="xsd:boolean" use="optional" default="false"/>
- <xsd:attribute name="provideIdentityLink" type="xsd:boolean" use="optional" default="false"/>
- </xsd:complexType>
- <xsd:complexType name="SchemaLocationType">
- <xsd:annotation>
- <xsd:documentation>Spezifiziert die Lage von XML Schemas</xsd:documentation>
- </xsd:annotation>
- <xsd:sequence>
- <xsd:element name="Schema" maxOccurs="unbounded">
- <xsd:complexType>
- <xsd:attribute name="namespace" type="xsd:anyURI" use="required"/>
- <xsd:attribute name="schemaLocation" type="xsd:anyURI" use="required"/>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="ProxyComponentType"/>
- <xsd:complexType name="OnlineApplicationType">
- <xsd:sequence>
- <xsd:element name="AuthComponent" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter über die OA, die die Authentisierungs-Komponente betreffen</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <!--xsd:element name="IdentificationNumber" minOccurs="0">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element ref="pr:AbstractSimpleIdentification"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element-->
- <xsd:element name="IdentificationNumber" minOccurs="0">
- <xsd:complexType>
- <xsd:choice>
- <xsd:element ref="pr:Firmenbuchnummer"/>
- <xsd:element ref="pr:ZMRzahl"/>
- <xsd:element ref="pr:Vereinsnummer"/>
- <xsd:element ref="pr:ERJPZahl"/>
- <xsd:element name="AnyNumber">
- <xsd:complexType>
- <xsd:simpleContent>
- <xsd:extension base="xsd:string">
- <xsd:attribute name="Identifier" type="xsd:string" use="required"/>
- </xsd:extension>
- </xsd:simpleContent>
- </xsd:complexType>
- </xsd:element>
- </xsd:choice>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="Templates" type="TemplatesType" minOccurs="0"/>
- <xsd:element name="TransformsInfo" type="TransformsInfoType" minOccurs="0" maxOccurs="unbounded"/>
- <xsd:element name="VerifyInfoboxes" type="VerifyInfoboxesType" minOccurs="0"/>
- <xsd:element name="Mandates" minOccurs="0">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="Profiles" type="xsd:string"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- <xsd:attribute name="slVersion" use="optional" default="1.1">
- <xsd:simpleType>
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="1.1"/>
- <xsd:enumeration value="1.2"/>
- </xsd:restriction>
- </xsd:simpleType>
- </xsd:attribute>
- <xsd:attribute name="provideStammzahl" type="xsd:boolean" use="optional" default="false"/>
- <xsd:attribute name="provideAUTHBlock" type="xsd:boolean" use="optional" default="false"/>
- <xsd:attribute name="provideIdentityLink" type="xsd:boolean" use="optional" default="false"/>
- <xsd:attribute name="provideCertificate" type="xsd:boolean" use="optional" default="false"/>
- <xsd:attribute name="provideFullMandatorData" type="xsd:boolean" use="optional" default="false"/>
- <xsd:attribute name="useUTC" type="xsd:boolean" use="optional" default="false"/>
- <!--xsd:element ref="pr:AbstractSimpleIdentification" minOccurs="0" maxOccurs="1"/-->
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="ProxyComponent" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter über die OA, die die Proxy-Komponente betreffen</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter über die OA, die die Proxy-Komponente betreffen</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- <xsd:attribute name="configFileURL" type="xsd:anyURI" use="optional"/>
- <xsd:attribute name="sessionTimeOut" type="xsd:int" use="optional"/>
- <xsd:attribute name="loginParameterResolverImpl" type="xsd:string" use="optional"/>
- <xsd:attribute name="loginParameterResolverConfiguration" type="xsd:string" use="optional"/>
- <xsd:attribute name="connectionBuilderImpl" type="xsd:string" use="optional"/>
- </xsd:complexType>
- </xsd:element>
- <!--xsd:element ref="pr:CorporateBody" minOccurs="0" maxOccurs="1"/-->
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="ConnectionParameterServerAuthType">
- <xsd:sequence>
- <xsd:element name="AcceptedServerCertificates" type="xsd:anyURI" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>URL zu einem Verzeichnis, das akzeptierte Server-Zertifikate der TLS-Verbindung enthält (keine CA-Zertifikate)</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- <xsd:attribute name="URL" type="xsd:anyURI" use="required"/>
- </xsd:complexType>
- <xsd:complexType name="ConnectionParameterClientAuthType">
- <xsd:complexContent>
- <xsd:extension base="ConnectionParameterServerAuthType">
- <xsd:sequence>
- <xsd:element name="ClientKeyStore" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>URL zu einem KeyStore, der den privaten Schlüssel, der für die TLS-Client-Authentisierung verwendet wird, enthält</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:simpleContent>
- <xsd:extension base="xsd:anyURI">
- <xsd:attribute name="password" type="xsd:string" use="optional"/>
- </xsd:extension>
- </xsd:simpleContent>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- </xsd:extension>
- </xsd:complexContent>
- </xsd:complexType>
- <xsd:element name="TrustProfileID" type="xsd:string"/>
- <xsd:simpleType name="ChainingModeType">
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="chaining"/>
- <xsd:enumeration value="pkix"/>
- </xsd:restriction>
- </xsd:simpleType>
- <xsd:simpleType name="BKUSelectionType">
- <xsd:restriction base="xsd:token">
- <xsd:enumeration value="HTMLComplete"/>
- <xsd:enumeration value="HTMLSelect"/>
- </xsd:restriction>
- </xsd:simpleType>
- <xsd:element name="CompatibilityMode" default="false">
- <xsd:simpleType>
- <xsd:restriction base="xsd:boolean"/>
- </xsd:simpleType>
- </xsd:element>
- <xsd:element name="EnableInfoboxValidator" default="true">
- <xsd:simpleType>
- <xsd:restriction base="xsd:boolean"/>
- </xsd:simpleType>
- </xsd:element>
- <xsd:element name="AlwaysShowForm" default="false">
- <xsd:annotation>
- <xsd:documentation>Soll nicht nur bei leerer oder standardisierter Vollmacht mit unvollständigen Daten, sondern beispielsweise zu Kontrollzwecken das Eingabeformular immer angezeigt werden, wenn ein Einschreiten durch berufliche Parteienvertretung geschieht so kann dies mittels dieses Schalters veranlasst werden</xsd:documentation>
- </xsd:annotation>
- <xsd:simpleType>
- <xsd:restriction base="xsd:boolean"/>
- </xsd:simpleType>
- </xsd:element>
- <xsd:complexType name="InputProcessorType">
- <xsd:simpleContent>
- <xsd:extension base="xsd:string">
- <xsd:attribute name="template" type="xsd:anyURI" use="optional">
- <xsd:annotation>
- <xsd:documentation>Das Attribut spezifiziert die Lage des Templates, welches der InputProcessor zur Darstellung des Eingabeformulars nutzen soll</xsd:documentation>
- </xsd:annotation>
- </xsd:attribute>
- </xsd:extension>
- </xsd:simpleContent>
- </xsd:complexType>
- <xsd:complexType name="PartyRepresentationType">
- <xsd:sequence>
- <xsd:element name="InputProcessor" type="InputProcessorType" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>Default InputProcessor. Konfiguration eines vom Standardprozess abweichenden Verarbeitungsvorgangs bei der beruflichen Parteienvertretung. Der Wert dieses Elements ist der vollständige Klassenname des InputProzessors</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element ref="AlwaysShowForm" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>Default Wert für Formularanzeige. Soll nicht nur bei leerer oder standardisierter Vollmacht mit unvollständigen Daten, sondern beispielsweise zu Kontrollzwecken das Eingabeformular zur vervollständigung der Vertretenendaten immer angezeigt werden, wenn ein Einschreiten durch berufliche Parteienvertretung geschieht so kann dies mittels dieses Schalters veranlasst werden</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>Default Verbindungsparameter zum SZR-Gateway (für den EGIZ-Demonstrator im internen Netzwerk: https://129.27.142.5:8443/szr-gateway/services/MandateCreation)</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="PartyRepresentative" type="PartyRepresentativeType" minOccurs="0" maxOccurs="unbounded">
- <xsd:annotation>
- <xsd:documentation>Falls keine speziellen beruflichen ParteienvertreterInnen definiert sind (Element kommt nicht vor), werden ausschließlich standardisierte Vollmachten mit einer MandateID="*" akzeptiert</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="PartyRepresentativeType">
- <xsd:sequence>
- <xsd:element name="InputProcessor" type="InputProcessorType" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>Konfiguration eines vom Standardprozess abweichenden Verarbeitungsvorgangs bei der beruflichen Parteienvertretung. Der Wert dieses Elements ist der vollständige Klassenname des InputProzessors</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element ref="AlwaysShowForm" minOccurs="0"/>
- <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>Optionale Verbindungsparameter zu speziellem (SZR-)Gateway</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- <xsd:attribute name="oid" use="required">
- <xsd:annotation>
- <xsd:documentation>OID der Parteienvertretung lt. "Object Identifier der öffentlichen Verwaltung" - Konvention, Empfehlung. Diese ID muss mit der MandateID der übermittelten standardisierten Vollmacht übereinstimmen. Eine Parteienvertretung für standardisierte Vollmachten mit der MandateID "*" muss nicht definiert werden und erlaubt eine allgemeine berufliche Parteienvertretung mit Standardtexten. In anderen Fällen ist eine erlaubte OID mitttels dieses Attributs zu definieren</xsd:documentation>
- </xsd:annotation>
- <!--xsd:simpleType>
- <xsd:restriction/>
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="1.2.40.0.10.3.1"/>
- <xsd:enumeration value="1.2.40.0.10.3.2"/>
- <xsd:enumeration value="1.2.40.0.10.3.3"/>
- <xsd:enumeration value="1.2.40.0.10.3.10"/>
- <xsd:enumeration value="1.2.40.0.10.3.10.IdentifiedVoiceChannel"/>
- </xsd:restriction>
- </xsd:simpleType-->
- </xsd:attribute>
- <xsd:attribute name="representPhysicalParty" use="optional" default="false">
- <xsd:annotation>
- <xsd:documentation>Legt fest, ob berufliche Parteienvertretung für natürliche Personen erlaubt ist</xsd:documentation>
- </xsd:annotation>
- <xsd:simpleType>
- <xsd:restriction base="xsd:boolean"/>
- </xsd:simpleType>
- </xsd:attribute>
- <xsd:attribute name="representCorporateParty" use="optional" default="false">
- <xsd:annotation>
- <xsd:documentation>Legt fest, ob berufliche Parteienvertretung für juristische Personen erlaubt ist (welche z.B. ein Organwalter nicht vertreten darf und dieser Wert aus diesem Grund dort false sein muss)</xsd:documentation>
- </xsd:annotation>
- <xsd:simpleType>
- <xsd:restriction base="xsd:boolean"/>
- </xsd:simpleType>
- </xsd:attribute>
- <xsd:attribute name="representationText" use="optional">
- <xsd:annotation>
- <xsd:documentation>Beschreibender Text, der an Stelle des Standardtexts bei der Signatur der Anmeldedaten im Falle einer vorliegenden beruflichen Parteienvertretung zur Signatur vorgelegt wird</xsd:documentation>
- </xsd:annotation>
- <!--xsd:simpleType>
- <xsd:restriction/>
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="berufsmäßige(r) Parteienvertreter(in) mit Notariatseigenschaft"/>
- <xsd:enumeration value="berufsmäßige(r) Parteienvertreter(in) mit Rechtsanwaltseigenschaft"/>
- <xsd:enumeration value="berufsmäßige(r) Parteienvertreter(in) mit Ziviltechnikerinneneigenschaft)"/>
- <xsd:enumeration value="Organwalter"/>
- <xsd:enumeration value="Parteienvertreter(in) über einen identifizierten Sprachkanal"/>
- </xsd:restriction>
- </xsd:simpleType-->
- </xsd:attribute>
- </xsd:complexType>
-</xsd:schema>
diff --git a/common/src/main/resources/resources/schemas/MOA-ID-Configuration-1.5.2.xsd b/common/src/main/resources/resources/schemas/MOA-ID-Configuration-1.5.2.xsd deleted file mode 100644 index ed0c83fc3..000000000 --- a/common/src/main/resources/resources/schemas/MOA-ID-Configuration-1.5.2.xsd +++ /dev/null @@ -1,757 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?>
-<xsd:schema xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:stork="urn:eu:stork:names:tc:STORK:1.0:assertion" xmlns:storkp="urn:eu:stork:names:tc:STORK:1.0:protocol" xmlns:xsd="http://www.w3.org/2001/XMLSchema" targetNamespace="http://www.buergerkarte.at/namespaces/moaconfig#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.4.3">
- <!-- es werden lokale Schemas referenziert für real aufgelöste Schemas bitte ersetzen: http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd -->
- <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd"/>
- <xsd:import namespace="http://reference.e-government.gv.at/namespace/persondata/20020228#" schemaLocation="PersonData_20_en_moaWID.xsd"/>
- <xsd:import namespace="urn:eu:stork:names:tc:STORK:1.0:assertion" schemaLocation="stork-schema-assertion-1.0.xsd"/>
- <xsd:import namespace="urn:eu:stork:names:tc:STORK:1.0:protocol" schemaLocation="stork-schema-protocol-1.0.xsd"/>
- <xsd:element name="Configuration">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="LoginType" type="LoginType" default="stateful"/>
- <xsd:element name="Binding" minOccurs="0">
- <xsd:simpleType>
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="full"/>
- <xsd:enumeration value="userName"/>
- <xsd:enumeration value="none"/>
- </xsd:restriction>
- </xsd:simpleType>
- </xsd:element>
- <xsd:choice>
- <xsd:element ref="ParamAuth"/>
- <xsd:element ref="BasicAuth"/>
- <xsd:element ref="HeaderAuth"/>
- </xsd:choice>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:simpleType name="LoginType">
- <xsd:restriction base="xsd:token">
- <xsd:enumeration value="stateless"/>
- <xsd:enumeration value="stateful"/>
- </xsd:restriction>
- </xsd:simpleType>
- <xsd:element name="ParamAuth">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element ref="Parameter" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="Parameter">
- <xsd:complexType>
- <xsd:attribute name="Name" type="xsd:token" use="required"/>
- <xsd:attribute name="Value" type="MOAAuthDataType" use="required"/>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="BasicAuth">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="UserID" type="MOAAuthDataType"/>
- <xsd:element name="Password" type="MOAAuthDataType"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="HeaderAuth">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element ref="Header" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="Header">
- <xsd:complexType>
- <xsd:attribute name="Name" type="xsd:token" use="required"/>
- <xsd:attribute name="Value" type="MOAAuthDataType" use="required"/>
- </xsd:complexType>
- </xsd:element>
- <xsd:simpleType name="MOAAuthDataType">
- <xsd:restriction base="xsd:token">
- <xsd:enumeration value="MOAGivenName"/>
- <xsd:enumeration value="MOAFamilyName"/>
- <xsd:enumeration value="MOADateOfBirth"/>
- <xsd:enumeration value="MOABPK"/>
- <xsd:enumeration value="MOAWBPK"/>
- <xsd:enumeration value="MOAPublicAuthority"/>
- <xsd:enumeration value="MOABKZ"/>
- <xsd:enumeration value="MOAQualifiedCertificate"/>
- <xsd:enumeration value="MOAStammzahl"/>
- <xsd:enumeration value="MOAIdentificationValueType"/>
- <xsd:enumeration value="MOAIPAddress"/>
- </xsd:restriction>
- </xsd:simpleType>
- <xsd:simpleType name="MOAKeyBoxSelector">
- <xsd:restriction base="xsd:token">
- <xsd:enumeration value="SecureSignatureKeypair"/>
- <xsd:enumeration value="CertifiedKeypair"/>
- </xsd:restriction>
- </xsd:simpleType>
- <!--Konfiguration für Authentisierungs- und Proxy-Komponente und Online-Applikation-->
- <xsd:element name="MOA-IDConfiguration">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="AuthComponent" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter der Authentisierungs-Komponente</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:complexContent>
- <xsd:extension base="AuthComponentType"/>
- </xsd:complexContent>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="ProxyComponent" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Konfigurationsparameter der Proxy-Komponente</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="AuthComponent">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter für die Kommunikation zw. Proxykomponente und Authenttisierungskomponente</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter für die SOAP-Verbindung von der Proxy-Komponente zur Auth-Komponente (vgl. AuthComponent/MOA-SP/ConnectionParameter)</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="OnlineApplication" maxOccurs="unbounded">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter für die OA</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:complexContent>
- <xsd:extension base="OnlineApplicationType">
- <xsd:attribute name="publicURLPrefix" type="xsd:anyURI" use="required"/>
- <xsd:attribute name="keyBoxIdentifier" type="MOAKeyBoxSelector" use="optional" default="SecureSignatureKeypair"/>
- <xsd:attribute name="type" use="optional" default="publicService">
- <xsd:simpleType>
- <xsd:restriction base="xsd:NMTOKEN">
- <xsd:enumeration value="businessService"/>
- <xsd:enumeration value="publicService"/>
- </xsd:restriction>
- </xsd:simpleType>
- </xsd:attribute>
- <xsd:attribute name="calculateHPI" type="xsd:boolean" use="optional" default="false"/>
- <xsd:attribute name="friendlyName" type="xsd:string" use="optional"/>
- <xsd:attribute name="target" type="xsd:string" use="optional"/>
- <xsd:attribute name="targetFriendlyName" type="xsd:string" use="optional"/>
- </xsd:extension>
- </xsd:complexContent>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="ChainingModes" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>spezifiziert den Algorithmus ("pkix" oder "chaining") für die Zertifikatspfadvalidierung</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence minOccurs="0" maxOccurs="unbounded">
- <xsd:element name="TrustAnchor">
- <xsd:annotation>
- <xsd:documentation>ein vom SystemDefaultMode abweichender ChiningMode kann für jeden TrustAnchor gesetzt werden</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:complexContent>
- <xsd:extension base="dsig:X509IssuerSerialType">
- <xsd:attribute name="mode" type="ChainingModeType" use="required"/>
- </xsd:extension>
- </xsd:complexContent>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- <xsd:attribute name="systemDefaultMode" type="ChainingModeType" use="optional" default="pkix"/>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="TrustedCACertificates" type="xsd:anyURI" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>verweist auf ein Verzeichnis, das vertrauenswürdige CA (Zwischen-CA, Wurzel-CA) Zertifikate enthält.</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="GenericConfiguration" minOccurs="0" maxOccurs="unbounded">
- <xsd:complexType>
- <xsd:attribute name="name" use="required">
- <xsd:simpleType>
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="DirectoryCertStoreParameters.RootDir"/>
- <xsd:enumeration value="AuthenticationSession.TimeOut"/>
- <xsd:enumeration value="AuthenticationData.TimeOut"/>
- <xsd:enumeration value="TrustManager.RevocationChecking"/>
- <xsd:enumeration value="FrontendServlets.EnableHTTPConnection"/>
- <xsd:enumeration value="FrontendServlets.DataURLPrefix"/>
- <xsd:enumeration value="AuthenticationServer.KeepAssertion"/>
- <xsd:enumeration value="AuthenticationServer.WriteAssertionToFile"/>
- <xsd:enumeration value="AuthenticationServer.SourceID"/>
- </xsd:restriction>
- </xsd:simpleType>
- </xsd:attribute>
- <xsd:attribute name="value" type="xsd:string" use="required"/>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="TrustedBKUs" minOccurs="0">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="BKUURL" type="xsd:anyURI" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="TrustedTemplateURLs" minOccurs="0">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="TemplateURL" type="xsd:anyURI" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:complexType name="AuthComponentType">
- <xsd:sequence>
- <xsd:element name="BKUSelection" minOccurs="0">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="ConnectionParameter" type="ConnectionParameterServerAuthType"/>
- </xsd:sequence>
- <xsd:attribute name="BKUSelectionAlternative" type="BKUSelectionType" use="optional" default="HTMLComplete"/>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="Templates" type="TemplatesType" minOccurs="0"/>
- <xsd:element name="SecurityLayer">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter für die Kommunikation mit dem Security-Layer</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="TransformsInfo" type="TransformsInfoType" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="MOA-SP">
- <xsd:annotation>
- <xsd:documentation>enthält Konfiguratiosnparameter für die Kommunikation mit dem MOA SP Modul</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter für die SOAP-Verbindung von der AUTH-Komponente zu MOA-SP; das Attribut URL enthält den Endpunkt des Server; wird das Schema "https" verwendet müssen die Kind-Elemente angegeben werden; wird das Schema "http" verwendet dürfen keine Kind-Elemente angegeben werden; wird das Element nicht verwendet dann wird MOA-SP über das API aufgerufen</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="VerifyIdentityLink">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter für die Überprüfung der Personenbindung</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element ref="TrustProfileID"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="VerifyAuthBlock">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter für die Überprüfung des AUTH-Blocks</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element ref="TrustProfileID"/>
- <xsd:element name="VerifyTransformsInfoProfileID" type="xsd:string" minOccurs="0" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="IdentityLinkSigners" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Informationen über akzeptierte Signers des IdentityLinks</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="X509SubjectName" type="xsd:string" maxOccurs="unbounded">
- <xsd:annotation>
- <xsd:documentation>akzeptierte Signer des IdentityLinks werden per X509SubjectName (Kodierung nach RFC 2253) identifiziert</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="VerifyInfoboxes" type="VerifyInfoboxesType" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Defaultparameter für die Überprüfung weiterer Infoboxen</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="ForeignIdentities" minOccurs="0">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType">
- <xsd:annotation>
- <xsd:documentation>Verbindungsparameter zum SZR-Gateway (GetIdentityLink)</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element ref="STORK" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>Verbindungsparameter zu den Country-PEPS (C-PEPS)</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="OnlineMandates" minOccurs="0">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType">
- <xsd:annotation>
- <xsd:documentation>Verbindungsparameter zum Online-Vollmachten-Service</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="TransformsInfoType">
- <xsd:annotation>
- <xsd:documentation>das Attribut filename verweist auf eine Datei mit globalem Element TransformsInfo vom Typ sl10:TransformsInfo; diese TransformsInfo werden in den CreateXMLSignatureRequest für die Signatur des AUTH-Blocks inkludiert</xsd:documentation>
- </xsd:annotation>
- <xsd:attribute name="filename" type="xsd:anyURI" use="required"/>
- </xsd:complexType>
- <xsd:complexType name="TemplatesType">
- <xsd:sequence>
- <xsd:element name="BKUSelectionTemplate" type="TemplateType" minOccurs="0"/>
- <xsd:element name="Template" type="TemplateType" minOccurs="0"/>
- <xsd:element name="InputProcessorSignTemplate" type="TemplateType" minOccurs="0"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="TemplateType">
- <xsd:annotation>
- <xsd:documentation>das Attribut URL spezifiziert die Lage des Templates</xsd:documentation>
- </xsd:annotation>
- <xsd:attribute name="URL" type="xsd:anyURI" use="required"/>
- </xsd:complexType>
- <xsd:complexType name="VerifyInfoboxesType">
- <xsd:annotation>
- <xsd:documentation>Verifikation zusätzlicher Infoboxen</xsd:documentation>
- </xsd:annotation>
- <xsd:sequence>
- <xsd:element name="DefaultTrustProfile" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>Optionales DefaultTrustprofil für die Überprüfung aller weiteren Infoboxen</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element ref="TrustProfileID"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="Infobox" type="InfoboxType" minOccurs="0" maxOccurs="unbounded">
- <xsd:annotation>
- <xsd:documentation>Parameter für Überprüfung weiterer Infoboxen</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="InfoboxType">
- <xsd:annotation>
- <xsd:documentation>Parameter zur Überprüfung einzelner Infoboxen</xsd:documentation>
- </xsd:annotation>
- <xsd:sequence>
- <xsd:element name="FriendlyName" type="xsd:string" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>optionalervName, der für Fehlermeldungen verwendet werden soll; z.B.: "Stellvertretungen" für "Mandates"; fehlt dieser Parameter, dann wird das Identifier-Attribut verwendet</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="TrustProfileID" type="xsd:string" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>TrustProfil, das für die Überprüfung der Infobox verwendet werden soll</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="ValidatorClass" type="xsd:string" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>Validatorklasse, die für die Prüfung der Infobox verwendet werden soll; muss gesetzt werden, wenn Package- und Klassenname vom Default Package- und Klassennamen abweichen</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="SchemaLocations" type="SchemaLocationType" minOccurs="0"/>
- <xsd:element name="ApplicationSpecificParameters" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>Infobox spezifische Parameter, die der jeweiligen Prüfapplikation übergeben werden</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:any namespace="##any" processContents="skip" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="ParepSpecificParameters" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>Infobox spezifische Parameter, die der Prüfapplikation für berufliche Parteienvertretung übergeben werden. Dies ist logisch Teil der ApplicationSpecificParameters, kann jedoch aufgrund der Strukturierung validierend geparst werden und dadurch wird eine funktionierende Konfiguration bei Programmstart garantiert.</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element ref="EnableInfoboxValidator" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>Falls Infoboxinhalte für die berufliche Parteienvertretung in der Vollmachten Infobox "mandates" abgelegt werden und Vertretung für berufliche Parteienvertreter aktiviert ist, so kann mit diesem Schalter die Vollmachtsprüfung für normale Vollmachten deaktiviert werden. Damit wird erreicht, dass mittels der Vollmachten Infobox ausschließlich berufliche Parteienvertretung aktiviert ist. Dieser Schalter ist nur für die Vollmachten Infobox "mandates" relevant.</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="PartyRepresentation" type="PartyRepresentationType">
- <xsd:annotation>
- <xsd:documentation>Eigentlicher Konfigurationsteil für berufliche Parteienvertretung</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- <xsd:attribute name="Identifier" type="xsd:string" use="required"/>
- <xsd:attribute name="required" type="xsd:boolean" use="optional" default="false"/>
- <xsd:attribute name="provideStammzahl" type="xsd:boolean" use="optional" default="false"/>
- <xsd:attribute name="provideIdentityLink" type="xsd:boolean" use="optional" default="false"/>
- </xsd:complexType>
- <xsd:complexType name="SchemaLocationType">
- <xsd:annotation>
- <xsd:documentation>Spezifiziert die Lage von XML Schemas</xsd:documentation>
- </xsd:annotation>
- <xsd:sequence>
- <xsd:element name="Schema" maxOccurs="unbounded">
- <xsd:complexType>
- <xsd:attribute name="namespace" type="xsd:anyURI" use="required"/>
- <xsd:attribute name="schemaLocation" type="xsd:anyURI" use="required"/>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="ProxyComponentType"/>
- <xsd:complexType name="OnlineApplicationType">
- <xsd:sequence>
- <xsd:element name="AuthComponent" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter über die OA, die die Authentisierungs-Komponente betreffen</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <!--xsd:element name="IdentificationNumber" minOccurs="0">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element ref="pr:AbstractSimpleIdentification"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element-->
- <xsd:element name="IdentificationNumber" minOccurs="0">
- <xsd:complexType>
- <xsd:choice>
- <xsd:element ref="pr:Firmenbuchnummer"/>
- <xsd:element ref="pr:ZMRzahl"/>
- <xsd:element ref="pr:Vereinsnummer"/>
- <xsd:element ref="pr:ERJPZahl"/>
- <xsd:element name="AnyNumber">
- <xsd:complexType>
- <xsd:simpleContent>
- <xsd:extension base="xsd:string">
- <xsd:attribute name="Identifier" type="xsd:string" use="required"/>
- </xsd:extension>
- </xsd:simpleContent>
- </xsd:complexType>
- </xsd:element>
- </xsd:choice>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="Templates" type="TemplatesType" minOccurs="0"/>
- <xsd:element name="TransformsInfo" type="TransformsInfoType" minOccurs="0" maxOccurs="unbounded"/>
- <xsd:element name="VerifyInfoboxes" type="VerifyInfoboxesType" minOccurs="0"/>
- <xsd:element name="Mandates" minOccurs="0">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="Profiles" type="xsd:string"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element ref="STORK" minOccurs="0"/>
- </xsd:sequence>
- <xsd:attribute name="slVersion" use="optional" default="1.1">
- <xsd:simpleType>
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="1.1"/>
- <xsd:enumeration value="1.2"/>
- </xsd:restriction>
- </xsd:simpleType>
- </xsd:attribute>
- <xsd:attribute name="provideStammzahl" type="xsd:boolean" use="optional" default="false"/>
- <xsd:attribute name="provideAUTHBlock" type="xsd:boolean" use="optional" default="false"/>
- <xsd:attribute name="provideIdentityLink" type="xsd:boolean" use="optional" default="false"/>
- <xsd:attribute name="provideCertificate" type="xsd:boolean" use="optional" default="false"/>
- <xsd:attribute name="provideFullMandatorData" type="xsd:boolean" use="optional" default="false"/>
- <xsd:attribute name="useUTC" type="xsd:boolean" use="optional" default="false"/>
- <xsd:attribute name="useCondition" type="xsd:boolean" default="false"/>
- <xsd:attribute name="conditionLength" type="xsd:integer"/>
- <!--xsd:element ref="pr:AbstractSimpleIdentification" minOccurs="0" maxOccurs="1"/-->
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="ProxyComponent" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter über die OA, die die Proxy-Komponente betreffen</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter über die OA, die die Proxy-Komponente betreffen</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- <xsd:attribute name="configFileURL" type="xsd:anyURI" use="optional"/>
- <xsd:attribute name="sessionTimeOut" type="xsd:int" use="optional"/>
- <xsd:attribute name="loginParameterResolverImpl" type="xsd:string" use="optional"/>
- <xsd:attribute name="loginParameterResolverConfiguration" type="xsd:string" use="optional"/>
- <xsd:attribute name="connectionBuilderImpl" type="xsd:string" use="optional"/>
- <xsd:attribute name="errorRedirectURL" type="xsd:string" use="optional"/>
- </xsd:complexType>
- </xsd:element>
- <!--xsd:element ref="pr:CorporateBody" minOccurs="0" maxOccurs="1"/-->
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="ConnectionParameterServerAuthType">
- <xsd:sequence>
- <xsd:element name="AcceptedServerCertificates" type="xsd:anyURI" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>URL zu einem Verzeichnis, das akzeptierte Server-Zertifikate der TLS-Verbindung enthält (keine CA-Zertifikate)</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- <xsd:attribute name="URL" type="xsd:anyURI" use="required"/>
- </xsd:complexType>
- <xsd:complexType name="ConnectionParameterClientAuthType">
- <xsd:complexContent>
- <xsd:extension base="ConnectionParameterServerAuthType">
- <xsd:sequence>
- <xsd:element name="ClientKeyStore" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>URL zu einem KeyStore, der den privaten Schlüssel, der für die TLS-Client-Authentisierung verwendet wird, enthält</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:simpleContent>
- <xsd:extension base="xsd:anyURI">
- <xsd:attribute name="password" type="xsd:string" use="optional"/>
- </xsd:extension>
- </xsd:simpleContent>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- </xsd:extension>
- </xsd:complexContent>
- </xsd:complexType>
- <xsd:element name="TrustProfileID" type="xsd:string"/>
- <xsd:simpleType name="ChainingModeType">
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="chaining"/>
- <xsd:enumeration value="pkix"/>
- </xsd:restriction>
- </xsd:simpleType>
- <xsd:simpleType name="BKUSelectionType">
- <xsd:restriction base="xsd:token">
- <xsd:enumeration value="HTMLComplete"/>
- <xsd:enumeration value="HTMLSelect"/>
- </xsd:restriction>
- </xsd:simpleType>
- <xsd:element name="CompatibilityMode" default="false">
- <xsd:simpleType>
- <xsd:restriction base="xsd:boolean"/>
- </xsd:simpleType>
- </xsd:element>
- <xsd:element name="EnableInfoboxValidator" default="true">
- <xsd:simpleType>
- <xsd:restriction base="xsd:boolean"/>
- </xsd:simpleType>
- </xsd:element>
- <xsd:element name="AlwaysShowForm" default="false">
- <xsd:annotation>
- <xsd:documentation>Soll nicht nur bei leerer oder standardisierter Vollmacht mit unvollständigen Daten, sondern beispielsweise zu Kontrollzwecken das Eingabeformular immer angezeigt werden, wenn ein Einschreiten durch berufliche Parteienvertretung geschieht so kann dies mittels dieses Schalters veranlasst werden</xsd:documentation>
- </xsd:annotation>
- <xsd:simpleType>
- <xsd:restriction base="xsd:boolean"/>
- </xsd:simpleType>
- </xsd:element>
- <xsd:complexType name="InputProcessorType">
- <xsd:simpleContent>
- <xsd:extension base="xsd:string">
- <xsd:attribute name="template" type="xsd:anyURI" use="optional">
- <xsd:annotation>
- <xsd:documentation>Das Attribut spezifiziert die Lage des Templates, welches der InputProcessor zur Darstellung des Eingabeformulars nutzen soll</xsd:documentation>
- </xsd:annotation>
- </xsd:attribute>
- </xsd:extension>
- </xsd:simpleContent>
- </xsd:complexType>
- <xsd:complexType name="PartyRepresentationType">
- <xsd:sequence>
- <xsd:element name="InputProcessor" type="InputProcessorType" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>Default InputProcessor. Konfiguration eines vom Standardprozess abweichenden Verarbeitungsvorgangs bei der beruflichen Parteienvertretung. Der Wert dieses Elements ist der vollständige Klassenname des InputProzessors</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element ref="AlwaysShowForm" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>Default Wert für Formularanzeige. Soll nicht nur bei leerer oder standardisierter Vollmacht mit unvollständigen Daten, sondern beispielsweise zu Kontrollzwecken das Eingabeformular zur vervollständigung der Vertretenendaten immer angezeigt werden, wenn ein Einschreiten durch berufliche Parteienvertretung geschieht so kann dies mittels dieses Schalters veranlasst werden</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>Default Verbindungsparameter zum SZR-Gateway (für den EGIZ-Demonstrator im internen Netzwerk: https://129.27.142.5:8443/szr-gateway/services/MandateCreation)</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="PartyRepresentative" type="PartyRepresentativeType" minOccurs="0" maxOccurs="unbounded">
- <xsd:annotation>
- <xsd:documentation>Falls keine speziellen beruflichen ParteienvertreterInnen definiert sind (Element kommt nicht vor), werden ausschließlich standardisierte Vollmachten mit einer MandateID="*" akzeptiert</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="PartyRepresentativeType">
- <xsd:sequence>
- <xsd:element name="InputProcessor" type="InputProcessorType" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>Konfiguration eines vom Standardprozess abweichenden Verarbeitungsvorgangs bei der beruflichen Parteienvertretung. Der Wert dieses Elements ist der vollständige Klassenname des InputProzessors</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element ref="AlwaysShowForm" minOccurs="0"/>
- <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>Optionale Verbindungsparameter zu speziellem (SZR-)Gateway</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- <xsd:attribute name="oid" use="required">
- <xsd:annotation>
- <xsd:documentation>OID der Parteienvertretung lt. "Object Identifier der öffentlichen Verwaltung" - Konvention, Empfehlung. Diese ID muss mit der MandateID der übermittelten standardisierten Vollmacht übereinstimmen. Eine Parteienvertretung für standardisierte Vollmachten mit der MandateID "*" muss nicht definiert werden und erlaubt eine allgemeine berufliche Parteienvertretung mit Standardtexten. In anderen Fällen ist eine erlaubte OID mitttels dieses Attributs zu definieren</xsd:documentation>
- </xsd:annotation>
- <!--xsd:simpleType>
- <xsd:restriction/>
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="1.2.40.0.10.3.1"/>
- <xsd:enumeration value="1.2.40.0.10.3.2"/>
- <xsd:enumeration value="1.2.40.0.10.3.3"/>
- <xsd:enumeration value="1.2.40.0.10.3.10"/>
- <xsd:enumeration value="1.2.40.0.10.3.10.IdentifiedVoiceChannel"/>
- </xsd:restriction>
- </xsd:simpleType-->
- </xsd:attribute>
- <xsd:attribute name="representPhysicalParty" use="optional" default="false">
- <xsd:annotation>
- <xsd:documentation>Legt fest, ob berufliche Parteienvertretung für natürliche Personen erlaubt ist</xsd:documentation>
- </xsd:annotation>
- <xsd:simpleType>
- <xsd:restriction base="xsd:boolean"/>
- </xsd:simpleType>
- </xsd:attribute>
- <xsd:attribute name="representCorporateParty" use="optional" default="false">
- <xsd:annotation>
- <xsd:documentation>Legt fest, ob berufliche Parteienvertretung für juristische Personen erlaubt ist (welche z.B. ein Organwalter nicht vertreten darf und dieser Wert aus diesem Grund dort false sein muss)</xsd:documentation>
- </xsd:annotation>
- <xsd:simpleType>
- <xsd:restriction base="xsd:boolean"/>
- </xsd:simpleType>
- </xsd:attribute>
- <xsd:attribute name="representationText" use="optional">
- <xsd:annotation>
- <xsd:documentation>Beschreibender Text, der an Stelle des Standardtexts bei der Signatur der Anmeldedaten im Falle einer vorliegenden beruflichen Parteienvertretung zur Signatur vorgelegt wird</xsd:documentation>
- </xsd:annotation>
- <!--xsd:simpleType>
- <xsd:restriction/>
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="berufsmäßige(r) Parteienvertreter(in) mit Notariatseigenschaft"/>
- <xsd:enumeration value="berufsmäßige(r) Parteienvertreter(in) mit Rechtsanwaltseigenschaft"/>
- <xsd:enumeration value="berufsmäßige(r) Parteienvertreter(in) mit Ziviltechnikerinneneigenschaft)"/>
- <xsd:enumeration value="Organwalter"/>
- <xsd:enumeration value="Parteienvertreter(in) über einen identifizierten Sprachkanal"/>
- </xsd:restriction>
- </xsd:simpleType-->
- </xsd:attribute>
- </xsd:complexType>
- <xsd:complexType name="SignatureCreationParameterType">
- <xsd:annotation>
- <xsd:documentation>Enthält Informationen zu einem KeyStore bzw. Key zur STORK SAML AuthnRequest Signaturerstellung</xsd:documentation>
- </xsd:annotation>
- <xsd:sequence>
- <xsd:element ref="KeyStore"/>
- <xsd:element ref="KeyName"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="SignatureVerificationParameterType">
- <xsd:annotation>
- <xsd:documentation>Enthält Informationen zur Verfikation von Signaturen einer STORK SAML Response</xsd:documentation>
- </xsd:annotation>
- <xsd:sequence>
- <xsd:element ref="TrustProfileID"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:element name="SAMLSigningParameter">
- <xsd:annotation>
- <xsd:documentation>Enthält Informationen zur Erstellung und Verifikation von STORK SAML Messages</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="SignatureCreationParameter" type="SignatureCreationParameterType"/>
- <xsd:element name="SignatureVerificationParameter" type="SignatureVerificationParameterType"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="KeyStore">
- <xsd:annotation>
- <xsd:documentation>URL zu einem KeyStore, der den privaten Schlüssel zum Erstellen einer Signatur enthält</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:simpleContent>
- <xsd:extension base="xsd:anyURI">
- <xsd:attribute name="password" type="xsd:string" use="optional"/>
- </xsd:extension>
- </xsd:simpleContent>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="KeyName">
- <xsd:annotation>
- <xsd:documentation>Name zum Key eines KeyStores, der den privaten Schlüssel zum Erstellen einer Signatur darstellt</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:simpleContent>
- <xsd:extension base="xsd:string">
- <xsd:attribute name="password" type="xsd:string" use="optional"/>
- </xsd:extension>
- </xsd:simpleContent>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="C-PEPS">
- <xsd:annotation>
- <xsd:documentation>Enthält Informationen zu einem Citizen Country PEPS (C-PEPS)</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element ref="stork:RequestedAttribute" minOccurs="0" maxOccurs="unbounded"/>
- </xsd:sequence>
- <xsd:attribute name="countryCode" type="stork:CountryCodeType" use="required"/>
- <xsd:attribute name="URL" type="xsd:anyURI" use="required"/>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="STORK">
- <xsd:annotation>
- <xsd:documentation>Contains STORK related information</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:choice>
- <xsd:sequence>
- <xsd:element ref="C-PEPS" maxOccurs="unbounded"/>
- <xsd:element ref="SAMLSigningParameter"/>
- </xsd:sequence>
- <xsd:sequence>
- <xsd:element ref="stork:QualityAuthenticationAssuranceLevel" minOccurs="0"/>
- <xsd:element ref="storkp:RequestedAttributes"/>
- </xsd:sequence>
- </xsd:choice>
- </xsd:complexType>
- </xsd:element>
-</xsd:schema>
diff --git a/common/src/main/resources/resources/schemas/MOA-SPSS-1.3.xsd b/common/src/main/resources/resources/schemas/MOA-SPSS-1.3.xsd deleted file mode 100644 index 756b51279..000000000 --- a/common/src/main/resources/resources/schemas/MOA-SPSS-1.3.xsd +++ /dev/null @@ -1,469 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?>
-<!--
- MOA SP/SS 1.3 Schema
--->
-<xsd:schema targetNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.2" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://reference.e-government.gv.at/namespace/moa/20020822#">
- <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/>
- <xsd:import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="http://www.w3.org/2001/xml.xsd"/>
- <!--########## Create XML Signature ###-->
- <!--### Create XML Signature Request ###-->
- <xsd:element name="CreateXMLSignatureRequest">
- <xsd:complexType>
- <xsd:complexContent>
- <xsd:extension base="CreateXMLSignatureRequestType"/>
- </xsd:complexContent>
- </xsd:complexType>
- </xsd:element>
- <xsd:complexType name="CreateXMLSignatureRequestType">
- <xsd:sequence>
- <xsd:element name="KeyIdentifier" type="KeyIdentifierType"/>
- <xsd:element name="SingleSignatureInfo" maxOccurs="unbounded">
- <xsd:annotation>
- <xsd:documentation>Ermöglichung der Stapelsignatur durch wiederholte Angabe dieses Elements</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="DataObjectInfo" maxOccurs="unbounded">
- <xsd:complexType>
- <xsd:complexContent>
- <xsd:extension base="DataObjectInfoType">
- <xsd:attribute name="ChildOfManifest" type="xsd:boolean" use="optional" default="false"/>
- </xsd:extension>
- </xsd:complexContent>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="CreateSignatureInfo" minOccurs="0">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="CreateSignatureEnvironment" type="ContentOptionalRefType"/>
- <xsd:choice>
- <xsd:annotation>
- <xsd:documentation>Auswahl: Entweder explizite Angabe des Signaturorts sowie ggf. sinnvoller Supplements im Zshg. mit der Signaturumgebung, oder Verweis auf ein benanntes Profil</xsd:documentation>
- </xsd:annotation>
- <xsd:element ref="CreateSignatureEnvironmentProfile"/>
- <xsd:element name="CreateSignatureEnvironmentProfileID" type="ProfileIdentifierType"/>
- </xsd:choice>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- <xsd:attribute name="SecurityLayerConformity" type="xsd:boolean" use="optional" default="true"/>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- <!--### Create XML Signature Response ###-->
- <xsd:complexType name="CreateXMLSignatureResponseType">
- <xsd:choice maxOccurs="unbounded">
- <xsd:annotation>
- <xsd:documentation>Kardinalität 1..oo erlaubt die Antwort auf eine Stapelsignatur-Anfrage</xsd:documentation>
- </xsd:annotation>
- <xsd:element name="SignatureEnvironment">
- <xsd:annotation>
- <xsd:documentation>Resultat, falls die Signaturerstellung erfolgreich war</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:any namespace="##any" processContents="lax"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element ref="ErrorResponse"/>
- </xsd:choice>
- </xsd:complexType>
- <xsd:element name="CreateXMLSignatureResponse" type="CreateXMLSignatureResponseType"/>
- <!--########## Verify CMS Signature ###-->
- <!--### Verifiy CMS Signature Request ###-->
- <xsd:element name="VerifyCMSSignatureRequest">
- <xsd:complexType>
- <xsd:complexContent>
- <xsd:extension base="VerifyCMSSignatureRequestType">
- <xsd:attribute name="Signatories" type="SignatoriesType" use="optional" default="1"/>
- </xsd:extension>
- </xsd:complexContent>
- </xsd:complexType>
- </xsd:element>
- <xsd:complexType name="VerifyCMSSignatureRequestType">
- <xsd:sequence>
- <xsd:element name="DateTime" type="xsd:dateTime" minOccurs="0"/>
- <xsd:element name="CMSSignature" type="xsd:base64Binary"/>
- <xsd:element name="DataObject" type="CMSDataObjectOptionalMetaType" minOccurs="0"/>
- <xsd:element name="TrustProfileID" type="xsd:token">
- <xsd:annotation>
- <xsd:documentation>mit diesem Profil wird eine Menge von vertrauenswürdigen Wurzelzertifikaten spezifiziert</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- <!--### Verify CMS Signature Response ###-->
- <xsd:element name="VerifyCMSSignatureResponse" type="VerifyCMSSignatureResponseType"/>
- <xsd:complexType name="VerifyCMSSignatureResponseType">
- <xsd:sequence maxOccurs="unbounded">
- <xsd:element name="SignerInfo" type="dsig:KeyInfoType">
- <xsd:annotation>
- <xsd:documentation>only ds:X509Data and RetrievalMethod is supported; QualifiedCertificate is included as X509Data/any;publicAuthority is included as X509Data/any</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="SignatureCheck" type="CheckResultType"/>
- <xsd:element name="CertificateCheck" type="CheckResultType"/>
- </xsd:sequence>
- </xsd:complexType>
- <!--########## Verify XML Signature ###-->
- <!--### Verify XML Signature Request ###-->
- <xsd:element name="VerifyXMLSignatureRequest" type="VerifyXMLSignatureRequestType"/>
- <xsd:complexType name="VerifyXMLSignatureRequestType">
- <xsd:sequence>
- <xsd:element name="DateTime" type="xsd:dateTime" minOccurs="0"/>
- <xsd:element name="VerifySignatureInfo">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="VerifySignatureEnvironment" type="ContentOptionalRefType"/>
- <xsd:element name="VerifySignatureLocation" type="xsd:token"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:choice minOccurs="0" maxOccurs="unbounded">
- <xsd:element ref="SupplementProfile"/>
- <xsd:element name="SupplementProfileID" type="xsd:string"/>
- </xsd:choice>
- <xsd:element name="SignatureManifestCheckParams" minOccurs="0">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="ReferenceInfo" type="VerifyTransformsDataType" maxOccurs="unbounded">
- <xsd:annotation>
- <xsd:documentation>Pro dsig:Reference-Element in der zu überprüfenden XML-Signatur muss hier ein ReferenceInfo-Element erscheinen. Die Reihenfolge der einzelnen ReferenceInfo Elemente entspricht jener der dsig:Reference Elemente in der XML-Signatur.</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- <xsd:attribute name="ReturnReferenceInputData" type="xsd:boolean" use="optional" default="true"/>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="ReturnHashInputData" minOccurs="0"/>
- <xsd:element name="TrustProfileID" type="xsd:token">
- <xsd:annotation>
- <xsd:documentation>mit diesem Profil wird eine Menge von vertrauenswürdigen Wurzelzertifikaten spezifiziert</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- <!--### Verify XML Signature Response ###-->
- <xsd:element name="VerifyXMLSignatureResponse" type="VerifyXMLSignatureResponseType"/>
- <xsd:complexType name="VerifyXMLSignatureResponseType">
- <xsd:sequence>
- <xsd:element name="SignerInfo" type="dsig:KeyInfoType">
- <xsd:annotation>
- <xsd:documentation>only ds:X509Data and ds:RetrievalMethod is supported; QualifiedCertificate is included as X509Data/any; PublicAuthority is included as X509Data/any</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="HashInputData" type="InputDataType" minOccurs="0" maxOccurs="unbounded"/>
- <xsd:element name="ReferenceInputData" type="InputDataType" minOccurs="0" maxOccurs="unbounded"/>
- <xsd:element name="SignatureCheck" type="ReferencesCheckResultType"/>
- <xsd:element name="SignatureManifestCheck" type="ReferencesCheckResultType" minOccurs="0"/>
- <xsd:element name="XMLDSIGManifestCheck" type="ManifestRefsCheckResultType" minOccurs="0" maxOccurs="unbounded"/>
- <xsd:element name="CertificateCheck" type="CheckResultType"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:simpleType name="ProfileIdentifierType">
- <xsd:restriction base="xsd:token"/>
- </xsd:simpleType>
- <xsd:complexType name="InputDataType">
- <xsd:complexContent>
- <xsd:extension base="ContentExLocRefBaseType">
- <xsd:attribute name="PartOf" use="optional" default="SignedInfo">
- <xsd:simpleType>
- <xsd:restriction base="xsd:token">
- <xsd:enumeration value="SignedInfo"/>
- <xsd:enumeration value="XMLDSIGManifest"/>
- </xsd:restriction>
- </xsd:simpleType>
- </xsd:attribute>
- <xsd:attribute name="ReferringSigReference" type="xsd:nonNegativeInteger" use="optional"/>
- </xsd:extension>
- </xsd:complexContent>
- </xsd:complexType>
- <xsd:complexType name="MetaInfoType">
- <xsd:sequence>
- <xsd:element name="MimeType" type="MimeTypeType"/>
- <xsd:element name="Description" type="xsd:anyURI" minOccurs="0"/>
- <xsd:any namespace="##other" minOccurs="0" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="FinalDataMetaInfoType">
- <xsd:complexContent>
- <xsd:extension base="MetaInfoType">
- <xsd:sequence>
- <xsd:element name="Type" type="xsd:anyURI" minOccurs="0"/>
- </xsd:sequence>
- </xsd:extension>
- </xsd:complexContent>
- </xsd:complexType>
- <xsd:complexType name="DataObjectInfoType">
- <xsd:sequence>
- <xsd:element name="DataObject">
- <xsd:complexType>
- <xsd:complexContent>
- <xsd:extension base="ContentOptionalRefType"/>
- </xsd:complexContent>
- </xsd:complexType>
- </xsd:element>
- <xsd:choice>
- <xsd:annotation>
- <xsd:documentation>Auswahl: Entweder explizite Angabe EINER Transformationskette inklusive ggf. sinnvoller Supplements oder Verweis auf ein benanntes Profil</xsd:documentation>
- </xsd:annotation>
- <xsd:element ref="CreateTransformsInfoProfile"/>
- <xsd:element name="CreateTransformsInfoProfileID" type="ProfileIdentifierType"/>
- </xsd:choice>
- </xsd:sequence>
- <xsd:attribute name="Structure" use="required">
- <xsd:simpleType>
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="detached"/>
- <xsd:enumeration value="enveloping"/>
- </xsd:restriction>
- </xsd:simpleType>
- </xsd:attribute>
- </xsd:complexType>
- <xsd:complexType name="TransformsInfoType">
- <xsd:sequence>
- <xsd:element ref="dsig:Transforms" minOccurs="0"/>
- <xsd:element name="FinalDataMetaInfo" type="FinalDataMetaInfoType"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="XMLDataObjectAssociationType">
- <xsd:sequence>
- <xsd:element name="MetaInfo" type="MetaInfoType" minOccurs="0"/>
- <xsd:element name="Content" type="ContentRequiredRefType"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="CMSDataObjectOptionalMetaType">
- <xsd:sequence>
- <xsd:element name="MetaInfo" type="MetaInfoType" minOccurs="0"/>
- <xsd:element name="Content" type="CMSContentBaseType"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="CMSContentBaseType">
- <xsd:complexContent>
- <xsd:restriction base="ContentOptionalRefType">
- <xsd:choice minOccurs="0">
- <xsd:element name="Base64Content" type="xsd:base64Binary"/>
- </xsd:choice>
- </xsd:restriction>
- </xsd:complexContent>
- </xsd:complexType>
- <xsd:complexType name="CheckResultType">
- <xsd:sequence>
- <xsd:element name="Code" type="xsd:nonNegativeInteger"/>
- <xsd:element name="Info" type="AnyChildrenType" minOccurs="0"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="ReferencesCheckResultType">
- <xsd:complexContent>
- <xsd:restriction base="CheckResultType">
- <xsd:sequence>
- <xsd:element name="Code" type="xsd:nonNegativeInteger"/>
- <xsd:element name="Info" type="ReferencesCheckResultInfoType" minOccurs="0"/>
- </xsd:sequence>
- </xsd:restriction>
- </xsd:complexContent>
- </xsd:complexType>
- <xsd:complexType name="ReferencesCheckResultInfoType" mixed="true">
- <xsd:complexContent mixed="true">
- <xsd:restriction base="AnyChildrenType">
- <xsd:sequence>
- <xsd:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
- <xsd:element name="FailedReference" type="xsd:positiveInteger" minOccurs="0" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:restriction>
- </xsd:complexContent>
- </xsd:complexType>
- <xsd:complexType name="ManifestRefsCheckResultType">
- <xsd:complexContent>
- <xsd:restriction base="CheckResultType">
- <xsd:sequence>
- <xsd:element name="Code" type="xsd:nonNegativeInteger"/>
- <xsd:element name="Info" type="ManifestRefsCheckResultInfoType"/>
- </xsd:sequence>
- </xsd:restriction>
- </xsd:complexContent>
- </xsd:complexType>
- <xsd:complexType name="ManifestRefsCheckResultInfoType" mixed="true">
- <xsd:complexContent mixed="true">
- <xsd:restriction base="AnyChildrenType">
- <xsd:sequence>
- <xsd:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
- <xsd:element name="FailedReference" type="xsd:positiveInteger" minOccurs="0" maxOccurs="unbounded"/>
- <xsd:element name="ReferringSigReference" type="xsd:positiveInteger"/>
- </xsd:sequence>
- </xsd:restriction>
- </xsd:complexContent>
- </xsd:complexType>
- <!--########## Error Response ###-->
- <xsd:element name="ErrorResponse" type="ErrorResponseType">
- <xsd:annotation>
- <xsd:documentation>Resultat, falls die Signaturerstellung gescheitert ist</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:complexType name="ErrorResponseType">
- <xsd:sequence>
- <xsd:element name="ErrorCode" type="xsd:integer"/>
- <xsd:element name="Info" type="xsd:string"/>
- </xsd:sequence>
- </xsd:complexType>
- <!--########## Auxiliary Types ###-->
- <xsd:simpleType name="KeyIdentifierType">
- <xsd:restriction base="xsd:string"/>
- </xsd:simpleType>
- <xsd:simpleType name="KeyStorageType">
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="Software"/>
- <xsd:enumeration value="Hardware"/>
- </xsd:restriction>
- </xsd:simpleType>
- <xsd:simpleType name="MimeTypeType">
- <xsd:restriction base="xsd:token"/>
- </xsd:simpleType>
- <xsd:complexType name="AnyChildrenType" mixed="true">
- <xsd:sequence>
- <xsd:any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="XMLContentType" mixed="true">
- <xsd:complexContent mixed="true">
- <xsd:extension base="AnyChildrenType">
- <xsd:attribute ref="xml:space" use="optional"/>
- </xsd:extension>
- </xsd:complexContent>
- </xsd:complexType>
- <xsd:complexType name="ContentBaseType">
- <xsd:choice minOccurs="0">
- <xsd:element name="Base64Content" type="xsd:base64Binary"/>
- <xsd:element name="XMLContent" type="XMLContentType"/>
- <xsd:element name="LocRefContent" type="xsd:anyURI"/>
- </xsd:choice>
- </xsd:complexType>
- <xsd:complexType name="ContentExLocRefBaseType">
- <xsd:complexContent>
- <xsd:restriction base="ContentBaseType">
- <xsd:choice minOccurs="0">
- <xsd:element name="Base64Content" type="xsd:base64Binary"/>
- <xsd:element name="XMLContent" type="XMLContentType"/>
- </xsd:choice>
- </xsd:restriction>
- </xsd:complexContent>
- </xsd:complexType>
- <xsd:complexType name="ContentOptionalRefType">
- <xsd:complexContent>
- <xsd:extension base="ContentBaseType">
- <xsd:attribute name="Reference" type="xsd:anyURI" use="optional"/>
- </xsd:extension>
- </xsd:complexContent>
- </xsd:complexType>
- <xsd:complexType name="ContentRequiredRefType">
- <xsd:complexContent>
- <xsd:restriction base="ContentOptionalRefType">
- <xsd:choice minOccurs="0">
- <xsd:element name="Base64Content" type="xsd:base64Binary"/>
- <xsd:element name="XMLContent" type="XMLContentType"/>
- <xsd:element name="LocRefContent" type="xsd:anyURI"/>
- </xsd:choice>
- <xsd:attribute name="Reference" type="xsd:anyURI" use="required"/>
- </xsd:restriction>
- </xsd:complexContent>
- </xsd:complexType>
- <xsd:complexType name="VerifyTransformsDataType">
- <xsd:choice maxOccurs="unbounded">
- <xsd:annotation>
- <xsd:documentation>Ein oder mehrere Transformationswege können von der Applikation an MOA mitgeteilt werden. Die zu prüfende Signatur hat zumindest einem dieser Transformationswege zu entsprechen. Die Angabe kann explizit oder als Profilbezeichner erfolgen.</xsd:documentation>
- </xsd:annotation>
- <xsd:element ref="VerifyTransformsInfoProfile"/>
- <xsd:element name="VerifyTransformsInfoProfileID" type="xsd:string">
- <xsd:annotation>
- <xsd:documentation>Profilbezeichner für einen Transformationsweg</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:choice>
- </xsd:complexType>
- <xsd:element name="QualifiedCertificate"/>
- <xsd:element name="PublicAuthority" type="PublicAuthorityType"/>
- <xsd:complexType name="PublicAuthorityType">
- <xsd:sequence>
- <xsd:element name="Code" type="xsd:string" minOccurs="0"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:simpleType name="SignatoriesType">
- <xsd:union memberTypes="AllSignatoriesType">
- <xsd:simpleType>
- <xsd:list itemType="xsd:positiveInteger"/>
- </xsd:simpleType>
- </xsd:union>
- </xsd:simpleType>
- <xsd:simpleType name="AllSignatoriesType">
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="all"/>
- </xsd:restriction>
- </xsd:simpleType>
- <xsd:complexType name="CreateSignatureLocationType">
- <xsd:simpleContent>
- <xsd:extension base="xsd:token">
- <xsd:attribute name="Index" type="xsd:integer" use="required"/>
- </xsd:extension>
- </xsd:simpleContent>
- </xsd:complexType>
- <xsd:complexType name="TransformParameterType">
- <xsd:choice minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>Die Angabe des Transformationsparameters (explizit oder als Hashwert) kann unterlassen werden, wenn die Applikation von der Unveränderlichkeit des Inhalts der in "Transformationsparamter", Attribut "URI" angegebenen URI ausgehen kann.</xsd:documentation>
- </xsd:annotation>
- <xsd:element name="Base64Content" type="xsd:base64Binary">
- <xsd:annotation>
- <xsd:documentation>Der Transformationsparameter explizit angegeben.</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="Hash">
- <xsd:annotation>
- <xsd:documentation>Der Hashwert des Transformationsparameters.</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element ref="dsig:DigestMethod"/>
- <xsd:element ref="dsig:DigestValue"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- </xsd:choice>
- <xsd:attribute name="URI" type="xsd:anyURI" use="required"/>
- </xsd:complexType>
- <xsd:element name="CreateSignatureEnvironmentProfile">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="CreateSignatureLocation" type="CreateSignatureLocationType"/>
- <xsd:element name="Supplement" type="XMLDataObjectAssociationType" minOccurs="0" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="VerifyTransformsInfoProfile">
- <xsd:annotation>
- <xsd:documentation>Explizite Angabe des Transformationswegs</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element ref="dsig:Transforms" minOccurs="0"/>
- <xsd:element name="TransformParameter" type="TransformParameterType" minOccurs="0" maxOccurs="unbounded">
- <xsd:annotation>
- <xsd:documentation>Alle impliziten Transformationsparameter, die zum Durchlaufen der oben angeführten Transformationskette bekannt sein müssen, müssen hier angeführt werden. Das Attribut "URI" bezeichnet den Transformationsparameter in exakt jener Weise, wie er in der zu überprüfenden Signatur gebraucht wird.</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="Supplement" type="XMLDataObjectAssociationType"/>
- <xsd:element name="SupplementProfile" type="XMLDataObjectAssociationType"/>
- <xsd:element name="CreateTransformsInfoProfile">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="CreateTransformsInfo" type="TransformsInfoType"/>
- <xsd:element ref="Supplement" minOccurs="0" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
-</xsd:schema>
diff --git a/common/src/main/resources/resources/schemas/MOA-SPSS-1.4.7.xsd b/common/src/main/resources/resources/schemas/MOA-SPSS-1.4.7.xsd deleted file mode 100644 index 4ae327ab3..000000000 --- a/common/src/main/resources/resources/schemas/MOA-SPSS-1.4.7.xsd +++ /dev/null @@ -1,471 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?>
-<!-- edited with XMLSPY v2004 rel. 4 U (http://www.xmlspy.com) by Klaus Stranacher (ORiON) -->
-<!--
- MOA SP/SS 1.3 Schema
--->
-<xsd:schema targetNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.2" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://reference.e-government.gv.at/namespace/moa/20020822#">
- <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/>
- <xsd:import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="http://www.w3.org/2001/xml.xsd"/>
- <!--########## Create XML Signature ###-->
- <!--### Create XML Signature Request ###-->
- <xsd:element name="CreateXMLSignatureRequest">
- <xsd:complexType>
- <xsd:complexContent>
- <xsd:extension base="CreateXMLSignatureRequestType"/>
- </xsd:complexContent>
- </xsd:complexType>
- </xsd:element>
- <xsd:complexType name="CreateXMLSignatureRequestType">
- <xsd:sequence>
- <xsd:element name="KeyIdentifier" type="KeyIdentifierType"/>
- <xsd:element name="SingleSignatureInfo" maxOccurs="unbounded">
- <xsd:annotation>
- <xsd:documentation>Ermöglichung der Stapelsignatur durch wiederholte Angabe dieses Elements</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="DataObjectInfo" maxOccurs="unbounded">
- <xsd:complexType>
- <xsd:complexContent>
- <xsd:extension base="DataObjectInfoType">
- <xsd:attribute name="ChildOfManifest" type="xsd:boolean" use="optional" default="false"/>
- </xsd:extension>
- </xsd:complexContent>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="CreateSignatureInfo" minOccurs="0">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="CreateSignatureEnvironment" type="ContentOptionalRefType"/>
- <xsd:choice>
- <xsd:annotation>
- <xsd:documentation>Auswahl: Entweder explizite Angabe des Signaturorts sowie ggf. sinnvoller Supplements im Zshg. mit der Signaturumgebung, oder Verweis auf ein benanntes Profil</xsd:documentation>
- </xsd:annotation>
- <xsd:element ref="CreateSignatureEnvironmentProfile"/>
- <xsd:element name="CreateSignatureEnvironmentProfileID" type="ProfileIdentifierType"/>
- </xsd:choice>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- <xsd:attribute name="SecurityLayerConformity" type="xsd:boolean" use="optional" default="true"/>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- <!--### Create XML Signature Response ###-->
- <xsd:complexType name="CreateXMLSignatureResponseType">
- <xsd:choice maxOccurs="unbounded">
- <xsd:annotation>
- <xsd:documentation>Kardinalität 1..oo erlaubt die Antwort auf eine Stapelsignatur-Anfrage</xsd:documentation>
- </xsd:annotation>
- <xsd:element name="SignatureEnvironment">
- <xsd:annotation>
- <xsd:documentation>Resultat, falls die Signaturerstellung erfolgreich war</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:any namespace="##any" processContents="lax"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element ref="ErrorResponse"/>
- </xsd:choice>
- </xsd:complexType>
- <xsd:element name="CreateXMLSignatureResponse" type="CreateXMLSignatureResponseType"/>
- <!--########## Verify CMS Signature ###-->
- <!--### Verifiy CMS Signature Request ###-->
- <xsd:element name="VerifyCMSSignatureRequest">
- <xsd:complexType>
- <xsd:complexContent>
- <xsd:extension base="VerifyCMSSignatureRequestType">
- <xsd:attribute name="Signatories" type="SignatoriesType" use="optional" default="1"/>
- </xsd:extension>
- </xsd:complexContent>
- </xsd:complexType>
- </xsd:element>
- <xsd:complexType name="VerifyCMSSignatureRequestType">
- <xsd:sequence>
- <xsd:element name="DateTime" type="xsd:dateTime" minOccurs="0"/>
- <xsd:element name="CMSSignature" type="xsd:base64Binary"/>
- <xsd:element name="DataObject" type="CMSDataObjectOptionalMetaType" minOccurs="0"/>
- <xsd:element name="TrustProfileID" type="xsd:token">
- <xsd:annotation>
- <xsd:documentation>mit diesem Profil wird eine Menge von vertrauenswürdigen Wurzelzertifikaten spezifiziert</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- <!--### Verify CMS Signature Response ###-->
- <xsd:element name="VerifyCMSSignatureResponse" type="VerifyCMSSignatureResponseType"/>
- <xsd:complexType name="VerifyCMSSignatureResponseType">
- <xsd:sequence maxOccurs="unbounded">
- <xsd:element name="SignerInfo" type="dsig:KeyInfoType">
- <xsd:annotation>
- <xsd:documentation>only ds:X509Data and RetrievalMethod is supported; QualifiedCertificate is included as X509Data/any;publicAuthority is included as X509Data/any</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="SignatureCheck" type="CheckResultType"/>
- <xsd:element name="CertificateCheck" type="CheckResultType"/>
- </xsd:sequence>
- </xsd:complexType>
- <!--########## Verify XML Signature ###-->
- <!--### Verify XML Signature Request ###-->
- <xsd:element name="VerifyXMLSignatureRequest" type="VerifyXMLSignatureRequestType"/>
- <xsd:complexType name="VerifyXMLSignatureRequestType">
- <xsd:sequence>
- <xsd:element name="DateTime" type="xsd:dateTime" minOccurs="0"/>
- <xsd:element name="VerifySignatureInfo">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="VerifySignatureEnvironment" type="ContentOptionalRefType"/>
- <xsd:element name="VerifySignatureLocation" type="xsd:token"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:choice minOccurs="0" maxOccurs="unbounded">
- <xsd:element ref="SupplementProfile"/>
- <xsd:element name="SupplementProfileID" type="xsd:string"/>
- </xsd:choice>
- <xsd:element name="SignatureManifestCheckParams" minOccurs="0">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="ReferenceInfo" type="VerifyTransformsDataType" maxOccurs="unbounded">
- <xsd:annotation>
- <xsd:documentation>Pro dsig:Reference-Element in der zu überprüfenden XML-Signatur muss hier ein ReferenceInfo-Element erscheinen. Die Reihenfolge der einzelnen ReferenceInfo Elemente entspricht jener der dsig:Reference Elemente in der XML-Signatur.</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- <xsd:attribute name="ReturnReferenceInputData" type="xsd:boolean" use="optional" default="true"/>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="ReturnHashInputData" minOccurs="0"/>
- <xsd:element name="TrustProfileID" type="xsd:token">
- <xsd:annotation>
- <xsd:documentation>mit diesem Profil wird eine Menge von vertrauenswürdigen Wurzelzertifikaten spezifiziert</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- <!--### Verify XML Signature Response ###-->
- <xsd:element name="VerifyXMLSignatureResponse" type="VerifyXMLSignatureResponseType"/>
- <xsd:complexType name="VerifyXMLSignatureResponseType">
- <xsd:sequence>
- <xsd:element name="SignerInfo" type="dsig:KeyInfoType">
- <xsd:annotation>
- <xsd:documentation>only ds:X509Data and ds:RetrievalMethod is supported; QualifiedCertificate is included as X509Data/any; PublicAuthority is included as X509Data/any</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="HashInputData" type="InputDataType" minOccurs="0" maxOccurs="unbounded"/>
- <xsd:element name="ReferenceInputData" type="InputDataType" minOccurs="0" maxOccurs="unbounded"/>
- <xsd:element name="SignatureCheck" type="ReferencesCheckResultType"/>
- <xsd:element name="SignatureManifestCheck" type="ReferencesCheckResultType" minOccurs="0"/>
- <xsd:element name="XMLDSIGManifestCheck" type="ManifestRefsCheckResultType" minOccurs="0" maxOccurs="unbounded"/>
- <xsd:element name="CertificateCheck" type="CheckResultType"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:simpleType name="ProfileIdentifierType">
- <xsd:restriction base="xsd:token"/>
- </xsd:simpleType>
- <xsd:complexType name="InputDataType">
- <xsd:complexContent>
- <xsd:extension base="ContentExLocRefBaseType">
- <xsd:attribute name="PartOf" use="optional" default="SignedInfo">
- <xsd:simpleType>
- <xsd:restriction base="xsd:token">
- <xsd:enumeration value="SignedInfo"/>
- <xsd:enumeration value="XMLDSIGManifest"/>
- </xsd:restriction>
- </xsd:simpleType>
- </xsd:attribute>
- <xsd:attribute name="ReferringSigReference" type="xsd:nonNegativeInteger" use="optional"/>
- </xsd:extension>
- </xsd:complexContent>
- </xsd:complexType>
- <xsd:complexType name="MetaInfoType">
- <xsd:sequence>
- <xsd:element name="MimeType" type="MimeTypeType"/>
- <xsd:element name="Description" type="xsd:anyURI" minOccurs="0"/>
- <xsd:any namespace="##other" minOccurs="0" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="FinalDataMetaInfoType">
- <xsd:complexContent>
- <xsd:extension base="MetaInfoType">
- <xsd:sequence>
- <xsd:element name="Type" type="xsd:anyURI" minOccurs="0"/>
- </xsd:sequence>
- </xsd:extension>
- </xsd:complexContent>
- </xsd:complexType>
- <xsd:complexType name="DataObjectInfoType">
- <xsd:sequence>
- <xsd:element name="DataObject">
- <xsd:complexType>
- <xsd:complexContent>
- <xsd:extension base="ContentOptionalRefType"/>
- </xsd:complexContent>
- </xsd:complexType>
- </xsd:element>
- <xsd:choice>
- <xsd:annotation>
- <xsd:documentation>Auswahl: Entweder explizite Angabe EINER Transformationskette inklusive ggf. sinnvoller Supplements oder Verweis auf ein benanntes Profil</xsd:documentation>
- </xsd:annotation>
- <xsd:element ref="CreateTransformsInfoProfile"/>
- <xsd:element name="CreateTransformsInfoProfileID" type="ProfileIdentifierType"/>
- </xsd:choice>
- </xsd:sequence>
- <xsd:attribute name="Structure" use="required">
- <xsd:simpleType>
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="detached"/>
- <xsd:enumeration value="enveloping"/>
- </xsd:restriction>
- </xsd:simpleType>
- </xsd:attribute>
- </xsd:complexType>
- <xsd:complexType name="TransformsInfoType">
- <xsd:sequence>
- <xsd:element ref="dsig:Transforms" minOccurs="0"/>
- <xsd:element name="FinalDataMetaInfo" type="FinalDataMetaInfoType"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="XMLDataObjectAssociationType">
- <xsd:sequence>
- <xsd:element name="MetaInfo" type="MetaInfoType" minOccurs="0"/>
- <xsd:element name="Content" type="ContentRequiredRefType"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="CMSDataObjectOptionalMetaType">
- <xsd:sequence>
- <xsd:element name="MetaInfo" type="MetaInfoType" minOccurs="0"/>
- <xsd:element name="Content" type="CMSContentBaseType"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="CMSContentBaseType">
- <xsd:complexContent>
- <xsd:restriction base="ContentOptionalRefType">
- <xsd:choice minOccurs="0">
- <xsd:element name="Base64Content" type="xsd:base64Binary"/>
- </xsd:choice>
- </xsd:restriction>
- </xsd:complexContent>
- </xsd:complexType>
- <xsd:complexType name="CheckResultType">
- <xsd:sequence>
- <xsd:element name="Code" type="xsd:nonNegativeInteger"/>
- <xsd:element name="Info" type="AnyChildrenType" minOccurs="0"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="ReferencesCheckResultType">
- <xsd:complexContent>
- <xsd:restriction base="CheckResultType">
- <xsd:sequence>
- <xsd:element name="Code" type="xsd:nonNegativeInteger"/>
- <xsd:element name="Info" type="ReferencesCheckResultInfoType" minOccurs="0"/>
- </xsd:sequence>
- </xsd:restriction>
- </xsd:complexContent>
- </xsd:complexType>
- <xsd:complexType name="ReferencesCheckResultInfoType" mixed="true">
- <xsd:complexContent mixed="true">
- <xsd:restriction base="AnyChildrenType">
- <xsd:sequence>
- <xsd:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
- <xsd:element name="FailedReference" type="xsd:positiveInteger" minOccurs="0" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:restriction>
- </xsd:complexContent>
- </xsd:complexType>
- <xsd:complexType name="ManifestRefsCheckResultType">
- <xsd:complexContent>
- <xsd:restriction base="CheckResultType">
- <xsd:sequence>
- <xsd:element name="Code" type="xsd:nonNegativeInteger"/>
- <xsd:element name="Info" type="ManifestRefsCheckResultInfoType"/>
- </xsd:sequence>
- </xsd:restriction>
- </xsd:complexContent>
- </xsd:complexType>
- <xsd:complexType name="ManifestRefsCheckResultInfoType" mixed="true">
- <xsd:complexContent mixed="true">
- <xsd:restriction base="AnyChildrenType">
- <xsd:sequence>
- <xsd:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
- <xsd:element name="FailedReference" type="xsd:positiveInteger" minOccurs="0" maxOccurs="unbounded"/>
- <xsd:element name="ReferringSigReference" type="xsd:positiveInteger"/>
- </xsd:sequence>
- </xsd:restriction>
- </xsd:complexContent>
- </xsd:complexType>
- <!--########## Error Response ###-->
- <xsd:element name="ErrorResponse" type="ErrorResponseType">
- <xsd:annotation>
- <xsd:documentation>Resultat, falls die Signaturerstellung gescheitert ist</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:complexType name="ErrorResponseType">
- <xsd:sequence>
- <xsd:element name="ErrorCode" type="xsd:integer"/>
- <xsd:element name="Info" type="xsd:string"/>
- </xsd:sequence>
- </xsd:complexType>
- <!--########## Auxiliary Types ###-->
- <xsd:simpleType name="KeyIdentifierType">
- <xsd:restriction base="xsd:string"/>
- </xsd:simpleType>
- <xsd:simpleType name="KeyStorageType">
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="Software"/>
- <xsd:enumeration value="Hardware"/>
- </xsd:restriction>
- </xsd:simpleType>
- <xsd:simpleType name="MimeTypeType">
- <xsd:restriction base="xsd:token"/>
- </xsd:simpleType>
- <xsd:complexType name="AnyChildrenType" mixed="true">
- <xsd:sequence>
- <xsd:any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="XMLContentType" mixed="true">
- <xsd:complexContent mixed="true">
- <xsd:extension base="AnyChildrenType">
- <xsd:attribute ref="xml:space" use="optional"/>
- </xsd:extension>
- </xsd:complexContent>
- </xsd:complexType>
- <xsd:complexType name="ContentBaseType">
- <xsd:choice minOccurs="0">
- <xsd:element name="Base64Content" type="xsd:base64Binary"/>
- <xsd:element name="XMLContent" type="XMLContentType"/>
- <xsd:element name="LocRefContent" type="xsd:anyURI"/>
- </xsd:choice>
- </xsd:complexType>
- <xsd:complexType name="ContentExLocRefBaseType">
- <xsd:complexContent>
- <xsd:restriction base="ContentBaseType">
- <xsd:choice minOccurs="0">
- <xsd:element name="Base64Content" type="xsd:base64Binary"/>
- <xsd:element name="XMLContent" type="XMLContentType"/>
- </xsd:choice>
- </xsd:restriction>
- </xsd:complexContent>
- </xsd:complexType>
- <xsd:complexType name="ContentOptionalRefType">
- <xsd:complexContent>
- <xsd:extension base="ContentBaseType">
- <xsd:attribute name="Reference" type="xsd:anyURI" use="optional"/>
- </xsd:extension>
- </xsd:complexContent>
- </xsd:complexType>
- <xsd:complexType name="ContentRequiredRefType">
- <xsd:complexContent>
- <xsd:restriction base="ContentOptionalRefType">
- <xsd:choice minOccurs="0">
- <xsd:element name="Base64Content" type="xsd:base64Binary"/>
- <xsd:element name="XMLContent" type="XMLContentType"/>
- <xsd:element name="LocRefContent" type="xsd:anyURI"/>
- </xsd:choice>
- <xsd:attribute name="Reference" type="xsd:anyURI" use="required"/>
- </xsd:restriction>
- </xsd:complexContent>
- </xsd:complexType>
- <xsd:complexType name="VerifyTransformsDataType">
- <xsd:choice maxOccurs="unbounded">
- <xsd:annotation>
- <xsd:documentation>Ein oder mehrere Transformationswege können von der Applikation an MOA mitgeteilt werden. Die zu prüfende Signatur hat zumindest einem dieser Transformationswege zu entsprechen. Die Angabe kann explizit oder als Profilbezeichner erfolgen.</xsd:documentation>
- </xsd:annotation>
- <xsd:element ref="VerifyTransformsInfoProfile"/>
- <xsd:element name="VerifyTransformsInfoProfileID" type="xsd:string">
- <xsd:annotation>
- <xsd:documentation>Profilbezeichner für einen Transformationsweg</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:choice>
- </xsd:complexType>
- <xsd:element name="QualifiedCertificate"/>
- <xsd:element name="SecureSignatureCreationDevice"/>
- <xsd:element name="PublicAuthority" type="PublicAuthorityType"/>
- <xsd:complexType name="PublicAuthorityType">
- <xsd:sequence>
- <xsd:element name="Code" type="xsd:string" minOccurs="0"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:simpleType name="SignatoriesType">
- <xsd:union memberTypes="AllSignatoriesType">
- <xsd:simpleType>
- <xsd:list itemType="xsd:positiveInteger"/>
- </xsd:simpleType>
- </xsd:union>
- </xsd:simpleType>
- <xsd:simpleType name="AllSignatoriesType">
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="all"/>
- </xsd:restriction>
- </xsd:simpleType>
- <xsd:complexType name="CreateSignatureLocationType">
- <xsd:simpleContent>
- <xsd:extension base="xsd:token">
- <xsd:attribute name="Index" type="xsd:integer" use="required"/>
- </xsd:extension>
- </xsd:simpleContent>
- </xsd:complexType>
- <xsd:complexType name="TransformParameterType">
- <xsd:choice minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>Die Angabe des Transformationsparameters (explizit oder als Hashwert) kann unterlassen werden, wenn die Applikation von der Unveränderlichkeit des Inhalts der in "Transformationsparamter", Attribut "URI" angegebenen URI ausgehen kann.</xsd:documentation>
- </xsd:annotation>
- <xsd:element name="Base64Content" type="xsd:base64Binary">
- <xsd:annotation>
- <xsd:documentation>Der Transformationsparameter explizit angegeben.</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="Hash">
- <xsd:annotation>
- <xsd:documentation>Der Hashwert des Transformationsparameters.</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element ref="dsig:DigestMethod"/>
- <xsd:element ref="dsig:DigestValue"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- </xsd:choice>
- <xsd:attribute name="URI" type="xsd:anyURI" use="required"/>
- </xsd:complexType>
- <xsd:element name="CreateSignatureEnvironmentProfile">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="CreateSignatureLocation" type="CreateSignatureLocationType"/>
- <xsd:element name="Supplement" type="XMLDataObjectAssociationType" minOccurs="0" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="VerifyTransformsInfoProfile">
- <xsd:annotation>
- <xsd:documentation>Explizite Angabe des Transformationswegs</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element ref="dsig:Transforms" minOccurs="0"/>
- <xsd:element name="TransformParameter" type="TransformParameterType" minOccurs="0" maxOccurs="unbounded">
- <xsd:annotation>
- <xsd:documentation>Alle impliziten Transformationsparameter, die zum Durchlaufen der oben angeführten Transformationskette bekannt sein müssen, müssen hier angeführt werden. Das Attribut "URI" bezeichnet den Transformationsparameter in exakt jener Weise, wie er in der zu überprüfenden Signatur gebraucht wird.</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="Supplement" type="XMLDataObjectAssociationType"/>
- <xsd:element name="SupplementProfile" type="XMLDataObjectAssociationType"/>
- <xsd:element name="CreateTransformsInfoProfile">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="CreateTransformsInfo" type="TransformsInfoType"/>
- <xsd:element ref="Supplement" minOccurs="0" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
-</xsd:schema>
diff --git a/common/src/main/resources/resources/schemas/MOA-SPSS-2.0.0.xsd b/common/src/main/resources/resources/schemas/MOA-SPSS-2.0.0.xsd deleted file mode 100644 index 73d145ecf..000000000 --- a/common/src/main/resources/resources/schemas/MOA-SPSS-2.0.0.xsd +++ /dev/null @@ -1,572 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!-- - MOA SP/SS 2.0.0 Schema ---> -<xsd:schema xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://reference.e-government.gv.at/namespace/moa/20020822#" targetNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.2"> - <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/> - <xsd:import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="http://www.w3.org/2001/xml.xsd"/> - <!--########## Create CMS Signature ###--> - <!--### Create CMS Signature Request ###--> - <xsd:element name="CreateCMSSignatureRequest"> - <xsd:complexType> - <xsd:complexContent> - <xsd:extension base="CreateCMSSignatureRequestType"/> - </xsd:complexContent> - </xsd:complexType> - </xsd:element> - <xsd:complexType name="CreateCMSSignatureRequestType"> - <xsd:sequence> - <xsd:element name="KeyIdentifier" type="KeyIdentifierType"/> - <xsd:element name="SingleSignatureInfo" maxOccurs="unbounded"> - <xsd:annotation> - <xsd:documentation>Ermöglichung der Stapelsignatur durch wiederholte Angabe dieses Elements</xsd:documentation> - </xsd:annotation> - <xsd:complexType> - <xsd:sequence> - <xsd:element name="DataObjectInfo"> - <xsd:complexType> - <xsd:complexContent> - <xsd:extension base="CMSDataObjectInfoType"/> - </xsd:complexContent> - </xsd:complexType> - </xsd:element> - </xsd:sequence> - <xsd:attribute name="SecurityLayerConformity" type="xsd:boolean" use="optional" default="true"/> - </xsd:complexType> - </xsd:element> - </xsd:sequence> - </xsd:complexType> - <!--### Create CMS Signature Response ###--> - <xsd:element name="CreateCMSSignatureResponse" type="CreateCMSSignatureResponseType"/> - <xsd:complexType name="CreateCMSSignatureResponseType"> - <xsd:choice maxOccurs="unbounded"> - <xsd:annotation> - <xsd:documentation>Kardinalität 1..oo erlaubt die Antwort auf eine Stapelsignatur-Anfrage</xsd:documentation> - </xsd:annotation> - <xsd:element name="CMSSignature" type="xsd:base64Binary"> - <xsd:annotation> - <xsd:documentation>Resultat, falls die Signaturerstellung erfolgreich war</xsd:documentation> - </xsd:annotation> - </xsd:element> - <xsd:element ref="ErrorResponse"/> - </xsd:choice> - </xsd:complexType> - <!--########## Create XML Signature ###--> - <!--### Create XML Signature Request ###--> - <xsd:element name="CreateXMLSignatureRequest"> - <xsd:complexType> - <xsd:complexContent> - <xsd:extension base="CreateXMLSignatureRequestType"/> - </xsd:complexContent> - </xsd:complexType> - </xsd:element> - <xsd:complexType name="CreateXMLSignatureRequestType"> - <xsd:sequence> - <xsd:element name="KeyIdentifier" type="KeyIdentifierType"/> - <xsd:element name="SingleSignatureInfo" maxOccurs="unbounded"> - <xsd:annotation> - <xsd:documentation>Ermöglichung der Stapelsignatur durch wiederholte Angabe dieses Elements</xsd:documentation> - </xsd:annotation> - <xsd:complexType> - <xsd:sequence> - <xsd:element name="DataObjectInfo" maxOccurs="unbounded"> - <xsd:complexType> - <xsd:complexContent> - <xsd:extension base="DataObjectInfoType"> - <xsd:attribute name="ChildOfManifest" type="xsd:boolean" use="optional" default="false"/> - </xsd:extension> - </xsd:complexContent> - </xsd:complexType> - </xsd:element> - <xsd:element name="CreateSignatureInfo" minOccurs="0"> - <xsd:complexType> - <xsd:sequence> - <xsd:element name="CreateSignatureEnvironment" type="ContentOptionalRefType"/> - <xsd:choice> - <xsd:annotation> - <xsd:documentation>Auswahl: Entweder explizite Angabe des Signaturorts sowie ggf. sinnvoller Supplements im Zshg. mit der Signaturumgebung, oder Verweis auf ein benanntes Profil</xsd:documentation> - </xsd:annotation> - <xsd:element ref="CreateSignatureEnvironmentProfile"/> - <xsd:element name="CreateSignatureEnvironmentProfileID" type="ProfileIdentifierType"/> - </xsd:choice> - </xsd:sequence> - </xsd:complexType> - </xsd:element> - </xsd:sequence> - <xsd:attribute name="SecurityLayerConformity" type="xsd:boolean" use="optional" default="true"/> - </xsd:complexType> - </xsd:element> - </xsd:sequence> - </xsd:complexType> - <!--### Create XML Signature Response ###--> - <xsd:complexType name="CreateXMLSignatureResponseType"> - <xsd:choice maxOccurs="unbounded"> - <xsd:annotation> - <xsd:documentation>Kardinalität 1..oo erlaubt die Antwort auf eine Stapelsignatur-Anfrage</xsd:documentation> - </xsd:annotation> - <xsd:element name="SignatureEnvironment"> - <xsd:annotation> - <xsd:documentation>Resultat, falls die Signaturerstellung erfolgreich war</xsd:documentation> - </xsd:annotation> - <xsd:complexType> - <xsd:sequence> - <xsd:any namespace="##any" processContents="lax"/> - </xsd:sequence> - </xsd:complexType> - </xsd:element> - <xsd:element ref="ErrorResponse"/> - </xsd:choice> - </xsd:complexType> - <xsd:element name="CreateXMLSignatureResponse" type="CreateXMLSignatureResponseType"/> - <!--########## Verify CMS Signature ###--> - <!--### Verifiy CMS Signature Request ###--> - <xsd:element name="VerifyCMSSignatureRequest"> - <xsd:complexType> - <xsd:complexContent> - <xsd:extension base="VerifyCMSSignatureRequestType"> - <xsd:attribute name="Signatories" type="SignatoriesType" use="optional" default="1"/> - </xsd:extension> - </xsd:complexContent> - </xsd:complexType> - </xsd:element> - <xsd:complexType name="VerifyCMSSignatureRequestType"> - <xsd:sequence> - <xsd:element name="DateTime" type="xsd:dateTime" minOccurs="0"/> - <xsd:element name="CMSSignature" type="xsd:base64Binary"/> - <xsd:element name="DataObject" type="CMSDataObjectOptionalMetaType" minOccurs="0"/> - <xsd:element name="TrustProfileID" type="xsd:token"> - <xsd:annotation> - <xsd:documentation>mit diesem Profil wird eine Menge von vertrauenswürdigen Wurzelzertifikaten spezifiziert</xsd:documentation> - </xsd:annotation> - </xsd:element> - </xsd:sequence> - </xsd:complexType> - <!--### Verify CMS Signature Response ###--> - <xsd:element name="VerifyCMSSignatureResponse" type="VerifyCMSSignatureResponseType"/> - <xsd:complexType name="VerifyCMSSignatureResponseType"> - <xsd:sequence maxOccurs="unbounded"> - <xsd:element name="SignerInfo" type="dsig:KeyInfoType"> - <xsd:annotation> - <xsd:documentation>only ds:X509Data and RetrievalMethod is supported; QualifiedCertificate is included as X509Data/any;publicAuthority is included as X509Data/any; SecureSignatureCreationDevice is included as X509Data/any, IssuingCountry is included as X509Data/any</xsd:documentation> - </xsd:annotation> - </xsd:element> - <xsd:element name="SignatureCheck" type="CheckResultType"/> - <xsd:element name="CertificateCheck" type="CheckResultType"/> - </xsd:sequence> - </xsd:complexType> - <!--########## Verify XML Signature ###--> - <!--### Verify XML Signature Request ###--> - <xsd:element name="VerifyXMLSignatureRequest" type="VerifyXMLSignatureRequestType"/> - <xsd:complexType name="VerifyXMLSignatureRequestType"> - <xsd:sequence> - <xsd:element name="DateTime" type="xsd:dateTime" minOccurs="0"/> - <xsd:element name="VerifySignatureInfo"> - <xsd:complexType> - <xsd:sequence> - <xsd:element name="VerifySignatureEnvironment" type="ContentOptionalRefType"/> - <xsd:element name="VerifySignatureLocation" type="xsd:token"/> - </xsd:sequence> - </xsd:complexType> - </xsd:element> - <xsd:choice minOccurs="0" maxOccurs="unbounded"> - <xsd:element ref="SupplementProfile"/> - <xsd:element name="SupplementProfileID" type="xsd:string"/> - </xsd:choice> - <xsd:element name="SignatureManifestCheckParams" minOccurs="0"> - <xsd:complexType> - <xsd:sequence> - <xsd:element name="ReferenceInfo" type="VerifyTransformsDataType" maxOccurs="unbounded"> - <xsd:annotation> - <xsd:documentation>Pro dsig:Reference-Element in der zu überprüfenden XML-Signatur muss hier ein ReferenceInfo-Element erscheinen. Die Reihenfolge der einzelnen ReferenceInfo Elemente entspricht jener der dsig:Reference Elemente in der XML-Signatur.</xsd:documentation> - </xsd:annotation> - </xsd:element> - </xsd:sequence> - <xsd:attribute name="ReturnReferenceInputData" type="xsd:boolean" use="optional" default="true"/> - </xsd:complexType> - </xsd:element> - <xsd:element name="ReturnHashInputData" minOccurs="0"/> - <xsd:element name="TrustProfileID" type="xsd:token"> - <xsd:annotation> - <xsd:documentation>mit diesem Profil wird eine Menge von vertrauenswürdigen Wurzelzertifikaten spezifiziert</xsd:documentation> - </xsd:annotation> - </xsd:element> - </xsd:sequence> - </xsd:complexType> - <!--### Verify XML Signature Response ###--> - <xsd:element name="VerifyXMLSignatureResponse" type="VerifyXMLSignatureResponseType"/> - <xsd:complexType name="VerifyXMLSignatureResponseType"> - <xsd:sequence> - <xsd:element name="SignerInfo" type="dsig:KeyInfoType"> - <xsd:annotation> - <xsd:documentation>only ds:X509Data and ds:RetrievalMethod is supported; QualifiedCertificate is included as X509Data/any; PublicAuthority is included as X509Data/any; SecureSignatureCreationDevice is included as X509Data/any, IssuingCountry is included as X509Data/any</xsd:documentation> - </xsd:annotation> - </xsd:element> - <xsd:element name="HashInputData" type="InputDataType" minOccurs="0" maxOccurs="unbounded"/> - <xsd:element name="ReferenceInputData" type="InputDataType" minOccurs="0" maxOccurs="unbounded"/> - <xsd:element name="SignatureCheck" type="ReferencesCheckResultType"/> - <xsd:element name="SignatureManifestCheck" type="ReferencesCheckResultType" minOccurs="0"/> - <xsd:element name="XMLDSIGManifestCheck" type="ManifestRefsCheckResultType" minOccurs="0" maxOccurs="unbounded"/> - <xsd:element name="CertificateCheck" type="CheckResultType"/> - </xsd:sequence> - </xsd:complexType> - <xsd:simpleType name="ProfileIdentifierType"> - <xsd:restriction base="xsd:token"/> - </xsd:simpleType> - <xsd:complexType name="InputDataType"> - <xsd:complexContent> - <xsd:extension base="ContentExLocRefBaseType"> - <xsd:attribute name="PartOf" use="optional" default="SignedInfo"> - <xsd:simpleType> - <xsd:restriction base="xsd:token"> - <xsd:enumeration value="SignedInfo"/> - <xsd:enumeration value="XMLDSIGManifest"/> - </xsd:restriction> - </xsd:simpleType> - </xsd:attribute> - <xsd:attribute name="ReferringSigReference" type="xsd:nonNegativeInteger" use="optional"/> - </xsd:extension> - </xsd:complexContent> - </xsd:complexType> - <xsd:complexType name="MetaInfoType"> - <xsd:sequence> - <xsd:element name="MimeType" type="MimeTypeType"/> - <xsd:element name="Description" type="xsd:anyURI" minOccurs="0"/> - <xsd:any namespace="##other" minOccurs="0" maxOccurs="unbounded"/> - </xsd:sequence> - </xsd:complexType> - <xsd:complexType name="FinalDataMetaInfoType"> - <xsd:complexContent> - <xsd:extension base="MetaInfoType"> - <xsd:sequence> - <xsd:element name="Type" type="xsd:anyURI" minOccurs="0"/> - </xsd:sequence> - </xsd:extension> - </xsd:complexContent> - </xsd:complexType> - <xsd:complexType name="DataObjectInfoType"> - <xsd:sequence> - <xsd:element name="DataObject"> - <xsd:complexType> - <xsd:complexContent> - <xsd:extension base="ContentOptionalRefType"/> - </xsd:complexContent> - </xsd:complexType> - </xsd:element> - <xsd:choice> - <xsd:annotation> - <xsd:documentation>Auswahl: Entweder explizite Angabe EINER Transformationskette inklusive ggf. sinnvoller Supplements oder Verweis auf ein benanntes Profil</xsd:documentation> - </xsd:annotation> - <xsd:element ref="CreateTransformsInfoProfile"/> - <xsd:element name="CreateTransformsInfoProfileID" type="ProfileIdentifierType"/> - </xsd:choice> - </xsd:sequence> - <xsd:attribute name="Structure" use="required"> - <xsd:simpleType> - <xsd:restriction base="xsd:string"> - <xsd:enumeration value="detached"/> - <xsd:enumeration value="enveloping"/> - </xsd:restriction> - </xsd:simpleType> - </xsd:attribute> - </xsd:complexType> - <xsd:complexType name="CMSDataObjectInfoType"> - <xsd:sequence> - <xsd:element name="DataObject"> - <xsd:complexType> - <xsd:complexContent> - <xsd:extension base="CMSDataObjectRequiredMetaType"/> - </xsd:complexContent> - </xsd:complexType> - </xsd:element> - </xsd:sequence> - <xsd:attribute name="Structure" use="required"> - <xsd:simpleType> - <xsd:restriction base="xsd:string"> - <xsd:enumeration value="detached"/> - <xsd:enumeration value="enveloping"/> - </xsd:restriction> - </xsd:simpleType> - </xsd:attribute> - </xsd:complexType> - <xsd:complexType name="TransformsInfoType"> - <xsd:sequence> - <xsd:element ref="dsig:Transforms" minOccurs="0"/> - <xsd:element name="FinalDataMetaInfo" type="FinalDataMetaInfoType"/> - </xsd:sequence> - </xsd:complexType> - <xsd:complexType name="XMLDataObjectAssociationType"> - <xsd:sequence> - <xsd:element name="MetaInfo" type="MetaInfoType" minOccurs="0"/> - <xsd:element name="Content" type="ContentRequiredRefType"/> - </xsd:sequence> - </xsd:complexType> - <xsd:complexType name="CMSDataObjectOptionalMetaType"> - <xsd:sequence> - <xsd:element name="MetaInfo" type="MetaInfoType" minOccurs="0"/> - <xsd:element name="Content" type="CMSContentBaseType"/> - <xsd:element name="ExcludedByteRange" type="ExcludedByteRangeType" minOccurs="0"/> - </xsd:sequence> - </xsd:complexType> - <xsd:complexType name="CMSDataObjectRequiredMetaType"> - <xsd:sequence> - <xsd:element name="MetaInfo" type="MetaInfoType"/> - <xsd:element name="Content" type="CMSContentBaseType"/> - <xsd:element name="ExcludedByteRange" type="ExcludedByteRangeType" minOccurs="0"/> - </xsd:sequence> - </xsd:complexType> - <xsd:complexType name="ExcludedByteRangeType"> - <xsd:sequence> - <xsd:element name="From" type="xsd:unsignedLong"/> - <xsd:element name="To" type="xsd:unsignedLong"/> - </xsd:sequence> - </xsd:complexType> - <xsd:complexType name="CMSContentBaseType"> - <xsd:complexContent> - <xsd:restriction base="ContentOptionalRefType"> - <xsd:choice minOccurs="0"> - <xsd:element name="Base64Content" type="xsd:base64Binary"/> - </xsd:choice> - </xsd:restriction> - </xsd:complexContent> - </xsd:complexType> - <xsd:complexType name="CheckResultType"> - <xsd:sequence> - <xsd:element name="Code" type="xsd:nonNegativeInteger"/> - <xsd:element name="Info" type="AnyChildrenType" minOccurs="0"/> - </xsd:sequence> - </xsd:complexType> - <xsd:complexType name="ReferencesCheckResultType"> - <xsd:complexContent> - <xsd:restriction base="CheckResultType"> - <xsd:sequence> - <xsd:element name="Code" type="xsd:nonNegativeInteger"/> - <xsd:element name="Info" type="ReferencesCheckResultInfoType" minOccurs="0"/> - </xsd:sequence> - </xsd:restriction> - </xsd:complexContent> - </xsd:complexType> - <xsd:complexType name="ReferencesCheckResultInfoType" mixed="true"> - <xsd:complexContent> - <xsd:restriction base="AnyChildrenType"> - <xsd:sequence> - <xsd:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/> - <xsd:element name="FailedReference" type="xsd:positiveInteger" minOccurs="0" maxOccurs="unbounded"/> - </xsd:sequence> - </xsd:restriction> - </xsd:complexContent> - </xsd:complexType> - <xsd:complexType name="ManifestRefsCheckResultType"> - <xsd:complexContent> - <xsd:restriction base="CheckResultType"> - <xsd:sequence> - <xsd:element name="Code" type="xsd:nonNegativeInteger"/> - <xsd:element name="Info" type="ManifestRefsCheckResultInfoType"/> - </xsd:sequence> - </xsd:restriction> - </xsd:complexContent> - </xsd:complexType> - <xsd:complexType name="ManifestRefsCheckResultInfoType" mixed="true"> - <xsd:complexContent> - <xsd:restriction base="AnyChildrenType"> - <xsd:sequence> - <xsd:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/> - <xsd:element name="FailedReference" type="xsd:positiveInteger" minOccurs="0" maxOccurs="unbounded"/> - <xsd:element name="ReferringSigReference" type="xsd:positiveInteger"/> - </xsd:sequence> - </xsd:restriction> - </xsd:complexContent> - </xsd:complexType> - <!--########## Error Response ###--> - <xsd:element name="ErrorResponse" type="ErrorResponseType"> - <xsd:annotation> - <xsd:documentation>Resultat, falls die Signaturerstellung gescheitert ist</xsd:documentation> - </xsd:annotation> - </xsd:element> - <xsd:complexType name="ErrorResponseType"> - <xsd:sequence> - <xsd:element name="ErrorCode" type="xsd:integer"/> - <xsd:element name="Info" type="xsd:string"/> - </xsd:sequence> - </xsd:complexType> - <!--########## Auxiliary Types ###--> - <xsd:simpleType name="KeyIdentifierType"> - <xsd:restriction base="xsd:string"/> - </xsd:simpleType> - <xsd:simpleType name="KeyStorageType"> - <xsd:restriction base="xsd:string"> - <xsd:enumeration value="Software"/> - <xsd:enumeration value="Hardware"/> - </xsd:restriction> - </xsd:simpleType> - <xsd:simpleType name="MimeTypeType"> - <xsd:restriction base="xsd:token"/> - </xsd:simpleType> - <xsd:complexType name="AnyChildrenType" mixed="true"> - <xsd:sequence> - <xsd:any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/> - </xsd:sequence> - </xsd:complexType> - <xsd:complexType name="XMLContentType" mixed="true"> - <xsd:complexContent> - <xsd:extension base="AnyChildrenType"> - <xsd:attribute ref="xml:space" use="optional"/> - </xsd:extension> - </xsd:complexContent> - </xsd:complexType> - <xsd:complexType name="ContentBaseType"> - <xsd:choice minOccurs="0"> - <xsd:element name="Base64Content" type="xsd:base64Binary"/> - <xsd:element name="XMLContent" type="XMLContentType"/> - <xsd:element name="LocRefContent" type="xsd:anyURI"/> - </xsd:choice> - </xsd:complexType> - <xsd:complexType name="ContentExLocRefBaseType"> - <xsd:complexContent> - <xsd:restriction base="ContentBaseType"> - <xsd:choice minOccurs="0"> - <xsd:element name="Base64Content" type="xsd:base64Binary"/> - <xsd:element name="XMLContent" type="XMLContentType"/> - </xsd:choice> - </xsd:restriction> - </xsd:complexContent> - </xsd:complexType> - <xsd:complexType name="ContentOptionalRefType"> - <xsd:complexContent> - <xsd:extension base="ContentBaseType"> - <xsd:attribute name="Reference" type="xsd:anyURI" use="optional"/> - </xsd:extension> - </xsd:complexContent> - </xsd:complexType> - <xsd:complexType name="ContentRequiredRefType"> - <xsd:complexContent> - <xsd:restriction base="ContentOptionalRefType"> - <xsd:choice minOccurs="0"> - <xsd:element name="Base64Content" type="xsd:base64Binary"/> - <xsd:element name="XMLContent" type="XMLContentType"/> - <xsd:element name="LocRefContent" type="xsd:anyURI"/> - </xsd:choice> - <xsd:attribute name="Reference" type="xsd:anyURI" use="required"/> - </xsd:restriction> - </xsd:complexContent> - </xsd:complexType> - <xsd:complexType name="VerifyTransformsDataType"> - <xsd:choice maxOccurs="unbounded"> - <xsd:annotation> - <xsd:documentation>Ein oder mehrere Transformationswege können von der Applikation an MOA mitgeteilt werden. Die zu prüfende Signatur hat zumindest einem dieser Transformationswege zu entsprechen. Die Angabe kann explizit oder als Profilbezeichner erfolgen.</xsd:documentation> - </xsd:annotation> - <xsd:element ref="VerifyTransformsInfoProfile"/> - <xsd:element name="VerifyTransformsInfoProfileID" type="xsd:string"> - <xsd:annotation> - <xsd:documentation>Profilbezeichner für einen Transformationsweg</xsd:documentation> - </xsd:annotation> - </xsd:element> - </xsd:choice> - </xsd:complexType> - <xsd:element name="QualifiedCertificate"> - <xsd:complexType> - <xsd:attribute name="source" use="optional"> - <xsd:simpleType> - <xsd:restriction base="xsd:token"> - <xsd:enumeration value="TSL"/> - <xsd:enumeration value="Certificate"/> - </xsd:restriction> - </xsd:simpleType> - </xsd:attribute> - </xsd:complexType> - </xsd:element> - <xsd:element name="SecureSignatureCreationDevice"> - <xsd:complexType> - <xsd:attribute name="source" use="optional"> - <xsd:simpleType> - <xsd:restriction base="xsd:token"> - <xsd:enumeration value="TSL"/> - <xsd:enumeration value="Certificate"/> - </xsd:restriction> - </xsd:simpleType> - </xsd:attribute> - </xsd:complexType> - </xsd:element> - <xsd:element name="IssuingCountry" type="xsd:token"/> - <xsd:element name="PublicAuthority" type="PublicAuthorityType"/> - <xsd:complexType name="PublicAuthorityType"> - <xsd:sequence> - <xsd:element name="Code" type="xsd:string" minOccurs="0"/> - </xsd:sequence> - </xsd:complexType> - <xsd:simpleType name="SignatoriesType"> - <xsd:union memberTypes="AllSignatoriesType"> - <xsd:simpleType> - <xsd:list itemType="xsd:positiveInteger"/> - </xsd:simpleType> - </xsd:union> - </xsd:simpleType> - <xsd:simpleType name="AllSignatoriesType"> - <xsd:restriction base="xsd:string"> - <xsd:enumeration value="all"/> - </xsd:restriction> - </xsd:simpleType> - <xsd:complexType name="CreateSignatureLocationType"> - <xsd:simpleContent> - <xsd:extension base="xsd:token"> - <xsd:attribute name="Index" type="xsd:integer" use="required"/> - </xsd:extension> - </xsd:simpleContent> - </xsd:complexType> - <xsd:complexType name="TransformParameterType"> - <xsd:choice minOccurs="0"> - <xsd:annotation> - <xsd:documentation>Die Angabe des Transformationsparameters (explizit oder als Hashwert) kann unterlassen werden, wenn die Applikation von der Unveränderlichkeit des Inhalts der in "Transformationsparamter", Attribut "URI" angegebenen URI ausgehen kann.</xsd:documentation> - </xsd:annotation> - <xsd:element name="Base64Content" type="xsd:base64Binary"> - <xsd:annotation> - <xsd:documentation>Der Transformationsparameter explizit angegeben.</xsd:documentation> - </xsd:annotation> - </xsd:element> - <xsd:element name="Hash"> - <xsd:annotation> - <xsd:documentation>Der Hashwert des Transformationsparameters.</xsd:documentation> - </xsd:annotation> - <xsd:complexType> - <xsd:sequence> - <xsd:element ref="dsig:DigestMethod"/> - <xsd:element ref="dsig:DigestValue"/> - </xsd:sequence> - </xsd:complexType> - </xsd:element> - </xsd:choice> - <xsd:attribute name="URI" type="xsd:anyURI" use="required"/> - </xsd:complexType> - <xsd:element name="CreateSignatureEnvironmentProfile"> - <xsd:complexType> - <xsd:sequence> - <xsd:element name="CreateSignatureLocation" type="CreateSignatureLocationType"/> - <xsd:element name="Supplement" type="XMLDataObjectAssociationType" minOccurs="0" maxOccurs="unbounded"/> - </xsd:sequence> - </xsd:complexType> - </xsd:element> - <xsd:element name="VerifyTransformsInfoProfile"> - <xsd:annotation> - <xsd:documentation>Explizite Angabe des Transformationswegs</xsd:documentation> - </xsd:annotation> - <xsd:complexType> - <xsd:sequence> - <xsd:element ref="dsig:Transforms" minOccurs="0"/> - <xsd:element name="TransformParameter" type="TransformParameterType" minOccurs="0" maxOccurs="unbounded"> - <xsd:annotation> - <xsd:documentation>Alle impliziten Transformationsparameter, die zum Durchlaufen der oben angeführten Transformationskette bekannt sein müssen, müssen hier angeführt werden. Das Attribut "URI" bezeichnet den Transformationsparameter in exakt jener Weise, wie er in der zu überprüfenden Signatur gebraucht wird.</xsd:documentation> - </xsd:annotation> - </xsd:element> - </xsd:sequence> - </xsd:complexType> - </xsd:element> - <xsd:element name="Supplement" type="XMLDataObjectAssociationType"/> - <xsd:element name="SupplementProfile" type="XMLDataObjectAssociationType"/> - <xsd:element name="CreateTransformsInfoProfile"> - <xsd:complexType> - <xsd:sequence> - <xsd:element name="CreateTransformsInfo" type="TransformsInfoType"/> - <xsd:element ref="Supplement" minOccurs="0" maxOccurs="unbounded"/> - </xsd:sequence> - </xsd:complexType> - </xsd:element> -</xsd:schema> diff --git a/common/src/main/resources/resources/schemas/MOA-SPSS-config-1.3.xsd b/common/src/main/resources/resources/schemas/MOA-SPSS-config-1.3.xsd deleted file mode 100644 index 8ab3d62aa..000000000 --- a/common/src/main/resources/resources/schemas/MOA-SPSS-config-1.3.xsd +++ /dev/null @@ -1,253 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?>
-<!--
- MOA SP/SS 1.3 Configuration Schema
--->
-<xs:schema targetNamespace="http://reference.e-government.gv.at/namespace/moaconfig/20021122#" elementFormDefault="qualified" attributeFormDefault="unqualified" xmlns:config="http://reference.e-government.gv.at/namespace/moaconfig/20021122#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:xs="http://www.w3.org/2001/XMLSchema">
- <xs:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/>
- <xs:element name="MOAConfiguration">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="Common" minOccurs="0">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="HardwareCryptoModule" minOccurs="0" maxOccurs="unbounded">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="Name" type="xs:string"/>
- <xs:element name="SlotId" type="xs:string" minOccurs="0"/>
- <xs:element name="UserPIN" type="xs:string"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="SignatureCreation" minOccurs="0">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="KeyModules">
- <xs:complexType>
- <xs:choice maxOccurs="unbounded">
- <xs:element name="HardwareKeyModule">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="Id" type="xs:token"/>
- <xs:element name="Name" type="xs:string"/>
- <xs:element name="SlotId" type="xs:string" minOccurs="0"/>
- <xs:element name="UserPIN" type="xs:string"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="SoftwareKeyModule">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="Id" type="xs:token"/>
- <xs:element name="FileName" type="xs:string"/>
- <xs:element name="Password" type="xs:string" minOccurs="0"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:choice>
- </xs:complexType>
- </xs:element>
- <xs:element name="KeyGroup" maxOccurs="unbounded">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="Id" type="xs:token"/>
- <xs:sequence maxOccurs="unbounded">
- <xs:element name="Key">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="KeyModuleId" type="xs:token"/>
- <xs:element name="KeyCertIssuerSerial" type="dsig:X509IssuerSerialType"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="KeyGroupMapping" maxOccurs="unbounded">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="CustomerId" type="dsig:X509IssuerSerialType" minOccurs="0"/>
- <xs:element name="KeyGroupId" type="xs:token" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="XMLDSig">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="CanonicalizationAlgorithm" type="xs:anyURI" minOccurs="0"/>
- <xs:element name="DigestMethodAlgorithm" type="xs:anyURI" minOccurs="0"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="CreateTransformsInfoProfile" type="config:ProfileType" minOccurs="0" maxOccurs="unbounded"/>
- <xs:element name="CreateSignatureEnvironmentProfile" type="config:ProfileType" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="SignatureVerification" minOccurs="0">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="CertificateValidation">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="PathConstruction">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="AutoAddCertificates" type="xs:boolean"/>
- <xs:element name="UseAuthorityInformationAccess" type="xs:boolean"/>
- <xs:element name="CertificateStore">
- <xs:complexType>
- <xs:choice>
- <xs:element name="DirectoryStore">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="Location" type="xs:token"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:choice>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="PathValidation">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="ChainingMode">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="DefaultMode" type="config:ChainingModeType"/>
- <xs:element name="TrustAnchor" minOccurs="0" maxOccurs="unbounded">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="Identification" type="dsig:X509IssuerSerialType"/>
- <xs:element name="Mode" type="config:ChainingModeType"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="TrustProfile" maxOccurs="unbounded">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="Id" type="xs:token"/>
- <xs:element name="TrustAnchorsLocation" type="xs:anyURI"/>
- <xs:element name="SignerCertsLocation" type="xs:anyURI" minOccurs="0"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="RevocationChecking">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="EnableChecking" type="xs:boolean"/>
- <xs:element name="MaxRevocationAge" type="xs:integer"/>
- <xs:element name="ServiceOrder" minOccurs="0">
- <xs:complexType>
- <xs:sequence minOccurs="2" maxOccurs="2">
- <xs:element name="Service">
- <xs:simpleType>
- <xs:restriction base="xs:token">
- <xs:enumeration value="OCSP"/>
- <xs:enumeration value="CRL"/>
- </xs:restriction>
- </xs:simpleType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="Archiving">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="EnableArchiving" type="xs:boolean"/>
- <xs:element name="ArchiveDuration" type="xs:nonNegativeInteger" minOccurs="0"/>
- <xs:element name="Archive" minOccurs="0">
- <xs:complexType>
- <xs:choice>
- <xs:element name="DatabaseArchive">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="JDBCURL" type="xs:anyURI"/>
- <xs:element name="JDBCDriverClassName" type="xs:token"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:choice>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="DistributionPoint" minOccurs="0" maxOccurs="unbounded">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="CAIssuerDN" type="xs:token"/>
- <xs:choice maxOccurs="unbounded">
- <xs:element name="CRLDP">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="Location" type="xs:anyURI"/>
- <xs:element name="ReasonCode" minOccurs="0" maxOccurs="unbounded">
- <xs:simpleType>
- <xs:restriction base="xs:token">
- <xs:enumeration value="unused"/>
- <xs:enumeration value="keyCompromise"/>
- <xs:enumeration value="cACompromise"/>
- <xs:enumeration value="affiliationChanged"/>
- <xs:enumeration value="superseded"/>
- <xs:enumeration value="cessationOfOperation"/>
- <xs:enumeration value="certificateHold"/>
- <xs:enumeration value="privilegeWithdrawn"/>
- <xs:enumeration value="aACompromise"/>
- </xs:restriction>
- </xs:simpleType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="OCSPDP">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="Location" type="xs:anyURI"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:choice>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="VerifyTransformsInfoProfile" type="config:ProfileType" minOccurs="0" maxOccurs="unbounded"/>
- <xs:element name="SupplementProfile" type="config:ProfileType" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:simpleType name="ChainingModeType">
- <xs:restriction base="xs:string">
- <xs:enumeration value="chaining"/>
- <xs:enumeration value="pkix"/>
- </xs:restriction>
- </xs:simpleType>
- <xs:complexType name="ProfileType">
- <xs:sequence>
- <xs:element name="Id" type="xs:token"/>
- <xs:element name="Location" type="xs:anyURI"/>
- </xs:sequence>
- </xs:complexType>
-</xs:schema>
diff --git a/common/src/main/resources/resources/schemas/MOA-SPSS-config-1.4.3.xsd b/common/src/main/resources/resources/schemas/MOA-SPSS-config-1.4.3.xsd deleted file mode 100644 index 2b2f1d689..000000000 --- a/common/src/main/resources/resources/schemas/MOA-SPSS-config-1.4.3.xsd +++ /dev/null @@ -1,312 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?>
-<!--
- MOA SP/SS 1.4.3 Configuration Schema
--->
-<xs:schema targetNamespace="http://reference.e-government.gv.at/namespace/moaconfig/20021122#" elementFormDefault="qualified" attributeFormDefault="unqualified" xmlns:config="http://reference.e-government.gv.at/namespace/moaconfig/20021122#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:xs="http://www.w3.org/2001/XMLSchema">
- <xs:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/>
- <xs:element name="MOAConfiguration">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="Common" minOccurs="0">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="HardwareCryptoModule" minOccurs="0" maxOccurs="unbounded">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="Name" type="xs:string"/>
- <xs:element name="SlotId" type="xs:string" minOccurs="0"/>
- <xs:element name="UserPIN" type="xs:string"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="SignatureCreation" minOccurs="0">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="KeyModules">
- <xs:complexType>
- <xs:choice maxOccurs="unbounded">
- <xs:element name="HardwareKeyModule">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="Id" type="xs:token"/>
- <xs:element name="Name" type="xs:string"/>
- <xs:element name="SlotId" type="xs:string" minOccurs="0"/>
- <xs:element name="UserPIN" type="xs:string"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="SoftwareKeyModule">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="Id" type="xs:token"/>
- <xs:element name="FileName" type="xs:string"/>
- <xs:element name="Password" type="xs:string" minOccurs="0"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:choice>
- </xs:complexType>
- </xs:element>
- <xs:element name="KeyGroup" maxOccurs="unbounded">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="Id" type="xs:token"/>
- <xs:sequence maxOccurs="unbounded">
- <xs:element name="Key">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="KeyModuleId" type="xs:token"/>
- <xs:element name="KeyCertIssuerSerial" type="dsig:X509IssuerSerialType"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="KeyGroupMapping" maxOccurs="unbounded">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="CustomerId" type="dsig:X509IssuerSerialType" minOccurs="0"/>
- <xs:element name="KeyGroupId" type="xs:token" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="XMLDSig">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="CanonicalizationAlgorithm" type="xs:anyURI" minOccurs="0"/>
- <xs:element name="DigestMethodAlgorithm" type="xs:anyURI" minOccurs="0"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="CreateTransformsInfoProfile" type="config:ProfileType" minOccurs="0" maxOccurs="unbounded"/>
- <xs:element name="CreateSignatureEnvironmentProfile" type="config:ProfileType" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="SignatureVerification" minOccurs="0">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="CertificateValidation">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="PathConstruction">
- <xs:complexType>
- <xs:sequence>
- <xs:element
- name="AutoAddCertificates" type="xs:boolean" />
- <xs:element
- name="UseAuthorityInformationAccess"
- type="xs:boolean" />
- <xs:element
- name="CertificateStore">
- <xs:complexType>
- <xs:choice>
- <xs:element
- name="DirectoryStore">
- <xs:complexType>
- <xs:sequence>
- <xs:element
- name="Location" type="xs:token" />
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:choice>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="PathValidation">
- <xs:complexType>
- <xs:sequence>
- <xs:element
- name="ChainingMode">
- <xs:complexType>
- <xs:sequence>
- <xs:element
- name="DefaultMode"
- type="config:ChainingModeType" />
- <xs:element
- name="TrustAnchor" minOccurs="0"
- maxOccurs="unbounded">
- <xs:complexType>
- <xs:sequence>
- <xs:element
- name="Identification"
- type="dsig:X509IssuerSerialType" />
- <xs:element
- name="Mode" type="config:ChainingModeType" />
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="TrustProfile"
- maxOccurs="unbounded">
- <xs:complexType>
- <xs:sequence>
- <xs:element
- name="Id" type="xs:token" />
- <xs:element
- name="TrustAnchorsLocation" type="xs:anyURI" />
- <xs:element
- name="SignerCertsLocation" type="xs:anyURI"
- minOccurs="0" />
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="RevocationChecking">
- <xs:complexType>
- <xs:sequence>
- <xs:element
- name="EnableChecking" type="xs:boolean" />
- <xs:element
- name="MaxRevocationAge" type="xs:integer" />
- <xs:element name="ServiceOrder"
- minOccurs="0">
- <xs:complexType>
- <xs:sequence
- minOccurs="2" maxOccurs="2">
- <xs:element
- name="Service">
- <xs:simpleType>
- <xs:restriction
- base="xs:token">
- <xs:enumeration
- value="OCSP" />
- <xs:enumeration
- value="CRL" />
- </xs:restriction>
- </xs:simpleType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="Archiving">
- <xs:complexType>
- <xs:sequence>
- <xs:element
- name="EnableArchiving" type="xs:boolean" />
- <xs:element
- name="ArchiveDuration"
- type="xs:nonNegativeInteger" minOccurs="0" />
- <xs:element
- name="Archive" minOccurs="0">
- <xs:complexType>
- <xs:choice>
- <xs:element
- name="DatabaseArchive">
- <xs:complexType>
- <xs:sequence>
- <xs:element
- name="JDBCURL" type="xs:anyURI" />
- <xs:element
- name="JDBCDriverClassName" type="xs:token" />
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:choice>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element
- name="DistributionPoint" minOccurs="0"
- maxOccurs="unbounded">
- <xs:complexType>
- <xs:sequence>
- <xs:element
- name="CAIssuerDN" type="xs:token" />
- <xs:choice
- maxOccurs="unbounded">
- <xs:element
- name="CRLDP">
- <xs:complexType>
- <xs:sequence>
- <xs:element
- name="Location" type="xs:anyURI" />
- <xs:element
- name="ReasonCode" minOccurs="0"
- maxOccurs="unbounded">
- <xs:simpleType>
- <xs:restriction
- base="xs:token">
- <xs:enumeration
- value="unused" />
- <xs:enumeration
- value="keyCompromise" />
- <xs:enumeration
- value="cACompromise" />
- <xs:enumeration
- value="affiliationChanged" />
- <xs:enumeration
- value="superseded" />
- <xs:enumeration
- value="cessationOfOperation" />
- <xs:enumeration
- value="certificateHold" />
- <xs:enumeration
- value="privilegeWithdrawn" />
- <xs:enumeration
- value="aACompromise" />
- </xs:restriction>
- </xs:simpleType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element
- name="OCSPDP">
- <xs:complexType>
- <xs:sequence>
- <xs:element
- name="Location" type="xs:anyURI" />
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:choice>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="VerifyTransformsInfoProfile"
- type="config:ProfileType" minOccurs="0"
- maxOccurs="unbounded" />
- <xs:element name="SupplementProfile"
- type="config:ProfileType" minOccurs="0"
- maxOccurs="unbounded" />
- <xs:element name="PermitFileURIs" type="xs:boolean" minOccurs="0" maxOccurs="1" default="false"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:simpleType name="ChainingModeType">
- <xs:restriction base="xs:string">
- <xs:enumeration value="chaining"/>
- <xs:enumeration value="pkix"/>
- </xs:restriction>
- </xs:simpleType>
- <xs:complexType name="ProfileType">
- <xs:sequence>
- <xs:element name="Id" type="xs:token"/>
- <xs:element name="Location" type="xs:anyURI"/>
- </xs:sequence>
- </xs:complexType>
-</xs:schema>
diff --git a/common/src/main/resources/resources/schemas/MOA-SPSS-config-1.4.5.xsd b/common/src/main/resources/resources/schemas/MOA-SPSS-config-1.4.5.xsd deleted file mode 100644 index 8da3a72b0..000000000 --- a/common/src/main/resources/resources/schemas/MOA-SPSS-config-1.4.5.xsd +++ /dev/null @@ -1,268 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?>
-<!--
- MOA SP/SS 1.4.5 Configuration Schema
--->
-<xs:schema targetNamespace="http://reference.e-government.gv.at/namespace/moaconfig/20021122#" elementFormDefault="qualified" attributeFormDefault="unqualified" xmlns:config="http://reference.e-government.gv.at/namespace/moaconfig/20021122#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:xs="http://www.w3.org/2001/XMLSchema">
- <xs:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/>
- <xs:element name="MOAConfiguration">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="Common" minOccurs="0">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="HardwareCryptoModule" minOccurs="0" maxOccurs="unbounded">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="Name" type="xs:string"/>
- <xs:element name="SlotId" type="xs:string" minOccurs="0"/>
- <xs:element name="UserPIN" type="xs:string"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="SignatureCreation" minOccurs="0">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="KeyModules">
- <xs:complexType>
- <xs:choice maxOccurs="unbounded">
- <xs:element name="HardwareKeyModule">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="Id" type="xs:token"/>
- <xs:element name="Name" type="xs:string"/>
- <xs:element name="SlotId" type="xs:string" minOccurs="0"/>
- <xs:element name="UserPIN" type="xs:string"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="SoftwareKeyModule">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="Id" type="xs:token"/>
- <xs:element name="FileName" type="xs:string"/>
- <xs:element name="Password" type="xs:string" minOccurs="0"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:choice>
- </xs:complexType>
- </xs:element>
- <xs:element name="KeyGroup" maxOccurs="unbounded">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="Id" type="xs:token"/>
- <xs:sequence maxOccurs="unbounded">
- <xs:element name="Key">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="KeyModuleId" type="xs:token"/>
- <xs:element name="KeyCertIssuerSerial" type="dsig:X509IssuerSerialType"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="KeyGroupMapping" maxOccurs="unbounded">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="CustomerId" type="dsig:X509IssuerSerialType" minOccurs="0"/>
- <xs:element name="KeyGroupId" type="xs:token" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="XMLDSig">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="CanonicalizationAlgorithm" type="xs:anyURI" minOccurs="0"/>
- <xs:element name="DigestMethodAlgorithm" type="xs:anyURI" minOccurs="0"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="CreateTransformsInfoProfile" type="config:ProfileType" minOccurs="0" maxOccurs="unbounded"/>
- <xs:element name="CreateSignatureEnvironmentProfile" type="config:ProfileType" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="SignatureVerification" minOccurs="0">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="CertificateValidation">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="PathConstruction">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="AutoAddCertificates" type="xs:boolean"/>
- <xs:element name="UseAuthorityInformationAccess" type="xs:boolean"/>
- <xs:element name="CertificateStore">
- <xs:complexType>
- <xs:choice>
- <xs:element name="DirectoryStore">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="Location" type="xs:token"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:choice>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="PathValidation">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="ChainingMode">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="DefaultMode" type="config:ChainingModeType"/>
- <xs:element name="TrustAnchor" minOccurs="0" maxOccurs="unbounded">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="Identification" type="dsig:X509IssuerSerialType"/>
- <xs:element name="Mode" type="config:ChainingModeType"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="TrustProfile" maxOccurs="unbounded">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="Id" type="xs:token"/>
- <xs:element name="TrustAnchorsLocation" type="xs:anyURI"/>
- <xs:element name="SignerCertsLocation" type="xs:anyURI" minOccurs="0"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="RevocationChecking">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="EnableChecking" type="xs:boolean"/>
- <xs:element name="MaxRevocationAge" type="xs:integer"/>
- <xs:element name="ServiceOrder" minOccurs="0">
- <xs:complexType>
- <xs:sequence minOccurs="1" maxOccurs="2">
- <xs:element name="Service">
- <xs:simpleType>
- <xs:restriction base="xs:token">
- <xs:enumeration value="OCSP"/>
- <xs:enumeration value="CRL"/>
- </xs:restriction>
- </xs:simpleType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="Archiving">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="EnableArchiving" type="xs:boolean"/>
- <xs:element name="ArchiveDuration" type="xs:nonNegativeInteger" minOccurs="0"/>
- <xs:element name="Archive" minOccurs="0">
- <xs:complexType>
- <xs:choice>
- <xs:element name="DatabaseArchive">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="JDBCURL" type="xs:anyURI"/>
- <xs:element name="JDBCDriverClassName" type="xs:token"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:choice>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="DistributionPoint" minOccurs="0" maxOccurs="unbounded">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="CAIssuerDN" type="xs:token"/>
- <xs:choice maxOccurs="unbounded">
- <xs:element name="CRLDP">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="Location" type="xs:anyURI"/>
- <xs:element name="ReasonCode" minOccurs="0" maxOccurs="unbounded">
- <xs:simpleType>
- <xs:restriction base="xs:token">
- <xs:enumeration value="unused"/>
- <xs:enumeration value="keyCompromise"/>
- <xs:enumeration value="cACompromise"/>
- <xs:enumeration value="affiliationChanged"/>
- <xs:enumeration value="superseded"/>
- <xs:enumeration value="cessationOfOperation"/>
- <xs:enumeration value="certificateHold"/>
- <xs:enumeration value="privilegeWithdrawn"/>
- <xs:enumeration value="aACompromise"/>
- </xs:restriction>
- </xs:simpleType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="OCSPDP">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="Location" type="xs:anyURI"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:choice>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="CrlRetentionIntervals" minOccurs="0">
- <xs:complexType>
- <xs:sequence maxOccurs="unbounded">
- <xs:element name="CA">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="X509IssuerName" type="xs:string"/>
- <xs:element name="Interval" type="xs:integer"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="VerifyTransformsInfoProfile" type="config:ProfileType" minOccurs="0" maxOccurs="unbounded"/>
- <xs:element name="SupplementProfile" type="config:ProfileType" minOccurs="0" maxOccurs="unbounded"/>
- <xs:element name="PermitFileURIs" type="xs:boolean" default="false" minOccurs="0"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:simpleType name="ChainingModeType">
- <xs:restriction base="xs:string">
- <xs:enumeration value="chaining"/>
- <xs:enumeration value="pkix"/>
- </xs:restriction>
- </xs:simpleType>
- <xs:complexType name="ProfileType">
- <xs:sequence>
- <xs:element name="Id" type="xs:token"/>
- <xs:element name="Location" type="xs:anyURI"/>
- </xs:sequence>
- </xs:complexType>
-</xs:schema>
diff --git a/common/src/main/resources/resources/schemas/MOA-SPSS-config-1.4.7.xsd b/common/src/main/resources/resources/schemas/MOA-SPSS-config-1.4.7.xsd deleted file mode 100644 index 4808f3cb7..000000000 --- a/common/src/main/resources/resources/schemas/MOA-SPSS-config-1.4.7.xsd +++ /dev/null @@ -1,268 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?>
-<!--
- MOA SP/SS 1.4.7 Configuration Schema
--->
-<xs:schema targetNamespace="http://reference.e-government.gv.at/namespace/moaconfig/20021122#" elementFormDefault="qualified" attributeFormDefault="unqualified" xmlns:config="http://reference.e-government.gv.at/namespace/moaconfig/20021122#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:xs="http://www.w3.org/2001/XMLSchema">
- <xs:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/>
- <xs:element name="MOAConfiguration">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="Common" minOccurs="0">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="HardwareCryptoModule" minOccurs="0" maxOccurs="unbounded">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="Name" type="xs:string"/>
- <xs:element name="SlotId" type="xs:string" minOccurs="0"/>
- <xs:element name="UserPIN" type="xs:string"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="SignatureCreation" minOccurs="0">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="KeyModules">
- <xs:complexType>
- <xs:choice maxOccurs="unbounded">
- <xs:element name="HardwareKeyModule">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="Id" type="xs:token"/>
- <xs:element name="Name" type="xs:string"/>
- <xs:element name="SlotId" type="xs:string" minOccurs="0"/>
- <xs:element name="UserPIN" type="xs:string"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="SoftwareKeyModule">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="Id" type="xs:token"/>
- <xs:element name="FileName" type="xs:string"/>
- <xs:element name="Password" type="xs:string" minOccurs="0"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:choice>
- </xs:complexType>
- </xs:element>
- <xs:element name="KeyGroup" maxOccurs="unbounded">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="Id" type="xs:token"/>
- <xs:sequence maxOccurs="unbounded">
- <xs:element name="Key">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="KeyModuleId" type="xs:token"/>
- <xs:element name="KeyCertIssuerSerial" type="dsig:X509IssuerSerialType"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="KeyGroupMapping" maxOccurs="unbounded">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="CustomerId" type="dsig:X509IssuerSerialType" minOccurs="0"/>
- <xs:element name="KeyGroupId" type="xs:token" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="XMLDSig">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="CanonicalizationAlgorithm" type="xs:anyURI" minOccurs="0"/>
- <xs:element name="DigestMethodAlgorithm" type="xs:anyURI" minOccurs="0"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="CreateTransformsInfoProfile" type="config:ProfileType" minOccurs="0" maxOccurs="unbounded"/>
- <xs:element name="CreateSignatureEnvironmentProfile" type="config:ProfileType" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="SignatureVerification" minOccurs="0">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="CertificateValidation">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="PathConstruction">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="AutoAddCertificates" type="xs:boolean"/>
- <xs:element name="UseAuthorityInformationAccess" type="xs:boolean"/>
- <xs:element name="CertificateStore">
- <xs:complexType>
- <xs:choice>
- <xs:element name="DirectoryStore">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="Location" type="xs:token"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:choice>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="PathValidation">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="ChainingMode">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="DefaultMode" type="config:ChainingModeType"/>
- <xs:element name="TrustAnchor" minOccurs="0" maxOccurs="unbounded">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="Identification" type="dsig:X509IssuerSerialType"/>
- <xs:element name="Mode" type="config:ChainingModeType"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="TrustProfile" maxOccurs="unbounded">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="Id" type="xs:token"/>
- <xs:element name="TrustAnchorsLocation" type="xs:anyURI"/>
- <xs:element name="SignerCertsLocation" type="xs:anyURI" minOccurs="0"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="RevocationChecking">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="EnableChecking" type="xs:boolean"/>
- <xs:element name="MaxRevocationAge" type="xs:integer"/>
- <xs:element name="ServiceOrder" minOccurs="0">
- <xs:complexType>
- <xs:sequence minOccurs="1" maxOccurs="2">
- <xs:element name="Service">
- <xs:simpleType>
- <xs:restriction base="xs:token">
- <xs:enumeration value="OCSP"/>
- <xs:enumeration value="CRL"/>
- </xs:restriction>
- </xs:simpleType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="Archiving">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="EnableArchiving" type="xs:boolean"/>
- <xs:element name="ArchiveDuration" type="xs:nonNegativeInteger" minOccurs="0"/>
- <xs:element name="Archive" minOccurs="0">
- <xs:complexType>
- <xs:choice>
- <xs:element name="DatabaseArchive">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="JDBCURL" type="xs:anyURI"/>
- <xs:element name="JDBCDriverClassName" type="xs:token"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:choice>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="DistributionPoint" minOccurs="0" maxOccurs="unbounded">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="CAIssuerDN" type="xs:token"/>
- <xs:choice maxOccurs="unbounded">
- <xs:element name="CRLDP">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="Location" type="xs:anyURI"/>
- <xs:element name="ReasonCode" minOccurs="0" maxOccurs="unbounded">
- <xs:simpleType>
- <xs:restriction base="xs:token">
- <xs:enumeration value="unused"/>
- <xs:enumeration value="keyCompromise"/>
- <xs:enumeration value="cACompromise"/>
- <xs:enumeration value="affiliationChanged"/>
- <xs:enumeration value="superseded"/>
- <xs:enumeration value="cessationOfOperation"/>
- <xs:enumeration value="certificateHold"/>
- <xs:enumeration value="privilegeWithdrawn"/>
- <xs:enumeration value="aACompromise"/>
- </xs:restriction>
- </xs:simpleType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="OCSPDP">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="Location" type="xs:anyURI"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:choice>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="CrlRetentionIntervals" minOccurs="0">
- <xs:complexType>
- <xs:sequence maxOccurs="unbounded">
- <xs:element name="CA">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="X509IssuerName" type="xs:string"/>
- <xs:element name="Interval" type="xs:integer"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="VerifyTransformsInfoProfile" type="config:ProfileType" minOccurs="0" maxOccurs="unbounded"/>
- <xs:element name="SupplementProfile" type="config:ProfileType" minOccurs="0" maxOccurs="unbounded"/>
- <xs:element name="PermitFileURIs" type="xs:boolean" default="false" minOccurs="0"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:simpleType name="ChainingModeType">
- <xs:restriction base="xs:string">
- <xs:enumeration value="chaining"/>
- <xs:enumeration value="pkix"/>
- </xs:restriction>
- </xs:simpleType>
- <xs:complexType name="ProfileType">
- <xs:sequence>
- <xs:element name="Id" type="xs:token"/>
- <xs:element name="Location" type="xs:anyURI"/>
- </xs:sequence>
- </xs:complexType>
-</xs:schema>
diff --git a/common/src/main/resources/resources/schemas/MOA-SPSS-config-1.5.1.xsd b/common/src/main/resources/resources/schemas/MOA-SPSS-config-1.5.1.xsd deleted file mode 100644 index 01cd7c426..000000000 --- a/common/src/main/resources/resources/schemas/MOA-SPSS-config-1.5.1.xsd +++ /dev/null @@ -1,282 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?>
-<!--
- MOA SP/SS 1.5.1 Configuration Schema
--->
-<xs:schema xmlns:config="http://reference.e-government.gv.at/namespace/moaconfig/20021122#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:xs="http://www.w3.org/2001/XMLSchema" targetNamespace="http://reference.e-government.gv.at/namespace/moaconfig/20021122#" elementFormDefault="qualified" attributeFormDefault="unqualified">
- <xs:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/>
- <xs:element name="MOAConfiguration">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="Common" minOccurs="0">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="HardwareCryptoModule" minOccurs="0" maxOccurs="unbounded">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="Name" type="xs:string"/>
- <xs:element name="SlotId" type="xs:string" minOccurs="0"/>
- <xs:element name="UserPIN" type="xs:string"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="PermitExternalUris" minOccurs="0">
- <xs:complexType>
- <xs:sequence minOccurs="0" maxOccurs="unbounded">
- <xs:element name="BlackListUri">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="IP" type="xs:string"/>
- <xs:element name="Port" type="xs:int" minOccurs="0"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="SignatureCreation" minOccurs="0">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="KeyModules">
- <xs:complexType>
- <xs:choice maxOccurs="unbounded">
- <xs:element name="HardwareKeyModule">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="Id" type="xs:token"/>
- <xs:element name="Name" type="xs:string"/>
- <xs:element name="SlotId" type="xs:string" minOccurs="0"/>
- <xs:element name="UserPIN" type="xs:string"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="SoftwareKeyModule">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="Id" type="xs:token"/>
- <xs:element name="FileName" type="xs:string"/>
- <xs:element name="Password" type="xs:string" minOccurs="0"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:choice>
- </xs:complexType>
- </xs:element>
- <xs:element name="KeyGroup" maxOccurs="unbounded">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="Id" type="xs:token"/>
- <xs:sequence maxOccurs="unbounded">
- <xs:element name="Key">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="KeyModuleId" type="xs:token"/>
- <xs:element name="KeyCertIssuerSerial" type="dsig:X509IssuerSerialType"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="KeyGroupMapping" maxOccurs="unbounded">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="CustomerId" type="dsig:X509IssuerSerialType" minOccurs="0"/>
- <xs:element name="KeyGroupId" type="xs:token" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="XMLDSig">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="CanonicalizationAlgorithm" type="xs:anyURI" minOccurs="0"/>
- <xs:element name="DigestMethodAlgorithm" type="xs:anyURI" minOccurs="0"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="CreateTransformsInfoProfile" type="config:ProfileType" minOccurs="0" maxOccurs="unbounded"/>
- <xs:element name="CreateSignatureEnvironmentProfile" type="config:ProfileType" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="SignatureVerification" minOccurs="0">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="CertificateValidation">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="PathConstruction">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="AutoAddCertificates" type="xs:boolean"/>
- <xs:element name="UseAuthorityInformationAccess" type="xs:boolean"/>
- <xs:element name="CertificateStore">
- <xs:complexType>
- <xs:choice>
- <xs:element name="DirectoryStore">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="Location" type="xs:token"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:choice>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="PathValidation">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="ChainingMode">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="DefaultMode" type="config:ChainingModeType"/>
- <xs:element name="TrustAnchor" minOccurs="0" maxOccurs="unbounded">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="Identification" type="dsig:X509IssuerSerialType"/>
- <xs:element name="Mode" type="config:ChainingModeType"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="TrustProfile" maxOccurs="unbounded">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="Id" type="xs:token"/>
- <xs:element name="TrustAnchorsLocation" type="xs:anyURI"/>
- <xs:element name="SignerCertsLocation" type="xs:anyURI" minOccurs="0"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="RevocationChecking">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="EnableChecking" type="xs:boolean"/>
- <xs:element name="MaxRevocationAge" type="xs:integer"/>
- <xs:element name="ServiceOrder" minOccurs="0">
- <xs:complexType>
- <xs:sequence maxOccurs="2">
- <xs:element name="Service">
- <xs:simpleType>
- <xs:restriction base="xs:token">
- <xs:enumeration value="OCSP"/>
- <xs:enumeration value="CRL"/>
- </xs:restriction>
- </xs:simpleType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="Archiving">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="EnableArchiving" type="xs:boolean"/>
- <xs:element name="ArchiveDuration" type="xs:nonNegativeInteger" minOccurs="0"/>
- <xs:element name="Archive" minOccurs="0">
- <xs:complexType>
- <xs:choice>
- <xs:element name="DatabaseArchive">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="JDBCURL" type="xs:anyURI"/>
- <xs:element name="JDBCDriverClassName" type="xs:token"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:choice>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="DistributionPoint" minOccurs="0" maxOccurs="unbounded">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="CAIssuerDN" type="xs:token"/>
- <xs:choice maxOccurs="unbounded">
- <xs:element name="CRLDP">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="Location" type="xs:anyURI"/>
- <xs:element name="ReasonCode" minOccurs="0" maxOccurs="unbounded">
- <xs:simpleType>
- <xs:restriction base="xs:token">
- <xs:enumeration value="unused"/>
- <xs:enumeration value="keyCompromise"/>
- <xs:enumeration value="cACompromise"/>
- <xs:enumeration value="affiliationChanged"/>
- <xs:enumeration value="superseded"/>
- <xs:enumeration value="cessationOfOperation"/>
- <xs:enumeration value="certificateHold"/>
- <xs:enumeration value="privilegeWithdrawn"/>
- <xs:enumeration value="aACompromise"/>
- </xs:restriction>
- </xs:simpleType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="OCSPDP">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="Location" type="xs:anyURI"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:choice>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="CrlRetentionIntervals" minOccurs="0">
- <xs:complexType>
- <xs:sequence maxOccurs="unbounded">
- <xs:element name="CA">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="X509IssuerName" type="xs:string"/>
- <xs:element name="Interval" type="xs:integer"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="VerifyTransformsInfoProfile" type="config:ProfileType" minOccurs="0" maxOccurs="unbounded"/>
- <xs:element name="SupplementProfile" type="config:ProfileType" minOccurs="0" maxOccurs="unbounded"/>
- <xs:element name="PermitFileURIs" type="xs:boolean" default="false" minOccurs="0"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:simpleType name="ChainingModeType">
- <xs:restriction base="xs:string">
- <xs:enumeration value="chaining"/>
- <xs:enumeration value="pkix"/>
- </xs:restriction>
- </xs:simpleType>
- <xs:complexType name="ProfileType">
- <xs:sequence>
- <xs:element name="Id" type="xs:token"/>
- <xs:element name="Location" type="xs:anyURI"/>
- </xs:sequence>
- </xs:complexType>
-</xs:schema>
diff --git a/common/src/main/resources/resources/schemas/MOA-SPSS-config-2.0.0.xsd b/common/src/main/resources/resources/schemas/MOA-SPSS-config-2.0.0.xsd deleted file mode 100644 index 91d281171..000000000 --- a/common/src/main/resources/resources/schemas/MOA-SPSS-config-2.0.0.xsd +++ /dev/null @@ -1,353 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?>
-<!--
- MOA SP/SS 1.5.1 Configuration Schema
--->
-<xs:schema xmlns:config="http://reference.e-government.gv.at/namespace/moaconfig/20021122#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:xs="http://www.w3.org/2001/XMLSchema" targetNamespace="http://reference.e-government.gv.at/namespace/moaconfig/20021122#" elementFormDefault="qualified" attributeFormDefault="unqualified">
- <xs:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/>
- <xs:element name="MOAConfiguration">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="Common" minOccurs="0">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="HardwareCryptoModule" minOccurs="0" maxOccurs="unbounded">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="Name" type="xs:string"/>
- <xs:element name="SlotId" type="xs:string" minOccurs="0"/>
- <xs:element name="UserPIN" type="xs:string"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:choice>
- <xs:element name="PermitExternalUris" minOccurs="0">
- <xs:complexType>
- <xs:sequence minOccurs="0">
- <xs:element name="BlackListUri" minOccurs="0" maxOccurs="unbounded">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="IP" type="xs:string"/>
- <xs:element name="Port" type="xs:int" minOccurs="0"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="ForbidExternalUris" minOccurs="0">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="WhiteListUri" minOccurs="0" maxOccurs="unbounded">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="IP" type="xs:string"/>
- <xs:element name="Port" type="xs:int" minOccurs="0"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:choice>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="SignatureCreation" minOccurs="0">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="KeyModules">
- <xs:complexType>
- <xs:choice maxOccurs="unbounded">
- <xs:element name="HardwareKeyModule">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="Id" type="xs:token"/>
- <xs:element name="Name" type="xs:string"/>
- <xs:element name="SlotId" type="xs:string" minOccurs="0"/>
- <xs:element name="UserPIN" type="xs:string"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="SoftwareKeyModule">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="Id" type="xs:token"/>
- <xs:element name="FileName" type="xs:string"/>
- <xs:element name="Password" type="xs:string" minOccurs="0"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:choice>
- </xs:complexType>
- </xs:element>
- <xs:element name="KeyGroup" maxOccurs="unbounded">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="Id" type="xs:token"/>
- <xs:sequence maxOccurs="unbounded">
- <xs:element name="Key">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="KeyModuleId" type="xs:token"/>
- <xs:element name="KeyCertIssuerSerial" type="dsig:X509IssuerSerialType"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- <xs:element name="DigestMethodAlgorithm" minOccurs="0"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="KeyGroupMapping" maxOccurs="unbounded">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="CustomerId" type="dsig:X509IssuerSerialType" minOccurs="0"/>
- <xs:element name="KeyGroupId" type="xs:token" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="XMLDSig">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="CanonicalizationAlgorithm" type="xs:anyURI" minOccurs="0"/>
- <xs:element name="DigestMethodAlgorithm" type="xs:anyURI" minOccurs="0"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="CreateTransformsInfoProfile" type="config:ProfileType" minOccurs="0" maxOccurs="unbounded"/>
- <xs:element name="CreateSignatureEnvironmentProfile" type="config:ProfileType" minOccurs="0" maxOccurs="unbounded"/>
- <xs:element name="XAdES" minOccurs="0">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="Version">
- <xs:simpleType>
- <xs:restriction base="xs:token">
- <xs:enumeration value="1.4.2"/>
- </xs:restriction>
- </xs:simpleType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="SignatureVerification" minOccurs="0">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="CertificateValidation">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="PathConstruction">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="AutoAddCertificates" type="xs:boolean"/>
- <xs:element name="UseAuthorityInformationAccess" type="xs:boolean"/>
- <xs:element name="CertificateStore">
- <xs:complexType>
- <xs:choice>
- <xs:element name="DirectoryStore">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="Location" type="xs:token"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:choice>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="PathValidation">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="ChainingMode">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="DefaultMode" type="config:ChainingModeType"/>
- <xs:element name="TrustAnchor" minOccurs="0" maxOccurs="unbounded">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="Identification" type="dsig:X509IssuerSerialType"/>
- <xs:element name="Mode" type="config:ChainingModeType"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="TrustProfile" minOccurs="0" maxOccurs="unbounded">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="Id" type="xs:token"/>
- <xs:element name="TrustAnchorsLocation" type="xs:anyURI"/>
- <xs:element name="SignerCertsLocation" type="xs:anyURI" minOccurs="0"/>
- <xs:element name="EUTSL" minOccurs="0">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="CountrySelection" type="xs:string" minOccurs="0"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <!--
- <xs:element name="TSLTrustProfile">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="Id" type="xs:token"/>
- <xs:element name="TrustAnchorsLocation" type="xs:anyURI"/>
- <xs:element name="SignerCertsLocation" type="xs:anyURI" minOccurs="0"/>
- <xs:element name="EUTSL" minOccurs="0">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="CountrySelection" minOccurs="0"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- -->
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="RevocationChecking">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="EnableChecking" type="xs:boolean"/>
- <xs:element name="MaxRevocationAge" type="xs:integer"/>
- <xs:element name="ServiceOrder" minOccurs="0">
- <xs:complexType>
- <xs:sequence maxOccurs="2">
- <xs:element name="Service">
- <xs:simpleType>
- <xs:restriction base="xs:token">
- <xs:enumeration value="OCSP"/>
- <xs:enumeration value="CRL"/>
- </xs:restriction>
- </xs:simpleType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="Archiving">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="EnableArchiving" type="xs:boolean"/>
- <xs:element name="ArchiveDuration" type="xs:nonNegativeInteger" minOccurs="0"/>
- <xs:element name="Archive" minOccurs="0">
- <xs:complexType>
- <xs:choice>
- <xs:element name="DatabaseArchive">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="JDBCURL" type="xs:anyURI"/>
- <xs:element name="JDBCDriverClassName" type="xs:token"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:choice>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="DistributionPoint" minOccurs="0" maxOccurs="unbounded">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="CAIssuerDN" type="xs:token"/>
- <xs:choice maxOccurs="unbounded">
- <xs:element name="CRLDP">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="Location" type="xs:anyURI"/>
- <xs:element name="ReasonCode" minOccurs="0" maxOccurs="unbounded">
- <xs:simpleType>
- <xs:restriction base="xs:token">
- <xs:enumeration value="unused"/>
- <xs:enumeration value="keyCompromise"/>
- <xs:enumeration value="cACompromise"/>
- <xs:enumeration value="affiliationChanged"/>
- <xs:enumeration value="superseded"/>
- <xs:enumeration value="cessationOfOperation"/>
- <xs:enumeration value="certificateHold"/>
- <xs:enumeration value="privilegeWithdrawn"/>
- <xs:enumeration value="aACompromise"/>
- </xs:restriction>
- </xs:simpleType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="OCSPDP">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="Location" type="xs:anyURI"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:choice>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="CrlRetentionIntervals" minOccurs="0">
- <xs:complexType>
- <xs:sequence maxOccurs="unbounded">
- <xs:element name="CA">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="X509IssuerName" type="xs:string"/>
- <xs:element name="Interval" type="xs:integer"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="TSLConfiguration" minOccurs="0">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="EUTSLUrl" type="xs:anyURI" minOccurs="0"/>
- <xs:element name="UpdateSchedule" minOccurs="0">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="StartTime" type="xs:time"/>
- <xs:element name="Period" type="xs:unsignedLong"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="WorkingDirectory" type="xs:anyURI" minOccurs="0"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="VerifyTransformsInfoProfile" type="config:ProfileType" minOccurs="0" maxOccurs="unbounded"/>
- <xs:element name="SupplementProfile" type="config:ProfileType" minOccurs="0" maxOccurs="unbounded"/>
- <xs:element name="PermitFileURIs" type="xs:boolean" default="false" minOccurs="0"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:simpleType name="ChainingModeType">
- <xs:restriction base="xs:string">
- <xs:enumeration value="chaining"/>
- <xs:enumeration value="pkix"/>
- </xs:restriction>
- </xs:simpleType>
- <xs:complexType name="ProfileType">
- <xs:sequence>
- <xs:element name="Id" type="xs:token"/>
- <xs:element name="Location" type="xs:anyURI"/>
- </xs:sequence>
- </xs:complexType>
-</xs:schema>
diff --git a/common/src/main/resources/resources/schemas/MOAIdentities.xsd b/common/src/main/resources/resources/schemas/MOAIdentities.xsd deleted file mode 100644 index de9d9d4e4..000000000 --- a/common/src/main/resources/resources/schemas/MOAIdentities.xsd +++ /dev/null @@ -1,51 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?>
-<!-- edited with XMLSPY v5 rel. 4 U (http://www.xmlspy.com) by Rudolf Schamberger (Stabsstelle IKT-Strategie) (Bundesrechenzentrum GmbH) -->
-<xs:schema targetNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#/xmllpr20030814" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:tns="http://reference.e-government.gv.at/namespace/moa/20020822#/xmllpr20030814" elementFormDefault="qualified" attributeFormDefault="unqualified">
- <xs:element name="MOAIdentities">
- <xs:annotation>
- <xs:documentation>MOAIdentities provides a mapping from identities to parameters used in the XMLLoginParameterResolver of MOA-ID</xs:documentation>
- </xs:annotation>
- <xs:complexType>
- <xs:sequence maxOccurs="unbounded">
- <xs:element name="Mapping">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="Identity">
- <xs:complexType>
- <xs:choice>
- <xs:element name="NamedIdentity" type="tns:NamedIdentityType"/>
- <xs:element name="bPKIdentity" type="tns:bPKIdentitiyType"/>
- </xs:choice>
- </xs:complexType>
- </xs:element>
- <xs:element name="Parameters" type="tns:ParametersType"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:complexType name="bPKIdentitiyType">
- <xs:simpleContent>
- <xs:extension base="xs:boolean">
- <xs:attribute name="bPK" type="xs:string" use="required"/>
- </xs:extension>
- </xs:simpleContent>
- </xs:complexType>
- <xs:complexType name="NamedIdentityType">
- <xs:simpleContent>
- <xs:extension base="xs:boolean">
- <xs:attribute name="SurName" type="xs:string" use="required"/>
- <xs:attribute name="GivenName" type="xs:string" use="required"/>
- <xs:attribute name="BirthDate" type="xs:string" use="optional"/>
- </xs:extension>
- </xs:simpleContent>
- </xs:complexType>
- <xs:complexType name="ParametersType">
- <xs:attribute name="UN" type="xs:string" use="optional"/>
- <xs:attribute name="PW" type="xs:string" use="optional"/>
- <xs:attribute name="Param1" type="xs:string" use="optional"/>
- <xs:attribute name="Param2" type="xs:string" use="optional"/>
- <xs:attribute name="Param3" type="xs:string" use="optional"/>
- </xs:complexType>
-</xs:schema>
diff --git a/common/src/main/resources/resources/schemas/PersonData.xsd b/common/src/main/resources/resources/schemas/PersonData.xsd deleted file mode 100644 index 0e3bc6b3b..000000000 --- a/common/src/main/resources/resources/schemas/PersonData.xsd +++ /dev/null @@ -1,426 +0,0 @@ -<?xml version="1.0" encoding="ISO-8859-1"?> -<!-- edited with XML Spy v4.1 U (http://www.xmlspy.com) by Peter Reichstädter (CIO) --> -<!--Generisches Schema zum Speichern und Austauschen von Personendaten - (c) 2001-2002 Chief Information Office Austria, Stabsstelle IKT-Strategie des Bundes, BMÖLS - Kontakt: Peter Reichstädter (peter.reichstaedter@cio.gv.at), Arno Hollosi (arno.hollosi@cio.gv.at) - Die freie Verwendung dieses Schemas in Applikationen (behördenintern, kommerziell, privat) ist erlaubt und erwünscht. ---> -<xs:schema targetNamespace="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.0.0"> - <xs:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="W3C-XMLDSig.xsd"/> - <!-- ### include definitions from hr-xml schemas ###--> - <xs:include schemaLocation="PersonName-1_2.xsd"/> - <xs:include schemaLocation="PostalAddress-1_2.xsd"/> - <xs:include schemaLocation="TelcomNumber-1_0.xsd"/> - <!-- ### type definition of Unique Identifier Entities ### --> - <xs:complexType name="IdentificationType"> - <xs:annotation> - <xs:documentation>unique identifier</xs:documentation> - </xs:annotation> - <xs:sequence> - <xs:element name="Value"> - <xs:annotation> - <xs:documentation>actual value of the identifier.</xs:documentation> - </xs:annotation> - <xs:complexType> - <xs:simpleContent> - <xs:extension base="xs:string"> - <xs:attribute name="Id" type="xs:ID" use="optional"/> - </xs:extension> - </xs:simpleContent> - </xs:complexType> - </xs:element> - <xs:element name="Type" type="xs:anyURI"> - <xs:annotation> - <xs:documentation>type of value (eg 'ZMR', 'SV-Nummer', 'Martrikelnummer', database identification, ...)</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="Authority" type="xs:anyURI" minOccurs="0"> - <xs:annotation> - <xs:documentation>authority, which is reponsible for generation of the identifier (eg university in case of 'MatrikelNummer')</xs:documentation> - </xs:annotation> - </xs:element> - <xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"> - <xs:annotation> - <xs:documentation>any additional properties</xs:documentation> - </xs:annotation> - </xs:any> - </xs:sequence> - <xs:attribute name="Id" type="xs:ID" use="optional"/> - <xs:anyAttribute namespace="##other"/> - </xs:complexType> - <!-- ### base type for person data ### --> - <xs:element name="Person" type="AbstractPersonType"> - <xs:annotation> - <xs:documentation>element of person type</xs:documentation> - </xs:annotation> - </xs:element> - <xs:complexType name="AbstractPersonType" abstract="true"> - <xs:annotation> - <xs:documentation>main structure of person data</xs:documentation> - </xs:annotation> - <xs:sequence minOccurs="0"> - <xs:element name="Identification" type="IdentificationType" maxOccurs="unbounded"> - <xs:annotation> - <xs:documentation>unique identification entities</xs:documentation> - </xs:annotation> - </xs:element> - </xs:sequence> - <xs:attribute name="Id" type="xs:ID" use="optional"/> - <xs:anyAttribute namespace="##other"/> - </xs:complexType> - <!-- ### physical person and corporate body ### --> - <xs:element name="PhysicalPerson" type="PhysicalPersonType"> - <xs:annotation> - <xs:documentation>element of physical person type</xs:documentation> - </xs:annotation> - </xs:element> - <xs:complexType name="PhysicalPersonType"> - <xs:annotation> - <xs:documentation>physical person</xs:documentation> - </xs:annotation> - <xs:complexContent> - <xs:extension base="AbstractPersonType"> - <xs:sequence minOccurs="0"> - <xs:element name="Name" type="PersonNameType" minOccurs="0"> - <xs:annotation> - <xs:documentation>data related to the person's name</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="AlternativeName" minOccurs="0" maxOccurs="unbounded"> - <xs:annotation> - <xs:documentation>Former name, Artist name, changes of Given name ...</xs:documentation> - </xs:annotation> - <xs:complexType> - <xs:complexContent> - <xs:extension base="PersonNameType"> - <xs:attribute name="Type" type="AlternativeNameTypeType"/> - </xs:extension> - </xs:complexContent> - </xs:complexType> - </xs:element> - <xs:element name="MaritalStatus" type="MaritalStatusType" minOccurs="0"> - <xs:annotation> - <xs:documentation>status of a person in the cycle of life</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="Sex" type="SexType" minOccurs="0"> - <xs:annotation> - <xs:documentation>gender</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="DateOfBirth" type="DateOfBirthType" minOccurs="0"> - <xs:annotation> - <xs:documentation>date of birth</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="PlaceOfBirth" type="xs:token" minOccurs="0"> - <xs:annotation> - <xs:documentation>place of birth</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="CountryOfBirth" type="xs:token" minOccurs="0"> - <xs:annotation> - <xs:documentation>country of birth</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="Nationality" type="xs:token" minOccurs="0" maxOccurs="unbounded"> - <xs:annotation> - <xs:documentation>nationality of Person (Staatsbürgerschaft)</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="Confession" type="xs:token" minOccurs="0"> - <xs:annotation> - <xs:documentation>confession (religion) of Person</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="relatedPerson" minOccurs="0" maxOccurs="unbounded"> - <xs:annotation> - <xs:documentation>relatives (parents, ...)</xs:documentation> - </xs:annotation> - <xs:complexType> - <xs:sequence> - <xs:element name="TypeOfRelation" type="RelationType" maxOccurs="unbounded"> - <xs:annotation> - <xs:documentation>type of the relationship</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element ref="Person"/> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"> - <xs:annotation> - <xs:documentation>any additional properties</xs:documentation> - </xs:annotation> - </xs:any> - </xs:sequence> - </xs:extension> - </xs:complexContent> - </xs:complexType> - <xs:element name="CorporateBody" type="CorporateBodyType"> - <xs:annotation> - <xs:documentation>element of corporate body type</xs:documentation> - </xs:annotation> - </xs:element> - <xs:complexType name="CorporateBodyType"> - <xs:annotation> - <xs:documentation>juridical person, organisation</xs:documentation> - </xs:annotation> - <xs:complexContent> - <xs:extension base="AbstractPersonType"> - <xs:sequence minOccurs="0"> - <xs:element name="Type" type="xs:anyURI" minOccurs="0" maxOccurs="unbounded"> - <xs:annotation> - <xs:documentation>category (eg organisation, function, sector, ...)</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="FullName" type="xs:token" minOccurs="0"> - <xs:annotation> - <xs:documentation>name of corporate body (whole name)</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="AlternativeName" type="xs:token" minOccurs="0" maxOccurs="unbounded"> - <xs:annotation> - <xs:documentation>alternative names of corporate body (abbreviations, short name, synonyms, ...)</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="LegalForm" type="xs:anyURI" minOccurs="0"> - <xs:annotation> - <xs:documentation>type of company (eg AG, OHG, ...)</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="Organisation" type="xs:token" minOccurs="0"> - <xs:annotation> - <xs:documentation>part of an organisation, see also X.500 ou (eg departement, section, branch, ...) </xs:documentation> - </xs:annotation> - </xs:element> - <xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"> - <xs:annotation> - <xs:documentation>any additional properties</xs:documentation> - </xs:annotation> - </xs:any> - </xs:sequence> - </xs:extension> - </xs:complexContent> - </xs:complexType> - <!-- ### signed structure of a person ### --> - <xs:element name="PersonData" type="PersonDataType"> - <xs:annotation> - <xs:documentation>element of signed person datastructure type</xs:documentation> - </xs:annotation> - </xs:element> - <xs:complexType name="PersonDataType"> - <xs:annotation> - <xs:documentation>signed person datastructure. The first Identification elements (from the base type) denote the record as such (e.g. database key for this record) - not to be mistaken for identifiers of the person or of an address (they have their own Identification elements).</xs:documentation> - </xs:annotation> - <xs:complexContent> - <xs:extension base="AbstractPersonType"> - <xs:sequence> - <xs:element ref="Person"/> - <xs:element ref="Address" minOccurs="0" maxOccurs="unbounded"/> - <xs:element ref="dsig:Signature" minOccurs="0" maxOccurs="unbounded"> - <xs:annotation> - <xs:documentation>one or more electronic signatures applied on fields above</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="AdditionalData" minOccurs="0"> - <xs:complexType mixed="true"> - <xs:sequence minOccurs="0" maxOccurs="unbounded"> - <xs:any namespace="##any" processContents="lax"> - <xs:annotation> - <xs:documentation>any additional properties</xs:documentation> - </xs:annotation> - </xs:any> - </xs:sequence> - </xs:complexType> - </xs:element> - </xs:sequence> - </xs:extension> - </xs:complexContent> - </xs:complexType> - <!-- ### auxiliary types ### --> - <xs:simpleType name="SexType"> - <xs:annotation> - <xs:documentation>simple type for sex (gender) of person</xs:documentation> - </xs:annotation> - <xs:restriction base="xs:token"> - <xs:enumeration value="male"/> - <xs:enumeration value="female"/> - <xs:enumeration value="unknown"/> - </xs:restriction> - </xs:simpleType> - <xs:simpleType name="DateOfBirthType"> - <xs:annotation> - <xs:documentation>simple type for dates (union), which may omit day and/or month</xs:documentation> - </xs:annotation> - <xs:union memberTypes="xs:date xs:gYearMonth xs:gYear"/> - </xs:simpleType> - <xs:simpleType name="MaritalStatusType"> - <xs:annotation> - <xs:documentation>simple type for marital status of a person</xs:documentation> - </xs:annotation> - <xs:restriction base="xs:token"> - <xs:enumeration value="single"/> - <xs:enumeration value="married"/> - <xs:enumeration value="divorced"/> - <xs:enumeration value="widowed"/> - </xs:restriction> - </xs:simpleType> - <xs:simpleType name="xStringPatternExtensionType"> - <xs:annotation> - <xs:documentation>pattern type for enlargement of type definitions</xs:documentation> - </xs:annotation> - <xs:restriction base="xs:string"> - <xs:pattern value="x:\S.*"/> - </xs:restriction> - </xs:simpleType> - <xs:simpleType name="DefinedRelationType"> - <xs:annotation> - <xs:documentation>known relations (family + functional)</xs:documentation> - </xs:annotation> - <xs:restriction base="xs:string"> - <xs:enumeration value="family:Parent"/> - <xs:enumeration value="family:Child"/> - <xs:enumeration value="family:Sibling"/> - <xs:enumeration value="family:Grandparent"/> - <xs:enumeration value="family:Grandchild"/> - <xs:enumeration value="family:Spouse"/> - <xs:enumeration value="function:LegalGuardian"/> - <xs:enumeration value="function:IsGuardedBy"/> - <xs:enumeration value="function:Cohabitant"/> - </xs:restriction> - </xs:simpleType> - <xs:simpleType name="RelationType"> - <xs:annotation> - <xs:documentation>known + any other relation</xs:documentation> - </xs:annotation> - <xs:union memberTypes="xStringPatternExtensionType DefinedRelationType"/> - </xs:simpleType> - <xs:simpleType name="DefinedAlternativeNameTypeType"> - <xs:annotation> - <xs:documentation>known types of alternative names</xs:documentation> - </xs:annotation> - <xs:restriction base="xs:string"> - <xs:enumeration value="ArtistName"/> - <xs:enumeration value="NickName"/> - <xs:enumeration value="FormerName"/> - <xs:enumeration value="Alias"/> - <xs:enumeration value="MaidenName"/> - </xs:restriction> - </xs:simpleType> - <xs:simpleType name="AlternativeNameTypeType"> - <xs:annotation> - <xs:documentation>known + any other alternative name types</xs:documentation> - </xs:annotation> - <xs:union memberTypes="xStringPatternExtensionType DefinedAlternativeNameTypeType"/> - </xs:simpleType> - <!-- ### adress data for various types of communications ### --> - <xs:element name="Address" type="AbstractAddressType"> - <xs:annotation> - <xs:documentation>element of address type</xs:documentation> - </xs:annotation> - </xs:element> - <xs:complexType name="AbstractAddressType" abstract="true"> - <xs:annotation> - <xs:documentation>main structure of address data</xs:documentation> - </xs:annotation> - <xs:sequence minOccurs="0"> - <xs:element name="Identification" type="IdentificationType" maxOccurs="unbounded"> - <xs:annotation> - <xs:documentation>unique identification entities</xs:documentation> - </xs:annotation> - </xs:element> - </xs:sequence> - <xs:attribute name="Id" type="xs:ID" use="optional"/> - <xs:anyAttribute namespace="##other"/> - </xs:complexType> - <xs:element name="TypedPostalAddress" type="TypedPostalAddressType"> - <xs:annotation> - <xs:documentation>element of postal address type</xs:documentation> - </xs:annotation> - </xs:element> - <xs:complexType name="TypedPostalAddressType"> - <xs:annotation> - <xs:documentation>postal address</xs:documentation> - </xs:annotation> - <xs:complexContent> - <xs:extension base="AbstractAddressType"> - <xs:sequence minOccurs="0"> - <xs:element name="Type" type="xs:anyURI" minOccurs="0"> - <xs:annotation> - <xs:documentation>type of address - category (eg 'Wohnsitz', 'Zentrale', ...)</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element ref="PostalAddress"/> - <xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"> - <xs:annotation> - <xs:documentation>any additional properties</xs:documentation> - </xs:annotation> - </xs:any> - </xs:sequence> - </xs:extension> - </xs:complexContent> - </xs:complexType> - <xs:element name="TelephoneAddress" type="TelephoneAddressType"> - <xs:annotation> - <xs:documentation>element of telephone address type</xs:documentation> - </xs:annotation> - </xs:element> - <xs:complexType name="TelephoneAddressType"> - <xs:annotation> - <xs:documentation>phone numbers</xs:documentation> - </xs:annotation> - <xs:complexContent> - <xs:extension base="AbstractAddressType"> - <xs:sequence minOccurs="0"> - <xs:element name="Type" type="xs:anyURI" minOccurs="0" maxOccurs="unbounded"> - <xs:annotation> - <xs:documentation>type of phononumber - category (eg 'Festnetz', 'Mobile', 'fax', ...)</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="Number" type="TelcomNumberType"> - <xs:annotation> - <xs:documentation>phonenumber</xs:documentation> - </xs:annotation> - </xs:element> - <xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"> - <xs:annotation> - <xs:documentation>any additional properties</xs:documentation> - </xs:annotation> - </xs:any> - </xs:sequence> - </xs:extension> - </xs:complexContent> - </xs:complexType> - <xs:element name="InternetAddress" type="InternetAddressType"> - <xs:annotation> - <xs:documentation>element of internet address type</xs:documentation> - </xs:annotation> - </xs:element> - <xs:complexType name="InternetAddressType"> - <xs:annotation> - <xs:documentation>internet based communication</xs:documentation> - </xs:annotation> - <xs:complexContent> - <xs:extension base="AbstractAddressType"> - <xs:sequence minOccurs="0"> - <xs:element ref="dsig:KeyInfo" minOccurs="0"> - <xs:annotation> - <xs:documentation>certificate for secure communication</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="Address" type="xs:anyURI"> - <xs:annotation> - <xs:documentation>email-Address, Web, FTP, LDAP, ...</xs:documentation> - </xs:annotation> - </xs:element> - <xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"> - <xs:annotation> - <xs:documentation>any additional properties</xs:documentation> - </xs:annotation> - </xs:any> - </xs:sequence> - </xs:extension> - </xs:complexContent> - </xs:complexType> -</xs:schema> diff --git a/common/src/main/resources/resources/schemas/PersonData_20_en_moaWID.xsd b/common/src/main/resources/resources/schemas/PersonData_20_en_moaWID.xsd deleted file mode 100644 index cf8f796db..000000000 --- a/common/src/main/resources/resources/schemas/PersonData_20_en_moaWID.xsd +++ /dev/null @@ -1,1229 +0,0 @@ -<?xml version="1.0" encoding="ISO-8859-1"?>
-<!-- edited with XMLSPY v2004 rel. 3 U (http://www.xmlspy.com) by Larissa Naber (Bundeskanzleramt) -->
-<!-- edited with XML Spy v4.1 U (http://www.xmlspy.com) by Peter Reichstädter (CIO) -->
-<!--Generisches Schema zum Speichern und Austauschen von Personendaten
- (c) 2001-2002 Chief Information Office Austria, Stabsstelle IKT-Strategie des Bundes, BMÖLS
- Kontakt: Peter Reichstädter (peter.reichstaedter@cio.gv.at), Arno Hollosi (arno.hollosi@cio.gv.at)
- Die freie Verwendung dieses Schemas in Applikationen (behördenintern, kommerziell, privat) ist erlaubt und erwünscht.
--->
-<?xml-stylesheet type="text/xsl" href="getelementnames.xslt"?>
-<xs:schema targetNamespace="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.0.0">
- <xs:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd"/>
- <xs:annotation>
- <xs:documentation>This version of person deploys only global elements. All types derived from abstract types have been replaced by substitution groups</xs:documentation>
- </xs:annotation>
- <!-- ### signed structure of a person ### -->
- <xs:element name="AbstractPersonData" type="AbstractPersonType">
- <xs:annotation>
- <xs:documentation>dummy abstract Peson Data element needed for bi-lingual schema (substitution groups)</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="PersonData" type="PersonDataType" substitutionGroup="AbstractPersonData">
- <xs:annotation>
- <xs:documentation>element of signed person datastructure type</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="CompactPersonData">
- <xs:annotation>
- <xs:documentation>element of signed person datastructure type</xs:documentation>
- </xs:annotation>
- <xs:complexType>
- <xs:sequence>
- <xs:choice>
- <xs:element ref="CompactPhysicalPerson"/>
- <xs:element ref="CompactCorporateBody"/>
- </xs:choice>
- <xs:choice minOccurs="0" maxOccurs="unbounded">
- <xs:element ref="InternetAddress"/>
- <xs:element ref="TelephoneAddress"/>
- <xs:element ref="CompactPostalAddress"/>
- </xs:choice>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <!-- ### base type for person data ### -->
- <xs:element name="Person" type="AbstractPersonType">
- <xs:annotation>
- <xs:documentation>element of person type, essential abstract, subsitute PhysicalPerson or CorporateBody instead or use with xsi:type="..."</xs:documentation>
- </xs:annotation>
- </xs:element>
- <!-- ### physical person and corporate body ### -->
- <xs:element name="PhysicalPerson" type="PhysicalPersonType" substitutionGroup="Person">
- <xs:annotation>
- <xs:documentation>element of physical person type, dreived from Person (abstract)</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="CompactPhysicalPerson" type="CompactPhysicalPersonType" substitutionGroup="Person">
- <xs:annotation>
- <xs:documentation>element of physical person type, dreived from Person (abstract)</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="CorporateBody" type="CorporateBodyType" substitutionGroup="Person">
- <xs:annotation>
- <xs:documentation>element of corporate body type, derived from Person</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="CompactCorporateBody" type="CompactCorporateBodyType" substitutionGroup="Person">
- <xs:annotation>
- <xs:documentation>element of corporate body type, derived from Person</xs:documentation>
- </xs:annotation>
- </xs:element>
- <!--### complex child elements of person, also available as standalone ###-->
- <xs:element name="Name" type="PersonNameType">
- <xs:annotation>
- <xs:documentation>data related to the person's name</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="CompactName" type="CompactPersonNameType">
- <xs:annotation>
- <xs:documentation>data related to the person's name</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="AlternativeName">
- <xs:annotation>
- <xs:documentation>Former name, Artist name, changes of Given name ..., compare AlternativName</xs:documentation>
- </xs:annotation>
- <xs:complexType>
- <xs:complexContent>
- <xs:extension base="PersonNameType">
- <xs:attribute name="Type" type="AlternativeNameTypeType"/>
- </xs:extension>
- </xs:complexContent>
- </xs:complexType>
- </xs:element>
- <xs:element name="relatedPerson">
- <xs:annotation>
- <xs:documentation>relatives (parents, ...), compare Verwandter</xs:documentation>
- </xs:annotation>
- <xs:complexType>
- <xs:sequence>
- <xs:element name="TypeOfRelation" type="RelationType" minOccurs="0" maxOccurs="unbounded">
- <xs:annotation>
- <xs:documentation>type of the relationship, compare Verwandschftsgrad</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element ref="PhysicalPerson"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <!-- ### adress data for various types of communications ### -->
- <xs:element name="Address" type="AbstractAddressType">
- <xs:annotation>
- <xs:documentation>element of address type, essentially abstract. Use InternetAddress, TelephoneAddress, PostalAddress, TypedPostalAddress instead, or use Address with xsi:type Attribute</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="PostalAddress" type="PostalAddressType" substitutionGroup="Address">
- <xs:annotation>
- <xs:documentation>Postal or ZMR Address, compare PostAdresse</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="CompactPostalAddress" type="CompactPostalAddressType" substitutionGroup="Address">
- <xs:annotation>
- <xs:documentation>Postal or ZMR Address, compare PostAdresse</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="TypedPostalAddress" type="TypedPostalAddressType" substitutionGroup="Address">
- <xs:annotation>
- <xs:documentation>Typed Postal or ZMR Address, compare TypisiertePostAdresse</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="InternetAddress" type="InternetAddressType" substitutionGroup="Address">
- <xs:annotation>
- <xs:documentation>InternetAdress such as e-mail or website, compare InternetAdresse</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="TelephoneAddress" type="TelephoneAddressType" substitutionGroup="Address">
- <xs:annotation>
- <xs:documentation>Typed TelephoneAddress, compare TelefonAdresse</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="BankConnection" type="BankConnectionType">
- <xs:annotation>
- <xs:documentation>National or international bank connection, compare Bankverbindung</xs:documentation>
- </xs:annotation>
- </xs:element>
- <!-- ### Identification elements ###-->
- <xs:element name="AbstractSimpleIdentification" type="AbstractSimpleIdentificationType">
- <xs:annotation>
- <xs:documentation>possibility to include common austrian primary keys in human readable way, english translation not available</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="ZMRzahl" substitutionGroup="AbstractSimpleIdentification">
- <xs:complexType>
- <xs:simpleContent>
- <xs:extension base="AbstractSimpleIdentificationType">
- <xs:attribute name="Identifier" type="xs:string" fixed="ZMR"/>
- </xs:extension>
- </xs:simpleContent>
- </xs:complexType>
- </xs:element>
- <xs:element name="Stammzahl" type="AbstractSimpleIdentificationType" substitutionGroup="AbstractSimpleIdentification"/>
- <xs:element name="Firmenbuchnummer" substitutionGroup="AbstractSimpleIdentification">
- <xs:complexType>
- <xs:simpleContent>
- <xs:extension base="AbstractSimpleIdentificationType">
- <xs:attribute name="Identifier" type="xs:string" fixed="FN"/>
- </xs:extension>
- </xs:simpleContent>
- </xs:complexType>
- </xs:element>
- <xs:element name="ERJPZahl" substitutionGroup="AbstractSimpleIdentification">
- <xs:annotation>
- <xs:documentation>Ergänzungsregister für nicht-natürliche Personen (CorporateBody)</xs:documentation>
- </xs:annotation>
- <xs:complexType>
- <xs:simpleContent>
- <xs:extension base="AbstractSimpleIdentificationType">
- <xs:attribute name="Identifier" type="xs:string" fixed="ERJ"/>
- </xs:extension>
- </xs:simpleContent>
- </xs:complexType>
- </xs:element>
- <xs:element name="Vereinsnummer" substitutionGroup="AbstractSimpleIdentification">
- <xs:complexType>
- <xs:simpleContent>
- <xs:extension base="AbstractSimpleIdentificationType">
- <xs:attribute name="Identifier" type="xs:string" fixed="VR"/>
- </xs:extension>
- </xs:simpleContent>
- </xs:complexType>
- </xs:element>
- <xs:element name="Sozialversicherungsnummer" type="AbstractSimpleIdentificationType" substitutionGroup="AbstractSimpleIdentification"/>
- <xs:element name="Steuernummer" type="AbstractSimpleIdentificationType" substitutionGroup="AbstractSimpleIdentification"/>
- <xs:element name="Matrikelnummer" type="AbstractSimpleIdentificationType" substitutionGroup="AbstractSimpleIdentification"/>
- <!-- ### additional telecom elements - not used internally - german translation not available ###-->
- <xs:element name="Telephone" type="TelcomNumberType"/>
- <xs:element name="Mobile" type="MobileTelcomNumberType"/>
- <xs:element name="Fax" type="TelcomNumberType"/>
- <xs:element name="Pager" type="TelcomNumberType"/>
- <xs:element name="TTYTDD" type="TelcomNumberType">
- <xs:annotation>
- <xs:documentation>teletyper or telephone for the hearing impaired</xs:documentation>
- </xs:annotation>
- </xs:element>
- <!--### elements of simple type ####-->
- <xs:element name="MaritalStatus" type="MaritalStatusType">
- <xs:annotation>
- <xs:documentation>status of a person in the cycle of life, compare Familienstand</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="Sex" type="SexType">
- <xs:annotation>
- <xs:documentation>gender, comapre Geschlecht</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="DateOfBirth" type="DateOfBirthType">
- <xs:annotation>
- <xs:documentation>date of birth, compare Geburtsdatum</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="DateOfDeath" type="DateOfDeathType">
- <xs:annotation>
- <xs:documentation>date of death, compare Sterbedatum</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="PlaceOfBirth" type="xs:token">
- <xs:annotation>
- <xs:documentation>place of birth, compare Geburtsort</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="CountryOfBirth" type="xs:token">
- <xs:annotation>
- <xs:documentation>country of birth, compare Geburtsland</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="StateOfBirth" type="xs:token">
- <xs:annotation>
- <xs:documentation>state of birth, comapre Geburtsbundesland</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="Nationality" type="NationalityType">
- <xs:annotation>
- <xs:documentation>nationality of Person, compare Staatsangehoerigkeit. attention! New Fomrat is complex, string value accepted for compatibility only</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="Confession" type="xs:token">
- <xs:annotation>
- <xs:documentation>confession (religion) of Person - xs:token? gibt es wirklich keine Staaten mit Leerzeichen im Namen?</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="Occupation" type="xs:string">
- <xs:annotation>
- <xs:documentation>occupation, compare Beruf</xs:documentation>
- </xs:annotation>
- </xs:element>
- <!--### complex telephone types ###-->
- <xs:element name="InternationalCountryCode" type="xs:string">
- <xs:annotation>
- <xs:documentation>compare InternationalerLaendercode</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="NationalNumber" type="xs:string">
- <xs:annotation>
- <xs:documentation>compare NationalNummer</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="AreaCityCode" type="xs:string">
- <xs:annotation>
- <xs:documentation>compare Vorwahl</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="SubscriberNumber" type="xs:string">
- <xs:annotation>
- <xs:documentation>compare Anschlussnummer</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="FormattedNumber" type="xs:string">
- <xs:annotation>
- <xs:documentation>Complete number, ready formated - e.g. +43 1 5131345 4664 compare FormatierteNummer</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="Extension" type="xs:string">
- <xs:annotation>
- <xs:documentation>compare Klappe</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="Identification" type ="IdentificationType">
- <xs:annotation>
- <xs:documentation>unique identifier</xs:documentation>
- </xs:annotation>
- </xs:element>
- <!--### complex types ###-->
- <xs:complexType name="PersonDataType">
- <xs:annotation>
- <xs:documentation>signed person datastructure. The first Identification elements (from the base type) denote the record as such (e.g. database key for this record) - not to be mistaken for identifiers of the person or of an address (they have their own Identification elements).</xs:documentation>
- </xs:annotation>
- <xs:complexContent>
- <xs:extension base="AbstractPersonType">
- <xs:sequence>
- <xs:element ref="Person"/>
- <xs:element ref="Address" minOccurs="0" maxOccurs="unbounded"/>
- <xs:element ref="dsig:Signature" minOccurs="0" maxOccurs="unbounded">
- <xs:annotation>
- <xs:documentation>one or more electronic signatures applied on fields above</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="AdditionalData" minOccurs="0">
- <xs:annotation>
- <xs:documentation>container for your Information needs. Contained Elements must reside in a different Namespace</xs:documentation>
- </xs:annotation>
- <xs:complexType mixed="true">
- <xs:sequence minOccurs="0" maxOccurs="unbounded">
- <xs:any namespace="##any" processContents="lax">
- <xs:annotation>
- <xs:documentation>any additional properties</xs:documentation>
- </xs:annotation>
- </xs:any>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:extension>
- </xs:complexContent>
- </xs:complexType>
- <xs:complexType name="CompactPersonDataType">
- <xs:annotation>
- <xs:documentation>signed person datastructure. The first Identification elements (from the base type) denote the record as such (e.g. database key for this record) - not to be mistaken for identifiers of the person or of an address (they have their own Identification elements).</xs:documentation>
- </xs:annotation>
- <xs:complexContent>
- <xs:extension base="AbstractPersonType">
- <xs:sequence>
- <xs:element ref="Person"/>
- <xs:element ref="Address" minOccurs="0" maxOccurs="unbounded"/>
- <xs:element ref="dsig:Signature" minOccurs="0" maxOccurs="unbounded">
- <xs:annotation>
- <xs:documentation>one or more electronic signatures applied on fields above</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="AdditionalData" minOccurs="0">
- <xs:annotation>
- <xs:documentation>container for your Information needs. Contained Elements must reside in a different Namespace</xs:documentation>
- </xs:annotation>
- <xs:complexType mixed="true">
- <xs:sequence minOccurs="0" maxOccurs="unbounded">
- <xs:any namespace="##any" processContents="lax">
- <xs:annotation>
- <xs:documentation>any additional properties</xs:documentation>
- </xs:annotation>
- </xs:any>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:extension>
- </xs:complexContent>
- </xs:complexType>
- <xs:complexType name="AbstractSimpleIdentificationType">
- <xs:simpleContent>
- <xs:extension base="xs:string"/>
- </xs:simpleContent>
- </xs:complexType>
- <xs:complexType name="IdentificationType">
- <xs:annotation>
- <xs:documentation>unique identifier</xs:documentation>
- </xs:annotation>
- <xs:sequence>
- <xs:element name="Value">
- <xs:annotation>
- <xs:documentation>actual value of the identifier.</xs:documentation>
- </xs:annotation>
- <xs:complexType>
- <xs:simpleContent>
- <xs:extension base="xs:string">
- <xs:attribute name="Id" type="xs:ID" use="optional"/>
- </xs:extension>
- </xs:simpleContent>
- </xs:complexType>
- </xs:element>
- <xs:element name="Type" type="xs:anyURI">
- <xs:annotation>
- <xs:documentation>type of value (eg 'ZMR', 'SV-Nummer', 'Martrikelnummer', database identification, ...)</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="Authority" type="xs:anyURI" minOccurs="0">
- <xs:annotation>
- <xs:documentation>authority, which is reponsible for generation of the identifier (eg university in case of 'MatrikelNummer')</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded">
- <xs:annotation>
- <xs:documentation>any additional properties</xs:documentation>
- </xs:annotation>
- </xs:any>
- </xs:sequence>
- <xs:attribute name="Id" type="xs:ID" use="optional"/>
- <xs:anyAttribute namespace="##other"/>
- </xs:complexType>
- <xs:complexType name="AbstractPersonType">
- <xs:annotation>
- <xs:documentation>main structure of person data</xs:documentation>
- </xs:annotation>
- <xs:choice minOccurs="0">
- <xs:element ref="Identification" minOccurs="0" maxOccurs="unbounded">
- <xs:annotation>
- <xs:documentation>unique identification entities</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element ref="AbstractSimpleIdentification" minOccurs="0" maxOccurs="unbounded"/>
- </xs:choice>
- <xs:attribute name="Id" type="xs:ID" use="optional"/>
- <xs:anyAttribute namespace="##other"/>
- </xs:complexType>
- <xs:complexType name="PhysicalPersonType">
- <xs:annotation>
- <xs:documentation>physical person, compare NatuerlichePersonTyp</xs:documentation>
- </xs:annotation>
- <xs:complexContent>
- <xs:extension base="AbstractPersonType">
- <xs:sequence minOccurs="0">
- <xs:element ref="Name" minOccurs="0"/>
- <xs:element ref="AlternativeName" minOccurs="0" maxOccurs="unbounded"/>
- <xs:element ref="MaritalStatus" minOccurs="0"/>
- <xs:element ref="Sex" minOccurs="0"/>
- <xs:element ref="DateOfBirth" minOccurs="0"/>
- <xs:element ref="PlaceOfBirth" minOccurs="0"/>
- <xs:element ref="StateOfBirth" minOccurs="0"/>
- <xs:element ref="CountryOfBirth" minOccurs="0"/>
- <xs:element ref="DateOfDeath" minOccurs="0"/>
- <xs:element ref="Nationality" minOccurs="0" maxOccurs="unbounded"/>
- <xs:element ref="Confession" minOccurs="0"/>
- <xs:element ref="Occupation" minOccurs="0"/>
- <xs:element ref="relatedPerson" minOccurs="0" maxOccurs="unbounded"/>
- <xs:element ref="BankConnection" minOccurs="0" maxOccurs="unbounded"/>
- <xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded">
- <xs:annotation>
- <xs:documentation>any additional properties</xs:documentation>
- </xs:annotation>
- </xs:any>
- </xs:sequence>
- </xs:extension>
- </xs:complexContent>
- </xs:complexType>
- <xs:complexType name="CompactPhysicalPersonType">
- <xs:annotation>
- <xs:documentation>physical person, compare NatuerlichePersonTyp</xs:documentation>
- </xs:annotation>
- <xs:complexContent>
- <xs:extension base="AbstractPersonType">
- <xs:sequence minOccurs="0">
- <xs:element ref="CompactName"/>
- <xs:element ref="MaritalStatus" minOccurs="0"/>
- <xs:element ref="Sex" minOccurs="0"/>
- <xs:element ref="DateOfBirth" minOccurs="0"/>
- <xs:element ref="PlaceOfBirth" minOccurs="0"/>
- <xs:element ref="Nationality" minOccurs="0" maxOccurs="unbounded"/>
- <xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded">
- <xs:annotation>
- <xs:documentation>any additional properties</xs:documentation>
- </xs:annotation>
- </xs:any>
- </xs:sequence>
- </xs:extension>
- </xs:complexContent>
- </xs:complexType>
- <xs:complexType name="CorporateBodyType">
- <xs:annotation>
- <xs:documentation>juridical person, organisation, compare NichtNatuerlichePersonTyp</xs:documentation>
- </xs:annotation>
- <xs:complexContent>
- <xs:extension base="AbstractPersonType">
- <xs:sequence minOccurs="0">
- <xs:element name="Type" type="xs:anyURI" minOccurs="0" maxOccurs="unbounded">
- <xs:annotation>
- <xs:documentation>URI pointing to a predefined Class of CorporateBodies, compare Typ</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="FullName" type="xs:token" minOccurs="0">
- <xs:annotation>
- <xs:documentation>name of corporate body (whole name), compare VollerName</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="AlternativeName" type="xs:token" minOccurs="0" maxOccurs="unbounded">
- <xs:annotation>
- <xs:documentation>alternative names of corporate body (abbreviations, short name, synonyms, ...), comapre AlternativName</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="LegalForm" type="xs:anyURI" minOccurs="0">
- <xs:annotation>
- <xs:documentation>type of company (eg AG, OHG, ...), URI pointing to predefined LegalForm, compare Rechtsform</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="Organization" type="xs:token" minOccurs="0">
- <xs:annotation>
- <xs:documentation>part of an organisation, see also X.500 ou (eg departement, section, branch, ...) , compare Organisation</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element ref="BankConnection" minOccurs="0" maxOccurs="unbounded"/>
- <xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded">
- <xs:annotation>
- <xs:documentation>any additional properties</xs:documentation>
- </xs:annotation>
- </xs:any>
- </xs:sequence>
- </xs:extension>
- </xs:complexContent>
- </xs:complexType>
- <xs:complexType name="CompactCorporateBodyType">
- <xs:annotation>
- <xs:documentation>juridical person, organisation, compare NichtNatuerlichePersonTyp</xs:documentation>
- </xs:annotation>
- <xs:complexContent>
- <xs:extension base="AbstractPersonType">
- <xs:sequence minOccurs="0">
- <xs:element name="Type" type="xs:anyURI" minOccurs="0" maxOccurs="unbounded">
- <xs:annotation>
- <xs:documentation>URI pointing to a predefined Class of CorporateBodies, compare Typ</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="FullName" type="xs:token">
- <xs:annotation>
- <xs:documentation>name of corporate body (whole name), compare VollerName</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="LegalForm" type="xs:anyURI" minOccurs="0">
- <xs:annotation>
- <xs:documentation>type of company (eg AG, OHG, ...), URI pointing to predefined LegalForm, compare Rechtsform</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="Organization" type="xs:token" minOccurs="0">
- <xs:annotation>
- <xs:documentation>part of an organisation, see also X.500 ou (eg departement, section, branch, ...) , compare Organisation</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded">
- <xs:annotation>
- <xs:documentation>any additional properties</xs:documentation>
- </xs:annotation>
- </xs:any>
- </xs:sequence>
- </xs:extension>
- </xs:complexContent>
- </xs:complexType>
- <xs:complexType name="PersonNameType">
- <xs:annotation>
- <xs:documentation>container for parts of a name, comapre PersonenNameTyp</xs:documentation>
- </xs:annotation>
- <xs:sequence>
- <xs:element name="FormattedName" minOccurs="0" maxOccurs="unbounded">
- <xs:annotation>
- <xs:documentation>Complete Name (including Affixes) of the Person, especially useful for names from different cultural environments</xs:documentation>
- </xs:annotation>
- <xs:complexType>
- <xs:simpleContent>
- <xs:extension base="xs:string">
- <xs:attribute name="type" default="presentation">
- <xs:simpleType>
- <xs:restriction base="xs:string">
- <xs:enumeration value="presentation"/>
- <xs:enumeration value="legal"/>
- <xs:enumeration value="sortOrder"/>
- </xs:restriction>
- </xs:simpleType>
- </xs:attribute>
- </xs:extension>
- </xs:simpleContent>
- </xs:complexType>
- </xs:element>
- <xs:element name="LegalName" type="xs:string" minOccurs="0"/>
- <xs:element name="GivenName" type="xs:string" minOccurs="0" maxOccurs="unbounded">
- <xs:annotation>
- <xs:documentation>Every given name should be contained inside a GivenName Tag. If that is not possible due to dabase contraints, ... putting several given names inside one GivenName Element is acceptable</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="PreferredGivenName" type="xs:string" minOccurs="0">
- <xs:annotation>
- <xs:documentation>A Person in possesion of more than one GivenName frequently preferrs the use of a Name other than the first GivenName</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="MiddleName" type="xs:string" minOccurs="0">
- <xs:annotation>
- <xs:documentation>MiddleNames are not commonly found in central Europe. The field is mainly for compatibility reasons</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="FamilyName" minOccurs="0" maxOccurs="unbounded">
- <xs:annotation>
- <xs:documentation>Every family name should be contained inside a FamilyName Tag. If that is not possible due to dabase contraints, ... putting several family names inside one FamilyName Element is acceptable</xs:documentation>
- </xs:annotation>
- <xs:complexType>
- <xs:simpleContent>
- <xs:extension base="xs:string">
- <xs:attribute name="primary" default="undefined">
- <xs:simpleType>
- <xs:restriction base="xs:string">
- <xs:enumeration value="true"/>
- <xs:enumeration value="false"/>
- <xs:enumeration value="undefined"/>
- </xs:restriction>
- </xs:simpleType>
- </xs:attribute>
- <xs:attribute name="prefix" type="xs:string"/>
- </xs:extension>
- </xs:simpleContent>
- </xs:complexType>
- </xs:element>
- <xs:element name="Affix" minOccurs="0" maxOccurs="unbounded">
- <xs:annotation>
- <xs:documentation>Inlcudes all Information that is not exactly a name: academic or aristocratic titles, ... the new position attribute can contain a suffx or prefix value</xs:documentation>
- </xs:annotation>
- <xs:complexType>
- <xs:simpleContent>
- <xs:extension base="xs:string">
- <xs:attribute name="type" use="optional">
- <xs:simpleType>
- <xs:restriction base="xs:string">
- <xs:enumeration value="academicGrade"/>
- <xs:enumeration value="aristocraticPrefix"/>
- <xs:enumeration value="aristocraticTitle"/>
- <xs:enumeration value="familyNamePrefix"/>
- <xs:enumeration value="familyNameSuffix"/>
- <xs:enumeration value="formOfAddress"/>
- <xs:enumeration value="generation"/>
- <xs:enumeration value="qualification"/>
- </xs:restriction>
- </xs:simpleType>
- </xs:attribute>
- <xs:attribute name="position" use="optional">
- <xs:simpleType>
- <xs:restriction base="xs:string">
- <xs:enumeration value="prefix"/>
- <xs:enumeration value="suffix"/>
- </xs:restriction>
- </xs:simpleType>
- </xs:attribute>
- </xs:extension>
- </xs:simpleContent>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- <xs:complexType name="CompactPersonNameType">
- <xs:annotation>
- <xs:documentation>container for parts of a name, comapre PersonenNameTyp</xs:documentation>
- </xs:annotation>
- <xs:sequence>
- <xs:element name="GivenName" type="xs:string" maxOccurs="unbounded">
- <xs:annotation>
- <xs:documentation>Every given name should be contained inside a GivenName Tag. If that is not possible due to dabase contraints, ... putting several given names inside one GivenName Element is acceptable</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="FamilyName" maxOccurs="unbounded">
- <xs:annotation>
- <xs:documentation>Every family name should be contained inside a FamilyName Tag. If that is not possible due to dabase contraints, ... putting several family names inside one FamilyName Element is acceptable</xs:documentation>
- </xs:annotation>
- <xs:complexType>
- <xs:simpleContent>
- <xs:extension base="xs:string">
- <xs:attribute name="primary" default="undefined">
- <xs:simpleType>
- <xs:restriction base="xs:string">
- <xs:enumeration value="true"/>
- <xs:enumeration value="false"/>
- <xs:enumeration value="undefined"/>
- </xs:restriction>
- </xs:simpleType>
- </xs:attribute>
- <xs:attribute name="prefix" type="xs:string"/>
- </xs:extension>
- </xs:simpleContent>
- </xs:complexType>
- </xs:element>
- <xs:element name="Affix" minOccurs="0" maxOccurs="unbounded">
- <xs:annotation>
- <xs:documentation>Inlcudes all Information that is not exactly a name: academic or aristocratic titles, ... the new position attribute can contain a suffx or prefix value</xs:documentation>
- </xs:annotation>
- <xs:complexType>
- <xs:simpleContent>
- <xs:extension base="xs:string">
- <xs:attribute name="type" use="optional">
- <xs:simpleType>
- <xs:restriction base="xs:string">
- <xs:enumeration value="academicGrade"/>
- <xs:enumeration value="aristocraticPrefix"/>
- <xs:enumeration value="aristocraticTitle"/>
- <xs:enumeration value="familyNamePrefix"/>
- <xs:enumeration value="familyNameSuffix"/>
- <xs:enumeration value="formOfAddress"/>
- <xs:enumeration value="generation"/>
- <xs:enumeration value="qualification"/>
- </xs:restriction>
- </xs:simpleType>
- </xs:attribute>
- <xs:attribute name="position" use="optional">
- <xs:simpleType>
- <xs:restriction base="xs:string">
- <xs:enumeration value="prefix"/>
- <xs:enumeration value="suffix"/>
- </xs:restriction>
- </xs:simpleType>
- </xs:attribute>
- </xs:extension>
- </xs:simpleContent>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- <xs:complexType name="NationalityType" mixed="true">
- <xs:annotation>
- <xs:documentation>comapre, StaatsangehoerigkeitTyp</xs:documentation>
- </xs:annotation>
- <xs:sequence>
- <xs:element name="ISOCode3" minOccurs="0">
- <xs:simpleType>
- <xs:restriction base="xs:string">
- <xs:length value="3"/>
- </xs:restriction>
- </xs:simpleType>
- </xs:element>
- <xs:element name="CountryNameDE" type="xs:string" minOccurs="0"/>
- <xs:element name="CountryNameEN" type="xs:string" minOccurs="0"/>
- <xs:element name="CountryNameFR" type="xs:string" minOccurs="0"/>
- <xs:any namespace="##other" processContents="lax"/>
- </xs:sequence>
- </xs:complexType>
- <xs:complexType name="BankConnectionType">
- <xs:annotation>
- <xs:documentation>compare BankverbindungTyp</xs:documentation>
- </xs:annotation>
- <xs:sequence>
- <xs:element name="Holder" type="xs:string">
- <xs:annotation>
- <xs:documentation>Account holder, compare Inhaber</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="BankName" type="xs:string">
- <xs:annotation>
- <xs:documentation>compare BankName</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:choice>
- <xs:element name="NationalBankConnection">
- <xs:annotation>
- <xs:documentation>compare NationaleBankverbindung</xs:documentation>
- </xs:annotation>
- <xs:complexType>
- <xs:sequence>
- <xs:element name="AccountNumber" type="xs:integer">
- <xs:annotation>
- <xs:documentation>compare Kontonummer</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="BankCode" type="xs:integer">
- <xs:annotation>
- <xs:documentation>compare BLZ</xs:documentation>
- </xs:annotation>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="InternationalBankConnection">
- <xs:annotation>
- <xs:documentation>compare InternationaleBankverbindung</xs:documentation>
- </xs:annotation>
- <xs:complexType>
- <xs:sequence>
- <xs:element name="IBAN" type="xs:string">
- <xs:annotation>
- <xs:documentation>compare IBAN</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="BIC" type="xs:string">
- <xs:annotation>
- <xs:documentation>comapre BIC</xs:documentation>
- </xs:annotation>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:choice>
- </xs:sequence>
- </xs:complexType>
- <xs:complexType name="AbstractAddressType">
- <xs:annotation>
- <xs:documentation>main structure of address data</xs:documentation>
- </xs:annotation>
- <xs:sequence minOccurs="0">
- <xs:element ref="Identification" minOccurs="0" maxOccurs="unbounded">
- <xs:annotation>
- <xs:documentation>unique identification entities</xs:documentation>
- </xs:annotation>
- </xs:element>
- </xs:sequence>
- <xs:attribute name="Id" type="xs:ID" use="optional"/>
- <xs:anyAttribute namespace="##other"/>
- </xs:complexType>
- <xs:complexType name="TypedPostalAddressType">
- <xs:annotation>
- <xs:documentation>postal address with type information, compare TypisiertePostAdresseTyp</xs:documentation>
- </xs:annotation>
- <xs:complexContent>
- <xs:extension base="AbstractAddressType">
- <xs:sequence minOccurs="0">
- <xs:element name="Type" type="xs:anyURI" minOccurs="0">
- <xs:annotation>
- <xs:documentation>type of address - category (eg 'Wohnsitz', 'Zentrale', ...)</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element ref="PostalAddress"/>
- <xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded">
- <xs:annotation>
- <xs:documentation>any additional properties</xs:documentation>
- </xs:annotation>
- </xs:any>
- </xs:sequence>
- </xs:extension>
- </xs:complexContent>
- </xs:complexType>
- <xs:complexType name="PostalAddressType">
- <xs:annotation>
- <xs:documentation>compare PostAdresseTyp</xs:documentation>
- </xs:annotation>
- <xs:complexContent>
- <xs:extension base="AbstractAddressType">
- <xs:sequence>
- <xs:element name="CountryCode" minOccurs="0">
- <xs:annotation>
- <xs:documentation>Code for the country, use ISO or internatinal Postalstandard, compare Staatscode</xs:documentation>
- </xs:annotation>
- <xs:simpleType>
- <xs:restriction base="xs:string">
- <xs:pattern value="[A-Z]{2}"/>
- </xs:restriction>
- </xs:simpleType>
- </xs:element>
- <xs:element name="CountryName" type="xs:string" minOccurs="0">
- <xs:annotation>
- <xs:documentation>Name of the country, use ISO Name, or international Postal Standard, compare Staatsname</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="PostalCode" type="xs:string" minOccurs="0">
- <xs:annotation>
- <xs:documentation>ZIP, compare Postleitzahl</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="Region" type="xs:string" minOccurs="0" maxOccurs="unbounded">
- <xs:annotation>
- <xs:documentation>compare Region</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="State" type="xs:string" minOccurs="0">
- <xs:annotation>
- <xs:documentation>compare Bundesland</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="Municipality" type="xs:string" minOccurs="0">
- <xs:annotation>
- <xs:documentation>compare Gemeinde</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="MunicipalityNumber" type="xs:string" minOccurs="0">
- <xs:annotation>
- <xs:documentation>compare Gemeindekennzahl</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="Hamlet" type="xs:string" minOccurs="0">
- <xs:annotation>
- <xs:documentation>ZMR use, compare Ortschaft</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="HamletBilingual" type="xs:string" minOccurs="0">
- <xs:annotation>
- <xs:documentation>ZMR use, comapre OrtschaftZweisprachig</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="DeliveryAddress" minOccurs="0">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="AddressLine" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
- <xs:element name="StreetName" type="xs:string" minOccurs="0"/>
- <xs:element name="BuildingNumber" type="xs:string" minOccurs="0"/>
- <xs:element name="Unit" type="xs:string" minOccurs="0"/>
- <xs:element name="DoorNumber" type="xs:string" minOccurs="0"/>
- <xs:element name="PostOfficeBox" type="xs:string" minOccurs="0"/>
- <xs:element name="LivingQuality" type="xs:string" minOccurs="0">
- <xs:annotation>
- <xs:documentation>zmr use only</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="DropOffPoint" type="xs:boolean" minOccurs="0">
- <xs:annotation>
- <xs:documentation>zmr use only</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="AreaNumber" type="xs:string" minOccurs="0"/>
- <xs:element name="AddressRegisterEntry" minOccurs="0">
- <xs:annotation>
- <xs:documentation>Addressregister database keys used to identify Addresses</xs:documentation>
- </xs:annotation>
- <xs:complexType>
- <xs:sequence>
- <xs:element name="AddressCode" type="string7"/>
- <xs:element name="SubCode" type="string3" minOccurs="0"/>
- <xs:element name="ObjectNumber" type="string7" minOccurs="0"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="Recipient" minOccurs="0" maxOccurs="unbounded">
- <xs:annotation>
- <xs:documentation>If Addressis used outside of PersonData a recipient can be specified</xs:documentation>
- </xs:annotation>
- <xs:complexType>
- <xs:sequence>
- <xs:element name="PersonName" type="PersonNameType" minOccurs="0"/>
- <xs:element name="AdditionalText" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
- <xs:element name="Organization" type="xs:string" minOccurs="0">
- <xs:annotation>
- <xs:documentation>rather OrganizationUnit e.G Sales Departement</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="OrganizationName" type="xs:string" minOccurs="0">
- <xs:annotation>
- <xs:documentation>e.g. Smith Ltd</xs:documentation>
- </xs:annotation>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- <xs:attribute name="type" default="undefined">
- <xs:simpleType>
- <xs:restriction base="xs:string">
- <xs:enumeration value="postOfficeBoxAddress"/>
- <xs:enumeration value="streetAddress"/>
- <xs:enumeration value="militaryAddress"/>
- <xs:enumeration value="undefined"/>
- </xs:restriction>
- </xs:simpleType>
- </xs:attribute>
- </xs:extension>
- </xs:complexContent>
- </xs:complexType>
- <xs:complexType name="CompactPostalAddressType">
- <xs:annotation>
- <xs:documentation>compare PostAdresseTyp</xs:documentation>
- </xs:annotation>
- <xs:complexContent>
- <xs:extension base="AbstractAddressType">
- <xs:sequence>
- <xs:element name="CountryCode" minOccurs="0">
- <xs:annotation>
- <xs:documentation>Code for the country, use ISO or internatinal Postalstandard, compare Staatscode</xs:documentation>
- </xs:annotation>
- <xs:simpleType>
- <xs:restriction base="xs:string">
- <xs:pattern value="[A-Z]{2}"/>
- </xs:restriction>
- </xs:simpleType>
- </xs:element>
- <xs:element name="CountryName" type="xs:string" minOccurs="0">
- <xs:annotation>
- <xs:documentation>Name of the country, use ISO Name, or international Postal Standard, compare Staatsname</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="PostalCode" type="xs:string">
- <xs:annotation>
- <xs:documentation>ZIP, compare Postleitzahl</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="Municipality" type="xs:string">
- <xs:annotation>
- <xs:documentation>compare Gemeinde</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="DeliveryAddress">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="StreetName" type="xs:string">
- <xs:annotation>
- <xs:documentation>if streetname not available use name of Ortschaft</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="BuildingNumber" type="xs:string"/>
- <xs:element name="Unit" type="xs:string" minOccurs="0"/>
- <xs:element name="DoorNumber" type="xs:string" minOccurs="0"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- <xs:attribute name="type" default="undefined">
- <xs:simpleType>
- <xs:restriction base="xs:string">
- <xs:enumeration value="postOfficeBoxAddress"/>
- <xs:enumeration value="streetAddress"/>
- <xs:enumeration value="militaryAddress"/>
- <xs:enumeration value="undefined"/>
- </xs:restriction>
- </xs:simpleType>
- </xs:attribute>
- </xs:extension>
- </xs:complexContent>
- </xs:complexType>
- <xs:complexType name="InternetAddressType">
- <xs:annotation>
- <xs:documentation>e.g. e-mail, webiste, compare InternetAdresseTyp</xs:documentation>
- </xs:annotation>
- <xs:complexContent>
- <xs:extension base="AbstractAddressType">
- <xs:sequence minOccurs="0">
- <xs:element ref="dsig:KeyInfo" minOccurs="0">
- <xs:annotation>
- <xs:documentation>certificate for secure communication</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="Address" type="xs:anyURI">
- <xs:annotation>
- <xs:documentation>URI: email-Address, Web, FTP, LDAP, ..., comapre Adress</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded">
- <xs:annotation>
- <xs:documentation>any additional properties</xs:documentation>
- </xs:annotation>
- </xs:any>
- </xs:sequence>
- </xs:extension>
- </xs:complexContent>
- </xs:complexType>
- <xs:complexType name="TelephoneAddressType">
- <xs:annotation>
- <xs:documentation>phone numbers, conmpare TelephoneAdresseTyp</xs:documentation>
- </xs:annotation>
- <xs:complexContent>
- <xs:extension base="AbstractAddressType">
- <xs:sequence minOccurs="0">
- <xs:element name="Type" type="xs:anyURI" minOccurs="0" maxOccurs="unbounded">
- <xs:annotation>
- <xs:documentation>type of phononumber - category (eg 'Festnetz', 'Mobile', 'fax', ...)</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="Number" type="TelcomNumberType">
- <xs:annotation>
- <xs:documentation>phonenumber</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded">
- <xs:annotation>
- <xs:documentation>any additional properties</xs:documentation>
- </xs:annotation>
- </xs:any>
- </xs:sequence>
- </xs:extension>
- </xs:complexContent>
- </xs:complexType>
- <xs:complexType name="MobileTelcomNumberType">
- <xs:annotation>
- <xs:documentation>like TelephoneAddresseType but with additional smsEnabled attribute</xs:documentation>
- </xs:annotation>
- <xs:complexContent>
- <xs:extension base="TelcomNumberType">
- <xs:attribute name="smsEnabled" type="xs:boolean" use="optional"/>
- </xs:extension>
- </xs:complexContent>
- </xs:complexType>
- <xs:complexType name="TelcomNumberType">
- <xs:annotation>
- <xs:documentation>formated number or set of telephone number parts</xs:documentation>
- </xs:annotation>
- <xs:choice>
- <xs:element ref="FormattedNumber"/>
- <xs:group ref="TelcomNumberGroup"/>
- </xs:choice>
- </xs:complexType>
- <xs:group name="TelcomNumberGroup">
- <xs:annotation>
- <xs:documentation>set of telephone number parts</xs:documentation>
- </xs:annotation>
- <xs:sequence>
- <xs:element ref="InternationalCountryCode" minOccurs="0"/>
- <xs:element ref="NationalNumber" minOccurs="0"/>
- <xs:element ref="AreaCityCode" minOccurs="0"/>
- <xs:element ref="SubscriberNumber"/>
- <xs:element ref="Extension" minOccurs="0"/>
- </xs:sequence>
- </xs:group>
- <!-- ### auxiliary types ### -->
- <xs:simpleType name="SexType">
- <xs:annotation>
- <xs:documentation>simple type for sex (gender) of person</xs:documentation>
- </xs:annotation>
- <xs:restriction base="xs:token">
- <xs:enumeration value="male"/>
- <xs:enumeration value="female"/>
- <xs:enumeration value="unknown"/>
- </xs:restriction>
- </xs:simpleType>
- <xs:simpleType name="DateOfBirthType">
- <xs:annotation>
- <xs:documentation>simple type for dates (union), which may omit day and/or month</xs:documentation>
- </xs:annotation>
- <xs:union memberTypes="xs:date xs:gYearMonth xs:gYear"/>
- </xs:simpleType>
- <xs:simpleType name="DateOfDeathType">
- <xs:annotation>
- <xs:documentation>simple type for dates (union), which may omit day and/or month</xs:documentation>
- </xs:annotation>
- <xs:union memberTypes="xs:date xs:gYearMonth xs:gYear"/>
- </xs:simpleType>
- <xs:simpleType name="MaritalStatusType">
- <xs:annotation>
- <xs:documentation>simple type for marital status of a person</xs:documentation>
- </xs:annotation>
- <xs:restriction base="xs:token">
- <xs:enumeration value="single"/>
- <xs:enumeration value="married"/>
- <xs:enumeration value="divorced"/>
- <xs:enumeration value="widowed"/>
- </xs:restriction>
- </xs:simpleType>
- <xs:simpleType name="xStringPatternExtensionType">
- <xs:annotation>
- <xs:documentation>pattern type for enlargement of type definitions. Contents as follows
-x:sometext or 12345 or _ or other symbols
-</xs:documentation>
- </xs:annotation>
- <xs:restriction base="xs:string">
- <xs:pattern value="x:\S.*"/>
- </xs:restriction>
- </xs:simpleType>
- <xs:simpleType name="DefinedRelationType">
- <xs:annotation>
- <xs:documentation>known relations (family + functional)</xs:documentation>
- </xs:annotation>
- <xs:restriction base="xs:string">
- <xs:enumeration value="family:Parent"/>
- <xs:enumeration value="family:Child"/>
- <xs:enumeration value="family:Sibling"/>
- <xs:enumeration value="family:Grandparent"/>
- <xs:enumeration value="family:Grandchild"/>
- <xs:enumeration value="family:Spouse"/>
- <xs:enumeration value="function:LegalGuardian"/>
- <xs:enumeration value="function:IsGuardedBy"/>
- <xs:enumeration value="function:Cohabitant"/>
- </xs:restriction>
- </xs:simpleType>
- <xs:simpleType name="RelationType">
- <xs:annotation>
- <xs:documentation>known + any other relation</xs:documentation>
- </xs:annotation>
- <xs:union memberTypes="xStringPatternExtensionType DefinedRelationType"/>
- </xs:simpleType>
- <xs:simpleType name="DefinedAlternativeNameTypeType">
- <xs:annotation>
- <xs:documentation>known types of alternative names</xs:documentation>
- </xs:annotation>
- <xs:restriction base="xs:string">
- <xs:enumeration value="ArtistName"/>
- <xs:enumeration value="NickName"/>
- <xs:enumeration value="FormerName"/>
- <xs:enumeration value="Alias"/>
- <xs:enumeration value="MaidenName"/>
- </xs:restriction>
- </xs:simpleType>
- <xs:simpleType name="AlternativeNameTypeType">
- <xs:annotation>
- <xs:documentation>known + any other alternative name types</xs:documentation>
- </xs:annotation>
- <xs:union memberTypes="xStringPatternExtensionType DefinedAlternativeNameTypeType"/>
- </xs:simpleType>
- <!-- ### additional data types for ZMR address #### -->
- <xs:simpleType name="FederalStateType">
- <xs:annotation>
- <xs:documentation>zmr use only</xs:documentation>
- </xs:annotation>
- <xs:restriction base="xs:string">
- <xs:enumeration value="Wien"/>
- <xs:enumeration value="Niederösterreich"/>
- <xs:enumeration value="Burgenland"/>
- <xs:enumeration value="Oberösterreich"/>
- <xs:enumeration value="Steiermark"/>
- <xs:enumeration value="Salzburg"/>
- <xs:enumeration value="Kärnten"/>
- <xs:enumeration value="Tirol"/>
- <xs:enumeration value="Vorarlberg"/>
- </xs:restriction>
- </xs:simpleType>
- <!-- ### strings of defined maximum lenght for use with ZMR address ###-->
- <xs:simpleType name="string3">
- <xs:restriction base="xs:string">
- <xs:maxLength value="3"/>
- </xs:restriction>
- </xs:simpleType>
- <xs:simpleType name="string4">
- <xs:restriction base="xs:string">
- <xs:maxLength value="4"/>
- </xs:restriction>
- </xs:simpleType>
- <xs:simpleType name="string7">
- <xs:restriction base="xs:string">
- <xs:maxLength value="7"/>
- </xs:restriction>
- </xs:simpleType>
- <xs:simpleType name="string20">
- <xs:restriction base="xs:string">
- <xs:maxLength value="20"/>
- </xs:restriction>
- </xs:simpleType>
- <xs:simpleType name="string30">
- <xs:restriction base="xs:string">
- <xs:maxLength value="30"/>
- </xs:restriction>
- </xs:simpleType>
- <xs:simpleType name="string50">
- <xs:restriction base="xs:string">
- <xs:maxLength value="50"/>
- </xs:restriction>
- </xs:simpleType>
- <xs:simpleType name="string100">
- <xs:restriction base="xs:string">
- <xs:maxLength value="100"/>
- </xs:restriction>
- </xs:simpleType>
- <xs:simpleType name="integer5">
- <xs:restriction base="xs:integer">
- <xs:minInclusive value="10000"/>
- <xs:maxInclusive value="99999"/>
- </xs:restriction>
- </xs:simpleType>
-</xs:schema>
diff --git a/common/src/main/resources/resources/schemas/PersonName-1_2.xsd b/common/src/main/resources/resources/schemas/PersonName-1_2.xsd deleted file mode 100644 index 347ed3d7f..000000000 --- a/common/src/main/resources/resources/schemas/PersonName-1_2.xsd +++ /dev/null @@ -1,115 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?>
-<!-- CHANGES from original HR-XML schema for use with PersonData.xsd:
- * elementFormDefault set to "qualified" -->
-<!--
-"Copyright The HR-XML Consortium. All Rights Reserved. http://www.hr-xml.org"
-Name: PersonName-1_2.xsd, Second Edition
-Status: Recommendation
-Date this version: 2001-12-17
-Date last version: 2001-09-05
-Purpose: Defines the schema for PersonName
-Author(s): Paul Kiel, Kim Bartkus, CPO Workgroup
-
-Note: This Second Edition corrects an inconsistency between the schema in this xsd file and the schema in the pdf documentation. The documentation is correct. This schema was changed in syntax only, not functionality. When adding attributes to elements, "xsd:restriction" was used. This Second Edition correctly changes it to "xsd:extension".
-
-This HR-XML Consortium Work (including specifications, documents,
-software, and related items) is provided by the copyright holders
-under the following license. By obtaining, using and/or copying
-this work, you (the licensee) agree that you have read, understood,
-and will comply with the following terms and conditions.
-
-Permission to use, copy, modify, or redistribute this Work and
-its documentation, with or without modification, for any purpose
-and without fee or royalty is hereby granted, provided that you
-include the following on ALL copies of the software and
-documentation or portions thereof, including modifications,
-that you make:
-
-1. This notice: "Copyright The HR-XML Consortium. All Rights
- Reserved. http://www.hr-xml.org"
-2. Notice of any changes or modifications to the The HR-XML
- Consortium files.
-
-THIS WORK, INCLUDING SPECIFICATIONS, DOCUMENTS, SOFTWARE, OR OTHER
-RELATED ITEMS, IS PROVIDED "AS IS," AND COPYRIGHT HOLDERS MAKE NO
-REPRESENTATIONS OR WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT
-NOT LIMITED TO, WARRANTIES OF MERCHANTABILITY OR FITNESS FOR ANY
-PARTICULAR PURPOSE OR THAT THE USE OF THE SOFTWARE OR DOCUMENTATION
-WILL NOT INFRINGE ANY THIRD PARTY PATENTS, COPYRIGHTS, TRADEMARKS
-OR OTHER RIGHTS.
-
-COPYRIGHT HOLDERS WILL NOT BE LIABLE FOR ANY DIRECT, INDIRECT,
-SPECIAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF ANY USE OF THE
-SOFTWARE OR DOCUMENTATION.
-
-TITLE TO COPYRIGHT IN THIS WORK AND ANY ASSOCIATED DOCUMENTATION
-WILL AT ALL TIMES REMAIN WITH COPYRIGHT HOLDERS.
--->
-<xsd:schema xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" elementFormDefault="qualified" attributeFormDefault="unqualified">
- <xsd:complexType name="PersonNameType">
- <xsd:sequence>
- <xsd:element name="FormattedName" minOccurs="0" maxOccurs="unbounded">
- <xsd:complexType>
- <xsd:simpleContent>
- <xsd:extension base="xsd:string">
- <xsd:attribute name="type" default="presentation">
- <xsd:simpleType>
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="presentation"/>
- <xsd:enumeration value="legal"/>
- <xsd:enumeration value="sortOrder"/>
- </xsd:restriction>
- </xsd:simpleType>
- </xsd:attribute>
- </xsd:extension>
- </xsd:simpleContent>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="LegalName" type="xsd:string" minOccurs="0"/>
- <xsd:element name="GivenName" type="xsd:string" minOccurs="0" maxOccurs="unbounded"/>
- <xsd:element name="PreferredGivenName" type="xsd:string" minOccurs="0"/>
- <xsd:element name="MiddleName" type="xsd:string" minOccurs="0"/>
- <xsd:element name="FamilyName" minOccurs="0" maxOccurs="unbounded">
- <xsd:complexType>
- <xsd:simpleContent>
- <xsd:extension base="xsd:string">
- <xsd:attribute name="primary" default="undefined">
- <xsd:simpleType>
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="true"/>
- <xsd:enumeration value="false"/>
- <xsd:enumeration value="undefined"/>
- </xsd:restriction>
- </xsd:simpleType>
- </xsd:attribute>
- <xsd:attribute name="prefix" type="xsd:string"/>
- </xsd:extension>
- </xsd:simpleContent>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="Affix" minOccurs="0" maxOccurs="unbounded">
- <xsd:complexType>
- <xsd:simpleContent>
- <xsd:extension base="xsd:string">
- <xsd:attribute name="type" use="required">
- <xsd:simpleType>
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="academicGrade"/>
- <xsd:enumeration value="aristocraticPrefix"/>
- <xsd:enumeration value="aristocraticTitle"/>
- <xsd:enumeration value="familyNamePrefix"/>
- <xsd:enumeration value="familyNameSuffix"/>
- <xsd:enumeration value="formOfAddress"/>
- <xsd:enumeration value="generation"/>
- <xsd:enumeration value="qualification"/>
- </xsd:restriction>
- </xsd:simpleType>
- </xsd:attribute>
- </xsd:extension>
- </xsd:simpleContent>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:element name="PersonName" type="PersonNameType"/>
-</xsd:schema>
diff --git a/common/src/main/resources/resources/schemas/PostalAddress-1_2.xsd b/common/src/main/resources/resources/schemas/PostalAddress-1_2.xsd deleted file mode 100644 index b3d89abbb..000000000 --- a/common/src/main/resources/resources/schemas/PostalAddress-1_2.xsd +++ /dev/null @@ -1,95 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?>
-<!-- CHANGES from original HR-XML schema for use with PersonData.xsd:
- * elementFormDefault set to "qualified"
- * CountryCode set to minOccurs="0" -->
-<!--
-"Copyright The HR-XML Consortium. All Rights Reserved. http://www.hr-xml.org"
-Name: PostalAddress-1_2.xsd
-Status: Recommendation
-Date this version: 2001-08-20
-Date last version: 2001-07-20
-Purpose: Defines the schema for Postal Address
-Author(s): Paul Kiel, Kim Bartkus, CPO Workgroup
-
-This HR-XML Consortium Work (including specifications, documents,
-software, and related items) is provided by the copyright holders
-under the following license. By obtaining, using and/or copying
-this work, you (the licensee) agree that you have read, understood,
-and will comply with the following terms and conditions.
-
-Permission to use, copy, modify, or redistribute this Work and
-its documentation, with or without modification, for any purpose
-and without fee or royalty is hereby granted, provided that you
-include the following on ALL copies of the software and
-documentation or portions thereof, including modifications,
-that you make:
-
-1. This notice: "Copyright The HR-XML Consortium. All Rights
- Reserved. http://www.hr-xml.org"
-2. Notice of any changes or modifications to the The HR-XML
- Consortium files.
-
-THIS WORK, INCLUDING SPECIFICATIONS, DOCUMENTS, SOFTWARE, OR OTHER
-RELATED ITEMS, IS PROVIDED "AS IS," AND COPYRIGHT HOLDERS MAKE NO
-REPRESENTATIONS OR WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT
-NOT LIMITED TO, WARRANTIES OF MERCHANTABILITY OR FITNESS FOR ANY
-PARTICULAR PURPOSE OR THAT THE USE OF THE SOFTWARE OR DOCUMENTATION
-WILL NOT INFRINGE ANY THIRD PARTY PATENTS, COPYRIGHTS, TRADEMARKS
-OR OTHER RIGHTS.
-
-COPYRIGHT HOLDERS WILL NOT BE LIABLE FOR ANY DIRECT, INDIRECT,
-SPECIAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF ANY USE OF THE
-SOFTWARE OR DOCUMENTATION.
-
-TITLE TO COPYRIGHT IN THIS WORK AND ANY ASSOCIATED DOCUMENTATION
-WILL AT ALL TIMES REMAIN WITH COPYRIGHT HOLDERS.
--->
-<xsd:schema xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" elementFormDefault="qualified" attributeFormDefault="unqualified">
- <xsd:include schemaLocation="PersonName-1_2.xsd"/>
- <xsd:complexType name="PostalAddressType">
- <xsd:sequence>
- <xsd:element name="CountryCode" minOccurs="0">
- <xsd:simpleType>
- <xsd:restriction base="xsd:string">
- <xsd:pattern value="[A-Z]{2}"/>
- </xsd:restriction>
- </xsd:simpleType>
- </xsd:element>
- <xsd:element name="PostalCode" type="xsd:string" minOccurs="0"/>
- <xsd:element name="Region" type="xsd:string" minOccurs="0" maxOccurs="unbounded"/>
- <xsd:element name="Municipality" type="xsd:string" minOccurs="0"/>
- <xsd:element name="DeliveryAddress" minOccurs="0">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="AddressLine" type="xsd:string" minOccurs="0" maxOccurs="unbounded"/>
- <xsd:element name="StreetName" type="xsd:string" minOccurs="0"/>
- <xsd:element name="BuildingNumber" type="xsd:string" minOccurs="0"/>
- <xsd:element name="Unit" type="xsd:string" minOccurs="0"/>
- <xsd:element name="PostOfficeBox" type="xsd:string" minOccurs="0"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- <xsd:element name="Recipient" minOccurs="0" maxOccurs="unbounded">
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="PersonName" type="PersonNameType" minOccurs="0"/>
- <xsd:element name="AdditionalText" type="xsd:string" minOccurs="0" maxOccurs="unbounded"/>
- <xsd:element name="Organization" type="xsd:string" minOccurs="0"/>
- <xsd:element name="OrganizationName" type="xsd:string" minOccurs="0"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- <xsd:attribute name="type" default="undefined">
- <xsd:simpleType>
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="postOfficeBoxAddress"/>
- <xsd:enumeration value="streetAddress"/>
- <xsd:enumeration value="militaryAddress"/>
- <xsd:enumeration value="undefined"/>
- </xsd:restriction>
- </xsd:simpleType>
- </xsd:attribute>
- </xsd:complexType>
- <xsd:element name="PostalAddress" type="PostalAddressType"/>
-</xsd:schema>
diff --git a/common/src/main/resources/resources/schemas/TelcomNumber-1_0.xsd b/common/src/main/resources/resources/schemas/TelcomNumber-1_0.xsd deleted file mode 100644 index f89702aeb..000000000 --- a/common/src/main/resources/resources/schemas/TelcomNumber-1_0.xsd +++ /dev/null @@ -1,89 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?>
-<!-- CHANGES from original HR-XML schema for use with PersonData.xsd:
- * elementFormDefault set to "qualified" -->
-<!--
-"Copyright The HR-XML Consortium. All Rights Reserved. http://www.hr-xml.org"
-Name: TelcomNumber-1_0.xsd
-Status:Recommendation
-Date this version: 2002-01-31
-Date last version: 2001-12-20
-Purpose: Schema for Telecommunications data.
-Author(s): Don Simonson, Robert Half Int'l., CPO Workgroup
-
-This HR-XML Consortium Work (including specifications, documents,
-software, and related items) is provided by the copyright holders
-under the following license. By obtaining, using and/or copying
-this work, you (the licensee) agree that you have read, understood,
-and will comply with the following terms and conditions.
-
-Permission to use, copy, modify, or redistribute this Work and
-its documentation, with or without modification, for any purpose
-and without fee or royalty is hereby granted, provided that you
-include the following on ALL copies of the software and
-documentation or portions thereof, including modifications,
-that you make:
-
-1. This notice: "Copyright The HR-XML Consortium. All Rights
- Reserved. http://www.hr-xml.org"
-2. Notice of any changes or modifications to the The HR-XML
- Consortium files.
-
-THIS WORK, INCLUDING SPECIFICATIONS, DOCUMENTS, SOFTWARE, OR OTHER
-RELATED ITEMS, IS PROVIDED "AS IS," AND COPYRIGHT HOLDERS MAKE NO
-REPRESENTATIONS OR WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT
-NOT LIMITED TO, WARRANTIES OF MERCHANTABILITY OR FITNESS FOR ANY
-PARTICULAR PURPOSE OR THAT THE USE OF THE SOFTWARE OR DOCUMENTATION
-WILL NOT INFRINGE ANY THIRD PARTY PATENTS, COPYRIGHTS, TRADEMARKS
-OR OTHER RIGHTS.
-
-COPYRIGHT HOLDERS WILL NOT BE LIABLE FOR ANY DIRECT, INDIRECT,
-SPECIAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF ANY USE OF THE
-SOFTWARE OR DOCUMENTATION.
-
-TITLE TO COPYRIGHT IN THIS WORK AND ANY ASSOCIATED DOCUMENTATION
-WILL AT ALL TIMES REMAIN WITH COPYRIGHT HOLDERS.
--->
-<xsd:schema xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" elementFormDefault="qualified" attributeFormDefault="unqualified">
- <xsd:group name="TelcomNumberGroup">
- <xsd:sequence>
- <xsd:element ref="InternationalCountryCode" minOccurs="0"/>
- <xsd:element ref="NationalNumber" minOccurs="0"/>
- <xsd:element ref="AreaCityCode" minOccurs="0"/>
- <xsd:element ref="SubscriberNumber"/>
- <xsd:element ref="Extension" minOccurs="0"/>
- </xsd:sequence>
- </xsd:group>
- <xsd:element name="FormattedNumber" type="xsd:string"/>
- <xsd:element name="InternationalCountryCode" type="xsd:string"/>
- <xsd:element name="NationalNumber" type="xsd:string"/>
- <xsd:element name="AreaCityCode" type="xsd:string"/>
- <xsd:element name="SubscriberNumber" type="xsd:string"/>
- <xsd:complexType name="TelcomNumberType">
- <xsd:choice>
- <xsd:element ref="FormattedNumber"/>
- <xsd:group ref="TelcomNumberGroup"/>
- </xsd:choice>
- </xsd:complexType>
- <xsd:element name="Extension" type="xsd:string"/>
- <xsd:element name="Telephone" type="TelcomNumberType"/>
- <xsd:element name="Mobile" type="MobileTelcomNumberType"/>
- <xsd:element name="Fax" type="TelcomNumberType"/>
- <xsd:element name="Pager" type="TelcomNumberType"/>
- <xsd:element name="TTYTDD" type="TelcomNumberType"/>
- <xsd:complexType name="MobileTelcomNumberType">
- <xsd:complexContent>
- <xsd:extension base="TelcomNumberType">
- <xsd:attribute name="smsEnabled" type="xsd:boolean" use="optional"/>
- </xsd:extension>
- </xsd:complexContent>
- </xsd:complexType>
- <xsd:complexType name="TelcomNumberListType">
- <xsd:sequence>
- <xsd:element ref="Telephone" minOccurs="0"/>
- <xsd:element ref="Mobile" minOccurs="0"/>
- <xsd:element ref="Fax" minOccurs="0"/>
- <xsd:element ref="Pager" minOccurs="0"/>
- <xsd:element ref="TTYTDD" minOccurs="0"/>
- </xsd:sequence>
- </xsd:complexType>
-</xsd:schema>
diff --git a/common/src/main/resources/resources/schemas/XAdES-1.1.1.xsd b/common/src/main/resources/resources/schemas/XAdES-1.1.1.xsd deleted file mode 100644 index 718061048..000000000 --- a/common/src/main/resources/resources/schemas/XAdES-1.1.1.xsd +++ /dev/null @@ -1,545 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?>
-<xsd:schema targetNamespace="http://uri.etsi.org/01903/v1.1.1#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://uri.etsi.org/01903/v1.1.1#"
-xmlns:ds="http://www.w3.org/2000/09/xmldsig#" elementFormDefault="qualified">
-
- <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd"/>
-
-<!-- Start auxiliary types definitions: AnyType, ObjectIdentifierType,
-EncapsulatedPKIDataType and TimestampType-->
-
-<!-- Start AnyType -->
-
- <xsd:element name="Any" type="AnyType"/>
- <xsd:complexType name="AnyType" mixed="true">
- <xsd:sequence>
- <xsd:any namespace="##any"/>
- </xsd:sequence>
- <xsd:anyAttribute namespace="##any"/>
- </xsd:complexType>
-
-<!-- End AnyType -->
-
-<!-- Start ObjectIdentifierType-->
-
- <xsd:element name="ObjectIdentifier" type="ObjectIdentifierType"/>
- <xsd:complexType name="ObjectIdentifierType">
- <xsd:sequence>
- <xsd:element name="Identifier" type="IdentifierType"/>
- <xsd:element name="Description" type="xsd:string" minOccurs="0"/>
- <xsd:element name="DocumentationReferences" type="DocumentationReferencesType" minOccurs="0"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="IdentifierType">
- <xsd:simpleContent>
- <xsd:extension base="xsd:anyURI">
- <xsd:attribute name="Qualifier" type="QualifierType" use="optional"/>
- </xsd:extension>
- </xsd:simpleContent>
- </xsd:complexType>
- <xsd:simpleType name="QualifierType">
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="OIDAsURI"/>
- <xsd:enumeration value="OIDAsURN"/>
- </xsd:restriction>
- </xsd:simpleType>
- <xsd:complexType name="DocumentationReferencesType">
- <xsd:sequence maxOccurs="unbounded">
- <xsd:element name="DocumentationReference" type="xsd:anyURI"/>
- </xsd:sequence>
- </xsd:complexType>
-
-<!-- End ObjectIdentifierType-->
-
-<!-- Start EncapsulatedPKIDataType-->
-
- <xsd:element name="EncapsulatedPKIData" type="EncapsulatedPKIDataType"/>
- <xsd:complexType name="EncapsulatedPKIDataType">
- <xsd:simpleContent>
- <xsd:extension base="xsd:base64Binary">
- <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
- </xsd:extension>
- </xsd:simpleContent>
- </xsd:complexType>
-
-<!-- End EncapsulatedPKIDataType -->
-
-<!-- Start TimeStampType -->
-
- <xsd:element name="TimeStamp" type="TimeStampType"/>
- <xsd:complexType name="TimeStampType">
- <xsd:sequence>
- <xsd:element name="HashDataInfo" type="HashDataInfoType" maxOccurs="unbounded"/>
- <xsd:choice>
- <xsd:element name="EncapsulatedTimeStamp" type="EncapsulatedPKIDataType"/>
- <xsd:element name="XMLTimeStamp" type="AnyType"/>
- </xsd:choice>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="HashDataInfoType">
- <xsd:sequence>
- <xsd:element name="Transforms" type="ds:TransformsType" minOccurs="0"/>
- </xsd:sequence>
- <xsd:attribute name="uri" type="xsd:anyURI" use="required"/>
- </xsd:complexType>
-
-<!-- End TimeStampType -->
-
-<!-- End auxiliary types definitions-->
-
-<!-- Start container types -->
-
-<!-- Start QualifyingProperties -->
-
- <xsd:element name="QualifyingProperties" type="QualifyingPropertiesType"/>
-
- <xsd:complexType name="QualifyingPropertiesType">
- <xsd:sequence>
- <xsd:element name="SignedProperties" type="SignedPropertiesType" minOccurs="0"/>
- <xsd:element name="UnsignedProperties" type="UnsignedPropertiesType" minOccurs="0"/>
- </xsd:sequence>
- <xsd:attribute name="Target" type="xsd:anyURI" use="required"/>
- <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
- </xsd:complexType>
-
-<!-- End QualifyingProperties -->
-
-<!-- Start SignedProperties-->
-
- <xsd:element name="SignedProperties" type="SignedPropertiesType"/>
-
- <xsd:complexType name="SignedPropertiesType">
- <xsd:sequence>
- <xsd:element name="SignedSignatureProperties" type="SignedSignaturePropertiesType"/>
- <xsd:element name="SignedDataObjectProperties" type="SignedDataObjectPropertiesType" minOccurs="0"/>
- </xsd:sequence>
- <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
- </xsd:complexType>
-
-<!-- End SignedProperties-->
-
-<!-- Start UnsignedProperties-->
-
-<xsd:element name="UnsignedProperties" type="UnsignedPropertiesType" />
-
- <xsd:complexType name="UnsignedPropertiesType">
- <xsd:sequence>
- <xsd:element name="UnsignedSignatureProperties"
- type="UnsignedSignaturePropertiesType" minOccurs="0"/>
- <xsd:element name="UnsignedDataObjectProperties"
- type="UnsignedDataObjectPropertiesType" minOccurs="0"/>
- </xsd:sequence>
- <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
- </xsd:complexType>
-
-<!-- End UnsignedProperties-->
-
-<!-- Start SignedSignatureProperties-->
-
-<xsd:element name="SignedSignatureProperties"
- type="SignedSignaturePropertiesType" />
-
-<xsd:complexType name="SignedSignaturePropertiesType">
- <xsd:sequence>
- <xsd:element name="SigningTime" type="xsd:dateTime"/>
- <xsd:element name="SigningCertificate" type="CertIDListType"/>
- <xsd:element name="SignaturePolicyIdentifier"
- type="SignaturePolicyIdentifierType"/>
- <xsd:element name="SignatureProductionPlace" type="SignatureProductionPlaceType"
- minOccurs="0"/>
- <xsd:element name="SignerRole" type="SignerRoleType" minOccurs="0"/>
- </xsd:sequence>
-</xsd:complexType>
-
-<!-- End SignedSignatureProperties-->
-
-
-<!-- Start SignedDataObjectProperties-->
-
-<xsd:element name="SignedDataObjectProperties"
- type="SignedDataObjectPropertiesType"/>
-
-<xsd:complexType name="SignedDataObjectPropertiesType">
- <xsd:sequence>
- <xsd:element name="DataObjectFormat" type="DataObjectFormatType"
- minOccurs="0" maxOccurs="unbounded"/>
- <xsd:element name="CommitmentTypeIndication"
- type="CommitmentTypeIndicationType" minOccurs="0"
- maxOccurs="unbounded"/>
- <xsd:element name="AllDataObjectsTimeStamp" type="TimeStampType"
- minOccurs="0" maxOccurs="unbounded"/>
- <xsd:element name="IndividualDataObjectsTimeStamp" type="TimeStampType"
- minOccurs="0" maxOccurs="unbounded"/>
- </xsd:sequence>
-</xsd:complexType>
-
-<!-- End SignedDataObjectProperties-->
-
-
-<!-- Start UnsignedSignatureProperties-->
-
-<xsd:element name="UnsignedSignatureProperties"
- type="UnsignedSignaturePropertiesType"/>
-
-<xsd:complexType name="UnsignedSignaturePropertiesType">
- <xsd:sequence>
- <xsd:element name="CounterSignature" type="CounterSignatureType"
- minOccurs="0" maxOccurs="unbounded"/>
- <xsd:element name="SignatureTimeStamp" type="TimeStampType"
- minOccurs="0" maxOccurs="unbounded"/>
- <xsd:element name="CompleteCertificateRefs"
- type="CompleteCertificateRefsType" minOccurs="0"/>
- <xsd:element name="CompleteRevocationRefs"
- type="CompleteRevocationRefsType" minOccurs="0"/>
- <xsd:choice>
- <xsd:element name="SigAndRefsTimeStamp" type="TimeStampType"
- minOccurs="0" maxOccurs="unbounded"/>
- <xsd:element name="RefsOnlyTimeStamp" type="TimeStampType"
- minOccurs="0" maxOccurs="unbounded"/>
- </xsd:choice>
- <xsd:element name="CertificateValues" type="CertificateValuesType"
- minOccurs="0"/>
- <xsd:element name="RevocationValues" type="RevocationValuesType"
- minOccurs="0"/>
- <xsd:element name="ArchiveTimeStamp" type="TimeStampType"
- minOccurs="0" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
-
-
-<!-- End UnsignedSignatureProperties-->
-
-
-<!-- Start UnsignedDataObjectProperties-->
-
-<xsd:element name="UnsignedDataObjectProperties"
- type="UnsignedDataObjectPropertiesType" />
-
-<xsd:complexType name="UnsignedDataObjectPropertiesType">
- <xsd:sequence>
- <xsd:element name="UnsignedDataObjectProperty" type="AnyType"
- minOccurs="0" maxOccurs="unbounded"/>
- </xsd:sequence>
-</xsd:complexType>
-
-<!-- End UnsignedDataObjectProperties-->
-
-<!-- Start QualifyingPropertiesReference-->
-
-<xsd:element name="QualifyingPropertiesReference"
- type="QualifyingPropertiesReferenceType"/>
-
-<xsd:complexType name="QualifyingPropertiesReferenceType">
- <xsd:sequence>
- <xsd:element name="Transforms" type="ds:TransformsType" minOccurs="0"/>
- </xsd:sequence>
- <xsd:attribute name="URI" type="xsd:anyURI" use="required"/>
- <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
-</xsd:complexType>
-
-<!-- End QualifyingPropertiesReference-->
-
-<!-- End container types -->
-
-
-<!-- Start SigningTime element -->
- <xsd:element name="SigningTime" type="xsd:dateTime"/>
-
-<!-- End SigningTime element -->
-
-<!-- Start SigningCertificate -->
- <xsd:element name="SigningCertificate" type="CertIDListType"/>
- <xsd:complexType name="CertIDListType">
- <xsd:sequence>
- <xsd:element name="Cert" type="CertIDType" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="CertIDType">
- <xsd:sequence>
- <xsd:element name="CertDigest" type="DigestAlgAndValueType"/>
- <xsd:element name="IssuerSerial" type="ds:X509IssuerSerialType"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="DigestAlgAndValueType">
- <xsd:sequence>
- <xsd:element name="DigestMethod" type="ds:DigestMethodType"/>
- <xsd:element name="DigestValue" type="ds:DigestValueType"/>
- </xsd:sequence>
- </xsd:complexType>
-
-<!-- End SigningCertificate -->
-
-<!-- Start SignaturePolicyIdentifier -->
-
- <xsd:element name="SignaturePolicyIdentifier" type="SignaturePolicyIdentifierType"/>
- <xsd:complexType name="SignaturePolicyIdentifierType">
- <xsd:choice>
- <xsd:element name="SignaturePolicyId" type="SignaturePolicyIdType"/>
- <xsd:element name="SignaturePolicyImplied"/>
- </xsd:choice>
- </xsd:complexType>
- <xsd:complexType name="SignaturePolicyIdType">
- <xsd:sequence>
- <xsd:element name="SigPolicyId" type="ObjectIdentifierType"/>
- <xsd:element ref="ds:Transforms" minOccurs="0"/>
- <xsd:element name="SigPolicyHash" type="DigestAlgAndValueType"/>
- <xsd:element name="SigPolicyQualifiers" type="SigPolicyQualifiersListType" minOccurs="0"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="SigPolicyQualifiersListType">
- <xsd:sequence>
- <xsd:element name="SigPolicyQualifier" type="AnyType" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:element name="SPURI" type="xsd:anyURI"/>
- <xsd:element name="SPUserNotice" type="SPUserNoticeType"/>
- <xsd:complexType name="SPUserNoticeType">
- <xsd:sequence>
- <xsd:element name="NoticeRef" type="NoticeReferenceType" minOccurs="0"/>
- <xsd:element name="ExplicitText" type="xsd:string" minOccurs="0"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="NoticeReferenceType">
- <xsd:sequence>
- <xsd:element name="Organization" type="xsd:string"/>
- <xsd:element name="NoticeNumbers" type="IntegerListType"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="IntegerListType">
- <xsd:sequence>
- <xsd:element name="int" type="xsd:integer" minOccurs="0" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
-
-<!-- End SignaturePolicyIdentifier -->
-
-
-<!-- Start CounterSignature -->
- <xsd:element name="CounterSignature" type="CounterSignatureType"/>
- <xsd:complexType name="CounterSignatureType">
- <xsd:sequence>
- <xsd:element ref="ds:Signature"/>
- </xsd:sequence>
- </xsd:complexType>
-
-<!-- End CounterSignature -->
-
-<!-- Start DataObjectFormat -->
-
- <xsd:element name="DataObjectFormat" type="DataObjectFormatType"/>
- <xsd:complexType name="DataObjectFormatType">
- <xsd:sequence>
- <xsd:element name="Description" type="xsd:string" minOccurs="0"/>
- <xsd:element name="ObjectIdentifier" type="ObjectIdentifierType" minOccurs="0"/>
- <xsd:element name="MimeType" type="xsd:string" minOccurs="0"/>
- <xsd:element name="Encoding" type="xsd:anyURI" minOccurs="0"/>
- </xsd:sequence>
- <xsd:attribute name="ObjectReference" type="xsd:anyURI" use="required"/>
- </xsd:complexType>
-
-<!-- End DataObjectFormat -->
-
-<!-- Start CommitmentTypeIndication -->
-
- <xsd:element name="CommitmentTypeIndication" type="CommitmentTypeIndicationType"/>
- <xsd:complexType name="CommitmentTypeIndicationType">
- <xsd:sequence>
- <xsd:element name="CommitmentTypeId" type="ObjectIdentifierType"/>
- <xsd:choice>
- <xsd:element name="ObjectReference" type="xsd:anyURI" minOccurs="0" maxOccurs="unbounded"/>
- <xsd:element name="AllSignedDataObjects"/>
- </xsd:choice>
- <xsd:element name="CommitmentTypeQualifiers" type="CommitmentTypeQualifiersListType" minOccurs="0"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="CommitmentTypeQualifiersListType">
- <xsd:sequence>
- <xsd:element name="CommitmentTypeQualifier" type="AnyType" minOccurs="0" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
-
-<!-- End CommitmentTypeIndication -->
-
-<!-- Start SignatureProductionPlace -->
-
- <xsd:element name="SignatureProductionPlace" type="SignatureProductionPlaceType"/>
- <xsd:complexType name="SignatureProductionPlaceType">
- <xsd:sequence>
- <xsd:element name="City" type="xsd:string" minOccurs="0"/>
- <xsd:element name="StateOrProvince" type="xsd:string" minOccurs="0"/>
- <xsd:element name="PostalCode" type="xsd:string" minOccurs="0"/>
- <xsd:element name="CountryName" type="xsd:string" minOccurs="0"/>
- </xsd:sequence>
- </xsd:complexType>
-
-<!-- End SignatureProductionPlace -->
-
-<!-- Start SignerRole -->
-
-<xsd:element name="SignerRole" type="SignerRoleType"/>
-<xsd:complexType name="SignerRoleType">
- <xsd:sequence>
- <xsd:element name="ClaimedRoles" type="ClaimedRolesListType"
- minOccurs="0"/>
- <xsd:element name="CertifiedRoles" type="CertifiedRolesListType"
- minOccurs="0"/>
- </xsd:sequence>
-</xsd:complexType>
-
-<xsd:complexType name="ClaimedRolesListType">
- <xsd:sequence>
- <xsd:element name="ClaimedRole" type="AnyType" maxOccurs="unbounded"/>
- </xsd:sequence>
-</xsd:complexType>
-
-<xsd:complexType name="CertifiedRolesListType">
- <xsd:sequence>
- <xsd:element name="CertifiedRole" type="EncapsulatedPKIDataType"
- maxOccurs="unbounded"/>
- </xsd:sequence>
-</xsd:complexType>
-
-<!-- End SignerRole -->
-
-
- <xsd:element name="AllDataObjectsTimeStamp" type="TimeStampType"/>
-
- <xsd:element name="IndividualDataObjectsTimeStamp" type="TimeStampType"/>
-
- <xsd:element name="SignatureTimeStamp" type="TimeStampType"/>
-
-<!-- Start CompleteCertificateRefs -->
-
-<xsd:element name="CompleteCertificateRefs" type="CompleteCertificateRefsType"/>
-
-<xsd:complexType name="CompleteCertificateRefsType">
- <xsd:sequence>
- <xsd:element name="CertRefs" type="CertIDListType" />
- </xsd:sequence>
- <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
-</xsd:complexType>
-
-<!-- End CompleteCertificateRefs -->
-
-
-<!-- Start CompleteRevocationRefs-->
-
-<xsd:element name="CompleteRevocationRefs" type="CompleteRevocationRefsType"/>
-
-<xsd:complexType name="CompleteRevocationRefsType">
- <xsd:sequence>
- <xsd:element name="CRLRefs" type="CRLRefsType" minOccurs="0"/>
- <xsd:element name="OCSPRefs" type="OCSPRefsType" minOccurs="0"/>
- <xsd:element name="OtherRefs" type="OtherCertStatusRefsType" minOccurs="0"/>
- </xsd:sequence>
- <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
-</xsd:complexType>
-
-<xsd:complexType name="CRLRefsType">
- <xsd:sequence>
- <xsd:element name="CRLRef" type="CRLRefType" maxOccurs="unbounded"/>
- </xsd:sequence>
-</xsd:complexType>
-
-<xsd:complexType name="CRLRefType">
- <xsd:sequence>
- <xsd:element name="DigestAlgAndValue" type="DigestAlgAndValueType"/>
- <xsd:element name="CRLIdentifier" type="CRLIdentifierType" minOccurs="0"/>
- </xsd:sequence>
-</xsd:complexType>
-
-<xsd:complexType name="CRLIdentifierType">
- <xsd:sequence>
- <xsd:element name="Issuer" type="xsd:string"/>
- <xsd:element name="IssueTime" type="xsd:dateTime" />
- <xsd:element name="Number" type="xsd:integer" minOccurs="0"/>
- </xsd:sequence>
- <xsd:attribute name="URI" type="xsd:anyURI" use="optional"/>
-</xsd:complexType>
-
-<xsd:complexType name="OCSPRefsType">
- <xsd:sequence>
- <xsd:element name="OCSPRef" type="OCSPRefType" maxOccurs="unbounded"/>
- </xsd:sequence>
-</xsd:complexType>
-
-<xsd:complexType name="OCSPRefType">
- <xsd:sequence>
- <xsd:element name="OCSPIdentifier" type="OCSPIdentifierType"/>
- <xsd:element name="DigestAlgAndValue" type="DigestAlgAndValueType"
- minOccurs="0"/>
- </xsd:sequence>
-</xsd:complexType>
-
-<xsd:complexType name="OCSPIdentifierType">
- <xsd:sequence>
- <xsd:element name="ResponderID" type="xsd:string"/>
- <xsd:element name="ProducedAt" type="xsd:dateTime"/>
- </xsd:sequence>
- <xsd:attribute name="URI" type="xsd:anyURI" use="optional"/>
-</xsd:complexType>
-
-<xsd:complexType name="OtherCertStatusRefsType">
- <xsd:sequence>
- <xsd:element name="OtherRef" type="AnyType" maxOccurs="unbounded"/>
- </xsd:sequence>
-</xsd:complexType>
-
-<!-- End CompleteRevocationRefs-->
-
-
-<xsd:element name="SigAndRefsTimeStamp" type="TimeStampType"/>
-
-<xsd:element name="RefsOnlyTimeStamp" type="TimeStampType"/>
-
-<!-- Start CertificateValues -->
-
-<xsd:element name="CertificateValues" type="CertificateValuesType"/>
-
-<xsd:complexType name="CertificateValuesType">
- <xsd:choice minOccurs="0" maxOccurs="unbounded">
- <xsd:element name="EncapsulatedX509Certificate" type="EncapsulatedPKIDataType"/>
- <xsd:element name="OtherCertificate" type="AnyType"/>
- </xsd:choice>
- <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
-</xsd:complexType>
-
-<!-- End CertificateValues -->
-
-<!-- Start RevocationValues-->
-
-<xsd:element name="RevocationValues" type="RevocationValuesType"/>
-
-<xsd:complexType name="RevocationValuesType">
- <xsd:sequence>
- <xsd:element name="CRLValues" type="CRLValuesType" minOccurs="0"/>
- <xsd:element name="OCSPValues" type="OCSPValuesType" minOccurs="0"/>
- <xsd:element name="OtherValues" type="OtherCertStatusValuesType" minOccurs="0"/>
- </xsd:sequence>
- <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
-</xsd:complexType>
-
-<xsd:complexType name="CRLValuesType">
- <xsd:sequence>
- <xsd:element name="EncapsulatedCRLValue" type="EncapsulatedPKIDataType"
- maxOccurs="unbounded"/>
- </xsd:sequence>
-</xsd:complexType>
-
-<xsd:complexType name="OCSPValuesType">
- <xsd:sequence>
- <xsd:element name="EncapsulatedOCSPValue"
- type="EncapsulatedPKIDataType" maxOccurs="unbounded"/>
- </xsd:sequence>
-</xsd:complexType>
-<xsd:complexType name="OtherCertStatusValuesType">
- <xsd:sequence>
- <xsd:element name="OtherValue" type="AnyType" maxOccurs="unbounded"/>
- </xsd:sequence>
-</xsd:complexType>
-
-<!-- End RevocationValues-->
-
-<xsd:element name="ArchiveTimeStamp" type="TimeStampType"/>
-
-
-</xsd:schema>
diff --git a/common/src/main/resources/resources/schemas/XAdES-1.2.2.xsd b/common/src/main/resources/resources/schemas/XAdES-1.2.2.xsd deleted file mode 100644 index 80ccf1289..000000000 --- a/common/src/main/resources/resources/schemas/XAdES-1.2.2.xsd +++ /dev/null @@ -1,551 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?>
-<xsd:schema targetNamespace="http://uri.etsi.org/01903/v1.2.2#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://uri.etsi.org/01903/v1.2.2#"
-xmlns:ds="http://www.w3.org/2000/09/xmldsig#" elementFormDefault="qualified">
-
- <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd"/>
-
-<!-- Start auxiliary types definitions: AnyType, ObjectIdentifierType,
-EncapsulatedPKIDataType and TimestampType-->
-
-<!-- Start AnyType -->
-
- <xsd:element name="Any" type="AnyType"/>
- <xsd:complexType name="AnyType" mixed="true">
- <xsd:sequence minOccurs="0" maxOccurs="unbounded">
- <xsd:any namespace="##any" processContents="lax"/>
- </xsd:sequence>
- <xsd:anyAttribute namespace="##any"/>
- </xsd:complexType>
-
-<!-- End AnyType -->
-
-<!-- Start ObjectIdentifierType-->
-
- <xsd:element name="ObjectIdentifier" type="ObjectIdentifierType"/>
- <xsd:complexType name="ObjectIdentifierType">
- <xsd:sequence>
- <xsd:element name="Identifier" type="IdentifierType"/>
- <xsd:element name="Description" type="xsd:string" minOccurs="0"/>
- <xsd:element name="DocumentationReferences" type="DocumentationReferencesType" minOccurs="0"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="IdentifierType">
- <xsd:simpleContent>
- <xsd:extension base="xsd:anyURI">
- <xsd:attribute name="Qualifier" type="QualifierType" use="optional"/>
- </xsd:extension>
- </xsd:simpleContent>
- </xsd:complexType>
- <xsd:simpleType name="QualifierType">
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="OIDAsURI"/>
- <xsd:enumeration value="OIDAsURN"/>
- </xsd:restriction>
- </xsd:simpleType>
- <xsd:complexType name="DocumentationReferencesType">
- <xsd:sequence maxOccurs="unbounded">
- <xsd:element name="DocumentationReference" type="xsd:anyURI"/>
- </xsd:sequence>
- </xsd:complexType>
-
-<!-- End ObjectIdentifierType-->
-
-<!-- Start EncapsulatedPKIDataType-->
-
- <xsd:element name="EncapsulatedPKIData" type="EncapsulatedPKIDataType"/>
- <xsd:complexType name="EncapsulatedPKIDataType">
- <xsd:simpleContent>
- <xsd:extension base="xsd:base64Binary">
- <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
- </xsd:extension>
- </xsd:simpleContent>
- </xsd:complexType>
-
-<!-- End EncapsulatedPKIDataType -->
-
-<!-- Start TimeStampType -->
-
- <xsd:element name="TimeStamp" type="TimeStampType"/>
- <xsd:complexType name="TimeStampType">
- <xsd:sequence>
- <xsd:element name="Include" type="IncludeType" maxOccurs="unbounded"/>
- <xsd:element ref="ds:CanonicalizationMethod" minOccurs="0"/>
- <xsd:choice>
- <xsd:element name="EncapsulatedTimeStamp" type="EncapsulatedPKIDataType"/>
- <xsd:element name="XMLTimeStamp" type="AnyType"/>
- </xsd:choice>
- </xsd:sequence>
- <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
- </xsd:complexType>
-
- <xsd:complexType name="IncludeType">
- <xsd:attribute name="URI" type="xsd:anyURI" use="required"/>
- <xsd:attribute name="referencedData" type="xsd:boolean" use="optional"/>
- </xsd:complexType>
-
-<!-- End TimeStampType -->
-
-<!-- End auxiliary types definitions-->
-
-<!-- Start container types -->
-
-<!-- Start QualifyingProperties -->
-
- <xsd:element name="QualifyingProperties" type="QualifyingPropertiesType"/>
-
- <xsd:complexType name="QualifyingPropertiesType">
- <xsd:sequence>
- <xsd:element name="SignedProperties" type="SignedPropertiesType" minOccurs="0"/>
- <xsd:element name="UnsignedProperties" type="UnsignedPropertiesType" minOccurs="0"/>
- </xsd:sequence>
- <xsd:attribute name="Target" type="xsd:anyURI" use="required"/>
- <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
- </xsd:complexType>
-
-<!-- End QualifyingProperties -->
-
-<!-- Start SignedProperties-->
-
- <xsd:element name="SignedProperties" type="SignedPropertiesType"/>
-
- <xsd:complexType name="SignedPropertiesType">
- <xsd:sequence>
- <xsd:element name="SignedSignatureProperties" type="SignedSignaturePropertiesType"/>
- <xsd:element name="SignedDataObjectProperties" type="SignedDataObjectPropertiesType" minOccurs="0"/>
- </xsd:sequence>
- <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
- </xsd:complexType>
-
-<!-- End SignedProperties-->
-
-<!-- Start UnsignedProperties-->
-
-<xsd:element name="UnsignedProperties" type="UnsignedPropertiesType" />
-
- <xsd:complexType name="UnsignedPropertiesType">
- <xsd:sequence>
- <xsd:element name="UnsignedSignatureProperties"
- type="UnsignedSignaturePropertiesType" minOccurs="0"/>
- <xsd:element name="UnsignedDataObjectProperties"
- type="UnsignedDataObjectPropertiesType" minOccurs="0"/>
- </xsd:sequence>
- <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
- </xsd:complexType>
-
-<!-- End UnsignedProperties-->
-
-<!-- Start SignedSignatureProperties-->
-
-<xsd:element name="SignedSignatureProperties"
- type="SignedSignaturePropertiesType" />
-
-<xsd:complexType name="SignedSignaturePropertiesType">
- <xsd:sequence>
- <xsd:element name="SigningTime" type="xsd:dateTime" minOccurs="0"/>
- <xsd:element name="SigningCertificate" type="CertIDListType" minOccurs="0"/>
- <xsd:element name="SignaturePolicyIdentifier"
-type="SignaturePolicyIdentifierType" minOccurs="0"/>
- <xsd:element name="SignatureProductionPlace" type="SignatureProductionPlaceType"
- minOccurs="0"/>
- <xsd:element name="SignerRole" type="SignerRoleType" minOccurs="0"/>
- </xsd:sequence>
-</xsd:complexType>
-
-<!-- End SignedSignatureProperties-->
-
-
-<!-- Start SignedDataObjectProperties-->
-
-<xsd:element name="SignedDataObjectProperties"
- type="SignedDataObjectPropertiesType"/>
-
-<xsd:complexType name="SignedDataObjectPropertiesType">
- <xsd:sequence>
- <xsd:element name="DataObjectFormat" type="DataObjectFormatType"
- minOccurs="0" maxOccurs="unbounded"/>
- <xsd:element name="CommitmentTypeIndication"
- type="CommitmentTypeIndicationType" minOccurs="0"
- maxOccurs="unbounded"/>
- <xsd:element name="AllDataObjectsTimeStamp" type="TimeStampType"
- minOccurs="0" maxOccurs="unbounded"/>
- <xsd:element name="IndividualDataObjectsTimeStamp" type="TimeStampType"
- minOccurs="0" maxOccurs="unbounded"/>
- </xsd:sequence>
-</xsd:complexType>
-
-<!-- End SignedDataObjectProperties-->
-
-
-<!-- Start UnsignedSignatureProperties-->
-
-<xsd:element name="UnsignedSignatureProperties"
- type="UnsignedSignaturePropertiesType"/>
-
-<xsd:complexType name="UnsignedSignaturePropertiesType">
- <xsd:sequence>
- <xsd:element name="CounterSignature" type="CounterSignatureType"
- minOccurs="0" maxOccurs="unbounded"/>
- <xsd:element name="SignatureTimeStamp" type="TimeStampType"
- minOccurs="0" maxOccurs="unbounded"/>
- <xsd:element name="CompleteCertificateRefs"
- type="CompleteCertificateRefsType" minOccurs="0"/>
- <xsd:element name="CompleteRevocationRefs"
- type="CompleteRevocationRefsType" minOccurs="0"/>
- <xsd:element name="AttributeCertificateRefs"
- type="CompleteCertificateRefsType" minOccurs="0"/>
- <xsd:element name="AttributeRevocationRefs"
- type="CompleteRevocationRefsType" minOccurs="0"/>
- <xsd:choice>
- <xsd:element name="SigAndRefsTimeStamp" type="TimeStampType"
- minOccurs="0" maxOccurs="unbounded"/>
- <xsd:element name="RefsOnlyTimeStamp" type="TimeStampType"
- minOccurs="0" maxOccurs="unbounded"/>
- </xsd:choice>
- <xsd:element name="CertificateValues"
- type="CertificateValuesType" minOccurs="0"/>
- <xsd:element name="RevocationValues" type="RevocationValuesType"
- minOccurs="0"/>
- <xsd:element name="ArchiveTimeStamp" type="TimeStampType"
- minOccurs="0" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
-
-
-<!-- End UnsignedSignatureProperties-->
-
-
-<!-- Start UnsignedDataObjectProperties-->
-
-<xsd:element name="UnsignedDataObjectProperties"
- type="UnsignedDataObjectPropertiesType" />
-
-<xsd:complexType name="UnsignedDataObjectPropertiesType">
- <xsd:sequence>
- <xsd:element name="UnsignedDataObjectProperty" type="AnyType"
- minOccurs="0" maxOccurs="unbounded"/>
- </xsd:sequence>
-</xsd:complexType>
-
-<!-- End UnsignedDataObjectProperties-->
-
-<!-- Start QualifyingPropertiesReference-->
-
-<xsd:element name="QualifyingPropertiesReference"
- type="QualifyingPropertiesReferenceType"/>
-
-<xsd:complexType name="QualifyingPropertiesReferenceType">
- <xsd:sequence>
- <xsd:element ref="ds:Transforms" minOccurs="0"/>
- </xsd:sequence>
- <xsd:attribute name="URI" type="xsd:anyURI" use="required"/>
- <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
-</xsd:complexType>
-
-<!-- End QualifyingPropertiesReference-->
-
-<!-- End container types -->
-
-
-<!-- Start SigningTime element -->
- <xsd:element name="SigningTime" type="xsd:dateTime"/>
-
-<!-- End SigningTime element -->
-
-<!-- Start SigningCertificate -->
- <xsd:element name="SigningCertificate" type="CertIDListType"/>
- <xsd:complexType name="CertIDListType">
- <xsd:sequence>
- <xsd:element name="Cert" type="CertIDType" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="CertIDType">
- <xsd:sequence>
- <xsd:element name="CertDigest" type="DigestAlgAndValueType"/>
- <xsd:element name="IssuerSerial" type="ds:X509IssuerSerialType"/>
- </xsd:sequence>
- <xsd:attribute name="URI" type="xsd:anyURI" use="optional"/>
- </xsd:complexType>
- <xsd:complexType name="DigestAlgAndValueType">
- <xsd:sequence>
- <xsd:element ref="ds:DigestMethod"/>
- <xsd:element ref="ds:DigestValue"/>
- </xsd:sequence>
- </xsd:complexType>
-
-<!-- End SigningCertificate -->
-
-<!-- Start SignaturePolicyIdentifier -->
-
- <xsd:element name="SignaturePolicyIdentifier" type="SignaturePolicyIdentifierType"/>
- <xsd:complexType name="SignaturePolicyIdentifierType">
- <xsd:choice>
- <xsd:element name="SignaturePolicyId" type="SignaturePolicyIdType"/>
- <xsd:element name="SignaturePolicyImplied"/>
- </xsd:choice>
- </xsd:complexType>
- <xsd:complexType name="SignaturePolicyIdType">
- <xsd:sequence>
- <xsd:element name="SigPolicyId" type="ObjectIdentifierType"/>
- <xsd:element ref="ds:Transforms" minOccurs="0"/>
- <xsd:element name="SigPolicyHash" type="DigestAlgAndValueType"/>
- <xsd:element name="SigPolicyQualifiers" type="SigPolicyQualifiersListType" minOccurs="0"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="SigPolicyQualifiersListType">
- <xsd:sequence>
- <xsd:element name="SigPolicyQualifier" type="AnyType" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:element name="SPURI" type="xsd:anyURI"/>
- <xsd:element name="SPUserNotice" type="SPUserNoticeType"/>
- <xsd:complexType name="SPUserNoticeType">
- <xsd:sequence>
- <xsd:element name="NoticeRef" type="NoticeReferenceType" minOccurs="0"/>
- <xsd:element name="ExplicitText" type="xsd:string" minOccurs="0"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="NoticeReferenceType">
- <xsd:sequence>
- <xsd:element name="Organization" type="xsd:string"/>
- <xsd:element name="NoticeNumbers" type="IntegerListType"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="IntegerListType">
- <xsd:sequence>
- <xsd:element name="int" type="xsd:integer" minOccurs="0" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
-
-<!-- End SignaturePolicyIdentifier -->
-
-
-<!-- Start CounterSignature -->
- <xsd:element name="CounterSignature" type="CounterSignatureType"/>
- <xsd:complexType name="CounterSignatureType">
- <xsd:sequence>
- <xsd:element ref="ds:Signature"/>
- </xsd:sequence>
- </xsd:complexType>
-
-<!-- End CounterSignature -->
-
-<!-- Start DataObjectFormat -->
-
- <xsd:element name="DataObjectFormat" type="DataObjectFormatType"/>
- <xsd:complexType name="DataObjectFormatType">
- <xsd:sequence>
- <xsd:element name="Description" type="xsd:string" minOccurs="0"/>
- <xsd:element name="ObjectIdentifier" type="ObjectIdentifierType" minOccurs="0"/>
- <xsd:element name="MimeType" type="xsd:string" minOccurs="0"/>
- <xsd:element name="Encoding" type="xsd:anyURI" minOccurs="0"/>
- </xsd:sequence>
- <xsd:attribute name="ObjectReference" type="xsd:anyURI" use="required"/>
- </xsd:complexType>
-
-<!-- End DataObjectFormat -->
-
-<!-- Start CommitmentTypeIndication -->
-
- <xsd:element name="CommitmentTypeIndication" type="CommitmentTypeIndicationType"/>
- <xsd:complexType name="CommitmentTypeIndicationType">
- <xsd:sequence>
- <xsd:element name="CommitmentTypeId" type="ObjectIdentifierType"/>
- <xsd:choice>
- <xsd:element name="ObjectReference" type="xsd:anyURI" minOccurs="0" maxOccurs="unbounded"/>
- <xsd:element name="AllSignedDataObjects"/>
- </xsd:choice>
- <xsd:element name="CommitmentTypeQualifiers" type="CommitmentTypeQualifiersListType" minOccurs="0"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="CommitmentTypeQualifiersListType">
- <xsd:sequence>
- <xsd:element name="CommitmentTypeQualifier" type="AnyType" minOccurs="0" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
-
-<!-- End CommitmentTypeIndication -->
-
-<!-- Start SignatureProductionPlace -->
-
- <xsd:element name="SignatureProductionPlace" type="SignatureProductionPlaceType"/>
- <xsd:complexType name="SignatureProductionPlaceType">
- <xsd:sequence>
- <xsd:element name="City" type="xsd:string" minOccurs="0"/>
- <xsd:element name="StateOrProvince" type="xsd:string" minOccurs="0"/>
- <xsd:element name="PostalCode" type="xsd:string" minOccurs="0"/>
- <xsd:element name="CountryName" type="xsd:string" minOccurs="0"/>
- </xsd:sequence>
- </xsd:complexType>
-
-<!-- End SignatureProductionPlace -->
-
-<!-- Start SignerRole -->
-
-<xsd:element name="SignerRole" type="SignerRoleType"/>
-<xsd:complexType name="SignerRoleType">
- <xsd:sequence>
- <xsd:element name="ClaimedRoles" type="ClaimedRolesListType"
- minOccurs="0"/>
- <xsd:element name="CertifiedRoles" type="CertifiedRolesListType"
- minOccurs="0"/>
- </xsd:sequence>
-</xsd:complexType>
-
-<xsd:complexType name="ClaimedRolesListType">
- <xsd:sequence>
- <xsd:element name="ClaimedRole" type="AnyType" maxOccurs="unbounded"/>
- </xsd:sequence>
-</xsd:complexType>
-
-<xsd:complexType name="CertifiedRolesListType">
- <xsd:sequence>
- <xsd:element name="CertifiedRole" type="EncapsulatedPKIDataType"
- maxOccurs="unbounded"/>
- </xsd:sequence>
-</xsd:complexType>
-
-<!-- End SignerRole -->
-
-
- <xsd:element name="AllDataObjectsTimeStamp" type="TimeStampType"/>
-
- <xsd:element name="IndividualDataObjectsTimeStamp" type="TimeStampType"/>
-
- <xsd:element name="SignatureTimeStamp" type="TimeStampType"/>
-
-<!-- Start CompleteCertificateRefs -->
-
-<xsd:element name="CompleteCertificateRefs" type="CompleteCertificateRefsType"/>
-
-<xsd:complexType name="CompleteCertificateRefsType">
- <xsd:sequence>
- <xsd:element name="CertRefs" type="CertIDListType" />
- </xsd:sequence>
- <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
-</xsd:complexType>
-
-<!-- End CompleteCertificateRefs -->
-
-
-<!-- Start CompleteRevocationRefs-->
-
-<xsd:element name="CompleteRevocationRefs" type="CompleteRevocationRefsType"/>
-
-<xsd:complexType name="CompleteRevocationRefsType">
- <xsd:sequence>
- <xsd:element name="CRLRefs" type="CRLRefsType" minOccurs="0"/>
- <xsd:element name="OCSPRefs" type="OCSPRefsType" minOccurs="0"/>
- <xsd:element name="OtherRefs" type="OtherCertStatusRefsType" minOccurs="0"/>
- </xsd:sequence>
- <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
-</xsd:complexType>
-
-<xsd:complexType name="CRLRefsType">
- <xsd:sequence>
- <xsd:element name="CRLRef" type="CRLRefType" maxOccurs="unbounded"/>
- </xsd:sequence>
-</xsd:complexType>
-
-<xsd:complexType name="CRLRefType">
- <xsd:sequence>
- <xsd:element name="DigestAlgAndValue" type="DigestAlgAndValueType"/>
- <xsd:element name="CRLIdentifier" type="CRLIdentifierType" minOccurs="0"/>
- </xsd:sequence>
-</xsd:complexType>
-
-<xsd:complexType name="CRLIdentifierType">
- <xsd:sequence>
- <xsd:element name="Issuer" type="xsd:string"/>
- <xsd:element name="IssueTime" type="xsd:dateTime" />
- <xsd:element name="Number" type="xsd:integer" minOccurs="0"/>
- </xsd:sequence>
- <xsd:attribute name="URI" type="xsd:anyURI" use="optional"/>
-</xsd:complexType>
-
-<xsd:complexType name="OCSPRefsType">
- <xsd:sequence>
- <xsd:element name="OCSPRef" type="OCSPRefType" maxOccurs="unbounded"/>
- </xsd:sequence>
-</xsd:complexType>
-
-<xsd:complexType name="OCSPRefType">
- <xsd:sequence>
- <xsd:element name="OCSPIdentifier" type="OCSPIdentifierType"/>
- <xsd:element name="DigestAlgAndValue" type="DigestAlgAndValueType"
- minOccurs="0"/>
- </xsd:sequence>
-</xsd:complexType>
-
-<xsd:complexType name="OCSPIdentifierType">
- <xsd:sequence>
- <xsd:element name="ResponderID" type="xsd:string"/>
- <xsd:element name="ProducedAt" type="xsd:dateTime"/>
- </xsd:sequence>
- <xsd:attribute name="URI" type="xsd:anyURI" use="optional"/>
-</xsd:complexType>
-
-<xsd:complexType name="OtherCertStatusRefsType">
- <xsd:sequence>
- <xsd:element name="OtherRef" type="AnyType" maxOccurs="unbounded"/>
- </xsd:sequence>
-</xsd:complexType>
-
-<!-- End CompleteRevocationRefs-->
-
-
-<xsd:element name="SigAndRefsTimeStamp" type="TimeStampType"/>
-
-<xsd:element name="RefsOnlyTimeStamp" type="TimeStampType"/>
-
-<!-- Start CertificateValues -->
-
-<xsd:element name="CertificateValues" type="CertificateValuesType"/>
-
-<xsd:complexType name="CertificateValuesType">
- <xsd:choice minOccurs="0" maxOccurs="unbounded">
- <xsd:element name="EncapsulatedX509Certificate" type="EncapsulatedPKIDataType"/>
- <xsd:element name="OtherCertificate" type="AnyType"/>
- </xsd:choice>
- <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
-</xsd:complexType>
-
-<!-- End CertificateValues -->
-
-<!-- Start RevocationValues-->
-
-<xsd:element name="RevocationValues" type="RevocationValuesType"/>
-
-<xsd:complexType name="RevocationValuesType">
- <xsd:sequence>
- <xsd:element name="CRLValues" type="CRLValuesType" minOccurs="0"/>
- <xsd:element name="OCSPValues" type="OCSPValuesType" minOccurs="0"/>
- <xsd:element name="OtherValues" type="OtherCertStatusValuesType" minOccurs="0"/>
- </xsd:sequence>
- <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
-</xsd:complexType>
-
-<xsd:complexType name="CRLValuesType">
- <xsd:sequence>
- <xsd:element name="EncapsulatedCRLValue" type="EncapsulatedPKIDataType"
- maxOccurs="unbounded"/>
- </xsd:sequence>
-</xsd:complexType>
-
-<xsd:complexType name="OCSPValuesType">
- <xsd:sequence>
- <xsd:element name="EncapsulatedOCSPValue"
- type="EncapsulatedPKIDataType" maxOccurs="unbounded"/>
- </xsd:sequence>
-</xsd:complexType>
-<xsd:complexType name="OtherCertStatusValuesType">
- <xsd:sequence>
- <xsd:element name="OtherValue" type="AnyType" maxOccurs="unbounded"/>
- </xsd:sequence>
-</xsd:complexType>
-
-<!-- End RevocationValues-->
-
-<xsd:element name="ArchiveTimeStamp" type="TimeStampType"/>
-
-
-</xsd:schema>
diff --git a/common/src/main/resources/resources/schemas/XAdES-1.3.2.xsd b/common/src/main/resources/resources/schemas/XAdES-1.3.2.xsd deleted file mode 100644 index d0ce075de..000000000 --- a/common/src/main/resources/resources/schemas/XAdES-1.3.2.xsd +++ /dev/null @@ -1,466 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?>
-<xsd:schema targetNamespace="http://uri.etsi.org/01903/v1.3.2#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://uri.etsi.org/01903/v1.3.2#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" elementFormDefault="qualified">
- <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd"/>
- <!-- Start auxiliary types definitions: AnyType, ObjectIdentifierType,
-EncapsulatedPKIDataType and containers for time-stamp tokens -->
- <!-- Start AnyType -->
- <xsd:element name="Any" type="AnyType"/>
- <xsd:complexType name="AnyType" mixed="true">
- <xsd:sequence minOccurs="0" maxOccurs="unbounded">
- <xsd:any namespace="##any" processContents="lax"/>
- </xsd:sequence>
- <xsd:anyAttribute namespace="##any"/>
- </xsd:complexType>
- <!-- End AnyType -->
- <!-- Start ObjectIdentifierType-->
- <xsd:element name="ObjectIdentifier" type="ObjectIdentifierType"/>
- <xsd:complexType name="ObjectIdentifierType">
- <xsd:sequence>
- <xsd:element name="Identifier" type="IdentifierType"/>
- <xsd:element name="Description" type="xsd:string" minOccurs="0"/>
- <xsd:element name="DocumentationReferences" type="DocumentationReferencesType" minOccurs="0"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="IdentifierType">
- <xsd:simpleContent>
- <xsd:extension base="xsd:anyURI">
- <xsd:attribute name="Qualifier" type="QualifierType" use="optional"/>
- </xsd:extension>
- </xsd:simpleContent>
- </xsd:complexType>
- <xsd:simpleType name="QualifierType">
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="OIDAsURI"/>
- <xsd:enumeration value="OIDAsURN"/>
- </xsd:restriction>
- </xsd:simpleType>
- <xsd:complexType name="DocumentationReferencesType">
- <xsd:sequence maxOccurs="unbounded">
- <xsd:element name="DocumentationReference" type="xsd:anyURI"/>
- </xsd:sequence>
- </xsd:complexType>
- <!-- End ObjectIdentifierType-->
- <!-- Start EncapsulatedPKIDataType-->
- <xsd:element name="EncapsulatedPKIData" type="EncapsulatedPKIDataType"/>
- <xsd:complexType name="EncapsulatedPKIDataType">
- <xsd:simpleContent>
- <xsd:extension base="xsd:base64Binary">
- <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
- <xsd:attribute name="Encoding" type="xsd:anyURI" use="optional"/>
- </xsd:extension>
- </xsd:simpleContent>
- </xsd:complexType>
- <!-- End EncapsulatedPKIDataType -->
- <!-- Start time-stamp containers types -->
- <!-- Start GenericTimeStampType -->
- <xsd:element name="Include" type="IncludeType"/>
- <xsd:complexType name="IncludeType">
- <xsd:attribute name="URI" type="xsd:anyURI" use="required"/>
- <xsd:attribute name="referencedData" type="xsd:boolean" use="optional"/>
- </xsd:complexType>
- <xsd:element name="ReferenceInfo" type="ReferenceInfoType"/>
- <xsd:complexType name="ReferenceInfoType">
- <xsd:sequence>
- <xsd:element ref="ds:DigestMethod"/>
- <xsd:element ref="ds:DigestValue"/>
- </xsd:sequence>
- <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
- <xsd:attribute name="URI" type="xsd:anyURI" use="optional"/>
- </xsd:complexType>
- <xsd:complexType name="GenericTimeStampType" abstract="true">
- <xsd:sequence>
- <xsd:choice minOccurs="0">
- <xsd:element ref="Include" minOccurs="0" maxOccurs="unbounded"/>
- <xsd:element ref="ReferenceInfo" maxOccurs="unbounded"/>
- </xsd:choice>
- <xsd:element ref="ds:CanonicalizationMethod" minOccurs="0"/>
- <xsd:choice maxOccurs="unbounded">
- <xsd:element name="EncapsulatedTimeStamp" type="EncapsulatedPKIDataType"/>
- <xsd:element name="XMLTimeStamp" type="AnyType"/>
- </xsd:choice>
- </xsd:sequence>
- <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
- </xsd:complexType>
- <!-- End GenericTimeStampType -->
- <!-- Start XAdESTimeStampType -->
- <xsd:element name="XAdESTimeStamp" type="XAdESTimeStampType"/>
- <xsd:complexType name="XAdESTimeStampType">
- <xsd:complexContent>
- <xsd:restriction base="GenericTimeStampType">
- <xsd:sequence>
- <xsd:element ref="Include" minOccurs="0" maxOccurs="unbounded"/>
- <xsd:element ref="ds:CanonicalizationMethod" minOccurs="0"/>
- <xsd:choice maxOccurs="unbounded">
- <xsd:element name="EncapsulatedTimeStamp" type="EncapsulatedPKIDataType"/>
- <xsd:element name="XMLTimeStamp" type="AnyType"/>
- </xsd:choice>
- </xsd:sequence>
- <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
- </xsd:restriction>
- </xsd:complexContent>
- </xsd:complexType>
- <!-- End XAdESTimeStampType -->
- <!-- Start OtherTimeStampType -->
- <xsd:element name="OtherTimeStamp" type="OtherTimeStampType"/>
- <xsd:complexType name="OtherTimeStampType">
- <xsd:complexContent>
- <xsd:restriction base="GenericTimeStampType">
- <xsd:sequence>
- <xsd:element ref="ReferenceInfo" maxOccurs="unbounded"/>
- <xsd:element ref="ds:CanonicalizationMethod" minOccurs="0"/>
- <xsd:choice>
- <xsd:element name="EncapsulatedTimeStamp" type="EncapsulatedPKIDataType"/>
- <xsd:element name="XMLTimeStamp" type="AnyType"/>
- </xsd:choice>
- </xsd:sequence>
- <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
- </xsd:restriction>
- </xsd:complexContent>
- </xsd:complexType>
- <!-- End OtherTimeStampType -->
- <!-- End time-stamp containers types -->
- <!-- End auxiliary types definitions-->
- <!-- Start container types -->
- <!-- Start QualifyingProperties -->
- <xsd:element name="QualifyingProperties" type="QualifyingPropertiesType"/>
- <xsd:complexType name="QualifyingPropertiesType">
- <xsd:sequence>
- <xsd:element name="SignedProperties" type="SignedPropertiesType" minOccurs="0"/>
- <xsd:element name="UnsignedProperties" type="UnsignedPropertiesType" minOccurs="0"/>
- </xsd:sequence>
- <xsd:attribute name="Target" type="xsd:anyURI" use="required"/>
- <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
- </xsd:complexType>
- <!-- End QualifyingProperties -->
- <!-- Start SignedProperties-->
- <xsd:element name="SignedProperties" type="SignedPropertiesType"/>
- <xsd:complexType name="SignedPropertiesType">
- <xsd:sequence>
- <xsd:element name="SignedSignatureProperties" type="SignedSignaturePropertiesType" minOccurs="0"/>
- <xsd:element name="SignedDataObjectProperties" type="SignedDataObjectPropertiesType" minOccurs="0"/>
- </xsd:sequence>
- <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
- </xsd:complexType>
- <!-- End SignedProperties-->
- <!-- Start UnsignedProperties-->
- <xsd:element name="UnsignedProperties" type="UnsignedPropertiesType"/>
- <xsd:complexType name="UnsignedPropertiesType">
- <xsd:sequence>
- <xsd:element name="UnsignedSignatureProperties" type="UnsignedSignaturePropertiesType" minOccurs="0"/>
- <xsd:element name="UnsignedDataObjectProperties" type="UnsignedDataObjectPropertiesType" minOccurs="0"/>
- </xsd:sequence>
- <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
- </xsd:complexType>
- <!-- End UnsignedProperties-->
- <!-- Start SignedSignatureProperties-->
- <xsd:element name="SignedSignatureProperties" type="SignedSignaturePropertiesType"/>
- <xsd:complexType name="SignedSignaturePropertiesType">
- <xsd:sequence>
- <xsd:element name="SigningTime" type="xsd:dateTime" minOccurs="0"/>
- <xsd:element name="SigningCertificate" type="CertIDListType" minOccurs="0"/>
- <xsd:element name="SignaturePolicyIdentifier" type="SignaturePolicyIdentifierType" minOccurs="0"/>
- <xsd:element name="SignatureProductionPlace" type="SignatureProductionPlaceType" minOccurs="0"/>
- <xsd:element name="SignerRole" type="SignerRoleType" minOccurs="0"/>
- </xsd:sequence>
- <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
- </xsd:complexType>
- <!-- End SignedSignatureProperties-->
- <!-- Start SignedDataObjectProperties-->
- <xsd:element name="SignedDataObjectProperties" type="SignedDataObjectPropertiesType"/>
- <xsd:complexType name="SignedDataObjectPropertiesType">
- <xsd:sequence>
- <xsd:element name="DataObjectFormat" type="DataObjectFormatType" minOccurs="0" maxOccurs="unbounded"/>
- <xsd:element name="CommitmentTypeIndication" type="CommitmentTypeIndicationType" minOccurs="0" maxOccurs="unbounded"/>
- <xsd:element name="AllDataObjectsTimeStamp" type="XAdESTimeStampType" minOccurs="0" maxOccurs="unbounded"/>
- <xsd:element name="IndividualDataObjectsTimeStamp" type="XAdESTimeStampType" minOccurs="0" maxOccurs="unbounded"/>
- </xsd:sequence>
- <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
- </xsd:complexType>
- <!-- End SignedDataObjectProperties-->
- <!-- Start UnsignedSignatureProperties-->
- <xsd:element name="UnsignedSignatureProperties" type="UnsignedSignaturePropertiesType"/>
- <xsd:complexType name="UnsignedSignaturePropertiesType">
- <xsd:choice maxOccurs="unbounded">
- <xsd:element name="CounterSignature" type="CounterSignatureType"/>
- <xsd:element name="SignatureTimeStamp" type="XAdESTimeStampType"/>
- <xsd:element name="CompleteCertificateRefs" type="CompleteCertificateRefsType"/>
- <xsd:element name="CompleteRevocationRefs" type="CompleteRevocationRefsType"/>
- <xsd:element name="AttributeCertificateRefs" type="CompleteCertificateRefsType"/>
- <xsd:element name="AttributeRevocationRefs" type="CompleteRevocationRefsType"/>
- <xsd:element name="SigAndRefsTimeStamp" type="XAdESTimeStampType"/>
- <xsd:element name="RefsOnlyTimeStamp" type="XAdESTimeStampType"/>
- <xsd:element name="CertificateValues" type="CertificateValuesType"/>
- <xsd:element name="RevocationValues" type="RevocationValuesType"/>
- <xsd:element name="AttrAuthoritiesCertValues" type="CertificateValuesType"/>
- <xsd:element name="AttributeRevocationValues" type="RevocationValuesType"/>
- <xsd:element name="ArchiveTimeStamp" type="XAdESTimeStampType"/>
- <xsd:any namespace="##other"/>
- </xsd:choice>
- <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
- </xsd:complexType>
- <!-- End UnsignedSignatureProperties-->
- <!-- Start UnsignedDataObjectProperties-->
- <xsd:element name="UnsignedDataObjectProperties" type="UnsignedDataObjectPropertiesType"/>
- <xsd:complexType name="UnsignedDataObjectPropertiesType">
- <xsd:sequence>
- <xsd:element name="UnsignedDataObjectProperty" type="AnyType" maxOccurs="unbounded"/>
- </xsd:sequence>
- <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
- </xsd:complexType>
- <!-- End UnsignedDataObjectProperties-->
- <!-- Start QualifyingPropertiesReference-->
- <xsd:element name="QualifyingPropertiesReference" type="QualifyingPropertiesReferenceType"/>
- <xsd:complexType name="QualifyingPropertiesReferenceType">
- <xsd:attribute name="URI" type="xsd:anyURI" use="required"/>
- <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
- </xsd:complexType>
- <!-- End QualifyingPropertiesReference-->
- <!-- End container types -->
- <!-- Start SigningTime element -->
- <xsd:element name="SigningTime" type="xsd:dateTime"/>
- <!-- End SigningTime element -->
- <!-- Start SigningCertificate -->
- <xsd:element name="SigningCertificate" type="CertIDListType"/>
- <xsd:complexType name="CertIDListType">
- <xsd:sequence>
- <xsd:element name="Cert" type="CertIDType" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="CertIDType">
- <xsd:sequence>
- <xsd:element name="CertDigest" type="DigestAlgAndValueType"/>
- <xsd:element name="IssuerSerial" type="ds:X509IssuerSerialType"/>
- </xsd:sequence>
- <xsd:attribute name="URI" type="xsd:anyURI" use="optional"/>
- </xsd:complexType>
- <xsd:complexType name="DigestAlgAndValueType">
- <xsd:sequence>
- <xsd:element ref="ds:DigestMethod"/>
- <xsd:element ref="ds:DigestValue"/>
- </xsd:sequence>
- </xsd:complexType>
- <!-- End SigningCertificate -->
- <!-- Start SignaturePolicyIdentifier -->
- <xsd:element name="SignaturePolicyIdentifier" type="SignaturePolicyIdentifierType"/>
- <xsd:complexType name="SignaturePolicyIdentifierType">
- <xsd:choice>
- <xsd:element name="SignaturePolicyId" type="SignaturePolicyIdType"/>
- <xsd:element name="SignaturePolicyImplied"/>
- </xsd:choice>
- </xsd:complexType>
- <xsd:complexType name="SignaturePolicyIdType">
- <xsd:sequence>
- <xsd:element name="SigPolicyId" type="ObjectIdentifierType"/>
- <xsd:element ref="ds:Transforms" minOccurs="0"/>
- <xsd:element name="SigPolicyHash" type="DigestAlgAndValueType"/>
- <xsd:element name="SigPolicyQualifiers" type="SigPolicyQualifiersListType" minOccurs="0"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="SigPolicyQualifiersListType">
- <xsd:sequence>
- <xsd:element name="SigPolicyQualifier" type="AnyType" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:element name="SPURI" type="xsd:anyURI"/>
- <xsd:element name="SPUserNotice" type="SPUserNoticeType"/>
- <xsd:complexType name="SPUserNoticeType">
- <xsd:sequence>
- <xsd:element name="NoticeRef" type="NoticeReferenceType" minOccurs="0"/>
- <xsd:element name="ExplicitText" type="xsd:string" minOccurs="0"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="NoticeReferenceType">
- <xsd:sequence>
- <xsd:element name="Organization" type="xsd:string"/>
- <xsd:element name="NoticeNumbers" type="IntegerListType"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="IntegerListType">
- <xsd:sequence>
- <xsd:element name="int" type="xsd:integer" minOccurs="0" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- <!-- End SignaturePolicyIdentifier -->
- <!-- Start CounterSignature -->
- <xsd:element name="CounterSignature" type="CounterSignatureType"/>
- <xsd:complexType name="CounterSignatureType">
- <xsd:sequence>
- <xsd:element ref="ds:Signature"/>
- </xsd:sequence>
- </xsd:complexType>
- <!-- End CounterSignature -->
- <!-- Start DataObjectFormat -->
- <xsd:element name="DataObjectFormat" type="DataObjectFormatType"/>
- <xsd:complexType name="DataObjectFormatType">
- <xsd:sequence>
- <xsd:element name="Description" type="xsd:string" minOccurs="0"/>
- <xsd:element name="ObjectIdentifier" type="ObjectIdentifierType" minOccurs="0"/>
- <xsd:element name="MimeType" type="xsd:string" minOccurs="0"/>
- <xsd:element name="Encoding" type="xsd:anyURI" minOccurs="0"/>
- </xsd:sequence>
- <xsd:attribute name="ObjectReference" type="xsd:anyURI" use="required"/>
- </xsd:complexType>
- <!-- End DataObjectFormat -->
- <!-- Start CommitmentTypeIndication -->
- <xsd:element name="CommitmentTypeIndication" type="CommitmentTypeIndicationType"/>
- <xsd:complexType name="CommitmentTypeIndicationType">
- <xsd:sequence>
- <xsd:element name="CommitmentTypeId" type="ObjectIdentifierType"/>
- <xsd:choice>
- <xsd:element name="ObjectReference" type="xsd:anyURI" maxOccurs="unbounded"/>
- <xsd:element name="AllSignedDataObjects"/>
- </xsd:choice>
- <xsd:element name="CommitmentTypeQualifiers" type="CommitmentTypeQualifiersListType" minOccurs="0"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="CommitmentTypeQualifiersListType">
- <xsd:sequence>
- <xsd:element name="CommitmentTypeQualifier" type="AnyType" minOccurs="0" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- <!-- End CommitmentTypeIndication -->
- <!-- Start SignatureProductionPlace -->
- <xsd:element name="SignatureProductionPlace" type="SignatureProductionPlaceType"/>
- <xsd:complexType name="SignatureProductionPlaceType">
- <xsd:sequence>
- <xsd:element name="City" type="xsd:string" minOccurs="0"/>
- <xsd:element name="StateOrProvince" type="xsd:string" minOccurs="0"/>
- <xsd:element name="PostalCode" type="xsd:string" minOccurs="0"/>
- <xsd:element name="CountryName" type="xsd:string" minOccurs="0"/>
- </xsd:sequence>
- </xsd:complexType>
- <!-- End SignatureProductionPlace -->
- <!-- Start SignerRole -->
- <xsd:element name="SignerRole" type="SignerRoleType"/>
- <xsd:complexType name="SignerRoleType">
- <xsd:sequence>
- <xsd:element name="ClaimedRoles" type="ClaimedRolesListType" minOccurs="0"/>
- <xsd:element name="CertifiedRoles" type="CertifiedRolesListType" minOccurs="0"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="ClaimedRolesListType">
- <xsd:sequence>
- <xsd:element name="ClaimedRole" type="AnyType" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="CertifiedRolesListType">
- <xsd:sequence>
- <xsd:element name="CertifiedRole" type="EncapsulatedPKIDataType" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- <!-- End SignerRole -->
- <xsd:element name="AllDataObjectsTimeStamp" type="XAdESTimeStampType"/>
- <xsd:element name="IndividualDataObjectsTimeStamp" type="XAdESTimeStampType"/>
- <xsd:element name="SignatureTimeStamp" type="XAdESTimeStampType"/>
- <!-- Start CompleteCertificateRefs -->
- <xsd:element name="CompleteCertificateRefs" type="CompleteCertificateRefsType"/>
- <xsd:complexType name="CompleteCertificateRefsType">
- <xsd:sequence>
- <xsd:element name="CertRefs" type="CertIDListType"/>
- </xsd:sequence>
- <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
- </xsd:complexType>
- <!-- End CompleteCertificateRefs -->
- <!-- Start CompleteRevocationRefs-->
- <xsd:element name="CompleteRevocationRefs" type="CompleteRevocationRefsType"/>
- <xsd:complexType name="CompleteRevocationRefsType">
- <xsd:sequence>
- <xsd:element name="CRLRefs" type="CRLRefsType" minOccurs="0"/>
- <xsd:element name="OCSPRefs" type="OCSPRefsType" minOccurs="0"/>
- <xsd:element name="OtherRefs" type="OtherCertStatusRefsType" minOccurs="0"/>
- </xsd:sequence>
- <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
- </xsd:complexType>
- <xsd:complexType name="CRLRefsType">
- <xsd:sequence>
- <xsd:element name="CRLRef" type="CRLRefType" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="CRLRefType">
- <xsd:sequence>
- <xsd:element name="DigestAlgAndValue" type="DigestAlgAndValueType"/>
- <xsd:element name="CRLIdentifier" type="CRLIdentifierType" minOccurs="0"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="CRLIdentifierType">
- <xsd:sequence>
- <xsd:element name="Issuer" type="xsd:string"/>
- <xsd:element name="IssueTime" type="xsd:dateTime"/>
- <xsd:element name="Number" type="xsd:integer" minOccurs="0"/>
- </xsd:sequence>
- <xsd:attribute name="URI" type="xsd:anyURI" use="optional"/>
- </xsd:complexType>
- <xsd:complexType name="OCSPRefsType">
- <xsd:sequence>
- <xsd:element name="OCSPRef" type="OCSPRefType" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="OCSPRefType">
- <xsd:sequence>
- <xsd:element name="OCSPIdentifier" type="OCSPIdentifierType"/>
- <xsd:element name="DigestAlgAndValue" type="DigestAlgAndValueType" minOccurs="0"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="ResponderIDType">
- <xsd:choice>
- <xsd:element name="ByName" type="xsd:string"/>
- <xsd:element name="ByKey" type="xsd:base64Binary"/>
- </xsd:choice>
- </xsd:complexType>
- <xsd:complexType name="OCSPIdentifierType">
- <xsd:sequence>
- <xsd:element name="ResponderID" type="ResponderIDType"/>
- <xsd:element name="ProducedAt" type="xsd:dateTime"/>
- </xsd:sequence>
- <xsd:attribute name="URI" type="xsd:anyURI" use="optional"/>
- </xsd:complexType>
- <xsd:complexType name="OtherCertStatusRefsType">
- <xsd:sequence>
- <xsd:element name="OtherRef" type="AnyType" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- <!-- End CompleteRevocationRefs-->
- <xsd:element name="AttributeCertificateRefs" type="CompleteCertificateRefsType"/>
- <xsd:element name="AttributeRevocationRefs" type="CompleteRevocationRefsType"/>
- <xsd:element name="SigAndRefsTimeStamp" type="XAdESTimeStampType"/>
- <xsd:element name="RefsOnlyTimeStamp" type="XAdESTimeStampType"/>
- <!-- Start CertificateValues -->
- <xsd:element name="CertificateValues" type="CertificateValuesType"/>
- <xsd:complexType name="CertificateValuesType">
- <xsd:choice minOccurs="0" maxOccurs="unbounded">
- <xsd:element name="EncapsulatedX509Certificate" type="EncapsulatedPKIDataType"/>
- <xsd:element name="OtherCertificate" type="AnyType"/>
- </xsd:choice>
- <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
- </xsd:complexType>
- <!-- End CertificateValues -->
- <!-- Start RevocationValues-->
- <xsd:element name="RevocationValues" type="RevocationValuesType"/>
- <xsd:complexType name="RevocationValuesType">
- <xsd:sequence>
- <xsd:element name="CRLValues" type="CRLValuesType" minOccurs="0"/>
- <xsd:element name="OCSPValues" type="OCSPValuesType" minOccurs="0"/>
- <xsd:element name="OtherValues" type="OtherCertStatusValuesType" minOccurs="0"/>
- </xsd:sequence>
- <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
- </xsd:complexType>
- <xsd:complexType name="CRLValuesType">
- <xsd:sequence>
- <xsd:element name="EncapsulatedCRLValue" type="EncapsulatedPKIDataType" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="OCSPValuesType">
- <xsd:sequence>
- <xsd:element name="EncapsulatedOCSPValue" type="EncapsulatedPKIDataType" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="OtherCertStatusValuesType">
- <xsd:sequence>
- <xsd:element name="OtherValue" type="AnyType" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- <!-- End RevocationValues-->
- <xsd:element name="AttrAuthoritiesCertValues" type="CertificateValuesType"/>
- <xsd:element name="AttributeRevocationValues" type="RevocationValuesType"/>
- <xsd:element name="ArchiveTimeStamp" type="XAdESTimeStampType"/>
-</xsd:schema>
diff --git a/common/src/main/resources/resources/schemas/XAdES-1.4.1.xsd b/common/src/main/resources/resources/schemas/XAdES-1.4.1.xsd deleted file mode 100644 index 383fcbdec..000000000 --- a/common/src/main/resources/resources/schemas/XAdES-1.4.1.xsd +++ /dev/null @@ -1,15 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?>
-<xsd:schema targetNamespace="http://uri.etsi.org/01903/v1.4.1#" xmlns="http://uri.etsi.org/01903/v1.4.1#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xades="http://uri.etsi.org/01903/v1.3.2#" elementFormDefault="qualified">
- <xsd:import namespace="http://uri.etsi.org/01903/v1.3.2#" schemaLocation="XAdES-1.3.2.xsd"/>
- <!-- Start CertificateValues -->
- <xsd:element name="TimeStampValidationData" type="ValidationDataType"/>
- <xsd:complexType name="ValidationDataType">
- <xsd:sequence>
- <xsd:element ref="xades:CertificateValues" minOccurs="0" />
- <xsd:element ref="xades:RevocationValues" minOccurs="0" />
- </xsd:sequence>
- <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
- <xsd:attribute name="UR" type="xsd:anyURI" use="optional"/>
- </xsd:complexType>
- <xsd:element name="ArchiveTimeStampV2" type="xades:XAdESTimeStampType"/>
-</xsd:schema>
diff --git a/common/src/main/resources/resources/schemas/XMLSchema-instance.xsd b/common/src/main/resources/resources/schemas/XMLSchema-instance.xsd deleted file mode 100644 index f47577b8a..000000000 --- a/common/src/main/resources/resources/schemas/XMLSchema-instance.xsd +++ /dev/null @@ -1,37 +0,0 @@ -<?xml version='1.0'?> -<!DOCTYPE xs:schema SYSTEM "XMLSchema.dtd" [ -<!ELEMENT p ANY> -<!ELEMENT a ANY> -<!ATTLIST a href CDATA #IMPLIED> -<!ELEMENT hr ANY> -<!ELEMENT h1 ANY> -<!ELEMENT br ANY> -]> -<xs:schema targetNamespace="http://www.w3.org/2001/XMLSchema-instance" - xmlns:xs="http://www.w3.org/2001/XMLSchema" - xmlns="http://www.w3.org/1999/xhtml"> - <xs:annotation> - <xs:documentation> - <h1>XML Schema instance namespace</h1> - <p>See <a href="http://www.w3.org/TR/xmlschema-1/">the XML Schema - Recommendation</a> for an introduction</p> - - - <hr /> - $Date: 2001/03/16 20:25:57 $<br /> - $Id: XMLSchema-instance.xsd,v 1.4 2001/03/16 20:25:57 ht Exp $ - </xs:documentation> - </xs:annotation> - <xs:annotation> - <xs:documentation><p>This schema should never be used as such: - <a href="http://www.w3.org/TR/xmlschema-1/#no-xsi">the XML - Schema Recommendation</a> forbids the declaration of - attributes in this namespace</p> - </xs:documentation> - </xs:annotation> - - <xs:attribute name="nil"/> - <xs:attribute name="type"/> - <xs:attribute name="schemaLocation"/> - <xs:attribute name="noNamespaceSchemaLocation"/> -</xs:schema> diff --git a/common/src/main/resources/resources/schemas/XMLSchema.dtd b/common/src/main/resources/resources/schemas/XMLSchema.dtd deleted file mode 100644 index e8e8f7625..000000000 --- a/common/src/main/resources/resources/schemas/XMLSchema.dtd +++ /dev/null @@ -1,402 +0,0 @@ -<!-- DTD for XML Schemas: Part 1: Structures - Public Identifier: "-//W3C//DTD XMLSCHEMA 200102//EN" - Official Location: http://www.w3.org/2001/XMLSchema.dtd --> -<!-- $Id: XMLSchema.dtd,v 1.31 2001/10/24 15:50:16 ht Exp $ --> -<!-- Note this DTD is NOT normative, or even definitive. --> <!--d--> -<!-- prose copy in the structures REC is the definitive version --> <!--d--> -<!-- (which shouldn't differ from this one except for this --> <!--d--> -<!-- comment and entity expansions, but just in case) --> <!--d--> -<!-- With the exception of cases with multiple namespace - prefixes for the XML Schema namespace, any XML document which is - not valid per this DTD given redefinitions in its internal subset of the - 'p' and 's' parameter entities below appropriate to its namespace - declaration of the XML Schema namespace is almost certainly not - a valid schema. --> - -<!-- The simpleType element and its constituent parts - are defined in XML Schema: Part 2: Datatypes --> -<!ENTITY % xs-datatypes PUBLIC 'datatypes' 'datatypes.dtd' > - -<!ENTITY % p 'xs:'> <!-- can be overriden in the internal subset of a - schema document to establish a different - namespace prefix --> -<!ENTITY % s ':xs'> <!-- if %p is defined (e.g. as foo:) then you must - also define %s as the suffix for the appropriate - namespace declaration (e.g. :foo) --> -<!ENTITY % nds 'xmlns%s;'> - -<!-- Define all the element names, with optional prefix --> -<!ENTITY % schema "%p;schema"> -<!ENTITY % complexType "%p;complexType"> -<!ENTITY % complexContent "%p;complexContent"> -<!ENTITY % simpleContent "%p;simpleContent"> -<!ENTITY % extension "%p;extension"> -<!ENTITY % element "%p;element"> -<!ENTITY % unique "%p;unique"> -<!ENTITY % key "%p;key"> -<!ENTITY % keyref "%p;keyref"> -<!ENTITY % selector "%p;selector"> -<!ENTITY % field "%p;field"> -<!ENTITY % group "%p;group"> -<!ENTITY % all "%p;all"> -<!ENTITY % choice "%p;choice"> -<!ENTITY % sequence "%p;sequence"> -<!ENTITY % any "%p;any"> -<!ENTITY % anyAttribute "%p;anyAttribute"> -<!ENTITY % attribute "%p;attribute"> -<!ENTITY % attributeGroup "%p;attributeGroup"> -<!ENTITY % include "%p;include"> -<!ENTITY % import "%p;import"> -<!ENTITY % redefine "%p;redefine"> -<!ENTITY % notation "%p;notation"> - -<!-- annotation elements --> -<!ENTITY % annotation "%p;annotation"> -<!ENTITY % appinfo "%p;appinfo"> -<!ENTITY % documentation "%p;documentation"> - -<!-- Customisation entities for the ATTLIST of each element type. - Define one of these if your schema takes advantage of the - anyAttribute='##other' in the schema for schemas --> - -<!ENTITY % schemaAttrs ''> -<!ENTITY % complexTypeAttrs ''> -<!ENTITY % complexContentAttrs ''> -<!ENTITY % simpleContentAttrs ''> -<!ENTITY % extensionAttrs ''> -<!ENTITY % elementAttrs ''> -<!ENTITY % groupAttrs ''> -<!ENTITY % allAttrs ''> -<!ENTITY % choiceAttrs ''> -<!ENTITY % sequenceAttrs ''> -<!ENTITY % anyAttrs ''> -<!ENTITY % anyAttributeAttrs ''> -<!ENTITY % attributeAttrs ''> -<!ENTITY % attributeGroupAttrs ''> -<!ENTITY % uniqueAttrs ''> -<!ENTITY % keyAttrs ''> -<!ENTITY % keyrefAttrs ''> -<!ENTITY % selectorAttrs ''> -<!ENTITY % fieldAttrs ''> -<!ENTITY % includeAttrs ''> -<!ENTITY % importAttrs ''> -<!ENTITY % redefineAttrs ''> -<!ENTITY % notationAttrs ''> -<!ENTITY % annotationAttrs ''> -<!ENTITY % appinfoAttrs ''> -<!ENTITY % documentationAttrs ''> - -<!ENTITY % complexDerivationSet "CDATA"> - <!-- #all or space-separated list drawn from derivationChoice --> -<!ENTITY % blockSet "CDATA"> - <!-- #all or space-separated list drawn from - derivationChoice + 'substitution' --> - -<!ENTITY % mgs '%all; | %choice; | %sequence;'> -<!ENTITY % cs '%choice; | %sequence;'> -<!ENTITY % formValues '(qualified|unqualified)'> - - -<!ENTITY % attrDecls '((%attribute;| %attributeGroup;)*,(%anyAttribute;)?)'> - -<!ENTITY % particleAndAttrs '((%mgs; | %group;)?, %attrDecls;)'> - -<!-- This is used in part2 --> -<!ENTITY % restriction1 '((%mgs; | %group;)?)'> - -%xs-datatypes; - -<!-- the duplication below is to produce an unambiguous content model - which allows annotation everywhere --> -<!ELEMENT %schema; ((%include; | %import; | %redefine; | %annotation;)*, - ((%simpleType; | %complexType; - | %element; | %attribute; - | %attributeGroup; | %group; - | %notation; ), - (%annotation;)*)* )> -<!ATTLIST %schema; - targetNamespace %URIref; #IMPLIED - version CDATA #IMPLIED - %nds; %URIref; #FIXED 'http://www.w3.org/2001/XMLSchema' - xmlns CDATA #IMPLIED - finalDefault %complexDerivationSet; '' - blockDefault %blockSet; '' - id ID #IMPLIED - elementFormDefault %formValues; 'unqualified' - attributeFormDefault %formValues; 'unqualified' - xml:lang CDATA #IMPLIED - %schemaAttrs;> -<!-- Note the xmlns declaration is NOT in the Schema for Schemas, - because at the Infoset level where schemas operate, - xmlns(:prefix) is NOT an attribute! --> -<!-- The declaration of xmlns is a convenience for schema authors --> - -<!-- The id attribute here and below is for use in external references - from non-schemas using simple fragment identifiers. - It is NOT used for schema-to-schema reference, internal or - external. --> - -<!-- a type is a named content type specification which allows attribute - declarations--> -<!-- --> - -<!ELEMENT %complexType; ((%annotation;)?, - (%simpleContent;|%complexContent;| - %particleAndAttrs;))> - -<!ATTLIST %complexType; - name %NCName; #IMPLIED - id ID #IMPLIED - abstract %boolean; #IMPLIED - final %complexDerivationSet; #IMPLIED - block %complexDerivationSet; #IMPLIED - mixed (true|false) 'false' - %complexTypeAttrs;> - -<!-- particleAndAttrs is shorthand for a root type --> -<!-- mixed is disallowed if simpleContent, overriden if complexContent - has one too. --> - -<!-- If anyAttribute appears in one or more referenced attributeGroups - and/or explicitly, the intersection of the permissions is used --> - -<!ELEMENT %complexContent; ((%annotation;)?, (%restriction;|%extension;))> -<!ATTLIST %complexContent; - mixed (true|false) #IMPLIED - id ID #IMPLIED - %complexContentAttrs;> - -<!-- restriction should use the branch defined above, not the simple - one from part2; extension should use the full model --> - -<!ELEMENT %simpleContent; ((%annotation;)?, (%restriction;|%extension;))> -<!ATTLIST %simpleContent; - id ID #IMPLIED - %simpleContentAttrs;> - -<!-- restriction should use the simple branch from part2, not the - one defined above; extension should have no particle --> - -<!ELEMENT %extension; ((%annotation;)?, (%particleAndAttrs;))> -<!ATTLIST %extension; - base %QName; #REQUIRED - id ID #IMPLIED - %extensionAttrs;> - -<!-- an element is declared by either: - a name and a type (either nested or referenced via the type attribute) - or a ref to an existing element declaration --> - -<!ELEMENT %element; ((%annotation;)?, (%complexType;| %simpleType;)?, - (%unique; | %key; | %keyref;)*)> -<!-- simpleType or complexType only if no type|ref attribute --> -<!-- ref not allowed at top level --> -<!ATTLIST %element; - name %NCName; #IMPLIED - id ID #IMPLIED - ref %QName; #IMPLIED - type %QName; #IMPLIED - minOccurs %nonNegativeInteger; #IMPLIED - maxOccurs CDATA #IMPLIED - nillable %boolean; #IMPLIED - substitutionGroup %QName; #IMPLIED - abstract %boolean; #IMPLIED - final %complexDerivationSet; #IMPLIED - block %blockSet; #IMPLIED - default CDATA #IMPLIED - fixed CDATA #IMPLIED - form %formValues; #IMPLIED - %elementAttrs;> -<!-- type and ref are mutually exclusive. - name and ref are mutually exclusive, one is required --> -<!-- In the absence of type AND ref, type defaults to type of - substitutionGroup, if any, else the ur-type, i.e. unconstrained --> -<!-- default and fixed are mutually exclusive --> - -<!ELEMENT %group; ((%annotation;)?,(%mgs;)?)> -<!ATTLIST %group; - name %NCName; #IMPLIED - ref %QName; #IMPLIED - minOccurs %nonNegativeInteger; #IMPLIED - maxOccurs CDATA #IMPLIED - id ID #IMPLIED - %groupAttrs;> - -<!ELEMENT %all; ((%annotation;)?, (%element;)*)> -<!ATTLIST %all; - minOccurs (1) #IMPLIED - maxOccurs (1) #IMPLIED - id ID #IMPLIED - %allAttrs;> - -<!ELEMENT %choice; ((%annotation;)?, (%element;| %group;| %cs; | %any;)*)> -<!ATTLIST %choice; - minOccurs %nonNegativeInteger; #IMPLIED - maxOccurs CDATA #IMPLIED - id ID #IMPLIED - %choiceAttrs;> - -<!ELEMENT %sequence; ((%annotation;)?, (%element;| %group;| %cs; | %any;)*)> -<!ATTLIST %sequence; - minOccurs %nonNegativeInteger; #IMPLIED - maxOccurs CDATA #IMPLIED - id ID #IMPLIED - %sequenceAttrs;> - -<!-- an anonymous grouping in a model, or - a top-level named group definition, or a reference to same --> - -<!-- Note that if order is 'all', group is not allowed inside. - If order is 'all' THIS group must be alone (or referenced alone) at - the top level of a content model --> -<!-- If order is 'all', minOccurs==maxOccurs==1 on element/any inside --> -<!-- Should allow minOccurs=0 inside order='all' . . . --> - -<!ELEMENT %any; (%annotation;)?> -<!ATTLIST %any; - namespace CDATA '##any' - processContents (skip|lax|strict) 'strict' - minOccurs %nonNegativeInteger; '1' - maxOccurs CDATA '1' - id ID #IMPLIED - %anyAttrs;> - -<!-- namespace is interpreted as follows: - ##any - - any non-conflicting WFXML at all - - ##other - - any non-conflicting WFXML from namespace other - than targetNamespace - - ##local - - any unqualified non-conflicting WFXML/attribute - one or - - any non-conflicting WFXML from - more URI the listed namespaces - references - - ##targetNamespace ##local may appear in the above list, - with the obvious meaning --> - -<!ELEMENT %anyAttribute; (%annotation;)?> -<!ATTLIST %anyAttribute; - namespace CDATA '##any' - processContents (skip|lax|strict) 'strict' - id ID #IMPLIED - %anyAttributeAttrs;> -<!-- namespace is interpreted as for 'any' above --> - -<!-- simpleType only if no type|ref attribute --> -<!-- ref not allowed at top level, name iff at top level --> -<!ELEMENT %attribute; ((%annotation;)?, (%simpleType;)?)> -<!ATTLIST %attribute; - name %NCName; #IMPLIED - id ID #IMPLIED - ref %QName; #IMPLIED - type %QName; #IMPLIED - use (prohibited|optional|required) #IMPLIED - default CDATA #IMPLIED - fixed CDATA #IMPLIED - form %formValues; #IMPLIED - %attributeAttrs;> -<!-- type and ref are mutually exclusive. - name and ref are mutually exclusive, one is required --> -<!-- default for use is optional when nested, none otherwise --> -<!-- default and fixed are mutually exclusive --> -<!-- type attr and simpleType content are mutually exclusive --> - -<!-- an attributeGroup is a named collection of attribute decls, or a - reference thereto --> -<!ELEMENT %attributeGroup; ((%annotation;)?, - (%attribute; | %attributeGroup;)*, - (%anyAttribute;)?) > -<!ATTLIST %attributeGroup; - name %NCName; #IMPLIED - id ID #IMPLIED - ref %QName; #IMPLIED - %attributeGroupAttrs;> - -<!-- ref iff no content, no name. ref iff not top level --> - -<!-- better reference mechanisms --> -<!ELEMENT %unique; ((%annotation;)?, %selector;, (%field;)+)> -<!ATTLIST %unique; - name %NCName; #REQUIRED - id ID #IMPLIED - %uniqueAttrs;> - -<!ELEMENT %key; ((%annotation;)?, %selector;, (%field;)+)> -<!ATTLIST %key; - name %NCName; #REQUIRED - id ID #IMPLIED - %keyAttrs;> - -<!ELEMENT %keyref; ((%annotation;)?, %selector;, (%field;)+)> -<!ATTLIST %keyref; - name %NCName; #REQUIRED - refer %QName; #REQUIRED - id ID #IMPLIED - %keyrefAttrs;> - -<!ELEMENT %selector; ((%annotation;)?)> -<!ATTLIST %selector; - xpath %XPathExpr; #REQUIRED - id ID #IMPLIED - %selectorAttrs;> -<!ELEMENT %field; ((%annotation;)?)> -<!ATTLIST %field; - xpath %XPathExpr; #REQUIRED - id ID #IMPLIED - %fieldAttrs;> - -<!-- Schema combination mechanisms --> -<!ELEMENT %include; (%annotation;)?> -<!ATTLIST %include; - schemaLocation %URIref; #REQUIRED - id ID #IMPLIED - %includeAttrs;> - -<!ELEMENT %import; (%annotation;)?> -<!ATTLIST %import; - namespace %URIref; #IMPLIED - schemaLocation %URIref; #IMPLIED - id ID #IMPLIED - %importAttrs;> - -<!ELEMENT %redefine; (%annotation; | %simpleType; | %complexType; | - %attributeGroup; | %group;)*> -<!ATTLIST %redefine; - schemaLocation %URIref; #REQUIRED - id ID #IMPLIED - %redefineAttrs;> - -<!ELEMENT %notation; (%annotation;)?> -<!ATTLIST %notation; - name %NCName; #REQUIRED - id ID #IMPLIED - public CDATA #REQUIRED - system %URIref; #IMPLIED - %notationAttrs;> - -<!-- Annotation is either application information or documentation --> -<!-- By having these here they are available for datatypes as well - as all the structures elements --> - -<!ELEMENT %annotation; (%appinfo; | %documentation;)*> -<!ATTLIST %annotation; %annotationAttrs;> - -<!-- User must define annotation elements in internal subset for this - to work --> -<!ELEMENT %appinfo; ANY> <!-- too restrictive --> -<!ATTLIST %appinfo; - source %URIref; #IMPLIED - id ID #IMPLIED - %appinfoAttrs;> -<!ELEMENT %documentation; ANY> <!-- too restrictive --> -<!ATTLIST %documentation; - source %URIref; #IMPLIED - id ID #IMPLIED - xml:lang CDATA #IMPLIED - %documentationAttrs;> - -<!NOTATION XMLSchemaStructures PUBLIC - 'structures' 'http://www.w3.org/2001/XMLSchema.xsd' > -<!NOTATION XML PUBLIC - 'REC-xml-1998-0210' 'http://www.w3.org/TR/1998/REC-xml-19980210' > diff --git a/common/src/main/resources/resources/schemas/cs-sstc-schema-assertion-01.xsd b/common/src/main/resources/resources/schemas/cs-sstc-schema-assertion-01.xsd deleted file mode 100644 index 8bc5af147..000000000 --- a/common/src/main/resources/resources/schemas/cs-sstc-schema-assertion-01.xsd +++ /dev/null @@ -1,194 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?>
-<!-- edited with XML Spy v3.5 NT (http://www.xmlspy.com) by Phill Hallam-Baker (VeriSign Inc.) -->
-<schema targetNamespace="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns="http://www.w3.org/2001/XMLSchema" elementFormDefault="unqualified">
- <import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/>
- <annotation>
- <documentation>
- Document identifier: cs-sstc-schema-assertion-01
- Location: http://www.oasis-open.org/committees/security/docs/
- </documentation>
- </annotation>
- <simpleType name="IDType">
- <restriction base="string"/>
- </simpleType>
- <simpleType name="IDReferenceType">
- <restriction base="string"/>
- </simpleType>
- <simpleType name="DecisionType">
- <restriction base="string">
- <enumeration value="Permit"/>
- <enumeration value="Deny"/>
- <enumeration value="Indeterminate"/>
- </restriction>
- </simpleType>
- <element name="AssertionIDReference" type="saml:IDReferenceType"/>
- <element name="Assertion" type="saml:AssertionType"/>
- <complexType name="AssertionType">
- <sequence>
- <element ref="saml:Conditions" minOccurs="0"/>
- <element ref="saml:Advice" minOccurs="0"/>
- <choice maxOccurs="unbounded">
- <element ref="saml:Statement"/>
- <element ref="saml:SubjectStatement"/>
- <element ref="saml:AuthenticationStatement"/>
- <element ref="saml:AuthorizationDecisionStatement"/>
- <element ref="saml:AttributeStatement"/>
- </choice>
- <element ref="ds:Signature" minOccurs="0"/>
- </sequence>
- <attribute name="MajorVersion" type="integer" use="required"/>
- <attribute name="MinorVersion" type="integer" use="required"/>
- <attribute name="AssertionID" type="saml:IDType" use="required"/>
- <attribute name="Issuer" type="string" use="required"/>
- <attribute name="IssueInstant" type="dateTime" use="required"/>
- </complexType>
- <element name="Conditions" type="saml:ConditionsType"/>
- <complexType name="ConditionsType">
- <choice minOccurs="0" maxOccurs="unbounded">
- <element ref="saml:AudienceRestrictionCondition"/>
- <element ref="saml:Condition"/>
- </choice>
- <attribute name="NotBefore" type="dateTime" use="optional"/>
- <attribute name="NotOnOrAfter" type="dateTime" use="optional"/>
- </complexType>
- <element name="Condition" type="saml:ConditionAbstractType"/>
- <complexType name="ConditionAbstractType" abstract="true"/>
- <element name="AudienceRestrictionCondition" type="saml:AudienceRestrictionConditionType"/>
- <complexType name="AudienceRestrictionConditionType">
- <complexContent>
- <extension base="saml:ConditionAbstractType">
- <sequence>
- <element ref="saml:Audience" maxOccurs="unbounded"/>
- </sequence>
- </extension>
- </complexContent>
- </complexType>
- <element name="Audience" type="anyURI"/>
- <element name="Advice" type="saml:AdviceType"/>
- <complexType name="AdviceType">
- <choice minOccurs="0" maxOccurs="unbounded">
- <element ref="saml:AssertionIDReference"/>
- <element ref="saml:Assertion"/>
- <any namespace="##other" processContents="lax"/>
- </choice>
- </complexType>
- <element name="Statement" type="saml:StatementAbstractType"/>
- <complexType name="StatementAbstractType" abstract="true"/>
- <element name="SubjectStatement" type="saml:SubjectStatementAbstractType"/>
- <complexType name="SubjectStatementAbstractType" abstract="true">
- <complexContent>
- <extension base="saml:StatementAbstractType">
- <sequence>
- <element ref="saml:Subject"/>
- </sequence>
- </extension>
- </complexContent>
- </complexType>
- <element name="Subject" type="saml:SubjectType"/>
- <complexType name="SubjectType">
- <choice>
- <sequence>
- <element ref="saml:NameIdentifier"/>
- <element ref="saml:SubjectConfirmation" minOccurs="0"/>
- </sequence>
- <element ref="saml:SubjectConfirmation"/>
- </choice>
- </complexType>
- <element name="NameIdentifier" type="saml:NameIdentifierType"/>
- <complexType name="NameIdentifierType">
- <simpleContent>
- <extension base="string">
- <attribute name="NameQualifier" type="string" use="optional"/>
- <attribute name="Format" type="anyURI" use="optional"/>
- </extension>
- </simpleContent>
- </complexType>
- <element name="SubjectConfirmation" type="saml:SubjectConfirmationType"/>
- <complexType name="SubjectConfirmationType">
- <sequence>
- <element ref="saml:ConfirmationMethod" maxOccurs="unbounded"/>
- <element ref="saml:SubjectConfirmationData" minOccurs="0"/>
- <element ref="ds:KeyInfo" minOccurs="0"/>
- </sequence>
- </complexType>
- <element name="SubjectConfirmationData" type="anyType"/>
- <element name="ConfirmationMethod" type="anyURI"/>
- <element name="AuthenticationStatement" type="saml:AuthenticationStatementType"/>
- <complexType name="AuthenticationStatementType">
- <complexContent>
- <extension base="saml:SubjectStatementAbstractType">
- <sequence>
- <element ref="saml:SubjectLocality" minOccurs="0"/>
- <element ref="saml:AuthorityBinding" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- <attribute name="AuthenticationMethod" type="anyURI" use="required"/>
- <attribute name="AuthenticationInstant" type="dateTime" use="required"/>
- </extension>
- </complexContent>
- </complexType>
- <element name="SubjectLocality" type="saml:SubjectLocalityType"/>
- <complexType name="SubjectLocalityType">
- <attribute name="IPAddress" type="string" use="optional"/>
- <attribute name="DNSAddress" type="string" use="optional"/>
- </complexType>
- <element name="AuthorityBinding" type="saml:AuthorityBindingType"/>
- <complexType name="AuthorityBindingType">
- <attribute name="AuthorityKind" type="QName" use="required"/>
- <attribute name="Location" type="anyURI" use="required"/>
- <attribute name="Binding" type="anyURI" use="required"/>
- </complexType>
- <element name="AuthorizationDecisionStatement" type="saml:AuthorizationDecisionStatementType"/>
- <complexType name="AuthorizationDecisionStatementType">
- <complexContent>
- <extension base="saml:SubjectStatementAbstractType">
- <sequence>
- <element ref="saml:Action" maxOccurs="unbounded"/>
- <element ref="saml:Evidence" minOccurs="0"/>
- </sequence>
- <attribute name="Resource" type="anyURI" use="required"/>
- <attribute name="Decision" type="saml:DecisionType" use="required"/>
- </extension>
- </complexContent>
- </complexType>
- <element name="Action" type="saml:ActionType"/>
- <complexType name="ActionType">
- <simpleContent>
- <extension base="string">
- <attribute name="Namespace" type="anyURI"/>
- </extension>
- </simpleContent>
- </complexType>
- <element name="Evidence" type="saml:EvidenceType"/>
- <complexType name="EvidenceType">
- <choice maxOccurs="unbounded">
- <element ref="saml:AssertionIDReference"/>
- <element ref="saml:Assertion"/>
- </choice>
- </complexType>
- <element name="AttributeStatement" type="saml:AttributeStatementType"/>
- <complexType name="AttributeStatementType">
- <complexContent>
- <extension base="saml:SubjectStatementAbstractType">
- <sequence>
- <element ref="saml:Attribute" maxOccurs="unbounded"/>
- </sequence>
- </extension>
- </complexContent>
- </complexType>
- <element name="AttributeDesignator" type="saml:AttributeDesignatorType"/>
- <complexType name="AttributeDesignatorType">
- <attribute name="AttributeName" type="string" use="required"/>
- <attribute name="AttributeNamespace" type="anyURI" use="required"/>
- </complexType>
- <element name="Attribute" type="saml:AttributeType"/>
- <complexType name="AttributeType">
- <complexContent>
- <extension base="saml:AttributeDesignatorType">
- <sequence>
- <element ref="saml:AttributeValue" maxOccurs="unbounded"/>
- </sequence>
- </extension>
- </complexContent>
- </complexType>
- <element name="AttributeValue" type="anyType"/>
-</schema>
diff --git a/common/src/main/resources/resources/schemas/cs-sstc-schema-protocol-01.xsd b/common/src/main/resources/resources/schemas/cs-sstc-schema-protocol-01.xsd deleted file mode 100644 index ecad05b0f..000000000 --- a/common/src/main/resources/resources/schemas/cs-sstc-schema-protocol-01.xsd +++ /dev/null @@ -1,127 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?>
-<!-- edited with XML Spy v4.2 U (http://www.xmlspy.com) by Phillip Hallam-Baker (Phillip Hallam-Baker) -->
-<schema targetNamespace="urn:oasis:names:tc:SAML:1.0:protocol" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol" xmlns="http://www.w3.org/2001/XMLSchema" elementFormDefault="unqualified">
- <import namespace="urn:oasis:names:tc:SAML:1.0:assertion" schemaLocation="cs-sstc-schema-assertion-01.xsd"/>
- <import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/>
- <annotation>
- <documentation>
- Document identifier: cs-sstc-schema-protocol-01
- Location: http://www.oasis-open.org/committees/security/docs/
- </documentation>
- </annotation>
- <complexType name="RequestAbstractType" abstract="true">
- <sequence>
- <element ref="samlp:RespondWith" minOccurs="0" maxOccurs="unbounded"/>
- <element ref="ds:Signature" minOccurs="0"/>
- </sequence>
- <attribute name="RequestID" type="saml:IDType" use="required"/>
- <attribute name="MajorVersion" type="integer" use="required"/>
- <attribute name="MinorVersion" type="integer" use="required"/>
- <attribute name="IssueInstant" type="dateTime" use="required"/>
- </complexType>
- <element name="RespondWith" type="QName"/>
- <element name="Request" type="samlp:RequestType"/>
- <complexType name="RequestType">
- <complexContent>
- <extension base="samlp:RequestAbstractType">
- <choice>
- <element ref="samlp:Query"/>
- <element ref="samlp:SubjectQuery"/>
- <element ref="samlp:AuthenticationQuery"/>
- <element ref="samlp:AttributeQuery"/>
- <element ref="samlp:AuthorizationDecisionQuery"/>
- <element ref="saml:AssertionIDReference" maxOccurs="unbounded"/>
- <element ref="samlp:AssertionArtifact" maxOccurs="unbounded"/>
- </choice>
- </extension>
- </complexContent>
- </complexType>
- <element name="AssertionArtifact" type="string"/>
- <element name="Query" type="samlp:QueryAbstractType"/>
- <complexType name="QueryAbstractType" abstract="true"/>
- <element name="SubjectQuery" type="samlp:SubjectQueryAbstractType"/>
- <complexType name="SubjectQueryAbstractType" abstract="true">
- <complexContent>
- <extension base="samlp:QueryAbstractType">
- <sequence>
- <element ref="saml:Subject"/>
- </sequence>
- </extension>
- </complexContent>
- </complexType>
- <element name="AuthenticationQuery" type="samlp:AuthenticationQueryType"/>
- <complexType name="AuthenticationQueryType">
- <complexContent>
- <extension base="samlp:SubjectQueryAbstractType">
- <attribute name="AuthenticationMethod" type="anyURI"/>
- </extension>
- </complexContent>
- </complexType>
- <element name="AttributeQuery" type="samlp:AttributeQueryType"/>
- <complexType name="AttributeQueryType">
- <complexContent>
- <extension base="samlp:SubjectQueryAbstractType">
- <sequence>
- <element ref="saml:AttributeDesignator" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- <attribute name="Resource" type="anyURI" use="optional"/>
- </extension>
- </complexContent>
- </complexType>
- <element name="AuthorizationDecisionQuery" type="samlp:AuthorizationDecisionQueryType"/>
- <complexType name="AuthorizationDecisionQueryType">
- <complexContent>
- <extension base="samlp:SubjectQueryAbstractType">
- <sequence>
- <element ref="saml:Action" maxOccurs="unbounded"/>
- <element ref="saml:Evidence" minOccurs="0" maxOccurs="1"/>
- </sequence>
- <attribute name="Resource" type="anyURI" use="required"/>
- </extension>
- </complexContent>
- </complexType>
- <complexType name="ResponseAbstractType" abstract="true">
- <sequence>
- <element ref="ds:Signature" minOccurs="0"/>
- </sequence>
- <attribute name="ResponseID" type="saml:IDType" use="required"/>
- <attribute name="InResponseTo" type="saml:IDReferenceType" use="optional"/>
- <attribute name="MajorVersion" type="integer" use="required"/>
- <attribute name="MinorVersion" type="integer" use="required"/>
- <attribute name="IssueInstant" type="dateTime" use="required"/>
- <attribute name="Recipient" type="anyURI" use="optional"/>
- </complexType>
- <element name="Response" type="samlp:ResponseType"/>
- <complexType name="ResponseType">
- <complexContent>
- <extension base="samlp:ResponseAbstractType">
- <sequence>
- <element ref="samlp:Status"/>
- <element ref="saml:Assertion" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- </extension>
- </complexContent>
- </complexType>
- <element name="Status" type="samlp:StatusType"/>
- <complexType name="StatusType">
- <sequence>
- <element ref="samlp:StatusCode"/>
- <element ref="samlp:StatusMessage" minOccurs="0" maxOccurs="1"/>
- <element ref="samlp:StatusDetail" minOccurs="0"/>
- </sequence>
- </complexType>
- <element name="StatusCode" type="samlp:StatusCodeType"/>
- <complexType name="StatusCodeType">
- <sequence>
- <element ref="samlp:StatusCode" minOccurs="0"/>
- </sequence>
- <attribute name="Value" type="QName" use="required"/>
- </complexType>
- <element name="StatusMessage" type="string"/>
- <element name="StatusDetail" type="samlp:StatusDetailType"/>
- <complexType name="StatusDetailType">
- <sequence>
- <any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- </complexType>
-</schema>
diff --git a/common/src/main/resources/resources/schemas/datatypes.dtd b/common/src/main/resources/resources/schemas/datatypes.dtd deleted file mode 100644 index 8e48553be..000000000 --- a/common/src/main/resources/resources/schemas/datatypes.dtd +++ /dev/null @@ -1,203 +0,0 @@ -<!-- - DTD for XML Schemas: Part 2: Datatypes - $Id: datatypes.dtd,v 1.23 2001/03/16 17:36:30 ht Exp $ - Note this DTD is NOT normative, or even definitive. - - the - prose copy in the datatypes REC is the definitive version - (which shouldn't differ from this one except for this comment - and entity expansions, but just in case) - --> - -<!-- - This DTD cannot be used on its own, it is intended - only for incorporation in XMLSchema.dtd, q.v. - --> - -<!-- Define all the element names, with optional prefix --> -<!ENTITY % simpleType "%p;simpleType"> -<!ENTITY % restriction "%p;restriction"> -<!ENTITY % list "%p;list"> -<!ENTITY % union "%p;union"> -<!ENTITY % maxExclusive "%p;maxExclusive"> -<!ENTITY % minExclusive "%p;minExclusive"> -<!ENTITY % maxInclusive "%p;maxInclusive"> -<!ENTITY % minInclusive "%p;minInclusive"> -<!ENTITY % totalDigits "%p;totalDigits"> -<!ENTITY % fractionDigits "%p;fractionDigits"> -<!ENTITY % length "%p;length"> -<!ENTITY % minLength "%p;minLength"> -<!ENTITY % maxLength "%p;maxLength"> -<!ENTITY % enumeration "%p;enumeration"> -<!ENTITY % whiteSpace "%p;whiteSpace"> -<!ENTITY % pattern "%p;pattern"> - -<!-- - Customisation entities for the ATTLIST of each element - type. Define one of these if your schema takes advantage - of the anyAttribute='##other' in the schema for schemas - --> - -<!ENTITY % simpleTypeAttrs ""> -<!ENTITY % restrictionAttrs ""> -<!ENTITY % listAttrs ""> -<!ENTITY % unionAttrs ""> -<!ENTITY % maxExclusiveAttrs ""> -<!ENTITY % minExclusiveAttrs ""> -<!ENTITY % maxInclusiveAttrs ""> -<!ENTITY % minInclusiveAttrs ""> -<!ENTITY % totalDigitsAttrs ""> -<!ENTITY % fractionDigitsAttrs ""> -<!ENTITY % lengthAttrs ""> -<!ENTITY % minLengthAttrs ""> -<!ENTITY % maxLengthAttrs ""> -<!ENTITY % enumerationAttrs ""> -<!ENTITY % whiteSpaceAttrs ""> -<!ENTITY % patternAttrs ""> - -<!-- Define some entities for informative use as attribute - types --> -<!ENTITY % URIref "CDATA"> -<!ENTITY % XPathExpr "CDATA"> -<!ENTITY % QName "NMTOKEN"> -<!ENTITY % QNames "NMTOKENS"> -<!ENTITY % NCName "NMTOKEN"> -<!ENTITY % nonNegativeInteger "NMTOKEN"> -<!ENTITY % boolean "(true|false)"> -<!ENTITY % simpleDerivationSet "CDATA"> -<!-- - #all or space-separated list drawn from derivationChoice - --> - -<!-- - Note that the use of 'facet' below is less restrictive - than is really intended: There should in fact be no - more than one of each of minInclusive, minExclusive, - maxInclusive, maxExclusive, totalDigits, fractionDigits, - length, maxLength, minLength within datatype, - and the min- and max- variants of Inclusive and Exclusive - are mutually exclusive. On the other hand, pattern and - enumeration may repeat. - --> -<!ENTITY % minBound "(%minInclusive; | %minExclusive;)"> -<!ENTITY % maxBound "(%maxInclusive; | %maxExclusive;)"> -<!ENTITY % bounds "%minBound; | %maxBound;"> -<!ENTITY % numeric "%totalDigits; | %fractionDigits;"> -<!ENTITY % ordered "%bounds; | %numeric;"> -<!ENTITY % unordered - "%pattern; | %enumeration; | %whiteSpace; | %length; | - %maxLength; | %minLength;"> -<!ENTITY % facet "%ordered; | %unordered;"> -<!ENTITY % facetAttr - "value CDATA #REQUIRED - id ID #IMPLIED"> -<!ENTITY % fixedAttr "fixed %boolean; #IMPLIED"> -<!ENTITY % facetModel "(%annotation;)?"> -<!ELEMENT %simpleType; - ((%annotation;)?, (%restriction; | %list; | %union;))> -<!ATTLIST %simpleType; - name %NCName; #IMPLIED - final %simpleDerivationSet; #IMPLIED - id ID #IMPLIED - %simpleTypeAttrs;> -<!-- name is required at top level --> -<!ELEMENT %restriction; ((%annotation;)?, - (%restriction1; | - ((%simpleType;)?,(%facet;)*)), - (%attrDecls;))> -<!ATTLIST %restriction; - base %QName; #IMPLIED - id ID #IMPLIED - %restrictionAttrs;> -<!-- - base and simpleType child are mutually exclusive, - one is required. - - restriction is shared between simpleType and - simpleContent and complexContent (in XMLSchema.xsd). - restriction1 is for the latter cases, when this - is restricting a complex type, as is attrDecls. - --> -<!ELEMENT %list; ((%annotation;)?,(%simpleType;)?)> -<!ATTLIST %list; - itemType %QName; #IMPLIED - id ID #IMPLIED - %listAttrs;> -<!-- - itemType and simpleType child are mutually exclusive, - one is required - --> -<!ELEMENT %union; ((%annotation;)?,(%simpleType;)*)> -<!ATTLIST %union; - id ID #IMPLIED - memberTypes %QNames; #IMPLIED - %unionAttrs;> -<!-- - At least one item in memberTypes or one simpleType - child is required - --> - -<!ELEMENT %maxExclusive; %facetModel;> -<!ATTLIST %maxExclusive; - %facetAttr; - %fixedAttr; - %maxExclusiveAttrs;> -<!ELEMENT %minExclusive; %facetModel;> -<!ATTLIST %minExclusive; - %facetAttr; - %fixedAttr; - %minExclusiveAttrs;> - -<!ELEMENT %maxInclusive; %facetModel;> -<!ATTLIST %maxInclusive; - %facetAttr; - %fixedAttr; - %maxInclusiveAttrs;> -<!ELEMENT %minInclusive; %facetModel;> -<!ATTLIST %minInclusive; - %facetAttr; - %fixedAttr; - %minInclusiveAttrs;> - -<!ELEMENT %totalDigits; %facetModel;> -<!ATTLIST %totalDigits; - %facetAttr; - %fixedAttr; - %totalDigitsAttrs;> -<!ELEMENT %fractionDigits; %facetModel;> -<!ATTLIST %fractionDigits; - %facetAttr; - %fixedAttr; - %fractionDigitsAttrs;> - -<!ELEMENT %length; %facetModel;> -<!ATTLIST %length; - %facetAttr; - %fixedAttr; - %lengthAttrs;> -<!ELEMENT %minLength; %facetModel;> -<!ATTLIST %minLength; - %facetAttr; - %fixedAttr; - %minLengthAttrs;> -<!ELEMENT %maxLength; %facetModel;> -<!ATTLIST %maxLength; - %facetAttr; - %fixedAttr; - %maxLengthAttrs;> - -<!-- This one can be repeated --> -<!ELEMENT %enumeration; %facetModel;> -<!ATTLIST %enumeration; - %facetAttr; - %enumerationAttrs;> - -<!ELEMENT %whiteSpace; %facetModel;> -<!ATTLIST %whiteSpace; - %facetAttr; - %fixedAttr; - %whiteSpaceAttrs;> - -<!-- This one can be repeated --> -<!ELEMENT %pattern; %facetModel;> -<!ATTLIST %pattern; - %facetAttr; - %patternAttrs;> diff --git a/common/src/main/resources/resources/schemas/exclusive-canonicalization.xsd b/common/src/main/resources/resources/schemas/exclusive-canonicalization.xsd deleted file mode 100644 index d4a2d82ec..000000000 --- a/common/src/main/resources/resources/schemas/exclusive-canonicalization.xsd +++ /dev/null @@ -1,22 +0,0 @@ -<?xml version="1.0" encoding="utf-8"?>
-<!-- commented out for compatibility with Xerces 2.0.2
-<!DOCTYPE schema
- PUBLIC "-//W3C//DTD XMLSchema 200102//EN" "http://www.w3.org/2001/XMLSchema.dtd"
- [
- <!ATTLIST schema
- xmlns:ec CDATA #FIXED 'http://www.w3.org/2001/10/xml-exc-c14n#'>
- <!ENTITY ec 'http://www.w3.org/2001/10/xml-exc-c14n#'>
- <!ENTITY % p ''>
- <!ENTITY % s ''>
- ]>
--->
-<schema xmlns="http://www.w3.org/2001/XMLSchema"
- xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"
- targetNamespace="http://www.w3.org/2001/10/xml-exc-c14n#"
- version="0.1" elementFormDefault="qualified">
- <element name="InclusiveNamespaces"
- type="ec:InclusiveNamespaces"/>
- <complexType name="InclusiveNamespaces">
- <attribute name="PrefixList" type="string"/>
- </complexType>
-</schema>
\ No newline at end of file diff --git a/common/src/main/resources/resources/schemas/saml-schema-assertion-2.0.xsd b/common/src/main/resources/resources/schemas/saml-schema-assertion-2.0.xsd deleted file mode 100644 index 91706a8f5..000000000 --- a/common/src/main/resources/resources/schemas/saml-schema-assertion-2.0.xsd +++ /dev/null @@ -1,290 +0,0 @@ -<?xml version="1.0" encoding="US-ASCII"?>
-<schema
- targetNamespace="urn:oasis:names:tc:SAML:2.0:assertion"
- xmlns="http://www.w3.org/2001/XMLSchema"
- xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
- xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
- xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
- elementFormDefault="unqualified"
- attributeFormDefault="unqualified"
- blockDefault="substitution"
- version="2.0">
- <!--
- <import namespace="http://www.w3.org/2000/09/xmldsig#"
- schemaLocation="http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd"/>
- <import namespace="http://www.w3.org/2001/04/xmlenc#"
- schemaLocation="http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/xenc-schema.xsd"/>
- -->
- <import namespace="http://www.w3.org/2000/09/xmldsig#"
- schemaLocation="xmldsig-core-schema.xsd"/>
- <import namespace="http://www.w3.org/2001/04/xmlenc#"
- schemaLocation="xenc-schema.xsd"/>
-
- <annotation>
- <documentation>
- Document identifier: saml-schema-assertion-2.0
- Location: http://docs.oasis-open.org/security/saml/v2.0/
- Revision history:
- V1.0 (November, 2002):
- Initial Standard Schema.
- V1.1 (September, 2003):
- Updates within the same V1.0 namespace.
- V2.0 (March, 2005):
- New assertion schema for SAML V2.0 namespace.
- </documentation>
- </annotation>
- <attributeGroup name="IDNameQualifiers">
- <attribute name="NameQualifier" type="string" use="optional"/>
- <attribute name="SPNameQualifier" type="string" use="optional"/>
- </attributeGroup>
- <element name="BaseID" type="saml:BaseIDAbstractType"/>
- <complexType name="BaseIDAbstractType" abstract="true">
- <attributeGroup ref="saml:IDNameQualifiers"/>
- </complexType>
- <element name="NameID" type="saml:NameIDType"/>
- <complexType name="NameIDType">
- <simpleContent>
- <extension base="string">
- <attributeGroup ref="saml:IDNameQualifiers"/>
- <attribute name="Format" type="anyURI" use="optional"/>
- <attribute name="SPProvidedID" type="string" use="optional"/>
- </extension>
- </simpleContent>
- </complexType>
- <complexType name="EncryptedElementType">
- <sequence>
- <element ref="xenc:EncryptedData"/>
- <element ref="xenc:EncryptedKey" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- </complexType>
- <element name="EncryptedID" type="saml:EncryptedElementType"/>
- <element name="Issuer" type="saml:NameIDType"/>
- <element name="AssertionIDRef" type="NCName"/>
- <element name="AssertionURIRef" type="anyURI"/>
- <element name="Assertion" type="saml:AssertionType"/>
- <complexType name="AssertionType">
- <sequence>
- <element ref="saml:Issuer"/>
- <element ref="ds:Signature" minOccurs="0"/>
- <element ref="saml:Subject" minOccurs="0"/>
- <element ref="saml:Conditions" minOccurs="0"/>
- <element ref="saml:Advice" minOccurs="0"/>
- <choice minOccurs="0" maxOccurs="unbounded">
- <element ref="saml:Statement"/>
- <element ref="saml:AuthnStatement"/>
- <element ref="saml:AuthzDecisionStatement"/>
- <element ref="saml:AttributeStatement"/>
- </choice>
- </sequence>
- <attribute name="Version" type="string" use="required"/>
- <attribute name="ID" type="ID" use="required"/>
- <attribute name="IssueInstant" type="dateTime" use="required"/>
- </complexType>
- <element name="Subject" type="saml:SubjectType"/>
- <complexType name="SubjectType">
- <choice>
- <sequence>
- <choice>
- <element ref="saml:BaseID"/>
- <element ref="saml:NameID"/>
- <element ref="saml:EncryptedID"/>
- </choice>
- <element ref="saml:SubjectConfirmation" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- <element ref="saml:SubjectConfirmation" maxOccurs="unbounded"/>
- </choice>
- </complexType>
- <element name="SubjectConfirmation" type="saml:SubjectConfirmationType"/>
- <complexType name="SubjectConfirmationType">
- <sequence>
- <choice minOccurs="0">
- <element ref="saml:BaseID"/>
- <element ref="saml:NameID"/>
- <element ref="saml:EncryptedID"/>
- </choice>
- <element ref="saml:SubjectConfirmationData" minOccurs="0"/>
- </sequence>
- <attribute name="Method" type="anyURI" use="required"/>
- </complexType>
- <element name="SubjectConfirmationData" type="saml:SubjectConfirmationDataType"/>
- <complexType name="SubjectConfirmationDataType" mixed="true">
- <complexContent>
- <restriction base="anyType">
- <sequence>
- <any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- <attribute name="NotBefore" type="dateTime" use="optional"/>
- <attribute name="NotOnOrAfter" type="dateTime" use="optional"/>
- <attribute name="Recipient" type="anyURI" use="optional"/>
- <attribute name="InResponseTo" type="NCName" use="optional"/>
- <attribute name="Address" type="string" use="optional"/>
- <anyAttribute namespace="##other" processContents="lax"/>
- </restriction>
- </complexContent>
- </complexType>
- <complexType name="KeyInfoConfirmationDataType" mixed="false">
- <complexContent>
- <restriction base="saml:SubjectConfirmationDataType">
- <sequence>
- <element ref="ds:KeyInfo" maxOccurs="unbounded"/>
- </sequence>
- </restriction>
- </complexContent>
- </complexType>
- <element name="Conditions" type="saml:ConditionsType"/>
- <complexType name="ConditionsType">
- <choice minOccurs="0" maxOccurs="unbounded">
- <element ref="saml:Condition"/>
- <element ref="saml:AudienceRestriction"/>
- <element ref="saml:OneTimeUse"/>
- <element ref="saml:ProxyRestriction"/>
- </choice>
- <attribute name="NotBefore" type="dateTime" use="optional"/>
- <attribute name="NotOnOrAfter" type="dateTime" use="optional"/>
- </complexType>
- <element name="Condition" type="saml:ConditionAbstractType"/>
- <complexType name="ConditionAbstractType" abstract="true"/>
- <element name="AudienceRestriction" type="saml:AudienceRestrictionType"/>
- <complexType name="AudienceRestrictionType">
- <complexContent>
- <extension base="saml:ConditionAbstractType">
- <sequence>
- <element ref="saml:Audience" maxOccurs="unbounded"/>
- </sequence>
- </extension>
- </complexContent>
- </complexType>
- <element name="Audience" type="anyURI"/>
- <element name="OneTimeUse" type="saml:OneTimeUseType" />
- <complexType name="OneTimeUseType">
- <complexContent>
- <extension base="saml:ConditionAbstractType"/>
- </complexContent>
- </complexType>
- <element name="ProxyRestriction" type="saml:ProxyRestrictionType"/>
- <complexType name="ProxyRestrictionType">
- <complexContent>
- <extension base="saml:ConditionAbstractType">
- <sequence>
- <element ref="saml:Audience" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- <attribute name="Count" type="nonNegativeInteger" use="optional"/>
- </extension>
- </complexContent>
- </complexType>
- <element name="Advice" type="saml:AdviceType"/>
- <complexType name="AdviceType">
- <choice minOccurs="0" maxOccurs="unbounded">
- <element ref="saml:AssertionIDRef"/>
- <element ref="saml:AssertionURIRef"/>
- <element ref="saml:Assertion"/>
- <element ref="saml:EncryptedAssertion"/>
- <any namespace="##other" processContents="lax"/>
- </choice>
- </complexType>
- <element name="EncryptedAssertion" type="saml:EncryptedElementType"/>
- <element name="Statement" type="saml:StatementAbstractType"/>
- <complexType name="StatementAbstractType" abstract="true"/>
- <element name="AuthnStatement" type="saml:AuthnStatementType"/>
- <complexType name="AuthnStatementType">
- <complexContent>
- <extension base="saml:StatementAbstractType">
- <sequence>
- <element ref="saml:SubjectLocality" minOccurs="0"/>
- <element ref="saml:AuthnContext"/>
- </sequence>
- <attribute name="AuthnInstant" type="dateTime" use="required"/>
- <attribute name="SessionIndex" type="string" use="optional"/>
- <attribute name="SessionNotOnOrAfter" type="dateTime" use="optional"/>
- </extension>
- </complexContent>
- </complexType>
- <element name="SubjectLocality" type="saml:SubjectLocalityType"/>
- <complexType name="SubjectLocalityType">
- <attribute name="Address" type="string" use="optional"/>
- <attribute name="DNSName" type="string" use="optional"/>
- </complexType>
- <element name="AuthnContext" type="saml:AuthnContextType"/>
- <complexType name="AuthnContextType">
- <sequence>
- <choice>
- <sequence>
- <element ref="saml:AuthnContextClassRef"/>
- <choice minOccurs="0">
- <element ref="saml:AuthnContextDecl"/>
- <element ref="saml:AuthnContextDeclRef"/>
- </choice>
- </sequence>
- <choice>
- <element ref="saml:AuthnContextDecl"/>
- <element ref="saml:AuthnContextDeclRef"/>
- </choice>
- </choice>
- <element ref="saml:AuthenticatingAuthority" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- </complexType>
- <element name="AuthnContextClassRef" type="anyURI"/>
- <element name="AuthnContextDeclRef" type="anyURI"/>
- <element name="AuthnContextDecl" type="anyType"/>
- <element name="AuthenticatingAuthority" type="anyURI"/>
- <element name="AuthzDecisionStatement" type="saml:AuthzDecisionStatementType"/>
- <complexType name="AuthzDecisionStatementType">
- <complexContent>
- <extension base="saml:StatementAbstractType">
- <sequence>
- <element ref="saml:Action" maxOccurs="unbounded"/>
- <element ref="saml:Evidence" minOccurs="0"/>
- </sequence>
- <attribute name="Resource" type="anyURI" use="required"/>
- <attribute name="Decision" type="saml:DecisionType" use="required"/>
- </extension>
- </complexContent>
- </complexType>
- <simpleType name="DecisionType">
- <restriction base="string">
- <enumeration value="Permit"/>
- <enumeration value="Deny"/>
- <enumeration value="Indeterminate"/>
- </restriction>
- </simpleType>
- <element name="Action" type="saml:ActionType"/>
- <complexType name="ActionType">
- <simpleContent>
- <extension base="string">
- <attribute name="Namespace" type="anyURI" use="required"/>
- </extension>
- </simpleContent>
- </complexType>
- <element name="Evidence" type="saml:EvidenceType"/>
- <complexType name="EvidenceType">
- <choice maxOccurs="unbounded">
- <element ref="saml:AssertionIDRef"/>
- <element ref="saml:AssertionURIRef"/>
- <element ref="saml:Assertion"/>
- <element ref="saml:EncryptedAssertion"/>
- </choice>
- </complexType>
- <element name="AttributeStatement" type="saml:AttributeStatementType"/>
- <complexType name="AttributeStatementType">
- <complexContent>
- <extension base="saml:StatementAbstractType">
- <choice maxOccurs="unbounded">
- <element ref="saml:Attribute"/>
- <element ref="saml:EncryptedAttribute"/>
- </choice>
- </extension>
- </complexContent>
- </complexType>
- <element name="Attribute" type="saml:AttributeType"/>
- <complexType name="AttributeType">
- <sequence>
- <element ref="saml:AttributeValue" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- <attribute name="Name" type="string" use="required"/>
- <attribute name="NameFormat" type="anyURI" use="optional"/>
- <attribute name="FriendlyName" type="string" use="optional"/>
- <anyAttribute namespace="##other" processContents="lax"/>
- </complexType>
- <element name="AttributeValue" type="anyType" nillable="true"/>
- <element name="EncryptedAttribute" type="saml:EncryptedElementType"/>
-</schema>
diff --git a/common/src/main/resources/resources/schemas/saml-schema-metadata-2.0.xsd b/common/src/main/resources/resources/schemas/saml-schema-metadata-2.0.xsd deleted file mode 100644 index 625b66dfc..000000000 --- a/common/src/main/resources/resources/schemas/saml-schema-metadata-2.0.xsd +++ /dev/null @@ -1,323 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?>
-<schema targetNamespace="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns="http://www.w3.org/2001/XMLSchema" elementFormDefault="unqualified" attributeFormDefault="unqualified" blockDefault="substitution" version="2.0">
- <import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd"/>
- <import namespace="http://www.w3.org/2001/04/xmlenc#" schemaLocation="http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/xenc-schema.xsd"/>
- <import namespace="urn:oasis:names:tc:SAML:2.0:assertion" schemaLocation="saml-schema-assertion-2.0.xsd"/>
- <import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="http://www.w3.org/2001/xml.xsd"/>
- <annotation>
- <documentation>
- Document identifier: saml-schema-metadata-2.0
- Location: http://docs.oasis-open.org/security/saml/v2.0/
- Revision history:
- V2.0 (March, 2005):
- Schema for SAML metadata, first published in SAML 2.0.
- </documentation>
- </annotation>
-
- <simpleType name="entityIDType">
- <restriction base="anyURI">
- <maxLength value="1024"/>
- </restriction>
- </simpleType>
- <complexType name="localizedNameType">
- <simpleContent>
- <extension base="string">
- <attribute ref="xml:lang" use="required"/>
- </extension>
- </simpleContent>
- </complexType>
- <complexType name="localizedURIType">
- <simpleContent>
- <extension base="anyURI">
- <attribute ref="xml:lang" use="required"/>
- </extension>
- </simpleContent>
- </complexType>
-
- <element name="Extensions" type="md:ExtensionsType"/>
- <complexType final="#all" name="ExtensionsType">
- <sequence>
- <any namespace="##other" processContents="lax" maxOccurs="unbounded"/>
- </sequence>
- </complexType>
-
- <complexType name="EndpointType">
- <sequence>
- <any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- <attribute name="Binding" type="anyURI" use="required"/>
- <attribute name="Location" type="anyURI" use="required"/>
- <attribute name="ResponseLocation" type="anyURI" use="optional"/>
- <anyAttribute namespace="##other" processContents="lax"/>
- </complexType>
-
- <complexType name="IndexedEndpointType">
- <complexContent>
- <extension base="md:EndpointType">
- <attribute name="index" type="unsignedShort" use="required"/>
- <attribute name="isDefault" type="boolean" use="optional"/>
- </extension>
- </complexContent>
- </complexType>
-
- <element name="EntitiesDescriptor" type="md:EntitiesDescriptorType"/>
- <complexType name="EntitiesDescriptorType">
- <sequence>
- <element ref="ds:Signature" minOccurs="0"/>
- <element ref="md:Extensions" minOccurs="0"/>
- <choice minOccurs="1" maxOccurs="unbounded">
- <element ref="md:EntityDescriptor"/>
- <element ref="md:EntitiesDescriptor"/>
- </choice>
- </sequence>
- <attribute name="validUntil" type="dateTime" use="optional"/>
- <attribute name="cacheDuration" type="duration" use="optional"/>
- <attribute name="ID" type="ID" use="optional"/>
- <attribute name="Name" type="string" use="optional"/>
- </complexType>
-
- <element name="EntityDescriptor" type="md:EntityDescriptorType"/>
- <complexType name="EntityDescriptorType">
- <sequence>
- <element ref="ds:Signature" minOccurs="0"/>
- <element ref="md:Extensions" minOccurs="0"/>
- <choice>
- <choice maxOccurs="unbounded">
- <element ref="md:RoleDescriptor"/>
- <element ref="md:IDPSSODescriptor"/>
- <element ref="md:SPSSODescriptor"/>
- <element ref="md:AuthnAuthorityDescriptor"/>
- <element ref="md:AttributeAuthorityDescriptor"/>
- <element ref="md:PDPDescriptor"/>
- </choice>
- <element ref="md:AffiliationDescriptor"/>
- </choice>
- <element ref="md:Organization" minOccurs="0"/>
- <element ref="md:ContactPerson" minOccurs="0" maxOccurs="unbounded"/>
- <element ref="md:AdditionalMetadataLocation" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- <attribute name="entityID" type="md:entityIDType" use="required"/>
- <attribute name="validUntil" type="dateTime" use="optional"/>
- <attribute name="cacheDuration" type="duration" use="optional"/>
- <attribute name="ID" type="ID" use="optional"/>
- <anyAttribute namespace="##other" processContents="lax"/>
- </complexType>
-
- <element name="Organization" type="md:OrganizationType"/>
- <complexType name="OrganizationType">
- <sequence>
- <element ref="md:Extensions" minOccurs="0"/>
- <element ref="md:OrganizationName" maxOccurs="unbounded"/>
- <element ref="md:OrganizationDisplayName" maxOccurs="unbounded"/>
- <element ref="md:OrganizationURL" maxOccurs="unbounded"/>
- </sequence>
- <anyAttribute namespace="##other" processContents="lax"/>
- </complexType>
- <element name="OrganizationName" type="md:localizedNameType"/>
- <element name="OrganizationDisplayName" type="md:localizedNameType"/>
- <element name="OrganizationURL" type="md:localizedURIType"/>
- <element name="ContactPerson" type="md:ContactType"/>
- <complexType name="ContactType">
- <sequence>
- <element ref="md:Extensions" minOccurs="0"/>
- <element ref="md:Company" minOccurs="0"/>
- <element ref="md:GivenName" minOccurs="0"/>
- <element ref="md:SurName" minOccurs="0"/>
- <element ref="md:EmailAddress" minOccurs="0" maxOccurs="unbounded"/>
- <element ref="md:TelephoneNumber" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- <attribute name="contactType" type="md:ContactTypeType" use="required"/>
- <anyAttribute namespace="##other" processContents="lax"/>
- </complexType>
- <element name="Company" type="string"/>
- <element name="GivenName" type="string"/>
- <element name="SurName" type="string"/>
- <element name="EmailAddress" type="anyURI"/>
- <element name="TelephoneNumber" type="string"/>
- <simpleType name="ContactTypeType">
- <restriction base="string">
- <enumeration value="technical"/>
- <enumeration value="support"/>
- <enumeration value="administrative"/>
- <enumeration value="billing"/>
- <enumeration value="other"/>
- </restriction>
- </simpleType>
-
- <element name="AdditionalMetadataLocation" type="md:AdditionalMetadataLocationType"/>
- <complexType name="AdditionalMetadataLocationType">
- <simpleContent>
- <extension base="anyURI">
- <attribute name="namespace" type="anyURI" use="required"/>
- </extension>
- </simpleContent>
- </complexType>
-
- <element name="RoleDescriptor" type="md:RoleDescriptorType"/>
- <complexType name="RoleDescriptorType" abstract="true">
- <sequence>
- <element ref="ds:Signature" minOccurs="0"/>
- <element ref="md:Extensions" minOccurs="0"/>
- <element ref="md:KeyDescriptor" minOccurs="0" maxOccurs="unbounded"/>
- <element ref="md:Organization" minOccurs="0"/>
- <element ref="md:ContactPerson" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- <attribute name="ID" type="ID" use="optional"/>
- <attribute name="validUntil" type="dateTime" use="optional"/>
- <attribute name="cacheDuration" type="duration" use="optional"/>
- <attribute name="protocolSupportEnumeration" type="md:anyURIListType" use="required"/>
- <attribute name="errorURL" type="anyURI" use="optional"/>
- <anyAttribute namespace="##other" processContents="lax"/>
- </complexType>
- <simpleType name="anyURIListType">
- <list itemType="anyURI"/>
- </simpleType>
-
- <element name="KeyDescriptor" type="md:KeyDescriptorType"/>
- <complexType name="KeyDescriptorType">
- <sequence>
- <element ref="ds:KeyInfo"/>
- <element ref="md:EncryptionMethod" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- <attribute name="use" type="md:KeyTypes" use="optional"/>
- </complexType>
- <simpleType name="KeyTypes">
- <restriction base="string">
- <enumeration value="encryption"/>
- <enumeration value="signing"/>
- </restriction>
- </simpleType>
- <element name="EncryptionMethod" type="xenc:EncryptionMethodType"/>
-
- <complexType name="SSODescriptorType" abstract="true">
- <complexContent>
- <extension base="md:RoleDescriptorType">
- <sequence>
- <element ref="md:ArtifactResolutionService" minOccurs="0" maxOccurs="unbounded"/>
- <element ref="md:SingleLogoutService" minOccurs="0" maxOccurs="unbounded"/>
- <element ref="md:ManageNameIDService" minOccurs="0" maxOccurs="unbounded"/>
- <element ref="md:NameIDFormat" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- </extension>
- </complexContent>
- </complexType>
- <element name="ArtifactResolutionService" type="md:IndexedEndpointType"/>
- <element name="SingleLogoutService" type="md:EndpointType"/>
- <element name="ManageNameIDService" type="md:EndpointType"/>
- <element name="NameIDFormat" type="anyURI"/>
-
- <element name="IDPSSODescriptor" type="md:IDPSSODescriptorType"/>
- <complexType name="IDPSSODescriptorType">
- <complexContent>
- <extension base="md:SSODescriptorType">
- <sequence>
- <element ref="md:SingleSignOnService" maxOccurs="unbounded"/>
- <element ref="md:NameIDMappingService" minOccurs="0" maxOccurs="unbounded"/>
- <element ref="md:AssertionIDRequestService" minOccurs="0" maxOccurs="unbounded"/>
- <element ref="md:AttributeProfile" minOccurs="0" maxOccurs="unbounded"/>
- <element ref="saml:Attribute" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- <attribute name="WantAuthnRequestsSigned" type="boolean" use="optional"/>
- </extension>
- </complexContent>
- </complexType>
- <element name="SingleSignOnService" type="md:EndpointType"/>
- <element name="NameIDMappingService" type="md:EndpointType"/>
- <element name="AssertionIDRequestService" type="md:EndpointType"/>
- <element name="AttributeProfile" type="anyURI"/>
-
- <element name="SPSSODescriptor" type="md:SPSSODescriptorType"/>
- <complexType name="SPSSODescriptorType">
- <complexContent>
- <extension base="md:SSODescriptorType">
- <sequence>
- <element ref="md:AssertionConsumerService" maxOccurs="unbounded"/>
- <element ref="md:AttributeConsumingService" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- <attribute name="AuthnRequestsSigned" type="boolean" use="optional"/>
- <attribute name="WantAssertionsSigned" type="boolean" use="optional"/>
- </extension>
- </complexContent>
- </complexType>
- <element name="AssertionConsumerService" type="md:IndexedEndpointType"/>
- <element name="AttributeConsumingService" type="md:AttributeConsumingServiceType"/>
- <complexType name="AttributeConsumingServiceType">
- <sequence>
- <element ref="md:ServiceName" maxOccurs="unbounded"/>
- <element ref="md:ServiceDescription" minOccurs="0" maxOccurs="unbounded"/>
- <element ref="md:RequestedAttribute" maxOccurs="unbounded"/>
- </sequence>
- <attribute name="index" type="unsignedShort" use="required"/>
- <attribute name="isDefault" type="boolean" use="optional"/>
- </complexType>
- <element name="ServiceName" type="md:localizedNameType"/>
- <element name="ServiceDescription" type="md:localizedNameType"/>
- <element name="RequestedAttribute" type="md:RequestedAttributeType"/>
- <complexType name="RequestedAttributeType">
- <complexContent>
- <extension base="saml:AttributeType">
- <attribute name="isRequired" type="boolean" use="optional"/>
- </extension>
- </complexContent>
- </complexType>
-
- <element name="AuthnAuthorityDescriptor" type="md:AuthnAuthorityDescriptorType"/>
- <complexType name="AuthnAuthorityDescriptorType">
- <complexContent>
- <extension base="md:RoleDescriptorType">
- <sequence>
- <element ref="md:AuthnQueryService" maxOccurs="unbounded"/>
- <element ref="md:AssertionIDRequestService" minOccurs="0" maxOccurs="unbounded"/>
- <element ref="md:NameIDFormat" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- </extension>
- </complexContent>
- </complexType>
- <element name="AuthnQueryService" type="md:EndpointType"/>
-
- <element name="PDPDescriptor" type="md:PDPDescriptorType"/>
- <complexType name="PDPDescriptorType">
- <complexContent>
- <extension base="md:RoleDescriptorType">
- <sequence>
- <element ref="md:AuthzService" maxOccurs="unbounded"/>
- <element ref="md:AssertionIDRequestService" minOccurs="0" maxOccurs="unbounded"/>
- <element ref="md:NameIDFormat" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- </extension>
- </complexContent>
- </complexType>
- <element name="AuthzService" type="md:EndpointType"/>
-
- <element name="AttributeAuthorityDescriptor" type="md:AttributeAuthorityDescriptorType"/>
- <complexType name="AttributeAuthorityDescriptorType">
- <complexContent>
- <extension base="md:RoleDescriptorType">
- <sequence>
- <element ref="md:AttributeService" maxOccurs="unbounded"/>
- <element ref="md:AssertionIDRequestService" minOccurs="0" maxOccurs="unbounded"/>
- <element ref="md:NameIDFormat" minOccurs="0" maxOccurs="unbounded"/>
- <element ref="md:AttributeProfile" minOccurs="0" maxOccurs="unbounded"/>
- <element ref="saml:Attribute" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- </extension>
- </complexContent>
- </complexType>
- <element name="AttributeService" type="md:EndpointType"/>
-
- <element name="AffiliationDescriptor" type="md:AffiliationDescriptorType"/>
- <complexType name="AffiliationDescriptorType">
- <sequence>
- <element ref="ds:Signature" minOccurs="0"/>
- <element ref="md:Extensions" minOccurs="0"/>
- <element ref="md:AffiliateMember" maxOccurs="unbounded"/>
- <element ref="md:KeyDescriptor" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- <attribute name="affiliationOwnerID" type="md:entityIDType" use="required"/>
- <attribute name="validUntil" type="dateTime" use="optional"/>
- <attribute name="cacheDuration" type="duration" use="optional"/>
- <attribute name="ID" type="ID" use="optional"/>
- <anyAttribute namespace="##other" processContents="lax"/>
- </complexType>
- <element name="AffiliateMember" type="md:entityIDType"/>
-</schema>
\ No newline at end of file diff --git a/common/src/main/resources/resources/schemas/saml-schema-protocol-2.0.xsd b/common/src/main/resources/resources/schemas/saml-schema-protocol-2.0.xsd deleted file mode 100644 index 768241056..000000000 --- a/common/src/main/resources/resources/schemas/saml-schema-protocol-2.0.xsd +++ /dev/null @@ -1,306 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?>
-<schema
- targetNamespace="urn:oasis:names:tc:SAML:2.0:protocol"
- xmlns="http://www.w3.org/2001/XMLSchema"
- xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
- xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
- xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
- elementFormDefault="unqualified"
- attributeFormDefault="unqualified"
- blockDefault="substitution"
- version="2.0">
- <import namespace="urn:oasis:names:tc:SAML:2.0:assertion"
- schemaLocation="saml-schema-assertion-2.0.xsd"/>
- <!--
- <import namespace="http://www.w3.org/2000/09/xmldsig#"
- schemaLocation="http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd"/>
- -->
- <import namespace="http://www.w3.org/2000/09/xmldsig#"
- schemaLocation="xmldsig-core-schema.xsd"/>
- <annotation>
- <documentation>
- Document identifier: saml-schema-protocol-2.0
- Location: http://docs.oasis-open.org/security/saml/v2.0/
- Revision history:
- V1.0 (November, 2002):
- Initial Standard Schema.
- V1.1 (September, 2003):
- Updates within the same V1.0 namespace.
- V2.0 (March, 2005):
- New protocol schema based in a SAML V2.0 namespace.
- </documentation>
- </annotation>
- <complexType name="RequestAbstractType" abstract="true">
- <sequence>
- <element ref="saml:Issuer" minOccurs="0"/>
- <element ref="ds:Signature" minOccurs="0"/>
- <element ref="samlp:Extensions" minOccurs="0"/>
- </sequence>
- <attribute name="ID" type="ID" use="required"/>
- <attribute name="Version" type="string" use="required"/>
- <attribute name="IssueInstant" type="dateTime" use="required"/>
- <attribute name="Destination" type="anyURI" use="optional"/>
- <attribute name="Consent" type="anyURI" use="optional"/>
- </complexType>
- <element name="Extensions" type="samlp:ExtensionsType"/>
- <complexType name="ExtensionsType">
- <sequence>
- <any namespace="##other" processContents="lax" maxOccurs="unbounded"/>
- </sequence>
- </complexType>
- <complexType name="StatusResponseType">
- <sequence>
- <element ref="saml:Issuer" minOccurs="0"/>
- <element ref="ds:Signature" minOccurs="0"/>
- <element ref="samlp:Extensions" minOccurs="0"/>
- <element ref="samlp:Status"/>
- </sequence>
- <attribute name="ID" type="ID" use="required"/>
- <attribute name="InResponseTo" type="NCName" use="optional"/>
- <attribute name="Version" type="string" use="required"/>
- <attribute name="IssueInstant" type="dateTime" use="required"/>
- <attribute name="Destination" type="anyURI" use="optional"/>
- <attribute name="Consent" type="anyURI" use="optional"/>
- </complexType>
- <element name="Status" type="samlp:StatusType"/>
- <complexType name="StatusType">
- <sequence>
- <element ref="samlp:StatusCode"/>
- <element ref="samlp:StatusMessage" minOccurs="0"/>
- <element ref="samlp:StatusDetail" minOccurs="0"/>
- </sequence>
- </complexType>
- <element name="StatusCode" type="samlp:StatusCodeType"/>
- <complexType name="StatusCodeType">
- <sequence>
- <element ref="samlp:StatusCode" minOccurs="0"/>
- </sequence>
- <attribute name="Value" type="anyURI" use="required"/>
- </complexType>
- <element name="StatusMessage" type="string"/>
- <element name="StatusDetail" type="samlp:StatusDetailType"/>
- <complexType name="StatusDetailType">
- <sequence>
- <any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- </complexType>
- <element name="AssertionIDRequest" type="samlp:AssertionIDRequestType"/>
- <complexType name="AssertionIDRequestType">
- <complexContent>
- <extension base="samlp:RequestAbstractType">
- <sequence>
- <element ref="saml:AssertionIDRef" maxOccurs="unbounded"/>
- </sequence>
- </extension>
- </complexContent>
- </complexType>
- <element name="SubjectQuery" type="samlp:SubjectQueryAbstractType"/>
- <complexType name="SubjectQueryAbstractType" abstract="true">
- <complexContent>
- <extension base="samlp:RequestAbstractType">
- <sequence>
- <element ref="saml:Subject"/>
- </sequence>
- </extension>
- </complexContent>
- </complexType>
- <element name="AuthnQuery" type="samlp:AuthnQueryType"/>
- <complexType name="AuthnQueryType">
- <complexContent>
- <extension base="samlp:SubjectQueryAbstractType">
- <sequence>
- <element ref="samlp:RequestedAuthnContext" minOccurs="0"/>
- </sequence>
- <attribute name="SessionIndex" type="string" use="optional"/>
- </extension>
- </complexContent>
- </complexType>
- <element name="RequestedAuthnContext" type="samlp:RequestedAuthnContextType"/>
- <complexType name="RequestedAuthnContextType">
- <choice>
- <element ref="saml:AuthnContextClassRef" maxOccurs="unbounded"/>
- <element ref="saml:AuthnContextDeclRef" maxOccurs="unbounded"/>
- </choice>
- <attribute name="Comparison" type="samlp:AuthnContextComparisonType" use="optional"/>
- </complexType>
- <simpleType name="AuthnContextComparisonType">
- <restriction base="string">
- <enumeration value="exact"/>
- <enumeration value="minimum"/>
- <enumeration value="maximum"/>
- <enumeration value="better"/>
- </restriction>
- </simpleType>
- <element name="AttributeQuery" type="samlp:AttributeQueryType"/>
- <complexType name="AttributeQueryType">
- <complexContent>
- <extension base="samlp:SubjectQueryAbstractType">
- <sequence>
- <element ref="saml:Attribute" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- </extension>
- </complexContent>
- </complexType>
- <element name="AuthzDecisionQuery" type="samlp:AuthzDecisionQueryType"/>
- <complexType name="AuthzDecisionQueryType">
- <complexContent>
- <extension base="samlp:SubjectQueryAbstractType">
- <sequence>
- <element ref="saml:Action" maxOccurs="unbounded"/>
- <element ref="saml:Evidence" minOccurs="0"/>
- </sequence>
- <attribute name="Resource" type="anyURI" use="required"/>
- </extension>
- </complexContent>
- </complexType>
- <element name="AuthnRequest" type="samlp:AuthnRequestType"/>
- <complexType name="AuthnRequestType">
- <complexContent>
- <extension base="samlp:RequestAbstractType">
- <sequence>
- <element ref="saml:Subject" minOccurs="0"/>
- <element ref="samlp:NameIDPolicy" minOccurs="0"/>
- <element ref="saml:Conditions" minOccurs="0"/>
- <element ref="samlp:RequestedAuthnContext" minOccurs="0"/>
- <element ref="samlp:Scoping" minOccurs="0"/>
- </sequence>
- <attribute name="ForceAuthn" type="boolean" use="optional"/>
- <attribute name="IsPassive" type="boolean" use="optional"/>
- <attribute name="ProtocolBinding" type="anyURI" use="optional"/>
- <attribute name="AssertionConsumerServiceIndex" type="unsignedShort" use="optional"/>
- <attribute name="AssertionConsumerServiceURL" type="anyURI" use="optional"/>
- <attribute name="AttributeConsumingServiceIndex" type="unsignedShort" use="optional"/>
- <attribute name="ProviderName" type="string" use="optional"/>
- </extension>
- </complexContent>
- </complexType>
- <element name="NameIDPolicy" type="samlp:NameIDPolicyType"/>
- <complexType name="NameIDPolicyType">
- <attribute name="Format" type="anyURI" use="optional"/>
- <attribute name="SPNameQualifier" type="string" use="optional"/>
- <attribute name="AllowCreate" type="boolean" use="optional"/>
- </complexType>
- <element name="Scoping" type="samlp:ScopingType"/>
- <complexType name="ScopingType">
- <sequence>
- <element ref="samlp:IDPList" minOccurs="0"/>
- <element ref="samlp:RequesterID" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- <attribute name="ProxyCount" type="nonNegativeInteger" use="optional"/>
- </complexType>
- <element name="RequesterID" type="anyURI"/>
- <element name="IDPList" type="samlp:IDPListType"/>
- <complexType name="IDPListType">
- <sequence>
- <element ref="samlp:IDPEntry" maxOccurs="unbounded"/>
- <element ref="samlp:GetComplete" minOccurs="0"/>
- </sequence>
- </complexType>
- <element name="IDPEntry" type="samlp:IDPEntryType"/>
- <complexType name="IDPEntryType">
- <attribute name="ProviderID" type="anyURI" use="required"/>
- <attribute name="Name" type="string" use="optional"/>
- <attribute name="Loc" type="anyURI" use="optional"/>
- </complexType>
- <element name="GetComplete" type="anyURI"/>
- <element name="Response" type="samlp:ResponseType"/>
- <complexType name="ResponseType">
- <complexContent>
- <extension base="samlp:StatusResponseType">
- <choice minOccurs="0" maxOccurs="unbounded">
- <element ref="saml:Assertion"/>
- <element ref="saml:EncryptedAssertion"/>
- </choice>
- </extension>
- </complexContent>
- </complexType>
- <element name="ArtifactResolve" type="samlp:ArtifactResolveType"/>
- <complexType name="ArtifactResolveType">
- <complexContent>
- <extension base="samlp:RequestAbstractType">
- <sequence>
- <element ref="samlp:Artifact"/>
- </sequence>
- </extension>
- </complexContent>
- </complexType>
- <element name="Artifact" type="string"/>
- <element name="ArtifactResponse" type="samlp:ArtifactResponseType"/>
- <complexType name="ArtifactResponseType">
- <complexContent>
- <extension base="samlp:StatusResponseType">
- <sequence>
- <any namespace="##any" processContents="lax" minOccurs="0"/>
- </sequence>
- </extension>
- </complexContent>
- </complexType>
- <element name="ManageNameIDRequest" type="samlp:ManageNameIDRequestType"/>
- <complexType name="ManageNameIDRequestType">
- <complexContent>
- <extension base="samlp:RequestAbstractType">
- <sequence>
- <choice>
- <element ref="saml:NameID"/>
- <element ref="saml:EncryptedID"/>
- </choice>
- <choice>
- <element ref="samlp:NewID"/>
- <element ref="samlp:NewEncryptedID"/>
- <element ref="samlp:Terminate"/>
- </choice>
- </sequence>
- </extension>
- </complexContent>
- </complexType>
- <element name="NewID" type="string"/>
- <element name="NewEncryptedID" type="saml:EncryptedElementType"/>
- <element name="Terminate" type="samlp:TerminateType"/>
- <complexType name="TerminateType"/>
- <element name="ManageNameIDResponse" type="samlp:StatusResponseType"/>
- <element name="LogoutRequest" type="samlp:LogoutRequestType"/>
- <complexType name="LogoutRequestType">
- <complexContent>
- <extension base="samlp:RequestAbstractType">
- <sequence>
- <choice>
- <element ref="saml:BaseID"/>
- <element ref="saml:NameID"/>
- <element ref="saml:EncryptedID"/>
- </choice>
- <element ref="samlp:SessionIndex" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- <attribute name="Reason" type="string" use="optional"/>
- <attribute name="NotOnOrAfter" type="dateTime" use="optional"/>
- </extension>
- </complexContent>
- </complexType>
- <element name="SessionIndex" type="string"/>
- <element name="LogoutResponse" type="samlp:StatusResponseType"/>
- <element name="NameIDMappingRequest" type="samlp:NameIDMappingRequestType"/>
- <complexType name="NameIDMappingRequestType">
- <complexContent>
- <extension base="samlp:RequestAbstractType">
- <sequence>
- <choice>
- <element ref="saml:BaseID"/>
- <element ref="saml:NameID"/>
- <element ref="saml:EncryptedID"/>
- </choice>
- <element ref="samlp:NameIDPolicy"/>
- </sequence>
- </extension>
- </complexContent>
- </complexType>
- <element name="NameIDMappingResponse" type="samlp:NameIDMappingResponseType"/>
- <complexType name="NameIDMappingResponseType">
- <complexContent>
- <extension base="samlp:StatusResponseType">
- <choice>
- <element ref="saml:NameID"/>
- <element ref="saml:EncryptedID"/>
- </choice>
- </extension>
- </complexContent>
- </complexType>
-</schema>
diff --git a/common/src/main/resources/resources/schemas/stork-schema-assertion-1.0.xsd b/common/src/main/resources/resources/schemas/stork-schema-assertion-1.0.xsd deleted file mode 100644 index ecb001f68..000000000 --- a/common/src/main/resources/resources/schemas/stork-schema-assertion-1.0.xsd +++ /dev/null @@ -1,80 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?>
-<xs:schema
- elementFormDefault="qualified"
- targetNamespace="urn:eu:stork:names:tc:STORK:1.0:assertion"
- xmlns:xs="http://www.w3.org/2001/XMLSchema"
- xmlns:storkp="urn:eu:stork:names:tc:STORK:1.0:protocol"
- xmlns:stork="urn:eu:stork:names:tc:STORK:1.0:assertion">
-
- <xs:element name="QualityAuthenticationAssuranceLevel" type="stork:QualityAuthenticationAssuranceLevelType" />
- <xs:element name="spSector" type="stork:SPSectorType" />
- <xs:element name="spApplication" type="stork:SPApplicationType"/>
- <xs:element name="spCountry" type="stork:CountryCodeType"/>
- <xs:element name="CitizenCountryCode" type="stork:CountryCodeType" />
- <xs:element name="RequestedAttribute" type="stork:RequestedAttributeType" />
- <xs:element name="AttributeValue" type="xs:anyType" />
- <xs:element name="canonicalResidenceAddress" type="stork:canonicalResidenceAddressType"/>
- <xs:element name="countryCodeAddress" type="stork:CountryCodeType"/>
-
- <xs:attribute name="AttributeStatus" type="stork:AttributeStatusType" />
-
-
- <xs:simpleType name="SPSectorType">
- <xs:restriction base="xs:string">
- <xs:minLength value="1" />
- <xs:maxLength value="20" />
- </xs:restriction>
- </xs:simpleType>
-
- <xs:simpleType name="SPApplicationType">
- <xs:restriction base="xs:string">
- <xs:minLength value="1" />
- <xs:maxLength value="100" />
- </xs:restriction>
- </xs:simpleType>
-
- <xs:simpleType name="AttributeStatusType">
- <xs:restriction base="xs:string">
- <xs:enumeration value="Available" />
- <xs:enumeration value="NotAvailable" />
- <xs:enumeration value="Withheld" />
- </xs:restriction>
- </xs:simpleType>
-
- <xs:simpleType name="QualityAuthenticationAssuranceLevelType">
- <xs:restriction base="xs:integer">
- <xs:minInclusive value="1" />
- <xs:maxInclusive value="4" />
- </xs:restriction>
- </xs:simpleType>
-
- <xs:complexType name="canonicalResidenceAddressType">
- <xs:sequence>
- <xs:element name="countryCodeAddress" type="stork:CountryCodeType" />
- <xs:element name="state" type="xs:string" minOccurs="0"/>
- <xs:element name="municipalityCode" type="xs:string" minOccurs="0"/>
- <xs:element name="town" type="xs:string"/>
- <xs:element name="postalCode" type="xs:string"/>
- <xs:element name="streetName" type="xs:string"/>
- <xs:element name="streetNumber" type="xs:string" minOccurs="0"/>
- <xs:element name="apartmentNumber" type="xs:string" minOccurs="0"/>
- </xs:sequence>
- </xs:complexType>
-
- <xs:simpleType name="CountryCodeType">
- <xs:restriction base="xs:token">
- <xs:pattern value="[A-Z]{2}"/>
- </xs:restriction>
- </xs:simpleType>
-
- <xs:complexType name="RequestedAttributeType">
- <xs:sequence>
- <xs:element minOccurs="0" maxOccurs="unbounded" ref="stork:AttributeValue"/>
- </xs:sequence>
- <xs:attribute name="Name" use="required" type="xs:string"/>
- <xs:attribute name="NameFormat" use="required" type="xs:anyURI"/>
- <xs:attribute name="FriendlyName" use="optional" type="xs:string"/>
- <xs:attribute name="isRequired" use="optional" type="xs:boolean"/>
- <xs:anyAttribute namespace="##other" processContents="lax"/>
- </xs:complexType>
-</xs:schema>
diff --git a/common/src/main/resources/resources/schemas/stork-schema-protocol-1.0.xsd b/common/src/main/resources/resources/schemas/stork-schema-protocol-1.0.xsd deleted file mode 100644 index a8efa533c..000000000 --- a/common/src/main/resources/resources/schemas/stork-schema-protocol-1.0.xsd +++ /dev/null @@ -1,73 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?>
-<xs:schema
- elementFormDefault="qualified"
- targetNamespace="urn:eu:stork:names:tc:STORK:1.0:protocol"
- xmlns:xs="http://www.w3.org/2001/XMLSchema"
- xmlns:storkp="urn:eu:stork:names:tc:STORK:1.0:protocol"
- xmlns:stork="urn:eu:stork:names:tc:STORK:1.0:assertion"
- xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
-
- <xs:import namespace="urn:eu:stork:names:tc:STORK:1.0:assertion" schemaLocation="stork-schema-assertion-1.0.xsd"/>
- <!-- <xs:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd" /> -->
- <xs:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd" />
-
-
- <xs:element name="eIDSectorShare" type="xs:boolean" default="false"/>
- <xs:element name="eIDCrossSectorShare" type="xs:boolean" default="false"/>
- <xs:element name="eIDCrossBorderShare" type="xs:boolean" default="false"/>
- <xs:element name="RequestedAttributes" type="storkp:RequestedAttributesType" />
- <xs:element name="AuthenticationAttributes" type="storkp:AuthenticationAttributesType" />
-
- <xs:complexType name="RequestedAttributesType">
- <xs:sequence>
- <xs:element minOccurs="0" maxOccurs="unbounded" ref="stork:RequestedAttribute"/>
- </xs:sequence>
- </xs:complexType>
-
- <xs:complexType name="AuthenticationAttributesType">
- <xs:sequence>
- <xs:element name="VIDPAuthenticationAttributes" type="storkp:VIDPAuthenticationAttributesType" minOccurs="0" maxOccurs="1" />
- </xs:sequence>
- </xs:complexType>
-
- <xs:complexType name="VIDPAuthenticationAttributesType">
- <xs:sequence>
- <xs:element name="CitizenCountryCode" minOccurs="0" maxOccurs="1" type="stork:CountryCodeType" />
- <xs:element name="SPInformation" minOccurs="1" maxOccurs="1" type="storkp:SPInformationType"/>
- </xs:sequence>
- </xs:complexType>
-
- <xs:complexType name="SPInformationType">
- <xs:sequence>
- <xs:element name="SPID" minOccurs="1" maxOccurs="1" type="storkp:SPIDType" />
- <xs:element name="SPCertSig" minOccurs="0" maxOccurs="1" type="storkp:SPCertSigType" />
- <xs:element name="SPCertEnc" minOccurs="0" maxOccurs="1" type="storkp:SPCertEncType" />
- <xs:element name="SPAuthRequest" minOccurs="0" maxOccurs="1" type="storkp:SPAuthRequestType"/>
- </xs:sequence>
- </xs:complexType>
-
- <xs:simpleType name="SPIDType">
- <xs:restriction base="xs:string">
- <xs:minLength value="1" />
- <xs:maxLength value="20" />
- </xs:restriction>
- </xs:simpleType>
-
- <xs:complexType name="SPCertSigType">
- <xs:sequence>
- <xs:element minOccurs="1" ref="ds:KeyInfo" />
- </xs:sequence>
- </xs:complexType>
-
- <xs:complexType name="SPCertEncType">
- <xs:sequence>
- <xs:element minOccurs="1" ref="ds:KeyInfo" />
- </xs:sequence>
- </xs:complexType>
-
- <xs:complexType name="SPAuthRequestType">
- <xs:sequence>
- <xs:any namespace="##other" processContents="lax" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:complexType>
-</xs:schema>
diff --git a/common/src/main/resources/resources/schemas/ts_102231v030102_additionaltypes_xsd.xsd b/common/src/main/resources/resources/schemas/ts_102231v030102_additionaltypes_xsd.xsd deleted file mode 100644 index 5f1c646a7..000000000 --- a/common/src/main/resources/resources/schemas/ts_102231v030102_additionaltypes_xsd.xsd +++ /dev/null @@ -1,35 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!-- ****** NOTICE ****** -This document is part of ETSI TS 102 231. In the event that any -part of this document in conflict with the text of TS 102 231 -then that text shall prevail as the authoritative source ---> -<schema targetNamespace="http://uri.etsi.org/02231/v2/additionaltypes#" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:tsl="http://uri.etsi.org/02231/v2#" xmlns:xades="http://uri.etsi.org/01903/v1.3.2#" xmlns:tslx="http://uri.etsi.org/02231/v2/additionaltypes#" xmlns="http://www.w3.org/2001/XMLSchema" elementFormDefault="qualified" attributeFormDefault="unqualified"> - <import namespace="http://uri.etsi.org/02231/v2#" schemaLocation="http://uri.etsi.org/02231/v3.1.2/tsl.xsd"/> - <import namespace="http://uri.etsi.org/01903/v1.3.2#" schemaLocation="http://uri.etsi.org/01903/v1.3.2/XAdES.xsd"/> - <element name="MimeType" type="xsd:string"/> - <element name="X509CertificateLocation" type="tsl:NonEmptyURIType"/> - <element name="PublicKeyLocation" type="tsl:NonEmptyURIType"/> - <element name="ExtendedKeyUsage" type="tslx:ExtendedKeyUsageType"/> - <complexType name="ExtendedKeyUsageType"> - <sequence maxOccurs="unbounded"> - <element name="KeyPurposeId" type="xades:ObjectIdentifierType"/> - </sequence> - </complexType> - <element name="TakenOverBy" type="tslx:TakenOverByType"/> - <complexType name="TakenOverByType"> - <sequence> - <element name="URI" type="tsl:NonEmptyMultiLangURIType"/> - <element name="TSPName" type="tsl:InternationalNamesType"/> - <element ref="tsl:SchemeOperatorName"/> - <element ref="tsl:SchemeTerritory"/> - <element name="OtherQualifier" type="tsl:AnyType" minOccurs="0" maxOccurs="unbounded"/> - </sequence> - </complexType> - <element name="CertSubjectDNAttribute" type="tslx:CertSubjectDNAttributeType"/> - <complexType name="CertSubjectDNAttributeType"> - <sequence maxOccurs="unbounded"> - <element name="AttributeOID" type="xades:ObjectIdentifierType"/> - </sequence> - </complexType> -</schema> diff --git a/common/src/main/resources/resources/schemas/ts_102231v030102_sie_xsd.xsd b/common/src/main/resources/resources/schemas/ts_102231v030102_sie_xsd.xsd deleted file mode 100644 index 1b3bed4b7..000000000 --- a/common/src/main/resources/resources/schemas/ts_102231v030102_sie_xsd.xsd +++ /dev/null @@ -1,81 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!-- ****** NOTICE ****** -This document is part of ETSI TS 102 231. In the event that any -part of this document in conflict with the text of TS 102 231 -then that text shall prevail as the authoritative source ---> -<schema targetNamespace="http://uri.etsi.org/TrstSvc/SvcInfoExt/eSigDir-1999-93-EC-TrustedList/#" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xades="http://uri.etsi.org/01903/v1.3.2#" xmlns:tsl="http://uri.etsi.org/02231/v2#" xmlns:tns="http://uri.etsi.org/TrstSvc/SvcInfoExt/eSigDir-1999-93-EC-TrustedList/#" xmlns="http://www.w3.org/2001/XMLSchema" elementFormDefault="qualified" attributeFormDefault="unqualified"> - <import namespace="http://uri.etsi.org/01903/v1.3.2#" schemaLocation="http://uri.etsi.org/01903/v1.3.2/XAdES.xsd"/> - <element name="Qualifications" type="tns:QualificationsType"/> - <complexType name="QualificationsType"> - <sequence maxOccurs="unbounded"> - <element name="QualificationElement" type="tns:QualificationElementType"/> - </sequence> - </complexType> - <complexType name="QualificationElementType"> - <sequence> - <element name="Qualifiers" type="tns:QualifiersType"/> - <element name="CriteriaList" type="tns:CriteriaListType"/> - </sequence> - </complexType> - <complexType name="CriteriaListType"> - <annotation> - <documentation>Please first try to use the CriteriaList before doing the OtherCriteria extension point.</documentation> - </annotation> - <sequence> - <element name="KeyUsage" type="tns:KeyUsageType" minOccurs="0" maxOccurs="unbounded"/> - <element name="PolicySet" type="tns:PoliciesListType" minOccurs="0" maxOccurs="unbounded"/> - <element name="CriteriaList" type="tns:CriteriaListType" minOccurs="0" maxOccurs="unbounded"/> - <element name="Description" type="xsd:string" minOccurs="0"/> - <element name="otherCriteriaList" type="xades:AnyType" minOccurs="0"/> - </sequence> - <attribute name="assert"> - <simpleType> - <restriction base="xsd:string"> - <enumeration value="all"/> - <enumeration value="atLeastOne"/> - <enumeration value="none"/> - </restriction> - </simpleType> - </attribute> - </complexType> - <complexType name="QualifiersType"> - <sequence maxOccurs="unbounded"> - <element name="Qualifier" type="tns:QualifierType"/> - </sequence> - </complexType> - <complexType name="QualifierType"> - <attribute name="uri" type="anyURI"/> - </complexType> - <complexType name="PoliciesListType"> - <sequence maxOccurs="unbounded"> - <element name="PolicyIdentifier" type="xades:ObjectIdentifierType"/> - </sequence> - </complexType> - <complexType name="KeyUsageType"> - <sequence maxOccurs="9"> - <element name="KeyUsageBit" type="tns:KeyUsageBitType"/> - </sequence> - </complexType> - <complexType name="KeyUsageBitType"> - <simpleContent> - <extension base="xsd:boolean"> - <attribute name="name"> - <simpleType> - <restriction base="xsd:string"> - <enumeration value="digitalSignature"/> - <enumeration value="nonRepudiation"/> - <enumeration value="keyEncipherment"/> - <enumeration value="dataEncipherment"/> - <enumeration value="keyAgreement"/> - <enumeration value="keyCertSign"/> - <enumeration value="crlSign"/> - <enumeration value="encipherOnly"/> - <enumeration value="decipherOnly"/> - </restriction> - </simpleType> - </attribute> - </extension> - </simpleContent> - </complexType> -</schema> diff --git a/common/src/main/resources/resources/schemas/ts_102231v030102_xsd.xsd b/common/src/main/resources/resources/schemas/ts_102231v030102_xsd.xsd deleted file mode 100644 index 5ee04ec36..000000000 --- a/common/src/main/resources/resources/schemas/ts_102231v030102_xsd.xsd +++ /dev/null @@ -1,331 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!-- ****** NOTICE ****** -This document is part of ETSI TS 102 231. In the event that any -part of this document in conflict with the text of TS 102 231 -then that text shall prevail as the authoritative source ---> -<xsd:schema targetNamespace="http://uri.etsi.org/02231/v2#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:tsl="http://uri.etsi.org/02231/v2#" elementFormDefault="qualified" attributeFormDefault="unqualified"> - <!-- Imports --> - <xsd:import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="http://www.w3.org/2001/xml.xsd"/> - <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd"/> - <!-- Begin auxiliary types --> - <!--InternationalNamesType--> - <xsd:complexType name="InternationalNamesType"> - <xsd:sequence> - <xsd:element name="Name" type="tsl:MultiLangNormStringType" maxOccurs="unbounded"/> - </xsd:sequence> - </xsd:complexType> - <xsd:complexType name="MultiLangNormStringType"> - <xsd:simpleContent> - <xsd:extension base="tsl:NonEmptyNormalizedString"> - <xsd:attribute ref="xml:lang" use="required"/> - </xsd:extension> - </xsd:simpleContent> - </xsd:complexType> - <xsd:complexType name="MultiLangStringType"> - <xsd:simpleContent> - <xsd:extension base="tsl:NonEmptyString"> - <xsd:attribute ref="xml:lang" use="required"/> - </xsd:extension> - </xsd:simpleContent> - </xsd:complexType> - <xsd:simpleType name="NonEmptyString"> - <xsd:restriction base="xsd:string"> - <xsd:minLength value="1"/> - </xsd:restriction> - </xsd:simpleType> - <xsd:simpleType name="NonEmptyNormalizedString"> - <xsd:restriction base="xsd:normalizedString"> - <xsd:minLength value="1"/> - </xsd:restriction> - </xsd:simpleType> - <!-- AddressType --> - <xsd:complexType name="AddressType"> - <xsd:sequence> - <xsd:element ref="tsl:PostalAddresses"/> - <xsd:element ref="tsl:ElectronicAddress"/> - </xsd:sequence> - </xsd:complexType> - <!--PostalAddressList Type--> - <xsd:element name="PostalAddresses" type="tsl:PostalAddressListType"/> - <xsd:complexType name="PostalAddressListType"> - <xsd:sequence> - <xsd:element ref="tsl:PostalAddress" maxOccurs="unbounded"/> - </xsd:sequence> - </xsd:complexType> - <!--PostalAddress Type--> - <xsd:element name="PostalAddress" type="tsl:PostalAddressType"/> - <xsd:complexType name="PostalAddressType"> - <xsd:sequence> - <xsd:element name="StreetAddress" type="tsl:NonEmptyString"/> - <xsd:element name="Locality" type="tsl:NonEmptyString"/> - <xsd:element name="StateOrProvince" type="tsl:NonEmptyString" minOccurs="0"/> - <xsd:element name="PostalCode" type="tsl:NonEmptyString" minOccurs="0"/> - <xsd:element name="CountryName" type="tsl:NonEmptyString"/> - </xsd:sequence> - <xsd:attribute ref="xml:lang" use="required"/> - </xsd:complexType> - <!--ElectronicAddressType--> - <xsd:element name="ElectronicAddress" type="tsl:ElectronicAddressType"/> - <xsd:complexType name="ElectronicAddressType"> - <xsd:sequence> - <xsd:element name="URI" type="tsl:NonEmptyURIType" maxOccurs="unbounded"/> - </xsd:sequence> - </xsd:complexType> - <!-- Types for extensions in TSL --> - <xsd:complexType name="AnyType" mixed="true"> - <xsd:sequence minOccurs="0" maxOccurs="unbounded"> - <xsd:any processContents="lax"/> - </xsd:sequence> - </xsd:complexType> - <xsd:element name="Extension" type="tsl:ExtensionType"/> - <xsd:complexType name="ExtensionType"> - <xsd:complexContent> - <xsd:extension base="tsl:AnyType"> - <xsd:attribute name="Critical" type="xsd:boolean" use="required"/> - </xsd:extension> - </xsd:complexContent> - </xsd:complexType> - <xsd:complexType name="ExtensionsListType"> - <xsd:sequence> - <xsd:element ref="tsl:Extension" maxOccurs="unbounded"/> - </xsd:sequence> - </xsd:complexType> - <!--NonEmptyURIType--> - <xsd:simpleType name="NonEmptyURIType"> - <xsd:restriction base="xsd:anyURI"> - <xsd:minLength value="1"/> - </xsd:restriction> - </xsd:simpleType> - <!--NonEmptyURIType with language indication--> - <xsd:complexType name="NonEmptyMultiLangURIType"> - <xsd:simpleContent> - <xsd:extension base="tsl:NonEmptyURIType"> - <xsd:attribute ref="xml:lang" use="required"/> - </xsd:extension> - </xsd:simpleContent> - </xsd:complexType> - <!--List of NonEmptyURIType with language indication--> - <xsd:complexType name="NonEmptyMultiLangURIListType"> - <xsd:sequence> - <xsd:element name="URI" type="tsl:NonEmptyMultiLangURIType" maxOccurs="unbounded"/> - </xsd:sequence> - </xsd:complexType> - <!--List of NonEmptyURIType--> - <xsd:complexType name="NonEmptyURIListType"> - <xsd:sequence> - <xsd:element name="URI" type="tsl:NonEmptyURIType" maxOccurs="unbounded"/> - </xsd:sequence> - </xsd:complexType> - <!-- End auxiliary types --> - <!-- ROOT Element --> - <xsd:element name="TrustServiceStatusList" type="tsl:TrustStatusListType"/> - <!-- Trust Status List Type Definition --> - <xsd:complexType name="TrustStatusListType"> - <xsd:sequence> - <xsd:element ref="tsl:SchemeInformation"/> - <xsd:element ref="tsl:TrustServiceProviderList" minOccurs="0"/> - <xsd:element ref="ds:Signature" minOccurs="0"/> - </xsd:sequence> - <xsd:attribute name="TSLTag" type="tsl:TSLTagType" use="required"/> - <xsd:attribute name="Id" type="xsd:ID" use="optional"/> - </xsd:complexType> - <!-- TSLTagType --> - <xsd:simpleType name="TSLTagType"> - <xsd:restriction base="xsd:anyURI"> - <xsd:enumeration value="http://uri.etsi.org/02231/TSLTag"/> - </xsd:restriction> - </xsd:simpleType> - <!-- TrustServiceProviderListType--> - <xsd:element name="TrustServiceProviderList" type="tsl:TrustServiceProviderListType"/> - <xsd:complexType name="TrustServiceProviderListType"> - <xsd:sequence> - <xsd:element ref="tsl:TrustServiceProvider" maxOccurs="unbounded"/> - </xsd:sequence> - </xsd:complexType> - <!-- TSL Scheme Information --> - <xsd:element name="SchemeInformation" type="tsl:TSLSchemeInformationType"/> - <xsd:complexType name="TSLSchemeInformationType"> - <xsd:sequence> - <xsd:element name="TSLVersionIdentifier" type="xsd:integer" fixed="3"/> - <xsd:element name="TSLSequenceNumber" type="xsd:positiveInteger"/> - <xsd:element ref="tsl:TSLType"/> - <xsd:element ref="tsl:SchemeOperatorName"/> - <xsd:element name="SchemeOperatorAddress" type="tsl:AddressType"/> - <xsd:element ref="tsl:SchemeName"/> - <xsd:element ref="tsl:SchemeInformationURI"/> - <xsd:element name="StatusDeterminationApproach" type="tsl:NonEmptyURIType"/> - <xsd:element ref="tsl:SchemeTypeCommunityRules" minOccurs="0"/> - <xsd:element ref="tsl:SchemeTerritory" minOccurs="0"/> - <xsd:element ref="tsl:PolicyOrLegalNotice" minOccurs="0"/> - <xsd:element name="HistoricalInformationPeriod" type="xsd:nonNegativeInteger"/> - <xsd:element ref="tsl:PointersToOtherTSL" minOccurs="0"/> - <xsd:element name="ListIssueDateTime" type="xsd:dateTime"/> - <xsd:element ref="tsl:NextUpdate"/> - <xsd:element ref="tsl:DistributionPoints" minOccurs="0"/> - <xsd:element name="SchemeExtensions" type="tsl:ExtensionsListType" minOccurs="0"/> - </xsd:sequence> - </xsd:complexType> - <xsd:element name="TSLType" type="tsl:NonEmptyURIType"/> - <xsd:element name="SchemeOperatorName" type="tsl:InternationalNamesType"/> - <xsd:element name="SchemeName" type="tsl:InternationalNamesType"/> - <xsd:element name="SchemeInformationURI" type="tsl:NonEmptyMultiLangURIListType"/> - <xsd:element name="SchemeTypeCommunityRules" type="tsl:NonEmptyURIListType"/> - <!-- SchemeTerritory --> - <xsd:element name="SchemeTerritory" type="tsl:SchemeTerritoryType"/> - <xsd:simpleType name="SchemeTerritoryType"> - <xsd:restriction base="xsd:string"> - <xsd:length value="2"/> - </xsd:restriction> - </xsd:simpleType> - <!-- Policy or Legal Notice --> - <xsd:element name="PolicyOrLegalNotice" type="tsl:PolicyOrLegalnoticeType"/> - <xsd:complexType name="PolicyOrLegalnoticeType"> - <xsd:choice> - <xsd:element name="TSLPolicy" type="tsl:NonEmptyMultiLangURIType" maxOccurs="unbounded"/> - <xsd:element name="TSLLegalNotice" type="tsl:MultiLangStringType" maxOccurs="unbounded"/> - </xsd:choice> - </xsd:complexType> - <xsd:element name="NextUpdate" type="tsl:NextUpdateType"/> - <xsd:complexType name="NextUpdateType"> - <xsd:sequence> - <xsd:element name="dateTime" type="xsd:dateTime" minOccurs="0"/> - </xsd:sequence> - </xsd:complexType> - <!--OtherTSLPointersType--> - <xsd:element name="PointersToOtherTSL" type="tsl:OtherTSLPointersType"/> - <xsd:complexType name="OtherTSLPointersType"> - <xsd:sequence> - <xsd:element ref="tsl:OtherTSLPointer" maxOccurs="unbounded"/> - </xsd:sequence> - </xsd:complexType> - <xsd:element name="OtherTSLPointer" type="tsl:OtherTSLPointerType"/> - <xsd:complexType name="OtherTSLPointerType"> - <xsd:sequence> - <xsd:element ref="tsl:ServiceDigitalIdentities" minOccurs="0"/> - <xsd:element name="TSLLocation" type="tsl:NonEmptyURIType"/> - <xsd:element ref="tsl:AdditionalInformation" minOccurs="0"/> - </xsd:sequence> - </xsd:complexType> - <xsd:element name="ServiceDigitalIdentities" type="tsl:ServiceDigitalIdentityListType"/> - <xsd:complexType name="ServiceDigitalIdentityListType"> - <xsd:sequence> - <xsd:element ref="tsl:ServiceDigitalIdentity" maxOccurs="unbounded"/> - </xsd:sequence> - </xsd:complexType> - <xsd:element name="AdditionalInformation" type="tsl:AdditionalInformationType"/> - <xsd:complexType name="AdditionalInformationType"> - <xsd:choice maxOccurs="unbounded"> - <xsd:element name="TextualInformation" type="tsl:MultiLangStringType"/> - <xsd:element name="OtherInformation" type="tsl:AnyType"/> - </xsd:choice> - </xsd:complexType> - <!--DistributionPoints element--> - <xsd:element name="DistributionPoints" type="tsl:ElectronicAddressType"/> - <!-- TSPType --> - <xsd:element name="TrustServiceProvider" type="tsl:TSPType"/> - <xsd:complexType name="TSPType"> - <xsd:sequence> - <xsd:element ref="tsl:TSPInformation"/> - <xsd:element ref="tsl:TSPServices"/> - </xsd:sequence> - </xsd:complexType> - <!-- TSPInformationType --> - <xsd:element name="TSPInformation" type="tsl:TSPInformationType"/> - <xsd:complexType name="TSPInformationType"> - <xsd:sequence> - <xsd:element name="TSPName" type="tsl:InternationalNamesType"/> - <xsd:element name="TSPTradeName" type="tsl:InternationalNamesType" minOccurs="0"/> - <xsd:element name="TSPAddress" type="tsl:AddressType"/> - <xsd:element name="TSPInformationURI" type="tsl:NonEmptyMultiLangURIListType"/> - <xsd:element name="TSPInformationExtensions" type="tsl:ExtensionsListType" minOccurs="0"/> - </xsd:sequence> - </xsd:complexType> - <!-- TSP Services--> - <xsd:element name="TSPServices" type="tsl:TSPServicesListType"/> - <xsd:complexType name="TSPServicesListType"> - <xsd:sequence> - <xsd:element ref="tsl:TSPService" maxOccurs="unbounded"/> - </xsd:sequence> - </xsd:complexType> - <xsd:element name="TSPService" type="tsl:TSPServiceType"/> - <xsd:complexType name="TSPServiceType"> - <xsd:sequence> - <xsd:element ref="tsl:ServiceInformation"/> - <xsd:element ref="tsl:ServiceHistory" minOccurs="0"/> - </xsd:sequence> - </xsd:complexType> - <!-- TSPServiceInformationType --> - <xsd:element name="ServiceInformation" type="tsl:TSPServiceInformationType"/> - <xsd:complexType name="TSPServiceInformationType"> - <xsd:sequence> - <xsd:element ref="tsl:ServiceTypeIdentifier"/> - <xsd:element name="ServiceName" type="tsl:InternationalNamesType"/> - <xsd:element ref="tsl:ServiceDigitalIdentity"/> - <xsd:element ref="tsl:ServiceStatus"/> - <xsd:element name="StatusStartingTime" type="xsd:dateTime"/> - <xsd:element name="SchemeServiceDefinitionURI" type="tsl:NonEmptyMultiLangURIListType" minOccurs="0"/> - <xsd:element ref="tsl:ServiceSupplyPoints" minOccurs="0"/> - <xsd:element name="TSPServiceDefinitionURI" type="tsl:NonEmptyMultiLangURIListType" minOccurs="0"/> - <xsd:element name="ServiceInformationExtensions" type="tsl:ExtensionsListType" minOccurs="0"/> - </xsd:sequence> - </xsd:complexType> - <!-- Service status --> - <xsd:element name="ServiceStatus" type="tsl:NonEmptyURIType"/> - <!-- Type for Service Supply Points --> - <xsd:element name="ServiceSupplyPoints" type="tsl:ServiceSupplyPointsType"/> - <xsd:complexType name="ServiceSupplyPointsType"> - <xsd:sequence maxOccurs="unbounded"> - <xsd:element name="ServiceSupplyPoint" type="tsl:NonEmptyURIType"/> - </xsd:sequence> - </xsd:complexType> - <!-- TSPServiceIdentifier --> - <xsd:element name="ServiceTypeIdentifier" type="tsl:NonEmptyURIType"/> - <!-- DigitalIdentityType --> - <xsd:element name="ServiceDigitalIdentity" type="tsl:DigitalIdentityListType"/> - <xsd:complexType name="DigitalIdentityListType"> - <xsd:sequence> - <xsd:element name="DigitalId" type="tsl:DigitalIdentityType" minOccurs="0" maxOccurs="unbounded"/> - </xsd:sequence> - </xsd:complexType> - <xsd:complexType name="DigitalIdentityType"> - <xsd:choice> - <xsd:element name="X509Certificate" type="xsd:base64Binary"/> - <xsd:element name="X509SubjectName" type="xsd:string"/> - <xsd:element ref="ds:KeyValue"/> - <xsd:element name="X509SKI" type="xsd:base64Binary"/> - <xsd:element name="Other" type="tsl:AnyType"/> - </xsd:choice> - </xsd:complexType> - <!-- ServiceHistory element--> - <xsd:element name="ServiceHistory" type="tsl:ServiceHistoryType"/> - <xsd:complexType name="ServiceHistoryType"> - <xsd:sequence> - <xsd:element ref="tsl:ServiceHistoryInstance" minOccurs="0" maxOccurs="unbounded"/> - </xsd:sequence> - </xsd:complexType> - <xsd:element name="ServiceHistoryInstance" type="tsl:ServiceHistoryInstanceType"/> - <xsd:complexType name="ServiceHistoryInstanceType"> - <xsd:sequence> - <xsd:element ref="tsl:ServiceTypeIdentifier"/> - <xsd:element name="ServiceName" type="tsl:InternationalNamesType"/> - <xsd:element ref="tsl:ServiceDigitalIdentity"/> - <xsd:element ref="tsl:ServiceStatus"/> - <xsd:element name="StatusStartingTime" type="xsd:dateTime"/> - <xsd:element name="ServiceInformationExtensions" type="tsl:ExtensionsListType" minOccurs="0"/> - </xsd:sequence> - </xsd:complexType> - <!-- Elements and types for Extensions --> - <!-- Extensions children of tsl:VaExtension--> - <!-- Element ExpiredCertsRevocationInfo --> - <xsd:element name="ExpiredCertsRevocationInfo" type="xsd:dateTime"/> - <!-- Element additionalServiceInformation --> - <xsd:element name="AdditionalServiceInformation" type="tsl:AdditionalServiceInformationType"/> - <xsd:complexType name="AdditionalServiceInformationType"> - <xsd:sequence> - <xsd:element name="URI" type="tsl:NonEmptyMultiLangURIType"/> - <xsd:element name="InformationValue" type="xsd:string" minOccurs="0"/> - <xsd:element name="OtherInformation" type="tsl:AnyType" minOccurs="0"/> - </xsd:sequence> - </xsd:complexType> -</xsd:schema> diff --git a/common/src/main/resources/resources/schemas/ts_119612v010201_additionaltypes_xsd.xsd b/common/src/main/resources/resources/schemas/ts_119612v010201_additionaltypes_xsd.xsd deleted file mode 100644 index 4af373cf0..000000000 --- a/common/src/main/resources/resources/schemas/ts_119612v010201_additionaltypes_xsd.xsd +++ /dev/null @@ -1,35 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!-- ****** NOTICE ****** -This document is part of ETSI TS 119 612. In the event that any -part of this document in conflict with the text of TS 119 612 -then that text shall prevail as the authoritative source ---> -<xsd:schema targetNamespace="http://uri.etsi.org/02231/v2/additionaltypes#" xmlns="http://www.w3.org/2001/XMLSchema" xmlns:tslx="http://uri.etsi.org/02231/v2/additionaltypes#" xmlns:xades="http://uri.etsi.org/01903/v1.3.2#" xmlns:tsl="http://uri.etsi.org/02231/v2#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" elementFormDefault="qualified" attributeFormDefault="unqualified"> - <xsd:import namespace="http://uri.etsi.org/02231/v2#" schemaLocation="http://uri.etsi.org/19612/v1.2.1/tsl.xsd"/> - <xsd:import namespace="http://uri.etsi.org/01903/v1.3.2#" schemaLocation="http://uri.etsi.org/01903/v1.3.2/XAdES.xsd"/> - <xsd:element name="MimeType" type="xsd:string"/> - <xsd:element name="X509CertificateLocation" type="tsl:NonEmptyURIType"/> - <xsd:element name="PublicKeyLocation" type="tsl:NonEmptyURIType"/> - <xsd:element name="ExtendedKeyUsage" type="tslx:ExtendedKeyUsageType"/> - <xsd:complexType name="ExtendedKeyUsageType"> - <xsd:sequence maxOccurs="unbounded"> - <xsd:element name="KeyPurposeId" type="xades:ObjectIdentifierType"/> - </xsd:sequence> - </xsd:complexType> - <xsd:element name="TakenOverBy" type="tslx:TakenOverByType"/> - <xsd:complexType name="TakenOverByType"> - <xsd:sequence> - <xsd:element name="URI" type="tsl:NonEmptyMultiLangURIType"/> - <xsd:element name="TSPName" type="tsl:InternationalNamesType"/> - <xsd:element ref="tsl:SchemeOperatorName"/> - <xsd:element ref="tsl:SchemeTerritory"/> - <xsd:element name="OtherQualifier" type="tsl:AnyType" minOccurs="0" maxOccurs="unbounded"/> - </xsd:sequence> - </xsd:complexType> - <xsd:element name="CertSubjectDNAttribute" type="tslx:CertSubjectDNAttributeType"/> - <xsd:complexType name="CertSubjectDNAttributeType"> - <xsd:sequence maxOccurs="unbounded"> - <xsd:element name="AttributeOID" type="xades:ObjectIdentifierType"/> - </xsd:sequence> - </xsd:complexType> -</xsd:schema> diff --git a/common/src/main/resources/resources/schemas/ts_119612v010201_sie_xsd.xsd b/common/src/main/resources/resources/schemas/ts_119612v010201_sie_xsd.xsd deleted file mode 100644 index 42a96b78c..000000000 --- a/common/src/main/resources/resources/schemas/ts_119612v010201_sie_xsd.xsd +++ /dev/null @@ -1,81 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!-- ****** NOTICE ****** -This document is part of ETSI TS 119 612. In the event that any -part of this document in conflict with the text of TS 119 612 -then that text shall prevail as the authoritative source ---> -<xsd:schema targetNamespace="http://uri.etsi.org/TrstSvc/SvcInfoExt/eSigDir-1999-93-EC-TrustedList/#" xmlns="http://www.w3.org/2001/XMLSchema" xmlns:tns="http://uri.etsi.org/TrstSvc/SvcInfoExt/eSigDir-1999-93-EC-TrustedList/#" xmlns:tsl="http://uri.etsi.org/02231/v2#" xmlns:xades="http://uri.etsi.org/01903/v1.3.2#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" elementFormDefault="qualified" attributeFormDefault="unqualified"> - <xsd:import namespace="http://uri.etsi.org/01903/v1.3.2#" schemaLocation="http://uri.etsi.org/01903/v1.3.2/XAdES.xsd"/> - <xsd:element name="Qualifications" type="tns:QualificationsType"/> - <xsd:complexType name="QualificationsType"> - <xsd:sequence maxOccurs="unbounded"> - <xsd:element name="QualificationElement" type="tns:QualificationElementType"/> - </xsd:sequence> - </xsd:complexType> - <xsd:complexType name="QualificationElementType"> - <xsd:sequence> - <xsd:element name="Qualifiers" type="tns:QualifiersType"/> - <xsd:element name="CriteriaList" type="tns:CriteriaListType"/> - </xsd:sequence> - </xsd:complexType> - <xsd:complexType name="CriteriaListType"> - <xsd:annotation> - <xsd:documentation>Please first try to use the CriteriaList before doing the OtherCriteria extension point.</xsd:documentation> - </xsd:annotation> - <xsd:sequence> - <xsd:element name="KeyUsage" type="tns:KeyUsageType" minOccurs="0" maxOccurs="unbounded"/> - <xsd:element name="PolicySet" type="tns:PoliciesListType" minOccurs="0" maxOccurs="unbounded"/> - <xsd:element name="CriteriaList" type="tns:CriteriaListType" minOccurs="0" maxOccurs="unbounded"/> - <xsd:element name="Description" type="xsd:string" minOccurs="0"/> - <xsd:element name="otherCriteriaList" type="xades:AnyType" minOccurs="0"/> - </xsd:sequence> - <xsd:attribute name="assert"> - <xsd:simpleType> - <xsd:restriction base="xsd:string"> - <xsd:enumeration value="all"/> - <xsd:enumeration value="atLeastOne"/> - <xsd:enumeration value="none"/> - </xsd:restriction> - </xsd:simpleType> - </xsd:attribute> - </xsd:complexType> - <xsd:complexType name="QualifiersType"> - <xsd:sequence maxOccurs="unbounded"> - <xsd:element name="Qualifier" type="tns:QualifierType"/> - </xsd:sequence> - </xsd:complexType> - <xsd:complexType name="QualifierType"> - <xsd:attribute name="uri" type="anyURI"/> - </xsd:complexType> - <xsd:complexType name="PoliciesListType"> - <xsd:sequence maxOccurs="unbounded"> - <xsd:element name="PolicyIdentifier" type="xades:ObjectIdentifierType"/> - </xsd:sequence> - </xsd:complexType> - <xsd:complexType name="KeyUsageType"> - <xsd:sequence maxOccurs="9"> - <xsd:element name="KeyUsageBit" type="tns:KeyUsageBitType"/> - </xsd:sequence> - </xsd:complexType> - <xsd:complexType name="KeyUsageBitType"> - <xsd:simpleContent> - <xsd:extension base="xsd:boolean"> - <xsd:attribute name="name"> - <xsd:simpleType> - <xsd:restriction base="xsd:string"> - <xsd:enumeration value="digitalSignature"/> - <xsd:enumeration value="nonRepudiation"/> - <xsd:enumeration value="keyEncipherment"/> - <xsd:enumeration value="dataEncipherment"/> - <xsd:enumeration value="keyAgreement"/> - <xsd:enumeration value="keyCertSign"/> - <xsd:enumeration value="crlSign"/> - <xsd:enumeration value="encipherOnly"/> - <xsd:enumeration value="decipherOnly"/> - </xsd:restriction> - </xsd:simpleType> - </xsd:attribute> - </xsd:extension> - </xsd:simpleContent> - </xsd:complexType> -</xsd:schema> diff --git a/common/src/main/resources/resources/schemas/ts_119612v010201_xsd.xsd b/common/src/main/resources/resources/schemas/ts_119612v010201_xsd.xsd deleted file mode 100644 index fb1852ec0..000000000 --- a/common/src/main/resources/resources/schemas/ts_119612v010201_xsd.xsd +++ /dev/null @@ -1,337 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!-- ****** NOTICE ****** -This document is part of ETSI TS 119 612. In the event that any -part of this document in conflict with the text of TS 119 612 -then that text shall prevail as the authoritative source - -This is a review done in October 2013 as a result of mismatches between the XML Schema and the specification of some data types within TS 119 612, ---> -<xsd:schema targetNamespace="http://uri.etsi.org/02231/v2#" xmlns:tsl="http://uri.etsi.org/02231/v2#" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" elementFormDefault="qualified" attributeFormDefault="unqualified"> - <!-- Imports --> - <xsd:import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="http://www.w3.org/2001/xml.xsd"/> - <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd"/> - <!-- Begin auxiliary types --> - <!--InternationalNamesType--> - <xsd:complexType name="InternationalNamesType"> - <xsd:sequence> - <xsd:element name="Name" type="tsl:MultiLangNormStringType" maxOccurs="unbounded"/> - </xsd:sequence> - </xsd:complexType> - <xsd:complexType name="MultiLangNormStringType"> - <xsd:simpleContent> - <xsd:extension base="tsl:NonEmptyNormalizedString"> - <xsd:attribute ref="xml:lang" use="required"/> - </xsd:extension> - </xsd:simpleContent> - </xsd:complexType> - <xsd:complexType name="MultiLangStringType"> - <xsd:simpleContent> - <xsd:extension base="tsl:NonEmptyString"> - <xsd:attribute ref="xml:lang" use="required"/> - </xsd:extension> - </xsd:simpleContent> - </xsd:complexType> - <xsd:simpleType name="NonEmptyString"> - <xsd:restriction base="xsd:string"> - <xsd:minLength value="1"/> - </xsd:restriction> - </xsd:simpleType> - <xsd:simpleType name="NonEmptyNormalizedString"> - <xsd:restriction base="xsd:normalizedString"> - <xsd:minLength value="1"/> - </xsd:restriction> - </xsd:simpleType> - <!-- AddressType --> - <xsd:complexType name="AddressType"> - <xsd:sequence> - <xsd:element ref="tsl:PostalAddresses"/> - <xsd:element ref="tsl:ElectronicAddress"/> - </xsd:sequence> - </xsd:complexType> - <!--PostalAddressList Type--> - <xsd:element name="PostalAddresses" type="tsl:PostalAddressListType"/> - <xsd:complexType name="PostalAddressListType"> - <xsd:sequence> - <xsd:element ref="tsl:PostalAddress" maxOccurs="unbounded"/> - </xsd:sequence> - </xsd:complexType> - <!--PostalAddress Type--> - <xsd:element name="PostalAddress" type="tsl:PostalAddressType"/> - <xsd:complexType name="PostalAddressType"> - <xsd:sequence> - <xsd:element name="StreetAddress" type="tsl:NonEmptyString"/> - <xsd:element name="Locality" type="tsl:NonEmptyString"/> - <xsd:element name="StateOrProvince" type="tsl:NonEmptyString" minOccurs="0"/> - <xsd:element name="PostalCode" type="tsl:NonEmptyString" minOccurs="0"/> - <xsd:element name="CountryName" type="tsl:NonEmptyString"/> - </xsd:sequence> - <xsd:attribute ref="xml:lang" use="required"/> - </xsd:complexType> - <!--ElectronicAddressType--> - <!-- 2013-10. XML Schema CHANGE--> - <!-- ElectronicAddress changed to include MultilLan URIs for e-mails and web sites URIs as specified in TS 119 612--> - <xsd:element name="ElectronicAddress" type="tsl:ElectronicAddressType"/> - <xsd:complexType name="ElectronicAddressType"> - <xsd:sequence> - <xsd:element name="URI" type="tsl:NonEmptyMultiLangURIType" maxOccurs="unbounded"/> - </xsd:sequence> - </xsd:complexType> - <!-- Types for extensions in TSL --> - <xsd:complexType name="AnyType" mixed="true"> - <xsd:sequence minOccurs="0" maxOccurs="unbounded"> - <xsd:any processContents="lax"/> - </xsd:sequence> - </xsd:complexType> - <xsd:element name="Extension" type="tsl:ExtensionType"/> - <xsd:complexType name="ExtensionType"> - <xsd:complexContent> - <xsd:extension base="tsl:AnyType"> - <xsd:attribute name="Critical" type="xsd:boolean" use="required"/> - </xsd:extension> - </xsd:complexContent> - </xsd:complexType> - <xsd:complexType name="ExtensionsListType"> - <xsd:sequence> - <xsd:element ref="tsl:Extension" maxOccurs="unbounded"/> - </xsd:sequence> - </xsd:complexType> - <!--NonEmptyURIType--> - <xsd:simpleType name="NonEmptyURIType"> - <xsd:restriction base="xsd:anyURI"> - <xsd:minLength value="1"/> - </xsd:restriction> - </xsd:simpleType> - <!--NonEmptyURIType with language indication--> - <xsd:complexType name="NonEmptyMultiLangURIType"> - <xsd:simpleContent> - <xsd:extension base="tsl:NonEmptyURIType"> - <xsd:attribute ref="xml:lang" use="required"/> - </xsd:extension> - </xsd:simpleContent> - </xsd:complexType> - <!--List of NonEmptyURIType with language indication--> - <xsd:complexType name="NonEmptyMultiLangURIListType"> - <xsd:sequence> - <xsd:element name="URI" type="tsl:NonEmptyMultiLangURIType" maxOccurs="unbounded"/> - </xsd:sequence> - </xsd:complexType> - <!--List of NonEmptyURIType--> - <xsd:complexType name="NonEmptyURIListType"> - <xsd:sequence> - <xsd:element name="URI" type="tsl:NonEmptyURIType" maxOccurs="unbounded"/> - </xsd:sequence> - </xsd:complexType> - <!-- End auxiliary types --> - <!-- ROOT Element --> - <xsd:element name="TrustServiceStatusList" type="tsl:TrustStatusListType"/> - <!-- Trust Status List Type Definition --> - <!-- 2013-10. XML Schema CHANGE--> - <!-- Attribute TSLTag declared as xsd:anyURI --> - <xsd:complexType name="TrustStatusListType"> - <xsd:sequence> - <xsd:element ref="tsl:SchemeInformation"/> - <xsd:element ref="tsl:TrustServiceProviderList" minOccurs="0"/> - <xsd:element ref="ds:Signature" minOccurs="0"/> - </xsd:sequence> - <xsd:attribute name="TSLTag" type="xsd:anyURI" use="required"/> - <xsd:attribute name="Id" type="xsd:ID" use="optional"/> - </xsd:complexType> - <!-- 2013-10. XML Schema CHANGE--> - <!-- Supressed the type TSLTagType that served to restrict the value of TSLTag by XML Schema--> - <!-- In this way, the XML Schema is independent of the TSLTag value and this may change from version to version--> - <!-- TrustServiceProviderListType--> - <xsd:element name="TrustServiceProviderList" type="tsl:TrustServiceProviderListType"/> - <xsd:complexType name="TrustServiceProviderListType"> - <xsd:sequence> - <xsd:element ref="tsl:TrustServiceProvider" maxOccurs="unbounded"/> - </xsd:sequence> - </xsd:complexType> - <!-- TSL Scheme Information --> - <xsd:element name="SchemeInformation" type="tsl:TSLSchemeInformationType"/> - <xsd:complexType name="TSLSchemeInformationType"> - <xsd:sequence> - <xsd:element name="TSLVersionIdentifier" type="xsd:integer"/> - <xsd:element name="TSLSequenceNumber" type="xsd:positiveInteger"/> - <xsd:element ref="tsl:TSLType"/> - <xsd:element ref="tsl:SchemeOperatorName"/> - <xsd:element name="SchemeOperatorAddress" type="tsl:AddressType"/> - <xsd:element ref="tsl:SchemeName"/> - <xsd:element ref="tsl:SchemeInformationURI"/> - <xsd:element name="StatusDeterminationApproach" type="tsl:NonEmptyURIType"/> - <xsd:element ref="tsl:SchemeTypeCommunityRules" minOccurs="0"/> - <xsd:element ref="tsl:SchemeTerritory" minOccurs="0"/> - <xsd:element ref="tsl:PolicyOrLegalNotice" minOccurs="0"/> - <xsd:element name="HistoricalInformationPeriod" type="xsd:nonNegativeInteger"/> - <xsd:element ref="tsl:PointersToOtherTSL" minOccurs="0"/> - <xsd:element name="ListIssueDateTime" type="xsd:dateTime"/> - <xsd:element ref="tsl:NextUpdate"/> - <xsd:element ref="tsl:DistributionPoints" minOccurs="0"/> - <xsd:element name="SchemeExtensions" type="tsl:ExtensionsListType" minOccurs="0"/> - </xsd:sequence> - </xsd:complexType> - <xsd:element name="TSLType" type="tsl:NonEmptyURIType"/> - <xsd:element name="SchemeOperatorName" type="tsl:InternationalNamesType"/> - <xsd:element name="SchemeName" type="tsl:InternationalNamesType"/> - <xsd:element name="SchemeInformationURI" type="tsl:NonEmptyMultiLangURIListType"/> - <!-- 2013-10. XML Schema CHANGE--> - <!-- SchemeTypeCommunityRules changed to include MultilLang URIs for e-mails and web sites URIs as specified in TS 119 612--> - <xsd:element name="SchemeTypeCommunityRules" type="tsl:NonEmptyMultiLangURIListType"/> - <!-- SchemeTerritory --> - <!-- 2014-04. XML Schema CHANGE--> - <!-- element SchemeTerritory is now of type xsd:string. Suppressed the restriction of having only 2 characters, - as this element may contain other values than the country codes--> - <xsd:element name="SchemeTerritory" type="xsd:string"/> - <!-- Policy or Legal Notice --> - <xsd:element name="PolicyOrLegalNotice" type="tsl:PolicyOrLegalnoticeType"/> - <xsd:complexType name="PolicyOrLegalnoticeType"> - <xsd:choice> - <xsd:element name="TSLPolicy" type="tsl:NonEmptyMultiLangURIType" maxOccurs="unbounded"/> - <xsd:element name="TSLLegalNotice" type="tsl:MultiLangStringType" maxOccurs="unbounded"/> - </xsd:choice> - </xsd:complexType> - <xsd:element name="NextUpdate" type="tsl:NextUpdateType"/> - <xsd:complexType name="NextUpdateType"> - <xsd:sequence> - <xsd:element name="dateTime" type="xsd:dateTime" minOccurs="0"/> - </xsd:sequence> - </xsd:complexType> - <!--OtherTSLPointersType--> - <xsd:element name="PointersToOtherTSL" type="tsl:OtherTSLPointersType"/> - <xsd:complexType name="OtherTSLPointersType"> - <xsd:sequence> - <xsd:element ref="tsl:OtherTSLPointer" maxOccurs="unbounded"/> - </xsd:sequence> - </xsd:complexType> - <xsd:element name="OtherTSLPointer" type="tsl:OtherTSLPointerType"/> - <xsd:complexType name="OtherTSLPointerType"> - <xsd:sequence> - <xsd:element ref="tsl:ServiceDigitalIdentities" minOccurs="0"/> - <xsd:element name="TSLLocation" type="tsl:NonEmptyURIType"/> - <xsd:element ref="tsl:AdditionalInformation" minOccurs="0"/> - </xsd:sequence> - </xsd:complexType> - <xsd:element name="ServiceDigitalIdentities" type="tsl:ServiceDigitalIdentityListType"/> - <xsd:complexType name="ServiceDigitalIdentityListType"> - <xsd:sequence> - <xsd:element ref="tsl:ServiceDigitalIdentity" maxOccurs="unbounded"/> - </xsd:sequence> - </xsd:complexType> - <xsd:element name="AdditionalInformation" type="tsl:AdditionalInformationType"/> - <xsd:complexType name="AdditionalInformationType"> - <xsd:choice maxOccurs="unbounded"> - <xsd:element name="TextualInformation" type="tsl:MultiLangStringType"/> - <xsd:element name="OtherInformation" type="tsl:AnyType"/> - </xsd:choice> - </xsd:complexType> - <!--DistributionPoints element--> - <!-- 2013-10. XML Schema CHANGE--> - <!-- DistributionPointschanged from ElectronicAddress to nonEmptyURIListType as ElectronicAddress does - now contain a list of multilang URIs, which is not required for distribution points--> - <xsd:element name="DistributionPoints" type="tsl:NonEmptyURIListType"/> - <!-- TSPType --> - <xsd:element name="TrustServiceProvider" type="tsl:TSPType"/> - <xsd:complexType name="TSPType"> - <xsd:sequence> - <xsd:element ref="tsl:TSPInformation"/> - <xsd:element ref="tsl:TSPServices"/> - </xsd:sequence> - </xsd:complexType> - <!-- TSPInformationType --> - <xsd:element name="TSPInformation" type="tsl:TSPInformationType"/> - <xsd:complexType name="TSPInformationType"> - <xsd:sequence> - <xsd:element name="TSPName" type="tsl:InternationalNamesType"/> - <xsd:element name="TSPTradeName" type="tsl:InternationalNamesType" minOccurs="0"/> - <xsd:element name="TSPAddress" type="tsl:AddressType"/> - <xsd:element name="TSPInformationURI" type="tsl:NonEmptyMultiLangURIListType"/> - <xsd:element name="TSPInformationExtensions" type="tsl:ExtensionsListType" minOccurs="0"/> - </xsd:sequence> - </xsd:complexType> - <!-- TSP Services--> - <xsd:element name="TSPServices" type="tsl:TSPServicesListType"/> - <xsd:complexType name="TSPServicesListType"> - <xsd:sequence> - <xsd:element ref="tsl:TSPService" maxOccurs="unbounded"/> - </xsd:sequence> - </xsd:complexType> - <xsd:element name="TSPService" type="tsl:TSPServiceType"/> - <xsd:complexType name="TSPServiceType"> - <xsd:sequence> - <xsd:element ref="tsl:ServiceInformation"/> - <xsd:element ref="tsl:ServiceHistory" minOccurs="0"/> - </xsd:sequence> - </xsd:complexType> - <!-- TSPServiceInformationType --> - <xsd:element name="ServiceInformation" type="tsl:TSPServiceInformationType"/> - <xsd:complexType name="TSPServiceInformationType"> - <xsd:sequence> - <xsd:element ref="tsl:ServiceTypeIdentifier"/> - <xsd:element name="ServiceName" type="tsl:InternationalNamesType"/> - <xsd:element ref="tsl:ServiceDigitalIdentity"/> - <xsd:element ref="tsl:ServiceStatus"/> - <xsd:element name="StatusStartingTime" type="xsd:dateTime"/> - <xsd:element name="SchemeServiceDefinitionURI" type="tsl:NonEmptyMultiLangURIListType" minOccurs="0"/> - <xsd:element ref="tsl:ServiceSupplyPoints" minOccurs="0"/> - <xsd:element name="TSPServiceDefinitionURI" type="tsl:NonEmptyMultiLangURIListType" minOccurs="0"/> - <xsd:element name="ServiceInformationExtensions" type="tsl:ExtensionsListType" minOccurs="0"/> - </xsd:sequence> - </xsd:complexType> - <!-- Service status --> - <xsd:element name="ServiceStatus" type="tsl:NonEmptyURIType"/> - <!-- Type for Service Supply Points --> - <xsd:element name="ServiceSupplyPoints" type="tsl:ServiceSupplyPointsType"/> - <xsd:complexType name="ServiceSupplyPointsType"> - <xsd:sequence maxOccurs="unbounded"> - <xsd:element name="ServiceSupplyPoint" type="tsl:NonEmptyURIType"/> - </xsd:sequence> - </xsd:complexType> - <!-- TSPServiceIdentifier --> - <xsd:element name="ServiceTypeIdentifier" type="tsl:NonEmptyURIType"/> - <!-- DigitalIdentityType --> - <xsd:element name="ServiceDigitalIdentity" type="tsl:DigitalIdentityListType"/> - <xsd:complexType name="DigitalIdentityListType"> - <xsd:sequence> - <xsd:element name="DigitalId" type="tsl:DigitalIdentityType" minOccurs="0" maxOccurs="unbounded"/> - </xsd:sequence> - </xsd:complexType> - <xsd:complexType name="DigitalIdentityType"> - <xsd:choice> - <xsd:element name="X509Certificate" type="xsd:base64Binary"/> - <xsd:element name="X509SubjectName" type="xsd:string"/> - <xsd:element ref="ds:KeyValue"/> - <xsd:element name="X509SKI" type="xsd:base64Binary"/> - <xsd:element name="Other" type="tsl:AnyType" minOccurs="0"/> - </xsd:choice> - </xsd:complexType> - <!-- ServiceHistory element--> - <xsd:element name="ServiceHistory" type="tsl:ServiceHistoryType"/> - <xsd:complexType name="ServiceHistoryType"> - <xsd:sequence> - <xsd:element ref="tsl:ServiceHistoryInstance" minOccurs="0" maxOccurs="unbounded"/> - </xsd:sequence> - </xsd:complexType> - <xsd:element name="ServiceHistoryInstance" type="tsl:ServiceHistoryInstanceType"/> - <xsd:complexType name="ServiceHistoryInstanceType"> - <xsd:sequence> - <xsd:element ref="tsl:ServiceTypeIdentifier"/> - <xsd:element name="ServiceName" type="tsl:InternationalNamesType"/> - <xsd:element ref="tsl:ServiceDigitalIdentity"/> - <xsd:element ref="tsl:ServiceStatus"/> - <xsd:element name="StatusStartingTime" type="xsd:dateTime"/> - <xsd:element name="ServiceInformationExtensions" type="tsl:ExtensionsListType" minOccurs="0"/> - </xsd:sequence> - </xsd:complexType> - <!-- Elements and types for Extensions --> - <!-- Extensions children of tsl:VaExtension--> - <!-- Element ExpiredCertsRevocationInfo --> - <xsd:element name="ExpiredCertsRevocationInfo" type="xsd:dateTime"/> - <!-- Element additionalServiceInformation --> - <xsd:element name="AdditionalServiceInformation" type="tsl:AdditionalServiceInformationType"/> - <xsd:complexType name="AdditionalServiceInformationType"> - <xsd:sequence> - <xsd:element name="URI" type="tsl:NonEmptyMultiLangURIType"/> - <xsd:element name="InformationValue" type="xsd:string" minOccurs="0"/> - <xsd:element name="OtherInformation" type="tsl:AnyType" minOccurs="0"/> - </xsd:sequence> - </xsd:complexType> -</xsd:schema> diff --git a/common/src/main/resources/resources/schemas/xenc-schema.xsd b/common/src/main/resources/resources/schemas/xenc-schema.xsd deleted file mode 100644 index d4519cd7a..000000000 --- a/common/src/main/resources/resources/schemas/xenc-schema.xsd +++ /dev/null @@ -1,150 +0,0 @@ -<?xml version="1.0" encoding="utf-8"?> -<!DOCTYPE schema PUBLIC "-//W3C//DTD XMLSchema 200102//EN" - "http://www.w3.org/2001/XMLSchema.dtd" - [ - <!ATTLIST schema - xmlns:xenc CDATA #FIXED 'http://www.w3.org/2001/04/xmlenc#' - xmlns:ds CDATA #FIXED 'http://www.w3.org/2000/09/xmldsig#'> - <!ENTITY xenc 'http://www.w3.org/2001/04/xmlenc#'> - <!ENTITY % p ''> - <!ENTITY % s ''> - ]> - -<schema xmlns='http://www.w3.org/2001/XMLSchema' version='1.0' - xmlns:xenc='http://www.w3.org/2001/04/xmlenc#' - xmlns:ds='http://www.w3.org/2000/09/xmldsig#' - targetNamespace='http://www.w3.org/2001/04/xmlenc#' - elementFormDefault='qualified'> - -<!-- - <import namespace='http://www.w3.org/2000/09/xmldsig#' - schemaLocation='http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd'/> - --> - <import namespace='http://www.w3.org/2000/09/xmldsig#' - schemaLocation='xmldsig-core-schema.xsd'/> - - <complexType name='EncryptedType' abstract='true'> - <sequence> - <element name='EncryptionMethod' type='xenc:EncryptionMethodType' - minOccurs='0'/> - <element ref='ds:KeyInfo' minOccurs='0'/> - <element ref='xenc:CipherData'/> - <element ref='xenc:EncryptionProperties' minOccurs='0'/> - </sequence> - <attribute name='Id' type='ID' use='optional'/> - <attribute name='Type' type='anyURI' use='optional'/> - <attribute name='MimeType' type='string' use='optional'/> - <attribute name='Encoding' type='anyURI' use='optional'/> - </complexType> - - <complexType name='EncryptionMethodType' mixed='true'> - <sequence> - <element name='KeySize' minOccurs='0' type='xenc:KeySizeType'/> - <element name='OAEPparams' minOccurs='0' type='base64Binary'/> - <any namespace='##other' minOccurs='0' maxOccurs='unbounded'/> - </sequence> - <attribute name='Algorithm' type='anyURI' use='required'/> - </complexType> - - <simpleType name='KeySizeType'> - <restriction base="integer"/> - </simpleType> - - <element name='CipherData' type='xenc:CipherDataType'/> - <complexType name='CipherDataType'> - <choice> - <element name='CipherValue' type='base64Binary'/> - <element ref='xenc:CipherReference'/> - </choice> - </complexType> - - <element name='CipherReference' type='xenc:CipherReferenceType'/> - <complexType name='CipherReferenceType'> - <choice> - <element name='Transforms' type='xenc:TransformsType' minOccurs='0'/> - </choice> - <attribute name='URI' type='anyURI' use='required'/> - </complexType> - - <complexType name='TransformsType'> - <sequence> - <element ref='ds:Transform' maxOccurs='unbounded'/> - </sequence> - </complexType> - - - <element name='EncryptedData' type='xenc:EncryptedDataType'/> - <complexType name='EncryptedDataType'> - <complexContent> - <extension base='xenc:EncryptedType'> - </extension> - </complexContent> - </complexType> - - <!-- Children of ds:KeyInfo --> - - <element name='EncryptedKey' type='xenc:EncryptedKeyType'/> - <complexType name='EncryptedKeyType'> - <complexContent> - <extension base='xenc:EncryptedType'> - <sequence> - <element ref='xenc:ReferenceList' minOccurs='0'/> - <element name='CarriedKeyName' type='string' minOccurs='0'/> - </sequence> - <attribute name='Recipient' type='string' - use='optional'/> - </extension> - </complexContent> - </complexType> - - <element name="AgreementMethod" type="xenc:AgreementMethodType"/> - <complexType name="AgreementMethodType" mixed="true"> - <sequence> - <element name="KA-Nonce" minOccurs="0" type="base64Binary"/> - <!-- <element ref="ds:DigestMethod" minOccurs="0"/> --> - <any namespace="##other" minOccurs="0" maxOccurs="unbounded"/> - <element name="OriginatorKeyInfo" minOccurs="0" type="ds:KeyInfoType"/> - <element name="RecipientKeyInfo" minOccurs="0" type="ds:KeyInfoType"/> - </sequence> - <attribute name="Algorithm" type="anyURI" use="required"/> - </complexType> - - <!-- End Children of ds:KeyInfo --> - - <element name='ReferenceList'> - <complexType> - <choice minOccurs='1' maxOccurs='unbounded'> - <element name='DataReference' type='xenc:ReferenceType'/> - <element name='KeyReference' type='xenc:ReferenceType'/> - </choice> - </complexType> - </element> - - <complexType name='ReferenceType'> - <sequence> - <any namespace='##other' minOccurs='0' maxOccurs='unbounded'/> - </sequence> - <attribute name='URI' type='anyURI' use='required'/> - </complexType> - - - <element name='EncryptionProperties' type='xenc:EncryptionPropertiesType'/> - <complexType name='EncryptionPropertiesType'> - <sequence> - <element ref='xenc:EncryptionProperty' maxOccurs='unbounded'/> - </sequence> - <attribute name='Id' type='ID' use='optional'/> - </complexType> - - <element name='EncryptionProperty' type='xenc:EncryptionPropertyType'/> - <complexType name='EncryptionPropertyType' mixed='true'> - <choice maxOccurs='unbounded'> - <any namespace='##other' processContents='lax'/> - </choice> - <attribute name='Target' type='anyURI' use='optional'/> - <attribute name='Id' type='ID' use='optional'/> - <anyAttribute namespace="http://www.w3.org/XML/1998/namespace"/> - </complexType> - -</schema> - diff --git a/common/src/main/resources/resources/schemas/xml.xsd b/common/src/main/resources/resources/schemas/xml.xsd deleted file mode 100644 index 79dbc02ba..000000000 --- a/common/src/main/resources/resources/schemas/xml.xsd +++ /dev/null @@ -1,83 +0,0 @@ -<?xml version='1.0'?>
-<!-- documented out for compatibility with Xerces-2.0.2
-<!DOCTYPE xs:schema PUBLIC "-//W3C//DTD XMLSCHEMA 200102//EN" "XMLSchema.dtd" >
--->
-<xs:schema targetNamespace="http://www.w3.org/XML/1998/namespace" xmlns:xs="http://www.w3.org/2001/XMLSchema" xml:lang="en">
-
- <xs:annotation>
- <xs:documentation>
- See http://www.w3.org/XML/1998/namespace.html and
- http://www.w3.org/TR/REC-xml for information about this namespace.
- </xs:documentation>
- </xs:annotation>
-
- <xs:annotation>
- <xs:documentation>This schema defines attributes and an attribute group
- suitable for use by
- schemas wishing to allow xml:base, xml:lang or xml:space attributes
- on elements they define.
-
- To enable this, such a schema must import this schema
- for the XML namespace, e.g. as follows:
- <schema . . .>
- . . .
- <import namespace="http://www.w3.org/XML/1998/namespace"
- schemaLocation="http://www.w3.org/2001/03/xml.xsd"/>
-
- Subsequently, qualified reference to any of the attributes
- or the group defined below will have the desired effect, e.g.
-
- <type . . .>
- . . .
- <attributeGroup ref="xml:specialAttrs"/>
-
- will define a type which will schema-validate an instance
- element with any of those attributes</xs:documentation>
- </xs:annotation>
-
- <xs:annotation>
- <xs:documentation>In keeping with the XML Schema WG's standard versioning
- policy, this schema document will persist at
- http://www.w3.org/2001/03/xml.xsd.
- At the date of issue it can also be found at
- http://www.w3.org/2001/xml.xsd.
- The schema document at that URI may however change in the future,
- in order to remain compatible with the latest version of XML Schema
- itself. In other words, if the XML Schema namespace changes, the version
- of this document at
- http://www.w3.org/2001/xml.xsd will change
- accordingly; the version at
- http://www.w3.org/2001/03/xml.xsd will not change.
- </xs:documentation>
- </xs:annotation>
-
- <xs:attribute name="lang" type="xs:language">
- <xs:annotation>
- <xs:documentation>In due course, we should install the relevant ISO 2- and 3-letter
- codes as the enumerated possible values . . .</xs:documentation>
- </xs:annotation>
- </xs:attribute>
-
- <xs:attribute name="space" default="preserve">
- <xs:simpleType>
- <xs:restriction base="xs:NCName">
- <xs:enumeration value="default"/>
- <xs:enumeration value="preserve"/>
- </xs:restriction>
- </xs:simpleType>
- </xs:attribute>
-
- <xs:attribute name="base" type="xs:anyURI">
- <xs:annotation>
- <xs:documentation>See http://www.w3.org/TR/xmlbase/ for
- information about this attribute.</xs:documentation>
- </xs:annotation>
- </xs:attribute>
-
- <xs:attributeGroup name="specialAttrs">
- <xs:attribute ref="xml:base"/>
- <xs:attribute ref="xml:lang"/>
- <xs:attribute ref="xml:space"/>
- </xs:attributeGroup>
-
-</xs:schema>
diff --git a/common/src/main/resources/resources/schemas/xmldsig-core-schema.xsd b/common/src/main/resources/resources/schemas/xmldsig-core-schema.xsd deleted file mode 100644 index a7e302373..000000000 --- a/common/src/main/resources/resources/schemas/xmldsig-core-schema.xsd +++ /dev/null @@ -1,264 +0,0 @@ -<?xml version="1.0" encoding="utf-8"?>
-<!-- documented out for compatibility with Xerces-2.0.2
-<!DOCTYPE schema PUBLIC "-//W3C//DTD XMLSchema 200102//EN" "XMLSchema.dtd" [
- <!ATTLIST schema
- xmlns:ds CDATA #FIXED "http://www.w3.org/2000/09/xmldsig#"
->
- <!ENTITY dsig 'http://www.w3.org/2000/09/xmldsig#'>
- <!ENTITY % p ''>
- <!ENTITY % s ''>
-]>
--->
-<!-- Schema for XML Signatures
- http://www.w3.org/2000/09/xmldsig#
- $Revision: 1.1 $ on $Date: 2003/03/11 10:10:34 $ by $Author: peck $
-
- Copyright 2001 The Internet Society and W3C (Massachusetts Institute
- of Technology, Institut National de Recherche en Informatique et en
- Automatique, Keio University). All Rights Reserved.
- http://www.w3.org/Consortium/Legal/
-
- This document is governed by the W3C Software License [1] as described
- in the FAQ [2].
-
- [1] http://www.w3.org/Consortium/Legal/copyright-software-19980720
- [2] http://www.w3.org/Consortium/Legal/IPR-FAQ-20000620.html#DTD
--->
-<schema targetNamespace="http://www.w3.org/2000/09/xmldsig#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns="http://www.w3.org/2001/XMLSchema" elementFormDefault="qualified" version="0.1">
- <!-- Basic Types Defined for Signatures -->
- <simpleType name="CryptoBinary">
- <restriction base="base64Binary"/>
- </simpleType>
- <!-- Start Signature -->
- <element name="Signature" type="ds:SignatureType"/>
- <complexType name="SignatureType">
- <sequence>
- <element ref="ds:SignedInfo"/>
- <element ref="ds:SignatureValue"/>
- <element ref="ds:KeyInfo" minOccurs="0"/>
- <element ref="ds:Object" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- <attribute name="Id" type="ID" use="optional"/>
- </complexType>
- <element name="SignatureValue" type="ds:SignatureValueType"/>
- <complexType name="SignatureValueType">
- <simpleContent>
- <extension base="base64Binary">
- <attribute name="Id" type="ID" use="optional"/>
- </extension>
- </simpleContent>
- </complexType>
- <!-- Start SignedInfo -->
- <element name="SignedInfo" type="ds:SignedInfoType"/>
- <complexType name="SignedInfoType">
- <sequence>
- <element ref="ds:CanonicalizationMethod"/>
- <element ref="ds:SignatureMethod"/>
- <element ref="ds:Reference" maxOccurs="unbounded"/>
- </sequence>
- <attribute name="Id" type="ID" use="optional"/>
- </complexType>
- <element name="CanonicalizationMethod" type="ds:CanonicalizationMethodType"/>
- <complexType name="CanonicalizationMethodType" mixed="true">
- <sequence>
- <any namespace="##any" minOccurs="0" maxOccurs="unbounded"/>
- <!-- (0,unbounded) elements from (1,1) namespace -->
- </sequence>
- <attribute name="Algorithm" type="anyURI" use="required"/>
- </complexType>
- <element name="SignatureMethod" type="ds:SignatureMethodType"/>
- <complexType name="SignatureMethodType" mixed="true">
- <sequence>
- <element name="HMACOutputLength" type="ds:HMACOutputLengthType" minOccurs="0"/>
- <any namespace="##other" minOccurs="0" maxOccurs="unbounded"/>
- <!-- (0,unbounded) elements from (1,1) external namespace -->
- </sequence>
- <attribute name="Algorithm" type="anyURI" use="required"/>
- </complexType>
- <!-- Start Reference -->
- <element name="Reference" type="ds:ReferenceType"/>
- <complexType name="ReferenceType">
- <sequence>
- <element ref="ds:Transforms" minOccurs="0"/>
- <element ref="ds:DigestMethod"/>
- <element ref="ds:DigestValue"/>
- </sequence>
- <attribute name="Id" type="ID" use="optional"/>
- <attribute name="URI" type="anyURI" use="optional"/>
- <attribute name="Type" type="anyURI" use="optional"/>
- </complexType>
- <element name="Transforms" type="ds:TransformsType"/>
- <complexType name="TransformsType">
- <sequence>
- <element ref="ds:Transform" maxOccurs="unbounded"/>
- </sequence>
- </complexType>
- <element name="Transform" type="ds:TransformType"/>
- <complexType name="TransformType" mixed="true">
- <choice minOccurs="0" maxOccurs="unbounded">
- <any namespace="##other" processContents="lax"/>
- <element name="XPath" type="string"/>
- <!-- (1,1) elements from (0,unbounded) namespaces -->
- </choice>
- <attribute name="Algorithm" type="anyURI" use="required"/>
- </complexType>
- <!-- End Reference -->
- <element name="DigestMethod" type="ds:DigestMethodType"/>
- <complexType name="DigestMethodType" mixed="true">
- <sequence>
- <any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- <attribute name="Algorithm" type="anyURI" use="required"/>
- </complexType>
- <element name="DigestValue" type="ds:DigestValueType"/>
- <simpleType name="DigestValueType">
- <restriction base="base64Binary"/>
- </simpleType>
- <!-- End SignedInfo -->
- <!-- Start KeyInfo -->
- <element name="KeyInfo" type="ds:KeyInfoType"/>
- <complexType name="KeyInfoType" mixed="true">
- <choice maxOccurs="unbounded">
- <element ref="ds:KeyName"/>
- <element ref="ds:KeyValue"/>
- <element ref="ds:RetrievalMethod"/>
- <element ref="ds:X509Data"/>
- <element ref="ds:PGPData"/>
- <element ref="ds:SPKIData"/>
- <element ref="ds:MgmtData"/>
- <any namespace="##other" processContents="lax"/>
- <!-- (1,1) elements from (0,unbounded) namespaces -->
- </choice>
- <attribute name="Id" type="ID" use="optional"/>
- </complexType>
- <element name="KeyName" type="string"/>
- <element name="MgmtData" type="string"/>
- <element name="KeyValue" type="ds:KeyValueType"/>
- <complexType name="KeyValueType" mixed="true">
- <choice>
- <element ref="ds:DSAKeyValue"/>
- <element ref="ds:RSAKeyValue"/>
- <any namespace="##other" processContents="lax"/>
- </choice>
- </complexType>
- <element name="RetrievalMethod" type="ds:RetrievalMethodType"/>
- <complexType name="RetrievalMethodType">
- <sequence>
- <element ref="ds:Transforms" minOccurs="0"/>
- </sequence>
- <attribute name="URI" type="anyURI"/>
- <attribute name="Type" type="anyURI" use="optional"/>
- </complexType>
- <!-- Start X509Data -->
- <element name="X509Data" type="ds:X509DataType"/>
- <complexType name="X509DataType">
- <sequence maxOccurs="unbounded">
- <choice>
- <element name="X509IssuerSerial" type="ds:X509IssuerSerialType"/>
- <element name="X509SKI" type="base64Binary"/>
- <element name="X509SubjectName" type="string"/>
- <element name="X509Certificate" type="base64Binary"/>
- <element name="X509CRL" type="base64Binary"/>
- <any namespace="##other" processContents="lax"/>
- </choice>
- </sequence>
- </complexType>
- <complexType name="X509IssuerSerialType">
- <sequence>
- <element name="X509IssuerName" type="string"/>
- <element name="X509SerialNumber" type="integer"/>
- </sequence>
- </complexType>
- <!-- End X509Data -->
- <!-- Begin PGPData -->
- <element name="PGPData" type="ds:PGPDataType"/>
- <complexType name="PGPDataType">
- <choice>
- <sequence>
- <element name="PGPKeyID" type="base64Binary"/>
- <element name="PGPKeyPacket" type="base64Binary" minOccurs="0"/>
- <any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- <sequence>
- <element name="PGPKeyPacket" type="base64Binary"/>
- <any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- </choice>
- </complexType>
- <!-- End PGPData -->
- <!-- Begin SPKIData -->
- <element name="SPKIData" type="ds:SPKIDataType"/>
- <complexType name="SPKIDataType">
- <sequence maxOccurs="unbounded">
- <element name="SPKISexp" type="base64Binary"/>
- <any namespace="##other" processContents="lax" minOccurs="0"/>
- </sequence>
- </complexType>
- <!-- End SPKIData -->
- <!-- End KeyInfo -->
- <!-- Start Object (Manifest, SignatureProperty) -->
- <element name="Object" type="ds:ObjectType"/>
- <complexType name="ObjectType" mixed="true">
- <sequence minOccurs="0" maxOccurs="unbounded">
- <any namespace="##any" processContents="lax"/>
- </sequence>
- <attribute name="Id" type="ID" use="optional"/>
- <attribute name="MimeType" type="string" use="optional"/>
- <attribute name="Encoding" type="anyURI" use="optional"/>
- <!-- add a grep facet -->
- </complexType>
- <element name="Manifest" type="ds:ManifestType"/>
- <complexType name="ManifestType">
- <sequence>
- <element ref="ds:Reference" maxOccurs="unbounded"/>
- </sequence>
- <attribute name="Id" type="ID" use="optional"/>
- </complexType>
- <element name="SignatureProperties" type="ds:SignaturePropertiesType"/>
- <complexType name="SignaturePropertiesType">
- <sequence>
- <element ref="ds:SignatureProperty" maxOccurs="unbounded"/>
- </sequence>
- <attribute name="Id" type="ID" use="optional"/>
- </complexType>
- <element name="SignatureProperty" type="ds:SignaturePropertyType"/>
- <complexType name="SignaturePropertyType" mixed="true">
- <choice maxOccurs="unbounded">
- <any namespace="##other" processContents="lax"/>
- <!-- (1,1) elements from (1,unbounded) namespaces -->
- </choice>
- <attribute name="Target" type="anyURI" use="required"/>
- <attribute name="Id" type="ID" use="optional"/>
- </complexType>
- <!-- End Object (Manifest, SignatureProperty) -->
- <!-- Start Algorithm Parameters -->
- <simpleType name="HMACOutputLengthType">
- <restriction base="integer"/>
- </simpleType>
- <!-- Start KeyValue Element-types -->
- <element name="DSAKeyValue" type="ds:DSAKeyValueType"/>
- <complexType name="DSAKeyValueType">
- <sequence>
- <sequence minOccurs="0">
- <element name="P" type="ds:CryptoBinary"/>
- <element name="Q" type="ds:CryptoBinary"/>
- </sequence>
- <element name="G" type="ds:CryptoBinary" minOccurs="0"/>
- <element name="Y" type="ds:CryptoBinary"/>
- <element name="J" type="ds:CryptoBinary" minOccurs="0"/>
- <sequence minOccurs="0">
- <element name="Seed" type="ds:CryptoBinary"/>
- <element name="PgenCounter" type="ds:CryptoBinary"/>
- </sequence>
- </sequence>
- </complexType>
- <element name="RSAKeyValue" type="ds:RSAKeyValueType"/>
- <complexType name="RSAKeyValueType">
- <sequence>
- <element name="Modulus" type="ds:CryptoBinary"/>
- <element name="Exponent" type="ds:CryptoBinary"/>
- </sequence>
- </complexType>
- <!-- End KeyValue Element-types -->
- <!-- End Signature -->
-</schema>
diff --git a/common/src/main/resources/resources/schemas/xmldsig-filter2.xsd b/common/src/main/resources/resources/schemas/xmldsig-filter2.xsd deleted file mode 100644 index 330eafd19..000000000 --- a/common/src/main/resources/resources/schemas/xmldsig-filter2.xsd +++ /dev/null @@ -1,38 +0,0 @@ -<?xml version="1.0" encoding="utf-8"?>
-<!-- documented out for compatibility with Xerces-2.0.2
- <!DOCTYPE schema
- PUBLIC "-//W3C//DTD XMLSchema 200102//EN" "http://www.w3.org/2001/XMLSchema.dtd"
- [
- <!ATTLIST schema
- xmlns:xf CDATA #FIXED 'http://www.w3.org/2002/06/xmldsig-filter2'>
- <!ENTITY xf 'http://www.w3.org/2002/06/xmldsig-filter2'>
- <!ENTITY % p ''>
- <!ENTITY % s ''>
- ]>
--->
-
- <schema xmlns="http://www.w3.org/2001/XMLSchema"
- xmlns:xf="http://www.w3.org/2002/06/xmldsig-filter2"
- targetNamespace="http://www.w3.org/2002/06/xmldsig-filter2"
- version="0.1" elementFormDefault="qualified">
-
- <element name="XPath"
- type="xf:XPathType"/>
-
- <complexType name="XPathType">
- <simpleContent>
- <extension base="string">
- <attribute name="Filter">
- <simpleType>
- <restriction base="string">
- <enumeration value="intersect"/>
- <enumeration value="subtract"/>
- <enumeration value="union"/>
- </restriction>
- </simpleType>
- </attribute>
- </extension>
- </simpleContent>
- </complexType>
-
- </schema>
\ No newline at end of file diff --git a/common/src/test/java/test/at/gv/egovernment/moa/AllTests.java b/common/src/test/java/test/at/gv/egovernment/moa/AllTests.java deleted file mode 100644 index ba7a0edc4..000000000 --- a/common/src/test/java/test/at/gv/egovernment/moa/AllTests.java +++ /dev/null @@ -1,62 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package test.at.gv.egovernment.moa; - -import test.at.gv.egovernment.moa.util.DOMUtilsTest; -import test.at.gv.egovernment.moa.util.DateTimeUtilsTest; -import test.at.gv.egovernment.moa.util.KeyStoreUtilsTest; -import test.at.gv.egovernment.moa.util.SSLUtilsTest; -import test.at.gv.egovernment.moa.util.XPathUtilsTest; - -import junit.awtui.TestRunner; -import junit.framework.Test; -import junit.framework.TestSuite; - -/** - * @author patrick - * @version $Id$ - */ -public class AllTests { - - public static Test suite() { - TestSuite suite = new TestSuite(); - -// suite.addTestSuite(DOMUtilsTest.class); -// suite.addTestSuite(DateTimeUtilsTest.class); -// suite.addTestSuite(XPathUtilsTest.class); -// suite.addTestSuite(KeyStoreUtilsTest.class); -// suite.addTestSuite(SSLUtilsTest.class); - - return suite; - } - - public static void main(String[] args) { - try { - TestRunner.run(AllTests.class); - } catch (Exception e) { - e.printStackTrace(); - } - } -} diff --git a/common/src/test/java/test/at/gv/egovernment/moa/MOATestCase.java b/common/src/test/java/test/at/gv/egovernment/moa/MOATestCase.java deleted file mode 100644 index 5d1c5371a..000000000 --- a/common/src/test/java/test/at/gv/egovernment/moa/MOATestCase.java +++ /dev/null @@ -1,99 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package test.at.gv.egovernment.moa; - -import java.io.FileInputStream; -import java.io.StringReader; - -import javax.xml.parsers.DocumentBuilder; -import javax.xml.parsers.DocumentBuilderFactory; - -import org.w3c.dom.Document; - -import org.xml.sax.InputSource; - -import junit.framework.TestCase; - -import at.gv.egovernment.moa.util.Constants; -import at.gv.egovernment.moa.util.DOMUtils; - -/** - * Base class for MOA test cases. - * - * Provides some utility functions. - * - * @author Patrick Peck - * @version $Id$ - */ -public class MOATestCase extends TestCase { - - protected static final String TESTDATA_ROOT = "data/test/"; - - /** - * Constructor for MOATestCase. - * @param arg0 - */ - public MOATestCase(String name) { - super(name); - } - - /** - * Parse an XML file non-validating. - */ - public static Document parseXml(String fileName) throws Exception { - return DOMUtils.parseDocument( - new FileInputStream(fileName), - false, - null, - null); - } - - /** - * Parse an XML validating with a given file name. - * - * Uses the local schema resources. - */ - public static Document parseXmlValidating(String fileName) throws Exception { - return DOMUtils.parseDocument( - new FileInputStream(fileName), - true, - Constants.ALL_SCHEMA_LOCATIONS, - null); - } - - /** - * Parse an XML from a String. - */ - public static Document parseXmlString(String xml) throws Exception { - DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance(); - DocumentBuilder builder; - - factory.setNamespaceAware(true); - builder = factory.newDocumentBuilder(); - - return builder.parse(new InputSource(new StringReader(xml))); - } - -} diff --git a/common/src/test/java/test/at/gv/egovernment/moa/util/DOMUtilsTest.java b/common/src/test/java/test/at/gv/egovernment/moa/util/DOMUtilsTest.java deleted file mode 100644 index 1a2b6904d..000000000 --- a/common/src/test/java/test/at/gv/egovernment/moa/util/DOMUtilsTest.java +++ /dev/null @@ -1,161 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package test.at.gv.egovernment.moa.util; -import java.io.FileInputStream; -import java.util.Map; - -import org.w3c.dom.Document; -import org.w3c.dom.Element; -import org.w3c.dom.NodeList; - -import test.at.gv.egovernment.moa.*; - -import at.gv.egovernment.moa.util.Constants; -import at.gv.egovernment.moa.util.DOMUtils; - -/** - * @author Patrick Peck - * @version $Id$ - */ -public class DOMUtilsTest extends MOATestCase { - private static final String TESTDATA_BASE = TESTDATA_ROOT + "xml/"; - private static boolean grammarsInitialized = false; - - /** - * Constructor for DOMUtilsTest. - * @param name - */ - public DOMUtilsTest(String name) { - super(name); - } - - protected void setUp() throws Exception { - if (!grammarsInitialized) { - // preparse XML schema - DOMUtils.addSchemaToPool( - getClass().getResourceAsStream(Constants.XML_SCHEMA_LOCATION), - Constants.XML_NS_URI); - // preparse XMLDsig Filter2 schema - DOMUtils.addSchemaToPool( - getClass().getResourceAsStream(Constants.DSIG_FILTER2_SCHEMA_LOCATION), - Constants.DSIG_FILTER2_NS_URI); - // preparse XMLDsig schema - DOMUtils.addSchemaToPool( - getClass().getResourceAsStream(Constants.DSIG_SCHEMA_LOCATION), - Constants.DSIG_NS_URI); - // preparse MOA schema - DOMUtils.addSchemaToPool( - getClass().getResourceAsStream(Constants.MOA_SCHEMA_LOCATION), - Constants.MOA_NS_URI); - grammarsInitialized = true; - } - } - - private Document parse(String fileName) throws Exception { - return DOMUtils.parseDocument( - new FileInputStream(fileName), - true, - Constants.ALL_SCHEMA_LOCATIONS, - null); - } - - public void testParseCreateXMLSignature() throws Exception { - parse(TESTDATA_BASE + "CreateXMLSignature/TestGeneratorCX2.005.Req.xml"); - parse(TESTDATA_BASE + "CreateXMLSignature/Req000.xml"); - parse(TESTDATA_BASE + "CreateXMLSignature/Req001.xml"); - parse(TESTDATA_BASE + "CreateXMLSignature/Req002.xml"); - parse(TESTDATA_BASE + "CreateXMLSignature/Req004.xml"); - } - - public void testParseVerifyCMSSignature() throws Exception { - parse(TESTDATA_BASE + "VerifyCMSSignature/Req000.xml"); - } - - public void testParseVerifyXMLSignature() throws Exception { - parse(TESTDATA_BASE + "VerifyXMLSignature/Req000.xml"); - parse(TESTDATA_BASE + "VerifyXMLSignature/Req001.xml"); - parse(TESTDATA_BASE + "VerifyXMLSignature/Req002.xml"); - parse(TESTDATA_BASE + "VerifyXMLSignature/TestGeneratorVX.002.Req.xml"); - //parse(TESTDATA_BASE + "VerifyXMLSignature/TestGeneratorVX.006.Req.xml"); - parse(TESTDATA_BASE + "VerifyXMLSignature/VerifySAMLRequest.xml"); - } - - public void testParseInfobox() throws Exception { - parse(TESTDATA_BASE + "Infobox/InfoboxReadResponseMOA4.xml"); - parse(TESTDATA_BASE + "Infobox/InfoboxReadResponse.xml"); - } - - - private Document parsePlain(String fileName) throws Exception { - return DOMUtils.parseDocument( - new FileInputStream(fileName), - false, - null, - null); - } - - public void testValidateCreateXMLSignature() throws Exception { - Document doc; - boolean valid; - - // test a valid request - doc = parsePlain(TESTDATA_BASE + "CreateXMLSignature/Req000.xml"); - valid = - DOMUtils.validateElement( - doc.getDocumentElement(), - Constants.ALL_SCHEMA_LOCATIONS, - null); - assertTrue(valid); - - // test an invalid request - doc = parsePlain(TESTDATA_BASE + "CreateXMLSignature/invalid.xml"); - try { - valid = - DOMUtils.validateElement( - doc.getDocumentElement(), - Constants.ALL_SCHEMA_LOCATIONS, - null); - fail(); - } catch (Exception e) { - } - } - - public void testGetNamespaceDeclarations() throws Exception { - Document doc; - NodeList nl; - Element elem; - Map nsDecls; - - doc = parse(TESTDATA_BASE + "VerifyXMLSignature/Req002.xml"); - nl = doc.getElementsByTagNameNS(Constants.DSIG_NS_URI, "Reference"); - elem = (Element) nl.item(0); - nsDecls = DOMUtils.getNamespaceDeclarations(elem); - - assertEquals(2, nsDecls.size()); - assertEquals(Constants.DSIG_NS_URI, nsDecls.get("dsig")); - assertEquals(Constants.MOA_NS_URI, nsDecls.get("")); - } - -} diff --git a/common/src/test/java/test/at/gv/egovernment/moa/util/DateTimeUtilsTest.java b/common/src/test/java/test/at/gv/egovernment/moa/util/DateTimeUtilsTest.java deleted file mode 100644 index e3468b89f..000000000 --- a/common/src/test/java/test/at/gv/egovernment/moa/util/DateTimeUtilsTest.java +++ /dev/null @@ -1,129 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package test.at.gv.egovernment.moa.util; -import java.text.DateFormat; -import java.text.ParseException; -import java.text.SimpleDateFormat; -import java.util.Calendar; -import java.util.Date; -import java.util.GregorianCalendar; -import java.util.TimeZone; - -import junit.framework.TestCase; - -import at.gv.egovernment.moa.util.DateTimeUtils; - -/** - * @author Patrick Peck - * @version $Id$ - */ -public class DateTimeUtilsTest extends TestCase { - - /** - * Constructor for DateTimeUtilsTest. - * @param arg0 - */ - public DateTimeUtilsTest(String arg0) { - super(arg0); - } - - public void testParseDateTimeValid() throws Exception { - Date date; - DateFormat format = new SimpleDateFormat("dd.MM.yyyy HH:mm:ss"); - - String dateStr; - - format.setTimeZone(TimeZone.getTimeZone("GMT")); - date = DateTimeUtils.parseDateTime("+1971-12-12T06:30:15"); - date.setTime(date.getTime() + TimeZone.getDefault().getRawOffset()); - dateStr = format.format(date); - assertEquals("12.12.1971 06:30:15", dateStr); - - date = DateTimeUtils.parseDateTime("2000-01-01T23:59:59.012Z"); - dateStr = format.format(date); - assertEquals("01.01.2000 23:59:59", dateStr); - - date = DateTimeUtils.parseDateTime("2003-05-20T12:17:30-05:00"); - dateStr = format.format(date); - assertEquals("20.05.2003 17:17:30", dateStr); - - - date = DateTimeUtils.parseDateTime("2002-02-02T02:02:02.33+04:30"); - dateStr = format.format(date); - assertEquals("01.02.2002 21:32:02", dateStr); - } - - public void testParseDateTimeInvalid() { - try { - DateTimeUtils.parseDateTime("+1971-12-12T6:30:15"); - fail(); - } catch (ParseException e) { - } - - try { - DateTimeUtils.parseDateTime("2000-01-0123:59:59.999999Z"); - fail(); - } catch (ParseException e) { - } - - try { - DateTimeUtils.parseDateTime("2003-05-20T12:17:3005:00"); - fail(); - } catch (ParseException e) { - } - - try { - DateTimeUtils.parseDateTime(" 2002-02-02T02:02:02.33+04:00"); - fail(); - } catch (ParseException e) { - } - - } - - public void testBuildDateTimeGMTMinus3() { - String should = "2002-01-01T01:01:01-03:00"; - doTestBuildDateTime(2002, 1, 1, 1, 1, 1, "GMT-03:00", should); - } - public void testBuildDateTimeMEZSommerzeit() { - String should = "2002-07-31T23:59:59+02:00"; - doTestBuildDateTime(2002, 7, 31, 23, 59, 59, "GMT+01:00", should); - } - public void testBuildDateTimeGMT() { - String should = "2002-01-01T01:01:01"; - doTestBuildDateTime(2002, 1, 1, 1, 1, 1, "GMT+00:00", should); - } - private void doTestBuildDateTime( - int year, int month, int day, - int hour, int min, int sec, - String timeZone, String dateTimeShould) { - -// Calendar cal = new GregorianCalendar(TimeZone.getTimeZone(timeZone)); -// cal.set(year,month, day, hour, min, sec); -// cal.set(Calendar.MILLISECOND, 0); -// String dateTimeBuilt = DateTimeUtils.buildDateTime(cal, false); -// assertEquals(dateTimeShould, dateTimeBuilt); - } - -} diff --git a/common/src/test/java/test/at/gv/egovernment/moa/util/KeyStoreUtilsTest.java b/common/src/test/java/test/at/gv/egovernment/moa/util/KeyStoreUtilsTest.java deleted file mode 100644 index 2433eca89..000000000 --- a/common/src/test/java/test/at/gv/egovernment/moa/util/KeyStoreUtilsTest.java +++ /dev/null @@ -1,114 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package test.at.gv.egovernment.moa.util; - -import java.io.File; -import java.io.FileInputStream; -import java.io.FileOutputStream; -import java.io.IOException; -import java.math.BigInteger; -import java.security.KeyStore; -import java.security.Security; -import java.security.cert.X509Certificate; -import java.util.Enumeration; - -import at.gv.egovernment.moa.util.KeyStoreUtils; - -import junit.framework.TestCase; - -/** - * @author Paul Ivancsics - * @version $Id$ - */ -public class KeyStoreUtilsTest extends TestCase { - private String tmpDir = "tmp/KeyStoreUtilsTest"; - private String tmpDirURL = "file:" + tmpDir; - - public KeyStoreUtilsTest(String arg0) { - super(arg0); - } - - protected void setUp() throws Exception { - Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider()); - new File(tmpDir).mkdirs(); - } - protected void tearDown() throws Exception { - new File(tmpDir).delete(); - } - public void testCreateKeyStoreJKS() throws Exception { - String[] certFilenames = new String[] { - "data/test/security/server-certs/baltimore.cer" - }; - KeyStore ks = KeyStoreUtils.createKeyStore("jks", certFilenames); - assertEquals(1, ks.size()); - X509Certificate cert = (X509Certificate)ks.getCertificate("0"); - assertEquals(3424, cert.getSerialNumber().intValue()); - } - public void testCreateKeyStorePKCS12() throws Exception { - String[] certFilenames = new String[] { - "data/test/security/server-certs/baltimore.cer" - }; - KeyStore ks = KeyStoreUtils.createKeyStore("pkcs12", certFilenames); - assertEquals(1, ks.size()); - X509Certificate cert = (X509Certificate)ks.getCertificate("0"); - assertEquals(3424, cert.getSerialNumber().intValue()); - } - public void testCreateKeyStoreFromCertificateDirectory() throws Exception { - // copy certificate files to a temporary directory, - // omitting the "CVS" directory in the source directory - copyCertificates("data/test/security/server-certs", tmpDir); - KeyStore ks = KeyStoreUtils.createKeyStoreFromCertificateDirectory("jks", tmpDirURL); - assertEquals(2, ks.size()); - X509Certificate cert0 = (X509Certificate)ks.getCertificate("0"); - X509Certificate cert1 = (X509Certificate)ks.getCertificate("1"); - assertTrue(3424 == cert0.getSerialNumber().intValue() || 3424 == cert1.getSerialNumber().intValue()); - } - private void copyCertificates(String from, String to) throws IOException { - String[] fromList = new File(from).list(); - for (int i = 0; i < fromList.length; i++) { - File fromFile = new File(from + File.separator + fromList[i]); - if (fromFile.isFile()) { - String toFile = to + "/" + fromList[i]; - FileInputStream in = new FileInputStream(fromFile); - FileOutputStream out = new FileOutputStream(toFile); - for (int ch = in.read(); ch >= 0; ch = in.read()) - out.write(ch); - out.close(); - in.close(); - } - } - - } - public void testLoadKeyStore() throws Exception { - String keyStoreURL = "file:data/test/security/client-certs/sicher-demo(buergerkarte).p12"; - KeyStore ks = KeyStoreUtils.loadKeyStore("pkcs12", keyStoreURL, "buergerkarte"); - assertEquals(1, ks.size()); - Enumeration aliases = ks.aliases(); - String alias = (String)aliases.nextElement(); - X509Certificate cert = (X509Certificate)ks.getCertificate(alias); - assertEquals(new BigInteger("1044289238331").intValue(), cert.getSerialNumber().intValue()); - } - -} diff --git a/common/src/test/java/test/at/gv/egovernment/moa/util/SSLUtilsTest.java b/common/src/test/java/test/at/gv/egovernment/moa/util/SSLUtilsTest.java deleted file mode 100644 index 2b5094fb8..000000000 --- a/common/src/test/java/test/at/gv/egovernment/moa/util/SSLUtilsTest.java +++ /dev/null @@ -1,181 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package test.at.gv.egovernment.moa.util; - -import java.net.URL; -import java.security.KeyStore; -import java.security.Security; - -import javax.net.ssl.SSLException; -import javax.net.ssl.SSLSocketFactory; - -import junit.framework.TestCase; -import at.gv.egovernment.moa.util.KeyStoreUtils; -import at.gv.egovernment.moa.util.SSLUtils; - -import com.sun.net.ssl.HostnameVerifier; -import com.sun.net.ssl.HttpsURLConnection; - -/** - * @author Paul Ivancsics - * @version $Id$ - */ -public class SSLUtilsTest extends TestCase { - - public SSLUtilsTest(String arg0) { - super(arg0); - } - - - protected void setUp() throws Exception { - //System.setProperty("javax.net.debug", "all"); - Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider()); - System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol"); - System.setProperty("https.cipherSuites", "SSL_DHE_DSS_WITH_DES_CBC_SHA,SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA,SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA,SSL_RSA_WITH_DES_CBC_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA,SSL_RSA_EXPORT_WITH_RC4_40_MD5"); - } - - public void testGetSSLSocketFactoryBaltimoreOK() throws Exception { - doTestGetSSLSocketFactory( - "GET", - "https://www.baltimore.com/", - false, - "file:data/test/security/cacerts+gt_cybertrust_root", - "changeit", - true); - } - public void testGetSSLSocketFactoryBaltimoreNOK() throws Exception { - doTestGetSSLSocketFactory( - "GET", - "https://www.baltimore.com/", - false, - "file:data/test/security/cacerts", - "changeit", - false); - } - public void testGetSSLSocketFactoryVerisignOK() throws Exception { - doTestGetSSLSocketFactory( - "GET", - "https://www.verisign.com/", - false, - "file:data/test/security/cacerts", - "changeit", - true); - } - public void testGetSSLSocketFactoryVerisignNoTruststoreOK() throws Exception { - doTestGetSSLSocketFactory( - "GET", - "https://www.verisign.com/", - false, - null, - null, - true); - } - public void testGetSSLSocketFactoryLocalhostOK() throws Exception { - String urlString = "https://localhost:8443/moa-id-auth/index.jsp"; - doTestGetSSLSocketFactory( - "GET", - urlString, - true, - "file:data/test/security/server.keystore.tomcat", - "changeit", - true); - } - public void testGetSSLSocketFactoryLocalhostNOK() throws Exception { - String urlString = "https://localhost:8443/moa-id-auth/index.jsp"; - doTestGetSSLSocketFactory( - "GET", - urlString, - true, - null, - null, - false); - } - - public void doTestGetSSLSocketFactory( - String requestMethod, - String urlString, - boolean useHostnameVerifierHack, - String truststoreurl, - String trustpassword, - boolean shouldOk - ) throws Exception { - - doTestGetSSLSocketFactory( - requestMethod, urlString, useHostnameVerifierHack, truststoreurl, trustpassword, null, null, null, shouldOk); - } - public void doTestGetSSLSocketFactory( - String requestMethod, - String urlString, - boolean useHostnameVerifierHack, - String truststoreurl, - String trustpassword, - String keystoretype, - String keystoreurl, - String keypassword, - boolean shouldOk - ) throws Exception { - - KeyStore truststore = null; - if (truststoreurl != null) - truststore = KeyStoreUtils.loadKeyStore("jks", truststoreurl, trustpassword); - SSLSocketFactory sf = SSLUtils.getSSLSocketFactory( - truststore, keystoretype, keystoreurl, keypassword); - System.out.println(requestMethod + " " + urlString); - - URL url = new URL(urlString); - HttpsURLConnection conn = (HttpsURLConnection)url.openConnection(); - conn.setRequestMethod(requestMethod); - conn.setDoInput(true); - conn.setDoOutput(true); - conn.setUseCaches(false); - conn.setAllowUserInteraction(false); - conn.setSSLSocketFactory(sf); - if (useHostnameVerifierHack) - conn.setHostnameVerifier(new HostnameVerifierHack()); - try { - conn.connect(); - assertTrue(shouldOk); - assertEquals(200, conn.getResponseCode()); - conn.disconnect(); - } - catch (SSLException ex) { - assertFalse(shouldOk); - } - } -// private byte[] readTruststore(String filename) throws IOException { -// if (filename == null) -// return null; -// FileInputStream in = new FileInputStream(filename); -// byte[] buffer = new byte[in.available()]; -// in.read(buffer); -// in.close(); -// return buffer; -// } - private class HostnameVerifierHack implements HostnameVerifier { - public boolean verify(String arg0, String arg1) { - return true; - } - } -} diff --git a/common/src/test/java/test/at/gv/egovernment/moa/util/URLDecoderTest.java b/common/src/test/java/test/at/gv/egovernment/moa/util/URLDecoderTest.java deleted file mode 100644 index 2ded896d0..000000000 --- a/common/src/test/java/test/at/gv/egovernment/moa/util/URLDecoderTest.java +++ /dev/null @@ -1,53 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package test.at.gv.egovernment.moa.util; - -import java.net.URLEncoder; - -import at.gv.egovernment.moa.util.FileUtils; -import at.gv.egovernment.moa.util.URLDecoder; - -import junit.framework.TestCase; - -/* - * @author Paul Ivancsics - * @version $Id$ - */ -public class URLDecoderTest extends TestCase { - - public void test() throws Exception { - String s = "immerZUA0129<>%==$$%&/()@?{()=} \\\""; - String senc = URLEncoder.encode(s); - String sdec = URLDecoder.decode(senc, "ISO-8859-1"); - assertEquals(s, sdec); - } - public void testUTF8() throws Exception { - String s = new String(FileUtils.readFile("data/test/xml/CreateXMLSignature/CreateXMLSignatureResponse.xml")); - String senc = URLEncoder.encode(s); - String sdec = URLDecoder.decode(senc, "UTF-8"); - String sutf8 = FileUtils.readFile("data/test/xml/CreateXMLSignature/CreateXMLSignatureResponse.xml", "UTF-8"); - assertEquals(sutf8, sdec); - } -} diff --git a/common/src/test/java/test/at/gv/egovernment/moa/util/URLEncoderTest.java b/common/src/test/java/test/at/gv/egovernment/moa/util/URLEncoderTest.java deleted file mode 100644 index 5f72c8aad..000000000 --- a/common/src/test/java/test/at/gv/egovernment/moa/util/URLEncoderTest.java +++ /dev/null @@ -1,67 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package test.at.gv.egovernment.moa.util; - -import at.gv.egovernment.moa.util.FileUtils; -import at.gv.egovernment.moa.util.URLDecoder; -import at.gv.egovernment.moa.util.URLEncoder; -import junit.framework.TestCase; - -/* - * @author Paul Ivancsics - * @version $Id$ - */ -public class URLEncoderTest extends TestCase { - - public void testUnchangedString() throws Exception { - String s = "AZaz0123456789.-*_"; - String senc = URLEncoder.encode(s, "UTF-8"); - assertEquals(s, senc); - } - public void testAumlUTF8() throws Exception { - String s = "ä"; - String senc = URLEncoder.encode(s, "UTF-8"); - assertEquals("%C3%A4", senc); - } - public void testEncodeDecode() throws Exception { - String s = "AZaz09.-*_ <>%=$%&/()@?{}[]\\\""; - String senc = URLEncoder.encode(s, "UTF-8"); - String sdec = URLDecoder.decode(senc, "UTF-8"); - assertEquals(s, sdec); - } - public void testCertInfo() throws Exception { - String s = new String(FileUtils.readFile("data/test/xml/VerifyXMLSignature/CertInfoVerifyXMLSignatureRequest.xml", "UTF-8")); - String senc = URLEncoder.encode(s, "UTF-8"); - String sdec = URLDecoder.decode(senc, "UTF-8"); - assertEquals(s, sdec); - } - /*public void testJDK14() throws Exception { - String s = new String(FileUtils.readFile("data/test/xml/VerifyXMLSignature/CertInfoVerifyXMLSignatureRequest.xml", "UTF-8")); - String senc = URLEncoder.encode(s, "UTF-8"); - String senc14 = java.net.URLEncoder.encode(s, "UTF-8"); - assertEquals(senc, senc14); - }*/ - -} diff --git a/common/src/test/java/test/at/gv/egovernment/moa/util/XMLGrammarBuilderTest.java b/common/src/test/java/test/at/gv/egovernment/moa/util/XMLGrammarBuilderTest.java deleted file mode 100644 index dfe7a5358..000000000 --- a/common/src/test/java/test/at/gv/egovernment/moa/util/XMLGrammarBuilderTest.java +++ /dev/null @@ -1,123 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package test.at.gv.egovernment.moa.util; -import java.io.FileInputStream; -import java.io.InputStream; - -import org.apache.xerces.parsers.DOMParser; -import org.apache.xerces.parsers.XMLGrammarPreparser; -import org.apache.xerces.util.SymbolTable; -import org.apache.xerces.util.XMLGrammarPoolImpl; -import org.apache.xerces.xni.grammars.Grammar; -import org.apache.xerces.xni.grammars.XMLGrammarDescription; -import org.apache.xerces.xni.parser.XMLInputSource; -import org.xml.sax.InputSource; - -import test.at.gv.egovernment.moa.MOATestCase; - -import at.gv.egovernment.moa.util.Constants; - - -/** - * Experimentation with Xerces grammar caching. - * - * Used the Xerces sample 'XMLGrammarBuilder' as a starting point. - * - * @author Patrick Peck - * @version $Id$ - */ -public class XMLGrammarBuilderTest extends MOATestCase { - - private static final String GRAMMAR_POOL = - org.apache.xerces.impl.Constants.XERCES_PROPERTY_PREFIX - + org.apache.xerces.impl.Constants.XMLGRAMMAR_POOL_PROPERTY; - - protected static final String NAMESPACES_FEATURE_ID = - "http://xml.org/sax/features/namespaces"; - protected static final String VALIDATION_FEATURE_ID = - "http://xml.org/sax/features/validation"; - protected static final String SCHEMA_VALIDATION_FEATURE_ID = - "http://apache.org/xml/features/validation/schema"; - protected static final String SCHEMA_FULL_CHECKING_FEATURE_ID = - "http://apache.org/xml/features/validation/schema-full-checking"; - - private static final int BIG_PRIME = 2039; - private SymbolTable symbolTable; - private XMLGrammarPoolImpl grammarPool; - - /** - * Constructor for XMLGrammarBuilderTest. - * @param name - */ - public XMLGrammarBuilderTest(String name) { - super(name); - } - - protected void setUp() throws Exception { - XMLGrammarPreparser preparser; - - // set up symbol table and grammar pool - symbolTable = new SymbolTable(BIG_PRIME); - grammarPool = new XMLGrammarPoolImpl(); - preparser = new XMLGrammarPreparser(symbolTable); - preparser.registerPreparser(XMLGrammarDescription.XML_SCHEMA, null); - preparser.setProperty(GRAMMAR_POOL, grammarPool); - preparser.setFeature(NAMESPACES_FEATURE_ID, true); - preparser.setFeature(VALIDATION_FEATURE_ID, true); - // now we can still do schema features just in case, - // so long as it's our configuraiton...... - preparser.setFeature(SCHEMA_VALIDATION_FEATURE_ID, true); - preparseSchemaResource( - preparser, - Constants.DSIG_SCHEMA_LOCATION, - "/resources/schemas/xmldsig-core-schema.xsd"); - } - - private static Grammar preparseSchemaResource( - XMLGrammarPreparser preparser, - String systemId, - String resource) - throws Exception { - - InputStream is = XMLGrammarBuilderTest.class.getResourceAsStream(resource); - return preparser.preparseGrammar( - XMLGrammarDescription.XML_SCHEMA, - new XMLInputSource(null, systemId, null, is, null)); - } - - public void testParseValidating() throws Exception { - DOMParser parser = new DOMParser(symbolTable, grammarPool); - - parser.setFeature(NAMESPACES_FEATURE_ID, true); - parser.setFeature(VALIDATION_FEATURE_ID, true); - parser.setFeature(SCHEMA_VALIDATION_FEATURE_ID, true); - - parser.parse( - new InputSource( - new FileInputStream(TESTDATA_ROOT + "xml/dsigTransform/base64.xml"))); - parser.getDocument(); - } - -} diff --git a/common/src/test/java/test/at/gv/egovernment/moa/util/XPathUtilsTest.java b/common/src/test/java/test/at/gv/egovernment/moa/util/XPathUtilsTest.java deleted file mode 100644 index 15e6a62f3..000000000 --- a/common/src/test/java/test/at/gv/egovernment/moa/util/XPathUtilsTest.java +++ /dev/null @@ -1,75 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package test.at.gv.egovernment.moa.util; -import org.w3c.dom.Document; -import org.w3c.dom.NodeList; - -import test.at.gv.egovernment.moa.MOATestCase; - -import at.gv.egovernment.moa.util.XPathUtils; - - -/** - * @author Patrick Peck - * @version $Id$ - */ -public class XPathUtilsTest extends MOATestCase { - - private Document doc1; - - /** - * Constructor for XPathUtilsTest. - * @param name - */ - public XPathUtilsTest(String name) { - super(name); - } - - /** - * @see TestCase#setUp() - */ - protected void setUp() throws Exception { - super.setUp(); - doc1 = - parseXml(TESTDATA_ROOT + "xml/VerifyXMLSignature/Req000.xml"); - } - - public void testSelectNodeList() throws Exception { - NodeList nodes; - - nodes = - XPathUtils.selectNodeList( - doc1.getDocumentElement(), - doc1.getDocumentElement(), - "/VerifyXMLSignatureRequest"); - assertEquals(1, nodes.getLength()); - nodes = - XPathUtils.selectNodeList( - doc1.getDocumentElement(), - "//dsig:Signature"); - assertEquals(1, nodes.getLength()); - } - -} diff --git a/id/ConfigWebTool/pom.xml b/id/ConfigWebTool/pom.xml index c672d32a6..28c0a9fe4 100644 --- a/id/ConfigWebTool/pom.xml +++ b/id/ConfigWebTool/pom.xml @@ -64,12 +64,6 @@ <dependency> <groupId>MOA.id.server</groupId> <artifactId>moa-id-commons</artifactId> - <exclusions> - <exclusion> - <artifactId>hibernate-c3p0</artifactId> - <groupId>org.hibernate</groupId> - </exclusion> - </exclusions> </dependency> <dependency> diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java index f549db9f3..3062a61e3 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java @@ -22,11 +22,10 @@ *******************************************************************************/ package at.gv.egovernment.moa.id.configuration; +import java.util.Collections; import java.util.Hashtable; import java.util.Map; -import java.util.Collections; - public class Constants { public static final String DEFAULT_VERSION = "1.x"; @@ -96,6 +95,7 @@ public class Constants { public static final String IDENIFICATIONTYPE_ERSB = "ERSB"; public static final String IDENIFICATIONTYPE_ZVR = "ZVR"; public static final String IDENIFICATIONTYPE_STORK = "STORK"; + public static final String IDENIFICATIONTYPE_EIDAS = "eIDAS"; public static final String IDENIFICATIONTYPE_BASEID = "urn:publicid:gv.at:baseid+"; public static final String IDENIFICATIONTYPE_BASEID_FN = IDENIFICATIONTYPE_BASEID + "X" + IDENIFICATIONTYPE_FN; @@ -103,6 +103,7 @@ public class Constants { public static final String PREFIX_WPBK = "urn:publicid:gv.at:wbpk+"; public static final String PREFIX_STORK = "urn:publicid:gv.at:storkid+"; + public static final String PREFIX_EIDAS = "urn:publicid:gv.at:eidasid+"; public static final Map<String, String> BUSINESSSERVICENAMES; @@ -113,6 +114,7 @@ public class Constants { tmp.put(IDENIFICATIONTYPE_ZVR, "Vereinsnummer"); tmp.put(IDENIFICATIONTYPE_ERSB, "ERsB Kennzahl"); tmp.put(IDENIFICATIONTYPE_STORK, "STORK"); + tmp.put(IDENIFICATIONTYPE_EIDAS, "eIDAS"); BUSINESSSERVICENAMES = Collections.unmodifiableMap(tmp); } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java index ab6c22858..c0cd971cf 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java @@ -22,8 +22,6 @@ *******************************************************************************/ package at.gv.egovernment.moa.id.configuration.config; -import iaik.x509.X509Certificate; - import java.io.File; import java.io.FileInputStream; import java.io.FileNotFoundException; @@ -65,6 +63,7 @@ import at.gv.egovernment.moa.id.configuration.config.usermanagement.FileBasedUse import at.gv.egovernment.moa.id.configuration.utils.UserRequestCleaner; import at.gv.egovernment.moa.util.FileUtils; import at.gv.egovernment.moa.util.MiscUtil; +import iaik.x509.X509Certificate; public class ConfigurationProvider { @@ -580,7 +579,8 @@ public class ConfigurationProvider { ConfigurationProvider.getInstance().getTrustStoreDirectory(), null, "pkix", - true); + true, + new String[]{"crl"}); httpClient.setCustomSSLTrustStore(metadataurl, protoSocketFactory); @@ -590,7 +590,7 @@ public class ConfigurationProvider { } } - idpMetadataProvider = new HTTPMetadataProvider(new Timer(), httpClient, metadataurl); + idpMetadataProvider = new HTTPMetadataProvider(new Timer(true), httpClient, metadataurl); idpMetadataProvider.setRequireValidMetadata(true); idpMetadataProvider.setParserPool(new BasicParserPool()); idpMetadataProvider.setMetadataFilter(new MetaDataVerificationFilter(idpCredential)); diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java index 86ac6f779..82eb5592a 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java @@ -69,7 +69,7 @@ public class GeneralMOAIDConfig { public static final String LINE_DELIMITER = ";"; private String alternativeSourceID = null; - private String certStoreDirectory = null; +// private String certStoreDirectory = null; private boolean trustmanagerrevocationcheck = true; private String timeoutAssertion = String.valueOf(DEFAULTTIMEOUTASSERTION); @@ -217,7 +217,7 @@ public class GeneralMOAIDConfig { GeneralConfiguration authgen = auth.getGeneralConfiguration(); if (authgen != null) { alternativeSourceID = authgen.getAlternativeSourceID(); - certStoreDirectory = authgen.getCertStoreDirectory(); + //certStoreDirectory = authgen.getCertStoreDirectory(); if (authgen.isTrustManagerRevocationChecking() != null) trustmanagerrevocationcheck = authgen.isTrustManagerRevocationChecking(); @@ -449,19 +449,19 @@ public class GeneralMOAIDConfig { this.szrgwURL = szrgwURL; } - /** - * @return the certStoreDirectory - */ - public String getCertStoreDirectory() { - return certStoreDirectory; - } - - /** - * @param certStoreDirectory the certStoreDirectory to set - */ - public void setCertStoreDirectory(String certStoreDirectory) { - this.certStoreDirectory = certStoreDirectory; - } +// /** +// * @return the certStoreDirectory +// */ +// public String getCertStoreDirectory() { +// return certStoreDirectory; +// } +// +// /** +// * @param certStoreDirectory the certStoreDirectory to set +// */ +// public void setCertStoreDirectory(String certStoreDirectory) { +// this.certStoreDirectory = certStoreDirectory; +// } /** * @return the timeoutAssertion diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java index e71bad299..b5c996c72 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java @@ -27,6 +27,7 @@ import java.util.List; import org.apache.log4j.Logger; +import at.gv.egovernment.moa.id.commons.MOAIDConstants; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.AuthComponentGeneral; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.CPEPS; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.ForeignIdentities; @@ -40,7 +41,7 @@ public class GeneralStorkConfig { private List<CPEPS> cpepslist; private List<StorkAttribute> attributes; - private int qaa; + private String qaa; private static final Logger log = Logger.getLogger(GeneralStorkConfig.class); private MOAIDConfiguration dbconfig = null; @@ -91,10 +92,10 @@ public class GeneralStorkConfig { } try { - qaa = stork.getQualityAuthenticationAssuranceLevel(); + qaa = stork.getGeneral_eIDAS_LOA(); } catch(NullPointerException e) { - qaa = 4; + qaa = MOAIDConstants.eIDAS_LOA_HIGH; } } @@ -114,6 +115,10 @@ public class GeneralStorkConfig { attributes.add(new StorkAttribute()); } + public List<String> getAllowedLoALevels() { + return MOAIDConstants.ALLOWED_eIDAS_LOA; + } + public List<CPEPS> getRawCPEPSList() { return cpepslist; } @@ -161,11 +166,11 @@ public class GeneralStorkConfig { this.attributes = attributes; } - public int getDefaultQaa() { + public String getDefaultQaa() { return qaa; } - public void setDefaultQaa(int qaa) { + public void setDefaultQaa(String qaa) { this.qaa = qaa; } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java index c0e1eaaf7..fb096a2a0 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java @@ -29,6 +29,7 @@ import javax.servlet.http.HttpServletRequest; import org.apache.log4j.Logger; +import at.gv.egovernment.moa.id.commons.MOAIDConstants; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.AttributeProviderPlugin; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.AuthComponentOA; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.CPEPS; @@ -49,7 +50,7 @@ public class OASTORKConfig implements IOnlineApplicationData{ private static final Logger log = Logger.getLogger(OASTORKConfig.class); private boolean isStorkLogonEnabled = false; - private int qaa; + private String qaa; private List<AttributeHelper> attributes = null; @@ -107,14 +108,14 @@ public class OASTORKConfig implements IOnlineApplicationData{ setStorkLogonEnabled(config.isStorkLogonEnabled()); try { - setQaa(config.getQaa()); + setQaa(config.geteIDAS_LOA()); } catch(NullPointerException e) { // if there is no configuration available for the OA, get the default qaa level try { - setQaa(dbconfig.getAuthComponentGeneral().getForeignIdentities().getSTORK().getQualityAuthenticationAssuranceLevel()); + setQaa(dbconfig.getAuthComponentGeneral().getForeignIdentities().getSTORK().getGeneral_eIDAS_LOA()); } catch (NullPointerException e1) { - setQaa(4); + setQaa(MOAIDConstants.eIDAS_LOA_HIGH); } } @@ -208,7 +209,7 @@ public class OASTORKConfig implements IOnlineApplicationData{ } // transfer the incoming data to the database model stork.setStorkLogonEnabled(isStorkLogonEnabled()); - stork.setQaa(getQaa()); + stork.seteIDAS_LOA(getQaa()); stork.setOAAttributes(getAttributes()); stork.setVidpEnabled(isVidpEnabled()); stork.setRequireConsent(isRequireConsent()); @@ -227,11 +228,11 @@ public class OASTORKConfig implements IOnlineApplicationData{ this.isStorkLogonEnabled = enabled; } - public int getQaa() { + public String getQaa() { return qaa; } - public void setQaa(int qaa) { + public void setQaa(String qaa) { this.qaa = qaa; } @@ -282,6 +283,11 @@ public class OASTORKConfig implements IOnlineApplicationData{ return citizenCountries; } + + public List<String> getAllowedLoALevels() { + return MOAIDConstants.ALLOWED_eIDAS_LOA; + } + public List<String> getEnabledCitizenCountries() { return enabledCitizenCountries; } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OATargetConfiguration.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OATargetConfiguration.java index 19671e502..f660b5feb 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OATargetConfiguration.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OATargetConfiguration.java @@ -65,7 +65,8 @@ public class OATargetConfiguration implements IOnlineApplicationData { Constants.IDENIFICATIONTYPE_FN, Constants.IDENIFICATIONTYPE_ZVR, Constants.IDENIFICATIONTYPE_ERSB, - Constants.IDENIFICATIONTYPE_STORK); + Constants.IDENIFICATIONTYPE_STORK, + Constants.IDENIFICATIONTYPE_EIDAS); } @@ -120,6 +121,12 @@ public class OATargetConfiguration implements IOnlineApplicationData { if (Constants.PREFIX_WPBK.startsWith(split[0]) && split.length >= 2) { identificationType = split[1]; identificationNumber = split[2]; + + } else if (Constants.PREFIX_EIDAS.startsWith(split[0]) && split.length >= 2) { + //identificationType = split[1]; // setting at as iden category ? + identificationType = Constants.IDENIFICATIONTYPE_EIDAS; + identificationNumber = split[1] + "+" + split[2]; // setting sp country as ident type -> sp ident + } else if (Constants.PREFIX_STORK.startsWith(split[0]) && split.length >= 2) { //identificationType = split[1]; // setting at as iden category ? identificationType = Constants.IDENIFICATIONTYPE_STORK; @@ -185,7 +192,11 @@ public class OATargetConfiguration implements IOnlineApplicationData { if (idnumber == null) idnumber = new IdentificationNumber(); - if (getIdentificationType().equals(Constants.IDENIFICATIONTYPE_STORK)) { + if (getIdentificationType().equals(Constants.IDENIFICATIONTYPE_EIDAS)) { + idnumber.setValue(Constants.PREFIX_EIDAS + num); + idnumber.setType(Constants.BUSINESSSERVICENAMES.get(getIdentificationType())); + + } else if (getIdentificationType().equals(Constants.IDENIFICATIONTYPE_STORK)) { idnumber.setValue(Constants.PREFIX_STORK + "AT" + "+" + num); idnumber.setType(Constants.BUSINESSSERVICENAMES.get(getIdentificationType())); } else { diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java index 27a3dcdf3..cf5911b3a 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java @@ -287,8 +287,8 @@ public class EditGeneralConfigAction extends BasicAction { // dbauthgeneral.setAlternativeSourceID(oldauthgeneral.getAlternativeSourceID()); // } - if (MiscUtil.isNotEmpty(moaconfig.getCertStoreDirectory())) - dbauthgeneral.setCertStoreDirectory(moaconfig.getCertStoreDirectory()); +// if (MiscUtil.isNotEmpty(moaconfig.getCertStoreDirectory())) +// dbauthgeneral.setCertStoreDirectory(moaconfig.getCertStoreDirectory()); TimeOuts dbtimeouts = dbauthgeneral.getTimeOuts(); if (dbtimeouts == null) { @@ -568,7 +568,7 @@ public class EditGeneralConfigAction extends BasicAction { try { log.error("QAAAA " + storkconfig.getDefaultQaa()); - stork.setQualityAuthenticationAssuranceLevel(storkconfig.getDefaultQaa()); + stork.setGeneral_eIDAS_LOA(storkconfig.getDefaultQaa()); if (storkconfig.getAttributes() != null) { List<StorkAttribute> dbStorkAttr = new ArrayList<StorkAttribute>(); diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java index cb546c5a8..70c43d9b4 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java @@ -113,17 +113,17 @@ public class MOAConfigValidator { } } - check = form.getCertStoreDirectory(); - if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.isValidOAIdentifier(check)) { - log.warn("CertStoreDirectory contains potentail XSS characters: " + check); - errors.add(LanguageHelper.getErrorString("validation.general.certStoreDirectory.valid", - new Object[] {ValidationHelper.getNotValidOAIdentifierCharacters()}, request )); - } - } else { - log.info("CertStoreDirectory is empty."); - errors.add(LanguageHelper.getErrorString("validation.general.certStoreDirectory.empty", request)); - } +// check = form.getCertStoreDirectory(); +// if (MiscUtil.isNotEmpty(check)) { +// if (ValidationHelper.isValidOAIdentifier(check)) { +// log.warn("CertStoreDirectory contains potentail XSS characters: " + check); +// errors.add(LanguageHelper.getErrorString("validation.general.certStoreDirectory.valid", +// new Object[] {ValidationHelper.getNotValidOAIdentifierCharacters()}, request )); +// } +// } else { +// log.info("CertStoreDirectory is empty."); +// errors.add(LanguageHelper.getErrorString("validation.general.certStoreDirectory.empty", request)); +// } check = form.getDefaultBKUHandy(); if (MiscUtil.isNotEmpty(check)) { diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java index 6b5c51e3f..ed2c2f903 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java @@ -7,6 +7,7 @@ import javax.servlet.http.HttpServletRequest; import org.apache.log4j.Logger; +import at.gv.egovernment.moa.id.commons.MOAIDConstants; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.CPEPS; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.StorkAttribute; import at.gv.egovernment.moa.id.commons.validation.ValidationHelper; @@ -82,9 +83,9 @@ public class StorkConfigValidator { } // check qaa - int qaa = form.getDefaultQaa(); - if(1 > qaa && 4 < qaa) { - log.warn("QAA is out of range : " + qaa); + String qaa = form.getDefaultQaa(); + if (!MOAIDConstants.ALLOWED_eIDAS_LOA.contains(qaa)) { + log.warn("eIDAS LoA is not allowed : " + qaa); errors.add(LanguageHelper.getErrorString("validation.stork.qaa.outofrange", new Object[] {qaa}, request )); } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java index cf02cd49c..970785bdb 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java @@ -134,7 +134,8 @@ public class OAPVP2ConfigValidation { ConfigurationProvider.getInstance().getTrustStoreDirectory(), null, "pkix", - true); + true, + new String[]{"crl"}); httpClient.setCustomSSLTrustStore( form.getMetaDataURL(), diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java index 5c451c06a..00ccdca8c 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java @@ -30,6 +30,7 @@ import javax.servlet.http.HttpServletRequest; import org.apache.log4j.Logger; +import at.gv.egovernment.moa.id.commons.MOAIDConstants; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.AttributeProviderPlugin; import at.gv.egovernment.moa.id.commons.validation.ValidationHelper; import at.gv.egovernment.moa.id.configuration.data.oa.OASTORKConfig; @@ -45,9 +46,9 @@ public class OASTORKConfigValidation { List<String> errors = new ArrayList<String>(); // check qaa - int qaa = oageneral.getQaa(); - if(1 > qaa && 4 < qaa) { - log.warn("QAA is out of range : " + qaa); + String qaa = oageneral.getQaa(); + if (MiscUtil.isNotEmpty(qaa) && !MOAIDConstants.ALLOWED_eIDAS_LOA.contains(qaa)) { + log.warn("eIDAS LoA is not allowed : " + qaa); errors.add(LanguageHelper.getErrorString("validation.stork.qaa.outofrange", new Object[] {qaa}, request )); } diff --git a/id/ConfigWebTool/src/main/resources/applicationResources_de.properties b/id/ConfigWebTool/src/main/resources/applicationResources_de.properties index b488acd63..fe1dac063 100644 --- a/id/ConfigWebTool/src/main/resources/applicationResources_de.properties +++ b/id/ConfigWebTool/src/main/resources/applicationResources_de.properties @@ -508,7 +508,7 @@ validation.stork.cpeps.empty=CPEPS Konfiguration ist unvollst\u00E4ndig validation.stork.cpeps.url=CPEPS URL ist ung\u00FCltig validation.stork.cpeps.duplicate=L\u00E4ndercodes sind nicht eindeutig validation.stork.requestedattributes=STORK Attribute sind fehlerhaft. Bsp.: attr1, attr2 -validation.stork.qaa.outofrange=G\u00FCltige QAA Werte sind 1, 2, 3, und 4 +validation.stork.qaa.outofrange=Ung\u00FCltiger LoA Werte {0} validation.stork.attributes.empty=Es muss mindestens ein Attribut definiert sein validation.stork.ap.url.valid=Ung\u00FCltige AttributProvider Url validation.stork.ap.name.empty=Ung\u00FCltiger AttributProvider Name diff --git a/id/ConfigWebTool/src/main/resources/applicationResources_en.properties b/id/ConfigWebTool/src/main/resources/applicationResources_en.properties index a3edd1b8c..126bba7c9 100644 --- a/id/ConfigWebTool/src/main/resources/applicationResources_en.properties +++ b/id/ConfigWebTool/src/main/resources/applicationResources_en.properties @@ -506,7 +506,7 @@ validation.stork.cpeps.empty=CPEPS configuration is incomplete validation.stork.cpeps.url=CPEPS URL is invalid validation.stork.cpeps.duplicate=Country codes are not unique validation.stork.requestedattributes=STORK attributes are incorrect. Example: attr1, attr2 -validation.stork.qaa.outofrange=Valid QAA values are 1, 2, 3, and 4 +validation.stork.qaa.outofrange=Not valid LoA value {0} validation.stork.attributes.empty=Only one attribute can be provided validation.stork.ap.url.valid=Invalid URL of AttributeProvider validation.stork.ap.name.empty=Invalid name of AttributeProvider diff --git a/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp b/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp index cf9fc19e1..6694a4273 100644 --- a/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp +++ b/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp @@ -123,12 +123,12 @@ <div class="oa_config_block"> <h3><%=LanguageHelper.getGUIString("webpages.moaconfig.certificates.header", request) %></h3> - <s:textfield name="moaconfig.certStoreDirectory" +<%-- <s:textfield name="moaconfig.certStoreDirectory" value="%{moaconfig.certStoreDirectory}" labelposition="left" key="webpages.moaconfig.certificates.certstore" cssClass="textfield_long"> - </s:textfield> + </s:textfield> --%> <s:checkbox name="moaconfig.trustmanagerrevocationcheck" value="%{moaconfig.trustmanagerrevocationcheck}" @@ -283,14 +283,15 @@ <div class="oa_config_block"> <h3><%=LanguageHelper.getGUIString("webpages.oaconfig.stork.header", request) %></h3> - <s:select list="#{1:'1', 2:'2', 3:'3', 4:'4'}" - value="#{storkconfig.defaultQaa}" + <s:select list="storkconfig.allowedLoALevels" + value="%{storkconfig.defaultQaa}" name="storkconfig.defaultQaa" key="webpages.moaconfig.stork.qaa.default" - labelposition="left" /> + labelposition="left" + cssClass="textfield_long" /> <h4><%=LanguageHelper.getGUIString("webpages.moaconfig.stork.pepslist", request) %></h4> <table id="stork_pepslist"> - <tr><td>Country Shortcode</td><td style="text-align:center;">PEPS URL</td><td>Supports XMLSignatures</td></tr> + <tr><td>Country Shortcode</td><td style="text-align:center;">PEPS URL</td><td>Supports XMLEncryption</td></tr> <s:iterator value="storkconfig.cpepslist" status="stat"> <tr> <td style="display:none;"><s:textfield name="storkconfig.cpepslist[%{#stat.index}].hjid" value="%{hjid}" cssStyle="display:none;"/></td> diff --git a/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/stork.jsp b/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/stork.jsp index 78fdf8921..76c8d069b 100644 --- a/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/stork.jsp +++ b/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/stork.jsp @@ -14,11 +14,15 @@ onclick="oaStork();" id="OAuseSTORKLogon" /> <div id="stork_block"> - <s:select list="#{1:'1', 2:'2', 3:'3', 4:'4'}" - value="#{storkOA.qaa}" + + <s:select list="storkOA.allowedLoALevels" + value="%{storkOA.qaa}" name="storkOA.qaa" key="webpages.moaconfig.stork.qaa" - labelposition="left" /> + labelposition="left" + cssClass="textfield_long"/> + + <h4><%=LanguageHelper.getGUIString("webpages.oaconfig.stork.enabledcpeps", request) %></h4> <s:checkboxlist name="storkOA.enabledCitizenCountries" list="storkOA.availableCitizenCountries" value="storkOA.enabledCitizenCountries" /> <h4><%=LanguageHelper.getGUIString("webpages.oaconfig.stork.attributes.header", request) %></h4> diff --git a/id/history.txt b/id/history.txt index 61d232636..d82556651 100644 --- a/id/history.txt +++ b/id/history.txt @@ -1,18 +1,44 @@ Dieses Dokument zeigt die Veränderungen und Erweiterungen von MOA-ID auf.
+Version MOA-ID Release 3.2.0: Änderungen seit Version MOA-ID 3.1.5
+- Änderungen
+ - Integration MOA-SPSS 3.x
+ - Verheinheitlichung der Datenbankanbindung)
+ - Redis Datenbank Backend für Kurzzeitsessiondaten
+ - Bug-Fix
+ - Update von Libraries
+ > moa-spss 3.0.1
+ > iaik_eccelerate
+ > iaik_jce
+ > iaik_ixect
+ > iaik_pki_module
+ > iaik_moa
+ > org.hibernate:hibernate-core 5.2.3.Final
+ > mysql:mysql-connector-java 6.0.4
+ > xmlsec 2.0.7
+ > org.springframework 4.3.3.RELEASE
+ > apache:cxf 3.1.7
+ > commons-dbcp2 2.1.1
+ > org.slf4j:jcl-over-slf4j 1.7.21
+ > org.slf4j:jul-to-slf4j 1.7.21
+ > org.slf4j:slf4j-api 1.7.21
+ > org.slf4j:slf4j-log4j12 1.7.21
+
+
+------------------------------------------------------------------------------
Version MOA-ID Release 3.1.5: Änderungen seit Version MOA-ID 3.1.4
- Änderungen
- Untersttzung mehrerer backend Services je Online Applikation
(MIS, SZR-Gateway, ELGA Vertretungservice Service)
-
+
------------------------------------------------------------------------------
Version MOA-ID Release 3.1.4: Änderungen seit Version MOA-ID 3.1.3
- Änderungen
- Fix problem with OnlineBKU and 'chunked' transfer encoding in DataURL communication
- Add additional redirect in mandate-service selection process subprocess
-
-
+
+
------------------------------------------------------------------------------
Version MOA-ID Release 3.1.3: Änderungen seit Version MOA-ID 3.1.2
- Änderungen
diff --git a/id/moa-id-webgui/pom.xml b/id/moa-id-webgui/pom.xml index 8d35abd20..31247efc1 100644 --- a/id/moa-id-webgui/pom.xml +++ b/id/moa-id-webgui/pom.xml @@ -58,10 +58,6 @@ <artifactId>hyperjaxb3-ejb-runtime</artifactId> <groupId>org.jvnet.hyperjaxb3</groupId> </exclusion> - <exclusion> - <artifactId>hibernate-c3p0</artifactId> - <groupId>org.hibernate</groupId> - </exclusion> </exclusions> </dependency> diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralMOAIDConfigurationTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralMOAIDConfigurationTask.java index 9b25f17e8..f66b4359f 100644 --- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralMOAIDConfigurationTask.java +++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralMOAIDConfigurationTask.java @@ -184,24 +184,25 @@ public class GeneralMOAIDConfigurationTask extends AbstractTaskValidator impleme new Object[] {ValidationHelper.getNotValidOAIdentifierCharacters()}) )); } } - - check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_CERTSTORE_URL, getKeyPrefix())); - if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.isValidOAIdentifier(check)) { - log.warn("CertStoreDirectory contains potentail XSS characters: " + check); - errors.add(new ValidationObjectIdentifier( - MOAIDConfigurationConstants.GENERAL_AUTH_CERTSTORE_URL, - "Certificate - CertStore Directory", - LanguageHelper.getErrorString("validation.general.certStoreDirectory.valid", - new Object[] {ValidationHelper.getNotValidOAIdentifierCharacters()}) )); - } - } else { - log.info("CertStoreDirectory is empty."); - errors.add(new ValidationObjectIdentifier( - MOAIDConfigurationConstants.GENERAL_AUTH_CERTSTORE_URL, - "Certificate - CertStore Directory", - LanguageHelper.getErrorString("validation.general.certStoreDirectory.empty"))); - } + + //INFO: CertStore directory is not required any more since version 3.2.0, because MOA-SPSS certstore is always used +// check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_CERTSTORE_URL, getKeyPrefix())); +// if (MiscUtil.isNotEmpty(check)) { +// if (ValidationHelper.isValidOAIdentifier(check)) { +// log.warn("CertStoreDirectory contains potentail XSS characters: " + check); +// errors.add(new ValidationObjectIdentifier( +// MOAIDConfigurationConstants.GENERAL_AUTH_CERTSTORE_URL, +// "Certificate - CertStore Directory", +// LanguageHelper.getErrorString("validation.general.certStoreDirectory.valid", +// new Object[] {ValidationHelper.getNotValidOAIdentifierCharacters()}) )); +// } +// } else { +// log.info("CertStoreDirectory is empty."); +// errors.add(new ValidationObjectIdentifier( +// MOAIDConfigurationConstants.GENERAL_AUTH_CERTSTORE_URL, +// "Certificate - CertStore Directory", +// LanguageHelper.getErrorString("validation.general.certStoreDirectory.empty"))); +// } check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_DEFAULTS_BKU_HANDY, getKeyPrefix())); if (MiscUtil.isNotEmpty(check)) { diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralSTORKConfigurationTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralSTORKConfigurationTask.java index 8a1a2925b..6d1dafd6c 100644 --- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralSTORKConfigurationTask.java +++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralSTORKConfigurationTask.java @@ -37,6 +37,7 @@ import org.slf4j.LoggerFactory; import at.gv.egiz.components.configuration.api.Configuration; import at.gv.egiz.components.configuration.api.ConfigurationException; +import at.gv.egovernment.moa.id.commons.MOAIDConstants; import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils; import at.gv.egovernment.moa.id.commons.validation.ValidationHelper; @@ -185,20 +186,20 @@ public static final List<String> KEYWHITELIST; // check qaa try { - int qaa = Integer.valueOf(input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_QAA, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL))); - if(1 > qaa && 4 < qaa) { - log.warn("QAA is out of range : " + qaa); + String eIDAS_LOA = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_QAA, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL)); + if (!MOAIDConstants.ALLOWED_eIDAS_LOA.contains(eIDAS_LOA)) { + log.warn("eIDAS LoA is not allowed : " + eIDAS_LOA); errors.add(new ValidationObjectIdentifier( MOAIDConfigurationConstants.GENERAL_AUTH_STORK_QAA, - "STORK - QAA Level", + "eIDAS - LoA Level", LanguageHelper.getErrorString("validation.stork.qaa.outofrange", - new Object[] {qaa}))); + new Object[] {eIDAS_LOA}))); } } catch (Exception e) { - log.warn("STORK QAA can not parsed : " + input.get(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_QAA)); + log.warn("eIDAS LoA can not parsed : " + input.get(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_QAA)); errors.add(new ValidationObjectIdentifier( MOAIDConfigurationConstants.GENERAL_AUTH_STORK_QAA, - "STORK - QAA Level", + "eIDAS - LoA Level", LanguageHelper.getErrorString("validation.stork.qaa.outofrange", new Object[] {input.get(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_QAA)}))); diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesAuthenticationSTORKTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesAuthenticationSTORKTask.java index 087334c4b..7f5e93ff9 100644 --- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesAuthenticationSTORKTask.java +++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesAuthenticationSTORKTask.java @@ -37,6 +37,7 @@ import org.slf4j.LoggerFactory; import at.gv.egiz.components.configuration.api.Configuration; import at.gv.egiz.components.configuration.api.ConfigurationException; +import at.gv.egovernment.moa.id.commons.MOAIDConstants; import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils; import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationTaskValidationException; @@ -253,26 +254,15 @@ public class ServicesAuthenticationSTORKTask extends AbstractTaskValidator imple // check qaa String qaaString = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_MINQAALEVEL); - if (MiscUtil.isNotEmpty(qaaString)) { - try { - int qaa = Integer.parseInt(qaaString); - if(1 > qaa && 4 < qaa) { - log.warn("QAA is out of range : " + qaa); - errors.add(new ValidationObjectIdentifier( - MOAIDConfigurationConstants.SERVICE_AUTH_STORK_MINQAALEVEL, - "STORK - minimal QAA level", - LanguageHelper.getErrorString("validation.stork.qaa.outofrange", - new Object[] {qaa}))); - } - - } catch (NumberFormatException e) { - log.warn("QAA level is not a number: " + qaaString); + if (MiscUtil.isNotEmpty(qaaString)) { + if (!MOAIDConstants.ALLOWED_eIDAS_LOA.contains(qaaString)) { + log.warn("eIDAS-LoA is not allowed: " + qaaString); errors.add(new ValidationObjectIdentifier( MOAIDConfigurationConstants.SERVICE_AUTH_STORK_MINQAALEVEL, - "STORK - minimal QAA level", + "eIDAS - LoA is not allowed", LanguageHelper.getErrorString("validation.stork.qaa.outofrange", new Object[] {qaaString}))); - } + } } if (!errors.isEmpty()) diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesProtocolPVP2XTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesProtocolPVP2XTask.java index 3c358b85f..dac5ae1ee 100644 --- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesProtocolPVP2XTask.java +++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesProtocolPVP2XTask.java @@ -185,7 +185,7 @@ public class ServicesProtocolPVP2XTask extends AbstractTaskValidator implements BasicX509Credential credential = new BasicX509Credential(); credential.setEntityCertificate(cert); - timer = new Timer(); + timer = new Timer(true); httpClient = new MOAHttpClient(); if (metadataURL.startsWith("https:")) @@ -196,7 +196,8 @@ public class ServicesProtocolPVP2XTask extends AbstractTaskValidator implements MOAIDWebGUIConfiguration.getInstance().getTrustStoreDirectory(), null, "pkix", - true); + true, + new String[]{"crl"}); httpClient.setCustomSSLTrustStore( metadataURL, diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesProtocolSTORKTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesProtocolSTORKTask.java index c7a74d1a1..eb881d465 100644 --- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesProtocolSTORKTask.java +++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesProtocolSTORKTask.java @@ -190,7 +190,8 @@ public class ServicesProtocolSTORKTask extends AbstractTaskValidator implements // if (MiscUtil.isEmpty(identificationType) || // !MOAIDConfigurationConstants.IDENIFICATIONTYPE_STORK.equals(identificationType)) { if (MiscUtil.isNotEmpty(identificationType) && - !MOAIDConfigurationConstants.IDENIFICATIONTYPE_STORK.equals(identificationType)) { + !(MOAIDConfigurationConstants.IDENIFICATIONTYPE_STORK.equals(identificationType) + || MOAIDConfigurationConstants.IDENIFICATIONTYPE_EIDAS.equals(identificationType))) { log.info("STORK V-IDP only allowes identification numbers with STORK prefix."); errors.add(new ValidationObjectIdentifier( MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_TYPE, diff --git a/id/moa-spss-container/pom.xml b/id/moa-spss-container/pom.xml index 49557d83e..61e72989f 100644 --- a/id/moa-spss-container/pom.xml +++ b/id/moa-spss-container/pom.xml @@ -8,7 +8,6 @@ <groupId>MOA.id</groupId> <artifactId>moa-spss-container</artifactId> <version>${moa-id-version}</version> - <packaging>pom</packaging> <name>MOA-SPSS-Container-for-MOA-ID</name> <description>This module holds MOA-SPSS and all required library</description> @@ -16,157 +15,150 @@ <repositoryPath>${basedir}/../../repository</repositoryPath> </properties> - <profiles> - <profile> - <id>default</id> - <activation> - <activeByDefault>true</activeByDefault> - </activation> - <repositories> - <repository> - <id>local</id> - <name>local</name> - <url>file:${basedir}/../../repository</url> - </repository> - <repository> - <id>egiz-commons</id> - <url>https://demo.egiz.gv.at/int-repo/</url> - <releases> - <enabled>true</enabled> - </releases> - </repository> - </repositories> - </profile> - </profiles> + <repositories> + <repository> + <id>MOA</id> + <name>MOA Dependencies</name> + <releases> + <enabled>true</enabled> + <checksumPolicy>ignore</checksumPolicy> + </releases> + <layout>default</layout> + <url>file://${repositoryPath}</url> + </repository> + </repositories> + + <build> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-compiler-plugin</artifactId> + <configuration> + <includes> + <include>${basedir}/../../repository/MOA/spss/ext_libs/*.jar</include> + </includes> + </configuration> + </plugin> + </plugins> + + </build> <dependencies> - <!-- we need Axis 1.1 here, 1.0 is included in SPSS --> <dependency> <groupId>MOA.spss.server</groupId> - <artifactId>moa-spss-lib</artifactId> + <artifactId>moa-sig-lib</artifactId> + <version>3.0.1</version> <exclusions> - <exclusion> - <artifactId>iaik_pki_module</artifactId> - <groupId>iaik</groupId> - </exclusion> - <exclusion> + <exclusion> <groupId>commons-logging</groupId> <artifactId>commons-logging</artifactId> </exclusion> <exclusion> - <artifactId>axis-wsdl4j</artifactId> + <artifactId>*</artifactId> <groupId>axis</groupId> </exclusion> </exclusions> </dependency> - + + +<!-- MOA-SPSS 3.x --> <dependency> - <groupId>iaik.prod</groupId> - <artifactId>iaik_ixsil</artifactId> - </dependency> + <groupId>MOA.spss</groupId> + <artifactId>common</artifactId> + <version>3.0.0</version> + </dependency> <dependency> <groupId>iaik.prod</groupId> - <artifactId>iaik_X509TrustManager</artifactId> - </dependency> - -<!-- <dependency> - <groupId>axis</groupId> - <artifactId>axis</artifactId> - </dependency> --> - -<!-- <dependency> - <groupId>axis</groupId> - <artifactId>axis</artifactId> - </dependency> - <dependency> - <groupId>org.apache.axis</groupId> - <artifactId>axis-jaxrpc</artifactId> - </dependency> - <dependency> - <groupId>org.apache.axis</groupId> - <artifactId>axis-saaj</artifactId> - </dependency> --> + <artifactId>iaik_cms</artifactId> + <version>5.1</version> + </dependency> <dependency> - <groupId>commons-discovery</groupId> - <artifactId>commons-discovery</artifactId> - </dependency> + <groupId>iaik.prod</groupId> + <artifactId>iaik_cpades</artifactId> + <version>2.2b3_tmp</version> + </dependency> <dependency> - <groupId>commons-logging</groupId> - <artifactId>commons-logging</artifactId> - </dependency> + <groupId>iaik.prod</groupId> + <artifactId>iaik_eccelerate</artifactId> + <version>3.1_eval</version> + </dependency> <dependency> - <groupId>javax.activation</groupId> - <artifactId>activation</artifactId> - </dependency> + <groupId>iaik.prod</groupId> + <artifactId>iaik_eccelerate_addon</artifactId> + <version>3.01_eval</version> + </dependency> <dependency> - <groupId>javax.mail</groupId> - <artifactId>mail</artifactId> + <groupId>iaik.prod</groupId> + <artifactId>iaik_eccelerate_cms</artifactId> + <version>3.01</version> </dependency> <dependency> - <groupId>junit</groupId> - <artifactId>junit</artifactId> - </dependency> - -<!-- <dependency> - <groupId>log4j</groupId> - <artifactId>log4j</artifactId> - </dependency> --> -<!-- <dependency> - <groupId>org.apache.logging.log4j</groupId> - <artifactId>log4j-core</artifactId> - </dependency> --> - + <groupId>iaik.prod</groupId> + <artifactId>iaik_jce_full</artifactId> + <scope>provided</scope> + </dependency> <dependency> - <groupId>org.postgresql</groupId> - <artifactId>postgresql</artifactId> + <groupId>iaik.prod</groupId> + <artifactId>iaik_jsse</artifactId> + <version>4.4</version> </dependency> <dependency> - <groupId>javax.servlet</groupId> - <artifactId>javax.servlet-api</artifactId> - <scope>provided</scope> - </dependency> + <groupId>iaik.prod</groupId> + <artifactId>iaik_moa</artifactId> + <version>2.01</version> + </dependency> <dependency> - <groupId>xalan-bin-dist</groupId> - <artifactId>xalan</artifactId> - <!-- <scope>provided</scope> --> + <groupId>iaik.prod</groupId> + <artifactId>iaik_pki_module</artifactId> + <version>1.1.1_moa</version> </dependency> <dependency> - <groupId>xerces</groupId> - <artifactId>xercesImpl</artifactId> - <!-- <scope>provided</scope> --> + <groupId>iaik.prod</groupId> + <artifactId>iaik_sva</artifactId> + <version>1.0.1_moa</version> </dependency> <dependency> - <groupId>xalan-bin-dist</groupId> - <artifactId>xml-apis</artifactId> + <groupId>iaik.prod</groupId> + <artifactId>iaik_tsl</artifactId> + <version>1.1_moa</version> </dependency> <dependency> - <groupId>xalan-bin-dist</groupId> - <artifactId>serializer</artifactId> - <!-- <scope>provided</scope> --> + <groupId>iaik.prod</groupId> + <artifactId>iaik_tsp</artifactId> + <version>2.31_eval</version> </dependency> <dependency> <groupId>iaik.prod</groupId> - <artifactId>iaik_moa</artifactId> - </dependency> + <artifactId>iaik_util</artifactId> + <version>0.23</version> + </dependency> <dependency> <groupId>iaik.prod</groupId> - <artifactId>iaik_ixsil</artifactId> + <artifactId>iaik_xades</artifactId> + <version>2.11_moa</version> </dependency> <dependency> <groupId>iaik.prod</groupId> - <artifactId>iaik_jce_full</artifactId> - <scope>compile</scope> + <artifactId>iaik_xsect</artifactId> + <version>2.11_moa</version> + </dependency> + + + + + <dependency> + <groupId>javax.mail</groupId> + <artifactId>mail</artifactId> </dependency> <dependency> - <groupId>iaik.prod</groupId> - <artifactId>iaik_ecc</artifactId> - <scope>compile</scope> + <groupId>junit</groupId> + <artifactId>junit</artifactId> </dependency> <dependency> - <groupId>iaik.prod</groupId> - <artifactId>iaik_cms</artifactId> - <scope>runtime</scope> + <groupId>org.postgresql</groupId> + <artifactId>postgresql</artifactId> </dependency> + <dependency> <groupId>iaik.prod</groupId> <artifactId>iaik_Pkcs11Provider</artifactId> @@ -228,38 +220,7 @@ <!-- should be provided by the container or jre --> <scope>provided</scope> </dependency> - <dependency> - <groupId>iaik.prod</groupId> - <artifactId>iaik_jce_full</artifactId> - <!-- should be in the ext directory of the jre --> - <scope>provided</scope> - </dependency> - <dependency> - <groupId>iaik.prod</groupId> - <artifactId>iaik_ecc</artifactId> - <!-- should be in the ext directory of the jre --> - <scope>provided</scope> - </dependency> - - <dependency> - <groupId>iaik</groupId> - <artifactId>iaik_tsl</artifactId> - <exclusions> - <exclusion> - <artifactId>iaik_pki_module</artifactId> - <groupId>iaik</groupId> - </exclusion> - <exclusion> - <artifactId>iaik_ecc_signed</artifactId> - <groupId>iaik</groupId> - </exclusion> - <exclusion> - <artifactId>iaik_jce_eval_signed</artifactId> - <groupId>iaik</groupId> - </exclusion> - </exclusions> - </dependency> - + </dependencies> </project>
\ No newline at end of file diff --git a/id/oa/pom.xml b/id/oa/pom.xml index c2eb6238c..07b84ed1b 100644 --- a/id/oa/pom.xml +++ b/id/oa/pom.xml @@ -115,16 +115,28 @@ <groupId>org.slf4j</groupId> <artifactId>slf4j-log4j12</artifactId> </dependency> - - <dependency> - <groupId>iaik</groupId> - <artifactId>commons-iaik</artifactId> - <version>0.7.1</version> - </dependency> - + <dependency> <groupId>MOA.id.server</groupId> - <artifactId>moa-id-commons</artifactId> + <artifactId>moa-id-commons</artifactId> + <exclusions> + <exclusion> + <groupId>org.springframework</groupId> + <artifactId>*</artifactId> + </exclusion> + <exclusion> + <groupId>mysql</groupId> + <artifactId>*</artifactId> + </exclusion> + <exclusion> + <groupId>org.hibernate</groupId> + <artifactId>*</artifactId> + </exclusion> + <exclusion> + <groupId>com.h2database</groupId> + <artifactId>*</artifactId> + </exclusion> + </exclusions> </dependency> </dependencies> diff --git a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/Configuration.java b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/Configuration.java index 85f16e11f..95347c265 100644 --- a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/Configuration.java +++ b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/Configuration.java @@ -23,17 +23,12 @@ package at.gv.egovernment.moa.id.demoOA; -import iaik.x509.X509Certificate; - import java.io.File; import java.io.FileInputStream; import java.io.FileNotFoundException; import java.io.IOException; import java.io.InputStream; import java.security.KeyStore; -import java.security.KeyStoreException; -import java.security.NoSuchAlgorithmException; -import java.security.cert.CertificateException; import java.util.Properties; import java.util.Timer; @@ -48,7 +43,8 @@ import org.opensaml.xml.security.x509.BasicX509Credential; import at.gv.egovernment.moa.id.demoOA.exception.ConfigurationException; import at.gv.egovernment.moa.id.demoOA.utils.MetaDataVerificationFilter; -import at.iaik.commons.util.MiscUtil; +import at.gv.egovernment.moa.util.MiscUtil; +import iaik.x509.X509Certificate; public class Configuration { @@ -255,7 +251,9 @@ public class Configuration { } //load IDP metadata into metadataprovider - idpMetadataProvider = new HTTPMetadataProvider(new Timer(), new HttpClient(), metadataurl); + idpMetadataProvider = new HTTPMetadataProvider( + new Timer("demoOA", true), + new HttpClient(), metadataurl); idpMetadataProvider.setRequireValidMetadata(true); idpMetadataProvider.setParserPool(new BasicParserPool()); idpMetadataProvider.setMetadataFilter(new MetaDataVerificationFilter(idpCredential)); diff --git a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/Authenticate.java b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/Authenticate.java index 0b8251386..2641797ed 100644 --- a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/Authenticate.java +++ b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/Authenticate.java @@ -30,19 +30,15 @@ import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import javax.servlet.http.HttpSession; import javax.xml.parsers.DocumentBuilder; import javax.xml.parsers.DocumentBuilderFactory; import javax.xml.parsers.ParserConfigurationException; -import org.apache.velocity.app.VelocityEngine; -import org.apache.velocity.runtime.RuntimeConstants; import org.joda.time.DateTime; import org.opensaml.common.SAMLObject; import org.opensaml.common.binding.BasicSAMLMessageContext; import org.opensaml.common.impl.SecureRandomIdentifierGenerator; import org.opensaml.common.xml.SAMLConstants; -import org.opensaml.saml2.binding.encoding.HTTPPostEncoder; import org.opensaml.saml2.binding.encoding.HTTPRedirectDeflateEncoder; import org.opensaml.saml2.core.AuthnContextClassRef; import org.opensaml.saml2.core.AuthnContextComparisonTypeEnumeration; @@ -52,7 +48,6 @@ import org.opensaml.saml2.core.NameID; import org.opensaml.saml2.core.NameIDPolicy; import org.opensaml.saml2.core.NameIDType; import org.opensaml.saml2.core.RequestedAuthnContext; -import org.opensaml.saml2.core.Subject; import org.opensaml.saml2.metadata.EntityDescriptor; import org.opensaml.saml2.metadata.SingleSignOnService; import org.opensaml.saml2.metadata.impl.SingleSignOnServiceBuilder; @@ -64,11 +59,12 @@ import org.opensaml.xml.signature.Signature; import org.opensaml.xml.signature.SignatureConstants; import org.slf4j.Logger; import org.slf4j.LoggerFactory; + import at.gv.egovernment.moa.id.demoOA.Configuration; -import at.gv.egovernment.moa.id.demoOA.Constants; import at.gv.egovernment.moa.id.demoOA.exception.ConfigurationException; import at.gv.egovernment.moa.id.demoOA.utils.SAML2Utils; -import at.iaik.commons.util.MiscUtil; +import at.gv.egovernment.moa.util.MiscUtil; + /** diff --git a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/BuildMetadata.java b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/BuildMetadata.java index 67321ca7e..75b54cfc4 100644 --- a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/BuildMetadata.java +++ b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/BuildMetadata.java @@ -74,7 +74,8 @@ import at.gv.egovernment.moa.id.demoOA.Constants; import at.gv.egovernment.moa.id.demoOA.exception.ConfigurationException; import at.gv.egovernment.moa.id.demoOA.utils.AttributeListBuilder; import at.gv.egovernment.moa.id.demoOA.utils.SAML2Utils; -import at.iaik.commons.util.MiscUtil; +import at.gv.egovernment.moa.util.MiscUtil; + public class BuildMetadata extends HttpServlet { Logger log = Logger.getLogger(BuildMetadata.class); diff --git a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/Index.java b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/Index.java index 666ecaeee..28003528b 100644 --- a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/Index.java +++ b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/Index.java @@ -33,16 +33,12 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; -import org.apache.velocity.app.VelocityEngine; -import org.apache.velocity.runtime.RuntimeConstants; import org.joda.time.DateTime; import org.opensaml.common.SAMLObject; import org.opensaml.common.binding.BasicSAMLMessageContext; import org.opensaml.common.impl.SecureRandomIdentifierGenerator; import org.opensaml.common.xml.SAMLConstants; -import org.opensaml.saml2.binding.decoding.HTTPPostDecoder; import org.opensaml.saml2.binding.decoding.HTTPRedirectDeflateDecoder; -import org.opensaml.saml2.binding.encoding.HTTPPostEncoder; import org.opensaml.saml2.binding.encoding.HTTPRedirectDeflateEncoder; import org.opensaml.saml2.binding.security.SAML2AuthnRequestsSignedRule; import org.opensaml.saml2.binding.security.SAML2HTTPRedirectDeflateSignatureRule; @@ -51,10 +47,8 @@ import org.opensaml.saml2.core.LogoutRequest; import org.opensaml.saml2.core.LogoutResponse; import org.opensaml.saml2.core.NameID; import org.opensaml.saml2.core.NameIDType; -import org.opensaml.saml2.core.Response; import org.opensaml.saml2.core.Status; import org.opensaml.saml2.core.StatusCode; -import org.opensaml.saml2.core.StatusResponseType; import org.opensaml.saml2.metadata.EntityDescriptor; import org.opensaml.saml2.metadata.IDPSSODescriptor; import org.opensaml.saml2.metadata.SingleLogoutService; @@ -64,7 +58,6 @@ import org.opensaml.saml2.metadata.provider.HTTPMetadataProvider; import org.opensaml.security.MetadataCredentialResolver; import org.opensaml.security.MetadataCredentialResolverFactory; import org.opensaml.security.MetadataCriteria; -import org.opensaml.security.SAMLSignatureProfileValidator; import org.opensaml.ws.security.SecurityPolicyResolver; import org.opensaml.ws.security.provider.BasicSecurityPolicy; import org.opensaml.ws.security.provider.StaticSecurityPolicyResolver; @@ -95,7 +88,8 @@ import at.gv.egovernment.moa.id.demoOA.exception.ConfigurationException; import at.gv.egovernment.moa.id.demoOA.utils.ApplicationBean; import at.gv.egovernment.moa.id.demoOA.utils.SAML2Utils; import at.gv.egovernment.moa.util.DOMUtils; -import at.iaik.commons.util.MiscUtil; +import at.gv.egovernment.moa.util.MiscUtil; + public class Index extends HttpServlet { diff --git a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/SingleLogOut.java b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/SingleLogOut.java index b87865989..9bd0ff2e3 100644 --- a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/SingleLogOut.java +++ b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/SingleLogOut.java @@ -24,36 +24,25 @@ package at.gv.egovernment.moa.id.demoOA.servlet.pvp2; import java.io.IOException; import java.security.KeyStore; -import java.util.Map; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import javax.servlet.http.HttpSession; import javax.xml.parsers.DocumentBuilder; import javax.xml.parsers.DocumentBuilderFactory; import javax.xml.parsers.ParserConfigurationException; -import org.apache.velocity.app.VelocityEngine; -import org.apache.velocity.runtime.RuntimeConstants; import org.joda.time.DateTime; import org.opensaml.common.SAMLObject; import org.opensaml.common.binding.BasicSAMLMessageContext; import org.opensaml.common.impl.SecureRandomIdentifierGenerator; import org.opensaml.common.xml.SAMLConstants; -import org.opensaml.saml2.binding.encoding.HTTPPostEncoder; import org.opensaml.saml2.binding.encoding.HTTPRedirectDeflateEncoder; -import org.opensaml.saml2.core.AuthnContextClassRef; -import org.opensaml.saml2.core.AuthnContextComparisonTypeEnumeration; -import org.opensaml.saml2.core.AuthnRequest; import org.opensaml.saml2.core.Issuer; import org.opensaml.saml2.core.LogoutRequest; import org.opensaml.saml2.core.NameID; -import org.opensaml.saml2.core.NameIDPolicy; import org.opensaml.saml2.core.NameIDType; -import org.opensaml.saml2.core.RequestedAuthnContext; -import org.opensaml.saml2.core.Subject; import org.opensaml.saml2.metadata.EntityDescriptor; import org.opensaml.saml2.metadata.SingleLogoutService; import org.opensaml.saml2.metadata.SingleSignOnService; @@ -66,11 +55,12 @@ import org.opensaml.xml.signature.Signature; import org.opensaml.xml.signature.SignatureConstants; import org.slf4j.Logger; import org.slf4j.LoggerFactory; + import at.gv.egovernment.moa.id.demoOA.Configuration; import at.gv.egovernment.moa.id.demoOA.Constants; import at.gv.egovernment.moa.id.demoOA.exception.ConfigurationException; import at.gv.egovernment.moa.id.demoOA.utils.SAML2Utils; -import at.iaik.commons.util.MiscUtil; +import at.gv.egovernment.moa.util.MiscUtil; /** diff --git a/id/oa/src/main/webapp/WEB-INF/web.xml b/id/oa/src/main/webapp/WEB-INF/web.xml index a42985c95..89553915a 100644 --- a/id/oa/src/main/webapp/WEB-INF/web.xml +++ b/id/oa/src/main/webapp/WEB-INF/web.xml @@ -5,8 +5,8 @@ <description>MOA PVP2.1 Sample OA</description> <servlet> + <display-name>PVP 2.1 Authentication request builder</display-name> <servlet-name>pvp2login</servlet-name> - <display-name>PVP 2.1 Authentication request builder</display-name> <servlet-class>at.gv.egovernment.moa.id.demoOA.servlet.pvp2.Authenticate</servlet-class> </servlet> @@ -16,8 +16,8 @@ </servlet-mapping> <servlet> - <servlet-name>pvp2slo</servlet-name> <display-name>PVP 2.1 Single Log-Out request builder</display-name> + <servlet-name>pvp2slo</servlet-name> <servlet-class>at.gv.egovernment.moa.id.demoOA.servlet.pvp2.SingleLogOut</servlet-class> </servlet> @@ -27,8 +27,8 @@ </servlet-mapping> <servlet> + <display-name>Metadata</display-name> <servlet-name>pvp2metadata</servlet-name> - <display-name>Metadata</display-name> <servlet-class>at.gv.egovernment.moa.id.demoOA.servlet.pvp2.BuildMetadata</servlet-class> </servlet> @@ -38,8 +38,8 @@ </servlet-mapping> <servlet> + <display-name>Secure area</display-name> <servlet-name>pvp2demooa</servlet-name> - <display-name>Secure area</display-name> <servlet-class>at.gv.egovernment.moa.id.demoOA.servlet.pvp2.DemoApplication</servlet-class> </servlet> @@ -49,8 +49,8 @@ </servlet-mapping> <servlet> + <display-name>Mainpage</display-name> <servlet-name>index</servlet-name> - <display-name>Mainpage</display-name> <servlet-class>at.gv.egovernment.moa.id.demoOA.servlet.pvp2.Index</servlet-class> </servlet> diff --git a/id/readme_3.2.0.txt b/id/readme_3.2.0.txt new file mode 100644 index 000000000..45d60766f --- /dev/null +++ b/id/readme_3.2.0.txt @@ -0,0 +1,679 @@ +=============================================================================== +MOA ID Version Release 3.2.0 - Wichtige Informationen zur Installation +=============================================================================== + +------------------------------------------------------------------------------- +A. Neuerungen/Änderungen +------------------------------------------------------------------------------- + +Mit MOA ID Version 3.2.0 wurden folgende Neuerungen und Änderungen eingeführt, +die jetzt erstmals in der Veröffentlichung enthalten sind (siehe auch +history.txt im gleichen Verzeichnis). + +- Änderungen + - Integration MOA-SPSS 3.x + - Verheinheitlichung der Datenbankanbindung + - Unterstützung mehrerer Backend-Service URLs und Auswahl je Online Applikation + (MIS, SZR-Gateway, ELGA Vertretungservice Service) + - Redis Datenbank Backend für Kurzzeitsessiondaten + +------------------------------------------------------------------------------- +B. Durchführung eines Updates +------------------------------------------------------------------------------- + +Es wird generell eine Neuinstallation lt. Handbuch empfohlen! Dennoch ist auch +eine Aktualisierung bestehender Installationen möglich. Je nachdem von welcher +MOA-ID Version ausgegangen wird ergibt sich eine Kombination der nachfolgend +angebebenen Updateschritte. + +Hinweis: Wenn Sie die bestehende Konfiguration von MOA-ID 2.x.x in MOA-ID 3.2.x +reimportieren möchten, so muss diese vor dem Update mit Hilfe der import/export +Funktion der grafischen Konfigurationsoberfläche in eine Datei exportiert werden. +Diese Datei dient dann als Basis für den Import in MOA-ID 3.2.x. + +............................................................................... +B.1 Durchführung eines Updates von Version 3.1.x auf Version 3.2.0 +............................................................................... +1. Stoppen Sie den Tomcat, in dem Ihre bisherige Installation betrieben wird. + Fertigen Sie eine Sicherungskopie Ihrer kompletten Tomcat-Installation an. + +2. Entpacken Sie die Distribution von MOA-ID-Auth (moa-id-auth-3.2.0.zip) in + ein temporäres Verzeichnis, in weiterer Folge als MOA_ID_AUTH_INST + bezeichnet. + +3. Wechseln Sie in jenes Verzeichnis, das die Webapplikation von MOA ID Auth + beinhaltet (für gewöhnlich ist dieses Verzeichnis CATALINA_HOME_ID/webapps, + wobei CATALINA_HOME_ID für das Basisverzeichnis der Tomcat-Installation + für MOA ID steht). Löschen Sie darin sowohl die Dateien moa-id-auth.war + als auch das komplette Verzeichnis moa-id-auth. + +4. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-auth.war nach + CATALINA_HOME_ID/webapps. + +5. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-configuration.war nach + CATALINA_HOME_ID/webapps. + +7. Hinzufügen der zusätzlichen Konfigurationsparameter in der MOA-ID-Auth + Konfigurationsdatei CATALINA_HOME\conf\moa-id\moa-id.properties + a.) moasession.jpaVendorAdapter.generateDdl=true + moasession.dbcp.connectionProperties= + moasession.dbcp.initialSize=5 + moasession.dbcp.maxActive=100 + moasession.dbcp.maxIdle=8 + moasession.dbcp.minIdle=5 + moasession.dbcp.maxWaitMillis=-1 + moasession.dbcp.testOnBorrow=true + moasession.dbcp.testOnReturn=false + moasession.dbcp.testWhileIdle=false + moasession.dbcp.validationQuery=select 1 + b.) advancedlogging.jpaVendorAdapter.generateDdl=true + advancedlogging.dbcp.initialSize=0 + advancedlogging.dbcp.maxActive=50 + advancedlogging.dbcp.maxIdle=8 + advancedlogging.dbcp.minIdle=0 + advancedlogging.dbcp.maxWaitMillis=-1 + advancedlogging.dbcp.testOnBorrow=true + advancedlogging.dbcp.testOnReturn=false + advancedlogging.dbcp.testWhileIdle=false + advancedlogging.dbcp.validationQuery=SELECT 1 + c.) *.hibernate.connection.url=... um den GET Parameter '&serverTimezone=UTC' erweitern + d.) configuration.ssl.validation.revocation.method.order=crl,ocsp + e.) Zusätzliche neu, aber optionale Parameter finden Sie in der Beispielkonfiguration + +9. Starten Sie den Tomcat neu, achten Sie auf eventuelle Fehlermeldungen im + Logging von MOA ID beim Einlesen der Konfiguration. + + +............................................................................... +B.1 Durchführung eines Updates von Version 3.0.x auf Version 3.2.0 +............................................................................... +1. Stoppen Sie den Tomcat, in dem Ihre bisherige Installation betrieben wird. + Fertigen Sie eine Sicherungskopie Ihrer kompletten Tomcat-Installation an. + +2. Entpacken Sie die Distribution von MOA-ID-Auth (moa-id-auth-3.2.0.zip) in + ein temporäres Verzeichnis, in weiterer Folge als MOA_ID_AUTH_INST + bezeichnet. + +3. Wechseln Sie in jenes Verzeichnis, das die Webapplikation von MOA ID Auth + beinhaltet (für gewöhnlich ist dieses Verzeichnis CATALINA_HOME_ID/webapps, + wobei CATALINA_HOME_ID für das Basisverzeichnis der Tomcat-Installation + für MOA ID steht). Löschen Sie darin sowohl die Dateien moa-id-auth.war + als auch das komplette Verzeichnis moa-id-auth. + +4. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-auth.war nach + CATALINA_HOME_ID/webapps. + +5. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-configuration.war nach + CATALINA_HOME_ID/webapps. + +6. Update der TrustStores für WebService Zugriffe. + a.) Kopieren Sie die Dateien aus dem Verzeichnis MOA_ID_INST_AUTH\conf\moa-id\certs\ca-certs + in das Verzeichnis CATALINA_HOME\conf\moa-id\certs\ca-certs. + b.) Kopieren Sie die Dateien aus dem Verzeichnis MOA_ID_INST_AUTH\conf\moa-id\certs\certstore\toBeAdded + in das Verzeichnis CATALINA_HOME\conf\moa-id\certs\certstore\toBeAdded. + +7. Hinzufügen der zusätzlichen Konfigurationsparameter in der + MOA-ID-Configuration Konfigurationsdatei + CATALINA_HOME\conf\moa-id-configuration\moa-id-configtool.properties + a.) dbcp.validationQuery=..... (SQL Query zum Validieren der + Datenbankverbindung + z.B: "SELECT 1" für mySQL + "select 1 from dual" für OracleDB) + +8. Hinzufügen der zusätzlichen Konfigurationsparameter in der MOA-ID-Auth + Konfigurationsdatei CATALINA_HOME\conf\moa-id\moa-id.properties + a.) configuration.dbcp.validationQuery=..... (SQL Query zum + Validieren der Datenbankverbindung + z.B: "SELECT 1" für mySQL + "select 1 from dual" für OracleDB) + b.) moasession.jpaVendorAdapter.generateDdl=true + moasession.dbcp.connectionProperties= + moasession.dbcp.initialSize=5 + moasession.dbcp.maxActive=100 + moasession.dbcp.maxIdle=8 + moasession.dbcp.minIdle=5 + moasession.dbcp.maxWaitMillis=-1 + moasession.dbcp.testOnBorrow=true + moasession.dbcp.testOnReturn=false + moasession.dbcp.testWhileIdle=false + moasession.dbcp.validationQuery=select 1 + c.) advancedlogging.jpaVendorAdapter.generateDdl=true + advancedlogging.dbcp.initialSize=0 + advancedlogging.dbcp.maxActive=50 + advancedlogging.dbcp.maxIdle=8 + advancedlogging.dbcp.minIdle=0 + advancedlogging.dbcp.maxWaitMillis=-1 + advancedlogging.dbcp.testOnBorrow=true + advancedlogging.dbcp.testOnReturn=false + advancedlogging.dbcp.testWhileIdle=false + advancedlogging.dbcp.validationQuery=SELECT 1 + d.) *.hibernate.connection.url=... um den GET Parameter '&serverTimezone=UTC' erweitern + e.) configuration.ssl.validation.revocation.method.order=crl,ocsp + f.) Zusätzliche neu, aber optionale Parameter finden Sie in der Beispielkonfigration + +9. Update der Default html-Templates für die Bürgerkartenauswahl. + a.) Kopieren Sie die Dateien aus dem Verzeichnis MOA_ID_INST_AUTH\conf\moa-id\htmlTemplates + in das Verzeichnis CATALINA_HOME\conf\moa-id\htmlTemplates. + b.) Kopieren Sie die Dateien aus dem Verzeichnis MOA_ID_INST_AUTH\conf\moa-id-configuration\htmlTemplates + in das Verzeichnis CATALINA_HOME\conf\moa-id-configuration\htmlTemplates. + +10. Starten Sie den Tomcat neu, achten Sie auf eventuelle Fehlermeldungen im + Logging von MOA ID beim Einlesen der Konfiguration. + + +............................................................................... +B.3 Durchführung eines Updates von Version 2.2.1 auf Version 3.2.0 +............................................................................... + +1. Stoppen Sie den Tomcat, in dem Ihre bisherige Installation betrieben wird. + Fertigen Sie eine Sicherungskopie Ihrer kompletten Tomcat-Installation an. + +2. Entpacken Sie die Distribution von MOA-ID-Auth (moa-id-auth-3.2.0.zip) in + ein temporäres Verzeichnis, in weiterer Folge als MOA_ID_AUTH_INST + bezeichnet. + +3. Wechseln Sie in jenes Verzeichnis, das die Webapplikation von MOA ID Auth + beinhaltet (für gewöhnlich ist dieses Verzeichnis CATALINA_HOME_ID/webapps, + wobei CATALINA_HOME_ID für das Basisverzeichnis der Tomcat-Installation + für MOA ID steht). Löschen Sie darin sowohl die Dateien moa-id-auth.war und + moa-id-configuration.war als auch das komplette Verzeichnis moa-id-auth + und das komplette Verzeichnis moa-id-configuration. + +4. Erstellen Sie eine Sicherungskopie aller "*.jar"-Dateien im Verzeichnis + CATALINA_HOME_ID\endorsed und loeschen Sie diese Dateien danach. + +5. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-auth.war nach + CATALINA_HOME_ID/webapps. + +6. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-configuration.war nach + CATALINA_HOME_ID/webapps. + +7. Update des Cert-Stores. + Kopieren Sie den Inhalt des Verzeichnisses + MOA_ID_INST_AUTH\conf\moa-spss\certstore in das Verzeichnis + CATALINA_HOME\conf\moa-spss\certstore. Wenn Sie gefragt werden, ob Sie + vorhandene Dateien oder Unterverzeichnisse überschreiben sollen, dann + bejahen sie das. + +8. Update der Trust-Profile. Wenn Sie Ihre alten Trust-Profile durch die Neuen ersetzen + wollen, dann gehen Sie vor, wie in Punkt a). Wenn Sie Ihre eigenen Trust-Profile + beibehalten wollen, dann gehen Sie vor, wie in Punkt b). + + a. Gehen Sie wie folgt vor, um die Trust-Profile auszutauschen: + + 1) Löschen Sie das Verzeichnis CATALINA_HOME\conf\moa-spss\trustprofiles. + 2) Kopieren Sie das Verzeichnis + MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles in das Verzeichnis + CATALINA_HOME\conf\moa-spss. + + b. Falls Sie Ihre alten Trust-Profile beibehalten wollen, gehen Sie wie + folgt vor, um die Profile auf den aktuellen Stand zu bringen: + + 1) Ergänzen Sie ihre Trustprofile durch alle Zertifikate aus den + entsprechenden Profilen im Verzeichnis + MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles, die nicht in Ihren + Profilen enthalten sind. Am einfachsten ist es, wenn Sie den Inhalt + der einzelnen Profile aus der Distribution + (MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles) in die entsprechenden + Profile Ihrer Installation (CATALINA_HOME\conf\moa-spss\trustProfiles) + kopieren und dabei die vorhandenen gleichnamigen Zertifikate + überschreiben), also z.B: Kopieren des Inhalts von + MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles\ + MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten nach + CATALINA_HOME\conf\moa-spss\trustProfiles\ + MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten usw. + +9. Update der Default html-Templates für die Bürgerkartenauswahl. + + a.) Kopieren Sie die Dateien aus dem Verzeichnis MOA_ID_INST_AUTH\conf\moa-id\htmlTemplates + in das Verzeichnis CATALINA_HOME\conf\moa-id\htmlTemplates. + b.) Kopieren Sie die Dateien aus dem Verzeichnis MOA_ID_INST_AUTH\conf\moa-id-configuration\htmlTemplates + in das Verzeichnis CATALINA_HOME\conf\moa-id-configuration\htmlTemplates. + +10. Update der STORK Konfiguration + a.) Kopieren Sie die Dateien aus dem Verzeichnis MOA_ID_INST_AUTH\conf\moa-id\stork + in das Verzeichnis CATALINA_HOME\conf\moa-id\stork. + b.) Passen Sie die STORK Konfiguration laut Handbuch -> Konfiguration -> + 2.4 Konfiguration des SamlEngines an. + +11. Hinzufügen der zusätzlichen Konfigurationsparameter in der MOA-ID-Auth Konfigurationsdatei + CATALINA_HOME\conf\moa-id\moa-id.properties + +12. Hinzufügen der zusätzlichen Konfigurationsparameter in der MOA-ID-Configration Konfigurationsdatei + CATALINA_HOME\conf\moa-id-configuration\moa-id-configtool.properties + +13. Hinzufügen der zusätzlichen Konfigurationsdatei in der MOA-ID-Configuration + CATALINA_HOME\conf\moa-id-configuration\userdatabase.properties + +14. Update der Tomcat Start-Skripts: + - Die Konfigurationsdateien für MOA-ID-Auth und MOA-ID-Configuration müssen + nur als URI (file:/...) übergeben werden. + +15. Starten Sie den Tomcat neu, achten Sie auf eventuelle Fehlermeldungen im + Logging von MOA ID beim Einlesen der Konfiguration. + + +............................................................................... +B.4 Durchführung eines Updates von Version 2.2.0 auf Version 2.2.1 +............................................................................... +1. Stoppen Sie den Tomcat, in dem Ihre bisherige Installation betrieben wird. + Fertigen Sie eine Sicherungskopie Ihrer kompletten Tomcat-Installation an. + +2. Entpacken Sie die Distribution von MOA-ID-Auth (moa-id-auth-2.2.1.zip) in + ein temporäres Verzeichnis, in weiterer Folge als MOA_ID_AUTH_INST + bezeichnet. + +3. Wechseln Sie in jenes Verzeichnis, das die Webapplikation von MOA ID Auth + beinhaltet (für gewöhnlich ist dieses Verzeichnis CATALINA_HOME_ID/webapps, + wobei CATALINA_HOME_ID für das Basisverzeichnis der Tomcat-Installation + für MOA ID steht). Löschen Sie darin sowohl die Dateien moa-id-auth.war und + moa-id-configuration.war als auch das komplette Verzeichnis moa-id-auth + und das komplette Verzeichnis moa-id-configuration. + +4. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-auth.war nach + CATALINA_HOME_ID/webapps. + +5. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-configuration.war nach + CATALINA_HOME_ID/webapps. + +6. Update des Cert-Stores. + Kopieren Sie den Inhalt des Verzeichnisses + MOA_ID_INST_AUTH\conf\moa-spss\certstore in das Verzeichnis + CATALINA_HOME\conf\moa-spss\certstore. Wenn Sie gefragt werden, ob Sie + vorhandene Dateien oder Unterverzeichnisse überschreiben sollen, dann + bejahen sie das. + +7. Update der Trust-Profile. Wenn Sie Ihre alten Trust-Profile durch die Neuen ersetzen + wollen, dann gehen Sie vor, wie in Punkt a). Wenn Sie Ihre eigenen Trust-Profile + beibehalten wollen, dann gehen Sie vor, wie in Punkt b). + + a. Gehen Sie wie folgt vor, um die Trust-Profile auszutauschen: + + 1) Löschen Sie das Verzeichnis CATALINA_HOME\conf\moa-spss\trustprofiles. + 2) Kopieren Sie das Verzeichnis + MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles in das Verzeichnis + CATALINA_HOME\conf\moa-spss. + + b. Falls Sie Ihre alten Trust-Profile beibehalten wollen, gehen Sie wie + folgt vor, um die Profile auf den aktuellen Stand zu bringen: + + 1) Ergänzen Sie ihre Trustprofile durch alle Zertifikate aus den + entsprechenden Profilen im Verzeichnis + MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles, die nicht in Ihren + Profilen enthalten sind. Am einfachsten ist es, wenn Sie den Inhalt + der einzelnen Profile aus der Distribution + (MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles) in die entsprechenden + Profile Ihrer Installation (CATALINA_HOME\conf\moa-spss\trustProfiles) + kopieren und dabei die vorhandenen gleichnamigen Zertifikate + überschreiben), also z.B: Kopieren des Inhalts von + MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles\ + MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten nach + CATALINA_HOME\conf\moa-spss\trustProfiles\ + MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten usw. + +8. Starten Sie den Tomcat neu, achten Sie auf eventuelle Fehlermeldungen im + Logging von MOA ID beim Einlesen der Konfiguration. + +............................................................................... +B.1 Durchführung eines Updates von Version 2.1.2 auf Version 2.2.0 +............................................................................... + 1. Stoppen Sie den Tomcat, in dem Ihre bisherige Installation betrieben wird. + Fertigen Sie eine Sicherungskopie Ihrer kompletten Tomcat-Installation an. + +2. Entpacken Sie die Distribution von MOA-ID-Auth (moa-id-auth-2.2.0.zip) in + ein temporäres Verzeichnis, in weiterer Folge als MOA_ID_AUTH_INST + bezeichnet. + +3. Wechseln Sie in jenes Verzeichnis, das die Webapplikation von MOA ID Auth + beinhaltet (für gewöhnlich ist dieses Verzeichnis CATALINA_HOME_ID/webapps, + wobei CATALINA_HOME_ID für das Basisverzeichnis der Tomcat-Installation + für MOA ID steht). Löschen Sie darin sowohl die Dateien moa-id-auth.war und + moa-id-configuration.war als auch das komplette Verzeichnis moa-id-auth + und das komplette Verzeichnis moa-id-configuration. + +4. Erstellen Sie eine Sicherungskopie aller "*.jar"-Dateien im Verzeichnis + CATALINA_HOME_ID\endorsed und loeschen Sie diese Dateien danach. + +6. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-auth.war nach + CATALINA_HOME_ID/webapps. + +7. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-configuration.war nach + CATALINA_HOME_ID/webapps. + +8. Kopieren der folgenden Dateien: + Sollte die Datei bereits vorhanden sein erstellen Sie ein Backup der + Datei bevor Sie diese durch die neue Version ersetzen. + a.) MOA_ID_AUTH_INST/conf/moa-id/stork/StorkSamlEngine_VIDP.xml -> + CATALINA_HOME/conf/moa-id/stork/StorkSamlEngine_VIDP.xml + b.) MOA_ID_AUTH_INST/conf/moa-id/stork/StorkSamlEngine_outgoing.xml -> + CATALINA_HOME/conf/moa-id/stork/StorkSamlEngine_outgoing.xml + +9. Dem STORK KeyStores unter MOA_ID_AUTH_INST/conf/moa-id/keys/storkDemoKeys.jks + (Passwort=local-demo) wurden neue vertrauenswürdige Zertifikate hinzugefügt. + Gleichen Sie bei Bedarf die Zertifikate dieses KeyStores mit Ihrem aktuell + verwendeten KeyStore ab. + +10. Update des Cert-Stores. + Kopieren Sie den Inhalt des Verzeichnisses + MOA_ID_INST_AUTH\conf\moa-spss\certstore in das Verzeichnis + CATALINA_HOME\conf\moa-spss\certstore. Wenn Sie gefragt werden, ob Sie + vorhandene Dateien oder Unterverzeichnisse überschreiben sollen, dann + bejahen sie das. + +11. Update der Trust-Profile. Wenn Sie Ihre alten Trust-Profile durch die Neuen ersetzen + wollen, dann gehen Sie vor, wie in Punkt a). Wenn Sie Ihre eigenen Trust-Profile + beibehalten wollen, dann gehen Sie vor, wie in Punkt b). + + a. Gehen Sie wie folgt vor, um die Trust-Profile auszutauschen: + + 1) Löschen Sie das Verzeichnis CATALINA_HOME\conf\moa-spss\trustprofiles. + 2) Kopieren Sie das Verzeichnis + MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles in das Verzeichnis + CATALINA_HOME\conf\moa-spss. + + b. Falls Sie Ihre alten Trust-Profile beibehalten wollen, gehen Sie wie + folgt vor, um die Profile auf den aktuellen Stand zu bringen: + + 1) Ergänzen Sie ihre Trustprofile durch alle Zertifikate aus den + entsprechenden Profilen im Verzeichnis + MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles, die nicht in Ihren + Profilen enthalten sind. Am einfachsten ist es, wenn Sie den Inhalt + der einzelnen Profile aus der Distribution + (MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles) in die entsprechenden + Profile Ihrer Installation (CATALINA_HOME\conf\moa-spss\trustProfiles) + kopieren und dabei die vorhandenen gleichnamigen Zertifikate + überschreiben), also z.B: Kopieren des Inhalts von + MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles\ + MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten nach + CATALINA_HOME\conf\moa-spss\trustProfiles\ + MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten usw. + + +12. Starten Sie den Tomcat neu, achten Sie auf eventuelle Fehlermeldungen im + Logging von MOA ID beim Einlesen der Konfiguration. + +............................................................................... +B.2 Durchführung eines Updates von Version 2.1.1 auf Version 2.1.2 +............................................................................... + 1. Stoppen Sie den Tomcat, in dem Ihre bisherige Installation betrieben wird. + Fertigen Sie eine Sicherungskopie Ihrer kompletten Tomcat-Installation an. + +2. Entpacken Sie die Distribution von MOA-ID-Auth (moa-id-auth-2.1.2.zip) in + ein temporäres Verzeichnis, in weiterer Folge als MOA_ID_AUTH_INST + bezeichnet. + +3. Wechseln Sie in jenes Verzeichnis, das die Webapplikation von MOA ID Auth + beinhaltet (für gewöhnlich ist dieses Verzeichnis CATALINA_HOME_ID/webapps, + wobei CATALINA_HOME_ID für das Basisverzeichnis der Tomcat-Installation + für MOA ID steht). Löschen Sie darin sowohl die Dateien moa-id-auth.war und + moa-id-configuration.war als auch das komplette Verzeichnis moa-id-auth + und das komplette Verzeichnis moa-id-configuration. + +4. Erstellen Sie eine Sicherungskopie aller "*.jar"-Dateien im Verzeichnis + CATALINA_HOME_ID\endorsed und loeschen Sie diese Dateien danach. + +5. Kopieren Sie alle Dateien aus dem Verzeichnis MOA_ID_AUTH_INST\endorsed in das + Verzeichnis CATALINA_HOME_ID\endorsed + +6. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-auth.war nach + CATALINA_HOME_ID/webapps. + +7. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-configuration.war nach + CATALINA_HOME_ID/webapps. + +8. Kopieren der folgenden Dateien + a.) MOA_ID_AUTH_INST/conf/moa-id/stork/StorkSamlEngine_VIDP.xml -> + CATALINA_HOME/conf/moa-id/stork/StorkSamlEngine_VIDP.xml + Sollte die Datei bereits vorhanden sein erstellen Sie ein Backup der + Datei slo_template.html bevor Sie diese durch die neue Version ersetzen. + +9. Dem STORK KeyStores unter MOA_ID_AUTH_INST/conf/moa-id/keys/storkDemoKeys.jks + (Passwort=local-demo) wurden neue vertrauenswürdige Zertifikate hinzugefügt. + Gleichen Sie bei Bedarf die Zertifikate dieses KeyStores mit Ihrem aktuell + verwendeten KeyStore ab. + +10. Starten Sie den Tomcat neu, achten Sie auf eventuelle Fehlermeldungen im + Logging von MOA ID beim Einlesen der Konfiguration. + + +............................................................................... +B.3 Durchführung eines Updates von Version 2.1.0 auf Version 2.1.1 +............................................................................... + 1. Stoppen Sie den Tomcat, in dem Ihre bisherige Installation betrieben wird. + Fertigen Sie eine Sicherungskopie Ihrer kompletten Tomcat-Installation an. + +2. Entpacken Sie die Distribution von MOA-ID-Auth (moa-id-auth-2.1.0.zip) in + ein temporäres Verzeichnis, in weiterer Folge als MOA_ID_AUTH_INST + bezeichnet. + +3. Erstellen Sie eine Sicherungskopie aller "iaik*.jar"-Dateien im Verzeichnis + JAVA_HOME\jre\lib\ext und loeschen Sie diese Dateien danach. + +4. Kopieren Sie alle Dateien aus dem Verzeichnis MOA_ID_AUTH_INST\ext in das + Verzeichnis JAVA_HOME\jre\lib\ext (Achtung: Java 1.4.x wird nicht mehr + unterstuetzt). + +5. Wechseln Sie in jenes Verzeichnis, das die Webapplikation von MOA ID Auth + beinhaltet (für gewöhnlich ist dieses Verzeichnis CATALINA_HOME_ID/webapps, + wobei CATALINA_HOME_ID für das Basisverzeichnis der Tomcat-Installation + für MOA ID steht). Löschen Sie darin sowohl die Datei moa-id-auth.war als + auch das komplette Verzeichnis moa-id-auth. + +6. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-auth.war nach + CATALINA_HOME_ID/webapps. + +7. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-configuration.war nach + CATALINA_HOME_ID/webapps. + +8. Hinzufügen der zusätzlichen Konfigurationsparameter in der + MOA-ID-Configuration Konfigurationsdatei + CATALINA_HOME\conf\moa-id-configuration\moa-id-configtool.properties + a.) general.moaconfig.key=..... (Passwort zum Ver- und + Entschlüsseln von Konfigurationsparametern in der Datenbank) + +9. Hinzufügen der zusätzlichen Konfigurationsparameter in der MOA-ID-Auth + Konfigurationsdatei CATALINA_HOME\conf\moa-id\moa-id.properties + a.) configuration.moaconfig.key=..... (Passwort zum Ver- und + Entschlüsseln von Konfigurationsparametern in der Datenbank) + +10. Kopieren der folgenden Dateien + a.) MOA_ID_AUTH_INST/conf/moa-id/htmlTemplates/slo_template.html -> + CATALINA_HOME/conf/moa-id/htmlTemplates/slo_template.html + Sollte die Datei bereits vorhanden sein erstellen Sie ein Backup der + Datei slo_template.html bevor Sie diese durch die neue Version ersetzen. + +11. Update des Cert-Stores. + Kopieren Sie den Inhalt des Verzeichnisses + MOA_ID_INST_AUTH\conf\moa-spss\certstore in das Verzeichnis + CATALINA_HOME\conf\moa-spss\certstore. Wenn Sie gefragt werden, ob Sie + vorhandene Dateien oder Unterverzeichnisse überschreiben sollen, dann + bejahen sie das. + +12. Update der Trust-Profile. Wenn Sie Ihre alten Trust-Profile durch die Neuen ersetzen + wollen, dann gehen Sie vor, wie in Punkt a). Wenn Sie Ihre eigenen Trust-Profile + beibehalten wollen, dann gehen Sie vor, wie in Punkt b). + + a. Gehen Sie wie folgt vor, um die Trust-Profile auszutauschen: + + 1) Löschen Sie das Verzeichnis CATALINA_HOME\conf\moa-spss\trustprofiles. + 2) Kopieren Sie das Verzeichnis + MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles in das Verzeichnis + CATALINA_HOME\conf\moa-spss. + + b. Falls Sie Ihre alten Trust-Profile beibehalten wollen, gehen Sie wie + folgt vor, um die Profile auf den aktuellen Stand zu bringen: + + 1) Ergänzen Sie ihre Trustprofile durch alle Zertifikate aus den + entsprechenden Profilen im Verzeichnis + MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles, die nicht in Ihren + Profilen enthalten sind. Am einfachsten ist es, wenn Sie den Inhalt + der einzelnen Profile aus der Distribution + (MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles) in die entsprechenden + Profile Ihrer Installation (CATALINA_HOME\conf\moa-spss\trustProfiles) + kopieren und dabei die vorhandenen gleichnamigen Zertifikate + überschreiben), also z.B: Kopieren des Inhalts von + MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles\ + MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten nach + CATALINA_HOME\conf\moa-spss\trustProfiles\ + MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten usw. + +13. Starten Sie den Tomcat neu, achten Sie auf eventuelle Fehlermeldungen im + Logging von MOA ID beim Einlesen der Konfiguration. + + +............................................................................... +B.4 Durchführung eines Updates von Version 2.0.1 auf Version 2.1.0 +............................................................................... + 1. Stoppen Sie den Tomcat, in dem Ihre bisherige Installation betrieben wird. + Fertigen Sie eine Sicherungskopie Ihrer kompletten Tomcat-Installation an. + +2. Entpacken Sie die Distribution von MOA-ID-Auth (moa-id-auth-2.1.0.zip) in + ein temporäres Verzeichnis, in weiterer Folge als MOA_ID_AUTH_INST + bezeichnet. + +3. Wechseln Sie in jenes Verzeichnis, das die Webapplikation von MOA ID Auth + beinhaltet (für gewöhnlich ist dieses Verzeichnis CATALINA_HOME_ID/webapps, + wobei CATALINA_HOME_ID für das Basisverzeichnis der Tomcat-Installation + für MOA ID steht). Löschen Sie darin sowohl die Datei moa-id-auth.war als + auch das komplette Verzeichnis moa-id-auth. + +4. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-auth.war nach + CATALINA_HOME_ID/webapps. + +5. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-configuration.war nach + CATALINA_HOME_ID/webapps. + +6. Update der STORK Konfiguration + a.) Kopieren Sie die Dateien aus dem Verzeichnis MOA_ID_INST_AUTH\conf\moa-id\stork + in das Verzeichnis CATALINA_HOME\conf\moa-id\stork. + b.) Passen Sie die STORK Konfiguration laut Handbuch -> Konfiguration -> + 2.4 Konfiguration des SamlEngines an. + +7. Hinzufügen der zusätzlichen Konfigurationsparameter in der MOA-ID-Configuration Konfigurationsdatei + CATALINA_HOME\conf\moa-id-configuration\moa-id-configtool.properties + a.) general.ssl.certstore=certs/certstore + b.) general.ssl.truststore=certs/truststore + +8. Kopieren des folgenden zusätzlichen Ordners MOA_ID_AUTH_INST/conf/moa-id-configuration/certs + nach CATALINA_HOME\conf\moa-id-configuration\ + +9. Hinzufügen der zusätzlichen Konfigurationsparameter in der MOA-ID-Auth Konfigurationsdatei + CATALINA_HOME\conf\moa-id\moa-id.properties und Anpassung an das zu verwendeten Schlüsselpaar. + a.) protocols.pvp2.idp.ks.assertion.encryption.alias=pvp_assertion + protocols.pvp2.idp.ks.assertion.encryption.keypassword=password + +10. Kopieren der folgenden zusätzlichen Ordner aus MOA_ID_AUTH_INST/conf/moa-id/ + nach CATALINA_HOME\conf\moa-id\ + a.) MOA_ID_AUTH_INST/conf/moa-id/SLTemplates -> CATALINA_HOME\conf\moa-id\ + b.) MOA_ID_AUTH_INST/conf/moa-id/htmlTemplates/slo_template.html -> + CATALINA_HOME/conf/moa-id/htmlTemplates/slo_template.html + +11. Neuinitialisieren des Datenbank Schema für die MOA-Session. Hierfür stehen + zwei Varianten zur Verfügung. + a.) Ändern Sie in der Konfigurationsdatei für das Modul MOA-ID-Auth + CATALINA_HOME\conf\moa-id\moa-id.properties die Zeile + moasession.hibernate.hbm2ddl.auto=update + zu + moasession.hibernate.hbm2ddl.auto=create + Danach werden die Tabellen beim nächsten Startvorgang neu generiert. + + b.) Löschen Sie alle Tabellen aus dem Datenbank Schema für die MOA-Sessixson + Informationen per Hand. Alle Tabellen werden beim nächsten Start autmatisch neu generiert. + +12 . Starten Sie den Tomcat neu, achten Sie auf eventuelle Fehlermeldungen im + Logging von MOA ID beim Einlesen der Konfiguration. + + +............................................................................... +B.5 Durchführung eines Updates von Version 2.0-RC1 auf Version 2.0.1 +............................................................................... + +1. Stoppen Sie den Tomcat, in dem Ihre bisherige Installation betrieben wird. + Fertigen Sie eine Sicherungskopie Ihrer kompletten Tomcat-Installation an. + +2. Entpacken Sie die Distribution von MOA-ID-Auth (moa-id-auth-2.0.1.zip) in + ein temporäres Verzeichnis, in weiterer Folge als MOA_ID_AUTH_INST + bezeichnet. + Für MOA ID Proxy: + Entpacken Sie die Distribution von MOA-ID-Proxy (moa-id-proxy-2.0.1.zip) in + ein temporäres Verzeichnis, in weiterer Folge als MOA_ID_PROXY_INST + bezeichnet. + +3. Wechseln Sie in jenes Verzeichnis, das die Webapplikation von MOA ID Auth + beinhaltet (für gewöhnlich ist dieses Verzeichnis CATALINA_HOME_ID/webapps, + wobei CATALINA_HOME_ID für das Basisverzeichnis der Tomcat-Installation + für MOA ID steht). Löschen Sie darin sowohl die Datei moa-id-auth.war als + auch das komplette Verzeichnis moa-id-auth. + +4. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-auth.war nach + CATALINA_HOME_ID/webapps. + +5. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-configuration.war nach + CATALINA_HOME_ID/webapps. + +6. Update des Cert-Stores. + Kopieren Sie den Inhalt des Verzeichnisses + MOA_ID_INST_AUTH\conf\moa-spss\certstore in das Verzeichnis + CATALINA_HOME\conf\moa-spss\certstore. Wenn Sie gefragt werden, ob Sie + vorhandene Dateien oder Unterverzeichnisse überschreiben sollen, dann + bejahen sie das. + +7. Update der Trust-Profile. Wenn Sie Ihre alten Trust-Profile durch die Neuen ersetzen + wollen, dann gehen Sie vor, wie in Punkt a). Wenn Sie Ihre eigenen Trust-Profile + beibehalten wollen, dann gehen Sie vor, wie in Punkt b). + + a. Gehen Sie wie folgt vor, um die Trust-Profile auszutauschen: + + 1) Löschen Sie das Verzeichnis CATALINA_HOME\conf\moa-spss\trustprofiles. + 2) Kopieren Sie das Verzeichnis + MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles in das Verzeichnis + CATALINA_HOME\conf\moa-spss. + + b. Falls Sie Ihre alten Trust-Profile beibehalten wollen, gehen Sie wie + folgt vor, um die Profile auf den aktuellen Stand zu bringen: + + 1) Ergänzen Sie ihre Trustprofile durch alle Zertifikate aus den + entsprechenden Profilen im Verzeichnis + MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles, die nicht in Ihren + Profilen enthalten sind. Am einfachsten ist es, wenn Sie den Inhalt + der einzelnen Profile aus der Distribution + (MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles) in die entsprechenden + Profile Ihrer Installation (CATALINA_HOME\conf\moa-spss\trustProfiles) + kopieren und dabei die vorhandenen gleichnamigen Zertifikate + überschreiben), also z.B: Kopieren des Inhalts von + MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles\ + MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten nach + CATALINA_HOME\conf\moa-spss\trustProfiles\ + MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten usw. + +8. Update der Default html-Templates für die Bürgerkartenauswahl. + + a.) Kopieren Sie die Dateien aus dem Verzeichnis MOA_ID_INST_AUTH\conf\moa-id\htmlTemplates + in das Verzeichnis CATALINA_HOME\conf\moa-id\htmlTemplates. + b.) Kopieren Sie die Dateien aus dem Verzeichnis MOA_ID_INST_AUTH\conf\moa-id-configuration\htmlTemplates + in das Verzeichnis CATALINA_HOME\conf\moa-id-configuration\htmlTemplates. + +9. Update der STORK Konfiguration + a.) Kopieren Sie die Dateien aus dem Verzeichnis MOA_ID_INST_AUTH\conf\moa-id\stork + in das Verzeichnis CATALINA_HOME\conf\moa-id\stork. + b.) Passen Sie die STORK Konfiguration laut Handbuch -> Konfiguration -> + 2.4 Konfiguration des SamlEngines an. + +10. Hinzufügen der zusätzlichen Konfigurationsparameter in der MOA-ID-Auth Konfigurationsdatei + CATALINA_HOME\conf\moa-id\moa-id.properties + + a.) configuration.validation.certificate.QC.ignore=false + b.) protocols.pvp2.assertion.encryption.active=false + +11. Starten Sie den Tomcat neu, achten Sie auf eventuelle Fehlermeldungen im + Logging von MOA ID beim Einlesen der Konfiguration. + + +............................................................................... +B.6 Durchführung eines Updates von Version <= 1.5.1 +............................................................................... + +Bitte führen Sie eine Neuinstallation von MOA ID laut Handbuch durch und passen +Sie die mitgelieferte Musterkonfiguration entsprechend Ihren Bedürfnissen unter +Zuhilfenahme Ihrer bisherigen Konfiguration an. + diff --git a/id/server/auth-edu/pom.xml b/id/server/auth-edu/pom.xml index 43e87f2ab..4e01c6260 100644 --- a/id/server/auth-edu/pom.xml +++ b/id/server/auth-edu/pom.xml @@ -96,10 +96,6 @@ <type>pom</type> <exclusions> <exclusion> - <artifactId>iaik_pki_module</artifactId> - <groupId>iaik</groupId> - </exclusion> - <exclusion> <groupId>commons-logging</groupId> <artifactId>commons-logging</artifactId> </exclusion> @@ -219,12 +215,12 @@ <!-- should be in the ext directory of the jre --> <scope>provided</scope> </dependency> - <dependency> +<!-- <dependency> <groupId>iaik.prod</groupId> <artifactId>iaik_ecc</artifactId> - <!-- should be in the ext directory of the jre --> + should be in the ext directory of the jre <scope>provided</scope> - </dependency> + </dependency> --> <dependency> <groupId>iaik.prod</groupId> <artifactId>iaik_Pkcs11Provider</artifactId> @@ -279,6 +275,11 @@ </exclusions> </dependency> <dependency> + <groupId>org.springframework</groupId> + <artifactId>spring-tx</artifactId> + <version>${org.springframework.version}</version> + </dependency> + <dependency> <groupId>org.slf4j</groupId> <artifactId>jcl-over-slf4j</artifactId> </dependency> diff --git a/id/server/auth-final/pom.xml b/id/server/auth-final/pom.xml index 0c42c9deb..4f5f219a1 100644 --- a/id/server/auth-final/pom.xml +++ b/id/server/auth-final/pom.xml @@ -80,10 +80,6 @@ <type>pom</type> <exclusions> <exclusion> - <artifactId>iaik_pki_module</artifactId> - <groupId>iaik</groupId> - </exclusion> - <exclusion> <groupId>commons-logging</groupId> <artifactId>commons-logging</artifactId> </exclusion> @@ -187,12 +183,12 @@ <!-- should be in the ext directory of the jre --> <scope>provided</scope> </dependency> - <dependency> +<!-- <dependency> <groupId>iaik.prod</groupId> <artifactId>iaik_ecc</artifactId> - <!-- should be in the ext directory of the jre --> + should be in the ext directory of the jre <scope>provided</scope> - </dependency> + </dependency> --> <dependency> <groupId>iaik.prod</groupId> <artifactId>iaik_Pkcs11Provider</artifactId> @@ -247,6 +243,11 @@ </exclusions> </dependency> <dependency> + <groupId>org.springframework</groupId> + <artifactId>spring-tx</artifactId> + <version>${org.springframework.version}</version> + </dependency> + <dependency> <groupId>org.slf4j</groupId> <artifactId>jcl-over-slf4j</artifactId> </dependency> diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/01540E2704537AA810D671E1C4106FD8821EB52A/C2556DADDF68A9EEF7F5C14A24CA33BCA930B201 b/id/server/data/deploy/conf/moa-id/certs/certstore/01540E2704537AA810D671E1C4106FD8821EB52A/C2556DADDF68A9EEF7F5C14A24CA33BCA930B201 Binary files differdeleted file mode 100644 index 592c96230..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/01540E2704537AA810D671E1C4106FD8821EB52A/C2556DADDF68A9EEF7F5C14A24CA33BCA930B201 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/032F2123890A879585CE96674CA4C37B55986729/E1201A308CC10323C27D9084B048996E44B8F710 b/id/server/data/deploy/conf/moa-id/certs/certstore/032F2123890A879585CE96674CA4C37B55986729/E1201A308CC10323C27D9084B048996E44B8F710 Binary files differdeleted file mode 100644 index a7948e488..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/032F2123890A879585CE96674CA4C37B55986729/E1201A308CC10323C27D9084B048996E44B8F710 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/04462EF01783744F9F4CDE3705FD86D488697C9F/D44EED7580C7792242D73E267A89C7DB25E4BD08 b/id/server/data/deploy/conf/moa-id/certs/certstore/04462EF01783744F9F4CDE3705FD86D488697C9F/D44EED7580C7792242D73E267A89C7DB25E4BD08 Binary files differdeleted file mode 100644 index 73434134e..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/04462EF01783744F9F4CDE3705FD86D488697C9F/D44EED7580C7792242D73E267A89C7DB25E4BD08 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/083E1A0528C48475951A6610360D813E2713DCC7/7E691392F741B7E4B4AA9A76D75851BDE18BE5A7 b/id/server/data/deploy/conf/moa-id/certs/certstore/083E1A0528C48475951A6610360D813E2713DCC7/7E691392F741B7E4B4AA9A76D75851BDE18BE5A7 Binary files differdeleted file mode 100644 index 8c434777e..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/083E1A0528C48475951A6610360D813E2713DCC7/7E691392F741B7E4B4AA9A76D75851BDE18BE5A7 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/0889EBEC55D9E34E782E6D3C250840EB932EEA2F/9CD9ADF04626E7E8C9A1C8DACE3B0B8A2979C726 b/id/server/data/deploy/conf/moa-id/certs/certstore/0889EBEC55D9E34E782E6D3C250840EB932EEA2F/9CD9ADF04626E7E8C9A1C8DACE3B0B8A2979C726 Binary files differdeleted file mode 100644 index 3af27c013..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/0889EBEC55D9E34E782E6D3C250840EB932EEA2F/9CD9ADF04626E7E8C9A1C8DACE3B0B8A2979C726 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/0A5C2C9276B649D088A86BD9FD97E2B95658481D/08CAE18D8CFF86144CB8FFD671B916CAAB8BD4E9 b/id/server/data/deploy/conf/moa-id/certs/certstore/0A5C2C9276B649D088A86BD9FD97E2B95658481D/08CAE18D8CFF86144CB8FFD671B916CAAB8BD4E9 Binary files differdeleted file mode 100644 index cac44093a..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/0A5C2C9276B649D088A86BD9FD97E2B95658481D/08CAE18D8CFF86144CB8FFD671B916CAAB8BD4E9 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/0AF04E7099C9829BD1F8437362BA0036E0705C4D/0F843FB1E0C626540BE638B79A2987E2611CE630 b/id/server/data/deploy/conf/moa-id/certs/certstore/0AF04E7099C9829BD1F8437362BA0036E0705C4D/0F843FB1E0C626540BE638B79A2987E2611CE630 Binary files differdeleted file mode 100644 index 29d93550e..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/0AF04E7099C9829BD1F8437362BA0036E0705C4D/0F843FB1E0C626540BE638B79A2987E2611CE630 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/0AF04E7099C9829BD1F8437362BA0036E0705C4D/69F21C82DC9A7A940ACEC414593E59C9E61E522F b/id/server/data/deploy/conf/moa-id/certs/certstore/0AF04E7099C9829BD1F8437362BA0036E0705C4D/69F21C82DC9A7A940ACEC414593E59C9E61E522F Binary files differdeleted file mode 100644 index 2a88295a7..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/0AF04E7099C9829BD1F8437362BA0036E0705C4D/69F21C82DC9A7A940ACEC414593E59C9E61E522F +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/0AF04E7099C9829BD1F8437362BA0036E0705C4D/FC72939DC06EDDF8C51549ECF00AC92BF2B39F35 b/id/server/data/deploy/conf/moa-id/certs/certstore/0AF04E7099C9829BD1F8437362BA0036E0705C4D/FC72939DC06EDDF8C51549ECF00AC92BF2B39F35 Binary files differdeleted file mode 100644 index 84a1690d2..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/0AF04E7099C9829BD1F8437362BA0036E0705C4D/FC72939DC06EDDF8C51549ECF00AC92BF2B39F35 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/0BF5B0C4B029051D91A83EE9CCD0266A52D867A6/341F53B3B17518213B1856BFAB3CEFBE948AFC0D b/id/server/data/deploy/conf/moa-id/certs/certstore/0BF5B0C4B029051D91A83EE9CCD0266A52D867A6/341F53B3B17518213B1856BFAB3CEFBE948AFC0D Binary files differdeleted file mode 100644 index 3250c6adc..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/0BF5B0C4B029051D91A83EE9CCD0266A52D867A6/341F53B3B17518213B1856BFAB3CEFBE948AFC0D +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/0BF5B0C4B029051D91A83EE9CCD0266A52D867A6/3A24040C01D5C9A4980575BFF99A25E534A056CB b/id/server/data/deploy/conf/moa-id/certs/certstore/0BF5B0C4B029051D91A83EE9CCD0266A52D867A6/3A24040C01D5C9A4980575BFF99A25E534A056CB Binary files differdeleted file mode 100644 index 3848a2b82..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/0BF5B0C4B029051D91A83EE9CCD0266A52D867A6/3A24040C01D5C9A4980575BFF99A25E534A056CB +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/0FE419AB943E7E5C6A7190CC6BBE8E3F914C658A/FB356CEF4406D1F135E3FC59026B338D3F518F9A b/id/server/data/deploy/conf/moa-id/certs/certstore/0FE419AB943E7E5C6A7190CC6BBE8E3F914C658A/FB356CEF4406D1F135E3FC59026B338D3F518F9A Binary files differdeleted file mode 100644 index 04c6ea363..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/0FE419AB943E7E5C6A7190CC6BBE8E3F914C658A/FB356CEF4406D1F135E3FC59026B338D3F518F9A +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/10D143E18C03A4A29F783D26F2F67E3B64C35CB0/BE9D654B0DE0F3CC53CA36703DD9D9049A5F9330 b/id/server/data/deploy/conf/moa-id/certs/certstore/10D143E18C03A4A29F783D26F2F67E3B64C35CB0/BE9D654B0DE0F3CC53CA36703DD9D9049A5F9330 Binary files differdeleted file mode 100644 index 32893db7f..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/10D143E18C03A4A29F783D26F2F67E3B64C35CB0/BE9D654B0DE0F3CC53CA36703DD9D9049A5F9330 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/10F17BDACD8DEAA1E8F23FBEAE7B3EC3D9773D1D/E7340D1FB627D8917A9C0D23F21515C441BF1214 b/id/server/data/deploy/conf/moa-id/certs/certstore/10F17BDACD8DEAA1E8F23FBEAE7B3EC3D9773D1D/E7340D1FB627D8917A9C0D23F21515C441BF1214 Binary files differdeleted file mode 100644 index fd23a38d6..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/10F17BDACD8DEAA1E8F23FBEAE7B3EC3D9773D1D/E7340D1FB627D8917A9C0D23F21515C441BF1214 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/125E4AC6B38C1E0BF34BF7D927CBB947E35141E8/2CA36B76BC6CCDC29296111A4EFCAFC0553BBC7D b/id/server/data/deploy/conf/moa-id/certs/certstore/125E4AC6B38C1E0BF34BF7D927CBB947E35141E8/2CA36B76BC6CCDC29296111A4EFCAFC0553BBC7D Binary files differdeleted file mode 100644 index 1a3106742..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/125E4AC6B38C1E0BF34BF7D927CBB947E35141E8/2CA36B76BC6CCDC29296111A4EFCAFC0553BBC7D +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/15A052B0DC4E0333656264E2FEEBE45B1BE449BF/386C1663C6390BC288DC171522439210AF361958 b/id/server/data/deploy/conf/moa-id/certs/certstore/15A052B0DC4E0333656264E2FEEBE45B1BE449BF/386C1663C6390BC288DC171522439210AF361958 Binary files differdeleted file mode 100644 index a5e651f86..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/15A052B0DC4E0333656264E2FEEBE45B1BE449BF/386C1663C6390BC288DC171522439210AF361958 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/1607988A938D3D339F40AFB567384BC5B7540935/9FDCFE5A082FD69BF5D9E73C25FBE9EA1AC0ACF2 b/id/server/data/deploy/conf/moa-id/certs/certstore/1607988A938D3D339F40AFB567384BC5B7540935/9FDCFE5A082FD69BF5D9E73C25FBE9EA1AC0ACF2 Binary files differdeleted file mode 100644 index 28cb48bb0..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/1607988A938D3D339F40AFB567384BC5B7540935/9FDCFE5A082FD69BF5D9E73C25FBE9EA1AC0ACF2 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/1A283D1183DB82A548427B4F19E99E7A8EA728D7/49969819654C230ECDF779ABB9629A211FCC43D6 b/id/server/data/deploy/conf/moa-id/certs/certstore/1A283D1183DB82A548427B4F19E99E7A8EA728D7/49969819654C230ECDF779ABB9629A211FCC43D6 Binary files differdeleted file mode 100644 index bdfcb7ab1..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/1A283D1183DB82A548427B4F19E99E7A8EA728D7/49969819654C230ECDF779ABB9629A211FCC43D6 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/1BF3C1D2767F5C333AD5531531FEE3A712935B73/D0AF386E182F00983637F97C0A5F4708F9F641A7 b/id/server/data/deploy/conf/moa-id/certs/certstore/1BF3C1D2767F5C333AD5531531FEE3A712935B73/D0AF386E182F00983637F97C0A5F4708F9F641A7 Binary files differdeleted file mode 100644 index eaac3518b..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/1BF3C1D2767F5C333AD5531531FEE3A712935B73/D0AF386E182F00983637F97C0A5F4708F9F641A7 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/20DD04B052D2D364E5FF851A3FD314F0FD91253E/6814C7316CEA7191C9CB3BE58199B4A957210D9C b/id/server/data/deploy/conf/moa-id/certs/certstore/20DD04B052D2D364E5FF851A3FD314F0FD91253E/6814C7316CEA7191C9CB3BE58199B4A957210D9C Binary files differdeleted file mode 100644 index 4dd2c49bf..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/20DD04B052D2D364E5FF851A3FD314F0FD91253E/6814C7316CEA7191C9CB3BE58199B4A957210D9C +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/20EF2EC4E04DF4D51A8F10DFE4249C0024C7A28C/5F06F65C714047E3B282AEC427C35AB703E49D8E b/id/server/data/deploy/conf/moa-id/certs/certstore/20EF2EC4E04DF4D51A8F10DFE4249C0024C7A28C/5F06F65C714047E3B282AEC427C35AB703E49D8E Binary files differdeleted file mode 100644 index 39e377edf..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/20EF2EC4E04DF4D51A8F10DFE4249C0024C7A28C/5F06F65C714047E3B282AEC427C35AB703E49D8E +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/20EF2EC4E04DF4D51A8F10DFE4249C0024C7A28C/D45360060761812D33DE294EAC1573F6DE12A208 b/id/server/data/deploy/conf/moa-id/certs/certstore/20EF2EC4E04DF4D51A8F10DFE4249C0024C7A28C/D45360060761812D33DE294EAC1573F6DE12A208 Binary files differdeleted file mode 100644 index 0a1fcff85..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/20EF2EC4E04DF4D51A8F10DFE4249C0024C7A28C/D45360060761812D33DE294EAC1573F6DE12A208 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/22973CFC20EA68162A0B2E837D45FB8266ACDBCF/C529469053D9F95810A8F7F2DB9A6596A7655732 b/id/server/data/deploy/conf/moa-id/certs/certstore/22973CFC20EA68162A0B2E837D45FB8266ACDBCF/C529469053D9F95810A8F7F2DB9A6596A7655732 Binary files differdeleted file mode 100644 index 13abede5c..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/22973CFC20EA68162A0B2E837D45FB8266ACDBCF/C529469053D9F95810A8F7F2DB9A6596A7655732 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/238ACC1D03DA5A2E7E580D760FB3EE218FDC5A97/D3C063F219ED073E34AD5D750B327629FFD59AF2 b/id/server/data/deploy/conf/moa-id/certs/certstore/238ACC1D03DA5A2E7E580D760FB3EE218FDC5A97/D3C063F219ED073E34AD5D750B327629FFD59AF2 Binary files differdeleted file mode 100644 index 33e776369..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/238ACC1D03DA5A2E7E580D760FB3EE218FDC5A97/D3C063F219ED073E34AD5D750B327629FFD59AF2 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/23A16796B3D718035F1E0DB209A42938767631DA/1C43C0BA36CC8DE659180B2FAC9A6F54430D5941 b/id/server/data/deploy/conf/moa-id/certs/certstore/23A16796B3D718035F1E0DB209A42938767631DA/1C43C0BA36CC8DE659180B2FAC9A6F54430D5941 Binary files differdeleted file mode 100644 index d2e7db667..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/23A16796B3D718035F1E0DB209A42938767631DA/1C43C0BA36CC8DE659180B2FAC9A6F54430D5941 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/23A16796B3D718035F1E0DB209A42938767631DA/AC36A78C66FEC87CC0FD2C32B49214C65676E0C5 b/id/server/data/deploy/conf/moa-id/certs/certstore/23A16796B3D718035F1E0DB209A42938767631DA/AC36A78C66FEC87CC0FD2C32B49214C65676E0C5 Binary files differdeleted file mode 100644 index f2f1c6562..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/23A16796B3D718035F1E0DB209A42938767631DA/AC36A78C66FEC87CC0FD2C32B49214C65676E0C5 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/23A16796B3D718035F1E0DB209A42938767631DA/C92238A7178A6C61F8BACA22D6CF7E50772BA9F0 b/id/server/data/deploy/conf/moa-id/certs/certstore/23A16796B3D718035F1E0DB209A42938767631DA/C92238A7178A6C61F8BACA22D6CF7E50772BA9F0 Binary files differdeleted file mode 100644 index 476a3efb2..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/23A16796B3D718035F1E0DB209A42938767631DA/C92238A7178A6C61F8BACA22D6CF7E50772BA9F0 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/23A16796B3D718035F1E0DB209A42938767631DA/DFAE695342AC81A521025904406884399822B233 b/id/server/data/deploy/conf/moa-id/certs/certstore/23A16796B3D718035F1E0DB209A42938767631DA/DFAE695342AC81A521025904406884399822B233 Binary files differdeleted file mode 100644 index 5c88b668a..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/23A16796B3D718035F1E0DB209A42938767631DA/DFAE695342AC81A521025904406884399822B233 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/2962CDAADFA0BF8EE53B80870C53E551A43EA72A/12B06E039F1A36D8238AFC508009E1ADF88BF66F b/id/server/data/deploy/conf/moa-id/certs/certstore/2962CDAADFA0BF8EE53B80870C53E551A43EA72A/12B06E039F1A36D8238AFC508009E1ADF88BF66F Binary files differdeleted file mode 100644 index 4d1852203..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/2962CDAADFA0BF8EE53B80870C53E551A43EA72A/12B06E039F1A36D8238AFC508009E1ADF88BF66F +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/2C976220B378E08DF5E68CBC54C05CE41224FD29/0CC37CC35E18F9909E43E4E9894D0CDF06EE9A38 b/id/server/data/deploy/conf/moa-id/certs/certstore/2C976220B378E08DF5E68CBC54C05CE41224FD29/0CC37CC35E18F9909E43E4E9894D0CDF06EE9A38 Binary files differdeleted file mode 100644 index 69a8e4872..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/2C976220B378E08DF5E68CBC54C05CE41224FD29/0CC37CC35E18F9909E43E4E9894D0CDF06EE9A38 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/2F5DA022AAFF668F34C35A80049D690F3CFE3040/D62327E6B19B7968A8BE6588DEAB0BC0DB684D8D b/id/server/data/deploy/conf/moa-id/certs/certstore/2F5DA022AAFF668F34C35A80049D690F3CFE3040/D62327E6B19B7968A8BE6588DEAB0BC0DB684D8D Binary files differdeleted file mode 100644 index 807fa786c..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/2F5DA022AAFF668F34C35A80049D690F3CFE3040/D62327E6B19B7968A8BE6588DEAB0BC0DB684D8D +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/31B5BA02D476873C5220CDCFA0C095C4A31DEFDF/88D6151358A5E3C81D7AE1A536121DC03011BC03 b/id/server/data/deploy/conf/moa-id/certs/certstore/31B5BA02D476873C5220CDCFA0C095C4A31DEFDF/88D6151358A5E3C81D7AE1A536121DC03011BC03 Binary files differdeleted file mode 100644 index 376d0753f..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/31B5BA02D476873C5220CDCFA0C095C4A31DEFDF/88D6151358A5E3C81D7AE1A536121DC03011BC03 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/328AA897B7E6270202B2FC0889FF88D66BB41122/35A40EF932B1F23980E2C672FC939E91EEBD0317 b/id/server/data/deploy/conf/moa-id/certs/certstore/328AA897B7E6270202B2FC0889FF88D66BB41122/35A40EF932B1F23980E2C672FC939E91EEBD0317 Binary files differdeleted file mode 100644 index 73553b996..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/328AA897B7E6270202B2FC0889FF88D66BB41122/35A40EF932B1F23980E2C672FC939E91EEBD0317 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/3314CE3E42175EACC28D57C35F192430BBADAC1A/B1D0BC027906A3B7E7518C93ACB26D978233ED27 b/id/server/data/deploy/conf/moa-id/certs/certstore/3314CE3E42175EACC28D57C35F192430BBADAC1A/B1D0BC027906A3B7E7518C93ACB26D978233ED27 Binary files differdeleted file mode 100644 index 5171276f4..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/3314CE3E42175EACC28D57C35F192430BBADAC1A/B1D0BC027906A3B7E7518C93ACB26D978233ED27 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/337F895A0435AA7E2629C5282B5A0DBBE19EE1C7/75F792DE2CF544007F470F1B924961C2BD2EF517 b/id/server/data/deploy/conf/moa-id/certs/certstore/337F895A0435AA7E2629C5282B5A0DBBE19EE1C7/75F792DE2CF544007F470F1B924961C2BD2EF517 Binary files differdeleted file mode 100644 index f8a8957ac..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/337F895A0435AA7E2629C5282B5A0DBBE19EE1C7/75F792DE2CF544007F470F1B924961C2BD2EF517 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/349CA7B279F4EF3C085B1E8D08AA5DE3EC586188/08BBE8E906397158FA4BF4058BBBDB5EA11BAE82 b/id/server/data/deploy/conf/moa-id/certs/certstore/349CA7B279F4EF3C085B1E8D08AA5DE3EC586188/08BBE8E906397158FA4BF4058BBBDB5EA11BAE82 Binary files differdeleted file mode 100644 index 167c36411..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/349CA7B279F4EF3C085B1E8D08AA5DE3EC586188/08BBE8E906397158FA4BF4058BBBDB5EA11BAE82 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/3868959083AA986194E58E73798BCD724D785A0E/66AB66128A44574873E54E6584E450C4EB3B9A1E b/id/server/data/deploy/conf/moa-id/certs/certstore/3868959083AA986194E58E73798BCD724D785A0E/66AB66128A44574873E54E6584E450C4EB3B9A1E Binary files differdeleted file mode 100644 index ed5ba194c..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/3868959083AA986194E58E73798BCD724D785A0E/66AB66128A44574873E54E6584E450C4EB3B9A1E +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/3A095C38EB5D5824FE61BE43F9CDF6515DC94805/65698A39E03FF00FD552D4AD99FB290C2B9D4BEA b/id/server/data/deploy/conf/moa-id/certs/certstore/3A095C38EB5D5824FE61BE43F9CDF6515DC94805/65698A39E03FF00FD552D4AD99FB290C2B9D4BEA Binary files differdeleted file mode 100644 index 836ba3767..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/3A095C38EB5D5824FE61BE43F9CDF6515DC94805/65698A39E03FF00FD552D4AD99FB290C2B9D4BEA +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/04CF0318BA0B54DD76E1DE143445210BDD32E299 b/id/server/data/deploy/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/04CF0318BA0B54DD76E1DE143445210BDD32E299 Binary files differdeleted file mode 100644 index 8d33015f9..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/04CF0318BA0B54DD76E1DE143445210BDD32E299 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/0F5A0342F5CD448799C3C6D178607E3F2B5BCB8F b/id/server/data/deploy/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/0F5A0342F5CD448799C3C6D178607E3F2B5BCB8F Binary files differdeleted file mode 100644 index 69de75609..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/0F5A0342F5CD448799C3C6D178607E3F2B5BCB8F +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/51A44C28F313E3F9CB5E7C0A1E0E0DD2843758AE b/id/server/data/deploy/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/51A44C28F313E3F9CB5E7C0A1E0E0DD2843758AE Binary files differdeleted file mode 100644 index efa28178e..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/51A44C28F313E3F9CB5E7C0A1E0E0DD2843758AE +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/9E0512DD61DA5949D1D8631C3F19D75F496C3733 b/id/server/data/deploy/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/9E0512DD61DA5949D1D8631C3F19D75F496C3733 Binary files differdeleted file mode 100644 index 289fc2198..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/9E0512DD61DA5949D1D8631C3F19D75F496C3733 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/E6E6FC88719177C9B7421825757C5E47BCAC85F6 b/id/server/data/deploy/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/E6E6FC88719177C9B7421825757C5E47BCAC85F6 Binary files differdeleted file mode 100644 index b7d4b08a6..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/E6E6FC88719177C9B7421825757C5E47BCAC85F6 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/3B76D7A5CE7EC6022D7990CFEA534C908717DF54/C0C699EFE6E837CB5E4CFC3A61077617A22C1A9E b/id/server/data/deploy/conf/moa-id/certs/certstore/3B76D7A5CE7EC6022D7990CFEA534C908717DF54/C0C699EFE6E837CB5E4CFC3A61077617A22C1A9E Binary files differdeleted file mode 100644 index b2beddaa5..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/3B76D7A5CE7EC6022D7990CFEA534C908717DF54/C0C699EFE6E837CB5E4CFC3A61077617A22C1A9E +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/3C025917C3C938FEB856E5440D28E4A568C311DC/A2F138CD16AD04BC3F145E3780BFA169BFDA263B b/id/server/data/deploy/conf/moa-id/certs/certstore/3C025917C3C938FEB856E5440D28E4A568C311DC/A2F138CD16AD04BC3F145E3780BFA169BFDA263B Binary files differdeleted file mode 100644 index 414123ece..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/3C025917C3C938FEB856E5440D28E4A568C311DC/A2F138CD16AD04BC3F145E3780BFA169BFDA263B +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/3C627C9D89A5BFB5E4E385982DF33B7E7F6E8D2D/C5AC86EC5B771BEBDF8B6E040F109A1186E229B9 b/id/server/data/deploy/conf/moa-id/certs/certstore/3C627C9D89A5BFB5E4E385982DF33B7E7F6E8D2D/C5AC86EC5B771BEBDF8B6E040F109A1186E229B9 Binary files differdeleted file mode 100644 index 54893c9d6..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/3C627C9D89A5BFB5E4E385982DF33B7E7F6E8D2D/C5AC86EC5B771BEBDF8B6E040F109A1186E229B9 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/3C7CE93947421CB66603DC7DBAB0F04C4788382F/23E594945195F2414803B4D564D2A3A3F5D88B8C b/id/server/data/deploy/conf/moa-id/certs/certstore/3C7CE93947421CB66603DC7DBAB0F04C4788382F/23E594945195F2414803B4D564D2A3A3F5D88B8C Binary files differdeleted file mode 100644 index 8588ce58a..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/3C7CE93947421CB66603DC7DBAB0F04C4788382F/23E594945195F2414803B4D564D2A3A3F5D88B8C +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/405D86C9D39B1061885678ED90780A0F04A76327/6F61A0C50B4E6ED821F032A4DF3DA7DDDFD2FE6A b/id/server/data/deploy/conf/moa-id/certs/certstore/405D86C9D39B1061885678ED90780A0F04A76327/6F61A0C50B4E6ED821F032A4DF3DA7DDDFD2FE6A Binary files differdeleted file mode 100644 index 141b05ef4..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/405D86C9D39B1061885678ED90780A0F04A76327/6F61A0C50B4E6ED821F032A4DF3DA7DDDFD2FE6A +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/4224231A54F64581FBA2AB6ED82ADE467F144BDC/65EF37033859C2F709A64086D3A5BD1B8F1A85A4 b/id/server/data/deploy/conf/moa-id/certs/certstore/4224231A54F64581FBA2AB6ED82ADE467F144BDC/65EF37033859C2F709A64086D3A5BD1B8F1A85A4 Binary files differdeleted file mode 100644 index 6e17b9db5..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/4224231A54F64581FBA2AB6ED82ADE467F144BDC/65EF37033859C2F709A64086D3A5BD1B8F1A85A4 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/427765A998398EE1B138ABDBA20313DC4A3738A0/07298E24461954E4696D2ED9FFB7D52B57F325B3 b/id/server/data/deploy/conf/moa-id/certs/certstore/427765A998398EE1B138ABDBA20313DC4A3738A0/07298E24461954E4696D2ED9FFB7D52B57F325B3 Binary files differdeleted file mode 100644 index 33e1ee94b..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/427765A998398EE1B138ABDBA20313DC4A3738A0/07298E24461954E4696D2ED9FFB7D52B57F325B3 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/427765A998398EE1B138ABDBA20313DC4A3738A0/B630DB0DB940BCE72B2E09868B4CA0A92BBC1D15 b/id/server/data/deploy/conf/moa-id/certs/certstore/427765A998398EE1B138ABDBA20313DC4A3738A0/B630DB0DB940BCE72B2E09868B4CA0A92BBC1D15 Binary files differdeleted file mode 100644 index 694e6828b..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/427765A998398EE1B138ABDBA20313DC4A3738A0/B630DB0DB940BCE72B2E09868B4CA0A92BBC1D15 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/45E2F3F807C6EAB9EDC1B3250F7558CA12A063DE/3A77E9B577661D99F9BBA5A352B29C7FF58A3D26 b/id/server/data/deploy/conf/moa-id/certs/certstore/45E2F3F807C6EAB9EDC1B3250F7558CA12A063DE/3A77E9B577661D99F9BBA5A352B29C7FF58A3D26 Binary files differdeleted file mode 100644 index 55707d69f..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/45E2F3F807C6EAB9EDC1B3250F7558CA12A063DE/3A77E9B577661D99F9BBA5A352B29C7FF58A3D26 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/47ED4C584F9DCD54A6C2925252C5603ADAC93F49/84E4E75DBB2FD6397E6ABBD27FBE16D5BA71923E b/id/server/data/deploy/conf/moa-id/certs/certstore/47ED4C584F9DCD54A6C2925252C5603ADAC93F49/84E4E75DBB2FD6397E6ABBD27FBE16D5BA71923E Binary files differdeleted file mode 100644 index 3be7b6a06..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/47ED4C584F9DCD54A6C2925252C5603ADAC93F49/84E4E75DBB2FD6397E6ABBD27FBE16D5BA71923E +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/487F4DEE9E63DADEB4CAAB07E0E166ACC9F584B6/9891BBEA9FDA665EEEC31C403A00A5CA5628D0FA b/id/server/data/deploy/conf/moa-id/certs/certstore/487F4DEE9E63DADEB4CAAB07E0E166ACC9F584B6/9891BBEA9FDA665EEEC31C403A00A5CA5628D0FA Binary files differdeleted file mode 100644 index 4e18de8d7..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/487F4DEE9E63DADEB4CAAB07E0E166ACC9F584B6/9891BBEA9FDA665EEEC31C403A00A5CA5628D0FA +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/4C7CAA9FE9C08078541DA31B76FF0951E73480FF/C23FC1895966021249B35412C0C8C56D107732DE b/id/server/data/deploy/conf/moa-id/certs/certstore/4C7CAA9FE9C08078541DA31B76FF0951E73480FF/C23FC1895966021249B35412C0C8C56D107732DE Binary files differdeleted file mode 100644 index c4d97cda3..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/4C7CAA9FE9C08078541DA31B76FF0951E73480FF/C23FC1895966021249B35412C0C8C56D107732DE +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/52B42552A440A54C21A39D46D7F176AF28BEB5AA/51AC8CFF36818AA25498A293DF48EBCFFFF6D0B4 b/id/server/data/deploy/conf/moa-id/certs/certstore/52B42552A440A54C21A39D46D7F176AF28BEB5AA/51AC8CFF36818AA25498A293DF48EBCFFFF6D0B4 Binary files differdeleted file mode 100644 index 9b2ee0fc6..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/52B42552A440A54C21A39D46D7F176AF28BEB5AA/51AC8CFF36818AA25498A293DF48EBCFFFF6D0B4 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/53CF955B19387A437659158BC050B7BC4B238132/F5F2456D79490C268569970E900C68FD1C7DC8E5 b/id/server/data/deploy/conf/moa-id/certs/certstore/53CF955B19387A437659158BC050B7BC4B238132/F5F2456D79490C268569970E900C68FD1C7DC8E5 Binary files differdeleted file mode 100644 index b2a1e145f..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/53CF955B19387A437659158BC050B7BC4B238132/F5F2456D79490C268569970E900C68FD1C7DC8E5 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/550E9627E9094A2D1BB6385821334D02122BCF26/B7BCA7BC3C41FD0DC835175486FAB3FB4626EC0F b/id/server/data/deploy/conf/moa-id/certs/certstore/550E9627E9094A2D1BB6385821334D02122BCF26/B7BCA7BC3C41FD0DC835175486FAB3FB4626EC0F Binary files differdeleted file mode 100644 index 5dd9558d0..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/550E9627E9094A2D1BB6385821334D02122BCF26/B7BCA7BC3C41FD0DC835175486FAB3FB4626EC0F +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/562428A359B1CC3A820ABCC9C8F625CBB6A6A510/620127A8E5886A4805403977C3EF7D5EAF881526 b/id/server/data/deploy/conf/moa-id/certs/certstore/562428A359B1CC3A820ABCC9C8F625CBB6A6A510/620127A8E5886A4805403977C3EF7D5EAF881526 Binary files differdeleted file mode 100644 index da38ce028..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/562428A359B1CC3A820ABCC9C8F625CBB6A6A510/620127A8E5886A4805403977C3EF7D5EAF881526 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/562428A359B1CC3A820ABCC9C8F625CBB6A6A510/FCD9E881BCCCB9352EEF337C8D4EAAD65C4EC830 b/id/server/data/deploy/conf/moa-id/certs/certstore/562428A359B1CC3A820ABCC9C8F625CBB6A6A510/FCD9E881BCCCB9352EEF337C8D4EAAD65C4EC830 Binary files differdeleted file mode 100644 index 7e9fd5b0b..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/562428A359B1CC3A820ABCC9C8F625CBB6A6A510/FCD9E881BCCCB9352EEF337C8D4EAAD65C4EC830 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/5650A465FD3B5EF83639E11F324A2A0EA98AF935/4B5B0C2A0BF944CD467A6140F8C782E2BE9D15F9 b/id/server/data/deploy/conf/moa-id/certs/certstore/5650A465FD3B5EF83639E11F324A2A0EA98AF935/4B5B0C2A0BF944CD467A6140F8C782E2BE9D15F9 Binary files differdeleted file mode 100644 index 640918641..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/5650A465FD3B5EF83639E11F324A2A0EA98AF935/4B5B0C2A0BF944CD467A6140F8C782E2BE9D15F9 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/58090A698038FEDAD56B4B976F23C29950D1D5A5/6BDA1FF41EEBC5DA66912F3C69B60C2A41C6E25B b/id/server/data/deploy/conf/moa-id/certs/certstore/58090A698038FEDAD56B4B976F23C29950D1D5A5/6BDA1FF41EEBC5DA66912F3C69B60C2A41C6E25B Binary files differdeleted file mode 100644 index b15880c29..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/58090A698038FEDAD56B4B976F23C29950D1D5A5/6BDA1FF41EEBC5DA66912F3C69B60C2A41C6E25B +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/59484253C7D4C5BEAB7D2BABFAC13DDD1CA53FCC/341EA32E448659125A67DD04177FD17468FCFCB1 b/id/server/data/deploy/conf/moa-id/certs/certstore/59484253C7D4C5BEAB7D2BABFAC13DDD1CA53FCC/341EA32E448659125A67DD04177FD17468FCFCB1 Binary files differdeleted file mode 100644 index 6da18c620..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/59484253C7D4C5BEAB7D2BABFAC13DDD1CA53FCC/341EA32E448659125A67DD04177FD17468FCFCB1 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/5E043AA9A832C33C7065B7633F4C007E0394BA19/069519EC949AC6B91D4C33A3F3665441F0220D20 b/id/server/data/deploy/conf/moa-id/certs/certstore/5E043AA9A832C33C7065B7633F4C007E0394BA19/069519EC949AC6B91D4C33A3F3665441F0220D20 Binary files differdeleted file mode 100644 index 8b501d747..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/5E043AA9A832C33C7065B7633F4C007E0394BA19/069519EC949AC6B91D4C33A3F3665441F0220D20 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/5E043AA9A832C33C7065B7633F4C007E0394BA19/2F5EBA5055E9F7444852ADCEEB769E5DE157A03D b/id/server/data/deploy/conf/moa-id/certs/certstore/5E043AA9A832C33C7065B7633F4C007E0394BA19/2F5EBA5055E9F7444852ADCEEB769E5DE157A03D Binary files differdeleted file mode 100644 index b4b128903..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/5E043AA9A832C33C7065B7633F4C007E0394BA19/2F5EBA5055E9F7444852ADCEEB769E5DE157A03D +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/60EF765436B4F314F2285BE2D89A511073AC0D58/334710B9169BCD20687A6302EEB16AEB97F288CD b/id/server/data/deploy/conf/moa-id/certs/certstore/60EF765436B4F314F2285BE2D89A511073AC0D58/334710B9169BCD20687A6302EEB16AEB97F288CD Binary files differdeleted file mode 100644 index c19647ad8..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/60EF765436B4F314F2285BE2D89A511073AC0D58/334710B9169BCD20687A6302EEB16AEB97F288CD +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/6144BFC0CBE85C63DEFB6F208D80385B89F68046/D031945D982820B92FADBC7F71F6D1D9DFFDA2C9 b/id/server/data/deploy/conf/moa-id/certs/certstore/6144BFC0CBE85C63DEFB6F208D80385B89F68046/D031945D982820B92FADBC7F71F6D1D9DFFDA2C9 Binary files differdeleted file mode 100644 index 39f88d881..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/6144BFC0CBE85C63DEFB6F208D80385B89F68046/D031945D982820B92FADBC7F71F6D1D9DFFDA2C9 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/68AF646E90A6FF370230F64ACD4E8A4F12C03916/CA80A13D41116E24CB1479E970CDC1C030C5907C b/id/server/data/deploy/conf/moa-id/certs/certstore/68AF646E90A6FF370230F64ACD4E8A4F12C03916/CA80A13D41116E24CB1479E970CDC1C030C5907C Binary files differdeleted file mode 100644 index 277b6083a..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/68AF646E90A6FF370230F64ACD4E8A4F12C03916/CA80A13D41116E24CB1479E970CDC1C030C5907C +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/6F5F08A3A5D59CA877CB146F00BB0264369B2304/7A2CFA69FCA284D4627012A7A55662594C803B2A b/id/server/data/deploy/conf/moa-id/certs/certstore/6F5F08A3A5D59CA877CB146F00BB0264369B2304/7A2CFA69FCA284D4627012A7A55662594C803B2A Binary files differdeleted file mode 100644 index ad13d7b28..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/6F5F08A3A5D59CA877CB146F00BB0264369B2304/7A2CFA69FCA284D4627012A7A55662594C803B2A +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/6F5F08A3A5D59CA877CB146F00BB0264369B2304/ADEC5673B57A18F16EFAF75EEFBFAD4841E2CD2B b/id/server/data/deploy/conf/moa-id/certs/certstore/6F5F08A3A5D59CA877CB146F00BB0264369B2304/ADEC5673B57A18F16EFAF75EEFBFAD4841E2CD2B Binary files differdeleted file mode 100644 index d361d919f..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/6F5F08A3A5D59CA877CB146F00BB0264369B2304/ADEC5673B57A18F16EFAF75EEFBFAD4841E2CD2B +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/6F86F897C45679B45F03C67D44B6447EFF43B758/53CB69CF933C2D28FB9DF91F2852A99EC3352EA0 b/id/server/data/deploy/conf/moa-id/certs/certstore/6F86F897C45679B45F03C67D44B6447EFF43B758/53CB69CF933C2D28FB9DF91F2852A99EC3352EA0 Binary files differdeleted file mode 100644 index 89cfe44fd..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/6F86F897C45679B45F03C67D44B6447EFF43B758/53CB69CF933C2D28FB9DF91F2852A99EC3352EA0 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/728C819D737EE42627F96F839C33BB6E68E85F68/00845B74CA13FE0A9056E6C0B5126FECF73B0D8C b/id/server/data/deploy/conf/moa-id/certs/certstore/728C819D737EE42627F96F839C33BB6E68E85F68/00845B74CA13FE0A9056E6C0B5126FECF73B0D8C Binary files differdeleted file mode 100644 index cc8b505ec..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/728C819D737EE42627F96F839C33BB6E68E85F68/00845B74CA13FE0A9056E6C0B5126FECF73B0D8C +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/738B34854780955AE8FAF12349F2C9C52105A52C/474BC41135FB88BF58B5A8D976A1D5583378D85E b/id/server/data/deploy/conf/moa-id/certs/certstore/738B34854780955AE8FAF12349F2C9C52105A52C/474BC41135FB88BF58B5A8D976A1D5583378D85E Binary files differdeleted file mode 100644 index c9da41583..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/738B34854780955AE8FAF12349F2C9C52105A52C/474BC41135FB88BF58B5A8D976A1D5583378D85E +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/738B34854780955AE8FAF12349F2C9C52105A52C/6B618820CE6A5EC0B5E63A9170335E5EA9F3BA01 b/id/server/data/deploy/conf/moa-id/certs/certstore/738B34854780955AE8FAF12349F2C9C52105A52C/6B618820CE6A5EC0B5E63A9170335E5EA9F3BA01 Binary files differdeleted file mode 100644 index 28fbdf42f..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/738B34854780955AE8FAF12349F2C9C52105A52C/6B618820CE6A5EC0B5E63A9170335E5EA9F3BA01 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/76011AE57123CC4E476C094C48C461DC37A0DEDD/FDC348410699803DE7D8276813BC2232EA99A878 b/id/server/data/deploy/conf/moa-id/certs/certstore/76011AE57123CC4E476C094C48C461DC37A0DEDD/FDC348410699803DE7D8276813BC2232EA99A878 Binary files differdeleted file mode 100644 index 424f849a1..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/76011AE57123CC4E476C094C48C461DC37A0DEDD/FDC348410699803DE7D8276813BC2232EA99A878 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/7A9DC855647136050A8D75D6571AC64739F36C6C/BF648929E7DAABD8D97B3202F48D6C4A19C78F6C b/id/server/data/deploy/conf/moa-id/certs/certstore/7A9DC855647136050A8D75D6571AC64739F36C6C/BF648929E7DAABD8D97B3202F48D6C4A19C78F6C Binary files differdeleted file mode 100644 index 4989f3e73..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/7A9DC855647136050A8D75D6571AC64739F36C6C/BF648929E7DAABD8D97B3202F48D6C4A19C78F6C +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/88BBA52A5AF119284F03A7D0D1DA61934EE57A79/FE4F09F5D1A4AADE9232D9E2D6B9A2552BC48A22 b/id/server/data/deploy/conf/moa-id/certs/certstore/88BBA52A5AF119284F03A7D0D1DA61934EE57A79/FE4F09F5D1A4AADE9232D9E2D6B9A2552BC48A22 Binary files differdeleted file mode 100644 index a699436ca..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/88BBA52A5AF119284F03A7D0D1DA61934EE57A79/FE4F09F5D1A4AADE9232D9E2D6B9A2552BC48A22 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/88D9F0C0EBB72C58516EC96AEED397FA86B40E39/6DCD5118D1542E6C205C580775C5420B7509506B b/id/server/data/deploy/conf/moa-id/certs/certstore/88D9F0C0EBB72C58516EC96AEED397FA86B40E39/6DCD5118D1542E6C205C580775C5420B7509506B Binary files differdeleted file mode 100644 index 06b40aa67..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/88D9F0C0EBB72C58516EC96AEED397FA86B40E39/6DCD5118D1542E6C205C580775C5420B7509506B +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/8B23D64DBA1572885563DF070BE9C22A39A3BD26/3B8484BF1370941BF03F206B5C4958DA4E1559BB b/id/server/data/deploy/conf/moa-id/certs/certstore/8B23D64DBA1572885563DF070BE9C22A39A3BD26/3B8484BF1370941BF03F206B5C4958DA4E1559BB Binary files differdeleted file mode 100644 index 6f97837a2..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/8B23D64DBA1572885563DF070BE9C22A39A3BD26/3B8484BF1370941BF03F206B5C4958DA4E1559BB +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/8B23D64DBA1572885563DF070BE9C22A39A3BD26/6DD653FB8FE2614249924274043E834664EBE980 b/id/server/data/deploy/conf/moa-id/certs/certstore/8B23D64DBA1572885563DF070BE9C22A39A3BD26/6DD653FB8FE2614249924274043E834664EBE980 Binary files differdeleted file mode 100644 index d7799119f..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/8B23D64DBA1572885563DF070BE9C22A39A3BD26/6DD653FB8FE2614249924274043E834664EBE980 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/8B23D64DBA1572885563DF070BE9C22A39A3BD26/C0EF3E7A54B4C501295F77974B1995E36B25C92B b/id/server/data/deploy/conf/moa-id/certs/certstore/8B23D64DBA1572885563DF070BE9C22A39A3BD26/C0EF3E7A54B4C501295F77974B1995E36B25C92B Binary files differdeleted file mode 100644 index 508f7f076..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/8B23D64DBA1572885563DF070BE9C22A39A3BD26/C0EF3E7A54B4C501295F77974B1995E36B25C92B +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/8B23D64DBA1572885563DF070BE9C22A39A3BD26/D29172D3F501A2D7A47F702633044F519A3A5F0B b/id/server/data/deploy/conf/moa-id/certs/certstore/8B23D64DBA1572885563DF070BE9C22A39A3BD26/D29172D3F501A2D7A47F702633044F519A3A5F0B Binary files differdeleted file mode 100644 index c0feb0d0e..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/8B23D64DBA1572885563DF070BE9C22A39A3BD26/D29172D3F501A2D7A47F702633044F519A3A5F0B +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/8FDB1CB752D82C88C89F9E9DA7AD2F54C6FA6F3B/842B3870A64001CDD90978D0E554DAF94D9ABDFE b/id/server/data/deploy/conf/moa-id/certs/certstore/8FDB1CB752D82C88C89F9E9DA7AD2F54C6FA6F3B/842B3870A64001CDD90978D0E554DAF94D9ABDFE Binary files differdeleted file mode 100644 index a0e3fdda1..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/8FDB1CB752D82C88C89F9E9DA7AD2F54C6FA6F3B/842B3870A64001CDD90978D0E554DAF94D9ABDFE +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/9014D44A2072A5D74E12C7FE47F37D68371E1C42/679A4F81FC705DDEC419778DD2EBD875F4C242C6 b/id/server/data/deploy/conf/moa-id/certs/certstore/9014D44A2072A5D74E12C7FE47F37D68371E1C42/679A4F81FC705DDEC419778DD2EBD875F4C242C6 Binary files differdeleted file mode 100644 index 36a442b89..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/9014D44A2072A5D74E12C7FE47F37D68371E1C42/679A4F81FC705DDEC419778DD2EBD875F4C242C6 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/9014D44A2072A5D74E12C7FE47F37D68371E1C42/82096E6D9B1248321625323D52858642CB0B748E b/id/server/data/deploy/conf/moa-id/certs/certstore/9014D44A2072A5D74E12C7FE47F37D68371E1C42/82096E6D9B1248321625323D52858642CB0B748E Binary files differdeleted file mode 100644 index 54f809962..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/9014D44A2072A5D74E12C7FE47F37D68371E1C42/82096E6D9B1248321625323D52858642CB0B748E +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/91C4DD783D6D38F0325FE74930BF61F656364EA9/53A6B611F8CEE0315BCCE5D59898931ED390E400 b/id/server/data/deploy/conf/moa-id/certs/certstore/91C4DD783D6D38F0325FE74930BF61F656364EA9/53A6B611F8CEE0315BCCE5D59898931ED390E400 Binary files differdeleted file mode 100644 index 6c0216239..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/91C4DD783D6D38F0325FE74930BF61F656364EA9/53A6B611F8CEE0315BCCE5D59898931ED390E400 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/92E5C38466AECA677325C25C3C3011C97D24CCF6/A149EE01A250491C07D5A279D3B58A646288DA22 b/id/server/data/deploy/conf/moa-id/certs/certstore/92E5C38466AECA677325C25C3C3011C97D24CCF6/A149EE01A250491C07D5A279D3B58A646288DA22 Binary files differdeleted file mode 100644 index 7c6adedf5..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/92E5C38466AECA677325C25C3C3011C97D24CCF6/A149EE01A250491C07D5A279D3B58A646288DA22 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/92E5C38466AECA677325C25C3C3011C97D24CCF6/AD8ECBB67B9DC59406F92A296A38192297A4F169 b/id/server/data/deploy/conf/moa-id/certs/certstore/92E5C38466AECA677325C25C3C3011C97D24CCF6/AD8ECBB67B9DC59406F92A296A38192297A4F169 Binary files differdeleted file mode 100644 index 70f5b7c91..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/92E5C38466AECA677325C25C3C3011C97D24CCF6/AD8ECBB67B9DC59406F92A296A38192297A4F169 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/96107213A757FFB88DECEE469373162636D7146C/45B43346251FDF9E95DCB7F36928785D46D63913 b/id/server/data/deploy/conf/moa-id/certs/certstore/96107213A757FFB88DECEE469373162636D7146C/45B43346251FDF9E95DCB7F36928785D46D63913 Binary files differdeleted file mode 100644 index f3cf5e676..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/96107213A757FFB88DECEE469373162636D7146C/45B43346251FDF9E95DCB7F36928785D46D63913 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/96107213A757FFB88DECEE469373162636D7146C/E33619C88426E4FE956041E6751ADDEC9C10F0BC b/id/server/data/deploy/conf/moa-id/certs/certstore/96107213A757FFB88DECEE469373162636D7146C/E33619C88426E4FE956041E6751ADDEC9C10F0BC Binary files differdeleted file mode 100644 index fc5bd433b..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/96107213A757FFB88DECEE469373162636D7146C/E33619C88426E4FE956041E6751ADDEC9C10F0BC +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/975729FFAF7EB667BCF68E9B886EA876E44F46D0/35202B14F69409EAA51CD8AB547AC0CD5E993F3F b/id/server/data/deploy/conf/moa-id/certs/certstore/975729FFAF7EB667BCF68E9B886EA876E44F46D0/35202B14F69409EAA51CD8AB547AC0CD5E993F3F Binary files differdeleted file mode 100644 index 3beb4529a..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/975729FFAF7EB667BCF68E9B886EA876E44F46D0/35202B14F69409EAA51CD8AB547AC0CD5E993F3F +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/9C5C7CD895AABBFF23E79907A97FB2D68423CA8E/41E3FCC9470F8634DBCB5CEA7FB688E04E7575BA b/id/server/data/deploy/conf/moa-id/certs/certstore/9C5C7CD895AABBFF23E79907A97FB2D68423CA8E/41E3FCC9470F8634DBCB5CEA7FB688E04E7575BA Binary files differdeleted file mode 100644 index 8ddc7d79b..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/9C5C7CD895AABBFF23E79907A97FB2D68423CA8E/41E3FCC9470F8634DBCB5CEA7FB688E04E7575BA +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/9C5C7CD895AABBFF23E79907A97FB2D68423CA8E/79B21E2743A879AFF5403ECEA09EAC2084EF4799 b/id/server/data/deploy/conf/moa-id/certs/certstore/9C5C7CD895AABBFF23E79907A97FB2D68423CA8E/79B21E2743A879AFF5403ECEA09EAC2084EF4799 Binary files differdeleted file mode 100644 index c9fd41f7f..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/9C5C7CD895AABBFF23E79907A97FB2D68423CA8E/79B21E2743A879AFF5403ECEA09EAC2084EF4799 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/9D3E6FACCD6AF894CDD2B91D1B9E3C2E310EAB93/3F4E01DF7547CDD38DCCFCCD76170C299ECEB9F6 b/id/server/data/deploy/conf/moa-id/certs/certstore/9D3E6FACCD6AF894CDD2B91D1B9E3C2E310EAB93/3F4E01DF7547CDD38DCCFCCD76170C299ECEB9F6 Binary files differdeleted file mode 100644 index 781d1e4f2..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/9D3E6FACCD6AF894CDD2B91D1B9E3C2E310EAB93/3F4E01DF7547CDD38DCCFCCD76170C299ECEB9F6 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/9D3E6FACCD6AF894CDD2B91D1B9E3C2E310EAB93/9D4CB7E3DBF24AE596972D59C375DD6384BB5E8B b/id/server/data/deploy/conf/moa-id/certs/certstore/9D3E6FACCD6AF894CDD2B91D1B9E3C2E310EAB93/9D4CB7E3DBF24AE596972D59C375DD6384BB5E8B Binary files differdeleted file mode 100644 index 8286cabbc..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/9D3E6FACCD6AF894CDD2B91D1B9E3C2E310EAB93/9D4CB7E3DBF24AE596972D59C375DD6384BB5E8B +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/9D3E6FACCD6AF894CDD2B91D1B9E3C2E310EAB93/A562C4B99E2847251CB4A1F05DA1FF43E7296F0B b/id/server/data/deploy/conf/moa-id/certs/certstore/9D3E6FACCD6AF894CDD2B91D1B9E3C2E310EAB93/A562C4B99E2847251CB4A1F05DA1FF43E7296F0B Binary files differdeleted file mode 100644 index a0148f63b..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/9D3E6FACCD6AF894CDD2B91D1B9E3C2E310EAB93/A562C4B99E2847251CB4A1F05DA1FF43E7296F0B +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/9F5A9B8D0F919C96B9472442BFBBDD34232A627D/9039DBD29DB8AD0F8E2015F05FCD40582CCCBE8C b/id/server/data/deploy/conf/moa-id/certs/certstore/9F5A9B8D0F919C96B9472442BFBBDD34232A627D/9039DBD29DB8AD0F8E2015F05FCD40582CCCBE8C Binary files differdeleted file mode 100644 index 61d346a8f..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/9F5A9B8D0F919C96B9472442BFBBDD34232A627D/9039DBD29DB8AD0F8E2015F05FCD40582CCCBE8C +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/9F5A9B8D0F919C96B9472442BFBBDD34232A627D/9F0E0FBB25F66FF88C8E033EFF358923C84A2926 b/id/server/data/deploy/conf/moa-id/certs/certstore/9F5A9B8D0F919C96B9472442BFBBDD34232A627D/9F0E0FBB25F66FF88C8E033EFF358923C84A2926 Binary files differdeleted file mode 100644 index 9ae7ffa0c..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/9F5A9B8D0F919C96B9472442BFBBDD34232A627D/9F0E0FBB25F66FF88C8E033EFF358923C84A2926 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/9F5A9B8D0F919C96B9472442BFBBDD34232A627D/C87D1855227D995C332C4C9072A2E2053F2CC623 b/id/server/data/deploy/conf/moa-id/certs/certstore/9F5A9B8D0F919C96B9472442BFBBDD34232A627D/C87D1855227D995C332C4C9072A2E2053F2CC623 Binary files differdeleted file mode 100644 index a68ae2db7..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/9F5A9B8D0F919C96B9472442BFBBDD34232A627D/C87D1855227D995C332C4C9072A2E2053F2CC623 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/A07E912CAA2AB620034B05353E7D4B91807880ED/42AD1897A4643D2AA634D980F16349E6694F3B1B b/id/server/data/deploy/conf/moa-id/certs/certstore/A07E912CAA2AB620034B05353E7D4B91807880ED/42AD1897A4643D2AA634D980F16349E6694F3B1B Binary files differdeleted file mode 100644 index f1d7b6a28..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/A07E912CAA2AB620034B05353E7D4B91807880ED/42AD1897A4643D2AA634D980F16349E6694F3B1B +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/A07E912CAA2AB620034B05353E7D4B91807880ED/FE7891B6ED7B178F528A28B21478299F865889BD b/id/server/data/deploy/conf/moa-id/certs/certstore/A07E912CAA2AB620034B05353E7D4B91807880ED/FE7891B6ED7B178F528A28B21478299F865889BD Binary files differdeleted file mode 100644 index c1b90c0f4..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/A07E912CAA2AB620034B05353E7D4B91807880ED/FE7891B6ED7B178F528A28B21478299F865889BD +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/A15B5DBE14A19CF859F48E2DA2A29A4C3DB4D680/3AC12E21FFF9ACAB2BCFF52BBD885FB7AAC9A02B b/id/server/data/deploy/conf/moa-id/certs/certstore/A15B5DBE14A19CF859F48E2DA2A29A4C3DB4D680/3AC12E21FFF9ACAB2BCFF52BBD885FB7AAC9A02B Binary files differdeleted file mode 100644 index e27a87038..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/A15B5DBE14A19CF859F48E2DA2A29A4C3DB4D680/3AC12E21FFF9ACAB2BCFF52BBD885FB7AAC9A02B +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/A24C49B7F1B637E7F72C12CAB35910EC8EF1C6CF/8784ED81F5A22779EB0B081945FD151992557FBE b/id/server/data/deploy/conf/moa-id/certs/certstore/A24C49B7F1B637E7F72C12CAB35910EC8EF1C6CF/8784ED81F5A22779EB0B081945FD151992557FBE Binary files differdeleted file mode 100644 index cc35ba691..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/A24C49B7F1B637E7F72C12CAB35910EC8EF1C6CF/8784ED81F5A22779EB0B081945FD151992557FBE +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/A24C49B7F1B637E7F72C12CAB35910EC8EF1C6CF/88583DB03975127CB488CA7DDE303A1646CEA97B b/id/server/data/deploy/conf/moa-id/certs/certstore/A24C49B7F1B637E7F72C12CAB35910EC8EF1C6CF/88583DB03975127CB488CA7DDE303A1646CEA97B Binary files differdeleted file mode 100644 index 783dd271a..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/A24C49B7F1B637E7F72C12CAB35910EC8EF1C6CF/88583DB03975127CB488CA7DDE303A1646CEA97B +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/0C30A6F2950EFEFBAB5964DA9E0EED7C9DB115D8 b/id/server/data/deploy/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/0C30A6F2950EFEFBAB5964DA9E0EED7C9DB115D8 Binary files differdeleted file mode 100644 index 41dc7c553..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/0C30A6F2950EFEFBAB5964DA9E0EED7C9DB115D8 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/20CAECDCA766243AAD6FA1327618FC81BA65DC0F b/id/server/data/deploy/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/20CAECDCA766243AAD6FA1327618FC81BA65DC0F Binary files differdeleted file mode 100644 index b596d82e3..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/20CAECDCA766243AAD6FA1327618FC81BA65DC0F +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/96D5D179016A5A6546973BA63733617EE1F1540D b/id/server/data/deploy/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/96D5D179016A5A6546973BA63733617EE1F1540D Binary files differdeleted file mode 100644 index 4adc3b7ec..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/96D5D179016A5A6546973BA63733617EE1F1540D +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/CF236CF66379EA506F967D21F0E25E87529D9687 b/id/server/data/deploy/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/CF236CF66379EA506F967D21F0E25E87529D9687 Binary files differdeleted file mode 100644 index 1e4f22777..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/CF236CF66379EA506F967D21F0E25E87529D9687 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/FDD40A10FB9BE9DEB5B8AE76CC0184930EF8BB76 b/id/server/data/deploy/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/FDD40A10FB9BE9DEB5B8AE76CC0184930EF8BB76 Binary files differdeleted file mode 100644 index fe561ad6a..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/FDD40A10FB9BE9DEB5B8AE76CC0184930EF8BB76 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/A7437C35301BDB5349F320B62231615028F397F8/266FCA0265A576548425BDAE15448665EE8BB889 b/id/server/data/deploy/conf/moa-id/certs/certstore/A7437C35301BDB5349F320B62231615028F397F8/266FCA0265A576548425BDAE15448665EE8BB889 Binary files differdeleted file mode 100644 index 3754de603..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/A7437C35301BDB5349F320B62231615028F397F8/266FCA0265A576548425BDAE15448665EE8BB889 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/D4D1370FD1D9EAA46412008FF3E59E114BCF724A b/id/server/data/deploy/conf/moa-id/certs/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/D4D1370FD1D9EAA46412008FF3E59E114BCF724A Binary files differdeleted file mode 100644 index 3c7775b6e..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/D4D1370FD1D9EAA46412008FF3E59E114BCF724A +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/DFA7DDEF5C212F0F0651E2A9DE1CE4A1AC63AF7A b/id/server/data/deploy/conf/moa-id/certs/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/DFA7DDEF5C212F0F0651E2A9DE1CE4A1AC63AF7A Binary files differdeleted file mode 100644 index b6f39e354..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/DFA7DDEF5C212F0F0651E2A9DE1CE4A1AC63AF7A +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/E619D25B380B7B13FDA33E8A58CD82D8A88E0515 b/id/server/data/deploy/conf/moa-id/certs/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/E619D25B380B7B13FDA33E8A58CD82D8A88E0515 Binary files differdeleted file mode 100644 index f9fef65fc..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/E619D25B380B7B13FDA33E8A58CD82D8A88E0515 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/F825578F8F5484DFB40F81867C392D6CB0012B92 b/id/server/data/deploy/conf/moa-id/certs/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/F825578F8F5484DFB40F81867C392D6CB0012B92 Binary files differdeleted file mode 100644 index f9f27442b..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/F825578F8F5484DFB40F81867C392D6CB0012B92 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/AAB27F0E98B28AF253454415F6490CB5F43A4B49/A9D28607928FA8615E2615CC9D71B535C5D0D419 b/id/server/data/deploy/conf/moa-id/certs/certstore/AAB27F0E98B28AF253454415F6490CB5F43A4B49/A9D28607928FA8615E2615CC9D71B535C5D0D419 Binary files differdeleted file mode 100644 index 10a1f7141..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/AAB27F0E98B28AF253454415F6490CB5F43A4B49/A9D28607928FA8615E2615CC9D71B535C5D0D419 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/AC1B67D7D5A300767C0944ACE8458DD49960F1BD/4D523730501ADB80A76B0B473A4D21C7D86F8374 b/id/server/data/deploy/conf/moa-id/certs/certstore/AC1B67D7D5A300767C0944ACE8458DD49960F1BD/4D523730501ADB80A76B0B473A4D21C7D86F8374 Binary files differdeleted file mode 100644 index 61a7ccb15..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/AC1B67D7D5A300767C0944ACE8458DD49960F1BD/4D523730501ADB80A76B0B473A4D21C7D86F8374 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/AF03510E8BCAE72BB7C4E9D1910B4E12057075A4/7AC3EFA52DE27A930EC8754DB5E061476948E914 b/id/server/data/deploy/conf/moa-id/certs/certstore/AF03510E8BCAE72BB7C4E9D1910B4E12057075A4/7AC3EFA52DE27A930EC8754DB5E061476948E914 Binary files differdeleted file mode 100644 index 911640d0e..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/AF03510E8BCAE72BB7C4E9D1910B4E12057075A4/7AC3EFA52DE27A930EC8754DB5E061476948E914 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/B1A1ACC805C656EF257C5115509B977964591D7E/8944AF64790FA467C02424CB22523A068C3B72DB b/id/server/data/deploy/conf/moa-id/certs/certstore/B1A1ACC805C656EF257C5115509B977964591D7E/8944AF64790FA467C02424CB22523A068C3B72DB Binary files differdeleted file mode 100644 index a95605e5a..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/B1A1ACC805C656EF257C5115509B977964591D7E/8944AF64790FA467C02424CB22523A068C3B72DB +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/B293710691F553804016FCEC3428ABA1CB11ADF7/36B41A8B411985ED1032DBD85A154207164A9B85 b/id/server/data/deploy/conf/moa-id/certs/certstore/B293710691F553804016FCEC3428ABA1CB11ADF7/36B41A8B411985ED1032DBD85A154207164A9B85 Binary files differdeleted file mode 100644 index a365a465b..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/B293710691F553804016FCEC3428ABA1CB11ADF7/36B41A8B411985ED1032DBD85A154207164A9B85 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/B310CEED301C503EDB15720F94D5D7E76BF423DA/AA94FD422AEB8F5B6E8508314CE0DC68BCD53305 b/id/server/data/deploy/conf/moa-id/certs/certstore/B310CEED301C503EDB15720F94D5D7E76BF423DA/AA94FD422AEB8F5B6E8508314CE0DC68BCD53305 Binary files differdeleted file mode 100644 index ea3512e3d..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/B310CEED301C503EDB15720F94D5D7E76BF423DA/AA94FD422AEB8F5B6E8508314CE0DC68BCD53305 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/B3EB7B59ECFF1E25E16C64BB24993D1B20DCFC28/07A6DEED70213CCF598F278789680DA4C04A0331 b/id/server/data/deploy/conf/moa-id/certs/certstore/B3EB7B59ECFF1E25E16C64BB24993D1B20DCFC28/07A6DEED70213CCF598F278789680DA4C04A0331 Binary files differdeleted file mode 100644 index 46dd968f0..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/B3EB7B59ECFF1E25E16C64BB24993D1B20DCFC28/07A6DEED70213CCF598F278789680DA4C04A0331 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/B749506C821467F7D6F4E8943D07DDED771A7B47/A5A00B223EF24AED92D03F652CFE367CA9D1B200 b/id/server/data/deploy/conf/moa-id/certs/certstore/B749506C821467F7D6F4E8943D07DDED771A7B47/A5A00B223EF24AED92D03F652CFE367CA9D1B200 Binary files differdeleted file mode 100644 index 05a8b86f9..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/B749506C821467F7D6F4E8943D07DDED771A7B47/A5A00B223EF24AED92D03F652CFE367CA9D1B200 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/B9041947DCD9B7E2B82D72D6A0FF1FBC4B213DC0/BD78039E45BA4E4B13ADECC58124520ACE83B6A7 b/id/server/data/deploy/conf/moa-id/certs/certstore/B9041947DCD9B7E2B82D72D6A0FF1FBC4B213DC0/BD78039E45BA4E4B13ADECC58124520ACE83B6A7 Binary files differdeleted file mode 100644 index 815f53d95..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/B9041947DCD9B7E2B82D72D6A0FF1FBC4B213DC0/BD78039E45BA4E4B13ADECC58124520ACE83B6A7 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/BAA9ADD095E87E0B490B6DD933AA2F450C6B9492/7A430B6E3592BEEDFAA0DD5DD6262C27EB8D26D2 b/id/server/data/deploy/conf/moa-id/certs/certstore/BAA9ADD095E87E0B490B6DD933AA2F450C6B9492/7A430B6E3592BEEDFAA0DD5DD6262C27EB8D26D2 Binary files differdeleted file mode 100644 index 63ba5cce5..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/BAA9ADD095E87E0B490B6DD933AA2F450C6B9492/7A430B6E3592BEEDFAA0DD5DD6262C27EB8D26D2 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/BE47A5DA41A35F740D98305DA8FF4096B71492BE/D1474E7D99512D05B98DD37B3FE86496A03D088D b/id/server/data/deploy/conf/moa-id/certs/certstore/BE47A5DA41A35F740D98305DA8FF4096B71492BE/D1474E7D99512D05B98DD37B3FE86496A03D088D Binary files differdeleted file mode 100644 index 0bab77032..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/BE47A5DA41A35F740D98305DA8FF4096B71492BE/D1474E7D99512D05B98DD37B3FE86496A03D088D +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/BE77EF0A6C18C4B70D3B516426B559A2C1969460/9766A5ED03482991DA91BB763ECDCD9417394100 b/id/server/data/deploy/conf/moa-id/certs/certstore/BE77EF0A6C18C4B70D3B516426B559A2C1969460/9766A5ED03482991DA91BB763ECDCD9417394100 Binary files differdeleted file mode 100644 index 882753986..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/BE77EF0A6C18C4B70D3B516426B559A2C1969460/9766A5ED03482991DA91BB763ECDCD9417394100 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/BE77EF0A6C18C4B70D3B516426B559A2C1969460/BB97947C31BBF3364A2909F9876DBD3B87B5B62A b/id/server/data/deploy/conf/moa-id/certs/certstore/BE77EF0A6C18C4B70D3B516426B559A2C1969460/BB97947C31BBF3364A2909F9876DBD3B87B5B62A Binary files differdeleted file mode 100644 index f28aa4b8e..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/BE77EF0A6C18C4B70D3B516426B559A2C1969460/BB97947C31BBF3364A2909F9876DBD3B87B5B62A +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/BEBA5B735BCC34BDB0D778DAA1E669AEF999FCAB/60B7181FD8BCA00B84961BF31DB08C50376CCF44 b/id/server/data/deploy/conf/moa-id/certs/certstore/BEBA5B735BCC34BDB0D778DAA1E669AEF999FCAB/60B7181FD8BCA00B84961BF31DB08C50376CCF44 Binary files differdeleted file mode 100644 index 08d7b28e2..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/BEBA5B735BCC34BDB0D778DAA1E669AEF999FCAB/60B7181FD8BCA00B84961BF31DB08C50376CCF44 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/BEBA5B735BCC34BDB0D778DAA1E669AEF999FCAB/74801529B4E8E5764FFC4D8E6577E1F84E8101CE b/id/server/data/deploy/conf/moa-id/certs/certstore/BEBA5B735BCC34BDB0D778DAA1E669AEF999FCAB/74801529B4E8E5764FFC4D8E6577E1F84E8101CE Binary files differdeleted file mode 100644 index e47d2b8ba..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/BEBA5B735BCC34BDB0D778DAA1E669AEF999FCAB/74801529B4E8E5764FFC4D8E6577E1F84E8101CE +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/BEBA5B735BCC34BDB0D778DAA1E669AEF999FCAB/7B7B60B748C82B34EE71A3CEA729C477083F0BDA b/id/server/data/deploy/conf/moa-id/certs/certstore/BEBA5B735BCC34BDB0D778DAA1E669AEF999FCAB/7B7B60B748C82B34EE71A3CEA729C477083F0BDA Binary files differdeleted file mode 100644 index 5168e1af0..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/BEBA5B735BCC34BDB0D778DAA1E669AEF999FCAB/7B7B60B748C82B34EE71A3CEA729C477083F0BDA +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/BEBA5B735BCC34BDB0D778DAA1E669AEF999FCAB/EBB80BE34C78814AE659BBA3A2394E4D9857123D b/id/server/data/deploy/conf/moa-id/certs/certstore/BEBA5B735BCC34BDB0D778DAA1E669AEF999FCAB/EBB80BE34C78814AE659BBA3A2394E4D9857123D Binary files differdeleted file mode 100644 index c5bcc42e2..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/BEBA5B735BCC34BDB0D778DAA1E669AEF999FCAB/EBB80BE34C78814AE659BBA3A2394E4D9857123D +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/BED4C70D83B5042F4254459064FDEACD43DD1EDF/7BE0C8E441786C69A3CB35BDBEF235F8B5310E04 b/id/server/data/deploy/conf/moa-id/certs/certstore/BED4C70D83B5042F4254459064FDEACD43DD1EDF/7BE0C8E441786C69A3CB35BDBEF235F8B5310E04 Binary files differdeleted file mode 100644 index 0a8de4bb9..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/BED4C70D83B5042F4254459064FDEACD43DD1EDF/7BE0C8E441786C69A3CB35BDBEF235F8B5310E04 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/BF375B55D8D7CFC31FD8E3FBF7B1981A91A1A6CA/42EFDDE6BFF35ED0BAE6ACDD204C50AE86C4F4FA b/id/server/data/deploy/conf/moa-id/certs/certstore/BF375B55D8D7CFC31FD8E3FBF7B1981A91A1A6CA/42EFDDE6BFF35ED0BAE6ACDD204C50AE86C4F4FA Binary files differdeleted file mode 100644 index ab9e0cd7d..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/BF375B55D8D7CFC31FD8E3FBF7B1981A91A1A6CA/42EFDDE6BFF35ED0BAE6ACDD204C50AE86C4F4FA +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/BF375B55D8D7CFC31FD8E3FBF7B1981A91A1A6CA/51C01567BCB22968EF5A297B7EA84E195594E0E8 b/id/server/data/deploy/conf/moa-id/certs/certstore/BF375B55D8D7CFC31FD8E3FBF7B1981A91A1A6CA/51C01567BCB22968EF5A297B7EA84E195594E0E8 Binary files differdeleted file mode 100644 index 01965769d..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/BF375B55D8D7CFC31FD8E3FBF7B1981A91A1A6CA/51C01567BCB22968EF5A297B7EA84E195594E0E8 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/C15FFFE6EFAD484909C9EFC6CD5C20435E326685/DDBAE68B1FF60FFBB2854C78727B76C95EC83BBE b/id/server/data/deploy/conf/moa-id/certs/certstore/C15FFFE6EFAD484909C9EFC6CD5C20435E326685/DDBAE68B1FF60FFBB2854C78727B76C95EC83BBE Binary files differdeleted file mode 100644 index 6428b8256..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/C15FFFE6EFAD484909C9EFC6CD5C20435E326685/DDBAE68B1FF60FFBB2854C78727B76C95EC83BBE +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/C20C15B6163E675959D273D502F0D80718326C55/844FDEEE3C847F4BD5153E822803C1A2C1B6E7BA b/id/server/data/deploy/conf/moa-id/certs/certstore/C20C15B6163E675959D273D502F0D80718326C55/844FDEEE3C847F4BD5153E822803C1A2C1B6E7BA Binary files differdeleted file mode 100644 index bc5ed1e62..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/C20C15B6163E675959D273D502F0D80718326C55/844FDEEE3C847F4BD5153E822803C1A2C1B6E7BA +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/C20C15B6163E675959D273D502F0D80718326C55/B38C775A18C1195D01658D75FBDA3258B6DF018B b/id/server/data/deploy/conf/moa-id/certs/certstore/C20C15B6163E675959D273D502F0D80718326C55/B38C775A18C1195D01658D75FBDA3258B6DF018B Binary files differdeleted file mode 100644 index cb519b7eb..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/C20C15B6163E675959D273D502F0D80718326C55/B38C775A18C1195D01658D75FBDA3258B6DF018B +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/C2A7CAE9E68EB7945828D193CB22CDD246BC7F95/6955D95F6B0799F7D96F4FC28E6E6C64758C1240 b/id/server/data/deploy/conf/moa-id/certs/certstore/C2A7CAE9E68EB7945828D193CB22CDD246BC7F95/6955D95F6B0799F7D96F4FC28E6E6C64758C1240 Binary files differdeleted file mode 100644 index f11bd6247..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/C2A7CAE9E68EB7945828D193CB22CDD246BC7F95/6955D95F6B0799F7D96F4FC28E6E6C64758C1240 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/C52E4A04A22D98C70E19F1969AD71C838E4371B3/F96FE4F59166EFA9000B21A16EF22CF14468890C b/id/server/data/deploy/conf/moa-id/certs/certstore/C52E4A04A22D98C70E19F1969AD71C838E4371B3/F96FE4F59166EFA9000B21A16EF22CF14468890C Binary files differdeleted file mode 100644 index 348257122..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/C52E4A04A22D98C70E19F1969AD71C838E4371B3/F96FE4F59166EFA9000B21A16EF22CF14468890C +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/C6673943153C8BE9F977A89A00ED84B432074576/7D0C7B977ACEA63D51EE34B00BC3C1DBF318B92E b/id/server/data/deploy/conf/moa-id/certs/certstore/C6673943153C8BE9F977A89A00ED84B432074576/7D0C7B977ACEA63D51EE34B00BC3C1DBF318B92E Binary files differdeleted file mode 100644 index b9fe1280c..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/C6673943153C8BE9F977A89A00ED84B432074576/7D0C7B977ACEA63D51EE34B00BC3C1DBF318B92E +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/C6673943153C8BE9F977A89A00ED84B432074576/A79681CBDD69EC741214136F128923A574E26F03 b/id/server/data/deploy/conf/moa-id/certs/certstore/C6673943153C8BE9F977A89A00ED84B432074576/A79681CBDD69EC741214136F128923A574E26F03 Binary files differdeleted file mode 100644 index ea1585a6e..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/C6673943153C8BE9F977A89A00ED84B432074576/A79681CBDD69EC741214136F128923A574E26F03 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/C7E1D3604D2A960201D70F29B8A80EDA11475EEB/C18ECC8FD712ACAFBEAEDC1FA13F5AB19930E3ED b/id/server/data/deploy/conf/moa-id/certs/certstore/C7E1D3604D2A960201D70F29B8A80EDA11475EEB/C18ECC8FD712ACAFBEAEDC1FA13F5AB19930E3ED Binary files differdeleted file mode 100644 index a3f8a7409..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/C7E1D3604D2A960201D70F29B8A80EDA11475EEB/C18ECC8FD712ACAFBEAEDC1FA13F5AB19930E3ED +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/C976280EC7FECF169577E31D8CA0BB00967904B1/7666A8BD2C2513DE489C06D08D566F177ECE84AA b/id/server/data/deploy/conf/moa-id/certs/certstore/C976280EC7FECF169577E31D8CA0BB00967904B1/7666A8BD2C2513DE489C06D08D566F177ECE84AA Binary files differdeleted file mode 100644 index 3c1f2f8a2..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/C976280EC7FECF169577E31D8CA0BB00967904B1/7666A8BD2C2513DE489C06D08D566F177ECE84AA +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/CABD2EA6CA438084840DCCAE875F341E2D3A2C43/02A0E6456442E35198532ACFFB6FEE3B606D9FA3 b/id/server/data/deploy/conf/moa-id/certs/certstore/CABD2EA6CA438084840DCCAE875F341E2D3A2C43/02A0E6456442E35198532ACFFB6FEE3B606D9FA3 Binary files differdeleted file mode 100644 index 5026d395f..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/CABD2EA6CA438084840DCCAE875F341E2D3A2C43/02A0E6456442E35198532ACFFB6FEE3B606D9FA3 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/CC93161E57C3898635E1D086008BD053F542457F/7D60E314AA6AEF548A614A9354C5068192051A29 b/id/server/data/deploy/conf/moa-id/certs/certstore/CC93161E57C3898635E1D086008BD053F542457F/7D60E314AA6AEF548A614A9354C5068192051A29 Binary files differdeleted file mode 100644 index afe6fdf09..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/CC93161E57C3898635E1D086008BD053F542457F/7D60E314AA6AEF548A614A9354C5068192051A29 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/CD2D87A57D1568A515128BE9DA8B3CAE7AC007A4/C6658C25AFB8A9D738F2BC591775D167549FFD3A b/id/server/data/deploy/conf/moa-id/certs/certstore/CD2D87A57D1568A515128BE9DA8B3CAE7AC007A4/C6658C25AFB8A9D738F2BC591775D167549FFD3A Binary files differdeleted file mode 100644 index f6df0f4fd..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/CD2D87A57D1568A515128BE9DA8B3CAE7AC007A4/C6658C25AFB8A9D738F2BC591775D167549FFD3A +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/CE91CC7CF2DDDEE6623A1A91B3298DCAD2375F2B/8AB0A3519AFA7F3C04074522678BAA1CB3DC734F b/id/server/data/deploy/conf/moa-id/certs/certstore/CE91CC7CF2DDDEE6623A1A91B3298DCAD2375F2B/8AB0A3519AFA7F3C04074522678BAA1CB3DC734F Binary files differdeleted file mode 100644 index c34d0f380..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/CE91CC7CF2DDDEE6623A1A91B3298DCAD2375F2B/8AB0A3519AFA7F3C04074522678BAA1CB3DC734F +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/CE91CC7CF2DDDEE6623A1A91B3298DCAD2375F2B/DF47B3040E7632614464BD2EC4ECD1B8030F53E3 b/id/server/data/deploy/conf/moa-id/certs/certstore/CE91CC7CF2DDDEE6623A1A91B3298DCAD2375F2B/DF47B3040E7632614464BD2EC4ECD1B8030F53E3 Binary files differdeleted file mode 100644 index d894e92ca..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/CE91CC7CF2DDDEE6623A1A91B3298DCAD2375F2B/DF47B3040E7632614464BD2EC4ECD1B8030F53E3 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/CE91CC7CF2DDDEE6623A1A91B3298DCAD2375F2B/E117479B4A41D7F3223FCAE50560B0D57B22217D b/id/server/data/deploy/conf/moa-id/certs/certstore/CE91CC7CF2DDDEE6623A1A91B3298DCAD2375F2B/E117479B4A41D7F3223FCAE50560B0D57B22217D Binary files differdeleted file mode 100644 index 380486f65..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/CE91CC7CF2DDDEE6623A1A91B3298DCAD2375F2B/E117479B4A41D7F3223FCAE50560B0D57B22217D +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/D4D40BD33958CD9169A7AB6304AA2BBAD22DC595/07976A2A16EC182670161B46886B05E1FEAC16B1 b/id/server/data/deploy/conf/moa-id/certs/certstore/D4D40BD33958CD9169A7AB6304AA2BBAD22DC595/07976A2A16EC182670161B46886B05E1FEAC16B1 Binary files differdeleted file mode 100644 index 22d64fb5f..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/D4D40BD33958CD9169A7AB6304AA2BBAD22DC595/07976A2A16EC182670161B46886B05E1FEAC16B1 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/D708C897515970D33EF7CD0C2474449D3AB6AA83/52ED0FAFBD38A868C678174D7EB03D266ADB221C b/id/server/data/deploy/conf/moa-id/certs/certstore/D708C897515970D33EF7CD0C2474449D3AB6AA83/52ED0FAFBD38A868C678174D7EB03D266ADB221C Binary files differdeleted file mode 100644 index 42a64da07..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/D708C897515970D33EF7CD0C2474449D3AB6AA83/52ED0FAFBD38A868C678174D7EB03D266ADB221C +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/DD29E76659D18371B78E61E7DF4D4B8FEDCAF8E7/8BA5C0847597612C7E16970EAE55EF58D32E9CF3 b/id/server/data/deploy/conf/moa-id/certs/certstore/DD29E76659D18371B78E61E7DF4D4B8FEDCAF8E7/8BA5C0847597612C7E16970EAE55EF58D32E9CF3 Binary files differdeleted file mode 100644 index 010c5d5b6..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/DD29E76659D18371B78E61E7DF4D4B8FEDCAF8E7/8BA5C0847597612C7E16970EAE55EF58D32E9CF3 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/18585FC53A283488E4BA84867980E9B1F2B28ADA b/id/server/data/deploy/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/18585FC53A283488E4BA84867980E9B1F2B28ADA Binary files differdeleted file mode 100644 index d53dce92b..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/18585FC53A283488E4BA84867980E9B1F2B28ADA +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/27337257493B86B9BFF78D569F938D692A430EAE b/id/server/data/deploy/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/27337257493B86B9BFF78D569F938D692A430EAE Binary files differdeleted file mode 100644 index 5375c57c3..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/27337257493B86B9BFF78D569F938D692A430EAE +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/4832F0A28C3724A92F6CB3314F747D0E74FC7344 b/id/server/data/deploy/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/4832F0A28C3724A92F6CB3314F747D0E74FC7344 Binary files differdeleted file mode 100644 index 7085c5ac9..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/4832F0A28C3724A92F6CB3314F747D0E74FC7344 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/6352302A5072DBFB769D4FF4C70C86432C4C1683 b/id/server/data/deploy/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/6352302A5072DBFB769D4FF4C70C86432C4C1683 Binary files differdeleted file mode 100644 index 97dc187db..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/6352302A5072DBFB769D4FF4C70C86432C4C1683 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/EE886B907E31667D622677F665F25C54AF9A7F65 b/id/server/data/deploy/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/EE886B907E31667D622677F665F25C54AF9A7F65 Binary files differdeleted file mode 100644 index ad5d7dea1..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/EE886B907E31667D622677F665F25C54AF9A7F65 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/E47BA33321A8A919414A123C91F5D253766AB078/698563ECEE29232C5304487D972310F86650C3A6 b/id/server/data/deploy/conf/moa-id/certs/certstore/E47BA33321A8A919414A123C91F5D253766AB078/698563ECEE29232C5304487D972310F86650C3A6 Binary files differdeleted file mode 100644 index ebfbce9a0..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/E47BA33321A8A919414A123C91F5D253766AB078/698563ECEE29232C5304487D972310F86650C3A6 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/E6A4C843059A6043B4DC967F9EF892B695990777/B4B77C83465979E3679E3A33F972F48EE3730A18 b/id/server/data/deploy/conf/moa-id/certs/certstore/E6A4C843059A6043B4DC967F9EF892B695990777/B4B77C83465979E3679E3A33F972F48EE3730A18 Binary files differdeleted file mode 100644 index 6225c0ca7..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/E6A4C843059A6043B4DC967F9EF892B695990777/B4B77C83465979E3679E3A33F972F48EE3730A18 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/EA7E6D37E678C1BCA5060F97DAF09F559DFD04B7/3AAD23B00CA10E54E6368DF7952E3F4B5108B65C b/id/server/data/deploy/conf/moa-id/certs/certstore/EA7E6D37E678C1BCA5060F97DAF09F559DFD04B7/3AAD23B00CA10E54E6368DF7952E3F4B5108B65C Binary files differdeleted file mode 100644 index a3aa0000d..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/EA7E6D37E678C1BCA5060F97DAF09F559DFD04B7/3AAD23B00CA10E54E6368DF7952E3F4B5108B65C +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/EEE6351C5C6EBD8644AB88E7648D44FA07C72A80/14E59C02A6877B0EBD2C4203886BA25959C1D267 b/id/server/data/deploy/conf/moa-id/certs/certstore/EEE6351C5C6EBD8644AB88E7648D44FA07C72A80/14E59C02A6877B0EBD2C4203886BA25959C1D267 Binary files differdeleted file mode 100644 index 332aa817a..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/EEE6351C5C6EBD8644AB88E7648D44FA07C72A80/14E59C02A6877B0EBD2C4203886BA25959C1D267 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/F1B84756A1EAB09C171B2783DD163B42A9BD0BBB/ED5608CE67EA5CB79AC024CEA7445F9BCBE48703 b/id/server/data/deploy/conf/moa-id/certs/certstore/F1B84756A1EAB09C171B2783DD163B42A9BD0BBB/ED5608CE67EA5CB79AC024CEA7445F9BCBE48703 Binary files differdeleted file mode 100644 index 069640ffc..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/F1B84756A1EAB09C171B2783DD163B42A9BD0BBB/ED5608CE67EA5CB79AC024CEA7445F9BCBE48703 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/F3DA7C495789E656FA27E611CCAFA05F232ADEA0/F3AE9FEA4DECEE5330770A2520BD86909929E7BE b/id/server/data/deploy/conf/moa-id/certs/certstore/F3DA7C495789E656FA27E611CCAFA05F232ADEA0/F3AE9FEA4DECEE5330770A2520BD86909929E7BE Binary files differdeleted file mode 100644 index c3fc91352..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/F3DA7C495789E656FA27E611CCAFA05F232ADEA0/F3AE9FEA4DECEE5330770A2520BD86909929E7BE +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/F4834A83B4ED558A1E349821898B6DE4353516F1/16D8270DE51B034E77B7CDAF1DEE623916243DDC b/id/server/data/deploy/conf/moa-id/certs/certstore/F4834A83B4ED558A1E349821898B6DE4353516F1/16D8270DE51B034E77B7CDAF1DEE623916243DDC Binary files differdeleted file mode 100644 index 87d8b52d4..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/F4834A83B4ED558A1E349821898B6DE4353516F1/16D8270DE51B034E77B7CDAF1DEE623916243DDC +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/F4834A83B4ED558A1E349821898B6DE4353516F1/3D3F25C5CD9F932037D91B7D102EDB58EC7C8239 b/id/server/data/deploy/conf/moa-id/certs/certstore/F4834A83B4ED558A1E349821898B6DE4353516F1/3D3F25C5CD9F932037D91B7D102EDB58EC7C8239 Binary files differdeleted file mode 100644 index 91acd396a..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/F4834A83B4ED558A1E349821898B6DE4353516F1/3D3F25C5CD9F932037D91B7D102EDB58EC7C8239 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/F4834A83B4ED558A1E349821898B6DE4353516F1/40B51EEF4E709FBD47935DDD83A1F640D0CC378A b/id/server/data/deploy/conf/moa-id/certs/certstore/F4834A83B4ED558A1E349821898B6DE4353516F1/40B51EEF4E709FBD47935DDD83A1F640D0CC378A Binary files differdeleted file mode 100644 index b5f5fa6ca..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/F4834A83B4ED558A1E349821898B6DE4353516F1/40B51EEF4E709FBD47935DDD83A1F640D0CC378A +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/F4834A83B4ED558A1E349821898B6DE4353516F1/D4E1786D8B8B57B22C81D0F0FCE18EA818DA0537 b/id/server/data/deploy/conf/moa-id/certs/certstore/F4834A83B4ED558A1E349821898B6DE4353516F1/D4E1786D8B8B57B22C81D0F0FCE18EA818DA0537 Binary files differdeleted file mode 100644 index abeb964dd..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/F4834A83B4ED558A1E349821898B6DE4353516F1/D4E1786D8B8B57B22C81D0F0FCE18EA818DA0537 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/F48B57F89BACD8687EBB12223A5B8E5EF3774583/CAF84A42305615AC2C582F6412BDA3E36DAC3D25 b/id/server/data/deploy/conf/moa-id/certs/certstore/F48B57F89BACD8687EBB12223A5B8E5EF3774583/CAF84A42305615AC2C582F6412BDA3E36DAC3D25 Binary files differdeleted file mode 100644 index 83aeb1fce..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/F48B57F89BACD8687EBB12223A5B8E5EF3774583/CAF84A42305615AC2C582F6412BDA3E36DAC3D25 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/F613568C1D7A1300B32609998288211959DBDFB0/D7EDAF7381F7FC93B4C28FA372190D7A59CFA696 b/id/server/data/deploy/conf/moa-id/certs/certstore/F613568C1D7A1300B32609998288211959DBDFB0/D7EDAF7381F7FC93B4C28FA372190D7A59CFA696 Binary files differdeleted file mode 100644 index 5631441a9..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/F613568C1D7A1300B32609998288211959DBDFB0/D7EDAF7381F7FC93B4C28FA372190D7A59CFA696 +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/F7D331850EC13D22284909E0FC3493A65FFA7F30/EC988340526163D5B7AC80481B2AC76828EDDC6C b/id/server/data/deploy/conf/moa-id/certs/certstore/F7D331850EC13D22284909E0FC3493A65FFA7F30/EC988340526163D5B7AC80481B2AC76828EDDC6C Binary files differdeleted file mode 100644 index 585047fa2..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/F7D331850EC13D22284909E0FC3493A65FFA7F30/EC988340526163D5B7AC80481B2AC76828EDDC6C +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/toBeAdded/A-Trust-Qual-01-20140701-20240701.SerNo144ddd(SecureSignatureKeypair).cer b/id/server/data/deploy/conf/moa-id/certs/certstore/toBeAdded/A-Trust-Qual-01-20140701-20240701.SerNo144ddd(SecureSignatureKeypair).cer deleted file mode 100644 index eb051dc4d..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/toBeAdded/A-Trust-Qual-01-20140701-20240701.SerNo144ddd(SecureSignatureKeypair).cer +++ /dev/null @@ -1,26 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIEUzCCAzugAwIBAgIDFE3dMA0GCSqGSIb3DQEBBQUAMIHPMQswCQYDVQQGEwJB -VDGBizCBiAYDVQQKHoGAAEEALQBUAHIAdQBzAHQAIABHAGUAcwAuACAAZgD8AHIA -IABTAGkAYwBoAGUAcgBoAGUAaQB0AHMAcwB5AHMAdABlAG0AZQAgAGkAbQAgAGUA -bABlAGsAdAByAC4AIABEAGEAdABlAG4AdgBlAHIAawBlAGgAcgAgAEcAbQBiAEgx -GDAWBgNVBAsTD0EtVHJ1c3QtUXVhbC0wMTEYMBYGA1UEAxMPQS1UcnVzdC1RdWFs -LTAxMB4XDTE0MDcwMTExMjExNVoXDTI0MDcwMTA5MjExNVowgc8xCzAJBgNVBAYT -AkFUMYGLMIGIBgNVBAoegYAAQQAtAFQAcgB1AHMAdAAgAEcAZQBzAC4AIABmAPwA -cgAgAFMAaQBjAGgAZQByAGgAZQBpAHQAcwBzAHkAcwB0AGUAbQBlACAAaQBtACAA -ZQBsAGUAawB0AHIALgAgAEQAYQB0AGUAbgB2AGUAcgBrAGUAaAByACAARwBtAGIA -SDEYMBYGA1UECxMPQS1UcnVzdC1RdWFsLTAxMRgwFgYDVQQDEw9BLVRydXN0LVF1 -YWwtMDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmhgdxIbxTGEOH -fXGiewI3NFldAWKFWfLofO+5I1UbvA5avt7IgsGXz/tI/f5HGUbascI0i7xG0tqV -lA5ctQgLRqxgxHtgTkMcqsAEYdsz3LZsCdXO1QrvEBGLTSABdxiL/gSWJ6z77CSw -x7Xg02HwxPV82cjGkSF3ENGJntuIAAnRDWn/ORHjFatNRymoMbHaOEZXSGhf7Y5F -rrHEqGyi9E6sv784De/T1aTvskn8cWeUmDzv//omiG/a/V9KQex/61XN8OthUQVn -X+u/liL2NKx74I2C/GgHX5B0WkPNqsSOgmlvJ/cKuT0PveUgVFDAA0oYBgcE1KDM -lBbN0kmPAgMBAAGjNjA0MA8GA1UdEwEB/wQFMAMBAf8wEQYDVR0OBAoECEs8jB2F -6W+tMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAQIN9LZbMivO9 -kWLDlDI9cTEIPpRXmgNdaBQRUpZc2ML0vDW6OVI90r8GxFQTE/I7HjrvuqQDTEL1 -qd8tthiazsLYI5eDX1CtJEFFtg25Y9t3tK2HsShb8sCj798hoXsOMFR9qhp5Fjb8 -TX4CVuQ3sK1TKeNlDmpAx6SqkYYT0CCMccsxt2j89ED8Z+B/yW19OZQk3BFDigYL -46YsLKAC96ItFpUOs8ZbAUfUlpVA6G+09EMcDxOcuD/ebLx6I/ynwYAtqYXaizsY -KTE35A3M2ghfGFJ+DlQoh3Bn/RG01LKXXgaVTHHMvvpxBp55wz2SocD/PpFe+D6Q -C016YgTrrQ== ------END CERTIFICATE----- diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/toBeAdded/A-Trust-Qual-02-20140701-20240701.SerNo144de4(SecureSignatureKeypair).cer b/id/server/data/deploy/conf/moa-id/certs/certstore/toBeAdded/A-Trust-Qual-02-20140701-20240701.SerNo144de4(SecureSignatureKeypair).cer deleted file mode 100644 index be29fb6ac..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/toBeAdded/A-Trust-Qual-02-20140701-20240701.SerNo144de4(SecureSignatureKeypair).cer +++ /dev/null @@ -1,23 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDyzCCArOgAwIBAgIDFE3kMA0GCSqGSIb3DQEBBQUAMIGLMQswCQYDVQQGEwJB -VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp -bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1 -YWwtMDIxGDAWBgNVBAMMD0EtVHJ1c3QtUXVhbC0wMjAeFw0xNDA3MDExMTIzMzNa -Fw0yNDA3MDEwOTIzMzNaMIGLMQswCQYDVQQGEwJBVDFIMEYGA1UECgw/QS1UcnVz -dCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBpbSBlbGVrdHIuIERhdGVudmVy -a2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1YWwtMDIxGDAWBgNVBAMMD0Et -VHJ1c3QtUXVhbC0wMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJaR -q9eOsFm4Ab20Hq2Z/aH86gyWa48uSUjY6eQkguHYuszr3gdcSMYZggFHQgnhfLmf -ro/27l5rqKhWiDhWs+b+yZ1PNDhRPJy+86ycHMg9XJqErveULBSyZDdgjhSwOyrN -ibUir/fkf+4sKzP5jjytTKJXD/uCxY4fAd9TjMEVpN3umpIS0ijpYhclYDHvzzGU -833z5Dwhq5D8bc9jp8YSAHFJ1xzIoO1jmn3jjyjdYPnY5harJtHQL73nDQnfbtTs -5ThT9GQLulrMgLU4WeyAWWWEMWpfVZFMJOUkmoOEer6A8e5fIAeqdxdsC+JVqpZ4 -CAKel/Arrlj1gFA//jsCAwEAAaM2MDQwDwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4E -CgQIQj0rJKbBRc4wDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQBh -MfOINQm4XpzF6DmkOmb/ArSXHf5LObqFmIMooNr2TkyzrUTK/NE+mdrm15Rfdts7 -kZVq/ICfQSFeaPvWaAVq4plH/26OjvMTVv7DfgfPBUxDWqlCuDnDnPAVQ+yo/o5i -BA5uUlMbp5znbDtlxwF/5gWqcn/hKxSUCP1uiOPIlKfeVvsRmBcJAdoixTM/Ic10 -pavJMGOI20onArvQZAUEbXQLA8cs8naxfF6Bo36U9nk6wn7q8VPXhViekByd17F6 -9A+ah0Iqw4SPf9BqNRIe1YxxjDhCmjWt3aoyE3ZFBuGjW+r2ipb/vGU1+2oyy2Fd -2dMmiMQ7gGhWX9X6gWLd ------END CERTIFICATE----- diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/toBeAdded/A-Trust-Qual-03-20140701-20240701.SerNo144df5(SecureSignatureKeypair).cer b/id/server/data/deploy/conf/moa-id/certs/certstore/toBeAdded/A-Trust-Qual-03-20140701-20240701.SerNo144df5(SecureSignatureKeypair).cer deleted file mode 100644 index e1100c7fc..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/toBeAdded/A-Trust-Qual-03-20140701-20240701.SerNo144df5(SecureSignatureKeypair).cer +++ /dev/null @@ -1,23 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDyzCCArOgAwIBAgIDFE31MA0GCSqGSIb3DQEBBQUAMIGLMQswCQYDVQQGEwJB -VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp -bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1 -YWwtMDMxGDAWBgNVBAMMD0EtVHJ1c3QtUXVhbC0wMzAeFw0xNDA3MDExMTMwNTZa -Fw0yNDA3MDEwOTMwNTZaMIGLMQswCQYDVQQGEwJBVDFIMEYGA1UECgw/QS1UcnVz -dCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBpbSBlbGVrdHIuIERhdGVudmVy -a2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1YWwtMDMxGDAWBgNVBAMMD0Et -VHJ1c3QtUXVhbC0wMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALOe -JIgc0s9AA0hqqqWgK72W9XwKn5+rUJDbQc5WgHkqwP2TU3qcW/NZYSSIY6PVGO6b -hHSEnOyMPdrBhnpvNi4m6349yT6t565LdHcoKyQg/youwpVkEPZ+e8O32hF9nqvt -L4wZohydjMwzcHUJB/5e+0CkJYwv/bVRZzqoK0yf1midYJukxWOw7nDNKD9KdOpZ -+XXFAAZuH7BjwSqqE138y9JlGzkxIlrCeSJdGfFLwr7OHIgBdPEmQXcyOcaMUGjP -U4VDig+gj+6OC5KjAEC+wKJZXiyhRLj+HyLTDLrQ6O8p5HI3Sov4FuwiMgcqIyzz -o9fNyqmnT3K/vBGOqBsCAwEAAaM2MDQwDwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4E -CgQIRgbfN/LCNxAwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQBy -jA/CmId9oz8sy4rwEklti+8TLS/aLHkiMqUmKjuHyT/6mz4Qh4fLfAAEv8iGSZiW -+7+Gv7HTcuEEdyNNhUmMGJLSQA/3KBjlttHXLiG943wnvcZf3LtkFc+8Ia5N3bNS -BM6q7/OFKHSS+iHcAJ8XS6SnLITYRyfo0thsXBaHpkTUkEP0uJY+yoE/EcBkvsGX -drLIawu8YOrNZvs3S6Ag0ex5brIdqiNtlUGwRxpLwssfBho5K0NqpXAloHT9kHBd -rGb2GrVdLIesuVivSP9zq09M8bcm3jDPCHv5bcudPZVX7rkr79VphgLfKlINA4Fw -VxCuPLXx/4sCfANQtvuY ------END CERTIFICATE----- diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/toBeAdded/A-Trust-Root-05.20130923-20230920.SerNoFCDB4.cer b/id/server/data/deploy/conf/moa-id/certs/certstore/toBeAdded/A-Trust-Root-05.20130923-20230920.SerNoFCDB4.cer Binary files differdeleted file mode 100644 index b9a0e5a61..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/toBeAdded/A-Trust-Root-05.20130923-20230920.SerNoFCDB4.cer +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/toBeAdded/A-Trust-nQual-01-20140701-20240701.SerNo144dc3(CertifiedKeypair).cer b/id/server/data/deploy/conf/moa-id/certs/certstore/toBeAdded/A-Trust-nQual-01-20140701-20240701.SerNo144dc3(CertifiedKeypair).cer deleted file mode 100644 index e90f5f2a6..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/toBeAdded/A-Trust-nQual-01-20140701-20240701.SerNo144dc3(CertifiedKeypair).cer +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDXTCCAkWgAwIBAgIDFE3DMA0GCSqGSIb3DQEBBQUAMFUxCzAJBgNVBAYTAkFU -MRAwDgYDVQQKEwdBLVRydXN0MRkwFwYDVQQLExBBLVRydXN0LW5RdWFsLTAxMRkw -FwYDVQQDExBBLVRydXN0LW5RdWFsLTAxMB4XDTE0MDcwMTExMDk1NFoXDTI0MDcw -MTA5MDk1NFowVTELMAkGA1UEBhMCQVQxEDAOBgNVBAoTB0EtVHJ1c3QxGTAXBgNV -BAsTEEEtVHJ1c3QtblF1YWwtMDExGTAXBgNVBAMTEEEtVHJ1c3QtblF1YWwtMDEw -ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD/9RyAEZ6eHmhYzNJ328f0 -jmdSUFi6EqRqOxb3jHNPTIpK82CR6z5lmSnZQNUuCPD+htbNZffd2DKVB06NOyZ1 -2zcOMCgj4GtkZoqE0zPpPT3bpoE55nkZZe/qWEX/64wz/L/4EdkvKDSKG/UsP75M -tmCVY5m2Eg73RVFRz4ccBIMpHel4lzEqSkdDtZOY5fnkrE333hx67nxq21vY8Eyf -8O4fPQ5RtN8eohQCcPQ1z6ypU1R7N9jPRpnI+yzMOiwd3+QcKhHi1miCzo0pkOaB -1CwmfsTyNl8qU0NJUL9Ta6cea7WThwTiWol2yD88cd2cy388xpbNkfrCPmZNGLoV -AgMBAAGjNjA0MA8GA1UdEwEB/wQFMAMBAf8wEQYDVR0OBAoECE5ZzscCMocwMA4G -A1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAO3hBdwsNQOtYOAlC2PKT -sdNexKqMefFGrGDYIEAflaudwpcqUgv7fLLhMNRMT+BcXtqXtfNHGsll2GwseuMq -C02bPUmbfNV4P9djIz/s6qqvNQaQneFzhuXn+i0YQ10sFFVeIL3qrBMl1lwBeQ64 -/GyvrbGiHuuagEUc25CDrUqni+b+azaPUsRG6IXkIWG0H6WIMqtxIdHzAV/1raKh -PKot1VhG2rivf1cBBGXU/0VSYBitXrLNwXwlX2ad0WiFHUF8RS9F3j2vVSYMfxer -NPNaRLtCkHNSqCIDkMmmHJKbJbKJzMaZYmX2i2nc16HCpE/gbQc3etQCl3GvzO88 -xw== ------END CERTIFICATE----- diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/toBeAdded/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer b/id/server/data/deploy/conf/moa-id/certs/certstore/toBeAdded/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer deleted file mode 100644 index 2284687bb..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/toBeAdded/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer +++ /dev/null @@ -1,23 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDzzCCAregAwIBAgIDFLT5MA0GCSqGSIb3DQEBBQUAMIGNMQswCQYDVQQGEwJB -VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp -bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRkwFwYDVQQLDBBBLVRydXN0LW5R -dWFsLTAzMRkwFwYDVQQDDBBBLVRydXN0LW5RdWFsLTAzMB4XDTE0MDcyMzEwMzgy -OVoXDTI1MDcyMzA4MzgyOVowgY0xCzAJBgNVBAYTAkFUMUgwRgYDVQQKDD9BLVRy -dXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGltIGVsZWt0ci4gRGF0ZW52 -ZXJrZWhyIEdtYkgxGTAXBgNVBAsMEEEtVHJ1c3QtblF1YWwtMDMxGTAXBgNVBAMM -EEEtVHJ1c3QtblF1YWwtMDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB -AQCtPWFuA/OQO8BBC4SAzewqo51ru27CQoT3URThoKgtUaNR8t4j8DRE/5TrzAUj -lUC5B3ilJfYKvUWG6Nm9wASOhURh73+nyfrBJcyFLGM/BWBzSQXgYHiVEEvc+RFZ -znF/QJuKqiTfC0Li21a8StKlDJu3Qz7dg9MmEALP6iPESU7l0+m0iKsMrmKS1GWH -2WrX9IWf5DMiJaXlyDO6w8dB3F/GaswADm0yqLaHNgBid5seHzTLkDx4iHQF63n1 -k3Flyp3HaxgtPVxO59X4PzF9j4fsCiIvI+n+u33J4PTs63zEsMMtYrWacdaxaujs -2e3Vcuy+VwHOBVWf3tFgiBCzAgMBAAGjNjA0MA8GA1UdEwEB/wQFMAMBAf8wEQYD -VR0OBAoECERqlWdVeRFPMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOC -AQEAEoykPeAA/6iKm6YnfxsSHFe+Dtian2yAH8L2TqMdcHeSB/7L1x73uuDeYku1 -hbKQAXnfXntf8R+VgjQBTww0aDb5164netYcFbK0g8uVWVCqOl8wf3JbAUxHS9br -cFKks+CJKPr6qQ6H+sb1o9127c9IQSZYP3S/gMAaGw0cSTlsnosE0P5Ur5vHsapm -FV3V+VOjYNs2GLSu4XQCYvSIpsfDJp8VsJ/BMYS9GqGvQ/9qGa0fwEbEMadb5mcJ -tw/EKg4gJthMgxOfO5eVuCQ3PAEWOe5lrOrTdvTIlhphUuns5hoIdlyLuNqewK3s -FJ6N46sU7LjJLqSKYEB8usoIiw== ------END CERTIFICATE----- diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/toBeAdded/DigiCert High Assurance EV Root CA.crt b/id/server/data/deploy/conf/moa-id/certs/certstore/toBeAdded/DigiCert High Assurance EV Root CA.crt deleted file mode 100644 index 4b1bc66be..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/toBeAdded/DigiCert High Assurance EV Root CA.crt +++ /dev/null @@ -1,23 +0,0 @@ ------BEGIN CERTIFICATE-----
-MIIDxTCCAq2gAwIBAgIQAqxcJmoLQJuPC3nyrkYldzANBgkqhkiG9w0BAQUFADBs
-MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
-d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
-ZSBFViBSb290IENBMB4XDTA2MTExMDAwMDAwMFoXDTMxMTExMDAwMDAwMFowbDEL
-MAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3
-LmRpZ2ljZXJ0LmNvbTErMCkGA1UEAxMiRGlnaUNlcnQgSGlnaCBBc3N1cmFuY2Ug
-RVYgUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMbM5XPm
-+9S75S0tMqbf5YE/yc0lSbZxKsPVlDRnogocsF9ppkCxxLeyj9CYpKlBWTrT3JTW
-PNt0OKRKzE0lgvdKpVMSOO7zSW1xkX5jtqumX8OkhPhPYlG++MXs2ziS4wblCJEM
-xChBVfvLWokVfnHoNb9Ncgk9vjo4UFt3MRuNs8ckRZqnrG0AFFoEt7oT61EKmEFB
-Ik5lYYeBQVCmeVyJ3hlKV9Uu5l0cUyx+mM0aBhakaHPQNAQTXKFx01p8VdteZOE3
-hzBWBOURtCmAEvF5OYiiAhF8J2a3iLd48soKqDirCmTCv2ZdlYTBoSUeh10aUAsg
-EsxBu24LUTi4S8sCAwEAAaNjMGEwDgYDVR0PAQH/BAQDAgGGMA8GA1UdEwEB/wQF
-MAMBAf8wHQYDVR0OBBYEFLE+w2kD+L9HAdSYJhoIAu9jZCvDMB8GA1UdIwQYMBaA
-FLE+w2kD+L9HAdSYJhoIAu9jZCvDMA0GCSqGSIb3DQEBBQUAA4IBAQAcGgaX3Nec
-nzyIZgYIVyHbIUf4KmeqvxgydkAQV8GK83rZEWWONfqe/EW1ntlMMUu4kehDLI6z
-eM7b41N5cdblIZQB2lWHmiRk9opmzN6cN82oNLFpmyPInngiK3BD41VHMWEZ71jF
-hS9OMPagMRYjyOfiZRYzy78aG6A9+MpeizGLYAiJLQwGXFK3xPkKmNEVX58Svnw2
-Yzi9RKR/5CYrCsSXaQ3pjOLAEFe4yHYSkVXySGnYvCoCWw9E1CAx2/S6cCZdkGCe
-vEsXCS+0yx5DaMkHJ8HSXPfqIbloEpw8nL+e/IBcm2PN7EeqJSdnoDfzAIJ9VNep
-+OkuE6N36B9K
------END CERTIFICATE-----
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/toBeAdded/TERENA SSL High Assurance CA 3 (DigiCert High Assurance EV Root CA).crt b/id/server/data/deploy/conf/moa-id/certs/certstore/toBeAdded/TERENA SSL High Assurance CA 3 (DigiCert High Assurance EV Root CA).crt deleted file mode 100644 index ebdf72d7f..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/toBeAdded/TERENA SSL High Assurance CA 3 (DigiCert High Assurance EV Root CA).crt +++ /dev/null @@ -1,29 +0,0 @@ ------BEGIN CERTIFICATE-----
-MIIE4DCCA8igAwIBAgIQC1w0NWdbJGfA1zI3+Q1flDANBgkqhkiG9w0BAQsFADBs
-MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
-d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
-ZSBFViBSb290IENBMB4XDTE0MTExODEyMDAwMFoXDTI0MTExODEyMDAwMFowczEL
-MAkGA1UEBhMCTkwxFjAUBgNVBAgTDU5vb3JkLUhvbGxhbmQxEjAQBgNVBAcTCUFt
-c3RlcmRhbTEPMA0GA1UEChMGVEVSRU5BMScwJQYDVQQDEx5URVJFTkEgU1NMIEhp
-Z2ggQXNzdXJhbmNlIENBIDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
-AQChNsmK4gfxr6c9j2OMBRo3gOA7z5keoaPHiX4rUX+1fF1Brmvf7Uo83sRiXRYQ
-RJrD79hzJrulDtdihxgS5HgvIQHqGrp3NRRDUlq/4bItLTp9QCHzLhRQSrSYaFkI
-zztYezwb3ABzNiVciqQFk7WR9ebh9ZaCxaXfebcg7LodgQQ4XDvkW2Aknkb1J8NV
-nlbKen6PLlNSL4+MLV+uF1e87aTgOxbM9sxZ1/1LRqrOu28z9WA8qUZn2Av+hcP2
-TQIBoMPMQ8dT+6Yx/0Y+2J702OU//dS0pi8gMe7FtYVcZrlcSy/C40I7EFYHEjTm
-zH4EGvG6t9wZua2atFKvP/7HAgMBAAGjggF1MIIBcTASBgNVHRMBAf8ECDAGAQH/
-AgEAMA4GA1UdDwEB/wQEAwIBhjB/BggrBgEFBQcBAQRzMHEwJAYIKwYBBQUHMAGG
-GGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBJBggrBgEFBQcwAoY9aHR0cDovL2Nh
-Y2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0SGlnaEFzc3VyYW5jZUVWUm9vdENB
-LmNydDBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8vY3JsNC5kaWdpY2VydC5jb20v
-RGlnaUNlcnRIaWdoQXNzdXJhbmNlRVZSb290Q0EuY3JsMD0GA1UdIAQ2MDQwMgYE
-VR0gADAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BT
-MB0GA1UdDgQWBBTCuIXX4bkTvdFIvP1e3H2QQnqKqTAfBgNVHSMEGDAWgBSxPsNp
-A/i/RwHUmCYaCALvY2QrwzANBgkqhkiG9w0BAQsFAAOCAQEAsCq7NTey6NjZHqT4
-kjZBNU3sItnD+RYAMWx4ZyaELcy7XhndQzX88TYSCYxl/YWB6lCjxx0dL3wTZUbX
-r+WRDzz5xX+98kdYrwNCT7fmT4eenv6cCS1sC9hc4sIl5dkb1pguY3ViV5D8/yEB
-hadOpw3TwI8xkqe2j/H5fp4Oaf9cFdpf9C85mQgZJwsvtvmmDTQTPcGPRFTgdGtY
-2xbWxDah6HjKpX6iI4BTBQhhpX6TJl6/GEaYK07s2Kr8BFPhrgmep9vrepWv61x7
-dnnqz5SeAs6cbSm551qG7Dj8+6f/8e33oqLC5Ldnbt0Ou6PjtZ4O02dN9cnicemR
-1B0/YQ==
------END CERTIFICATE-----
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/toBeAdded/a-sign-Premium-Enc-05.20130923-20230920.SerNoFCDEE.cer b/id/server/data/deploy/conf/moa-id/certs/certstore/toBeAdded/a-sign-Premium-Enc-05.20130923-20230920.SerNoFCDEE.cer Binary files differdeleted file mode 100644 index d17d07619..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/toBeAdded/a-sign-Premium-Enc-05.20130923-20230920.SerNoFCDEE.cer +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/toBeAdded/a-sign-Premium-Sig-05.20130923-20230920.SerNoFCDB8.cer b/id/server/data/deploy/conf/moa-id/certs/certstore/toBeAdded/a-sign-Premium-Sig-05.20130923-20230920.SerNoFCDB8.cer Binary files differdeleted file mode 100644 index a6a9acdc3..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/toBeAdded/a-sign-Premium-Sig-05.20130923-20230920.SerNoFCDB8.cer +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/toBeAdded/a-sign-Premium-Test-Sig-02.20141124-20241118.SerNo3969edc1.cer b/id/server/data/deploy/conf/moa-id/certs/certstore/toBeAdded/a-sign-Premium-Test-Sig-02.20141124-20241118.SerNo3969edc1.cer Binary files differdeleted file mode 100644 index 1bb449441..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/toBeAdded/a-sign-Premium-Test-Sig-02.20141124-20241118.SerNo3969edc1.cer +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/toBeAdded/a-sign-Premium-enc-02.20140701-20240701.SerNo144dfd.cer b/id/server/data/deploy/conf/moa-id/certs/certstore/toBeAdded/a-sign-Premium-enc-02.20140701-20240701.SerNo144dfd.cer Binary files differdeleted file mode 100644 index 6c0c042b4..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/toBeAdded/a-sign-Premium-enc-02.20140701-20240701.SerNo144dfd.cer +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/toBeAdded/a-sign-SSL-03.20140723-20240723.SerNo14b4fd.cer b/id/server/data/deploy/conf/moa-id/certs/certstore/toBeAdded/a-sign-SSL-03.20140723-20240723.SerNo14b4fd.cer deleted file mode 100644 index 04627da98..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/toBeAdded/a-sign-SSL-03.20140723-20240723.SerNo14b4fd.cer +++ /dev/null @@ -1,26 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIEdzCCA1+gAwIBAgIDFLT9MA0GCSqGSIb3DQEBBQUAMIGNMQswCQYDVQQGEwJB -VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp -bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRkwFwYDVQQLDBBBLVRydXN0LW5R -dWFsLTAzMRkwFwYDVQQDDBBBLVRydXN0LW5RdWFsLTAzMB4XDTE0MDcyMzEwNDIw -NVoXDTI0MDcyMzA4NDIwNVowgYcxCzAJBgNVBAYTAkFUMUgwRgYDVQQKDD9BLVRy -dXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGltIGVsZWt0ci4gRGF0ZW52 -ZXJrZWhyIEdtYkgxFjAUBgNVBAsMDWEtc2lnbi1TU0wtMDMxFjAUBgNVBAMMDWEt -c2lnbi1TU0wtMDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMjPM6 -PqgdPBPV4Efudpytt2Y4GZJfjeRdZo5SCuULDvvL+23xxBWnR3scFvfE1ekHN/YK -k+2/qhU2B2ntoSNJSyDchNM8YPc9Lx67zZyhQTZgbBzh3IZAVb/hwuRRRV68JCBj -r3r6v7IbwjH5XcVISdB4szx0z93aAQyKW9QkV+tD5a1vWFETvdHsZeVmDzfqcdsG -AznPJw+9HrImCsswCWYUgPcFRkPNjj2r2NoyckVN781aWmNTAqJPf/Ckj9l9pUIt -Vjhy8XNJW4iVDBkkykBXcGSkIau0ypJrRjsD1jKqUTIRZ/y2HlyltmwWi8OuyBLd -LaHDbjc0b6JmqoivAgMBAAGjgeMwgeAwDwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4E -CgQIQD6h02K0A90wEwYDVR0jBAwwCoAIRGqVZ1V5EU8wDgYDVR0PAQH/BAQDAgEG -MIGUBgNVHR8EgYwwgYkwgYaggYOggYCGfmxkYXA6Ly9sZGFwLmEtdHJ1c3QuYXQv -b3U9QS1UcnVzdC1uUXVhbC0wMyxvPUEtVHJ1c3QsYz1BVD9jZXJ0aWZpY2F0ZXJl -dm9jYXRpb25saXN0P2Jhc2U/b2JqZWN0Y2xhc3M9ZWlkQ2VydGlmaWNhdGlvbkF1 -dGhvcml0eTANBgkqhkiG9w0BAQUFAAOCAQEAbHQvTl94ommGFln3s6wmd/tr6r5R -3FR3A7O/uiGEAqm/7B84KGkTmKHhChGMiCiMcBSGtMx1IaO+t7gimLtRL57wgeIf -k6nsgcbBioh0nO12XDagdtj75Dr7buEFyQvFdfydi5cAwScLW+YYxtwDni9/debd -ypFKeCRxdCX12n0oFQDPJf8YvE4CaDitBJCQrZdJBDpB6muF8mpNq8CIuyTPIBZX -RPKJNfIraKq/Xi7tuLkvWVGVsSqJeTvP++05Tvv/44+XBpCp3sUrjsb0G0Mj90PG -SnAapsrgzDzLO/LQ8vrB9H2oRM4iYfUxu/dKSOBVXa3WQzsLBL0/9zZ30g== ------END CERTIFICATE----- diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/toBeAdded/a-sign-Test-Qual-01.20141117-20241111.SerNo16120f.cer b/id/server/data/deploy/conf/moa-id/certs/certstore/toBeAdded/a-sign-Test-Qual-01.20141117-20241111.SerNo16120f.cer deleted file mode 100644 index 60bc9a557..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/toBeAdded/a-sign-Test-Qual-01.20141117-20241111.SerNo16120f.cer +++ /dev/null @@ -1,23 +0,0 @@ ------BEGIN CERTIFICATE----- -MIID2zCCAsOgAwIBAgIDFhIPMA0GCSqGSIb3DQEBBQUAMIGTMQswCQYDVQQGEwJB -VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp -bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRwwGgYDVQQLDBNhLXNpZ24tVEVT -VC1RdWFsLTAxMRwwGgYDVQQDDBNhLXNpZ24tVEVTVC1RdWFsLTAxMB4XDTE0MTEx -NzA3NDAzNloXDTI0MTExMTA2NDAzNlowgZMxCzAJBgNVBAYTAkFUMUgwRgYDVQQK -DD9BLVRydXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGltIGVsZWt0ci4g -RGF0ZW52ZXJrZWhyIEdtYkgxHDAaBgNVBAsME2Etc2lnbi1URVNULVF1YWwtMDEx -HDAaBgNVBAMME2Etc2lnbi1URVNULVF1YWwtMDEwggEiMA0GCSqGSIb3DQEBAQUA -A4IBDwAwggEKAoIBAQD4TRgyXzhxJ2AkndX0RPY771f64dsJrReEeuShLRK5io0B -kJWc4t7wuD1B98cJ0MUPlMmOJ2Ckc/vuLhQUyY3qEUmhMhixCUIcdHQ5yH3H0yMV -HxyJxAG83fE8M25kpKA4TzzMW8KPd2S63wbpPElyEy7vrllrLxvdQRSDpMZMvRg8 -fvoDGAehxsnKKwlXZuMq1aSBzfMz3cMBDKxvqzDIz7yC1iWNkdiwog3a5a5PbViK -shhZ0h+bx9WFDpiN6ooPQgcGhjD+NqIDoiOr7CUFHp+HiC6xIsEFJaBHTf3dRZ61 -0r1FDABx0Yj8+wlXSQLYq/1nR/QMwsvH0Cz1qYTPAgMBAAGjNjA0MA8GA1UdEwEB -/wQFMAMBAf8wEQYDVR0OBAoECE8h1CulBqTdMA4GA1UdDwEB/wQEAwIBBjANBgkq -hkiG9w0BAQUFAAOCAQEAimFu+xTm3UdyU+fO+2hz4DS20OGSC9NBDkorjzhRPWoZ -IVhUi6yH5drqSBm4/2ZYS1Ba5npzfyJwm+cLO28ljxAApfRHlbN0y83hKv7c0I7g -zWTMRs8X8ar5Gd7d4O5jpC4PAaZ1ozSDoE06U5im6YMLaJy/0QYvf5EQBMvLdeoc -d1vl17JYKYqYzcX2dvayikrfiglFqDaZZ66yJPBSuiyNhXpPkbXsOoyyTPtV/0Bh -eKIQiQyJID5aZtR7D4fBAzKdp5wB9KLQXBZ80hrwqrIuy+ME0tFaBWYBi8dzQ1iq -/E3Qz0USfGmxPMm8y/zRqsDvxZCRiSuvzBkOXbGMdA== ------END CERTIFICATE----- diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/toBeAdded/a-sign-corporate-light-02.20140905-20240905.SerNo153B49.cer b/id/server/data/deploy/conf/moa-id/certs/certstore/toBeAdded/a-sign-corporate-light-02.20140905-20240905.SerNo153B49.cer Binary files differdeleted file mode 100644 index e4bd48dac..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/toBeAdded/a-sign-corporate-light-02.20140905-20240905.SerNo153B49.cer +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/toBeAdded/a-sign-premium-sig-02.20140701-20240701.SerNo144e10.cer b/id/server/data/deploy/conf/moa-id/certs/certstore/toBeAdded/a-sign-premium-sig-02.20140701-20240701.SerNo144e10.cer Binary files differdeleted file mode 100644 index 74c4ce3b8..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/toBeAdded/a-sign-premium-sig-02.20140701-20240701.SerNo144e10.cer +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/toBeAdded/a-sign-premium-sig-03.20140701-20240701.SerNo144e13.cer b/id/server/data/deploy/conf/moa-id/certs/certstore/toBeAdded/a-sign-premium-sig-03.20140701-20240701.SerNo144e13.cer Binary files differdeleted file mode 100644 index 6c50ec079..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/toBeAdded/a-sign-premium-sig-03.20140701-20240701.SerNo144e13.cer +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/toBeAdded/atrust_OCSP_Responder_03-1.crt b/id/server/data/deploy/conf/moa-id/certs/certstore/toBeAdded/atrust_OCSP_Responder_03-1.crt Binary files differdeleted file mode 100644 index ebfbce9a0..000000000 --- a/id/server/data/deploy/conf/moa-id/certs/certstore/toBeAdded/atrust_OCSP_Responder_03-1.crt +++ /dev/null diff --git a/id/server/data/deploy/conf/moa-id/moa-id.properties b/id/server/data/deploy/conf/moa-id/moa-id.properties index b9e2f6c8d..41ca6c008 100644 --- a/id/server/data/deploy/conf/moa-id/moa-id.properties +++ b/id/server/data/deploy/conf/moa-id/moa-id.properties @@ -68,7 +68,7 @@ protocols.oauth20.jwt.ks.key.password=password ##Database configuration## #Hibnerate configuration for MOA-ID 3.x session store moasession.hibernate.dialect=org.hibernate.dialect.MySQLDialect -moasession.hibernate.connection.url=jdbc:mysql://localhost/moa-id-session?charSet=utf-8 +moasession.hibernate.connection.url=jdbc:mysql://localhost/moa-id-session?charSet=utf-8&serverTimezone=UTC moasession.hibernate.connection.charSet=utf-8 moasession.hibernate.connection.driver_class=com.mysql.jdbc.Driver moasession.hibernate.connection.username= @@ -80,19 +80,27 @@ moasession.hibernate.transaction.flush_before_completion=true moasession.hibernate.transaction.auto_close_session=true moasession.hibernate.show_sql=false moasession.hibernate.format_sql=true -moasession.hibernate.c3p0.acquire_increment=3 -moasession.hibernate.c3p0.idle_test_period=60 -moasession.hibernate.c3p0.timeout=60 -moasession.hibernate.c3p0.max_size=20 -moasession.hibernate.c3p0.max_statements=0 -moasession.hibernate.c3p0.min_size=3 + +moasession.jpaVendorAdapter.generateDdl=true +moasession.dbcp.connectionProperties= +moasession.dbcp.initialSize=5 +moasession.dbcp.maxActive=100 +moasession.dbcp.maxIdle=8 +moasession.dbcp.minIdle=5 +moasession.dbcp.maxWaitMillis=-1 +moasession.dbcp.testOnBorrow=true +moasession.dbcp.testOnReturn=false +moasession.dbcp.testWhileIdle=false +moasession.dbcp.validationQuery=select 1 + + #Hibnerate configuration for MOA-ID 3.x configuration configuration.hibernate.dialect=org.hibernate.dialect.MySQLDialect configuration.jpaVendorAdapter.generateDdl=true configuration.hibernate.show_sql=false -configuration.hibernate.connection.url=jdbc:mysql://localhost/moa-id-config?charSet=utf-8&autoReconnect=true +configuration.hibernate.connection.url=jdbc:mysql://localhost/moa-id-config?charSet=utf-8&autoReconnect=true&serverTimezone=UTC configuration.hibernate.connection.charSet=utf-8 configuration.hibernate.connection.driver_class=com.mysql.jdbc.Driver configuration.hibernate.connection.username= @@ -100,7 +108,7 @@ configuration.hibernate.connection.password= configuration.dbcp.connectionProperties= configuration.dbcp.initialSize=0 -configuration.dbcp.maxActive=8 +configuration.dbcp.maxActive=100 configuration.dbcp.maxIdle=8 configuration.dbcp.minIdle=0 configuration.dbcp.maxWaitMillis=-1 @@ -112,7 +120,7 @@ configuration.dbcp.validationQuery=SELECT 1 # #Hibnerate configuration for MOA-ID 3.x advanced statistic logging advancedlogging.hibernate.dialect=org.hibernate.dialect.MySQLDialect -advancedlogging.hibernate.connection.url=jdbc:mysql://localhost/moa-id-statistic?charSet=utf-8&autoReconnect=true +advancedlogging.hibernate.connection.url=jdbc:mysql://localhost/moa-id-statistic?charSet=utf-8&autoReconnect=true&serverTimezone=UTC advancedlogging.hibernate.connection.charSet=utf-8 advancedlogging.hibernate.connection.driver_class=com.mysql.jdbc.Driver advancedlogging.hibernate.connection.username= @@ -123,13 +131,19 @@ advancedlogging.hibernate.current_session_context_class=thread advancedlogging.hibernate.transaction.auto_close_session=true advancedlogging.hibernate.show_sql=false advancedlogging.hibernate.format_sql=true -advancedlogging.hibernate.connection.provider_class=org.hibernate.service.jdbc.connections.internal.C3P0ConnectionProvider -advancedlogging.hibernate.c3p0.acquire_increment=3 -advancedlogging.hibernate.c3p0.idle_test_period=60 -advancedlogging.hibernate.c3p0.timeout=300 -advancedlogging.hibernate.c3p0.max_size=20 -advancedlogging.hibernate.c3p0.max_statements=0 -advancedlogging.hibernate.c3p0.min_size=3 +advancedlogging.hibernate.transaction.flush_before_completion=true + +advancedlogging.jpaVendorAdapter.generateDdl=true +advancedlogging.dbcp.connectionProperties= +advancedlogging.dbcp.initialSize=3 +advancedlogging.dbcp.maxActive=50 +advancedlogging.dbcp.maxIdle=8 +advancedlogging.dbcp.minIdle=3 +advancedlogging.dbcp.maxWaitMillis=-1 +advancedlogging.dbcp.testOnBorrow=true +advancedlogging.dbcp.testOnReturn=false +advancedlogging.dbcp.testWhileIdle=false +advancedlogging.dbcp.validationQuery=select 1 ################ Additonal eID-modul configuration #################################### @@ -141,6 +155,9 @@ moa.id.protocols.eIDAS.samlengine.config.file=eIDAS/SamlEngine_basics.xml moa.id.protocols.eIDAS.samlengine.sign.config.file=eIDAS/SignModule.xml moa.id.protocols.eIDAS.samlengine.enc.config.file=eIDAS/EncryptModule.xml moa.id.protocols.eIDAS.metadata.validation.truststore=eIDAS_metadata +moa.id.protocols.eIDAS.node.country=Austria +moa.id.protocols.eIDAS.node.countrycode=AT +moa.id.protocols.eIDAS.node.LoA=http://eidas.europa.eu/LoA/high ### HBV Mandate-Service client module ### modules.elga_mandate.nameID.target=urn:publicid:gv.at:cdid+GH @@ -165,6 +182,12 @@ modules.federatedAuth.request.sign.password=password modules.federatedAuth.response.encryption.alias=pvp_assertion modules.federatedAuth.response.encryption.password=password +#Redis Settings, if Redis is used as a backend for session data. +#has to be enabled with the following parameter +#redis.active=true +redis.use-pool=true +redis.host-name=localhost +redis.port=6379 ################SZR Client configuration#################################### ## The SZR client is only required if MOA-ID-Auth should be diff --git a/id/server/doc/handbook/config/config.html b/id/server/doc/handbook/config/config.html index 6fb5aad80..1e1a7d398 100644 --- a/id/server/doc/handbook/config/config.html +++ b/id/server/doc/handbook/config/config.html @@ -673,6 +673,37 @@ https://<host>:<port>/moa-id-auth/MonitoringServlet</pre> <td>Passwort für den Zugriff auf das Datenbank Schema</td> </tr> </table> +<p> </p> +<p><strong>Hinweis:</strong> Zusätzlich zum SQL based Datenbank Backend für Sessiondaten gibt es aber der Version 3.2.0 die Möglichkeit einen Redis Datenserver als Datenbank Backend für Kurzzeitsessiondaten zu verwenden. Wird dieser aktiviert werden nur mehr Single Sign-On Sessioninformationen in der Sessiondatenbank abgelegt. Alle anderen Prozessdaten werden ausschließlich über das Redis Backend abgewickelt.</p> +<table class="configtable"> + <tr> + <th>Name</th> + <th>Beispielwert</th> + <th>Beschreibung</th> + </tr> + <tr> + <td>redis.active</td> + <td><p>true / false</p></td> + <td>Aktiviert das Redis Backend für Kurzzeitsessiondaten</td> + </tr> + <tr> + <td>redis.use-pool</td> + <td>true / false</td> + <td>Aktiviert / Deaktiviert den Connectionpool für Redis</td> + </tr> + <tr> + <td><p>redis.host-name</p></td> + <td>localhost</td> + <td>URL unter der der Redis Server erreichbar ist</td> + </tr> + <tr> + <td><p>redis.port</p></td> + <td>6379</td> + <td>Port unter dem der Redis Server erreichbar ist</td> + </tr> +</table> +<p> </p> +<p> </p> <h6><a name="basisconfig_moa_id_auth_param_database_info" id="uebersicht_bekanntmachung14"></a>2.2.2.4.3 Statistikdaten</h6> <p>Alle Parameter aus der Basiskonfiguration welche als Prefix <em>advancedlogging.hibernate</em>. im Parameternamen aufweisen konfigurieren den Zugriff auf das Datenbank Schema welches die Konfiguration von MOA-ID-Auth beinhaltet. Eine Konfiguration dieser Parameter ist nur erforderlich wenn <em>configuration.advancedlogging.active</em> auf <em>true</em> gesetzt wird. (siehe <a href="#basisconfig_moa_id_auth_param_general">Kapitel 2.2.2.1</a>)</p> <table class="configtable"> @@ -1082,13 +1113,8 @@ https://<host>:<port>/moa-id-auth/MonitoringServlet</pre> <th>Beschreibung</th> </tr> <tr> - <td>CertStoreDirecorty</td> - <td>certs/certstore</td> - <td>Gibt den Pfadnamen zu einem Verzeichnis an, das als Zertifikatsspeicher im Zuge der TLS-Server-Zertifikatsüberprüfung verwendet wird.</td> - </tr> - <tr> <td><p>TrustManagerRevocation</p> -Checking</td> + Checking</td> <td> </td> <td>Für die TLS-Server-Authentisierung dürfen nur Server-Zertifikate verwendet werden, die eine CRLDP-Extension enthalten (andernfalls kann von MOA-ID-Auth keine CRL-überprüfung durchgeführt werden). Soll das RevocationChecking generell ausgeschaltet werden, ist dieses Attribut anzugeben und auf "false" zu setzen</td> </tr> diff --git a/id/server/doc/handbook/protocol/protocol.html b/id/server/doc/handbook/protocol/protocol.html index 58474b635..5a578a5aa 100644 --- a/id/server/doc/handbook/protocol/protocol.html +++ b/id/server/doc/handbook/protocol/protocol.html @@ -685,7 +685,11 @@ Redirect Binding</td> </tr> <tr> <td>1306</td> - <td>Generierung dereIDAS Metadaten fehlgeschlagen</td> + <td>Generierung der eIDAS Metadaten fehlgeschlagen</td> + </tr> + <tr> + <td>1307</td> + <td>Generierung der eIDAS Response fehlgeschlagen</td> </tr> <tr> <td>1399</td> diff --git a/id/server/idserverlib/pom.xml b/id/server/idserverlib/pom.xml index 3e982d94a..7652af302 100644 --- a/id/server/idserverlib/pom.xml +++ b/id/server/idserverlib/pom.xml @@ -74,7 +74,7 @@ <scope>test</scope>
</dependency>
- <dependency>
+<!-- <dependency>
<groupId>org.hibernate</groupId>
<artifactId>hibernate-core</artifactId>
<version>${hibernate.version}</version>
@@ -85,16 +85,16 @@ </exclusion>
</exclusions>
</dependency>
- <dependency>
+ dependency>
<groupId>org.hibernate</groupId>
<artifactId>hibernate-c3p0</artifactId>
<version>${hibernate.version}</version>
- </dependency>
+ </dependency
<dependency>
<groupId>org.hibernate</groupId>
<artifactId>hibernate-entitymanager</artifactId>
<version>${hibernate.version}</version>
- </dependency>
+ </dependency> -->
<dependency>
<groupId>MOA.id</groupId>
@@ -205,6 +205,12 @@ <artifactId>unitils-core</artifactId>
<scope>test</scope>
</dependency>
+ <dependency>
+ <groupId>junit</groupId>
+ <artifactId>junit</artifactId>
+ <scope>test</scope>
+ </dependency>
+
<!-- <dependency>
<groupId>MOA</groupId>
<artifactId>moa-common</artifactId>
@@ -282,7 +288,6 @@ <dependency>
<groupId>org.apache.santuario</groupId>
<artifactId>xmlsec</artifactId>
- <version>2.0.5</version>
</dependency>
<!-- the core, which includes Streaming API, shared low-level abstractions (but NOT data-binding) -->
@@ -315,6 +320,13 @@ <scope>test</scope>
</dependency>
+ <dependency>
+ <groupId>iaik.prod</groupId>
+ <artifactId>iaik_ixsil</artifactId>
+ <version>1.2.2.5</version>
+ <scope>test</scope>
+ </dependency>
+
<dependency>
<groupId>com.h2database</groupId>
<artifactId>h2</artifactId>
@@ -386,7 +398,41 @@ <artifactId>spring-test</artifactId>
<scope>test</scope>
</dependency>
-
+ <dependency>
+ <groupId>org.springframework</groupId>
+ <artifactId>spring-tx</artifactId>
+ <version>${org.springframework.version}</version>
+ </dependency>
+
+
+ <!-- Redis -->
+ <dependency>
+ <groupId>org.springframework.data</groupId>
+ <artifactId>spring-data-redis</artifactId>
+ <version>1.7.4.RELEASE</version>
+ </dependency>
+
+ <dependency>
+ <groupId>org.apache.commons</groupId>
+ <artifactId>commons-pool2</artifactId>
+ <version>2.4.2</version>
+ </dependency>
+ <dependency>
+ <groupId>redis.clients</groupId>
+ <artifactId>jedis</artifactId>
+ <version>2.9.0</version>
+ </dependency>
+
+ <dependency>
+ <groupId>org.codehaus.jackson</groupId>
+ <artifactId>jackson-core-asl</artifactId>
+ <version>1.9.13</version>
+ </dependency>
+ <dependency>
+ <groupId>org.codehaus.jackson</groupId>
+ <artifactId>jackson-mapper-asl</artifactId>
+ <version>1.9.13</version>
+ </dependency>
</dependencies>
<build>
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/MOAOrderedAttributeIterator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/DummyStatisticLogger.java index 573163af0..8fff6b20b 100644 --- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/MOAOrderedAttributeIterator.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/DummyStatisticLogger.java @@ -1,4 +1,4 @@ -/* +/******************************************************************************* * Copyright 2014 Federal Chancellery Austria * MOA-ID has been developed in a cooperation between BRZ, the Federal * Chancellery Austria - ICT staff unit, and Graz University of Technology. @@ -19,48 +19,40 @@ * file for details on the various modules and licenses. * The "NOTICE" text file is part of the distribution. Any derivative works * that you distribute must include a readable copy of the "NOTICE" text file. - */ -package at.gv.egovernment.moa.id.auth.modules.eidas.utils; + *******************************************************************************/ +package at.gv.egovernment.moa.id.advancedlogging; -import java.util.Iterator; -import java.util.NoSuchElementException; -import at.gv.egovernment.moa.logging.Logger; - -import eu.eidas.auth.commons.PersonalAttribute; -import eu.eidas.auth.commons.PersonalAttributeList; - - -/** - * @author tlenz - * - */ -public class MOAOrderedAttributeIterator implements Iterator<PersonalAttribute> { - - private MOAPersonalAttributeList pal; - private Iterator<String> keyIterator; +import org.springframework.stereotype.Service; - public MOAOrderedAttributeIterator(MOAPersonalAttributeList palArg) { - this.pal = palArg; - keyIterator = palArg.getInsertOrder().iterator(); - } - - @Override - public boolean hasNext() { - return keyIterator.hasNext(); - } - - @Override - public PersonalAttribute next() { - if (!hasNext()) { - throw new NoSuchElementException(); - } - return pal.get(keyIterator.next()); - } - - @Override - public void remove() { - Logger.error("Not implemented"); - } +import at.gv.egovernment.moa.id.commons.api.IRequest; +import at.gv.egovernment.moa.id.data.IAuthData; +import at.gv.egovernment.moa.logging.Logger; -} +@Service("StatisticLogger") +public class DummyStatisticLogger implements IStatisticLogger{ + + @Override + public void logSuccessOperation(IRequest protocolRequest, + IAuthData authData, boolean isSSOSession) { + Logger.trace("Dummy-logSuccessOperation"); + } + + @Override + public void logErrorOperation(Throwable throwable) { + Logger.trace("Dummy-logErrorOperation"); + } + + @Override + public void logErrorOperation(Throwable throwable, IRequest errorRequest) { + Logger.trace("Dummy-logErrorOperation"); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.advancedlogging.IStatisticLogger#testConnection() + */ + @Override + public void testConnection() throws Exception { + Logger.trace("Dummy-logErrorOperation"); + + }} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/IStatisticLogger.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/IStatisticLogger.java new file mode 100644 index 000000000..e0f21c012 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/IStatisticLogger.java @@ -0,0 +1,39 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + *******************************************************************************/ +package at.gv.egovernment.moa.id.advancedlogging; + +import at.gv.egovernment.moa.id.commons.api.IRequest; +import at.gv.egovernment.moa.id.data.IAuthData; + + +public interface IStatisticLogger { + + public void logSuccessOperation(IRequest protocolRequest, IAuthData authData, boolean isSSOSession); + + public void logErrorOperation(Throwable throwable); + + public void logErrorOperation(Throwable throwable, IRequest errorRequest); + + public void testConnection() throws Exception; + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/MOAReversionLogger.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/MOAReversionLogger.java index 4a5cbd55f..b26c9c1a9 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/MOAReversionLogger.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/MOAReversionLogger.java @@ -31,11 +31,11 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; import at.gv.e_government.reference.namespace.mandates._20040701_.Mandate; -import at.gv.egovernment.moa.id.auth.data.IdentityLink; import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.commons.api.IRequest; -import at.gv.egovernment.moa.id.data.MISMandate; +import at.gv.egovernment.moa.id.commons.api.data.IIdentityLink; +import at.gv.egovernment.moa.id.commons.api.data.IMISMandate; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.Base64Utils; import at.gv.egovernment.moa.util.MiscUtil; @@ -177,7 +177,7 @@ public class MOAReversionLogger { } - public void logMandateEventSet(IRequest pendingReq, MISMandate mandate) { + public void logMandateEventSet(IRequest pendingReq, IMISMandate mandate) { if (MiscUtil.isNotEmpty(mandate.getOWbPK())) logEvent(pendingReq, MOAIDEventConstants.PERSONAL_INFORMATION_PROF_REPRESENTATIVE_BPK, mandate.getOWbPK()); @@ -222,7 +222,7 @@ public class MOAReversionLogger { * @param identityLink */ public void logPersonalInformationEvent(IRequest pendingReq, - IdentityLink identityLink) { + IIdentityLink identityLink) { logEvent(pendingReq, MOAIDEventConstants.PERSONAL_INFORMATION_USERNAME_HASH, buildPersonInformationHash( identityLink.getGivenName(), diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java index 0171f9d90..5b0f5115d 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java @@ -26,19 +26,23 @@ import java.io.ByteArrayInputStream; import java.io.IOException; import java.io.InputStream; import java.util.Date; +import java.util.List; +import javax.persistence.EntityManager; +import javax.persistence.PersistenceContext; +import javax.persistence.Query; import javax.xml.bind.JAXBContext; import javax.xml.bind.JAXBException; import javax.xml.bind.Unmarshaller; import org.apache.commons.lang3.StringEscapeUtils; import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.stereotype.Service; +import org.springframework.stereotype.Repository; +import org.springframework.transaction.annotation.Transactional; import at.gv.e_government.reference.namespace.mandates._20040701_.Mandate; import at.gv.e_government.reference.namespace.mandates._20040701_.Mandator; import at.gv.e_government.reference.namespace.persondata._20020228_.CorporateBodyType; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.BKUException; import at.gv.egovernment.moa.id.auth.exception.MISSimpleClientException; import at.gv.egovernment.moa.id.auth.exception.ServiceException; @@ -46,21 +50,22 @@ import at.gv.egovernment.moa.id.client.SZRGWClientException; import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.commons.api.IRequest; +import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession; +import at.gv.egovernment.moa.id.commons.api.data.IMISMandate; import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; -import at.gv.egovernment.moa.id.commons.db.StatisticLogDBUtils; import at.gv.egovernment.moa.id.commons.db.dao.statistic.StatisticLog; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.data.IAuthData; -import at.gv.egovernment.moa.id.data.MISMandate; import at.gv.egovernment.moa.id.moduls.RequestImpl; import at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; -@Service("StatisticLogger") -public class StatisticLogger { +@Repository("StatisticLogger") +@Transactional("statisticLogTransactionManager") +public class StatisticLogger implements IStatisticLogger{ private static final String GENERIC_LOCALBKU = ":3496/https-security-layer-request"; private static final String GENERIC_HANDYBKU = "https://www.handy-signatur.at/"; @@ -79,7 +84,20 @@ public class StatisticLogger { @Autowired AuthConfiguration authConfig; @Autowired IAuthenticationSessionStoreage authenticatedSessionStorage; + + @PersistenceContext(unitName="statistic") + private EntityManager entityManager; + + + public void testConnection() throws Exception { + Date expioredate = new Date(new Date().getTime() - 120); + Query query = entityManager.createNamedQuery("getAllEntriesNotBeforeTimeStamp"); + query.setParameter("timeout", expioredate); + List<StatisticLog> result = query.getResultList(); + } + + public void logSuccessOperation(IRequest protocolRequest, IAuthData authData, boolean isSSOSession) { if ( authConfig.isAdvancedLoggingActive() && protocolRequest != null && authData != null) { @@ -131,7 +149,7 @@ public class StatisticLogger { if (authData.isUseMandate()) { dblog.setMandatelogin(authData.isUseMandate()); - MISMandate mandate = authData.getMISMandate(); + IMISMandate mandate = authData.getMISMandate(); if (mandate != null) { if (MiscUtil.isNotEmpty(mandate.getProfRep())) { @@ -187,15 +205,9 @@ public class StatisticLogger { } } } + + entityManager.persist(dblog); - - - try { - StatisticLogDBUtils.saveOrUpdate(dblog); - - } catch (MOADatabaseException e) { - Logger.warn("Statistic Log can not be stored into Database", e); - } } } @@ -216,12 +228,8 @@ public class StatisticLogger { - try { - StatisticLogDBUtils.saveOrUpdate(dblog); - - } catch (MOADatabaseException e) { - Logger.warn("Statistic Log can not be stored into Database", e); - } + entityManager.persist(dblog); + } } @@ -246,33 +254,36 @@ public class StatisticLogger { //dblog.setOaID(dbOA.getHjid()); dblog.setBusinessservice(isBusinessService(dbOA)); - try { - AuthenticationSession moasession = authenticatedSessionStorage. - getSession(errorRequest.getMOASessionIdentifier()); - if (moasession != null) { - if (MiscUtil.isNotEmpty(moasession.getBkuURL())) { - dblog.setBkuurl(moasession.getBkuURL()); - dblog.setBkutype(findBKUType(moasession.getBkuURL(), dbOA)); - } - - dblog.setMandatelogin(moasession.isMandateUsed()); + IAuthenticationSession moasession = null; + if (MiscUtil.isNotEmpty(errorRequest.getInternalSSOSessionIdentifier())) { + Logger.debug("Use MOA session information from SSO session for ErrorLogging"); + try { + moasession = authenticatedSessionStorage.getInternalSSOSession(errorRequest.getInternalSSOSessionIdentifier()); + + } catch (MOADatabaseException e) { + Logger.error("Error during database communication", e); + } - - } catch (MOADatabaseException e) { - Logger.debug(e.getMessage() + " --> StatistikLog will not include MOASession information."); + + } else { + Logger.debug("Use MOA session information from pending-req for ErrorLogging"); + moasession = errorRequest.getMOASession(); } - - generateErrorLogFormThrowable(throwable, dblog); + if (moasession != null) { + if (MiscUtil.isNotEmpty(moasession.getBkuURL())) { + dblog.setBkuurl(moasession.getBkuURL()); + dblog.setBkutype(findBKUType(moasession.getBkuURL(), dbOA)); + } + + dblog.setMandatelogin(moasession.isMandateUsed()); + } + generateErrorLogFormThrowable(throwable, dblog); + + entityManager.persist(dblog); - try { - StatisticLogDBUtils.saveOrUpdate(dblog); - - } catch (MOADatabaseException e) { - Logger.warn("Statistic Log can not be stored into Database", e); - } } } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationSessionCleaner.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationSessionCleaner.java index e0552c337..bbb322a4f 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationSessionCleaner.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationSessionCleaner.java @@ -8,6 +8,8 @@ import java.util.List; import org.hibernate.HibernateException; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.scheduling.annotation.EnableScheduling; +import org.springframework.scheduling.annotation.Scheduled; import org.springframework.stereotype.Service; import at.gv.egovernment.moa.id.advancedlogging.TransactionIDUtils; @@ -29,6 +31,7 @@ import at.gv.egovernment.moa.util.MiscUtil; * @version $Id$ */ @Service("AuthenticationSessionCleaner") +@EnableScheduling public class AuthenticationSessionCleaner implements Runnable { @Autowired private IAuthenticationSessionStoreage authenticationSessionStorage; @@ -36,7 +39,7 @@ public class AuthenticationSessionCleaner implements Runnable { @Autowired protected AuthConfiguration authConfig; /** interval the <code>AuthenticationSessionCleaner</code> is run in */ - private static final long SESSION_CLEANUP_INTERVAL = 5 * 60; // 5 min + private static final long SESSION_CLEANUP_INTERVAL = 5 * 60 *1000 ; // 5 min /** * Runs the thread. Cleans the <code>AuthenticationServer</code> session store @@ -45,8 +48,8 @@ public class AuthenticationSessionCleaner implements Runnable { * Cleans up expired session and authentication data stores. * */ + @Scheduled(fixedRate = SESSION_CLEANUP_INTERVAL) public void run() { - while (true) { try { Logger.debug("AuthenticationSessionCleaner run"); Date now = new Date(); @@ -66,7 +69,7 @@ public class AuthenticationSessionCleaner implements Runnable { try { try { Object entry = transactionStorage.get(entryKey); - //if entry is an exception --> log it because is could be unhandled + //if entry is an exception --> log it because it could be unhandled if (entry != null && entry instanceof ExceptionContainer) { ExceptionContainer exContainer = (ExceptionContainer) entry; @@ -115,12 +118,6 @@ public class AuthenticationSessionCleaner implements Runnable { } catch (Exception e) { Logger.error(MOAIDMessageProvider.getInstance().getMessage("cleaner.01", null), e); } - try { - Thread.sleep(SESSION_CLEANUP_INTERVAL * 1000); - } - catch (InterruptedException e) { - } - } } /** @@ -143,18 +140,4 @@ public class AuthenticationSessionCleaner implements Runnable { } } } - - /** - * start the sessionCleaner - */ - public static void start(Runnable clazz) { - // start the session cleanup thread - Thread sessionCleaner = - new Thread(clazz, "AuthenticationSessionCleaner"); - sessionCleaner.setName("SessionCleaner"); - sessionCleaner.setDaemon(true); - sessionCleaner.setPriority(Thread.MIN_PRIORITY); - sessionCleaner.start(); - } - } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/BaseAuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/BaseAuthenticationServer.java index 20f2029cb..f0d9741d4 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/BaseAuthenticationServer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/BaseAuthenticationServer.java @@ -4,11 +4,8 @@ package at.gv.egovernment.moa.id.auth; import org.springframework.beans.factory.annotation.Autowired; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; -import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; -import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; -import at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage; /** * API for MOA ID Authentication Service.<br> {@link AuthenticationSession} is @@ -20,32 +17,7 @@ import at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage; */ public abstract class BaseAuthenticationServer extends MOAIDAuthConstants { - @Autowired private IAuthenticationSessionStoreage authenticationSessionStorage; @Autowired protected AuthConfiguration authConfig; - /** - * Retrieves a session from the session store. - * - * @param id session ID - * @return <code>AuthenticationSession</code> stored with given session ID (never {@code null}). - * @throws AuthenticationException in case the session id does not reflect a valic, active session. - */ - public AuthenticationSession getSession(String id) - throws AuthenticationException { - AuthenticationSession session; - try { - session = authenticationSessionStorage.getSession(id); - - if (session == null) - throw new AuthenticationException("auth.02", new Object[]{id}); - return session; - - } catch (MOADatabaseException e) { - throw new AuthenticationException("auth.02", new Object[]{id}); - - } catch (Exception e) { - throw new AuthenticationException("parser.04", new Object[]{id}); - } - } } diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/engine/MOAeIDAsExtensionProcessor.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/IDestroyableObject.java index 5837d7dbf..6f98357e2 100644 --- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/engine/MOAeIDAsExtensionProcessor.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/IDestroyableObject.java @@ -20,29 +20,17 @@ * The "NOTICE" text file is part of the distribution. Any derivative works * that you distribute must include a readable copy of the "NOTICE" text file. */ -package at.gv.egovernment.moa.id.auth.modules.eidas.engine; - -import java.util.HashSet; -import java.util.Set; - -import at.gv.egovernment.moa.id.auth.modules.eidas.Constants; -import eu.eidas.auth.engine.core.ExtensionProcessorI; -import eu.eidas.auth.engine.core.eidas.EidasExtensionProcessor; +package at.gv.egovernment.moa.id.auth; /** * @author tlenz * */ -public class MOAeIDAsExtensionProcessor extends EidasExtensionProcessor implements ExtensionProcessorI { - +public interface IDestroyableObject { /** - * Add only eIDAS attributes which are supported by Austrian eIDAS node + * Manually deep destroy a Java object with all child objects like timers and threads * */ - @Override - public Set<String> getSupportedAttributes(){ - Set<String> supportedAttributes=new HashSet<String>( Constants.METADATA_POSSIBLE_ATTRIBUTES.keySet()); - - return supportedAttributes; - } + public void fullyDestroy(); + } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/IGarbageCollectorProcessing.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/IGarbageCollectorProcessing.java index a1008e883..27d142f2c 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/IGarbageCollectorProcessing.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/IGarbageCollectorProcessing.java @@ -20,7 +20,7 @@ * The "NOTICE" text file is part of the distribution. Any derivative works * that you distribute must include a readable copy of the "NOTICE" text file. */ -package at.gv.egovernment.moa.id.config.auth; +package at.gv.egovernment.moa.id.auth; /** * @author tlenz diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAGarbageCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAGarbageCollector.java new file mode 100644 index 000000000..52e30a2f0 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAGarbageCollector.java @@ -0,0 +1,93 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + *******************************************************************************/ +package at.gv.egovernment.moa.id.auth; + + +import java.util.Iterator; +import java.util.Map; +import java.util.Map.Entry; + +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.context.ApplicationContext; +import org.springframework.scheduling.annotation.EnableScheduling; +import org.springframework.scheduling.annotation.Scheduled; +import org.springframework.stereotype.Service; + +import at.gv.egovernment.moa.logging.Logger; + +@Service("MOAGarbageCollector") +@EnableScheduling +public class MOAGarbageCollector implements Runnable { + + @Autowired ApplicationContext context; + + private static final long INTERVAL = 24 * 60 * 60 * 1000; // 24 hours + //private static final long INITAL_DELAY = 12 * 60 * 60 * 1000; // 12 hours + + private static final long INITAL_DELAY = 2 * 60 * 1000; // 12 hours + +// private static final List<IGarbageCollectorProcessing> processModules = +// new ArrayList<IGarbageCollectorProcessing>(); + + + @Scheduled(fixedRate = INTERVAL, initialDelay = INITAL_DELAY) + public void run() { + + Map<String, IGarbageCollectorProcessing> processModules = + context.getBeansOfType(IGarbageCollectorProcessing.class); + + if (processModules != null) { + Iterator<Entry<String, IGarbageCollectorProcessing>> interator = processModules.entrySet().iterator(); + while (interator.hasNext()) { + try { + interator.next().getValue().runGarbageCollector(); + + } catch (Throwable e1) { + Logger.warn("Garbage collection FAILED in some module.", e1); + + } + + } + } + } + +// /** +// * Add a module to MOA internal garbage collector. Every module is executed once a day +// * +// * @param modul Module which should be executed by the garbage collector. +// */ +// public static void addModulForGarbageCollection(IGarbageCollectorProcessing modul) { +// processModules.add(modul); +// +// } + +// public static void start() { +// // start the session cleanup thread +// Thread configLoader = new Thread(new MOAGarbageCollector(), "MOAGarbageCollector"); +// configLoader.setName("MOAGarbageCollectorr"); +// configLoader.setDaemon(true); +// configLoader.setPriority(Thread.MIN_PRIORITY); +// configLoader.start(); +// } + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java index d1cf3338a..5769d99df 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java @@ -36,18 +36,16 @@ import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; import at.gv.egovernment.moa.id.commons.utils.MOAIDMessageProvider; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.id.config.auth.MOAGarbageCollector; import at.gv.egovernment.moa.id.util.Random; import at.gv.egovernment.moa.id.util.SSLUtils; import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.logging.LoggingContext; -import at.gv.egovernment.moa.logging.LoggingContextManager; -import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider; -import at.gv.egovernment.moa.spss.server.iaik.config.IaikConfigurator; -import at.gv.egovernment.moa.util.Constants; +import at.gv.egovernment.moa.spss.MOAException; +import at.gv.egovernment.moa.spss.api.Configurator; import at.gv.egovernment.moa.util.MiscUtil; +import at.gv.egovernment.moaspss.logging.LoggingContext; +import at.gv.egovernment.moaspss.logging.LoggingContextManager; import iaik.pki.PKIException; -import iaik.security.ecc.provider.ECCProvider; +import iaik.security.ec.provider.ECCelerate; import iaik.security.provider.IAIK; /** @@ -74,16 +72,31 @@ public class MOAIDAuthInitializer { MailcapCommandMap mc = new MailcapCommandMap(); CommandMap.setDefaultCommandMap(mc); + //allowed SSL ciphers regarding to PVP SMA 1.3 document if (MiscUtil.isEmpty(System.getProperty("https.cipherSuites"))) System.setProperty( "https.cipherSuites", - "TLS_DH_anon_WITH_AES_128_CBC_SHA" + + //high secure RSA bases ciphers + ",TLS_DHE_RSA_WITH_AES_256_GCM_SHA384" + + ",TLS_DHE_RSA_WITH_AES_128_GCM_SHA256" + + ",TLS_DHE_RSA_WITH_AES_256_CBC_SHA256" + + ",TLS_DHE_RSA_WITH_AES_128_CBC_SHA256" + + + //high secure ECC bases ciphers + ",TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384" + + ",TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384" + + ",TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256" + + ",TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256" + + ",TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384" + + ",TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384" + + ",TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256" + + ",TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256" + + + //secure backup chipers + ",TLS_DHE_RSA_WITH_AES_256_CBC_SHA" + ",TLS_DHE_RSA_WITH_AES_128_CBC_SHA" + - ",TLS_DHE_DSS_WITH_AES_128_CBC_SHA" + ",TLS_RSA_WITH_AES_128_CBC_SHA" + - ",TLS_RSA_WITH_AES_256_CBC_SHA" + - ",SSL_DH_anon_WITH_3DES_EDE_CBC_SHA" + - ",SSL_RSA_WITH_3DES_EDE_CBC_SHA" + ",TLS_RSA_WITH_AES_256_CBC_SHA" ); @@ -104,17 +117,11 @@ public class MOAIDAuthInitializer { Logger.info("Loading Java security providers."); IAIK.addAsProvider(); - ECCProvider.addAsProvider(); + ECCelerate.addAsProvider(); // Initializes SSLSocketFactory store SSLUtils.initialize(); - // Initializes Namespace Map - Constants.nSMap.put(Constants.SAML_PREFIX, Constants.SAML_NS_URI); - Constants.nSMap.put(Constants.ECDSA_PREFIX, - "http://www.w3.org/2001/04/xmldsig-more#"); - Constants.nSMap.put(Constants.DSIG_PREFIX, Constants.DSIG_NS_URI); - //seed the random number generator Random.seedRandom(); Logger.debug("Random-number generator is seeded."); @@ -130,24 +137,28 @@ public class MOAIDAuthInitializer { //MOA-SP is only use by API calls since MOA-ID 3.0.0 try { LoggingContextManager.getInstance().setLoggingContext( - new LoggingContext("startup")); - ConfigurationProvider config = ConfigurationProvider - .getInstance(); - new IaikConfigurator().configure(config); - - } catch (at.gv.egovernment.moa.spss.server.config.ConfigurationException ex) { - Logger.error("MOA-SP initialization FAILED!", ex.getWrapped()); - throw new ConfigurationException("config.10", new Object[] { ex - .toString() }, ex); - - } + new LoggingContext("startup")); + Logger.debug("Starting MOA-SPSS initialization process ... "); + Configurator.getInstance().init(); + Logger.info("MOA-SPSS initialization complete "); + + } catch (MOAException e) { + Logger.error("MOA-SP initialization FAILED!", e.getWrapped()); + throw new ConfigurationException("config.10", new Object[] { e + .toString() }, e); + } //IAIK.addAsProvider(); //ECCProvider.addAsProvider(); Security.insertProviderAt(IAIK.getInstance(), 0); - Security.addProvider(new ECCProvider()); + + ECCelerate eccProvider = ECCelerate.getInstance(); + if (Security.getProvider(eccProvider.getName()) != null) + Security.removeProvider(eccProvider.getName()); + + Security.addProvider(new ECCelerate()); if (Logger.isDebugEnabled()) { Logger.debug("Loaded Security Provider:"); @@ -156,12 +167,5 @@ public class MOAIDAuthInitializer { Logger.debug(i + ": " + providerList[i].getName() + " Version " + providerList[i].getVersion()); } - - - // Starts the session cleaner thread to remove unpicked authentication data - AuthenticationSessionCleaner sessioncleaner = rootContext.getBean("AuthenticationSessionCleaner", AuthenticationSessionCleaner.class); - AuthenticationSessionCleaner.start(sessioncleaner); - - MOAGarbageCollector.start(); } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java index 908c7e7b6..3264fc3bd 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java @@ -47,11 +47,7 @@ import org.w3c.dom.Element; import org.w3c.dom.Node; import org.w3c.dom.NodeList; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionStorageConstants; -import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute; -import at.gv.egovernment.moa.id.auth.data.IdentityLink; -import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse; import at.gv.egovernment.moa.id.auth.exception.BuildException; import at.gv.egovernment.moa.id.auth.exception.DynamicOABuildException; import at.gv.egovernment.moa.id.auth.exception.ParseException; @@ -61,6 +57,11 @@ import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.commons.api.IRequest; +import at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute; +import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession; +import at.gv.egovernment.moa.id.commons.api.data.IIdentityLink; +import at.gv.egovernment.moa.id.commons.api.data.IMISMandate; +import at.gv.egovernment.moa.id.commons.api.data.IVerifiyXMLSignatureResponse; import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; import at.gv.egovernment.moa.id.commons.api.exceptions.SessionDataStorageException; @@ -106,16 +107,17 @@ public class AuthenticationDataBuilder extends MOAIDAuthConstants { @Autowired protected AuthConfiguration authConfig; @Autowired private AttributQueryBuilder attributQueryBuilder; @Autowired private SAMLVerificationEngineSP samlVerificationEngine; + @Autowired(required=true) private MOAMetadataProvider metadataProvider; public IAuthData buildAuthenticationData(IRequest pendingReq, - AuthenticationSession session) throws ConfigurationException, BuildException, WrongParametersException, DynamicOABuildException { + IAuthenticationSession session) throws ConfigurationException, BuildException, WrongParametersException, DynamicOABuildException { return buildAuthenticationData(pendingReq, session, pendingReq.getOnlineApplicationConfiguration()); } public IAuthData buildAuthenticationData(IRequest pendingReq, - AuthenticationSession session, IOAAuthParameters oaParam) throws ConfigurationException, BuildException, WrongParametersException, DynamicOABuildException { + IAuthenticationSession session, IOAAuthParameters oaParam) throws ConfigurationException, BuildException, WrongParametersException, DynamicOABuildException { AuthenticationData authdata = null; //only needed for SAML1 legacy support @@ -222,7 +224,7 @@ public class AuthenticationDataBuilder extends MOAIDAuthConstants { try { samlVerificationEngine.verifyIDPResponse(intfResp, TrustEngineFactory.getSignatureKnownKeysTrustEngine( - MOAMetadataProvider.getInstance())); + metadataProvider)); //create assertion attribute extractor from AttributeQuery response return new AssertionAttributeExtractor(intfResp); @@ -252,7 +254,7 @@ public class AuthenticationDataBuilder extends MOAIDAuthConstants { } } - private void buildAuthDataFormMOASession(AuthenticationData authData, AuthenticationSession session, + private void buildAuthDataFormMOASession(AuthenticationData authData, IAuthenticationSession session, IOAAuthParameters oaParam, IRequest protocolRequest) throws BuildException, ConfigurationException { Collection<String> includedToGenericAuthData = null; @@ -272,8 +274,8 @@ public class AuthenticationDataBuilder extends MOAIDAuthConstants { //#################################################### //parse user info's from identityLink - IdentityLink idlFromPVPAttr = null; - IdentityLink identityLink = session.getIdentityLink(); + IIdentityLink idlFromPVPAttr = null; + IIdentityLink identityLink = session.getIdentityLink(); if (identityLink != null) { parseBasicUserInfosFromIDL(authData, identityLink, includedToGenericAuthData); @@ -514,7 +516,7 @@ public class AuthenticationDataBuilder extends MOAIDAuthConstants { } //mandate functionality - MISMandate misMandate = null; + IMISMandate misMandate = null; if (session.isMandateUsed()) { //#################################################### //set Mandate reference value @@ -765,7 +767,7 @@ public class AuthenticationDataBuilder extends MOAIDAuthConstants { //#################################################################### //parse AuthBlock signature-verification response //INFO: this parameters are only required for SAML1 auth. protocol - VerifyXMLSignatureResponse verifyXMLSigResp = session.getXMLVerifySignatureResponse(); + IVerifiyXMLSignatureResponse verifyXMLSigResp = session.getXMLVerifySignatureResponse(); if (verifyXMLSigResp != null) { authData.setQualifiedCertificate(verifyXMLSigResp .isQualifiedCertificate()); @@ -832,7 +834,7 @@ public class AuthenticationDataBuilder extends MOAIDAuthConstants { return false; } - private void parseBasicUserInfosFromIDL(AuthenticationData authData, IdentityLink identityLink, Collection<String> includedGenericSessionData) { + private void parseBasicUserInfosFromIDL(AuthenticationData authData, IIdentityLink identityLink, Collection<String> includedGenericSessionData) { //baseID or wbpk in case of BusinessService without SSO or BusinessService SSO authData.setIdentificationValue(identityLink.getIdentificationValue()); authData.setIdentificationType(identityLink.getIdentificationType()); @@ -918,7 +920,7 @@ public class AuthenticationDataBuilder extends MOAIDAuthConstants { * @return Pair<bPK, bPKType> which was received by PVP-Attribute and could be decrypted for this Service Provider, * or <code>null</code> if no attribute exists or can not decrypted */ - private Pair<String, String> getEncryptedbPKFromPVPAttribute(AuthenticationSession session, + private Pair<String, String> getEncryptedbPKFromPVPAttribute(IAuthenticationSession session, AuthenticationData authData, IOAAuthParameters spConfig) { //set List of encrypted bPKs to authData DAO String pvpEncbPKListAttr = session.getGenericDataFromSession(PVPConstants.ENC_BPK_LIST_NAME, String.class); @@ -980,7 +982,7 @@ public class AuthenticationDataBuilder extends MOAIDAuthConstants { * @param session MOASession, but never null * @return bPK, which was received by PVP-Attribute, or <code>null</code> if no attribute exists */ - private String getbPKValueFromPVPAttribute(AuthenticationSession session) { + private String getbPKValueFromPVPAttribute(IAuthenticationSession session) { String pvpbPKValueAttr = session.getGenericDataFromSession(PVPConstants.BPK_NAME, String.class); if (MiscUtil.isNotEmpty(pvpbPKValueAttr)) { @@ -1014,7 +1016,7 @@ public class AuthenticationDataBuilder extends MOAIDAuthConstants { * @param session MOASession, but never null * @return bPKType, which was received by PVP-Attribute, or <code>null</code> if no attribute exists */ - private String getbPKTypeFromPVPAttribute(AuthenticationSession session) { + private String getbPKTypeFromPVPAttribute(IAuthenticationSession session) { String pvpbPKTypeAttr = session.getGenericDataFromSession(PVPConstants.EID_SECTOR_FOR_IDENTIFIER_NAME, String.class); if (MiscUtil.isNotEmpty(pvpbPKTypeAttr)) { @@ -1064,7 +1066,7 @@ public class AuthenticationDataBuilder extends MOAIDAuthConstants { } - private IdentityLink buildOAspecificIdentityLink(IOAAuthParameters oaParam, IdentityLink idl, String bPK, String bPKType) throws MOAIDException { + private IIdentityLink buildOAspecificIdentityLink(IOAAuthParameters oaParam, IIdentityLink idl, String bPK, String bPKType) throws MOAIDException { if (oaParam.getBusinessService()) { Element idlassertion = idl.getSamlAssertion(); //set bpk/wpbk; @@ -1075,7 +1077,7 @@ public class AuthenticationDataBuilder extends MOAIDAuthConstants { prIdentificationType.getFirstChild().setNodeValue(bPKType); IdentityLinkAssertionParser idlparser = new IdentityLinkAssertionParser(idlassertion); - IdentityLink businessServiceIdl = idlparser.parseIdentityLink(); + IIdentityLink businessServiceIdl = idlparser.parseIdentityLink(); //resign IDL IdentityLinkReSigner identitylinkresigner = IdentityLinkReSigner.getInstance(); @@ -1106,10 +1108,15 @@ public class AuthenticationDataBuilder extends MOAIDAuthConstants { String eIDASOutboundCountry = pendingReq.getGenericData(RequestImpl.eIDAS_GENERIC_REQ_DATA_COUNTRY, String.class); + //TODO: maybe find a better solution + String cititzenCountryCode = + authConfig.getBasicMOAIDConfiguration("moa.id.protocols.eIDAS.node.countrycode", + MOAIDAuthConstants.COUNTRYCODE_AUSTRIA); + if (Constants.URN_PREFIX_BASEID.equals(baseIDType)) { - if (MiscUtil.isNotEmpty(eIDASOutboundCountry) && !COUNTRYCODE_AUSTRIA.equals(eIDASOutboundCountry)) { + if (MiscUtil.isNotEmpty(eIDASOutboundCountry) && !cititzenCountryCode.equals(eIDASOutboundCountry)) { Pair<String, String> eIDASID = new BPKBuilder().buildeIDASIdentifer(baseIDType, baseID, - COUNTRYCODE_AUSTRIA, eIDASOutboundCountry); + cititzenCountryCode, eIDASOutboundCountry); Logger.debug("Authenticate user with bPK:" + eIDASID.getFirst() + " Type:" + eIDASID.getSecond()); return eIDASID; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SignatureVerificationUtils.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SignatureVerificationUtils.java index ec94101d1..9ca15c76f 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SignatureVerificationUtils.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SignatureVerificationUtils.java @@ -29,14 +29,13 @@ import org.w3c.dom.Document; import org.w3c.dom.Element; import org.w3c.dom.Node; -import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse; import at.gv.egovernment.moa.id.auth.exception.BuildException; import at.gv.egovernment.moa.id.auth.exception.ParseException; import at.gv.egovernment.moa.id.auth.exception.ServiceException; import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker; import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser; +import at.gv.egovernment.moa.id.commons.api.data.IVerifiyXMLSignatureResponse; import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; -import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.Base64Utils; import at.gv.egovernment.moa.util.Constants; @@ -75,7 +74,7 @@ public class SignatureVerificationUtils { } } - public VerifyXMLSignatureResponse verify(byte[] signature, String trustProfileID) throws MOAIDException { + public IVerifiyXMLSignatureResponse verify(byte[] signature, String trustProfileID) throws MOAIDException { try { //build signature-verification request Element domVerifyXMLSignatureRequest = build(signature, trustProfileID); @@ -85,17 +84,17 @@ public class SignatureVerificationUtils { .verifyXMLSignature(domVerifyXMLSignatureRequest); // parses the <VerifyXMLSignatureResponse> - VerifyXMLSignatureResponse verifyXMLSignatureResponse = new VerifyXMLSignatureResponseParser( + IVerifiyXMLSignatureResponse verifyXMLSignatureResponse = new VerifyXMLSignatureResponseParser( domVerifyXMLSignatureResponse).parseData(); return verifyXMLSignatureResponse; } catch (ParseException e) { - Logger.error("Build signature-verification request FAILED." ,e); + //Logger.error("Build signature-verification request FAILED." ,e); throw e; } catch (ServiceException e) { - Logger.error("MOA-SP signature verification FAILED." ,e); + //Logger.error("MOA-SP signature verification FAILED." ,e); throw e; } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java index a72f6c2ea..94651915e 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java @@ -46,20 +46,26 @@ import java.util.Map; import org.apache.commons.collections4.map.HashedMap; +import at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute; +import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession; +import at.gv.egovernment.moa.id.commons.api.data.IIdentityLink; +import at.gv.egovernment.moa.id.commons.api.data.IMISMandate; +import at.gv.egovernment.moa.id.commons.api.data.IVerifiyXMLSignatureResponse; import at.gv.egovernment.moa.id.commons.api.exceptions.SessionDataStorageException; -import at.gv.egovernment.moa.id.data.MISMandate; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.Constants; import at.gv.egovernment.moa.util.MiscUtil; import iaik.x509.X509Certificate; /** - * Session data to be stored between <code>AuthenticationServer</code> API calls. * - * @author Paul Ivancsics - * @version $Id$ + * Serializable implementation of the {@link IAuthenticationSession} interface, which could be stored into a + * AuthenticationSession database + * + * @author Thomas Lenz + * */ -public class AuthenticationSession implements Serializable { +public class AuthenticationSession implements Serializable, IAuthenticationSession { /** * @@ -94,7 +100,7 @@ public class AuthenticationSession implements Serializable { * * Mandate element */ - private MISMandate mandate; + private IMISMandate mandate; /** * Reference value for mandate bussiness service for the assertion @@ -110,7 +116,7 @@ public class AuthenticationSession implements Serializable { /** * identity link read from smartcard */ - private IdentityLink identityLink; + private IIdentityLink identityLink; /** * authentication block to be signed by the user @@ -151,7 +157,7 @@ public class AuthenticationSession implements Serializable { private String QAALevel = null; - private VerifyXMLSignatureResponse XMLVerifySignatureResponse; + private IVerifiyXMLSignatureResponse XMLVerifySignatureResponse; private boolean isForeigner; @@ -170,14 +176,61 @@ public class AuthenticationSession implements Serializable { } + /** + * @param id + * @param now + * @param moaSession + */ + public AuthenticationSession(String id, Date now, IAuthenticationSession moaSession) { + sessionID = id; + sessionCreated = now; + + authBlock = moaSession.getAuthBlock(); + authBlockTokken = moaSession.getAuthBlockTokken(); + authenticated = moaSession.isAuthenticated(); + bkuURL = moaSession.getBkuURL(); + extendedSAMLAttributesAUTH = moaSession.getExtendedSAMLAttributesAUTH(); + extendedSAMLAttributesOA = moaSession.getExtendedSAMLAttributesOA(); + + genericSessionDataStorate = moaSession.getGenericSessionDataStorage(); + + identityLink = moaSession.getIdentityLink(); + isForeigner = moaSession.isForeigner(); + isOW = moaSession.isOW(); + issueInstant = moaSession.getIssueInstant(); + mandate = moaSession.getMISMandate(); + mandateReferenceValue = moaSession.getMandateReferenceValue(); + misSessionID = moaSession.getMISSessionID(); + QAALevel = moaSession.getQAALevel(); + samlAttributeGebeORwbpk = moaSession.getSAMLAttributeGebeORwbpk(); + sessionCreated = moaSession.getSessionCreated(); + signerCertificate = moaSession.getEncodedSignerCertificate(); + useMandates = moaSession.isMandateUsed(); + XMLVerifySignatureResponse = moaSession.getXMLVerifySignatureResponse(); + + //TODO: implement session construction from existing eID information + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#isAuthenticated() + */ + @Override public boolean isAuthenticated() { return authenticated; } + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setAuthenticated(boolean) + */ + @Override public void setAuthenticated(boolean authenticated) { this.authenticated = authenticated; } + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getSignerCertificate() + */ + @Override public X509Certificate getSignerCertificate() { try { return new X509Certificate(signerCertificate); @@ -188,10 +241,18 @@ public class AuthenticationSession implements Serializable { } } + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getEncodedSignerCertificate() + */ + @Override public byte[] getEncodedSignerCertificate() { return this.signerCertificate; } + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setSignerCertificate(iaik.x509.X509Certificate) + */ + @Override public void setSignerCertificate(X509Certificate signerCertificate) { try { this.signerCertificate = signerCertificate.getEncoded(); @@ -201,174 +262,141 @@ public class AuthenticationSession implements Serializable { } } - /** - * Returns the identityLink. - * - * @return IdentityLink + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getIdentityLink() */ - public IdentityLink getIdentityLink() { + @Override + public IIdentityLink getIdentityLink() { return identityLink; } - /** - * Returns the sessionID. - * - * @return String + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getSessionID() */ + @Override public String getSessionID() { return sessionID; } - /** - * Sets the identityLink. - * - * @param identityLink - * The identityLink to set + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setIdentityLink(at.gv.egovernment.moa.id.auth.data.IdentityLink) */ - public void setIdentityLink(IdentityLink identityLink) { + @Override + public void setIdentityLink(IIdentityLink identityLink) { this.identityLink = identityLink; } - /** - * Sets the sessionID. - * - * @param sessionId - * The sessionID to set + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setSessionID(java.lang.String) */ + @Override public void setSessionID(String sessionId) { this.sessionID = sessionId; } - /** - * Returns the BKU URL. - * - * @return String + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getBkuURL() */ + @Override public String getBkuURL() { return bkuURL; } - /** - * Sets the bkuURL - * - * @param bkuURL - * The BKU URL to set + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setBkuURL(java.lang.String) */ + @Override public void setBkuURL(String bkuURL) { this.bkuURL = bkuURL; } - /** - * Returns the authBlock. - * - * @return String + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getAuthBlock() */ + @Override public String getAuthBlock() { return authBlock; } - /** - * Sets the authBlock. - * - * @param authBlock - * The authBlock to set + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setAuthBlock(java.lang.String) */ + @Override public void setAuthBlock(String authBlock) { this.authBlock = authBlock; } - /** - * Returns the SAML Attributes to be appended to the AUTHBlock. Maybe <code>null</code>. - * - * @return The SAML Attributes to be appended to the AUTHBlock. Maybe <code>null</code>. + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getExtendedSAMLAttributesAUTH() */ + @Override public List<ExtendedSAMLAttribute> getExtendedSAMLAttributesAUTH() { if (extendedSAMLAttributesAUTH == null) extendedSAMLAttributesAUTH = new ArrayList<ExtendedSAMLAttribute>(); return extendedSAMLAttributesAUTH; } - /** - * Sets the SAML Attributes to be appended to the AUTHBlock. - * - * @param extendedSAMLAttributesAUTH - * The SAML Attributes to be appended to the AUTHBlock. + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setExtendedSAMLAttributesAUTH(java.util.List) */ + @Override public void setExtendedSAMLAttributesAUTH(List<ExtendedSAMLAttribute> extendedSAMLAttributesAUTH) { this.extendedSAMLAttributesAUTH = extendedSAMLAttributesAUTH; } - /** - * Returns the SAML Attributes to be appended to the SAML assertion delivered to the online - * application. Maybe <code>null</code>. - * - * @return The SAML Attributes to be appended to the SAML assertion delivered to the online - * application + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getExtendedSAMLAttributesOA() */ + @Override public List<ExtendedSAMLAttribute> getExtendedSAMLAttributesOA() { return extendedSAMLAttributesOA; } - /** - * Sets the SAML Attributes to be appended to the SAML assertion delivered to the online - * application. - * - * @param extendedSAMLAttributesOA - * The SAML Attributes to be appended to the SAML assertion delivered to the online - * application. + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setExtendedSAMLAttributesOA(java.util.List) */ + @Override public void setExtendedSAMLAttributesOA(List<ExtendedSAMLAttribute> extendedSAMLAttributesOA) { this.extendedSAMLAttributesOA = extendedSAMLAttributesOA; } - /** - * Returns the boolean value for either a target or a wbPK is provided as SAML Attribute in the - * SAML Assertion or not. - * - * @return true either a target or a wbPK is provided as SAML Attribute in the SAML Assertion or - * false if not. + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getSAMLAttributeGebeORwbpk() */ + @Override public boolean getSAMLAttributeGebeORwbpk() { return this.samlAttributeGebeORwbpk; } - /** - * Sets the boolean value for either a target or a wbPK is provided as SAML Attribute in the - * SAML Assertion or not. - * - * @param samlAttributeGebeORwbpk - * The boolean for value either a target or wbPK is provided as SAML Attribute in the - * SAML Assertion or not. + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setSAMLAttributeGebeORwbpk(boolean) */ + @Override public void setSAMLAttributeGebeORwbpk(boolean samlAttributeGebeORwbpk) { this.samlAttributeGebeORwbpk = samlAttributeGebeORwbpk; } - /** - * Returns the issuing time of the AUTH-Block SAML assertion. - * - * @return The issuing time of the AUTH-Block SAML assertion. + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getIssueInstant() */ + @Override public String getIssueInstant() { return issueInstant; } - /** - * Sets the issuing time of the AUTH-Block SAML assertion. - * - * @param issueInstant - * The issueInstant to set. + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setIssueInstant(java.lang.String) */ + @Override public void setIssueInstant(String issueInstant) { this.issueInstant = issueInstant; } - /** - * - * @param useMandate - * indicates if mandate is used or not + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setUseMandate(java.lang.String) */ + @Override public void setUseMandate(String useMandate) { if (useMandate.compareToIgnoreCase("true") == 0) this.useMandates = true; @@ -377,141 +405,172 @@ public class AuthenticationSession implements Serializable { } + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setUseMandates(boolean) + */ + @Override public void setUseMandates(boolean useMandates) { this.useMandates = useMandates; } - /** - * @return + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#isMandateUsed() */ + @Override public boolean isMandateUsed() { return this.useMandates; } - /** - * - * @param misSessionID - * indicates the MIS session ID + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setMISSessionID(java.lang.String) */ + @Override public void setMISSessionID(String misSessionID) { this.misSessionID = misSessionID; } - /** - * Returns the MIS session ID - * - * @return + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getMISSessionID() */ + @Override public String getMISSessionID() { return this.misSessionID; } - /** - * @return the mandateReferenceValue + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getMandateReferenceValue() */ + @Override public String getMandateReferenceValue() { return mandateReferenceValue; } - /** - * @param mandateReferenceValue - * the mandateReferenceValue to set + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setMandateReferenceValue(java.lang.String) */ + @Override public void setMandateReferenceValue(String mandateReferenceValue) { this.mandateReferenceValue = mandateReferenceValue; } + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#isForeigner() + */ + @Override public boolean isForeigner() { return isForeigner; } + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setForeigner(boolean) + */ + @Override public void setForeigner(boolean isForeigner) { this.isForeigner = isForeigner; } - public VerifyXMLSignatureResponse getXMLVerifySignatureResponse() { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getXMLVerifySignatureResponse() + */ + @Override + public IVerifiyXMLSignatureResponse getXMLVerifySignatureResponse() { return XMLVerifySignatureResponse; } - public void setXMLVerifySignatureResponse(VerifyXMLSignatureResponse xMLVerifySignatureResponse) { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setXMLVerifySignatureResponse(at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse) + */ + @Override + public void setXMLVerifySignatureResponse(IVerifiyXMLSignatureResponse xMLVerifySignatureResponse) { XMLVerifySignatureResponse = xMLVerifySignatureResponse; } - public MISMandate getMISMandate() { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getMISMandate() + */ + @Override + public IMISMandate getMISMandate() { return mandate; } - public void setMISMandate(MISMandate mandate) { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setMISMandate(at.gv.egovernment.moa.id.data.MISMandate) + */ + @Override + public void setMISMandate(IMISMandate mandate) { this.mandate = mandate; } - /** - * @return the isOW + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#isOW() */ + @Override public boolean isOW() { return isOW; } - /** - * @param isOW - * the isOW to set + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setOW(boolean) */ + @Override public void setOW(boolean isOW) { this.isOW = isOW; } - /** - * @return the authBlockTokken + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getAuthBlockTokken() */ + @Override public String getAuthBlockTokken() { return authBlockTokken; } - /** - * @param authBlockTokken - * the authBlockTokken to set + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setAuthBlockTokken(java.lang.String) */ + @Override public void setAuthBlockTokken(String authBlockTokken) { this.authBlockTokken = authBlockTokken; } - /** - * eIDAS QAA level - * - * @return the qAALevel + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getQAALevel() */ + @Override public String getQAALevel() { return QAALevel; } - /** - * set QAA level in eIDAS form - * - * @param qAALevel the qAALevel to set + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setQAALevel(java.lang.String) */ + @Override public void setQAALevel(String qAALevel) { QAALevel = qAALevel; } - /** - * @return the sessionCreated + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getSessionCreated() */ + @Override public Date getSessionCreated() { return sessionCreated; } + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getGenericSessionDataStorage() + */ + @Override public Map<String, Object> getGenericSessionDataStorage() { return genericSessionDataStorate; } - /** - * Returns a generic session-data object with is stored with a specific identifier - * - * @param key The specific identifier of the session-data object - * @return The session-data object or null if no data is found with this key + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getGenericDataFromSession(java.lang.String) */ + @Override public Object getGenericDataFromSession(String key) { if (MiscUtil.isNotEmpty(key)) { return genericSessionDataStorate.get(key); @@ -523,13 +582,10 @@ public class AuthenticationSession implements Serializable { } - /** - * Returns a generic session-data object with is stored with a specific identifier - * - * @param key The specific identifier of the session-data object - * @param clazz The class type which is stored with this key - * @return The session-data object or null if no data is found with this key + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getGenericDataFromSession(java.lang.String, java.lang.Class) */ + @Override public <T> T getGenericDataFromSession(String key, final Class<T> clazz) { if (MiscUtil.isNotEmpty(key)) { Object data = genericSessionDataStorate.get(key); @@ -555,13 +611,10 @@ public class AuthenticationSession implements Serializable { } - /** - * Store a generic data-object to session with a specific identifier - * - * @param key Identifier for this data-object - * @param object Generic data-object which should be stored. This data-object had to be implement the 'java.io.Serializable' interface - * @throws SessionDataStorageException Error message if the data-object can not stored to generic session-data storage + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setGenericDataToSession(java.lang.String, java.lang.Object) */ + @Override public void setGenericDataToSession(String key, Object object) throws SessionDataStorageException { if (MiscUtil.isEmpty(key)) { Logger.warn("Generic session-data can not be stored with a 'null' key"); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSessionWrapper.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSessionWrapper.java new file mode 100644 index 000000000..5419e8ae0 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSessionWrapper.java @@ -0,0 +1,492 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.data; + +import java.security.cert.CertificateEncodingException; +import java.security.cert.CertificateException; +import java.util.ArrayList; +import java.util.Date; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +import at.gv.egovernment.moa.id.commons.api.data.AuthProzessDataConstants; +import at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute; +import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession; +import at.gv.egovernment.moa.id.commons.api.data.IIdentityLink; +import at.gv.egovernment.moa.id.commons.api.data.IMISMandate; +import at.gv.egovernment.moa.id.commons.api.data.IVerifiyXMLSignatureResponse; +import at.gv.egovernment.moa.id.commons.api.exceptions.SessionDataStorageException; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.MiscUtil; +import iaik.x509.X509Certificate; + +/** + * @author tlenz + * + */ +public class AuthenticationSessionWrapper implements IAuthenticationSession, AuthProzessDataConstants { + + + private Map<String, Object> sessionData; + + /** + * @param genericDataStorage + */ + public AuthenticationSessionWrapper(Map<String, Object> genericDataStorage) { + this.sessionData = genericDataStorage; + } + + private <T> T wrapStringObject(String key, Object defaultValue, Class<T> clazz) { + if (MiscUtil.isNotEmpty(key)) { + Object obj = sessionData.get(key); + if (obj != null && clazz.isInstance(obj)) + return (T) obj; + } + + if (defaultValue == null) + return null; + + else if (clazz.isInstance(defaultValue)) + return (T)defaultValue; + + else { + Logger.error("DefaultValue: " + defaultValue.getClass().getName() + " is not of Type:" + clazz.getName()); + throw new IllegalStateException("DefaultValue: " + defaultValue.getClass().getName() + " is not of Type:" + clazz.getName()); + + } + } + + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#isAuthenticated() + */ + @Override + public boolean isAuthenticated() { + return wrapStringObject(FLAG_IS_AUTHENTICATED, false, Boolean.class); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setAuthenticated(boolean) + */ + @Override + public void setAuthenticated(boolean authenticated) { + sessionData.put(FLAG_IS_AUTHENTICATED, authenticated); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getSignerCertificate() + */ + @Override + public X509Certificate getSignerCertificate() { + byte[] encCert = getEncodedSignerCertificate(); + + if (encCert != null) { + try { + return new X509Certificate(encCert); + } + catch (CertificateException e) { + Logger.warn("Signer certificate can not be loaded from session database!", e); + + } + } + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getEncodedSignerCertificate() + */ + @Override + public byte[] getEncodedSignerCertificate() { + return wrapStringObject(VALUE_SIGNER_CERT, null, byte[].class); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setSignerCertificate(iaik.x509.X509Certificate) + */ + @Override + public void setSignerCertificate(X509Certificate signerCertificate) { + try { + sessionData.put(VALUE_SIGNER_CERT, signerCertificate.getEncoded()); + + }catch (CertificateEncodingException e) { + Logger.warn("Signer certificate can not be stored to session database!", e); + } + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getIdentityLink() + */ + @Override + public IIdentityLink getIdentityLink() { + return wrapStringObject(VALUE_IDENTITYLINK, null, IIdentityLink.class); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getSessionID() + */ + @Override + public String getSessionID() { + return wrapStringObject(VALUE_SESSIONID, null, String.class); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setIdentityLink(at.gv.egovernment.moa.id.auth.data.IdentityLink) + */ + @Override + public void setIdentityLink(IIdentityLink identityLink) { + sessionData.put(VALUE_IDENTITYLINK, identityLink); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setSessionID(java.lang.String) + */ + @Override + public void setSessionID(String sessionId) { + sessionData.put(VALUE_SESSIONID, sessionId); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getBkuURL() + */ + @Override + public String getBkuURL() { + return wrapStringObject(VALUE_BKUURL, null, String.class); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setBkuURL(java.lang.String) + */ + @Override + public void setBkuURL(String bkuURL) { + sessionData.put(VALUE_BKUURL, bkuURL); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getAuthBlock() + */ + @Override + public String getAuthBlock() { + return wrapStringObject(VALUE_AUTHBLOCK, null, String.class); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setAuthBlock(java.lang.String) + */ + @Override + public void setAuthBlock(String authBlock) { + sessionData.put(VALUE_AUTHBLOCK, authBlock); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getExtendedSAMLAttributesAUTH() + */ + @Override + public List<ExtendedSAMLAttribute> getExtendedSAMLAttributesAUTH() { + return wrapStringObject(VALUE_EXTENTEDSAMLATTRAUTH, new ArrayList<ExtendedSAMLAttribute>(), List.class); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setExtendedSAMLAttributesAUTH(java.util.List) + */ + @Override + public void setExtendedSAMLAttributesAUTH(List<ExtendedSAMLAttribute> extendedSAMLAttributesAUTH) { + sessionData.put(VALUE_EXTENTEDSAMLATTRAUTH, extendedSAMLAttributesAUTH); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getExtendedSAMLAttributesOA() + */ + @Override + public List<ExtendedSAMLAttribute> getExtendedSAMLAttributesOA() { + return wrapStringObject(VALUE_EXTENTEDSAMLATTROA, null, List.class); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setExtendedSAMLAttributesOA(java.util.List) + */ + @Override + public void setExtendedSAMLAttributesOA(List<ExtendedSAMLAttribute> extendedSAMLAttributesOA) { + sessionData.put(VALUE_EXTENTEDSAMLATTROA, extendedSAMLAttributesOA); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getSAMLAttributeGebeORwbpk() + */ + @Override + public boolean getSAMLAttributeGebeORwbpk() { + return wrapStringObject(FLAG_SAMLATTRIBUTEGEBEORWBPK, false, Boolean.class); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setSAMLAttributeGebeORwbpk(boolean) + */ + @Override + public void setSAMLAttributeGebeORwbpk(boolean samlAttributeGebeORwbpk) { + sessionData.put(FLAG_SAMLATTRIBUTEGEBEORWBPK, samlAttributeGebeORwbpk); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getIssueInstant() + */ + @Override + public String getIssueInstant() { + return wrapStringObject(VALUE_ISSUEINSTANT, null, String.class); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setIssueInstant(java.lang.String) + */ + @Override + public void setIssueInstant(String issueInstant) { + sessionData.put(VALUE_ISSUEINSTANT, issueInstant); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setUseMandate(java.lang.String) + */ + @Override + public void setUseMandate(String useMandate) { + if (useMandate.compareToIgnoreCase("true") == 0) + setUseMandates(true); + else + setUseMandates(false); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setUseMandates(boolean) + */ + @Override + public void setUseMandates(boolean useMandates) { + sessionData.put(FLAG_USE_MANDATE, useMandates); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#isMandateUsed() + */ + @Override + public boolean isMandateUsed() { + return wrapStringObject(FLAG_USE_MANDATE, false, Boolean.class); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setMISSessionID(java.lang.String) + */ + @Override + public void setMISSessionID(String misSessionID) { + sessionData.put(VALUE_MISSESSIONID, misSessionID); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getMISSessionID() + */ + @Override + public String getMISSessionID() { + return wrapStringObject(VALUE_MISSESSIONID, null, String.class); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getMandateReferenceValue() + */ + @Override + public String getMandateReferenceValue() { + return wrapStringObject(VALUE_MISREFVALUE, null, String.class); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setMandateReferenceValue(java.lang.String) + */ + @Override + public void setMandateReferenceValue(String mandateReferenceValue) { + sessionData.put(VALUE_MISREFVALUE, mandateReferenceValue); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#isForeigner() + */ + @Override + public boolean isForeigner() { + return wrapStringObject(FLAG_IS_FOREIGNER, false, Boolean.class); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setForeigner(boolean) + */ + @Override + public void setForeigner(boolean isForeigner) { + sessionData.put(FLAG_IS_FOREIGNER, isForeigner); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getXMLVerifySignatureResponse() + */ + @Override + public IVerifiyXMLSignatureResponse getXMLVerifySignatureResponse() { + return wrapStringObject(VALUE_VERIFYSIGRESP, null, IVerifiyXMLSignatureResponse.class); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setXMLVerifySignatureResponse(at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse) + */ + @Override + public void setXMLVerifySignatureResponse(IVerifiyXMLSignatureResponse xMLVerifySignatureResponse) { + sessionData.put(VALUE_VERIFYSIGRESP, xMLVerifySignatureResponse); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getMISMandate() + */ + @Override + public IMISMandate getMISMandate() { + return wrapStringObject(VALUE_MISMANDATE, null, IMISMandate.class); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setMISMandate(at.gv.egovernment.moa.id.data.MISMandate) + */ + @Override + public void setMISMandate(IMISMandate mandate) { + sessionData.put(VALUE_MISMANDATE, mandate); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#isOW() + */ + @Override + public boolean isOW() { + return wrapStringObject(FLAG_IS_ORGANWALTER, false, Boolean.class); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setOW(boolean) + */ + @Override + public void setOW(boolean isOW) { + sessionData.put(FLAG_IS_ORGANWALTER, isOW); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getAuthBlockTokken() + */ + @Override + public String getAuthBlockTokken() { + return wrapStringObject(VALUE_AUTNBLOCKTOKKEN, null, String.class); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setAuthBlockTokken(java.lang.String) + */ + @Override + public void setAuthBlockTokken(String authBlockTokken) { + sessionData.put(VALUE_AUTNBLOCKTOKKEN, authBlockTokken); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getQAALevel() + */ + @Override + public String getQAALevel() { + return wrapStringObject(VALUE_QAALEVEL, null, String.class); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setQAALevel(java.lang.String) + */ + @Override + public void setQAALevel(String qAALevel) { + sessionData.put(VALUE_QAALEVEL, qAALevel); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getSessionCreated() + */ + @Override + public Date getSessionCreated() { + return wrapStringObject(VALUE_CREATED, null, Date.class); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getGenericSessionDataStorage() + */ + @Override + public Map<String, Object> getGenericSessionDataStorage() { + Map<String, Object> result = new HashMap<String, Object>(); + for (String el : sessionData.keySet()) { + if (el.startsWith(GENERIC_PREFIX)) + result.put(el.substring(GENERIC_PREFIX.length()), sessionData.get(el)); + + } + + return result; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getGenericDataFromSession(java.lang.String) + */ + @Override + public Object getGenericDataFromSession(String key) { + return sessionData.get(GENERIC_PREFIX + key); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getGenericDataFromSession(java.lang.String, java.lang.Class) + */ + @Override + public <T> T getGenericDataFromSession(String key, Class<T> clazz) { + return wrapStringObject(GENERIC_PREFIX + key, null, clazz); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setGenericDataToSession(java.lang.String, java.lang.Object) + */ + @Override + public void setGenericDataToSession(String key, Object object) throws SessionDataStorageException { + sessionData.put(GENERIC_PREFIX + key, object); + + } + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/ExtendedSAMLAttributeImpl.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/ExtendedSAMLAttributeImpl.java index c7fa58eaf..f1d48935f 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/ExtendedSAMLAttributeImpl.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/ExtendedSAMLAttributeImpl.java @@ -48,6 +48,8 @@ package at.gv.egovernment.moa.id.auth.data; import java.io.Serializable; +import at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute; + /** * This class contains SAML attributes to be appended to the SAML assertion delivered to * the Online application. @@ -92,13 +94,13 @@ public class ExtendedSAMLAttributeImpl implements ExtendedSAMLAttribute, Seriali * The following values are allowed: * <ul> * <li> - * {@link at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute#ADD_TO_AUTHBLOCK} + * {@link at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute#ADD_TO_AUTHBLOCK} * </li> * <li> - * {@link at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute#NOT_ADD_TO_AUTHBLOCK} + * {@link at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute#NOT_ADD_TO_AUTHBLOCK} * </li> * <li> - * {@link at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute#ADD_TO_AUTHBLOCK_ONLY} + * {@link at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute#ADD_TO_AUTHBLOCK_ONLY} * </li> * </ul> * @@ -111,28 +113,28 @@ public class ExtendedSAMLAttributeImpl implements ExtendedSAMLAttribute, Seriali } /** - * @see at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute#getValue() + * @see at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute#getValue() */ public Object getValue() { return value_; } /** - * @see at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute#getName() + * @see at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute#getName() */ public String getName() { return name_; } /** - * @see at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute#getNameSpace() + * @see at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute#getNameSpace() */ public String getNameSpace() { return namespace_; } /** - * @see at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute#getAddToAUTHBlock() + * @see at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute#getAddToAUTHBlock() */ public int getAddToAUTHBlock() { return addToAUTHBlock_; @@ -144,16 +146,16 @@ public class ExtendedSAMLAttributeImpl implements ExtendedSAMLAttribute, Seriali * @param addToAUTHBlock One of the following values: * <ul> * <li> - * {@link at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute#ADD_TO_AUTHBLOCK} + * {@link at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute#ADD_TO_AUTHBLOCK} * </li> * <li> - * {@link at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute#NOT_ADD_TO_AUTHBLOCK} + * {@link at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute#NOT_ADD_TO_AUTHBLOCK} * </li> * <li> - * {@link at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute#ADD_TO_AUTHBLOCK_ONLY} + * {@link at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute#ADD_TO_AUTHBLOCK_ONLY} * </li> * </ul> - * {@link at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute#ADD_TO_AUTHBLOCK} + * {@link at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute#ADD_TO_AUTHBLOCK} */ public void setAddToAUTHBlock(int addToAUTHBlock) { addToAUTHBlock_ = addToAUTHBlock; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/IdentityLink.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/IdentityLink.java index 78f1e14f0..2690bc2cc 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/IdentityLink.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/IdentityLink.java @@ -54,6 +54,7 @@ import javax.xml.transform.TransformerException; import org.w3c.dom.Element; +import at.gv.egovernment.moa.id.commons.api.data.IIdentityLink; import at.gv.egovernment.moa.util.DOMUtils; @@ -64,7 +65,7 @@ import at.gv.egovernment.moa.util.DOMUtils; * @author Paul Ivancsics * @version $Id$ */ -public class IdentityLink implements Serializable{ +public class IdentityLink implements Serializable, IIdentityLink{ private static final long serialVersionUID = 1L; @@ -128,188 +129,183 @@ public class IdentityLink implements Serializable{ public IdentityLink() { } - /** - * Returns the dateOfBirth. - * @return Calendar - */ - public String getDateOfBirth() { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#getDateOfBirth() + */ + @Override +public String getDateOfBirth() { return dateOfBirth; } - /** - * Returns the familyName. - * @return String - */ - public String getFamilyName() { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#getFamilyName() + */ + @Override +public String getFamilyName() { return familyName; } - /** - * Returns the givenName. - * @return String - */ - public String getGivenName() { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#getGivenName() + */ + @Override +public String getGivenName() { return givenName; } - /** - * Returns the name. - * @return The name. - */ - public String getName() { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#getName() + */ + @Override +public String getName() { if (name == null) { name = givenName + " " + familyName; } return name; } - /** - * Returns the identificationValue. - * <code>"identificationValue"</code> is the translation of <code>"Stammzahl"</code>. - * @return String - */ - public String getIdentificationValue() { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#getIdentificationValue() + */ + @Override +public String getIdentificationValue() { return identificationValue; } - /** - * Returns the identificationType. - * <code>"identificationType"</code> type of the identificationValue in the IdentityLink. - * @return String + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#getIdentificationType() */ + @Override public String getIdentificationType() { return identificationType; } - /** - * Sets the dateOfBirth. - * @param dateOfBirth The dateOfBirth to set - */ - public void setDateOfBirth(String dateOfBirth) { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#setDateOfBirth(java.lang.String) + */ + @Override +public void setDateOfBirth(String dateOfBirth) { this.dateOfBirth = dateOfBirth; } - /** - * Sets the familyName. - * @param familyName The familyName to set - */ - public void setFamilyName(String familyName) { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#setFamilyName(java.lang.String) + */ + @Override +public void setFamilyName(String familyName) { this.familyName = familyName; } - /** - * Sets the givenName. - * @param givenName The givenName to set - */ - public void setGivenName(String givenName) { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#setGivenName(java.lang.String) + */ + @Override +public void setGivenName(String givenName) { this.givenName = givenName; } - /** - * Sets the identificationValue. - * <code>"identificationValue"</code> is the translation of <code>"Stammzahl"</code>. - * @param identificationValue The identificationValue to set - */ - public void setIdentificationValue(String identificationValue) { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#setIdentificationValue(java.lang.String) + */ + @Override +public void setIdentificationValue(String identificationValue) { this.identificationValue = identificationValue; } - /** - * Sets the Type of the identificationValue. - * @param identificationType The type of identificationValue to set + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#setIdentificationType(java.lang.String) */ + @Override public void setIdentificationType(String identificationType) { this.identificationType = identificationType; } - /** - * Returns the samlAssertion. - * @return Element - */ - public Element getSamlAssertion() { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#getSamlAssertion() + */ + @Override +public Element getSamlAssertion() { return samlAssertion; } - /** - * Returns the samlAssertion. - * @return Element - */ - public String getSerializedSamlAssertion() { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#getSerializedSamlAssertion() + */ + @Override +public String getSerializedSamlAssertion() { return serializedSamlAssertion; } - /** - * Sets the samlAssertion and the serializedSamlAssertion. - * @param samlAssertion The samlAssertion to set - */ - public void setSamlAssertion(Element samlAssertion) throws TransformerException, IOException { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#setSamlAssertion(org.w3c.dom.Element) + */ + @Override +public void setSamlAssertion(Element samlAssertion) throws TransformerException, IOException { this.samlAssertion = samlAssertion; this.serializedSamlAssertion = DOMUtils.serializeNode(samlAssertion); } - /** - * Returns the dsigReferenceTransforms. - * @return Element[] - */ - public Element[] getDsigReferenceTransforms() { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#getDsigReferenceTransforms() + */ + @Override +public Element[] getDsigReferenceTransforms() { return dsigReferenceTransforms; } - /** - * Sets the dsigReferenceTransforms. - * @param dsigReferenceTransforms The dsigReferenceTransforms to set - */ - public void setDsigReferenceTransforms(Element[] dsigReferenceTransforms) { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#setDsigReferenceTransforms(org.w3c.dom.Element[]) + */ + @Override +public void setDsigReferenceTransforms(Element[] dsigReferenceTransforms) { this.dsigReferenceTransforms = dsigReferenceTransforms; } - /** - * Returns the publicKey. - * @return PublicKey[] - */ - public PublicKey[] getPublicKey() { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#getPublicKey() + */ + @Override +public PublicKey[] getPublicKey() { return publicKey; } - /** - * Sets the publicKey. - * @param publicKey The publicKey to set - */ - public void setPublicKey(PublicKey[] publicKey) { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#setPublicKey(java.security.PublicKey[]) + */ + @Override +public void setPublicKey(PublicKey[] publicKey) { this.publicKey = publicKey; } - /** - * Returns the prPerson. - * @return Element - */ - public Element getPrPerson() { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#getPrPerson() + */ + @Override +public Element getPrPerson() { return prPerson; } - /** - * Sets the prPerson. - * @param prPerson The prPerson to set - */ - public void setPrPerson(Element prPerson) { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#setPrPerson(org.w3c.dom.Element) + */ + @Override +public void setPrPerson(Element prPerson) { this.prPerson = prPerson; } - /** - * Returns the issuing time of the identity link SAML assertion. - * - * @return The issuing time of the identity link SAML assertion. - */ - public String getIssueInstant() { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#getIssueInstant() + */ + @Override +public String getIssueInstant() { return issueInstant; } - /** - * Sets the issuing time of the identity link SAML assertion. - * - * @param issueInstant The issueInstant to set. - */ - public void setIssueInstant(String issueInstant) { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#setIssueInstant(java.lang.String) + */ + @Override +public void setIssueInstant(String issueInstant) { this.issueInstant = issueInstant; } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/InfoboxValidationResult.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/InfoboxValidationResult.java index e9a278d0f..82263f7a1 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/InfoboxValidationResult.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/InfoboxValidationResult.java @@ -46,12 +46,13 @@ package at.gv.egovernment.moa.id.auth.data; +import at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute; /** * Includes the result of an extended infobox validation. * * If validation succeeds, an array of - * {@link at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute ExtendedSAMLAttributes} + * {@link at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute ExtendedSAMLAttributes} * maybe provided. Each of these SAML-Attributes will be either appended to the * final SAML-Assertion passed to the online application or to the AUTH-Block, * or to both. @@ -65,7 +66,7 @@ public interface InfoboxValidationResult { /** * The method returns <code>true</code> if validation succeeds. In that case * method {@link #getExtendedSamlAttributes()} may provide an array of - * {@link at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute + * {@link at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute * ExtendedSAMLAttributes} that should be appended to the final SAML-Assertion or the * AUTH-Block or to both. * <br> @@ -78,14 +79,14 @@ public interface InfoboxValidationResult { public boolean isValid(); /** - * Returns an array of {@link at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute + * Returns an array of {@link at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute * ExtendedSAMLAttributes} that should be added to the SAML-Assertion * provided to the online application. * The SAML-Attributes in that array will be added to the final * SAML-Assertion, the AUTH-Block, or both, exactly in the order as they are arranged * in the array this method returns. * - * @return An array of {@link at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute + * @return An array of {@link at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute * ExtendedSAMLAttributes} that should be added to the SAML-Assertion * provided to the online application, the AUTH-Block, or both. If no attributes should * be added this array maybe <code>null</code> or empty. diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/InfoboxValidationResultImpl.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/InfoboxValidationResultImpl.java index 0ba17eb2f..c5183d29c 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/InfoboxValidationResultImpl.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/InfoboxValidationResultImpl.java @@ -46,6 +46,7 @@ package at.gv.egovernment.moa.id.auth.data; +import at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute; /** * Default implementation of the {@link InfoboxValidationResult} interface. diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/VerifyXMLSignatureResponse.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/VerifyXMLSignatureResponse.java index 6cf1de319..c054976ec 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/VerifyXMLSignatureResponse.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/VerifyXMLSignatureResponse.java @@ -49,6 +49,7 @@ package at.gv.egovernment.moa.id.auth.data; import java.io.Serializable; import java.util.Date; +import at.gv.egovernment.moa.id.commons.api.data.IVerifiyXMLSignatureResponse; import iaik.x509.X509Certificate; /** @@ -59,7 +60,7 @@ import iaik.x509.X509Certificate; * @version $Id$ * */ -public class VerifyXMLSignatureResponse implements Serializable{ +public class VerifyXMLSignatureResponse implements Serializable, IVerifiyXMLSignatureResponse{ private static final long serialVersionUID = 1L; @@ -89,173 +90,179 @@ public class VerifyXMLSignatureResponse implements Serializable{ private Date signingDateTime; - /** - * Returns the certificateCheckCode. - * @return int - */ - public int getCertificateCheckCode() { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#getCertificateCheckCode() + */ + @Override +public int getCertificateCheckCode() { return certificateCheckCode; } - /** - * Returns the signatureCheckCode. - * @return int - */ - public int getSignatureCheckCode() { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#getSignatureCheckCode() + */ + @Override +public int getSignatureCheckCode() { return signatureCheckCode; } - /** - * Returns the xmlDSIGManifestCheckCode. - * @return int - */ - public int getXmlDSIGManifestCheckCode() { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#getXmlDSIGManifestCheckCode() + */ + @Override +public int getXmlDSIGManifestCheckCode() { return xmlDSIGManifestCheckCode; } - /** - * Returns the xmlDsigSubjectName. - * @return String - */ - public String getXmlDsigSubjectName() { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#getXmlDsigSubjectName() + */ + @Override +public String getXmlDsigSubjectName() { return xmlDsigSubjectName; } - /** - * Sets the certificateCheckCode. - * @param certificateCheckCode The certificateCheckCode to set - */ - public void setCertificateCheckCode(int certificateCheckCode) { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#setCertificateCheckCode(int) + */ + @Override +public void setCertificateCheckCode(int certificateCheckCode) { this.certificateCheckCode = certificateCheckCode; } - /** - * Sets the signatureCheckCode. - * @param signatureCheckCode The signatureCheckCode to set - */ - public void setSignatureCheckCode(int signatureCheckCode) { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#setSignatureCheckCode(int) + */ + @Override +public void setSignatureCheckCode(int signatureCheckCode) { this.signatureCheckCode = signatureCheckCode; } - /** - * Sets the xmlDSIGManifestCheckCode. - * @param xmlDSIGManifestCheckCode The xmlDSIGManifestCheckCode to set - */ - public void setXmlDSIGManifestCheckCode(int xmlDSIGManifestCheckCode) { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#setXmlDSIGManifestCheckCode(int) + */ + @Override +public void setXmlDSIGManifestCheckCode(int xmlDSIGManifestCheckCode) { this.xmlDSIGManifestCheckCode = xmlDSIGManifestCheckCode; } - /** - * Sets the xmlDsigSubjectName. - * @param xmlDsigSubjectName The xmlDsigSubjectName to set - */ - public void setXmlDsigSubjectName(String xmlDsigSubjectName) { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#setXmlDsigSubjectName(java.lang.String) + */ + @Override +public void setXmlDsigSubjectName(String xmlDsigSubjectName) { this.xmlDsigSubjectName = xmlDsigSubjectName; } - /** - * Returns the publicAuthorityCode. - * @return int - */ - public String getPublicAuthorityCode() { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#getPublicAuthorityCode() + */ + @Override +public String getPublicAuthorityCode() { return publicAuthorityCode; } - /** - * Sets the publicAuthorityCode. - * @param publicAuthorityCode The publicAuthorityCode to set - */ - public void setPublicAuthorityCode(String publicAuthorityCode) { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#setPublicAuthorityCode(java.lang.String) + */ + @Override +public void setPublicAuthorityCode(String publicAuthorityCode) { this.publicAuthorityCode = publicAuthorityCode; } - /** - * Returns the qualifiedCertificate. - * @return boolean - */ - public boolean isQualifiedCertificate() { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#isQualifiedCertificate() + */ + @Override +public boolean isQualifiedCertificate() { return qualifiedCertificate; } - /** - * Returns the x509certificate. - * @return X509Certificate - */ - public X509Certificate getX509certificate() { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#getX509certificate() + */ + @Override +public X509Certificate getX509certificate() { return x509certificate; } - /** - * Sets the qualifiedCertificate. - * @param qualifiedCertificate The qualifiedCertificate to set - */ - public void setQualifiedCertificate(boolean qualifiedCertificate) { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#setQualifiedCertificate(boolean) + */ + @Override +public void setQualifiedCertificate(boolean qualifiedCertificate) { this.qualifiedCertificate = qualifiedCertificate; } - /** - * Sets the x509certificate. - * @param x509certificate The x509certificate to set - */ - public void setX509certificate(X509Certificate x509certificate) { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#setX509certificate(iaik.x509.X509Certificate) + */ + @Override +public void setX509certificate(X509Certificate x509certificate) { this.x509certificate = x509certificate; } - /** - * Returns the xmlDSIGManigest. - * @return boolean - */ - public boolean isXmlDSIGManigest() { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#isXmlDSIGManigest() + */ + @Override +public boolean isXmlDSIGManigest() { return xmlDSIGManigest; } - /** - * Sets the xmlDSIGManigest. - * @param xmlDSIGManigest The xmlDSIGManigest to set - */ - public void setXmlDSIGManigest(boolean xmlDSIGManigest) { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#setXmlDSIGManigest(boolean) + */ + @Override +public void setXmlDSIGManigest(boolean xmlDSIGManigest) { this.xmlDSIGManigest = xmlDSIGManigest; } - /** - * Returns the publicAuthority. - * @return boolean - */ - public boolean isPublicAuthority() { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#isPublicAuthority() + */ + @Override +public boolean isPublicAuthority() { return publicAuthority; } - /** - * Sets the publicAuthority. - * @param publicAuthority The publicAuthority to set - */ - public void setPublicAuthority(boolean publicAuthority) { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#setPublicAuthority(boolean) + */ + @Override +public void setPublicAuthority(boolean publicAuthority) { this.publicAuthority = publicAuthority; } - /** - * Returns the the resulting code of the signature manifest check. - * - * @return The code of the sigature manifest check. - */ - public int getSignatureManifestCheckCode() { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#getSignatureManifestCheckCode() + */ + @Override +public int getSignatureManifestCheckCode() { return signatureManifestCheckCode; } - /** - * Sets the signatureManifestCode. - * - * @param signatureManifestCheckCode The signatureManifestCode to set. - */ - public void setSignatureManifestCheckCode(int signatureManifestCheckCode) { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#setSignatureManifestCheckCode(int) + */ + @Override +public void setSignatureManifestCheckCode(int signatureManifestCheckCode) { this.signatureManifestCheckCode = signatureManifestCheckCode; } - public Date getSigningDateTime() { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#getSigningDateTime() + */ +@Override +public Date getSigningDateTime() { return signingDateTime; } - public void setSigningDateTime(Date signingDateTime) { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#setSigningDateTime(java.util.Date) + */ +@Override +public void setSigningDateTime(Date signingDateTime) { this.signingDateTime = signingDateTime; } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/MISSimpleClientException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/MISSimpleClientException.java index 718c35df3..ab3d2cae2 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/MISSimpleClientException.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/MISSimpleClientException.java @@ -73,6 +73,10 @@ public class MISSimpleClientException extends MOAIDException { super(message, null, cause);
}
+ public MISSimpleClientException(String message, Object[] params, Throwable cause) {
+ super(message, params, cause);
+ }
+
/**
* @return the bkuErrorCode
*/
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/AbstractAuthServletTask.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/AbstractAuthServletTask.java index 1b78ff677..ec6dbc951 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/AbstractAuthServletTask.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/AbstractAuthServletTask.java @@ -22,18 +22,16 @@ import org.springframework.beans.factory.annotation.Autowired; import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger;
import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
-import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
import at.gv.egovernment.moa.id.commons.api.IRequest;
+import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
import at.gv.egovernment.moa.id.moduls.IRequestStorage;
import at.gv.egovernment.moa.id.process.api.ExecutionContext;
import at.gv.egovernment.moa.id.process.springweb.MoaIdTask;
import at.gv.egovernment.moa.id.protocols.AbstractAuthProtocolModulController;
-import at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage;
import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.util.MiscUtil;
/**
* Task based counterpart to {@link AuthServlet}, providing the same utility methods (error handling, parameter parsing
@@ -42,14 +40,14 @@ import at.gv.egovernment.moa.util.MiscUtil; public abstract class AbstractAuthServletTask extends MoaIdTask {
@Autowired protected IRequestStorage requestStoreage;
- @Autowired protected IAuthenticationSessionStoreage authenticatedSessionStorage;
+ //@Autowired protected IAuthenticationSessionStoreage authenticatedSessionStorage;
@Autowired protected MOAReversionLogger revisionsLogger;
@Autowired protected AuthConfiguration authConfig;
protected static final String ERROR_CODE_PARAM = "errorid";
protected IRequest pendingReq = null;
- protected AuthenticationSession moasession = null;
+ protected IAuthenticationSession moasession = null;
public abstract void execute(ExecutionContext executionContext, HttpServletRequest request,
HttpServletResponse response) throws TaskExecutionException;
@@ -77,28 +75,8 @@ public abstract class AbstractAuthServletTask extends MoaIdTask { * @throws MOADatabaseException
*/
protected void defaultTaskInitialization(HttpServletRequest req, ExecutionContext executionContext) throws MOAIDException, MOADatabaseException {
- String moasessionid = pendingReq.getMOASessionIdentifier();
- if (MiscUtil.isEmpty(moasessionid)) {
- Logger.warn("MOASessionID is empty.");
- throw new MOAIDException("auth.18", new Object[] {});
- }
-
- try {
- moasession = authenticatedSessionStorage.getSession(moasessionid);
-
- if (moasession == null) {
- Logger.warn("MOASessionID is empty.");
- throw new MOAIDException("auth.18", new Object[] {});
- }
-
- } catch (MOADatabaseException e) {
- Logger.info("MOASession with SessionID=" + moasessionid + " is not found in Database");
- throw new MOAIDException("init.04", new Object[] { moasessionid });
-
- } catch (Throwable e) {
- Logger.info("No HTTP Session found!");
- throw new MOAIDException("auth.18", new Object[] {});
- }
+ Logger.trace("Get MOASessionData object from pendingReq:" + pendingReq.getRequestID());
+ moasession = pendingReq.getMOASession();
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/EvaluateSSOConsentsTaskImpl.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/EvaluateSSOConsentsTaskImpl.java index dfb90da3a..1c26ff5ec 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/EvaluateSSOConsentsTaskImpl.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/EvaluateSSOConsentsTaskImpl.java @@ -30,6 +30,7 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Component; import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants; +import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask; @@ -37,6 +38,7 @@ import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; import at.gv.egovernment.moa.id.moduls.SSOManager; import at.gv.egovernment.moa.id.process.api.ExecutionContext; +import at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage; import at.gv.egovernment.moa.id.util.ParamValidatorUtils; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; @@ -53,6 +55,7 @@ public class EvaluateSSOConsentsTaskImpl extends AbstractAuthServletTask { private static final String PARAM_SSO_CONSENTS = "value"; @Autowired private SSOManager ssoManager; + @Autowired protected IAuthenticationSessionStoreage authenticatedSessionStorage; /* (non-Javadoc) * @see at.gv.egovernment.moa.id.process.springweb.MoaIdTask#execute(at.gv.egovernment.moa.id.process.api.ExecutionContext, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) @@ -72,12 +75,16 @@ public class EvaluateSSOConsentsTaskImpl extends AbstractAuthServletTask { ssoConsents = Boolean.parseBoolean(ssoConsentsString); //perform default task initialization - defaultTaskInitialization(request, executionContext); + //defaultTaskInitialization(request, executionContext); //check SSO session cookie and MOASession object String ssoId = ssoManager.getSSOSessionID(request); - boolean isValidSSOSession = ssoManager.isValidSSOSession(ssoId, pendingReq); - if (!(isValidSSOSession && moasession.isAuthenticated() )) { + boolean isValidSSOSession = ssoManager.isValidSSOSession(ssoId, pendingReq); + + //load MOA SSO-session from database + AuthenticationSession ssoMOSSession = authenticatedSessionStorage.getInternalSSOSession(pendingReq.getInternalSSOSessionIdentifier()); + + if (!(isValidSSOSession && ssoMOSSession.isAuthenticated() )) { Logger.info("Single Sign-On consents evaluator found NO valid SSO session. Stopping authentication process ..."); throw new AuthenticationException("auth.30", null); @@ -86,8 +93,13 @@ public class EvaluateSSOConsentsTaskImpl extends AbstractAuthServletTask { //Log consents evaluator event to revisionslog revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_SSO_ASK_USER_FINISHED, String.valueOf(ssoConsents)); + //Populate this pending request with SSO session information + pendingReq.populateMOASessionWithSSOInformation(ssoMOSSession); + + //user allow single sign-on authentication if (ssoConsents) { + //authenticate pending-request pendingReq.setAuthenticated(true); pendingReq.setAbortedByUser(false); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/FinalizeAuthenticationTask.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/FinalizeAuthenticationTask.java index 6a1ed7203..4eff0fcf5 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/FinalizeAuthenticationTask.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/FinalizeAuthenticationTask.java @@ -31,7 +31,6 @@ import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask; import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; -import at.gv.egovernment.moa.id.moduls.RequestImpl; import at.gv.egovernment.moa.id.process.api.ExecutionContext; import at.gv.egovernment.moa.logging.Logger; @@ -53,12 +52,10 @@ public class FinalizeAuthenticationTask extends AbstractAuthServletTask { try { defaultTaskInitialization(request, executionContext); - //set MOASession to authenticated and store MOASession + //set MOASession to authenticated moasession.setAuthenticated(true); - String newMOASessionID = authenticatedSessionStorage.changeSessionID(moasession); - //set pendingRequest to authenticated and set new MOASessionID - ((RequestImpl)pendingReq).setMOASessionIdentifier(newMOASessionID); + //set pending request to authenticated pendingReq.setAuthenticated(true); requestStoreage.storePendingRequest(pendingReq); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParser.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParser.java index a5783bfb7..8f7364f62 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParser.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParser.java @@ -61,6 +61,7 @@ import org.w3c.dom.traversal.NodeIterator; import at.gv.egovernment.moa.id.auth.data.IdentityLink; import at.gv.egovernment.moa.id.auth.exception.ECDSAConverterException; import at.gv.egovernment.moa.id.auth.exception.ParseException; +import at.gv.egovernment.moa.id.commons.api.data.IIdentityLink; import at.gv.egovernment.moa.id.util.ECDSAKeyValueConverter; import at.gv.egovernment.moa.util.Base64Utils; import at.gv.egovernment.moa.util.Constants; @@ -256,8 +257,8 @@ public class IdentityLinkAssertionParser { * @throws ParseException on any parsing error */ - public IdentityLink parseIdentityLink() throws ParseException { - IdentityLink identityLink; + public IIdentityLink parseIdentityLink() throws ParseException { + IIdentityLink identityLink; try { identityLink = new IdentityLink(); identityLink.setSamlAssertion(assertionElem); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java index 140c7aebc..92d76751f 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java @@ -30,13 +30,13 @@ import org.apache.commons.lang.StringEscapeUtils; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.commons.api.IRequest; +import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession; import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; import at.gv.egovernment.moa.id.config.TargetToSectorNameMapper; import at.gv.egovernment.moa.id.process.api.ExecutionContext; @@ -51,7 +51,7 @@ public class StartAuthentificationParameterParser extends MOAIDAuthConstants{ @Autowired AuthConfiguration authConfig; - public void parse(AuthenticationSession moasession, + public void parse(IAuthenticationSession moasession, String target, String oaURL, String bkuURL, @@ -221,8 +221,8 @@ public class StartAuthentificationParameterParser extends MOAIDAuthConstants{ } - public void parse(ExecutionContext ec, HttpServletRequest req, - AuthenticationSession moasession, IRequest request) throws WrongParametersException, MOAIDException { + public void parse(ExecutionContext ec, IAuthenticationSession moasession, HttpServletRequest req, IRequest pendingReq) + throws WrongParametersException, MOAIDException { //get Parameters from request String oaURL = (String) ec.get(PARAM_OA); @@ -231,20 +231,20 @@ public class StartAuthentificationParameterParser extends MOAIDAuthConstants{ String useMandate = (String) ec.get(PARAM_USEMANDATE); String ccc = (String) ec.get(PARAM_CCC); - if (request.getOnlineApplicationConfiguration() != null && - request.getOnlineApplicationConfiguration().isOnlyMandateAllowed()) { - Logger.debug("Service " + request.getOnlineApplicationConfiguration().getPublicURLPrefix() + if (pendingReq.getOnlineApplicationConfiguration() != null && + pendingReq.getOnlineApplicationConfiguration().isOnlyMandateAllowed()) { + Logger.debug("Service " + pendingReq.getOnlineApplicationConfiguration().getPublicURLPrefix() + " only allows authentication with mandates. --> Set useMandate to TRUE."); - useMandate = String.valueOf(request.getOnlineApplicationConfiguration().isOnlyMandateAllowed()); + useMandate = String.valueOf(pendingReq.getOnlineApplicationConfiguration().isOnlyMandateAllowed()); } - oaURL = request.getOAURL(); + oaURL = pendingReq.getOAURL(); //only needed for SAML1 - String target = request.getGenericData("saml1_target", String.class); + String target = pendingReq.getGenericData("saml1_target", String.class); - parse(moasession, target, oaURL, bkuURL, templateURL, useMandate, ccc, req, request); + parse(moasession, target, oaURL, bkuURL, templateURL, useMandate, ccc, req, pendingReq); } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/VerifyXMLSignatureResponseParser.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/VerifyXMLSignatureResponseParser.java index 7bce406e0..b54a43fff 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/VerifyXMLSignatureResponseParser.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/VerifyXMLSignatureResponseParser.java @@ -56,6 +56,7 @@ import org.w3c.dom.Element; import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse; import at.gv.egovernment.moa.id.auth.exception.ParseException; +import at.gv.egovernment.moa.id.commons.api.data.IVerifiyXMLSignatureResponse; import at.gv.egovernment.moa.util.Constants; import at.gv.egovernment.moa.util.DOMUtils; import at.gv.egovernment.moa.util.XPathUtils; @@ -168,9 +169,9 @@ public class VerifyXMLSignatureResponseParser { * @throws ParseException on any parsing error */ - public VerifyXMLSignatureResponse parseData() throws ParseException { + public IVerifiyXMLSignatureResponse parseData() throws ParseException { - VerifyXMLSignatureResponse respData=new VerifyXMLSignatureResponse(); + IVerifiyXMLSignatureResponse respData=new VerifyXMLSignatureResponse(); try { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AbstractController.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AbstractController.java index e3efdeac0..1431911a3 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AbstractController.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AbstractController.java @@ -33,10 +33,9 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.web.bind.annotation.ExceptionHandler; import com.google.common.net.MediaType; - +import at.gv.egovernment.moa.id.advancedlogging.IStatisticLogger; import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants; import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger; -import at.gv.egovernment.moa.id.advancedlogging.StatisticLogger; import at.gv.egovernment.moa.id.auth.exception.InvalidProtocolRequestException; import at.gv.egovernment.moa.id.auth.exception.ProtocolNotActiveException; import at.gv.egovernment.moa.id.auth.frontend.builder.DefaultGUIFormBuilderConfiguration; @@ -71,7 +70,7 @@ public abstract class AbstractController extends MOAIDAuthConstants { public static final String ERROR_CODE_PARAM = "errorid"; - @Autowired protected StatisticLogger statisticLogger; + @Autowired protected IStatisticLogger statisticLogger; @Autowired protected IRequestStorage requestStorage; @Autowired protected ITransactionStorage transactionStorage; @Autowired protected MOAReversionLogger revisionsLogger; @@ -141,12 +140,12 @@ public abstract class AbstractController extends MOAIDAuthConstants { revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.TRANSACTION_ERROR); transactionStorage.put(key, new ExceptionContainer(pendingReq.getUniqueSessionIdentifier(), - pendingReq.getUniqueTransactionIdentifier(), loggedException)); + pendingReq.getUniqueTransactionIdentifier(), loggedException),-1); } else { transactionStorage.put(key, new ExceptionContainer(null, - null, loggedException)); + null, loggedException),-1); } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java index 66e8757ad..a146f778e 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java @@ -134,16 +134,14 @@ public class IDPSingleLogOutServlet extends AbstractController { try { if (ssoManager.isValidSSOSession(ssoid, null)) { - String moaSessionID = authenicationStorage.getMOASessionSSOID(ssoid); - - if (MiscUtil.isNotEmpty(moaSessionID)) { - AuthenticationSession authSession = authenicationStorage.getSession(moaSessionID); - if(authSession != null) { - authManager.performSingleLogOut(req, resp, authSession, authURL); - return; + AuthenticationSession authSession = authenicationStorage.getInternalMOASessionWithSSOID(ssoid); + + if(authSession != null) { + authManager.performSingleLogOut(req, resp, authSession, authURL); + return; - } } + } } catch (Exception e) { handleErrorNoRedirect(e, req, resp, false); @@ -179,7 +177,7 @@ public class IDPSingleLogOutServlet extends AbstractController { else statusCode = MOAIDAuthConstants.SLOSTATUS_ERROR; - transactionStorage.put(artifact, statusCode); + transactionStorage.put(artifact, statusCode, -1); redirectURL = HTTPUtils.addURLParameter(redirectURL, MOAIDAuthConstants.PARAM_SLOSTATUS, artifact); } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java index 15333a933..8ef047300 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java @@ -56,6 +56,7 @@ import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; +import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.moduls.AuthenticationManager; @@ -105,8 +106,8 @@ public class LogOutServlet { //TODO: Single LogOut Implementation //delete SSO session and MOA session - String moasessionid = authenticatedSessionStorage.getMOASessionSSOID(ssoid); - authmanager.performOnlyIDPLogOut(req, resp, moasessionid); + AuthenticationSession moasessionid = authenticatedSessionStorage.getInternalMOASessionWithSSOID(ssoid); + authmanager.performOnlyIDPLogOut(moasessionid); Logger.info("User with SSO Id " + ssoid + " is logged out and get redirect to "+ redirectUrl); } else { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationProviderImpl.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationProviderImpl.java index 5c2f86732..2b5459208 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationProviderImpl.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationProviderImpl.java @@ -46,22 +46,13 @@ package at.gv.egovernment.moa.id.config; +import java.util.ArrayList; import java.util.Map; import java.util.Properties; -import org.hibernate.cfg.Configuration; - import at.gv.egovernment.moa.id.commons.api.ConfigurationProvider; import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; -import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils; -import at.gv.egovernment.moa.id.commons.db.StatisticLogDBUtils; -import at.gv.egovernment.moa.id.commons.db.dao.session.AssertionStore; -import at.gv.egovernment.moa.id.commons.db.dao.session.AuthenticatedSessionStore; -import at.gv.egovernment.moa.id.commons.db.dao.session.InterfederationSessionStore; -import at.gv.egovernment.moa.id.commons.db.dao.session.OASessionStore; -import at.gv.egovernment.moa.id.commons.db.dao.session.OldSSOSessionIDStore; -import at.gv.egovernment.moa.id.commons.db.dao.statistic.StatisticLog; -import at.gv.egovernment.moa.id.data.IssuerAndSerial; +import at.gv.egovernment.moa.id.commons.config.SpringProfileConstants; import at.gv.egovernment.moa.id.protocols.pvp2x.config.MOADefaultBootstrap; import at.gv.egovernment.moa.logging.Logger; import at.gv.util.config.EgovUtilPropertiesConfiguration; @@ -123,25 +114,12 @@ public abstract class ConfigurationProviderImpl implements ConfigurationProvider /** The default chaining mode. */ protected String defaultChainingMode = "pkix"; - /** - * A <code>Map</code> which contains the <code>IssuerAndSerial</code> to - * chaining mode (a <code>String</code>) mapping. - */ - protected Map<IssuerAndSerial, String> chainingModes; - - /** - * the URL for the trusted CA Certificates - */ - protected String trustedCACertificates; - /** * main configuration file directory name used to configure MOA-ID */ protected String rootConfigFileDir; - protected String certstoreDirectory; - protected boolean trustmanagerrevoationchecking = true; protected Properties configProp = null; @@ -185,6 +163,10 @@ public abstract class ConfigurationProviderImpl implements ConfigurationProvider String propertyName = key.toString().substring(propPrefix.length()); moaSessionProp.put(propertyName, props.get(key.toString())); } + if (key.toString().startsWith(propPrefix+"dbcp")) { + String propertyName = "hibernate."+(key.toString().substring(propPrefix.length())); + moaSessionProp.put(propertyName, props.get(key.toString())); + } } // read Config Hibernate properties @@ -207,35 +189,35 @@ public abstract class ConfigurationProviderImpl implements ConfigurationProvider } } - // initialize hibernate - synchronized (ConfigurationProviderImpl.class) { - - //Initial config Database - // ConfigurationDBUtils.initHibernate(configProp); - - //initial MOAID Session Database - Configuration config = new Configuration(); - config.addAnnotatedClass(AssertionStore.class); - config.addAnnotatedClass(AuthenticatedSessionStore.class); - config.addAnnotatedClass(OASessionStore.class); - config.addAnnotatedClass(OldSSOSessionIDStore.class); - config.addAnnotatedClass(InterfederationSessionStore.class); - //config.addAnnotatedClass(ProcessInstanceStore.class); - config.addProperties(moaSessionProp); - MOASessionDBUtils.initHibernate(config, moaSessionProp); - - //initial advanced logging - if (Boolean.valueOf(props.getProperty("configuration.advancedlogging.active", "false"))) { - Logger.info("Advanced statistic log is activated, starting initialization process ..."); - Configuration statisticconfig = new Configuration(); - statisticconfig.addAnnotatedClass(StatisticLog.class); - statisticconfig.addProperties(statisticProps); - StatisticLogDBUtils.initHibernate(statisticconfig, statisticProps); - Logger.info("Advanced statistic log is initialized."); - } - - } - Logger.trace("Hibernate initialization finished."); +// // initialize hibernate +// synchronized (ConfigurationProviderImpl.class) { +// +// //Initial config Database +// // ConfigurationDBUtils.initHibernate(configProp); +// +// //initial MOAID Session Database +// Configuration config = new Configuration(); +// config.addAnnotatedClass(AssertionStore.class); +// config.addAnnotatedClass(AuthenticatedSessionStore.class); +// config.addAnnotatedClass(OASessionStore.class); +// config.addAnnotatedClass(OldSSOSessionIDStore.class); +// config.addAnnotatedClass(InterfederationSessionStore.class); +// //config.addAnnotatedClass(ProcessInstanceStore.class); +// config.addProperties(moaSessionProp); +// //MOASessionDBUtils.initHibernate(config, moaSessionProp); +// +// //initial advanced logging +//// if (Boolean.valueOf(props.getProperty("configuration.advancedlogging.active", "false"))) { +//// Logger.info("Advanced statistic log is activated, starting initialization process ..."); +//// Configuration statisticconfig = new Configuration(); +//// statisticconfig.addAnnotatedClass(StatisticLog.class); +//// statisticconfig.addProperties(statisticProps); +//// StatisticLogDBUtils.initHibernate(statisticconfig, statisticProps); +//// Logger.info("Advanced statistic log is initialized."); +//// } +// +// } +// Logger.trace("Hibernate initialization finished."); } catch (ExceptionInInitializerError e) { throw new ConfigurationException("config.17", null, e); @@ -267,6 +249,7 @@ public abstract class ConfigurationProviderImpl implements ConfigurationProvider eGovUtilsConfig = new EgovUtilPropertiesConfiguration(eGovUtilsConfigProp, rootConfigFileDir); } + this.generateActiveProfiles(props); } @@ -277,5 +260,24 @@ public abstract class ConfigurationProviderImpl implements ConfigurationProvider public EgovUtilPropertiesConfiguration geteGovUtilsConfig() { return eGovUtilsConfig; } + + private ArrayList<String> activeProfiles = new ArrayList<String>(); + + public void generateActiveProfiles(Properties props){ + if (Boolean.valueOf(props.getProperty("configuration.advancedlogging.active", "false"))) { + activeProfiles.add(SpringProfileConstants.ADVANCED_LOG); + }else{ + activeProfiles.add("advancedLogOff"); + } + if (Boolean.valueOf(props.getProperty("redis.active", "false"))) { + activeProfiles.add(SpringProfileConstants.REDIS_BACKEND); + }else{ + activeProfiles.add(SpringProfileConstants.DB_BACKEND); + } + } + + public String[] getActiveProfiles(){ + return activeProfiles.toArray(new String[0]); + } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/MOAGarbageCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/MOAGarbageCollector.java deleted file mode 100644 index 1072bec5c..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/MOAGarbageCollector.java +++ /dev/null @@ -1,77 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.config.auth; - - -import java.util.ArrayList; -import java.util.List; - -import at.gv.egovernment.moa.logging.Logger; - -public class MOAGarbageCollector implements Runnable { - - private static final long INTERVAL = 24 * 60 * 60; // 24 hours - private static final List<IGarbageCollectorProcessing> processModules = - new ArrayList<IGarbageCollectorProcessing>(); - - public void run() { - while (true) { - try { - Thread.sleep(INTERVAL * 1000); - - try { - for (IGarbageCollectorProcessing element : processModules) - element.runGarbageCollector(); - - } catch (Throwable e1) { - Logger.warn("Garbage collection FAILED in some module.", e1); - } - - } catch (Throwable e) { - Logger.warn("MOA-ID garbage collection is not possible, actually.", e); - - } finally { - - } - } - } - - /** - * Add a module to MOA internal garbage collector. Every module is executed once a day - * - * @param modul Module which should be executed by the garbage collector. - */ - public static void addModulForGarbageCollection(IGarbageCollectorProcessing modul) { - processModules.add(modul); - - } - - public static void start() { - // start the session cleanup thread - Thread configLoader = new Thread(new MOAGarbageCollector(), "MOAGarbageCollector"); - configLoader.setName("MOAGarbageCollectorr"); - configLoader.setDaemon(true); - configLoader.setPriority(Thread.MIN_PRIORITY); - configLoader.start(); - } -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java index b1bba6c17..6a6359058 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java @@ -122,7 +122,10 @@ public String getIdentityLinkDomainIdentifier() { if (MiscUtil.isNotEmpty(type) && MiscUtil.isNotEmpty(value)) { if (MOAIDConstants.IDENIFICATIONTYPE_STORK.equals(type)) { return MOAIDConstants.PREFIX_STORK + "AT" + "+" + value; - + + } else if (MOAIDConstants.IDENIFICATIONTYPE_EIDAS.equals(type)) { + return MOAIDConstants.PREFIX_EIDAS + value; + } else { return MOAIDConstants.PREFIX_WPBK + type + "+" + value; @@ -395,25 +398,13 @@ public boolean isOnlyMandateAllowed() { * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getQaaLevel() */ @Override -public Integer getQaaLevel() { - try { - Integer storkQAALevel = Integer.parseInt(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_MINQAALEVEL)); - - if (storkQAALevel >= 1 && - storkQAALevel <= 4) - return storkQAALevel; - - else { - Logger.info("STORK minimal QAA level is not in a valid range. Use minimal QAA 4"); - return 4; +public String getQaaLevel() { + String eidasLoALevel = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_MINQAALEVEL); + if (MiscUtil.isEmpty(eidasLoALevel)) + return MOAIDConstants.eIDAS_LOA_HIGH; + else + return eidasLoALevel; - } - - } catch (NumberFormatException e) { - Logger.warn("STORK minimal QAA level is not a number.", e); - return 4; - - } } /* (non-Javadoc) diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java index 94353fb6b..8e98c5129 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java @@ -1078,32 +1078,6 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide } } - /** - * Returns the path to the certificate-store directory or {@code null} if there is no certificate-store directory defined. - * - * @return the path to the certstore directory or {@code null} - */ - @Override - @Transactional - public String getCertstoreDirectory() { - try { - String path = rootConfigFileDir + configuration.getStringValue( - MOAIDConfigurationConstants.GENERAL_AUTH_CERTSTORE_URL); - if (MiscUtil.isNotEmpty(path)) - return path; - - else { - Logger.warn("Error in MOA-ID Configuration. No CertStoreDirectory defined."); - return null; - - } - - } catch (at.gv.egiz.components.configuration.api.ConfigurationException e) { - Logger.warn("Error in MOA-ID Configuration. No CertStoreDirectory defined.", e); - return null; - } - } - @Override @Transactional public String getTrustedCACertificates() { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/DynamicOAAuthParameters.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/DynamicOAAuthParameters.java index 8d70b1444..9fd58b5c7 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/DynamicOAAuthParameters.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/DynamicOAAuthParameters.java @@ -201,7 +201,7 @@ public class DynamicOAAuthParameters implements IOAAuthParameters, Serializable{ * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getQaaLevel() */ @Override - public Integer getQaaLevel() { + public String getQaaLevel() { // TODO Auto-generated method stub return null; } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/AuthenticationData.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/AuthenticationData.java index d306ec005..f5f056ccc 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/AuthenticationData.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/AuthenticationData.java @@ -34,7 +34,8 @@ import java.util.Map; import org.apache.commons.collections4.map.HashedMap; import org.w3c.dom.Element; -import at.gv.egovernment.moa.id.auth.data.IdentityLink; +import at.gv.egovernment.moa.id.commons.api.data.IIdentityLink; +import at.gv.egovernment.moa.id.commons.api.data.IMISMandate; import at.gv.egovernment.moa.id.commons.api.exceptions.SessionDataStorageException; import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AssertionAttributeExtractorExeption; @@ -74,7 +75,7 @@ public class AuthenticationData implements IAuthData, Serializable { /** * user identityLink specialized to OAParamter */ - private IdentityLink identityLink; + private IIdentityLink identityLink; /** * application specific user identifier (bPK/wbPK) @@ -138,7 +139,7 @@ public class AuthenticationData implements IAuthData, Serializable { private String pvpAttribute_OU = null; private boolean useMandate = false; - private MISMandate mandate = null; + private IMISMandate mandate = null; private String mandateReferenceValue = null; private boolean foreigner =false; @@ -390,14 +391,14 @@ public class AuthenticationData implements IAuthData, Serializable { /** * @return the identityLink */ - public IdentityLink getIdentityLink() { + public IIdentityLink getIdentityLink() { return identityLink; } /** * @param identityLink the identityLink to set */ - public void setIdentityLink(IdentityLink identityLink) { + public void setIdentityLink(IIdentityLink identityLink) { this.identityLink = identityLink; } @@ -436,7 +437,7 @@ public class AuthenticationData implements IAuthData, Serializable { /** * @return the mandate */ - public MISMandate getMISMandate() { + public IMISMandate getMISMandate() { return mandate; } @@ -461,7 +462,7 @@ public class AuthenticationData implements IAuthData, Serializable { /** * @param mandate the mandate to set */ - public void setMISMandate(MISMandate mandate) { + public void setMISMandate(IMISMandate mandate) { this.mandate = mandate; } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/IAuthData.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/IAuthData.java index c32564679..4c15cd3d1 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/IAuthData.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/IAuthData.java @@ -27,7 +27,8 @@ import java.util.List; import org.w3c.dom.Element; -import at.gv.egovernment.moa.id.auth.data.IdentityLink; +import at.gv.egovernment.moa.id.commons.api.data.IIdentityLink; +import at.gv.egovernment.moa.id.commons.api.data.IMISMandate; /** * @author tlenz @@ -62,7 +63,7 @@ public interface IAuthData { List<String> getEncbPKList(); - IdentityLink getIdentityLink(); + IIdentityLink getIdentityLink(); byte[] getSignerCertificate(); String getAuthBlock(); @@ -74,7 +75,7 @@ public interface IAuthData { String getPublicAuthorityCode(); boolean isQualifiedCertificate(); - MISMandate getMISMandate(); + IMISMandate getMISMandate(); Element getMandate(); String getMandateReferenceValue(); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/MISMandate.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/MISMandate.java index 81157994e..25d50f57a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/MISMandate.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/MISMandate.java @@ -51,12 +51,13 @@ import java.io.Serializable; import org.w3c.dom.Element; import at.gv.e_government.reference.namespace.mandates._20040701_.Mandate; +import at.gv.egovernment.moa.id.commons.api.data.IMISMandate; import at.gv.egovernment.moa.id.util.MandateBuilder; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.DOMUtils; import at.gv.egovernment.moa.util.MiscUtil; -public class MISMandate implements Serializable{ +public class MISMandate implements Serializable, IMISMandate{ private static final long serialVersionUID = 1L; @@ -81,23 +82,47 @@ public class MISMandate implements Serializable{ private String owBPK = null; // private boolean isFullMandateIncluded = false; + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.data.IMISMandate#getProfRep() + */ + @Override public String getProfRep() { return oid; } + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.data.IMISMandate#setProfRep(java.lang.String) + */ + @Override public void setProfRep(String oid) { this.oid = oid; } + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.data.IMISMandate#setOWbPK(java.lang.String) + */ + @Override public void setOWbPK(String oWbPK) { this.owBPK = oWbPK; } + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.data.IMISMandate#getOWbPK() + */ + @Override public String getOWbPK() { return owBPK; } + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.data.IMISMandate#getMandate() + */ + @Override public byte[] getMandate() { return mandate; } + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.data.IMISMandate#getMandateDOM() + */ + @Override public Element getMandateDOM() { try { byte[] byteMandate = mandate; @@ -111,6 +136,10 @@ public class MISMandate implements Serializable{ } } + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.data.IMISMandate#getMandateJaxB() + */ + @Override public Mandate getMandateJaxB() { Element domMandate = getMandateDOM(); if (domMandate != null) @@ -119,10 +148,18 @@ public class MISMandate implements Serializable{ return null; } + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.data.IMISMandate#setMandate(byte[]) + */ + @Override public void setMandate(byte[] mandate) { this.mandate = mandate; } + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.data.IMISMandate#getTextualDescriptionOfOID() + */ + @Override public String getTextualDescriptionOfOID() { if (MiscUtil.isNotEmpty(this.oid)) { if (this.oid.equalsIgnoreCase(OID_NOTAR)) diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java index a1f2c6558..f718777b0 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java @@ -59,6 +59,7 @@ import at.gv.egovernment.moa.id.auth.modules.registration.ModuleRegistration; import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession; import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; import at.gv.egovernment.moa.id.commons.db.dao.session.InterfederationSessionStore; import at.gv.egovernment.moa.id.commons.db.dao.session.OASessionStore; @@ -104,54 +105,80 @@ public class AuthenticationManager extends MOAIDAuthConstants { @Autowired private SingleLogOutBuilder sloBuilder; @Autowired private SAMLVerificationEngineSP samlVerificationEngine; @Autowired private IGUIFormBuilder guiBuilder; - + @Autowired(required=true) private MOAMetadataProvider metadataProvider; + public void performSingleLogOut(HttpServletRequest httpReq, - HttpServletResponse httpResp, AuthenticationSession session, PVPTargetConfiguration pvpReq) throws MOAIDException { + HttpServletResponse httpResp, IAuthenticationSession session, PVPTargetConfiguration pvpReq) throws MOAIDException { performSingleLogOut(httpReq, httpResp, session, pvpReq, null); } public void performSingleLogOut(HttpServletRequest httpReq, - HttpServletResponse httpResp, AuthenticationSession session, String authURL) throws MOAIDException { + HttpServletResponse httpResp, IAuthenticationSession session, String authURL) throws MOAIDException { performSingleLogOut(httpReq, httpResp, session, null, authURL); } + /** + * @param req + * @param resp + * @param moasessionid + */ + public void performOnlyIDPLogOut(AuthenticationSession authSession) { + + if (authSession == null) { + Logger.info("No internal MOA SSO-Session found. Nothing to destroy"); + return; + + } + + try { + + authSession.setAuthenticated(false); + //HTTPSessionUtils.setHTTPSessionString(session, MOA_SESSION, null); // remove moa session from HTTP Session + + //log Session_Destroy to reversionslog + AuthenticationSessionExtensions sessionExtensions = authenticatedSessionStore.getAuthenticationSessionExtensions(authSession.getSessionID()); + revisionsLogger.logEvent(MOAIDEventConstants.SESSION_DESTROYED, sessionExtensions.getUniqueSessionId()); + + authenticatedSessionStore.destroyInternalSSOSession(authSession.getSessionID()); + + //session.invalidate(); + + } catch (MOADatabaseException e) { + Logger.info("NO MOA Authentication data for ID " + authSession.getSessionID()); + return; + } + + } + + public void performOnlyIDPLogOut(HttpServletRequest request, - HttpServletResponse response, String moaSessionID) { + HttpServletResponse response, String internalMOASsoSessionID) { Logger.info("Remove active user-session"); - if(moaSessionID == null) { - moaSessionID = (String) request.getParameter(PARAM_SESSIONID); + if(internalMOASsoSessionID == null) { + internalMOASsoSessionID = (String) request.getParameter(PARAM_SESSIONID); } - if(moaSessionID == null) { + if(internalMOASsoSessionID == null) { Logger.info("NO MOA Session to logout"); return; } AuthenticationSession authSession; try { - authSession = authenticatedSessionStore.getSession(moaSessionID); + authSession = authenticatedSessionStore.getInternalSSOSession(internalMOASsoSessionID); if(authSession == null) { - Logger.info("NO MOA Authentication data for ID " + moaSessionID); + Logger.info("NO MOA Authentication data for ID " + internalMOASsoSessionID); return; } - - authSession.setAuthenticated(false); - //HTTPSessionUtils.setHTTPSessionString(session, MOA_SESSION, null); // remove moa session from HTTP Session - - //log Session_Destroy to reversionslog - AuthenticationSessionExtensions sessionExtensions = authenticatedSessionStore.getAuthenticationSessionExtensions(moaSessionID); - revisionsLogger.logEvent(MOAIDEventConstants.SESSION_DESTROYED, sessionExtensions.getUniqueSessionId()); - - authenticatedSessionStore.destroySession(moaSessionID); - - //session.invalidate(); - + + performOnlyIDPLogOut(authSession); + } catch (MOADatabaseException e) { - Logger.info("NO MOA Authentication data for ID " + moaSessionID); + Logger.info("NO MOA Authentication data for ID " + internalMOASsoSessionID); return; } @@ -199,7 +226,8 @@ public class AuthenticationManager extends MOAIDAuthConstants { revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(), pendingReq, MOAIDEventConstants.AUTHPROCESS_SSO_INVALID); - authenticatedSessionStore.destroySession(correspondingMOASession); + //destroy internal SSO-session object and SSO-session cooky + authenticatedSessionStore.destroyInternalSSOSession(correspondingMOASession); ssoManager.deleteSSOSessionID(httpReq, httpResp); } } @@ -223,12 +251,11 @@ public class AuthenticationManager extends MOAIDAuthConstants { pendingReq.setNeedSingleSignOnFunctionality(isSSOAllowed); //get MOASession from SSO-Cookie if SSO is allowed - AuthenticationSession moaSession = null; + AuthenticationSession ssoMOASession = null; if (isValidSSOSession && isSSOAllowed) { - String moasessionID = ssoManager.getMOASession(ssoId); - moaSession = authenticatedSessionStore.getSession(moasessionID); + ssoMOASession = ssoManager.getInternalMOASession(ssoId); - if (moaSession == null) + if (ssoMOASession == null) Logger.info("No MOASession FOUND with provided SSO-Cookie."); else { @@ -239,8 +266,8 @@ public class AuthenticationManager extends MOAIDAuthConstants { } //check if session is already authenticated - boolean isSessionAuthenticated = tryPerformAuthentication((RequestImpl) pendingReq, moaSession); - + boolean isSessionAuthenticated = tryPerformAuthentication((RequestImpl) pendingReq, ssoMOASession); + //force new authentication authentication process if (pendingReq.forceAuth()) { startAuthenticationProcess(httpReq, httpResp, pendingReq); @@ -255,7 +282,7 @@ public class AuthenticationManager extends MOAIDAuthConstants { if (isSessionAuthenticated) { // Passive authentication ok! revisionsLogger.logEvent(oaParam, pendingReq, MOAIDEventConstants.AUTHPROCESS_FINISHED); - return moaSession; + return ssoMOASession; } else { throw new NoPassivAuthenticationException(); @@ -266,7 +293,7 @@ public class AuthenticationManager extends MOAIDAuthConstants { // Is authenticated .. proceed revisionsLogger.logEvent(oaParam, pendingReq, MOAIDEventConstants.AUTHPROCESS_FINISHED); - return moaSession; + return ssoMOASession; } else { // Start authentication! @@ -285,29 +312,30 @@ public class AuthenticationManager extends MOAIDAuthConstants { * @return true if session is already authenticated, otherwise false * @throws MOAIDException */ - private boolean tryPerformAuthentication(RequestImpl protocolRequest, AuthenticationSession moaSession) { + private boolean tryPerformAuthentication(RequestImpl protocolRequest, AuthenticationSession ssoMOASession) { //if no MOASession exist -> authentication is required - if (moaSession == null) { + if (ssoMOASession == null) { return false; } else { - //if MOASession is Found but not authenticated --> authentication is required - if (!moaSession.isAuthenticated()) { + //if MOA SSO-Session is found but not authenticated --> authentication is required + if (!ssoMOASession.isAuthenticated()) { return false; } //if MOASession is already authenticated and protocol-request is authenticated // --> no authentication is required any more - else if (moaSession.isAuthenticated() && protocolRequest.isAuthenticated()) { + else if (ssoMOASession.isAuthenticated() && protocolRequest.isAuthenticated()) { + protocolRequest.setInternalSSOSessionIdentifier(ssoMOASession.getSessionID()); return true; // if MOASession is authenticated and SSO is allowed --> authenticate pendingRequest } else if (!protocolRequest.isAuthenticated() - && moaSession.isAuthenticated() && protocolRequest.needSingleSignOnFunctionality()) { + && ssoMOASession.isAuthenticated() && protocolRequest.needSingleSignOnFunctionality()) { Logger.debug("Found active MOASession and SSO is allowed --> pendingRequest is authenticted"); protocolRequest.setAuthenticated(true); - protocolRequest.setMOASessionIdentifier(moaSession.getSessionID()); + protocolRequest.setInternalSSOSessionIdentifier(ssoMOASession.getSessionID()); return true; } @@ -335,19 +363,7 @@ public class AuthenticationManager extends MOAIDAuthConstants { //check legacy request parameter boolean legacyparamavail = ParamValidatorUtils.areAllLegacyParametersAvailable(httpReq); - - //create MOASession object - AuthenticationSession moasession; - try { - moasession = authenticatedSessionStore.createSession(pendingReq); - pendingReq.setMOASessionIdentifier(moasession.getSessionID()); - - } catch (MOADatabaseException e1) { - Logger.error("Database Error! MOASession can not be created!"); - throw new MOAIDException("init.04", new Object[] {}); - - } - + //create authentication process execution context ExecutionContext executionContext = new ExecutionContextImpl(); @@ -440,7 +456,7 @@ public class AuthenticationManager extends MOAIDAuthConstants { } private void performSingleLogOut(HttpServletRequest httpReq, - HttpServletResponse httpResp, AuthenticationSession session, PVPTargetConfiguration pvpReq, String authURL) throws MOAIDException { + HttpServletResponse httpResp, IAuthenticationSession session, PVPTargetConfiguration pvpReq, String authURL) throws MOAIDException { String pvpSLOIssuer = null; String inboundRelayState = null; String uniqueSessionIdentifier = "notSet"; @@ -490,7 +506,7 @@ public class AuthenticationManager extends MOAIDAuthConstants { //terminate MOASession try { - authenticatedSessionStore.destroySession(session.getSessionID()); + authenticatedSessionStore.destroyInternalSSOSession(session.getSessionID()); ssoManager.deleteSSOSessionID(httpReq, httpResp); revisionsLogger.logEvent(MOAIDEventConstants.SESSION_DESTROYED, uniqueSessionIdentifier); @@ -527,7 +543,7 @@ public class AuthenticationManager extends MOAIDAuthConstants { } else { samlVerificationEngine.verifySLOResponse(sloResp, - TrustEngineFactory.getSignatureKnownKeysTrustEngine(MOAMetadataProvider.getInstance())); + TrustEngineFactory.getSignatureKnownKeysTrustEngine(metadataProvider)); } @@ -569,7 +585,7 @@ public class AuthenticationManager extends MOAIDAuthConstants { } //put SLO process-information into transaction storage - transactionStorage.put(relayState, sloContainer); + transactionStorage.put(relayState, sloContainer, -1); if (MiscUtil.isEmpty(authURL)) authURL = pvpReq.getAuthURL(); @@ -662,4 +678,5 @@ public class AuthenticationManager extends MOAIDAuthConstants { e.printStackTrace(); } } + } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestImpl.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestImpl.java index 85e4dc99b..b612352c6 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestImpl.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestImpl.java @@ -26,17 +26,24 @@ import java.io.Serializable; import java.net.MalformedURLException; import java.net.URL; import java.util.Collection; +import java.util.Date; import java.util.HashMap; import java.util.List; import java.util.Map; import javax.servlet.http.HttpServletRequest; +import org.opensaml.saml2.metadata.provider.MetadataProvider; + import at.gv.egovernment.moa.id.advancedlogging.TransactionIDUtils; +import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; +import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper; import at.gv.egovernment.moa.id.commons.MOAIDConstants; import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.commons.api.IRequest; +import at.gv.egovernment.moa.id.commons.api.data.AuthProzessDataConstants; +import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession; import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; import at.gv.egovernment.moa.id.commons.api.exceptions.SessionDataStorageException; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; @@ -52,7 +59,12 @@ public abstract class RequestImpl implements IRequest, Serializable{ public static final String DATAID_REQUESTED_ATTRIBUTES = "requestedAttributes"; public static final String DATAID_INTERFEDERATIOIDP_ENTITYID = "interIDPEntityID"; + public static final String DATAID_REQUESTER_IP_ADDRESS = "requesterIP"; + public static final String eIDAS_GENERIC_REQ_DATA_COUNTRY = "country"; + public static final String eIDAS_GENERIC_REQ_DATA_LEVELOFASSURENCE = "eIDAS_LoA"; + + private static final long serialVersionUID = 1L; @@ -60,8 +72,8 @@ public abstract class RequestImpl implements IRequest, Serializable{ private String action = null; private String requestID; - private String moaSessionIdentifier; private String processInstanceId; + private String ssoMoaSessionId; private String uniqueTransactionIdentifer; private String uniqueSessionIdentifer; @@ -84,6 +96,8 @@ public abstract class RequestImpl implements IRequest, Serializable{ private Map<String, Object> genericDataStorage = new HashMap<String, Object>(); + private IAuthenticationSession moaSSOSessionContainer = null; + /** * @throws ConfigurationException @@ -91,12 +105,15 @@ public abstract class RequestImpl implements IRequest, Serializable{ */ public final void initialize(HttpServletRequest req) throws ConfigurationException { //set requestID - requestID = Random.nextRandom(); - + requestID = Random.nextLongRandom(); + //set unique transaction identifier for logging - uniqueTransactionIdentifer = Random.nextRandom(); + uniqueTransactionIdentifer = Random.nextLongRandom(); TransactionIDUtils.setTransactionId(uniqueTransactionIdentifer); + //initialize session object + genericDataStorage.put(AuthProzessDataConstants.VALUE_CREATED, new Date()); + genericDataStorage.put(AuthProzessDataConstants.VALUE_SESSIONID, Random.nextLongRandom()); //check if End-Point is valid String authURLString = HTTPUtils.extractAuthURLFromRequest(req); @@ -167,6 +184,15 @@ public abstract class RequestImpl implements IRequest, Serializable{ else Logger.warn("No unique session-identifier FOUND, but it should be allready set into request!?!"); + //set requester's IP address + try { + setGenericDataToSession(DATAID_REQUESTER_IP_ADDRESS, req.getRemoteAddr()); + + } catch (SessionDataStorageException e) { + Logger.warn("Can not store remote IP address to 'pendingRequest' during an exception." , e); + + } + } /** @@ -174,7 +200,7 @@ public abstract class RequestImpl implements IRequest, Serializable{ * * @return List of PVP 2.1 attribute names with maps all protocol specific attributes */ - public abstract Collection<String> getRequestedAttributes(); + public abstract Collection<String> getRequestedAttributes(MetadataProvider metadataProvider); public void setOAURL(String value) { oaURL = value; @@ -231,16 +257,41 @@ public abstract class RequestImpl implements IRequest, Serializable{ return requestID; } - public String getMOASessionIdentifier() { - return this.moaSessionIdentifier; + public String getInternalSSOSessionIdentifier() { + return this.ssoMoaSessionId; + } + + /** + * Set the internal SSO session identifier, which associated with this pending request + * + * @param internalSSOSessionId + */ + public void setInternalSSOSessionIdentifier(String internalSSOSessionId) { + this.ssoMoaSessionId = internalSSOSessionId; + + } + + public IAuthenticationSession getMOASession() { + //if SSO session information are set, use this + if (moaSSOSessionContainer != null) + return moaSSOSessionContainer; + else + return new AuthenticationSessionWrapper(genericDataStorage); + } - public void setMOASessionIdentifier(String moaSessionIdentifier) { - this.moaSessionIdentifier = moaSessionIdentifier; + public void populateMOASessionWithSSOInformation(IAuthenticationSession ssoSession) { + if (ssoSession instanceof AuthenticationSession) { + moaSSOSessionContainer = ssoSession; + + } else + throw new IllegalStateException("Session information can only be populated with SSO information from database"); + } + public IOAAuthParameters getOnlineApplicationConfiguration() { return this.OAConfiguration; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestStorage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestStorage.java index 1b550881e..eec48e0f3 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestStorage.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestStorage.java @@ -68,7 +68,7 @@ public class RequestStorage implements IRequestStorage{ public void storePendingRequest(IRequest pendingRequest) throws MOAIDException { try { if (pendingRequest instanceof IRequest) { - transactionStorage.put(((IRequest)pendingRequest).getRequestID(), pendingRequest); + transactionStorage.put(((IRequest)pendingRequest).getRequestID(), pendingRequest, -1); } else { throw new MOAIDException("auth.20", null); @@ -123,6 +123,7 @@ public class RequestStorage implements IRequestStorage{ ((RequestImpl)pendingRequest).setRequestID(newRequestID); transactionStorage.changeKey(oldRequestID, newRequestID, pendingRequest); + //only delete oldRequestID, no change. return newRequestID; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java index bc7dd272b..557d9af48 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java @@ -23,24 +23,21 @@ package at.gv.egovernment.moa.id.moduls; import java.util.Date; -import java.util.List; import javax.servlet.http.Cookie; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import org.hibernate.Query; -import org.hibernate.Session; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; +import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionExtensions; import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; import at.gv.egovernment.moa.id.commons.api.IRequest; import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; import at.gv.egovernment.moa.id.commons.api.exceptions.SessionDataStorageException; -import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils; import at.gv.egovernment.moa.id.commons.db.dao.session.AuthenticatedSessionStore; import at.gv.egovernment.moa.id.commons.db.dao.session.InterfederationSessionStore; import at.gv.egovernment.moa.id.commons.db.dao.session.OldSSOSessionIDStore; @@ -63,6 +60,7 @@ public class SSOManager { @Autowired private IAuthenticationSessionStoreage authenticatedSessionStore; @Autowired protected AuthConfiguration authConfig; + //@Autowired private MOASessionDBUtils moaSessionDBUtils; /** * Check if interfederation IDP is requested via HTTP GET parameter or if interfederation cookie exists. @@ -159,7 +157,12 @@ public class SSOManager { } else { Logger.warn("MOASession is marked as interfederated SSO session but no interfederated IDP is found. Switch to local authentication ..."); - MOASessionDBUtils.delete(storedSession); + try { + authenticatedSessionStore.destroyInternalSSOSession(storedSession.getSessionid()); + + } catch (MOADatabaseException e) { + Logger.error("Delete MOASession with ID:" + storedSession.getSessionid() + " FAILED!" , e); + } } } @@ -173,8 +176,8 @@ public class SSOManager { } - public String getMOASession(String ssoSessionID) { - return authenticatedSessionStore.getMOASessionSSOID(ssoSessionID); + public AuthenticationSession getInternalMOASession(String ssoSessionID) throws MOADatabaseException { + return authenticatedSessionStore.getInternalMOASessionWithSSOID(ssoSessionID); } @@ -182,9 +185,9 @@ public class SSOManager { public String getUniqueSessionIdentifier(String ssoSessionID) { try { if (MiscUtil.isNotEmpty(ssoSessionID)) { - String moaSessionID = authenticatedSessionStore.getMOASessionSSOID(ssoSessionID); - if (MiscUtil.isNotEmpty(moaSessionID)) { - AuthenticationSessionExtensions extSessionInformation = authenticatedSessionStore.getAuthenticationSessionExtensions(moaSessionID); + AuthenticationSession moaSession = authenticatedSessionStore.getInternalMOASessionWithSSOID(ssoSessionID); + if (moaSession != null) { + AuthenticationSessionExtensions extSessionInformation = authenticatedSessionStore.getAuthenticationSessionExtensions(moaSession.getSessionID()); return extSessionInformation.getUniqueSessionId(); } @@ -200,31 +203,14 @@ public class SSOManager { public String existsOldSSOSession(String ssoId) { Logger.trace("Check that the SSOID has already been used"); - Session session = MOASessionDBUtils.getCurrentSession(); - List<OldSSOSessionIDStore> result; + OldSSOSessionIDStore oldSSOSession = authenticatedSessionStore.checkSSOTokenAlreadyUsed(ssoId); - synchronized (session) { - - session.beginTransaction(); - Query query = session.getNamedQuery("getSSOSessionWithOldSessionID"); - query.setParameter("sessionid", ssoId); - result = query.list(); - - // send transaction - - } - - Logger.trace("Found entries: " + result.size()); - - // Assertion requires an unique artifact - if (result.size() == 0) { - session.getTransaction().commit(); + if (oldSSOSession == null) { + Logger.debug("SSO session-cookie was not used in parst"); return null; } - OldSSOSessionIDStore oldSSOSession = result.get(0); - AuthenticatedSessionStore correspondingMoaSession = oldSSOSession.getMoasession(); if (correspondingMoaSession == null) { @@ -232,11 +218,7 @@ public class SSOManager { return null; } - String moasessionid = correspondingMoaSession.getSessionid(); - - session.getTransaction().commit(); - - return moasessionid; + return correspondingMoaSession.getSessionid(); } @@ -289,7 +271,7 @@ public class SSOManager { //no local SSO session exist -> request interfederated IDP Logger.info("Delete interfederated IDP " + selectedIDP.getIdpurlprefix() + " from MOASession " + storedSession.getSessionid()); - MOASessionDBUtils.delete(selectedIDP); + authenticatedSessionStore.deleteIdpInformation(selectedIDP); } else { Logger.warn("MOASession is marked as interfederated SSO session but no interfederated IDP is found. Switch to local authentication ..."); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/process/dao/ProcessInstanceStoreDAOImpl.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/process/dao/ProcessInstanceStoreDAOImpl.java index a9a9322ad..428931b5e 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/process/dao/ProcessInstanceStoreDAOImpl.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/process/dao/ProcessInstanceStoreDAOImpl.java @@ -22,7 +22,7 @@ public class ProcessInstanceStoreDAOImpl implements ProcessInstanceStoreDAO { @Override public void saveOrUpdate(ProcessInstanceStore pIStore) throws MOADatabaseException { try { - transactionStorage.put(pIStore.getProcessInstanceId(), pIStore); + transactionStorage.put(pIStore.getProcessInstanceId(), pIStore, -1); // MOASessionDBUtils.saveOrUpdate(pIStore); log.debug("Store process instance with='{}' in the database.", pIStore.getProcessInstanceId()); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/AbstractAuthProtocolModulController.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/AbstractAuthProtocolModulController.java index 79afba412..95a7660d1 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/AbstractAuthProtocolModulController.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/AbstractAuthProtocolModulController.java @@ -37,7 +37,7 @@ import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.servlet.AbstractController; import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.commons.api.IRequest; -import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; +import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.data.SLOInformationInterface; import at.gv.egovernment.moa.id.moduls.AuthenticationManager; @@ -86,10 +86,10 @@ public abstract class AbstractAuthProtocolModulController extends AbstractContro } - AuthenticationSession moaSession = authmanager.doAuthentication(req, resp, pendingReq); - if (moaSession != null) { + AuthenticationSession ssoMoaSession = authmanager.doAuthentication(req, resp, pendingReq); + if (ssoMoaSession != null) { //authenticated MOASession already exists --> protocol-specific postProcessing can start directly - finalizeAuthenticationProcess(req, resp, pendingReq, moaSession); + finalizeAuthenticationProcess(req, resp, pendingReq, ssoMoaSession); //transaction is finished, log transaction finished event revisionsLogger.logEvent(MOAIDEventConstants.TRANSACTION_DESTROYED, pendingReq.getUniqueTransactionIdentifier()); @@ -111,7 +111,7 @@ public abstract class AbstractAuthProtocolModulController extends AbstractContro protected String createNewSSOSessionCookie(HttpServletRequest req, HttpServletResponse resp, - IRequest pendingReq, AuthenticationSession moaSession) { + IRequest pendingReq, IAuthenticationSession moaSession) { Logger.debug("Add SSO information to MOASession."); //Store SSO information into database @@ -140,7 +140,7 @@ public abstract class AbstractAuthProtocolModulController extends AbstractContro * @throws Exception */ protected void finalizeAuthenticationProcess(HttpServletRequest req, HttpServletResponse resp, - IRequest pendingReq, AuthenticationSession moaSession) throws Exception { + IRequest pendingReq, IAuthenticationSession moaSession) throws Exception { String newSSOSessionId = null; @@ -161,9 +161,27 @@ public abstract class AbstractAuthProtocolModulController extends AbstractContro //Store OA specific SSO session information if an SSO cookie is set if (isSSOCookieSetted) { - try { - authenticatedSessionStorage.addSSOInformation(moaSession.getSessionID(), - newSSOSessionId, sloInformation, pendingReq); + try { + AuthenticationSession internalDBSSOSession = null; + + //create new SSO session, if actually no SSO session exists + if (MiscUtil.isEmpty(pendingReq.getInternalSSOSessionIdentifier())) { + internalDBSSOSession = authenticatedSessionStorage.createInternalSSOSession(pendingReq); + authenticatedSessionStorage.addSSOInformation(internalDBSSOSession.getSessionID(), + newSSOSessionId, sloInformation, pendingReq); + + //MOA SSO-session already exists only update is required + } else if (MiscUtil.isNotEmpty(pendingReq.getInternalSSOSessionIdentifier()) && + moaSession instanceof AuthenticationSession) { + authenticatedSessionStorage.addSSOInformation(moaSession.getSessionID(), + newSSOSessionId, sloInformation, pendingReq); + + } else { + Logger.fatal("MOA-Session data object has a suspect or unsupported type:" + moaSession.getClass().getName() + + " pendingReq_internalSsoId:" + pendingReq.getInternalSSOSessionIdentifier()); + throw new AuthenticationException("1299", null); + + } } catch (AuthenticationException e) { Logger.warn("SSO Session information can not be stored -> SSO is not enabled!"); @@ -218,19 +236,8 @@ public abstract class AbstractAuthProtocolModulController extends AbstractContro protected void removeUserSession(IRequest pendingReq, HttpServletRequest req, HttpServletResponse resp) { - try { - AuthenticationSession moaSession = authenticatedSessionStorage.getSession( - pendingReq.getMOASessionIdentifier()); - - if (moaSession != null) - authmanager.performOnlyIDPLogOut(req, resp, moaSession.getSessionID()); - - } catch (MOADatabaseException e) { - Logger.error("Remove user-session FAILED." , e); - - } - - + authmanager.performOnlyIDPLogOut(req, resp, pendingReq.getInternalSSOSessionIdentifier()); + } protected void buildProtocolSpecificErrorResponse(Throwable throwable, HttpServletRequest req, diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/ProtocolFinalizationController.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/ProtocolFinalizationController.java index 0da43d818..0f9b615a4 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/ProtocolFinalizationController.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/ProtocolFinalizationController.java @@ -32,14 +32,12 @@ import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; -import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; import at.gv.egovernment.moa.id.commons.api.IRequest; +import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession; import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; import at.gv.egovernment.moa.id.commons.utils.MOAIDMessageProvider; import at.gv.egovernment.moa.id.data.ExceptionContainer; -import at.gv.egovernment.moa.id.util.ParamValidatorUtils; import at.gv.egovernment.moa.logging.Logger; /** @@ -112,48 +110,33 @@ public class ProtocolFinalizationController extends AbstractAuthProtocolModulCon try { Logger.debug("Finalize PendingRequest with ID " + pendingRequestID); - //get MOASession from database - String sessionID = pendingReq.getMOASessionIdentifier(); - - // check parameter - if (!ParamValidatorUtils.isValidSessionID(sessionID)) { - throw new WrongParametersException("FinalizeAuthProtocol", PARAM_SESSIONID, "auth.12"); - - } + //get MOA session data object from pending request + IAuthenticationSession pendingMoaSession = pendingReq.getMOASession(); - //load MOASession from database - AuthenticationSession moaSession = authenticatedSessionStorage.getSession(sessionID); - if (moaSession == null) { - Logger.error("No MOASession with ID " + sessionID + " found.!"); - handleErrorNoRedirect(new MOAIDException("auth.02", new Object[]{sessionID}), req, resp, true); - - } else { + //check if pending-request has 'abortedByUser' flag set + if (pendingReq.isAbortedByUser()) { + //send authentication aborted error to Service Provider + buildProtocolSpecificErrorResponse( + new AuthenticationException("auth.21", new Object[] {}), + req, resp, pendingReq); - //check if pending-request has 'abortedByUser' flag set - if (pendingReq.isAbortedByUser()) { - //send authentication aborted error to Service Provider - buildProtocolSpecificErrorResponse( - new AuthenticationException("auth.21", new Object[] {}), - req, resp, pendingReq); + //do not remove the full active SSO-Session + // in case of only one Service-Provider authentication request is aborted + if ( !(pendingMoaSession.isAuthenticated() + && pendingReq.needSingleSignOnFunctionality()) ) { + removeUserSession(pendingReq, req, resp); - //do not remove the full active SSO-Session - // in case of only one Service-Provider authentication request is aborted - if ( !(moaSession.isAuthenticated() - && pendingReq.needSingleSignOnFunctionality()) ) { - removeUserSession(pendingReq, req, resp); - - } - - //check if MOASession and pending-request are authenticated - } else if (moaSession.isAuthenticated() && pendingReq.isAuthenticated()) { - finalizeAuthenticationProcess(req, resp, pendingReq, moaSession); - - } else { - //suspect state: pending-request is not aborted but also are not authenticated - Logger.error("MOASession oder Pending-Request are not authenticated --> Abort authentication process!"); - handleErrorNoRedirect(new MOAIDException("auth.20", null), req, resp, true); - - } + } + + //check if MOASession and pending-request are authenticated + } else if (pendingMoaSession.isAuthenticated() && pendingReq.isAuthenticated()) { + finalizeAuthenticationProcess(req, resp, pendingReq, pendingMoaSession); + + } else { + //suspect state: pending-request is not aborted but also are not authenticated + Logger.error("MOASession oder Pending-Request are not authenticated --> Abort authentication process!"); + handleErrorNoRedirect(new MOAIDException("auth.20", null), req, resp, true); + } } catch (Exception e) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateProfRepDescAttributeBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateProfRepDescAttributeBuilder.java index a611c72b9..b7d21f903 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateProfRepDescAttributeBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateProfRepDescAttributeBuilder.java @@ -26,8 +26,8 @@ import org.w3c.dom.Element; import at.gv.e_government.reference.namespace.mandates._20040701_.Mandate; import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.data.IMISMandate; import at.gv.egovernment.moa.id.data.IAuthData; -import at.gv.egovernment.moa.id.data.MISMandate; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.NoMandateDataAttributeException; import at.gv.egovernment.moa.id.util.MandateBuilder; @@ -45,7 +45,7 @@ public class MandateProfRepDescAttributeBuilder implements IPVPAttributeBuilder String profRepName = authData.getGenericData(MANDATE_PROF_REP_DESC_NAME, String.class); if (MiscUtil.isEmpty(profRepName)) { - MISMandate misMandate = authData.getMISMandate(); + IMISMandate misMandate = authData.getMISMandate(); if(misMandate == null) { throw new NoMandateDataAttributeException(); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateProfRepOIDAttributeBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateProfRepOIDAttributeBuilder.java index bef9afd8f..04de3288a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateProfRepOIDAttributeBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateProfRepOIDAttributeBuilder.java @@ -23,8 +23,8 @@ package at.gv.egovernment.moa.id.protocols.builder.attributes; import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.data.IMISMandate; import at.gv.egovernment.moa.id.data.IAuthData; -import at.gv.egovernment.moa.id.data.MISMandate; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.NoMandateDataAttributeException; import at.gv.egovernment.moa.util.MiscUtil; @@ -41,7 +41,7 @@ public class MandateProfRepOIDAttributeBuilder implements IPVPAttributeBuilder { String profRepOID = authData.getGenericData(MANDATE_PROF_REP_OID_NAME, String.class); if (MiscUtil.isEmpty(profRepOID)) { - MISMandate mandate = authData.getMISMandate(); + IMISMandate mandate = authData.getMISMandate(); if (mandate == null) { throw new NoMandateDataAttributeException(); } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AttributQueryAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AttributQueryAction.java index 2168316ab..365a31fe1 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AttributQueryAction.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AttributQueryAction.java @@ -48,9 +48,7 @@ import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.commons.api.IRequest; import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; -import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils; import at.gv.egovernment.moa.id.commons.db.dao.session.InterfederationSessionStore; -import at.gv.egovernment.moa.id.commons.db.dao.session.OASessionStore; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.data.IAuthData; @@ -80,6 +78,7 @@ public class AttributQueryAction implements IAction { @Autowired private AuthenticationDataBuilder authDataBuilder; @Autowired private IDPCredentialProvider pvpCredentials; @Autowired private AuthConfiguration authConfig; + @Autowired(required=true) private MOAMetadataProvider metadataProvider; private final static List<String> DEFAULTSTORKATTRIBUTES = Arrays.asList( new String[]{PVPConstants.EID_STORK_TOKEN_NAME}); @@ -108,10 +107,10 @@ public class AttributQueryAction implements IAction { try { //get Single Sign-On information for the Service-Provider // which sends the Attribute-Query request - AuthenticationSession moaSession = authenticationSessionStorage.getSession(pendingReq.getMOASessionIdentifier()); + AuthenticationSession moaSession = authenticationSessionStorage.getInternalSSOSession(pendingReq.getInternalSSOSessionIdentifier()); if (moaSession == null) { - Logger.warn("No MOASession with ID:" + pendingReq.getMOASessionIdentifier() + " FOUND."); - throw new MOAIDException("auth.02", new Object[]{pendingReq.getMOASessionIdentifier()}); + Logger.warn("No MOASession with ID:" + pendingReq.getInternalSSOSessionIdentifier() + " FOUND."); + throw new MOAIDException("auth.02", new Object[]{pendingReq.getInternalSSOSessionIdentifier()}); } InterfederationSessionStore nextIDPInformation = @@ -139,7 +138,7 @@ public class AttributQueryAction implements IAction { //build PVP 2.1 response Response authResponse = AuthResponseBuilder.buildResponse( - MOAMetadataProvider.getInstance(), issuerEntityID, attrQuery, date, + metadataProvider, issuerEntityID, attrQuery, date, assertion, authConfig.isPVP2AssertionEncryptionActive()); SoapBinding decoder = new SoapBinding(); @@ -156,9 +155,9 @@ public class AttributQueryAction implements IAction { throw new MOAIDException("pvp2.01", null, e); } catch (MOADatabaseException e) { - Logger.error("MOASession with SessionID=" + pendingReq.getMOASessionIdentifier() + Logger.error("MOASession with SessionID=" + pendingReq.getInternalSSOSessionIdentifier() + " is not found in Database", e); - throw new MOAIDException("init.04", new Object[] { pendingReq.getMOASessionIdentifier() }); + throw new MOAIDException("init.04", new Object[] { pendingReq.getInternalSSOSessionIdentifier() }); } @@ -190,21 +189,11 @@ public class AttributQueryAction implements IAction { AuthenticationSession session, List<Attribute> reqAttributes, InterfederationSessionStore nextIDPInformation) throws MOAIDException { try { //mark AttributeQuery as used if it exists - OASessionStore activeOA = authenticationSessionStorage.searchActiveOASSOSession(session, pendingReq.getOAURL(), pendingReq.requestedModule()); - if (activeOA != null) { - //mark - if ( pendingReq instanceof PVPTargetConfiguration && - ((PVPTargetConfiguration) pendingReq).getRequest() instanceof MOARequest && - ((PVPTargetConfiguration) pendingReq).getRequest().getInboundMessage() instanceof AttributeQuery) { - try { - activeOA.setAttributeQueryUsed(true); - MOASessionDBUtils.saveOrUpdate(activeOA); - - } catch (MOADatabaseException e) { - Logger.error("MOASession interfederation information can not stored to database.", e); - - } - } + if ( pendingReq instanceof PVPTargetConfiguration && + ((PVPTargetConfiguration) pendingReq).getRequest() instanceof MOARequest && + ((PVPTargetConfiguration) pendingReq).getRequest().getInboundMessage() instanceof AttributeQuery) { + + authenticationSessionStorage.markOAWithAttributeQueryUsedFlag(session, pendingReq.getOAURL(), pendingReq.requestedModule()); } //build OnlineApplication dynamic from requested attributes (AttributeQuerry Request) and configuration @@ -247,20 +236,16 @@ public class AttributQueryAction implements IAction { AssertionAttributeExtractor extractor = authDataBuilder.getAuthDataFromAttributeQuery(reqAttributes, nextIDPInformation.getUserNameID(), idp); - try { - //mark attribute request as used - if (nextIDPInformation.isStoreSSOInformation()) { - nextIDPInformation.setAttributesRequested(true); - MOASessionDBUtils.saveOrUpdate(nextIDPInformation); + //mark attribute request as used + if (nextIDPInformation.isStoreSSOInformation()) { + nextIDPInformation.setAttributesRequested(true); + authenticationSessionStorage.persistIdpInformation(nextIDPInformation); + //moaSessionDBUtils.saveOrUpdate(nextIDPInformation); - //delete federated IDP from Session - } else { - MOASessionDBUtils.delete(nextIDPInformation); - - } - - } catch (MOADatabaseException e) { - Logger.error("MOASession interfederation information can not stored to database.", e); + //delete federated IDP from Session + } else { + authenticationSessionStorage.deleteIdpInformation(nextIDPInformation); + //moaSessionDBUtils.delete(nextIDPInformation); } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AuthenticationAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AuthenticationAction.java index 8de44a2e8..aac49844e 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AuthenticationAction.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AuthenticationAction.java @@ -61,6 +61,7 @@ import at.gv.egovernment.moa.logging.Logger; public class AuthenticationAction implements IAction { @Autowired IDPCredentialProvider pvpCredentials; @Autowired AuthConfiguration authConfig; + @Autowired(required=true) private MOAMetadataProvider metadataProvider; public SLOInformationInterface processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, IAuthData authData) throws MOAIDException { @@ -70,7 +71,7 @@ public class AuthenticationAction implements IAction { //get basic information MOARequest moaRequest = (MOARequest) pvpRequest.getRequest(); AuthnRequest authnRequest = (AuthnRequest) moaRequest.getSamlRequest(); - EntityDescriptor peerEntity = moaRequest.getEntityMetadata(); + EntityDescriptor peerEntity = moaRequest.getEntityMetadata(metadataProvider); AssertionConsumerService consumerService = SAML2Utils.createSAMLObject(AssertionConsumerService.class); @@ -94,7 +95,7 @@ public class AuthenticationAction implements IAction { peerEntity, date, consumerService, sloInformation); Response authResponse = AuthResponseBuilder.buildResponse( - MOAMetadataProvider.getInstance(), issuerEntityID, authnRequest, + metadataProvider, issuerEntityID, authnRequest, date, assertion, authConfig.isPVP2AssertionEncryptionActive()); IEncoder binding = null; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java index 350690f82..a7a249eed 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java @@ -56,7 +56,6 @@ import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.InvalidProtocolRequestException; import at.gv.egovernment.moa.id.auth.exception.ProtocolNotActiveException; import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; @@ -64,6 +63,7 @@ import at.gv.egovernment.moa.id.auth.frontend.velocity.VelocityLogAdapter; import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.commons.api.IRequest; +import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession; import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.moduls.NoPassivAuthenticationException; @@ -104,6 +104,7 @@ public class PVP2XProtocol extends AbstractAuthProtocolModulController { @Autowired IDPCredentialProvider pvpCredentials; @Autowired SAMLVerificationEngineSP samlVerificationEngine; + @Autowired(required=true) private MOAMetadataProvider metadataProvider; public static final String NAME = PVP2XProtocol.class.getName(); public static final String PATH = "id_pvp2x"; @@ -187,7 +188,7 @@ public class PVP2XProtocol extends AbstractAuthProtocolModulController { //get POST-Binding decoder implementation InboundMessage msg = (InboundMessage) new PostBinding().decode( - req, resp, MOAMetadataProvider.getInstance(), false, + req, resp, metadataProvider, false, new MOAURICompare(PVPConfiguration.getInstance().getIDPSSOPostService(pendingReq.getAuthURL()))); pendingReq.setRequest(msg); @@ -240,7 +241,7 @@ public class PVP2XProtocol extends AbstractAuthProtocolModulController { //get POST-Binding decoder implementation InboundMessage msg = (InboundMessage) new RedirectBinding().decode( - req, resp, MOAMetadataProvider.getInstance(), false, + req, resp, metadataProvider, false, new MOAURICompare(PVPConfiguration.getInstance().getIDPSSORedirectService(pendingReq.getAuthURL()))); pendingReq.setRequest(msg); @@ -294,7 +295,7 @@ public class PVP2XProtocol extends AbstractAuthProtocolModulController { //get POST-Binding decoder implementation InboundMessage msg = (InboundMessage) new SoapBinding().decode( - req, resp, MOAMetadataProvider.getInstance(), false, + req, resp, metadataProvider, false, new MOAURICompare(PVPConfiguration.getInstance().getIDPSSOPostService(pendingReq.getAuthURL()))); pendingReq.setRequest(msg); @@ -336,7 +337,7 @@ public class PVP2XProtocol extends AbstractAuthProtocolModulController { if(!msg.isVerified()) { samlVerificationEngine.verify(msg, - TrustEngineFactory.getSignatureKnownKeysTrustEngine(MOAMetadataProvider.getInstance())); + TrustEngineFactory.getSignatureKnownKeysTrustEngine(metadataProvider)); msg.setVerified(true); } @@ -494,7 +495,7 @@ public class PVP2XProtocol extends AbstractAuthProtocolModulController { msg = (MOARequest) inMsg; - EntityDescriptor metadata = msg.getEntityMetadata(); + EntityDescriptor metadata = msg.getEntityMetadata(metadataProvider); if(metadata == null) { throw new NoMetadataInformationException(); } @@ -526,7 +527,7 @@ public class PVP2XProtocol extends AbstractAuthProtocolModulController { boolean isAllowedDestination = false; for (String prefix : allowedPublicURLPrefix) { - if (!resp.getDestination().startsWith( + if (resp.getDestination().startsWith( prefix)) { isAllowedDestination = true; break; @@ -599,7 +600,7 @@ public class PVP2XProtocol extends AbstractAuthProtocolModulController { //check active MOASession String nameID = attrQuery.getSubject().getNameID().getValue(); - AuthenticationSession session = authenticatedSessionStorage.getSessionWithUserNameID(nameID); + IAuthenticationSession session = authenticatedSessionStorage.getSessionWithUserNameID(nameID); if (session == null) { Logger.warn("AttributeQuery nameID does not match to an active single sign-on session."); throw new AttributQueryException("auth.31", null); @@ -619,7 +620,7 @@ public class PVP2XProtocol extends AbstractAuthProtocolModulController { pendingReq.setAction(AttributQueryAction.class.getName()); //add moasession - pendingReq.setMOASessionIdentifier(session.getSessionID()); + pendingReq.setInternalSSOSessionIdentifier(session.getSessionID()); //write revisionslog entry revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROTOCOL_PVP_REQUEST_ATTRIBUTQUERY); @@ -644,7 +645,7 @@ public class PVP2XProtocol extends AbstractAuthProtocolModulController { throw new MOAIDException("Unsupported request", new Object[] {}); } - EntityDescriptor metadata = moaRequest.getEntityMetadata(); + EntityDescriptor metadata = moaRequest.getEntityMetadata(metadataProvider); if(metadata == null) { throw new NoMetadataInformationException(); } @@ -736,7 +737,7 @@ public class PVP2XProtocol extends AbstractAuthProtocolModulController { } } - String oaURL = moaRequest.getEntityMetadata().getEntityID(); + String oaURL = moaRequest.getEntityMetadata(metadataProvider).getEntityID(); oaURL = StringEscapeUtils.escapeHtml(oaURL); IOAAuthParameters oa = authConfig.getOnlineApplicationParameter(oaURL); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPAssertionStorage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPAssertionStorage.java index 0dd309154..62105abda 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPAssertionStorage.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPAssertionStorage.java @@ -49,7 +49,7 @@ public class PVPAssertionStorage implements SAMLArtifactMap { samlMessage); try { - transactionStorage.put(artifact, assertion); + transactionStorage.put(artifact, assertion, -1); } catch (MOADatabaseException e) { // TODO Insert Error Handling, if Assertion could not be stored diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPTargetConfiguration.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPTargetConfiguration.java index e7f2a7d4b..caf66942e 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPTargetConfiguration.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPTargetConfiguration.java @@ -32,6 +32,7 @@ import org.opensaml.saml2.core.impl.AuthnRequestImpl; import org.opensaml.saml2.metadata.AttributeConsumingService; import org.opensaml.saml2.metadata.RequestedAttribute; import org.opensaml.saml2.metadata.SPSSODescriptor; +import org.opensaml.saml2.metadata.provider.MetadataProvider; import org.springframework.beans.factory.config.BeanDefinition; import org.springframework.context.annotation.Scope; import org.springframework.stereotype.Component; @@ -54,7 +55,6 @@ public class PVPTargetConfiguration extends RequestImpl { private static final long serialVersionUID = 4889919265919638188L; - InboundMessage request; String binding; String consumerURL; @@ -88,14 +88,14 @@ public class PVPTargetConfiguration extends RequestImpl { * @see at.gv.egovernment.moa.id.moduls.RequestImpl#getRequestedAttributes() */ @Override - public Collection<String> getRequestedAttributes() { + public Collection<String> getRequestedAttributes(MetadataProvider metadataProvider) { Map<String, String> reqAttr = new HashMap<String, String>(); for (String el : PVP2XProtocol.DEFAULTREQUESTEDATTRFORINTERFEDERATION) reqAttr.put(el, ""); try { - SPSSODescriptor spSSODescriptor = getRequest().getEntityMetadata().getSPSSODescriptor(SAMLConstants.SAML20P_NS); + SPSSODescriptor spSSODescriptor = getRequest().getEntityMetadata(metadataProvider).getSPSSODescriptor(SAMLConstants.SAML20P_NS); if (spSSODescriptor.getAttributeConsumingServices() != null && spSSODescriptor.getAttributeConsumingServices().size() > 0) { @@ -139,5 +139,6 @@ public class PVPTargetConfiguration extends RequestImpl { } - } + } + } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java index 52bf16247..ff703d585 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java @@ -24,17 +24,11 @@ package at.gv.egovernment.moa.id.protocols.pvp2x; import java.io.Serializable; import java.io.UnsupportedEncodingException; -import java.util.List; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.apache.commons.lang.SerializationUtils; -import org.hibernate.HibernateException; -import org.hibernate.Query; -import org.hibernate.Session; -import org.hibernate.Transaction; -import org.hibernate.resource.transaction.spi.TransactionStatus; import org.opensaml.saml2.core.LogoutRequest; import org.opensaml.saml2.core.LogoutResponse; import org.opensaml.saml2.metadata.SingleLogoutService; @@ -43,13 +37,12 @@ import org.springframework.stereotype.Service; import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants; import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.servlet.RedirectServlet; import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; import at.gv.egovernment.moa.id.commons.api.IRequest; +import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession; import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; -import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils; import at.gv.egovernment.moa.id.commons.db.dao.session.AssertionStore; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; import at.gv.egovernment.moa.id.data.IAuthData; @@ -83,8 +76,8 @@ public class SingleLogOutAction implements IAction { @Autowired private ITransactionStorage transactionStorage; @Autowired private SingleLogOutBuilder sloBuilder; @Autowired private MOAReversionLogger revisionsLogger; - - + + /* (non-Javadoc) * @see at.gv.egovernment.moa.id.moduls.IAction#processRequest(at.gv.egovernment.moa.id.moduls.IRequest, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, at.gv.egovernment.moa.id.data.IAuthData) */ @@ -94,142 +87,147 @@ public class SingleLogOutAction implements IAction { IAuthData authData) throws MOAIDException { PVPTargetConfiguration pvpReq = (PVPTargetConfiguration) req; - + if (pvpReq.getRequest() instanceof MOARequest && ((MOARequest)pvpReq.getRequest()).getSamlRequest() instanceof LogoutRequest) { Logger.debug("Process Single LogOut request"); MOARequest samlReq = (MOARequest) pvpReq.getRequest(); LogoutRequest logOutReq = (LogoutRequest) samlReq.getSamlRequest(); - - AuthenticationSession session = + + IAuthenticationSession session = authenticationSessionStorage.searchMOASessionWithNameIDandOAID( logOutReq.getIssuer().getValue(), logOutReq.getNameID().getValue()); - - if (session == null) { - Logger.warn("Can not find active SSO session with nameID " - + logOutReq.getNameID().getValue() + " and OA " - + logOutReq.getIssuer().getValue()); - Logger.info("Search active SSO session with SSO session cookie"); - String ssoID = ssomanager.getSSOSessionID(httpReq); - if (MiscUtil.isEmpty(ssoID)) { + + if (session == null) { + Logger.warn("Can not find active SSO session with nameID " + + logOutReq.getNameID().getValue() + " and OA " + + logOutReq.getIssuer().getValue()); + Logger.info("Search active SSO session with SSO session cookie"); + String ssoID = ssomanager.getSSOSessionID(httpReq); + if (MiscUtil.isEmpty(ssoID)) { + Logger.info("Can not find active Session. Single LogOut not possible!"); + SingleLogoutService sloService = sloBuilder.getResponseSLODescriptor(pvpReq); + //LogoutResponse message = sloBuilder.buildSLOErrorResponse(sloService, pvpReq, StatusCode.RESPONDER_URI); + LogoutResponse message = sloBuilder.buildSLOResponseMessage(sloService, pvpReq, null); + Logger.info("Sending SLO success message to requester ..."); + sloBuilder.sendFrontChannelSLOMessage(sloService, message, httpReq, httpResp, samlReq.getRelayState()); + return null; + + } else { + try { + session = ssomanager.getInternalMOASession(ssoID); + + if (session == null) + throw new MOADatabaseException(); + + } catch (MOADatabaseException e) { Logger.info("Can not find active Session. Single LogOut not possible!"); SingleLogoutService sloService = sloBuilder.getResponseSLODescriptor(pvpReq); //LogoutResponse message = sloBuilder.buildSLOErrorResponse(sloService, pvpReq, StatusCode.RESPONDER_URI); LogoutResponse message = sloBuilder.buildSLOResponseMessage(sloService, pvpReq, null); Logger.info("Sending SLO success message to requester ..."); - sloBuilder.sendFrontChannelSLOMessage(sloService, message, httpReq, httpResp, samlReq.getRelayState()); + sloBuilder.sendFrontChannelSLOMessage(sloService, message, httpReq, httpResp, samlReq.getRelayState()); return null; - - } else { - String moasession = ssomanager.getMOASession(ssoID); - try { - session = authenticationSessionStorage.getSession(moasession); - - if (session == null) - throw new MOADatabaseException(); - - } catch (MOADatabaseException e) { - Logger.info("Can not find active Session. Single LogOut not possible!"); - SingleLogoutService sloService = sloBuilder.getResponseSLODescriptor(pvpReq); - //LogoutResponse message = sloBuilder.buildSLOErrorResponse(sloService, pvpReq, StatusCode.RESPONDER_URI); - LogoutResponse message = sloBuilder.buildSLOResponseMessage(sloService, pvpReq, null); - Logger.info("Sending SLO success message to requester ..."); - sloBuilder.sendFrontChannelSLOMessage(sloService, message, httpReq, httpResp, samlReq.getRelayState()); - return null; - - } - } + + } + } + } + + authManager.performSingleLogOut(httpReq, httpResp, session, pvpReq); + + } else if (pvpReq.getRequest() instanceof MOAResponse && + ((MOAResponse)pvpReq.getRequest()).getResponse() instanceof LogoutResponse) { + Logger.debug("Process Single LogOut response"); + LogoutResponse logOutResp = (LogoutResponse) ((MOAResponse)pvpReq.getRequest()).getResponse(); + + //Transaction tx = null; + + try { + String relayState = pvpReq.getRequest().getRelayState(); + if (MiscUtil.isEmpty(relayState)) { + Logger.warn("SLO Response from " + logOutResp.getIssuer().getValue() + + " has no SAML2 RelayState."); + throw new SLOException("pvp2.19", null); + } - - authManager.performSingleLogOut(httpReq, httpResp, session, pvpReq); - - } else if (pvpReq.getRequest() instanceof MOAResponse && - ((MOAResponse)pvpReq.getRequest()).getResponse() instanceof LogoutResponse) { - Logger.debug("Process Single LogOut response"); - LogoutResponse logOutResp = (LogoutResponse) ((MOAResponse)pvpReq.getRequest()).getResponse(); - - Transaction tx = null; - - try { - String relayState = pvpReq.getRequest().getRelayState(); - if (MiscUtil.isEmpty(relayState)) { - Logger.warn("SLO Response from " + logOutResp.getIssuer().getValue() - + " has no SAML2 RelayState."); - throw new SLOException("pvp2.19", null); - - } - - Session session = MOASessionDBUtils.getCurrentSession(); - boolean storageSuccess = false; - int counter = 0; - - //TODO: add counter to prevent deadlock - + + //Session session = MOASessionDBUtils.getCurrentSession(); + boolean storageSuccess = false; + int counter = 0; + + //TODO: add counter to prevent deadlock + synchronized(this){ while (!storageSuccess) { - tx = session.beginTransaction(); - - List result; - Query query = session.getNamedQuery("getAssertionWithArtifact"); - query.setParameter("artifact", relayState); - result = query.list(); - Logger.trace("Found entries: " + result.size()); - - //Assertion requires an unique artifact - if (result.size() != 1) { + // tx = session.beginTransaction(); + // + // List result; + // Query query = session.getNamedQuery("getAssertionWithArtifact"); + // query.setParameter("artifact", relayState); + // result = query.list(); + // + // + // Logger.trace("Found entries: " + result.size()); + // + // //Assertion requires an unique artifact + // if (result.size() != 1) { + // Logger.trace("No entries found."); + // throw new MOADatabaseException("No sessioninformation found with this ID"); + // } + // + // AssertionStore element = (AssertionStore) result.get(0); + // Object data = SerializationUtils.deserialize(element.getAssertion()); + Logger.debug("Current Thread getAssertionStore: "+Thread.currentThread().getId()); + Object o = transactionStorage.getAssertionStore(relayState); + if(o==null){ Logger.trace("No entries found."); - throw new MOADatabaseException("No sessioninformation found with this ID"); + throw new MOADatabaseException("No sessioninformation found with this ID"); } - - AssertionStore element = (AssertionStore) result.get(0); - Object data = SerializationUtils.deserialize(element.getAssertion()); - + AssertionStore element = (AssertionStore) o; + Object data = SerializationUtils.deserialize(element.getAssertion()); + if (data instanceof SLOInformationContainer) { ISLOInformationContainer sloContainer = (ISLOInformationContainer) data; - + //check status sloBuilder.checkStatusCode(sloContainer, logOutResp); - + if (sloContainer.hasFrontChannelOA()) { try { //some response are open byte[] serializedSLOContainer = SerializationUtils.serialize((Serializable) sloContainer); element.setAssertion(serializedSLOContainer); element.setType(sloContainer.getClass().getName()); - - session.saveOrUpdate(element); - tx.commit(); - + + // session.saveOrUpdate(element); + // tx.commit(); + Logger.debug("Current Thread putAssertionStore: "+Thread.currentThread().getId()); + transactionStorage.putAssertionStore(element); + //sloContainer could be stored to database storageSuccess = true; - - } catch(HibernateException e) { - tx.rollback(); + + } catch(MOADatabaseException e) { + //tx.rollback(); counter++; Logger.debug("SLOContainter could not stored to database. Wait some time and restart storage process ... "); java.util.Random rand = new java.util.Random(); - + try { Thread.sleep(rand.nextInt(20)*10); - + } catch (InterruptedException e1) { Logger.warn("Thread could not stopped. ReStart storage process immediately", e1); } } - + } else { - //last response received. - try { - session.delete(element); - tx.commit(); - - } catch(HibernateException e) { - tx.rollback(); - Logger.error("SLOContainter could not deleted from database. "); - - } - + Logger.debug("Current Thread removeElement by Artifact: "+Thread.currentThread().getId()); + transactionStorage.remove(element.getArtifact()); + // session.delete(element); + // tx.commit(); + storageSuccess = true; String redirectURL = null; if (sloContainer.getSloRequest() != null) { @@ -237,70 +235,72 @@ public class SingleLogOutAction implements IAction { SingleLogoutService sloService = sloBuilder.getResponseSLODescriptor(sloContainer.getSloRequest()); LogoutResponse message = sloBuilder.buildSLOResponseMessage(sloService, sloContainer.getSloRequest(), sloContainer.getSloFailedOAs()); redirectURL = sloBuilder.getFrontChannelSLOMessageURL(sloService, message, httpReq, httpResp, sloContainer.getSloRequest().getRequest().getRelayState()); - + } else { //print SLO information directly redirectURL = req.getAuthURL() + "/idpSingleLogout"; - + String artifact = Random.nextRandom(); - - String statusCode = null; + + String statusCode = null; if (sloContainer.getSloFailedOAs() == null || - sloContainer.getSloFailedOAs().size() == 0) { - statusCode = MOAIDAuthConstants.SLOSTATUS_SUCCESS; - revisionsLogger.logEvent(sloContainer.getSessionID(), sloContainer.getTransactionID(), - MOAIDEventConstants.AUTHPROCESS_SLO_ALL_VALID); - + sloContainer.getSloFailedOAs().size() == 0) { + statusCode = MOAIDAuthConstants.SLOSTATUS_SUCCESS; + revisionsLogger.logEvent(sloContainer.getSessionID(), sloContainer.getTransactionID(), + MOAIDEventConstants.AUTHPROCESS_SLO_ALL_VALID); + } else { revisionsLogger.logEvent(sloContainer.getSessionID(), sloContainer.getTransactionID(), MOAIDEventConstants.AUTHPROCESS_SLO_NOT_ALL_VALID); - statusCode = MOAIDAuthConstants.SLOSTATUS_ERROR; - + statusCode = MOAIDAuthConstants.SLOSTATUS_ERROR; + } - transactionStorage.put(artifact, statusCode); - redirectURL = addURLParameter(redirectURL, MOAIDAuthConstants.PARAM_SLOSTATUS, artifact); - + transactionStorage.put(artifact, statusCode, -1); + redirectURL = addURLParameter(redirectURL, MOAIDAuthConstants.PARAM_SLOSTATUS, artifact); + } //redirect to Redirect Servlet String url = req.getAuthURL() + "/RedirectServlet"; url = addURLParameter(url, RedirectServlet.REDIRCT_PARAM_URL, URLEncoder.encode(redirectURL, "UTF-8")); url = httpResp.encodeRedirectURL(url); - + httpResp.setContentType("text/html"); httpResp.setStatus(302); httpResp.addHeader("Location", url); - + } } else { Logger.warn("Sessioninformation Cast-Exception by using Artifact=" + relayState); throw new MOADatabaseException("Sessioninformation Cast-Exception"); - + } } - - } catch (MOADatabaseException e) { - Logger.error("MOA AssertionDatabase ERROR", e); - throw new SLOException("pvp2.19", null); - - } catch (UnsupportedEncodingException e) { - Logger.error("Finale SLO redirct not possible.", e); - throw new AuthenticationException("pvp2.13", new Object[]{}); - - } finally { - if (tx != null && !tx.getStatus().equals(TransactionStatus.COMMITTED)) { - tx.commit(); - - } } - - - - } else { - Logger.error("Process SingleLogOutAction but request is NOT of type LogoutRequest or LogoutResponse."); - throw new MOAIDException("pvp2.13", null); - - } - + } catch (MOADatabaseException e) { + Logger.error("MOA AssertionDatabase ERROR", e); + throw new SLOException("pvp2.19", null); + + } catch (UnsupportedEncodingException e) { + Logger.error("Finale SLO redirct not possible.", e); + throw new AuthenticationException("pvp2.13", new Object[]{}); + + } + + // finally { + // if (tx != null && !tx.getStatus().equals(TransactionStatus.COMMITTED)) { + // tx.commit(); + // + // } + // } + + + + } else { + Logger.error("Process SingleLogOutAction but request is NOT of type LogoutRequest or LogoutResponse."); + throw new MOAIDException("pvp2.13", null); + + } + return null; } @@ -320,7 +320,7 @@ public class SingleLogOutAction implements IAction { public String getDefaultActionName() { return PVP2XProtocol.SINGLELOGOUT; } - + protected static String addURLParameter(String url, String paramname, String paramvalue) { String param = paramname + "=" + paramvalue; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/SoapBinding.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/SoapBinding.java index 25b22f0ad..94d91694a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/SoapBinding.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/SoapBinding.java @@ -62,6 +62,7 @@ import at.gv.egovernment.moa.util.MiscUtil; public class SoapBinding implements IDecoder, IEncoder { + @Autowired(required=true) private MOAMetadataProvider metadataProvider; @Autowired private IDPCredentialProvider credentialProvider; public InboundMessageInterface decode(HttpServletRequest req, @@ -109,7 +110,7 @@ public class SoapBinding implements IDecoder, IEncoder { RequestAbstractType attributeRequest = (RequestAbstractType) attrReq; try { if (MiscUtil.isNotEmpty(attributeRequest.getIssuer().getValue()) && - MOAMetadataProvider.getInstance().getRole( + metadataProvider.getRole( attributeRequest.getIssuer().getValue(), SPSSODescriptor.DEFAULT_ELEMENT_NAME) != null) request.setEntityID(attributeRequest.getIssuer().getValue()); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/PVPMetadataBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/PVPMetadataBuilder.java index 855925272..e2f8664d8 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/PVPMetadataBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/PVPMetadataBuilder.java @@ -24,8 +24,6 @@ package at.gv.egovernment.moa.id.protocols.pvp2x.builder; import java.io.IOException; import java.io.StringWriter; -import java.security.PrivateKey; -import java.security.interfaces.RSAPrivateKey; import java.util.List; import javax.xml.parsers.DocumentBuilder; @@ -66,7 +64,6 @@ import org.opensaml.xml.security.credential.UsageType; import org.opensaml.xml.security.keyinfo.KeyInfoGenerator; import org.opensaml.xml.security.x509.X509KeyInfoGeneratorFactory; import org.opensaml.xml.signature.Signature; -import org.opensaml.xml.signature.SignatureConstants; import org.opensaml.xml.signature.SignatureException; import org.opensaml.xml.signature.Signer; import org.springframework.stereotype.Service; @@ -74,6 +71,7 @@ import org.w3c.dom.Document; import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; import at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPMetadataBuilderConfiguration; +import at.gv.egovernment.moa.id.protocols.pvp2x.signer.AbstractCredentialProvider; import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialsNotAvailableException; import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils; import at.gv.egovernment.moa.logging.Logger; @@ -153,7 +151,7 @@ public class PVPMetadataBuilder { //set metadata signature parameters Credential metadataSignCred = config.getMetadataSigningCredentials(); - Signature signature = getIDPSignature(metadataSignCred); + Signature signature = AbstractCredentialProvider.getIDPSignature(metadataSignCred); SecurityHelper.prepareSignatureParams(signature, metadataSignCred, null, null); @@ -437,27 +435,5 @@ public class PVPMetadataBuilder { return idpSSODescriptor; } - - private Signature getIDPSignature(Credential credentials) { - PrivateKey privatekey = credentials.getPrivateKey(); - Signature signer = SAML2Utils.createSAMLObject(Signature.class); - if (privatekey instanceof RSAPrivateKey) { - signer.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256); - - } else if (privatekey instanceof iaik.security.ecc.ecdsa.ECPrivateKey) { - signer.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_ECDSA_SHA1); - - } else { - Logger.warn("Could NOT evaluate the Private-Key type from " + credentials.getEntityId() + " credential."); - - - } - - signer.setCanonicalizationAlgorithm(SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS); - signer.setSigningCredential(credentials); - return signer; - - } - } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/SingleLogOutBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/SingleLogOutBuilder.java index e5c897aa6..de59e6055 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/SingleLogOutBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/SingleLogOutBuilder.java @@ -94,8 +94,9 @@ import at.gv.egovernment.moa.logging.Logger; @Service("PVP_SingleLogOutBuilder") public class SingleLogOutBuilder { + @Autowired(required=true) private MOAMetadataProvider metadataProvider; @Autowired private IDPCredentialProvider credentialProvider; - + public void checkStatusCode(ISLOInformationContainer sloContainer, LogoutResponse logOutResp) { Status status = logOutResp.getStatus(); if (!status.getStatusCode().getValue().equals(StatusCode.SUCCESS_URI)) { @@ -353,7 +354,7 @@ public class SingleLogOutBuilder { public SingleLogoutService getRequestSLODescriptor(String entityID) throws NOSLOServiceDescriptorException { try { - EntityDescriptor entity = MOAMetadataProvider.getInstance().getEntityDescriptor(entityID); + EntityDescriptor entity = metadataProvider.getEntityDescriptor(entityID); SSODescriptor spsso = entity.getSPSSODescriptor(SAMLConstants.SAML20P_NS); SingleLogoutService sloService = null; @@ -394,7 +395,7 @@ public class SingleLogOutBuilder { public SingleLogoutService getResponseSLODescriptor(PVPTargetConfiguration spRequest) throws NoMetadataInformationException, NOSLOServiceDescriptorException { MOARequest moaReq = (MOARequest) spRequest.getRequest(); - EntityDescriptor metadata = moaReq.getEntityMetadata(); + EntityDescriptor metadata = moaReq.getEntityMetadata(metadataProvider); SSODescriptor ssodesc = metadata.getSPSSODescriptor(SAMLConstants.SAML20P_NS); if (ssodesc == null) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java index 200429093..55d8fa1ff 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java @@ -459,8 +459,15 @@ public class PVP2AssertionBuilder implements PVPConstants { subjectConfirmationData.setNotOnOrAfter(new DateTime(authData.getSsoSessionValidTo().getTime())); // subjectConfirmationData.setNotBefore(date); + //set 'recipient' attribute in subjectConformationData subjectConfirmationData.setRecipient(assertionConsumerService.getLocation()); + //set IP address of the user machine as 'Address' attribute in subjectConformationData + String usersIPAddress = pendingReq.getGenericData( + PVPTargetConfiguration.DATAID_REQUESTER_IP_ADDRESS, String.class); + if (MiscUtil.isNotEmpty(usersIPAddress)) + subjectConfirmationData.setAddress(usersIPAddress); + //set SLO information sloInformation.setUserNameIdentifier(subjectNameID.getValue()); sloInformation.setNameIDFormat(subjectNameID.getFormat()); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/messages/InboundMessage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/messages/InboundMessage.java index 332caf967..8c8345bbf 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/messages/InboundMessage.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/messages/InboundMessage.java @@ -25,11 +25,11 @@ package at.gv.egovernment.moa.id.protocols.pvp2x.messages; import java.io.Serializable; import org.opensaml.saml2.metadata.EntityDescriptor; +import org.opensaml.saml2.metadata.provider.MetadataProvider; import org.opensaml.saml2.metadata.provider.MetadataProviderException; import org.w3c.dom.Element; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.NoMetadataInformationException; -import at.gv.egovernment.moa.id.protocols.pvp2x.metadata.MOAMetadataProvider; import at.gv.egovernment.moa.logging.Logger; /** @@ -46,10 +46,12 @@ public class InboundMessage implements InboundMessageInterface, Serializable{ private String relayState = null; - public EntityDescriptor getEntityMetadata() throws NoMetadataInformationException { - + public EntityDescriptor getEntityMetadata(MetadataProvider metadataProvider) throws NoMetadataInformationException { try { - return MOAMetadataProvider.getInstance().getEntityDescriptor(this.entityID); + if (metadataProvider == null) + throw new NullPointerException("No PVP MetadataProvider found."); + + return metadataProvider.getEntityDescriptor(this.entityID); } catch (MetadataProviderException e) { Logger.warn("No Metadata for EntitiyID " + entityID); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java index 3002ca179..b2597c3cb 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java @@ -31,6 +31,7 @@ import java.util.Iterator; import java.util.List; import java.util.Map; import java.util.Map.Entry; +import java.util.Timer; import javax.xml.namespace.QName; @@ -44,13 +45,14 @@ import org.opensaml.saml2.metadata.provider.MetadataProvider; import org.opensaml.saml2.metadata.provider.MetadataProviderException; import org.opensaml.saml2.metadata.provider.ObservableMetadataProvider; import org.opensaml.xml.XMLObject; +import org.springframework.stereotype.Service; +import at.gv.egovernment.moa.id.auth.IDestroyableObject; +import at.gv.egovernment.moa.id.auth.IGarbageCollectorProcessing; import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.id.config.auth.IGarbageCollectorProcessing; -import at.gv.egovernment.moa.id.config.auth.MOAGarbageCollector; import at.gv.egovernment.moa.id.protocols.pvp2x.verification.metadata.InterfederatedIDPPublicServiceFilter; import at.gv.egovernment.moa.id.protocols.pvp2x.verification.metadata.PVPMetadataFilterChain; import at.gv.egovernment.moa.id.protocols.pvp2x.verification.metadata.SchemaValidationFilter; @@ -58,69 +60,99 @@ import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.Base64Utils; import at.gv.egovernment.moa.util.MiscUtil; +@Service("PVPMetadataProvider") public class MOAMetadataProvider extends SimpleMOAMetadataProvider - implements ObservableMetadataProvider, IGarbageCollectorProcessing, IMOARefreshableMetadataProvider { + implements ObservableMetadataProvider, IGarbageCollectorProcessing, + IMOARefreshableMetadataProvider, IDestroyableObject { - private static MOAMetadataProvider instance = null; + //private static final int METADATA_GARBAGE_TIMEOUT_SEC = 604800; //7 days + +// private static MOAMetadataProvider instance = null; + MetadataProvider internalProvider = null; + private Timer timer = null; private static Object mutex = new Object(); + //private Map<String, Date> lastAccess = null; - public static MOAMetadataProvider getInstance() { - if (instance == null) { - synchronized (mutex) { - if (instance == null) { - instance = new MOAMetadataProvider(); - - //add this to MOA garbage collector - MOAGarbageCollector.addModulForGarbageCollection(instance); - - } - } - } - return instance; + public MOAMetadataProvider() { + internalProvider = new ChainingMetadataProvider(); + //lastAccess = new HashMap<String, Date>(); + } +// public static MOAMetadataProvider getInstance() { +// if (instance == null) { +// synchronized (mutex) { +// if (instance == null) { +// instance = new MOAMetadataProvider(); +// +// //add this to MOA garbage collector +// MOAGarbageCollector.addModulForGarbageCollection(instance); +// +// } +// } +// } +// return instance; +// } + /* (non-Javadoc) * @see at.gv.egovernment.moa.id.config.auth.IGarbageCollectorProcessing#runGarbageCollector() */ @Override public void runGarbageCollector() { - reInitialize(); - - } - - private static void reInitialize() { synchronized (mutex) { /**add new Metadataprovider or remove Metadataprovider which are not in use any more.**/ - if (instance != null) - try { - Logger.trace("Check consistence of PVP2X metadata"); - instance.addAndRemoveMetadataProvider(); + try { + Logger.trace("Check consistence of PVP2X metadata"); + addAndRemoveMetadataProvider(); - } catch (ConfigurationException e) { - Logger.error("Access to MOA-ID configuration FAILED.", e); + } catch (ConfigurationException e) { + Logger.error("Access to MOA-ID configuration FAILED.", e); - } - else - Logger.info("MOAMetadataProvider is not loaded."); + } } + } - public static void destroy() { - if (instance != null) { - instance.internalDestroy(); + +// private static void reInitialize() { +// synchronized (mutex) { +// +// /**add new Metadataprovider or remove Metadataprovider which are not in use any more.**/ +// if (instance != null) +// try { +// Logger.trace("Check consistence of PVP2X metadata"); +// instance.addAndRemoveMetadataProvider(); +// +// } catch (ConfigurationException e) { +// Logger.error("Access to MOA-ID configuration FAILED.", e); +// +// } +// else +// Logger.info("MOAMetadataProvider is not loaded."); +// } +// } + + public void fullyDestroy() { + internalDestroy(); - } else { - Logger.info("MOAMetadataProvider is not loaded. Accordingly it can not be destroyed"); - } } - MetadataProvider internalProvider; + @Override - public boolean refreshMetadataProvider(String entityID) { - try { + public synchronized boolean refreshMetadataProvider(String entityID) { + try { + //check if metadata provider is already loaded + try { + if (internalProvider.getEntityDescriptor(entityID) != null) + return true; + + } catch (MetadataProviderException e) {} + + + //reload metadata provider IOAAuthParameters oaParam = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(entityID); if (oaParam != null) { @@ -142,10 +174,14 @@ public class MOAMetadataProvider extends SimpleMOAMetadataProvider byte[] cert = Base64Utils.decode(certBase64, false); String oaFriendlyName = oaParam.getFriendlyName(); + if (timer == null) + timer = new Timer(true); + ChainingMetadataProvider chainProvider = (ChainingMetadataProvider) internalProvider; HTTPMetadataProvider newMetadataProvider = createNewHTTPMetaDataProvider(metadataURL, buildMetadataFilterChain(oaParam, metadataURL, cert), - oaFriendlyName); + oaFriendlyName, + timer); chainProvider.addMetadataProvider(newMetadataProvider); @@ -208,7 +244,7 @@ public class MOAMetadataProvider extends SimpleMOAMetadataProvider private void addAndRemoveMetadataProvider() throws ConfigurationException { if (internalProvider != null && internalProvider instanceof ChainingMetadataProvider) { - Logger.info("Relaod MOAMetaDataProvider."); + Logger.info("Reload MOAMetaDataProvider."); /*OpenSAML ChainingMetadataProvider can not remove a MetadataProvider (UnsupportedOperationException) *The ChainingMetadataProvider use internal a unmodifiableList to hold all registrated MetadataProviders.*/ @@ -217,7 +253,19 @@ public class MOAMetadataProvider extends SimpleMOAMetadataProvider //get all actually loaded metadata providers Map<String, HTTPMetadataProvider> loadedproviders = getAllActuallyLoadedProviders(); - + + /* TODO: maybe add metadata provider destroy after timeout. + * But could be a problem if one Metadataprovider load an EntitiesDescriptor + * with more the multiple EntityDescriptors. If one of this EntityDesciptors + * are expired the full EntitiesDescriptor is removed. + * + * Timeout requires a better solution in this case! + */ +// Date now = new Date(); +// Date expioredate = new Date(now.getTime() - (METADATA_GARBAGE_TIMEOUT_SEC * 1000)); +// Logger.debug("Starting PVP Metadata garbag collection (Expioredate:" +// + expioredate + ")"); + //load all PVP2 OAs form ConfigurationDatabase and //compare actually loaded Providers with configured PVP2 OAs Map<String, String> allOAs = AuthConfigurationProviderFactory.getInstance().getConfigurationWithWildCard( @@ -238,30 +286,31 @@ public class MOAMetadataProvider extends SimpleMOAMetadataProvider HTTPMetadataProvider httpProvider = null; try { if (MiscUtil.isNotEmpty(metadataurl)) { - if (loadedproviders.containsKey(metadataurl)) { + if (loadedproviders.containsKey(metadataurl)) { // PVP2 OA is actually loaded, to nothing providersinuse.put(metadataurl, loadedproviders.get(metadataurl)); loadedproviders.remove(metadataurl); - } else if ( MiscUtil.isNotEmpty(metadataurl) && - !providersinuse.containsKey(metadataurl) ) { - //PVP2 OA is new, add it to MOAMetadataProvider - String certBase64 = oaParam.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_CERTIFICATE); - if (MiscUtil.isNotEmpty(certBase64)) { - byte[] cert = Base64Utils.decode(certBase64, false); - String oaFriendlyName = oaParam.getFriendlyName(); - - - Logger.info("Loading metadata for: " + oaFriendlyName); - httpProvider = createNewHTTPMetaDataProvider( - metadataurl, - buildMetadataFilterChain(oaParam, metadataurl, cert), - oaFriendlyName); - - if (httpProvider != null) - providersinuse.put(metadataurl, httpProvider); - } + //INFO: load metadata dynamically if they are requested +// } else if ( MiscUtil.isNotEmpty(metadataurl) && +// !providersinuse.containsKey(metadataurl) ) { +// //PVP2 OA is new, add it to MOAMetadataProvider +// String certBase64 = oaParam.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_CERTIFICATE); +// if (MiscUtil.isNotEmpty(certBase64)) { +// byte[] cert = Base64Utils.decode(certBase64, false); +// String oaFriendlyName = oaParam.getFriendlyName(); +// +// +// Logger.info("Loading metadata for: " + oaFriendlyName); +// httpProvider = createNewHTTPMetaDataProvider( +// metadataurl, +// buildMetadataFilterChain(oaParam, metadataurl, cert), +// oaFriendlyName); +// +// if (httpProvider != null) +// providersinuse.put(metadataurl, httpProvider); +// } } } @@ -324,7 +373,7 @@ public class MOAMetadataProvider extends SimpleMOAMetadataProvider public void internalDestroy() { if (internalProvider != null && internalProvider instanceof ChainingMetadataProvider) { - Logger.info("Destrorying MOAMetaDataProvider."); + Logger.info("Destrorying PVP-Authentication MetaDataProvider."); ChainingMetadataProvider chainProvider = (ChainingMetadataProvider) internalProvider; List<MetadataProvider> providers = chainProvider.getProviders(); @@ -339,15 +388,25 @@ public class MOAMetadataProvider extends SimpleMOAMetadataProvider } } - instance = null; + internalProvider = new ChainingMetadataProvider(); + + if (timer != null) + timer.cancel(); + } else { Logger.warn("ReInitalize MOAMetaDataProvider is not possible! MOA-ID Instance has to be restarted manualy"); } } - private MOAMetadataProvider() { + @Deprecated + /** + * Load all PVP metadata from OA configuration + * + * This method is deprecated because OA metadata should be loaded dynamically + * if the corresponding OA is requested. + */ + private void loadAllPVPMetadataFromKonfiguration() { ChainingMetadataProvider chainProvider = new ChainingMetadataProvider(); - Logger.info("Loading metadata"); Map<String, MetadataProvider> providersinuse = new HashMap<String, MetadataProvider>(); try { @@ -374,12 +433,16 @@ public class MOAMetadataProvider extends SimpleMOAMetadataProvider byte[] cert = Base64Utils.decode(certBase64, false); + if (timer == null) + timer = new Timer(true); + Logger.info("Loading metadata for: " + oaFriendlyName); if (!providersinuse.containsKey(metadataurl)) { httpProvider = createNewHTTPMetaDataProvider( metadataurl, buildMetadataFilterChain(oaParam, metadataurl, cert), - oaFriendlyName); + oaFriendlyName, + timer); if (httpProvider != null) providersinuse.put(metadataurl, httpProvider); @@ -417,14 +480,15 @@ public class MOAMetadataProvider extends SimpleMOAMetadataProvider + e.getMessage(), e); } + internalProvider = chainProvider; + } catch (ConfigurationException e) { Logger.error("Access MOA-ID configuration FAILED.", e); } - - internalProvider = chainProvider; + } - + private PVPMetadataFilterChain buildMetadataFilterChain(IOAAuthParameters oaParam, String metadataURL, byte[] certificate) throws CertificateException { PVPMetadataFilterChain filterChain = new PVPMetadataFilterChain(metadataURL, certificate); filterChain.getFilters().add(new SchemaValidationFilter()); @@ -505,17 +569,30 @@ public class MOAMetadataProvider extends SimpleMOAMetadataProvider } +// if (entityDesc != null) +// lastAccess.put(entityID, new Date()); + return entityDesc; } public List<RoleDescriptor> getRole(String entityID, QName roleName) - throws MetadataProviderException { - return internalProvider.getRole(entityID, roleName); + throws MetadataProviderException { + List<RoleDescriptor> result = internalProvider.getRole(entityID, roleName); + +// if (result != null) +// lastAccess.put(entityID, new Date()); + + return result; } public RoleDescriptor getRole(String entityID, QName roleName, String supportedProtocol) throws MetadataProviderException { - return internalProvider.getRole(entityID, roleName, supportedProtocol); + RoleDescriptor result = internalProvider.getRole(entityID, roleName, supportedProtocol); + +// if (result != null) +// lastAccess.put(entityID, new Date()); + + return result; } /* (non-Javadoc) diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/SimpleMOAMetadataProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/SimpleMOAMetadataProvider.java index 442455d4b..c0ba1d96d 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/SimpleMOAMetadataProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/SimpleMOAMetadataProvider.java @@ -53,12 +53,13 @@ public abstract class SimpleMOAMetadataProvider implements MetadataProvider{ * @param metadataURL URL, where the metadata should be loaded * @param filter Filters, which should be used to validate the metadata * @param IdForLogging Id, which is used for Logging + * @param timer {@link Timer} which is used to schedule metadata refresh operations * * @return SAML2 Metadata Provider */ - protected HTTPMetadataProvider createNewHTTPMetaDataProvider(String metadataURL, MetadataFilter filter, String IdForLogging ) { + protected HTTPMetadataProvider createNewHTTPMetaDataProvider(String metadataURL, MetadataFilter filter, String IdForLogging, Timer timer) { HTTPMetadataProvider httpProvider = null; - Timer timer= null; + //Timer timer= null; MOAHttpClient httpClient = null; try { httpClient = new MOAHttpClient(); @@ -67,11 +68,11 @@ public abstract class SimpleMOAMetadataProvider implements MetadataProvider{ try { MOAHttpProtocolSocketFactory protoSocketFactory = new MOAHttpProtocolSocketFactory( PVPConstants.SSLSOCKETFACTORYNAME, - AuthConfigurationProviderFactory.getInstance().getCertstoreDirectory(), AuthConfigurationProviderFactory.getInstance().getTrustedCACertificates(), null, AuthConfiguration.DEFAULT_X509_CHAININGMODE, - AuthConfigurationProviderFactory.getInstance().isTrustmanagerrevoationchecking()); + AuthConfigurationProviderFactory.getInstance().isTrustmanagerrevoationchecking(), + AuthConfigurationProviderFactory.getInstance().getRevocationMethodOrder()); httpClient.setCustomSSLTrustStore(metadataURL, protoSocketFactory); @@ -81,7 +82,7 @@ public abstract class SimpleMOAMetadataProvider implements MetadataProvider{ } } - timer = new Timer(); +// timer = new Timer(true); httpProvider = new HTTPMetadataProvider(timer, httpClient, metadataURL); httpProvider.setParserPool(new BasicParserPool()); @@ -121,10 +122,10 @@ public abstract class SimpleMOAMetadataProvider implements MetadataProvider{ httpProvider.destroy(); } - if (timer != null) { - Logger.debug("Destroy Timer."); - timer.cancel(); - } +// if (timer != null) { +// Logger.debug("Destroy Timer."); +// timer.cancel(); +// } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/AbstractCredentialProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/AbstractCredentialProvider.java index bf4cfd480..77cc7228b 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/AbstractCredentialProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/AbstractCredentialProvider.java @@ -24,6 +24,7 @@ package at.gv.egovernment.moa.id.protocols.pvp2x.signer; import java.security.KeyStore; import java.security.PrivateKey; +import java.security.interfaces.ECPrivateKey; import java.security.interfaces.RSAPrivateKey; import org.opensaml.xml.security.credential.Credential; @@ -198,7 +199,7 @@ public abstract class AbstractCredentialProvider { if (privatekey instanceof RSAPrivateKey) { signer.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256); - } else if (privatekey instanceof iaik.security.ecc.ecdsa.ECPrivateKey) { + } else if (privatekey instanceof ECPrivateKey) { signer.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_ECDSA_SHA1); } else { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/MOASAMLSOAPClient.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/MOASAMLSOAPClient.java index 0426c2a6a..0d1f54249 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/MOASAMLSOAPClient.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/MOASAMLSOAPClient.java @@ -72,12 +72,12 @@ public class MOASAMLSOAPClient { try { SecureProtocolSocketFactory sslprotocolsocketfactory = new MOAHttpProtocolSocketFactory( - PVPConstants.SSLSOCKETFACTORYNAME, - AuthConfigurationProviderFactory.getInstance().getCertstoreDirectory(), + PVPConstants.SSLSOCKETFACTORYNAME, AuthConfigurationProviderFactory.getInstance().getTrustedCACertificates(), null, AuthConfigurationProviderFactory.getInstance().getDefaultChainingMode(), - AuthConfigurationProviderFactory.getInstance().isTrustmanagerrevoationchecking()); + AuthConfigurationProviderFactory.getInstance().isTrustmanagerrevoationchecking(), + AuthConfigurationProviderFactory.getInstance().getRevocationMethodOrder()); clientBuilder.setHttpsProtocolSocketFactory(sslprotocolsocketfactory ); } catch (MOAHttpProtocolSocketFactoryException e) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerificationEngine.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerificationEngine.java index f384dd511..f6104bdeb 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerificationEngine.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerificationEngine.java @@ -41,6 +41,7 @@ import org.opensaml.xml.security.criteria.EntityIDCriteria; import org.opensaml.xml.security.criteria.UsageCriteria; import org.opensaml.xml.signature.SignatureTrustEngine; import org.opensaml.xml.validation.ValidationException; +import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; import org.w3c.dom.Element; import org.xml.sax.SAXException; @@ -56,6 +57,8 @@ import at.gv.egovernment.moa.util.MiscUtil; @Service("SAMLVerificationEngine") public class SAMLVerificationEngine { + + @Autowired(required=true) MOAMetadataProvider metadataProvider; public void verify(InboundMessage msg, SignatureTrustEngine sigTrustEngine ) throws org.opensaml.xml.security.SecurityException, Exception { try { @@ -72,7 +75,8 @@ public class SAMLVerificationEngine { } Logger.debug("PVP2X message validation FAILED. Relead metadata for entityID: " + msg.getEntityID()); - if (!MOAMetadataProvider.getInstance().refreshMetadataProvider(msg.getEntityID())) + + if (metadataProvider == null || !metadataProvider.refreshMetadataProvider(msg.getEntityID())) throw e; else { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/MOASPMetadataSignatureFilter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/MOASPMetadataSignatureFilter.java index 3d69b0380..b6fed5934 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/MOASPMetadataSignatureFilter.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/MOASPMetadataSignatureFilter.java @@ -33,7 +33,7 @@ import org.opensaml.saml2.metadata.provider.MetadataFilter; import org.opensaml.xml.XMLObject; import at.gv.egovernment.moa.id.auth.builder.SignatureVerificationUtils; -import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse; +import at.gv.egovernment.moa.id.commons.api.data.IVerifiyXMLSignatureResponse; import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.DOMUtils; @@ -78,7 +78,7 @@ public class MOASPMetadataSignatureFilter implements MetadataFilter { SignatureVerificationUtils sigVerify = new SignatureVerificationUtils(); - VerifyXMLSignatureResponse result = sigVerify.verify( + IVerifiyXMLSignatureResponse result = sigVerify.verify( serialized, trustProfileID); //check signature-verification result @@ -102,9 +102,11 @@ public class MOASPMetadataSignatureFilter implements MetadataFilter { } + Logger.debug("SAML metadata for entityID:" + entityDes.getEntityID() + " is valid"); } catch (MOAIDException | TransformerFactoryConfigurationError | TransformerException | IOException e) { - Logger.error("Metadata verification has an interal error.", e); + Logger.error("Metadata verification for Entity:" + entityDes.getEntityID() + + " has an interal error.", e); throw new FilterException("Metadata verification has an interal error." + " Message:" + e.getMessage()); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBAuthenticationSessionStoreage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBAuthenticationSessionStoreage.java index 094e25040..ad200e400 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBAuthenticationSessionStoreage.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBAuthenticationSessionStoreage.java @@ -26,15 +26,16 @@ import java.util.ArrayList; import java.util.Date; import java.util.List; +import javax.persistence.EntityManager; +import javax.persistence.PersistenceContext; +import javax.persistence.Query; + import org.apache.commons.lang.SerializationUtils; import org.apache.commons.lang.StringEscapeUtils; import org.hibernate.HibernateException; -import org.hibernate.Query; -import org.hibernate.Session; -import org.hibernate.Transaction; -import org.hibernate.resource.transaction.spi.TransactionStatus; import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.stereotype.Service; +import org.springframework.stereotype.Repository; +import org.springframework.transaction.annotation.Transactional; import com.fasterxml.jackson.core.JsonProcessingException; @@ -45,7 +46,7 @@ import at.gv.egovernment.moa.id.auth.exception.BuildException; import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.commons.api.IRequest; -import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils; +import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession; import at.gv.egovernment.moa.id.commons.db.dao.session.AuthenticatedSessionStore; import at.gv.egovernment.moa.id.commons.db.dao.session.InterfederationSessionStore; import at.gv.egovernment.moa.id.commons.db.dao.session.OASessionStore; @@ -61,20 +62,26 @@ import at.gv.egovernment.moa.id.util.SessionEncrytionUtil; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; -@Service("AuthenticationSessionStoreage") +@Repository("AuthenticationSessionStoreage") +@Transactional("sessionTransactionManager") public class DBAuthenticationSessionStoreage implements IAuthenticationSessionStoreage{ + @PersistenceContext(unitName="session") + private EntityManager entityManager; + @Autowired AuthConfiguration authConfig; private static JsonMapper mapper = new JsonMapper(); + //@Autowired MOASessionDBUtils moaSessionDBUtils; + @Override - public boolean isAuthenticated(String moaSessionID) { + public boolean isAuthenticated(String internalSsoSessionID) { AuthenticatedSessionStore session; try { - session = searchInDatabase(moaSessionID, true); + session = searchInDatabase(internalSsoSessionID); return session.isAuthenticated(); } catch (MOADatabaseException e) { @@ -83,8 +90,8 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt } @Override - public AuthenticationSession createSession(IRequest target) throws MOADatabaseException, BuildException { - String id = Random.nextRandom(); + public AuthenticationSession createInternalSSOSession(IRequest target) throws MOADatabaseException, BuildException { + String id = Random.nextLongRandom(); try { AuthenticatedSessionStore dbsession = new AuthenticatedSessionStore(); dbsession.setSessionid(id); @@ -100,18 +107,18 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt sessionExt.setUniqueSessionId(target.getUniqueSessionIdentifier()); dbsession.setAdditionalInformation(mapper.serialize(sessionExt)); - AuthenticationSession session = new AuthenticationSession(id, now); + AuthenticationSession session = new AuthenticationSession(id, now, target.getMOASession()); encryptSession(session, dbsession); - //store AssertionStore element to Database - MOASessionDBUtils.saveOrUpdate(dbsession); - Logger.info("Create MOASession with sessionID: " + id); + //store AssertionStore element to Database + entityManager.persist(dbsession); + Logger.info("Create MOA SSO-Session with internal sessionID: " + id); return session; - } catch (MOADatabaseException e) { - Logger.warn("MOASession could not be created."); - throw new MOADatabaseException(e); +// } catch (MOADatabaseException e) { +// Logger.warn("MOASession could not be created."); +// throw new MOADatabaseException(e); } catch (JsonProcessingException e) { Logger.warn("Extended session information can not be stored.", e); @@ -122,13 +129,13 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt } @Override - public AuthenticationSession getSession(String sessionID) throws MOADatabaseException { + public AuthenticationSession getInternalSSOSession(String sessionID) throws MOADatabaseException { if (MiscUtil.isEmpty(sessionID)) return null; try { - AuthenticatedSessionStore dbsession = searchInDatabase(sessionID, true); + AuthenticatedSessionStore dbsession = searchInDatabase(sessionID); return decryptSession(dbsession); } catch (MOADatabaseException e) { @@ -143,7 +150,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt @Override public AuthenticationSessionExtensions getAuthenticationSessionExtensions(String sessionID) throws MOADatabaseException { - AuthenticatedSessionStore dbsession = searchInDatabase(sessionID, true); + AuthenticatedSessionStore dbsession = searchInDatabase(sessionID); if (MiscUtil.isNotEmpty(dbsession.getAdditionalInformation())) { try { @@ -161,12 +168,12 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt @Override public void setAuthenticationSessionExtensions(String sessionID, AuthenticationSessionExtensions sessionExtensions) throws MOADatabaseException { try { - AuthenticatedSessionStore dbsession = searchInDatabase(sessionID, true); + AuthenticatedSessionStore dbsession = searchInDatabase(sessionID); dbsession.setAdditionalInformation( mapper.serialize(sessionExtensions)); - MOASessionDBUtils.saveOrUpdate(dbsession); + entityManager.merge(dbsession); Logger.debug("MOASession with sessionID=" + sessionID + " is stored in Database"); @@ -183,105 +190,35 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt } @Override - public void storeSession(AuthenticationSession session) throws MOADatabaseException, BuildException { - try { - AuthenticatedSessionStore dbsession = searchInDatabase(session.getSessionID(), true); - - encryptSession(session, dbsession); - - //set Timestamp in this state, because automated timestamp generation is buggy in Hibernate 4.2.1 - dbsession.setAuthenticated(session.isAuthenticated()); - dbsession.setUpdated(new Date()); - - MOASessionDBUtils.saveOrUpdate(dbsession); - Logger.debug("MOASession with sessionID=" + session.getSessionID() + " is stored in Database"); - - } catch (MOADatabaseException e) { - Logger.warn("MOASession could not be stored."); - throw new MOADatabaseException(e); - } - } - - @Override - public void destroySession(String moaSessionID) throws MOADatabaseException { + public void destroyInternalSSOSession(String internalSsoSessionID) throws MOADatabaseException { - Session session = MOASessionDBUtils.getCurrentSession(); - - List<AuthenticatedSessionStore> result; - Transaction tx = null; - try { - synchronized (session) { - - tx = session.beginTransaction(); - Query query = session.getNamedQuery("getSessionWithID"); - query.setParameter("sessionid", moaSessionID); - result = query.list(); - - - Logger.trace("Found entries: " + result.size()); - - //Assertion requires an unique artifact - if (result.size() != 1) { - Logger.trace("No entries found."); - throw new MOADatabaseException("No session found with this sessionID"); - } + Query query = entityManager.createNamedQuery("getSessionWithID"); + query.setParameter("sessionid", internalSsoSessionID); + List<AuthenticatedSessionStore> results = query.getResultList(); + + Logger.trace("Found entries: " + results.size()); - AuthenticatedSessionStore dbsession = (AuthenticatedSessionStore) result.get(0); - tx.commit(); - cleanDelete(dbsession); - } - - } catch (Exception e) { - if (tx != null && !tx.getStatus().equals(TransactionStatus.COMMITTED)) - tx.rollback(); - throw e; - - } - - } - - @Override - public String changeSessionID(AuthenticationSession session, String newSessionID) throws BuildException, MOADatabaseException { + //Assertion requires an unique artifact + if (results.size() != 1) { + Logger.trace("No entries found."); + throw new MOADatabaseException("No session found with this sessionID"); - AuthenticatedSessionStore dbsession = searchInDatabase(session.getSessionID(), true); - - Logger.debug("Change SessionID from " + session.getSessionID() - + "to " + newSessionID); - - session.setSessionID(newSessionID); - encryptSession(session, dbsession); - - dbsession.setSessionid(newSessionID); - dbsession.setAuthenticated(session.isAuthenticated()); - - //set Timestamp in this state, because automated timestamp generation is buggy in Hibernate 4.2.1 - dbsession.setUpdated(new Date()); - - MOASessionDBUtils.saveOrUpdate(dbsession); - - Logger.trace("Change SessionID complete."); - - return newSessionID; + } + + AuthenticatedSessionStore dbsession = (AuthenticatedSessionStore) results.get(0); + cleanDelete(dbsession); } @Override - public String changeSessionID(AuthenticationSession session) - throws BuildException, MOADatabaseException { - String id = Random.nextRandom(); - return changeSessionID(session, id); - - } - - @Override public void setAuthenticated(String moaSessionID, boolean isAuthenticated) { AuthenticatedSessionStore session; try { - session = searchInDatabase(moaSessionID, true); + session = searchInDatabase(moaSessionID); session.setAuthenticated(isAuthenticated); - MOASessionDBUtils.saveOrUpdate(session); + entityManager.merge(session); } catch (MOADatabaseException e) { @@ -290,48 +227,36 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt } @Override - public String getMOASessionSSOID(String SSOSessionID) { - MiscUtil.assertNotNull(SSOSessionID, "SSOsessionID"); - Logger.trace("Get authenticated session with SSOID " + SSOSessionID + " from database."); - Session session = MOASessionDBUtils.getCurrentSession(); - - List<AuthenticatedSessionStore> result; - Transaction tx = null; - try { - synchronized (session) { - - tx = session.beginTransaction(); - Query query = session.getNamedQuery("getSessionWithSSOID"); - query.setParameter("sessionid", SSOSessionID); - result = query.list(); - - //send transaction - tx.commit(); - - } + public AuthenticationSession getInternalMOASessionWithSSOID(String SSOSessionID) throws MOADatabaseException { + MiscUtil.assertNotNull(SSOSessionID, "SSOsessionID"); + Logger.trace("Get authenticated session with SSOID " + SSOSessionID + " from database."); + + Query query = entityManager.createNamedQuery("getSessionWithSSOID"); + query.setParameter("sessionid", SSOSessionID); + List<AuthenticatedSessionStore> results = query.getResultList(); + + Logger.trace("Found entries: " + results.size()); - Logger.trace("Found entries: " + result.size()); - - //Assertion requires an unique artifact - if (result.size() != 1) { - Logger.trace("No entries found."); - return null; + //Assertion requires an unique artifact + if (results.size() != 1) { + Logger.trace("No entries found."); + return null; - } else { - return result.get(0).getSessionid(); + } else + try { + return decryptSession(results.get(0)); + + } catch (Throwable e) { + Logger.warn("MOASession deserialization-exception by using internal MOASessionID=" + results.get(0).getSessionid(), e); + throw new MOADatabaseException("MOASession deserialization-exception"); + } - } - } catch (Exception e) { - if (tx != null && !tx.getStatus().equals(TransactionStatus.COMMITTED)) - tx.rollback(); - throw e; - } } @Override public boolean isSSOSession(String sessionID) throws MOADatabaseException { try { - AuthenticatedSessionStore dbsession = searchInDatabase(sessionID, true); + AuthenticatedSessionStore dbsession = searchInDatabase(sessionID); return dbsession.isSSOSession(); } catch (MOADatabaseException e) { @@ -344,330 +269,230 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt public AuthenticatedSessionStore isValidSessionWithSSOID(String SSOId) { //TODO: is this method really needed?? - MiscUtil.assertNotNull(SSOId, "SSOSessionID"); - Logger.trace("Get authenticated session with SSOID " + SSOId + " from database."); - Session session = MOASessionDBUtils.getCurrentSession(); + MiscUtil.assertNotNull(SSOId, "SSOSessionID"); + Logger.trace("Get authenticated session with SSOID " + SSOId + " from database."); - List<AuthenticatedSessionStore> result; - Transaction tx = null; - try { - synchronized (session) { - tx = session.beginTransaction(); - Query query = session.getNamedQuery("getSessionWithSSOID"); - query.setParameter("sessionid", SSOId); - result = query.list(); - - //send transaction - tx.commit(); - } + Query query = entityManager.createNamedQuery("getSessionWithSSOID"); + query.setParameter("sessionid", SSOId); + List<AuthenticatedSessionStore> results = query.getResultList(); - Logger.trace("Found entries: " + result.size()); + Logger.trace("Found entries: " + results.size()); - //Assertion requires an unique artifact - if (result.size() != 1) { - Logger.trace("No entries found."); - return null; + //Assertion requires an unique artifact + if (results.size() != 1) { + Logger.trace("No entries found."); + return null; - } else { - return result.get(0); - } - } catch (Exception e) { - if (tx != null && !tx.getStatus().equals(TransactionStatus.COMMITTED)) - tx.rollback(); - throw e; - } + } else + return results.get(0); + } @Override public void addSSOInformation(String moaSessionID, String SSOSessionID, SLOInformationInterface SLOInfo, IRequest protocolRequest) throws AuthenticationException { - AuthenticatedSessionStore dbsession; - Transaction tx = null; - - try { - - Session session = MOASessionDBUtils.getCurrentSession(); - List<AuthenticatedSessionStore> result; - - Logger.trace("Add SSO information to session " + moaSessionID); - - synchronized (session) { - - tx = session.beginTransaction(); - Query query = session.getNamedQuery("getSessionWithID"); - query.setParameter("sessionid", moaSessionID); - result = query.list(); - - - Logger.trace("Found entries: " + result.size()); + Query query = entityManager.createNamedQuery("getSessionWithID"); + query.setParameter("sessionid", moaSessionID); + List<AuthenticatedSessionStore> results = query.getResultList(); + + Logger.trace("Found entries: " + results.size()); - //Assertion requires an unique artifact - if (result.size() != 1) { - Logger.trace("No entries found."); - tx.rollback(); - throw new MOADatabaseException("No session found with this sessionID"); - } + //Assertion requires an unique artifact + if (results.size() != 1) { + Logger.trace("No entries found."); + throw new AuthenticationException("No session found with this sessionID", null); + + } - dbsession = (AuthenticatedSessionStore) result.get(0); + AuthenticatedSessionStore dbsession = results.get(0); - OASessionStore activeOA = null; - //check if OA already has an active OA session - if (dbsession.getActiveOAsessions() != null) { - for (OASessionStore el : dbsession.getActiveOAsessions()) { - if (el.getOaurlprefix().equals(protocolRequest.getOAURL())) - activeOA = el; - } - } - - if (activeOA == null) - activeOA = new OASessionStore(); - - //set active OA applications - activeOA.setOaurlprefix(protocolRequest.getOAURL()); - activeOA.setMoasession(dbsession); - activeOA.setCreated(new Date()); + OASessionStore activeOA = null; + //check if OA already has an active OA session + if (dbsession.getActiveOAsessions() != null) { + for (OASessionStore el : dbsession.getActiveOAsessions()) { + if (el.getOaurlprefix().equals(protocolRequest.getOAURL())) + activeOA = el; + } + } - //set additional information for SLO - if (SLOInfo != null) { - activeOA.setAssertionSessionID(SLOInfo.getSessionIndex()); - activeOA.setUserNameID(SLOInfo.getUserNameIdentifier()); - activeOA.setUserNameIDFormat(SLOInfo.getUserNameIDFormat()); - activeOA.setProtocolType(SLOInfo.getProtocolType()); - activeOA.setAttributeQueryUsed(false); - activeOA.setAuthURL(protocolRequest.getAuthURL()); - - - } + if (activeOA == null) + activeOA = new OASessionStore(); - List<OASessionStore> activeOAs = dbsession.getActiveOAsessions(); - activeOAs.add(activeOA); - dbsession.setActiveOAsessions(activeOAs); + //set active OA applications + activeOA.setOaurlprefix(protocolRequest.getOAURL()); + activeOA.setMoasession(dbsession); + activeOA.setCreated(new Date()); + + //set additional information for SLO + if (SLOInfo != null) { + activeOA.setAssertionSessionID(SLOInfo.getSessionIndex()); + activeOA.setUserNameID(SLOInfo.getUserNameIdentifier()); + activeOA.setUserNameIDFormat(SLOInfo.getUserNameIDFormat()); + activeOA.setProtocolType(SLOInfo.getProtocolType()); + activeOA.setAttributeQueryUsed(false); + activeOA.setAuthURL(protocolRequest.getAuthURL()); + + + } + + List<OASessionStore> activeOAs = dbsession.getActiveOAsessions(); + activeOAs.add(activeOA); + dbsession.setActiveOAsessions(activeOAs); + + //Store used SSOId + if (dbsession.getSSOsessionid() != null) { + OldSSOSessionIDStore oldSSOId = new OldSSOSessionIDStore(); + oldSSOId.setOldsessionid(dbsession.getSSOsessionid()); + oldSSOId.setMoasession(dbsession); + + List<OldSSOSessionIDStore> oldSSOIds = dbsession.getOldssosessionids(); + oldSSOIds.add(oldSSOId); + } - //Store used SSOId - if (dbsession.getSSOsessionid() != null) { - OldSSOSessionIDStore oldSSOId = new OldSSOSessionIDStore(); - oldSSOId.setOldsessionid(dbsession.getSSOsessionid()); - oldSSOId.setMoasession(dbsession); - - List<OldSSOSessionIDStore> oldSSOIds = dbsession.getOldssosessionids(); - oldSSOIds.add(oldSSOId); - } - - dbsession.setSSOSession(true); - dbsession.setSSOsessionid(SSOSessionID); - dbsession.setAuthenticated(false); + dbsession.setSSOSession(true); + dbsession.setSSOsessionid(SSOSessionID); + dbsession.setAuthenticated(false); - //Store MOASession - session.saveOrUpdate(dbsession); - - //send transaction - tx.commit(); + //Store MOASession + entityManager.merge(dbsession); - if (SLOInfo != null) - Logger.info("Add SSO-Session login information for OA: " + protocolRequest.getOAURL() - + " and AssertionID: " + SLOInfo.getSessionIndex()); - else - Logger.info("Add SSO-Session login information for OA: " + protocolRequest.getOAURL()); + if (SLOInfo != null) + Logger.info("Add SSO-Session login information for OA: " + protocolRequest.getOAURL() + + " and AssertionID: " + SLOInfo.getSessionIndex()); + else + Logger.info("Add SSO-Session login information for OA: " + protocolRequest.getOAURL()); - } - - } catch (MOADatabaseException e) { - throw new AuthenticationException("No MOASession found with Id="+moaSessionID, null); - - } catch(HibernateException e) { - Logger.warn("Error during database saveOrUpdate. Rollback.", e); - if (tx != null && !tx.getStatus().equals(TransactionStatus.COMMITTED)) - tx.rollback(); - throw new AuthenticationException("SSO Session information can not be stored! --> SSO is deactivated", null); - } } @Override - public List<OASessionStore> getAllActiveOAFromMOASession(AuthenticationSession moaSession) { + public List<OASessionStore> getAllActiveOAFromMOASession(IAuthenticationSession moaSession) { MiscUtil.assertNotNull(moaSession, "MOASession"); - Session session = null; - - try { - List<OASessionStore> oas = new ArrayList<OASessionStore>(); - - AuthenticatedSessionStore dbsession = searchInDatabase(moaSession.getSessionID(), false); - oas.addAll(dbsession.getActiveOAsessions()); - - session = MOASessionDBUtils.getCurrentSession(); - session.getTransaction().commit(); - - return oas; - - } catch (MOADatabaseException e) { - Logger.warn("NO session information found for sessionID " + moaSession.getSessionID(), e); - - } catch (Exception e) { - if (session != null && session.getTransaction() != null - && !session.getTransaction().getStatus().equals(TransactionStatus.COMMITTED)) { - session.getTransaction().rollback(); - throw e; - - } - - } - - return null; + + Logger.trace("Get OAs for moaSession " + moaSession.getSessionID() + " from database."); + + Query query = entityManager.createNamedQuery("getAllActiveOAsForSessionID"); + query.setParameter("sessionID", moaSession.getSessionID()); + List<OASessionStore> results = query.getResultList(); + + Logger.trace("Found entries: " + results.size()); + + return results; + } @Override - public List<InterfederationSessionStore> getAllActiveIDPsFromMOASession(AuthenticationSession moaSession) { + public List<InterfederationSessionStore> getAllActiveIDPsFromMOASession(IAuthenticationSession moaSession) { MiscUtil.assertNotNull(moaSession, "MOASession"); - Session session = null; - try { - List<InterfederationSessionStore> idps = new ArrayList<InterfederationSessionStore>(); - AuthenticatedSessionStore dbsession = searchInDatabase(moaSession.getSessionID(), false); - idps.addAll(dbsession.getInderfederation()); - - session = MOASessionDBUtils.getCurrentSession(); - session.getTransaction().commit(); - - return idps; - - } catch (MOADatabaseException e) { - Logger.warn("NO session information found for sessionID " + moaSession.getSessionID(), e); - - } catch (Exception e) { - if (session != null && session.getTransaction() != null - && !session.getTransaction().getStatus().equals(TransactionStatus.COMMITTED)) { - session.getTransaction().rollback(); - throw e; - - } - - } - - return null; + + Logger.trace("Get active IDPs for moaSession " + moaSession.getSessionID() + " from database."); + + Query query = entityManager.createNamedQuery("getAllActiveIDPsForSessionID"); + query.setParameter("sessionID", moaSession.getSessionID()); + List<InterfederationSessionStore> results = query.getResultList(); + + Logger.trace("Found entries: " + results.size()); + + return results; } @Override - public AuthenticationSession searchMOASessionWithNameIDandOAID(String oaID, String userNameID) { + public IAuthenticationSession searchMOASessionWithNameIDandOAID(String oaID, String userNameID) { MiscUtil.assertNotNull(oaID, "OnlineApplicationIdentifier"); MiscUtil.assertNotNull(userNameID, "userNameID"); Logger.trace("Get moaSession for userNameID " + userNameID + " and OA " + oaID + " from database."); - Session session = MOASessionDBUtils.getCurrentSession(); - Transaction tx = null; - List<AuthenticatedSessionStore> result = null;; - try { - synchronized (session) { - tx = session.beginTransaction(); - Query query = session.getNamedQuery("getMOASessionWithNameIDandOAID"); - query.setParameter("oaID", oaID); - query.setParameter("nameID", userNameID); - result = query.list(); - - //send transaction - tx.commit(); - } - - Logger.trace("Found entries: " + result.size()); - - //Assertion requires an unique artifact - if (result.size() != 1) { - Logger.trace("No unique entry found."); - return null; - - } - - return decryptSession(result.get(0)); - - } catch (BuildException e) { - Logger.warn("MOASession deserialization-exception by using MOASessionID=" + result.get(0).getSessionid(), e); - return null; + Query query = entityManager.createNamedQuery("getMOASessionWithNameIDandOAID"); + query.setParameter("oaID", oaID); + query.setParameter("nameID", userNameID); + List<AuthenticatedSessionStore> results = query.getResultList(); + + Logger.trace("Found entries: " + results.size()); + + //Assertion requires an unique artifact + if (results.size() != 1) { + Logger.trace("No unique entry found."); + return null; + + } + + try { + return decryptSession(results.get(0)); - } catch (Exception e) { - if (tx != null && !tx.getStatus().equals(TransactionStatus.COMMITTED)) - tx.rollback(); - throw e; - } - + } catch (BuildException e) { + Logger.warn("MOASession deserialization-exception by using MOASessionID=" + results.get(0).getSessionid(), e); + return null; + + } } @Override - public OASessionStore searchActiveOASSOSession(AuthenticationSession moaSession, String oaID, String protocolType) { + public OASessionStore searchActiveOASSOSession(IAuthenticationSession moaSession, String oaID, String protocolType) { MiscUtil.assertNotNull(moaSession, "MOASession"); MiscUtil.assertNotNull(oaID, "OnlineApplicationIdentifier"); MiscUtil.assertNotNull(protocolType, "usedProtocol"); Logger.trace("Get active OnlineApplication for sessionID " + moaSession.getSessionID() + " with OAID " + oaID + " from database."); - Session session = MOASessionDBUtils.getCurrentSession(); - List<AuthenticatedSessionStore> result; - Transaction tx = null; - try { - synchronized (session) { - tx = session.beginTransaction(); - Query query = session.getNamedQuery("getActiveOAWithSessionIDandOAIDandProtocol"); - query.setParameter("sessionID", moaSession.getSessionID()); - query.setParameter("oaID", oaID); - query.setParameter("protocol", protocolType); - result = query.list(); - - //send transaction - tx.commit(); - } - - Logger.trace("Found entries: " + result.size()); + Query query = entityManager.createNamedQuery("getActiveOAWithSessionIDandOAIDandProtocol"); + query.setParameter("sessionID", moaSession.getSessionID()); + query.setParameter("oaID", oaID); + query.setParameter("protocol", protocolType); + List<AuthenticatedSessionStore> results = query.getResultList(); + + Logger.trace("Found entries: " + results.size()); - //Assertion requires an unique artifact - if (result.size() == 0) { - Logger.trace("No entries found."); - return null; + //Assertion requires an unique artifact + if (results.size() == 0) { + Logger.trace("No entries found."); + return null; - } - - return result.get(0).getActiveOAsessions().get(0); + } - } catch (Exception e) { - if (tx != null && !tx.getStatus().equals(TransactionStatus.COMMITTED)) - tx.rollback(); - throw e; - } + return results.get(0).getActiveOAsessions().get(0); + } + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage#markOAWithAttributeQueryUsedFlag(at.gv.egovernment.moa.id.auth.data.AuthenticationSession, java.lang.String, java.lang.String) + */ @Override - public AuthenticationSession getSessionWithUserNameID(String nameID) { + public void markOAWithAttributeQueryUsedFlag(IAuthenticationSession session, String oaurl, String requestedModule) { + OASessionStore activeOA = searchActiveOASSOSession(session, oaurl, requestedModule); + if (activeOA != null) { + activeOA.setAttributeQueryUsed(true); + entityManager.merge(activeOA); + + } - Transaction tx = null; - try { - MiscUtil.assertNotNull(nameID, "nameID"); - Logger.trace("Get authenticated session with pedingRequestID " + nameID + " from database."); - Session session = MOASessionDBUtils.getCurrentSession(); - - List<AuthenticatedSessionStore> result; - - synchronized (session) { - tx = session.beginTransaction(); - Query query = session.getNamedQuery("getMOAISessionWithUserNameID"); - query.setParameter("usernameid", StringEscapeUtils.escapeHtml(nameID)); - result = query.list(); - - //send transaction - tx.commit(); - } + } + + @Override + public IAuthenticationSession getSessionWithUserNameID(String nameID) { + + MiscUtil.assertNotNull(nameID, "nameID"); + Logger.trace("Get authenticated session with pedingRequestID " + nameID + " from database."); - Logger.trace("Found entries: " + result.size()); + Query query = entityManager.createNamedQuery("getMOAISessionWithUserNameID"); + query.setParameter("usernameid", StringEscapeUtils.escapeHtml(nameID)); + List<AuthenticatedSessionStore> results = query.getResultList(); + + Logger.trace("Found entries: " + results.size()); - //Assertion requires an unique artifact - if (result.size() == 0) { - Logger.trace("No entries found."); - return null; - } + //Assertion requires an unique artifact + if (results.size() == 0) { + Logger.trace("No entries found."); + return null; + + } - return decryptSession(result.get(0)); + try { + return decryptSession(results.get(0)); } catch (Throwable e) { Logger.warn("MOASession deserialization-exception by using MOASessionID=" + nameID); - if (tx != null && !tx.getStatus().equals(TransactionStatus.COMMITTED)) - tx.rollback(); return null; } @@ -677,36 +502,21 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt public InterfederationSessionStore searchInterfederatedIDPFORSSOWithMOASession(String sessionID) { MiscUtil.assertNotNull(sessionID, "MOASession"); Logger.trace("Get interfederated IDP for SSO with sessionID " + sessionID + " from database."); - Session session = MOASessionDBUtils.getCurrentSession(); - List<AuthenticatedSessionStore> result; - Transaction tx = null; - try { - synchronized (session) { - tx = session.beginTransaction(); - Query query = session.getNamedQuery("getInterfederatedIDPForSSOWithSessionID"); - query.setParameter("sessionID", sessionID); - result = query.list(); - - //send transaction - tx.commit(); - } - - Logger.trace("Found entries: " + result.size()); + Query query = entityManager.createNamedQuery("getInterfederatedIDPForSSOWithSessionID"); + query.setParameter("sessionID", sessionID); + List<AuthenticatedSessionStore> results = query.getResultList(); + + Logger.trace("Found entries: " + results.size()); - //Assertion requires an unique artifact - if (result.size() == 0) { - Logger.trace("No entries found."); - return null; - - } + //Assertion requires an unique artifact + if (results.size() == 0) { + Logger.trace("No entries found."); + return null; + + } - return result.get(0).getInderfederation().get(0); - } catch (Exception e) { - if (tx != null && !tx.getStatus().equals(TransactionStatus.COMMITTED)) - tx.rollback(); - throw e; - } + return results.get(0).getInderfederation().get(0); } @Override @@ -714,56 +524,57 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt MiscUtil.assertNotNull(sessionID, "MOASession"); MiscUtil.assertNotNull(idpID, "Interfederated IDP ID"); Logger.trace("Get interfederated IDP "+ idpID + " for SSO with sessionID " + sessionID + " from database."); - Session session = MOASessionDBUtils.getCurrentSession(); - List<AuthenticatedSessionStore> result; - Transaction tx = null; - try { - synchronized (session) { - tx = session.beginTransaction(); - Query query = session.getNamedQuery("getInterfederatedIDPForSSOWithSessionIDIDPID"); - query.setParameter("sessionID", sessionID); - query.setParameter("idpID", idpID); - result = query.list(); - - //send transaction - tx.commit(); - } - - Logger.trace("Found entries: " + result.size()); + Query query = entityManager.createNamedQuery("getInterfederatedIDPForSSOWithSessionIDIDPID"); + query.setParameter("sessionID", sessionID); + query.setParameter("idpID", idpID); + List<AuthenticatedSessionStore> results = query.getResultList(); + + Logger.trace("Found entries: " + results.size()); - //Assertion requires an unique artifact - if (result.size() == 0) { - Logger.trace("No entries found."); - return null; - - } + //Assertion requires an unique artifact + if (results.size() == 0) { + Logger.trace("No entries found."); + return null; + + } - return result.get(0).getInderfederation().get(0); - } catch (Exception e) { - if (tx != null && !tx.getStatus().equals(TransactionStatus.COMMITTED)) - tx.rollback(); - throw e; - } + return results.get(0).getInderfederation().get(0); + } @Override public void addFederatedSessionInformation(IRequest req, String idpEntityID, AssertionAttributeExtractor extractor) throws MOADatabaseException, AssertionAttributeExtractorExeption, BuildException { AuthenticatedSessionStore dbsession = null; + AuthenticationSession moaSession = null; Date now = new Date(); //search for active session - String moaSession = getMOASessionSSOID(req.getMOASessionIdentifier()); - if (MiscUtil.isNotEmpty(moaSession)) { + if (MiscUtil.isNotEmpty(req.getInternalSSOSessionIdentifier())) { + Logger.debug("Internal SSO-Session object: " + req.getInternalSSOSessionIdentifier() + " used for federated SSO"); + moaSession = getInternalMOASessionWithSSOID(req.getInternalSSOSessionIdentifier()); + + } else { + Logger.debug("No internal SSO-Session object exists for federated SSO --> create new session object"); + moaSession = createInternalSSOSession(req); + + } + + if (moaSession != null) { try { - dbsession = searchInDatabase(moaSession, true); + dbsession = searchInDatabase(moaSession.getSessionID()); }catch (MOADatabaseException e) { Logger.error("NO MOASession found but MOASession MUST already exist!"); throw e; - } - } - + } + + } else { + Logger.error("NO MOASession found but MOASession MUST already exist!"); + throw new MOADatabaseException("NO MOASession found but MOASession MUST already exist!"); + + } + dbsession.setUpdated(now); //decrypt MOASession @@ -816,14 +627,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt idp.setAttributesRequested(false); idp.setQAALevel(extractor.getQAALevel()); - //store AssertionStore element to Database - try { - MOASessionDBUtils.saveOrUpdate(dbsession); - - } catch (MOADatabaseException e) { - Logger.warn("MOASession could not be created."); - throw new MOADatabaseException(e); - } + entityManager.merge(dbsession); } @@ -831,36 +635,22 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt public InterfederationSessionStore searchInterfederatedIDPFORAttributeQueryWithSessionID(String moaSessionID) { MiscUtil.assertNotNull(moaSessionID, "MOASessionID"); Logger.trace("Get interfederated IDP for AttributeQuery with sessionID " + moaSessionID + " from database."); - Session session = MOASessionDBUtils.getCurrentSession(); - List<AuthenticatedSessionStore> result; - Transaction tx = null; - try { - synchronized (session) { - tx = session.beginTransaction(); - Query query = session.getNamedQuery("getInterfederatedIDPForAttributeQueryWithSessionID"); - query.setParameter("sessionID", moaSessionID); - result = query.list(); - - //send transaction - tx.commit(); - } - - Logger.trace("Found entries: " + result.size()); - - //Assertion requires an unique artifact - if (result.size() == 0) { - Logger.trace("No entries found."); - return null; - - } + Query query = entityManager.createNamedQuery("getInterfederatedIDPForAttributeQueryWithSessionID"); + query.setParameter("sessionID", moaSessionID); + List<AuthenticatedSessionStore> results = query.getResultList(); + + Logger.trace("Found entries: " + results.size()); + + //Assertion requires an unique artifact + if (results.size() == 0) { + Logger.trace("No entries found."); + return null; + + } - return result.get(0).getInderfederation().get(0); - } catch (Exception e) { - if (tx != null && !tx.getStatus().equals(TransactionStatus.COMMITTED)) - tx.rollback(); - throw e; - } + return results.get(0).getInderfederation().get(0); + } @Override @@ -872,31 +662,20 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt MiscUtil.assertNotNull(pedingRequestID, "pedingRequestID"); Logger.trace("Get authenticated session with pedingRequestID " + pedingRequestID + " from database."); - Session session = MOASessionDBUtils.getCurrentSession(); - - List<AuthenticatedSessionStore> result; - - //TODO: !!!!!!!!!!! PendingRequestID does not work - synchronized (session) { - session.beginTransaction(); - Query query = session.getNamedQuery("getSessionWithPendingRequestID"); - query.setParameter("sessionid", pedingRequestID); - result = query.list(); - - //send transaction - session.getTransaction().commit(); - } - - Logger.trace("Found entries: " + result.size()); + Query query = entityManager.createNamedQuery("getSessionWithPendingRequestID"); + query.setParameter("sessionid", pedingRequestID); + List<AuthenticatedSessionStore> results = query.getResultList(); + + Logger.trace("Found entries: " + results.size()); //Assertion requires an unique artifact - if (result.size() != 1) { + if (results.size() != 1) { Logger.trace("No entries found."); return false; } - AuthenticatedSessionStore authsession = result.get(0); + AuthenticatedSessionStore authsession = results.get(0); List<InterfederationSessionStore> idpSessions = authsession.getInderfederation(); if (idpSessions != null) { @@ -906,8 +685,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt } } - - MOASessionDBUtils.saveOrUpdate(authsession); + entityManager.merge(authsession); return true; } catch (Throwable e) { @@ -921,38 +699,25 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt Date expioredatecreate = new Date(now.getTime() - authDataTimeOutCreated); Date expioredateupdate = new Date(now.getTime() - authDataTimeOutUpdated); - List<AuthenticatedSessionStore> results; - Session session = MOASessionDBUtils.getCurrentSession(); - Transaction tx = null; - try { - synchronized (session) { - tx = session.beginTransaction(); - Query query = session.getNamedQuery("getMOAISessionsWithTimeOut"); - query.setTimestamp("timeoutcreate", expioredatecreate); - query.setTimestamp("timeoutupdate", expioredateupdate); - results = query.list(); - tx.commit(); + Query query = entityManager.createNamedQuery("getMOAISessionsWithTimeOut"); + query.setParameter("timeoutcreate", expioredatecreate); + query.setParameter("timeoutupdate", expioredateupdate); + List<AuthenticatedSessionStore> results = query.getResultList(); - if (results.size() != 0) { - for(AuthenticatedSessionStore result : results) { - try { - cleanDelete(result); - Logger.info("Authenticated session with sessionID=" + result.getSessionid() - + " after session timeout."); + if (results.size() != 0) { + for(AuthenticatedSessionStore result : results) { + try { + cleanDelete(result); + Logger.info("Authenticated session with sessionID=" + result.getSessionid() + + " after session timeout."); - } catch (HibernateException e){ - Logger.warn("Authenticated session with sessionID=" + result.getSessionid() - + " not removed after timeout! (Error during Database communication)", e); - } - } + } catch (HibernateException e){ + Logger.warn("Authenticated session with sessionID=" + result.getSessionid() + + " not removed after timeout! (Error during Database communication)", e); } } - - } catch (Exception e) { - if (tx != null && !tx.getStatus().equals(TransactionStatus.COMMITTED)) - tx.rollback(); - throw e; - } + } + } private static void encryptSession(AuthenticationSession session, AuthenticatedSessionStore dbsession) throws BuildException { @@ -972,57 +737,69 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt } - private static void cleanDelete(AuthenticatedSessionStore result) { - - try { + private void cleanDelete(AuthenticatedSessionStore result) { result.setSession("blank".getBytes()); - MOASessionDBUtils.saveOrUpdate(result); - - } catch (MOADatabaseException e) { - Logger.warn("Blank authenticated session with sessionID=" + result.getSessionid() + " FAILED.", e); - - } finally { - if (!MOASessionDBUtils.delete(result)) - Logger.error("Authenticated session with sessionID=" + result.getSessionid() + " not removed! (Error during Database communication)"); - } + entityManager.merge(result); + entityManager.remove(result); + } @SuppressWarnings("rawtypes") - private static AuthenticatedSessionStore searchInDatabase(String sessionID, boolean commit) throws MOADatabaseException { + private AuthenticatedSessionStore searchInDatabase(String sessionID) throws MOADatabaseException { MiscUtil.assertNotNull(sessionID, "moasessionID"); Logger.trace("Get authenticated session with sessionID " + sessionID + " from database."); - Session session = MOASessionDBUtils.getCurrentSession(); - List result; - Transaction tx = null; - try { - synchronized (session) { - tx = session.beginTransaction(); - Query query = session.getNamedQuery("getSessionWithID"); - query.setParameter("sessionid", sessionID); - result = query.list(); - - //send transaction - if (commit) - tx.commit(); - } - - Logger.trace("Found entries: " + result.size()); - - //Assertion requires an unique artifact - if (result.size() != 1) { - Logger.trace("No entries found."); - throw new MOADatabaseException("No session found with this sessionID"); + Query query = entityManager.createNamedQuery("getSessionWithID"); + query.setParameter("sessionid", sessionID); + List<AuthenticatedSessionStore> results = query.getResultList(); + + Logger.trace("Found entries: " + results.size()); + + //Assertion requires an unique artifact + if (results.size() != 1) { + Logger.trace("No entries found."); + throw new MOADatabaseException("No session found with this sessionID"); - } - - return (AuthenticatedSessionStore) result.get(0); + } - } catch (Exception e) { - if (tx != null && !tx.getStatus().equals(TransactionStatus.COMMITTED) && commit) - tx.rollback(); - throw e; - } + return (AuthenticatedSessionStore) results.get(0); } + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage#deleteIdpInformation(at.gv.egovernment.moa.id.commons.db.dao.session.InterfederationSessionStore) + */ + @Override + public void deleteIdpInformation(InterfederationSessionStore nextIDPInformation) { + entityManager.remove(nextIDPInformation); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage#persistIdpInformation(at.gv.egovernment.moa.id.commons.db.dao.session.InterfederationSessionStore) + */ + @Override + public void persistIdpInformation(InterfederationSessionStore nextIDPInformation) { + entityManager.merge(nextIDPInformation); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage#checkSSOTokenAlreadyUsed(java.lang.String) + */ + @Override + public OldSSOSessionIDStore checkSSOTokenAlreadyUsed(String ssoId) { + + Query query = entityManager.createNamedQuery("getSSOSessionWithOldSessionID"); + query.setParameter("sessionid", ssoId); + List<OldSSOSessionIDStore> results = query.getResultList(); + + Logger.trace("Found entries: " + results.size()); + + // Assertion requires an unique artifact + if (results.size() == 0) { + return null; + } + + return results.get(0); + } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBTransactionStorage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBTransactionStorage.java index c2b3b0fc5..f17e4a99a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBTransactionStorage.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBTransactionStorage.java @@ -27,24 +27,31 @@ import java.util.ArrayList; import java.util.Date; import java.util.List; +import javax.persistence.EntityManager; +import javax.persistence.PersistenceContext; +import javax.persistence.PersistenceException; +import javax.persistence.Query; + import org.apache.commons.lang.SerializationUtils; import org.hibernate.HibernateException; -import org.hibernate.Query; -import org.hibernate.Session; -import org.springframework.stereotype.Service; +import org.springframework.stereotype.Repository; +import org.springframework.transaction.annotation.Transactional; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; -import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils; import at.gv.egovernment.moa.id.commons.db.dao.session.AssertionStore; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; -@Service("TransactionStorage") +@Repository +@Transactional("sessionTransactionManager") public class DBTransactionStorage implements ITransactionStorage { - + + @PersistenceContext(unitName="session") + private EntityManager entityManager; + public boolean containsKey(String key) { - try { + try { searchInDatabase(key); return true; @@ -73,7 +80,7 @@ public class DBTransactionStorage implements ITransactionStorage { } - public void put(String key, Object value) throws MOADatabaseException { + public void put(String key, Object value, int timeout_ms) throws MOADatabaseException { //search if key already exists AssertionStore element = searchInDatabase(key); @@ -97,7 +104,11 @@ public class DBTransactionStorage implements ITransactionStorage { Logger.error("This exeption should not occur!!!!", e); return null; - } + } + } + + public Object getAssertionStore(String key) throws MOADatabaseException{ + return searchInDatabase(key); } public Object get(String key) throws MOADatabaseException { @@ -151,16 +162,12 @@ public class DBTransactionStorage implements ITransactionStorage { List<AssertionStore> results; List<String> returnValues = new ArrayList<String>();; - Session session = MOASessionDBUtils.getCurrentSession(); - synchronized (session) { - session.beginTransaction(); - Query query = session.getNamedQuery("getAssertionWithTimeOut"); - query.setTimestamp("timeout", expioredate); - results = query.list(); - session.getTransaction().commit(); - } + Query query = entityManager.createNamedQuery("getAssertionWithTimeOut"); + query.setParameter("timeout", expioredate); + results = query.getResultList(); + if (results != null) { for (AssertionStore el : results) returnValues.add(el.getArtifact()); @@ -187,24 +194,21 @@ public class DBTransactionStorage implements ITransactionStorage { Logger.info("Sessioninformation not removed! (Message:"+ e.getMessage() + ")"); } catch (HibernateException e) { - Logger.warn("Sessioninformation not removed! (Error during Database communication)", e); + Logger.warn("Sessioninformation not removed! (Erreor during Database communication)", e); } } private void cleanDelete(AssertionStore element) { - try { - element.setAssertion("blank".getBytes()); - MOASessionDBUtils.saveOrUpdate(element); - - } catch (MOADatabaseException e) { - Logger.warn("Blank shortTime session with artifact=" + element.getArtifact() + " FAILED.", e); + - } finally { - if (!MOASessionDBUtils.delete(element)) + try{ + element.setAssertion("blank".getBytes()); + entityManager.merge(element); + entityManager.remove(element); + }catch(PersistenceException e){ Logger.error("ShortTime session with artifact=" + element.getArtifact() + " not removed! (Error during Database communication)"); - - } + } } @@ -212,29 +216,23 @@ public class DBTransactionStorage implements ITransactionStorage { private AssertionStore searchInDatabase(String artifact) throws MOADatabaseException { MiscUtil.assertNotNull(artifact, "artifact"); Logger.trace("Getting sessioninformation with ID " + artifact + " from database."); - Session session = MOASessionDBUtils.getCurrentSession(); - List result; + List<AssertionStore> results; - synchronized (session) { - session.beginTransaction(); - Query query = session.getNamedQuery("getAssertionWithArtifact"); - query.setParameter("artifact", artifact); - result = query.list(); + Query query = entityManager.createNamedQuery("getAssertionWithArtifact"); + query.setParameter("artifact", artifact); - //send transaction - session.getTransaction().commit(); - } + results = query.getResultList(); - Logger.trace("Found entries: " + result.size()); + Logger.trace("Found entries: " + results.size()); //Assertion requires an unique artifact - if (result.size() != 1) { + if (results.size() != 1) { Logger.debug("No transaction information with ID:" + artifact + " found."); return null; } - return (AssertionStore) result.get(0); + return results.get(0); } private void put(AssertionStore element, String key, Object value) throws MOADatabaseException { @@ -253,15 +251,23 @@ public class DBTransactionStorage implements ITransactionStorage { element.setAssertion(data); //store AssertionStore element to Database - try { - MOASessionDBUtils.saveOrUpdate(element); + //try { + entityManager.persist(element); + //MOASessionDBUtils.saveOrUpdate(element); Logger.debug(value.getClass().getName() + " with ID: " + key + " is stored in Database"); - - } catch (MOADatabaseException e) { - Logger.warn("Sessioninformation could not be stored."); - throw new MOADatabaseException(e); - - } +// +// } catch (MOADatabaseException e) { +// Logger.warn("Sessioninformation could not be stored."); +// throw new MOADatabaseException(e); +// +// } + + } + + @Override + public void putAssertionStore(Object element) throws MOADatabaseException{ + // TODO Auto-generated method stub + entityManager.merge(element); } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/IAuthenticationSessionStoreage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/IAuthenticationSessionStoreage.java index b5d816eaf..c8d09e17e 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/IAuthenticationSessionStoreage.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/IAuthenticationSessionStoreage.java @@ -30,9 +30,11 @@ import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionExtensions; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.exception.BuildException; import at.gv.egovernment.moa.id.commons.api.IRequest; +import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession; import at.gv.egovernment.moa.id.commons.db.dao.session.AuthenticatedSessionStore; import at.gv.egovernment.moa.id.commons.db.dao.session.InterfederationSessionStore; import at.gv.egovernment.moa.id.commons.db.dao.session.OASessionStore; +import at.gv.egovernment.moa.id.commons.db.dao.session.OldSSOSessionIDStore; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; import at.gv.egovernment.moa.id.data.SLOInformationInterface; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AssertionAttributeExtractorExeption; @@ -47,103 +49,74 @@ public interface IAuthenticationSessionStoreage { /** * Check if the stored MOASession is already authenticated * - * @param moaSessionID MOASession identifier + * @param internalSsoSessionID Internal MOA SSO-Session identifier * @return true if the MOASession is authenticated, otherwise false */ - public boolean isAuthenticated(String moaSessionID); + public boolean isAuthenticated(String internalSsoSessionID); /** - * Create a new MOASession + * Create a new MOA SSO-Session object in database + * The SSO session object get populated with eID information from pending request * * @param target Pending Request which is associated with this MOASession * @return MOASession object * @throws MOADatabaseException MOASession storage operation FAILED * @throws BuildException MOASession encryption FAILED */ - public AuthenticationSession createSession(IRequest target) throws MOADatabaseException, BuildException; + public AuthenticationSession createInternalSSOSession(IRequest target) throws MOADatabaseException, BuildException; /** * Get a MOASession with sessionID * - * @param sessionID SessionID which corresponds to a MOASession + * @param internalSsoSessionID Internal MOA SSO-Session identifier * @return MOASession, or null if no session exists with this ID * @throws MOADatabaseException MOASession load operation FAILED */ - public AuthenticationSession getSession(String sessionID) throws MOADatabaseException; + public AuthenticationSession getInternalSSOSession(String internalSsoSessionID) throws MOADatabaseException; /** * Get the session-data extension-object for a MOASession * - * @param sessionID SessionID which corresponds to a MOASession + * @param internalSsoSessionID Internal MOA SSO-Session identifier * @return AuthenticationSessionExtensions, or null if no session exists with this ID or extensionobject is null * @throws MOADatabaseException MOASession load operation FAILED */ - public AuthenticationSessionExtensions getAuthenticationSessionExtensions(String sessionID) throws MOADatabaseException; + public AuthenticationSessionExtensions getAuthenticationSessionExtensions(String internalSsoSessionID) throws MOADatabaseException; /** * Store a session-data extension-object to MOASession * - * @param sessionID SessionID which corresponds to a MOASession + * @param internalSsoSessionID Internal MOA SSO-Session identifier * @param sessionExtensions AuthenticationSessionExtensions object * @throws MOADatabaseException MOASession storage operation FAILED */ - public void setAuthenticationSessionExtensions(String sessionID, AuthenticationSessionExtensions sessionExtensions) throws MOADatabaseException; + public void setAuthenticationSessionExtensions(String internalSsoSessionID, AuthenticationSessionExtensions sessionExtensions) throws MOADatabaseException; /** - * Store a MOASession - * - * @param session MOASession which should be stored - * @throws MOADatabaseException MOASession storage operation FAILED - * @throws BuildException MOASession encryption FAILED - */ - public void storeSession(AuthenticationSession session) throws MOADatabaseException, BuildException; - - /** * Delete a MOASession * - * @param moaSessionID SessionID which corresponds to a MOASession + * @param internalSsoSessionID Internal MOA SSO-Session identifier * @throws MOADatabaseException MOASession delete operation FAILED */ - public void destroySession(String moaSessionID) throws MOADatabaseException; - - - /** - * Change the sessionID of a MOASession - * - * @param session MOASession for which the sessionID should be changed - * @param newSessionID new MOASessionID which should be used - * @return new MOASessionID - * @throws MOADatabaseException MOASession storage operation FAILED - * @throws BuildException MOASession encryption/decryption FAILED - */ - public String changeSessionID(AuthenticationSession session, String newSessionID) throws BuildException, MOADatabaseException; - - /** - * Change the sessionID of a MOASession - * - * @param session MOASession for which the sessionID should be changed - * @return new MOASessionID - * @throws MOADatabaseException MOASession storage operation FAILED - * @throws BuildException MOASession encryption/decryption FAILED - */ - public String changeSessionID(AuthenticationSession session) throws BuildException, MOADatabaseException; - + public void destroyInternalSSOSession(String internalSsoSessionID) throws MOADatabaseException; + /** * Set the isAuthenticated flag to MOASession * - * @param moaSessionID SessionID which corresponds to a MOASession + * @param internalSsoSessionID Internal MOA SSO-Session identifier * @param isAuthenticated Is authenticated flag (true/false) */ - public void setAuthenticated(String moaSessionID, boolean isAuthenticated); + public void setAuthenticated(String internalSsoSessionID, boolean isAuthenticated); /** * Find the MOASessionId of an active Single Sign-On session * * @param SSOSessionID Single Sign-On sessionID - * @return MOASessionID of the associated MOASession + * @return internal MOA SSO-Session of the associated SSO-Session Id + * @throws MOADatabaseException */ - public String getMOASessionSSOID(String SSOSessionID); + public AuthenticationSession getInternalMOASessionWithSSOID(String SSOSessionID) throws MOADatabaseException; /** * Check if a MOASession is an active Single Sign-On session @@ -181,7 +154,7 @@ public interface IAuthenticationSessionStoreage { * @param moaSession MOASession data object * @return List of Service-Provider information */ - public List<OASessionStore> getAllActiveOAFromMOASession(AuthenticationSession moaSession); + public List<OASessionStore> getAllActiveOAFromMOASession(IAuthenticationSession moaSession); /** @@ -190,7 +163,7 @@ public interface IAuthenticationSessionStoreage { * @param moaSession MOASession data object * @return List of Interfederation-IDP information */ - public List<InterfederationSessionStore> getAllActiveIDPsFromMOASession(AuthenticationSession moaSession); + public List<InterfederationSessionStore> getAllActiveIDPsFromMOASession(IAuthenticationSession moaSession); /** * Search a MOASession by using already transfered authentication information @@ -199,7 +172,7 @@ public interface IAuthenticationSessionStoreage { * @param userNameID UserId (bPK), which was send to this Service-Provider * @return MOASession, or null if no corresponding MOASession is found */ - public AuthenticationSession searchMOASessionWithNameIDandOAID(String oaID, String userNameID); + public IAuthenticationSession searchMOASessionWithNameIDandOAID(String oaID, String userNameID); /** * Search a active Single Sign-On session for a specific Service-Provider @@ -209,7 +182,7 @@ public interface IAuthenticationSessionStoreage { * @param protocolType Authentication protocol, which was used for SSO from this Service-Provider * @return Internal Single Sign-On information for this Service-Provider */ - public OASessionStore searchActiveOASSOSession(AuthenticationSession moaSession, String oaID, String protocolType); + public OASessionStore searchActiveOASSOSession(IAuthenticationSession moaSession, String oaID, String protocolType); /** @@ -218,7 +191,7 @@ public interface IAuthenticationSessionStoreage { * @param nameID UserID (bPK) * @return MOASession, or null if no corresponding MOASession is found */ - public AuthenticationSession getSessionWithUserNameID(String nameID); + public IAuthenticationSession getSessionWithUserNameID(String nameID); /** * Search an active federation IDP which could be used for federated Single Sign-On @@ -276,5 +249,28 @@ public interface IAuthenticationSessionStoreage { * @param authDataTimeOutUpdated timeOut after MOASession is updated last time [ms] */ public void clean(Date now, long authDataTimeOutCreated, long authDataTimeOutUpdated); + + /** + * @param session + * @param oaurl + * @param requestedModule + */ + public void markOAWithAttributeQueryUsedFlag(IAuthenticationSession session, String oaurl, String requestedModule); + + /** + * @param nextIDPInformation + */ + public void deleteIdpInformation(InterfederationSessionStore nextIDPInformation); + + /** + * @param nextIDPInformation + */ + public void persistIdpInformation(InterfederationSessionStore nextIDPInformation); + + /** + * @param ssoId + * @return + */ + public OldSSOSessionIDStore checkSSOTokenAlreadyUsed(String ssoId); } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/ITransactionStorage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/ITransactionStorage.java index 493f24ee8..53a7f4f5e 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/ITransactionStorage.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/ITransactionStorage.java @@ -48,9 +48,10 @@ public interface ITransactionStorage { * @param key Id which identifiers the data object * @param value Data object which should be stored. * This data must implement the <code>java.io.Serializable</code> interface + * @param timeout_ms Defines the period of time a data object is kept within the storage * @throws MOADatabaseException In case of store operation failed */ - public void put(String key, Object value) throws MOADatabaseException; + public void put(String key, Object value, int timeout_ms) throws MOADatabaseException; /** * Get a data object from transaction storage @@ -110,4 +111,21 @@ public interface ITransactionStorage { */ public List<String> clean(Date now, long dataTimeOut); + + /** + * Get whole AssertionStoreObject, required for SLO + * + * @param key key Id which identifiers the data object + * @return The transaction-data object, or null + * @throws MOADatabaseException In case of load operation failed + */ + public Object getAssertionStore(String key) throws MOADatabaseException; + + /** + * Put whole AssertionStoreObject to db, required for SLO + * + * @param element assertion store object + */ + public void putAssertionStore(Object element) throws MOADatabaseException; + } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/RedisTransactionStorage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/RedisTransactionStorage.java new file mode 100644 index 000000000..2b9a6656b --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/RedisTransactionStorage.java @@ -0,0 +1,375 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + *******************************************************************************/ +package at.gv.egovernment.moa.id.storage; + +import java.io.Serializable; +import java.util.ArrayList; +import java.util.Date; +import java.util.List; +import java.util.Random; +import java.util.concurrent.TimeUnit; + +import org.apache.commons.lang.SerializationUtils; +import org.hibernate.HibernateException; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.dao.DataAccessException; +import org.springframework.data.redis.core.RedisOperations; +import org.springframework.data.redis.core.RedisTemplate; +import org.springframework.data.redis.core.SessionCallback; +import org.springframework.data.redis.serializer.JacksonJsonRedisSerializer; +import org.springframework.stereotype.Service; + +import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; +import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; +import at.gv.egovernment.moa.id.commons.db.dao.session.AssertionStore; +import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.MiscUtil; + +@Service("TransactionStorage") +public class RedisTransactionStorage implements ITransactionStorage { + + @Autowired + private RedisTemplate<String, Object> redisTemplate; + + @Autowired + protected AuthConfiguration authConfig; + + @Autowired + private JacksonJsonRedisSerializer assertionStoreSerializer; + + public RedisTemplate<String, Object> getTemplate(){ + return this.redisTemplate; + } + + public void setTemplate(RedisTemplate<String, Object> t){ + this.redisTemplate = t; + } + + public boolean containsKey(String key) { + try { + searchInDatabase(key); + return true; + + } catch (MOADatabaseException e) { + return false; + } + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.storage.ITransactionStorage#changeKey(java.lang.String, java.lang.String, java.lang.Object) + */ + @Override + public void changeKey(String oldKey, String newKey, Object value) throws MOADatabaseException { + + //search if key already exists + final int expTime = redisTemplate.getExpire(oldKey, TimeUnit.MILLISECONDS).intValue(); + //AssertionStore element = searchInDatabase(oldKey); + if (expTime < 0) { + Logger.info("No transaction-data with oldKey:" + oldKey + + " found. Process gets stopped."); + throw new MOADatabaseException("No transaction-data with oldKey:" + oldKey + + " found. Process gets stopped."); + + } + + //Important: Rename not working here, because the new ID also has to be put into the + //value object. + //redisTemplate.rename(oldKey, newKey); + + final String old_key = oldKey; + + //redisTemplate.delete(oldKey); + //put(null, newKey, value, expTime); + final AssertionStore assertion = prepareAssertion(null, newKey, value); + List<Object> txResults = redisTemplate.execute(new SessionCallback<List<Object>>() { + public List<Object> execute(RedisOperations operations) throws DataAccessException { + operations.multi(); + operations.delete(old_key); + operations.opsForValue().set(assertion.getArtifact(), new String(assertionStoreSerializer.serialize(assertion)),expTime,TimeUnit.MILLISECONDS); + // This will contain the results of all ops in the transaction + return operations.exec(); + } + }); + + int a= txResults.size(); + } + + public void put(String key, Object value, int timeoutms) throws MOADatabaseException { + + //search if key already exists + AssertionStore element = searchInDatabase(key); + + //create a new entry if key does not exists already + if (element == null) { + element = new AssertionStore(); + + } + + put(element, key, value, timeoutms); + } + + public <T> T get(String key, + final Class<T> clazz) throws MOADatabaseException { + + try { + return get(key, clazz, -1); + + } catch (AuthenticationException e) { + //this execption only occurs if an additional timeOut is used + Logger.error("This exeption should not occur!!!!", e); + return null; + + } + } + + public Object get(String key) throws MOADatabaseException { + AssertionStore element = searchInDatabase(key); + + if (element == null) + return null; + + return SerializationUtils.deserialize(element.getAssertion()); + + + } + + public <T> T get(String key, final Class<T> clazz, long dataTimeOut) throws MOADatabaseException, AuthenticationException { + + AssertionStore element = searchInDatabase(key); + + if (element == null) + return null; + +// dataTimeOut = -1; +// if (dataTimeOut > -1) { +// //check timeout +// long now = new Date().getTime(); +// +// if (now - element.getDatatime().getTime() > dataTimeOut) { +// Logger.info("Transaction-Data with key: " + key + " is out of time."); +// throw new AuthenticationException("1207", new Object[] { key }); +// +// } +// } + + + //Deserialize Assertion + Object data = SerializationUtils.deserialize(element.getAssertion()); + + //check if assertion has the correct class type + try { + @SuppressWarnings("unchecked") + T test = (T) Class.forName(element.getType()).cast(data); + return test; + + } catch (Exception e) { + Logger.warn("Sessioninformation Cast-Exception by using Artifact=" + key); + throw new MOADatabaseException("Sessioninformation Cast-Exception"); + + } + } + + //NOT USED with REDIS + public List<String> clean(Date now, long dataTimeOut) { + + //redis enables to set TTL when creating new values, so we don't need this function anymore + +// Date expioredate = new Date(now.getTime() - dataTimeOut); +// +// List<AssertionStore> results; + List<String> returnValues = new ArrayList<String>(); +// Session session = MOASessionDBUtils.getCurrentSession(); +// +// synchronized (session) { +// session.beginTransaction(); +// Query query = session.getNamedQuery("getAssertionWithTimeOut"); +// query.setTimestamp("timeout", expioredate); +// results = query.list(); +// session.getTransaction().commit(); +// } +// +// if (results != null) { +// for (AssertionStore el : results) +// returnValues.add(el.getArtifact()); +// +// } + return returnValues; + } + + public void remove(String key) { + + try { + + AssertionStore element = searchInDatabase(key); + if (element == null) { + Logger.debug("Sessioninformation not removed! (Sessioninformation with ID=" + key + + "not found)"); + return; + } + + redisTemplate.delete(key); + //cleanDelete(element); + Logger.debug("Removed stored information with ID: " + key); + + + } catch (MOADatabaseException e) { + Logger.info("Sessioninformation not removed! (Message:"+ e.getMessage() + ")"); + + } catch (HibernateException e) { + Logger.warn("Sessioninformation not removed! (Error during Database communication)", e); + } + } + + //Not used within REDIS store + private void cleanDelete(AssertionStore element) { +// try { +// element.setAssertion("blank".getBytes()); +// MOASessionDBUtils.saveOrUpdate(element); +// +// } catch (MOADatabaseException e) { +// Logger.warn("Blank shortTime session with artifact=" + element.getArtifact() + " FAILED.", e); +// +// } finally { +// if (!MOASessionDBUtils.delete(element)) +// Logger.error("ShortTime session with artifact=" + element.getArtifact() +// + " not removed! (Error during Database communication)"); +// +// } + + } + + //name="getAssertionWithArtifact", query = "select assertionstore from AssertionStore assertionstore where assertionstore.artifact = :artifact"), + //@NamedQuery(name="getAssertionWithTimeOut", query = "select assertionstore from AssertionStore assertionstore where assertionstore.timestamp < :timeout") + + @SuppressWarnings("rawtypes") + private AssertionStore searchInDatabase(String artifact) throws MOADatabaseException { + MiscUtil.assertNotNull(artifact, "artifact"); + Logger.trace("Getting sessioninformation with ID " + artifact + " from database."); + + +// Session session = MOASessionDBUtils.getCurrentSession(); +// List result; +// +// synchronized (session) { +// session.beginTransaction(); +// Query query = session.getNamedQuery("getAssertionWithArtifact"); +// query.setParameter("artifact", artifact); +// result = query.list(); +// +// //send transaction +// session.getTransaction().commit(); +// } + //String id = (String) redisTemplate.opsForSet().pop(artifact); + String assertion = (String) redisTemplate.opsForValue().get(artifact); + //String id = (String) redisTemplate.opsForValue().get(artifact); + if(assertion == null){ + Logger.debug("No transaction information with ID:" + artifact + " found."); + return null; + } + + AssertionStore as = (AssertionStore) assertionStoreSerializer.deserialize(assertion.getBytes()); + //delete the timestamp entry +// String ts = as.getDatatime().toString(); +// redisTemplate.opsForSet().pop(ts); + + if(as == null){ + Logger.debug("No transaction information with ID:" + artifact + " found."); + return null; + } + return as; + + //Assertion requires an unique artifact +// if (result.size() != 1) { +// Logger.debug("No transaction information with ID:" + artifact + " found."); +// +// +// } +// +// return (AssertionStore) result.get(0); + } + + private void put(AssertionStore element, String key, Object value, int timeoutms) throws MOADatabaseException { + + element = prepareAssertion(element, key, value); + + int authDataTimeOut = authConfig.getTransactionTimeOut() * 1000; + + if(timeoutms != -1){ + authDataTimeOut = timeoutms; + } + redisTemplate.opsForValue().set(element.getArtifact(), new String(assertionStoreSerializer.serialize(element)),authDataTimeOut,TimeUnit.MILLISECONDS); + //MOASessionDBUtils.saveOrUpdate(element); + Logger.debug(value.getClass().getName() + " with ID: " + key + " is stored in Database"); + + } + +private AssertionStore prepareAssertion(AssertionStore element, String key, Object value) throws MOADatabaseException { + + if(element == null) + element = new AssertionStore(); + + element.setArtifact(key); + element.setType(value.getClass().getName()); + element.setDatatime(new Date()); + + if (!Serializable.class.isInstance(value)) { + Logger.warn("Transaction-Storage can only store objects which implements the 'Seralizable' interface"); + throw new MOADatabaseException("Transaction-Storage can only store objects which implements the 'Seralizable' interface", null); + } + + //serialize the Assertion for Database storage + byte[] data = SerializationUtils.serialize((Serializable) value); + element.setAssertion(data); + + long id = new Random().nextLong(); + element.setId(id); + + return element; + + } + +@Override +public Object getAssertionStore(String key) throws MOADatabaseException { + return searchInDatabase(key); +} + +@Override +public void putAssertionStore(Object element) throws MOADatabaseException { + // TODO Auto-generated method stub + AssertionStore as = (AssertionStore)element; + final int expTime = redisTemplate.getExpire(as.getArtifact(), TimeUnit.MILLISECONDS).intValue(); + //AssertionStore element = searchInDatabase(oldKey); + if (expTime < 0) { + Logger.info("No transaction-data with oldKey:" + as.getArtifact() + + " found. Process gets stopped."); + throw new MOADatabaseException("No transaction-data with oldKey:" + as.getArtifact() + + " found. Process gets stopped."); + + } + redisTemplate.opsForValue().set(as.getArtifact(), new String(assertionStoreSerializer.serialize(element)),expTime,TimeUnit.MILLISECONDS); + +} + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ECDSAKeyValueConverter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ECDSAKeyValueConverter.java index 2c0a82708..f37ae0b0b 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ECDSAKeyValueConverter.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ECDSAKeyValueConverter.java @@ -20,48 +20,15 @@ * The "NOTICE" text file is part of the distribution. Any derivative works * that you distribute must include a readable copy of the "NOTICE" text file. ******************************************************************************/ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - package at.gv.egovernment.moa.id.util; -import iaik.security.ecc.ecdsa.ECDSAParameter; -import iaik.security.ecc.ecdsa.ECPublicKey; -import iaik.security.ecc.math.ecgroup.AffineCoordinate; -import iaik.security.ecc.math.ecgroup.Coordinate; -import iaik.security.ecc.math.ecgroup.CoordinateTypes; -import iaik.security.ecc.math.ecgroup.ECGroupFactory; -import iaik.security.ecc.math.ecgroup.ECPoint; -import iaik.security.ecc.math.ecgroup.EllipticCurve; -import iaik.security.ecc.math.field.Field; -import iaik.security.ecc.math.field.FieldElement; -import iaik.security.ecc.math.field.PrimeField; -import iaik.security.ecc.parameter.ECCParameterFactory; -import iaik.security.ecc.spec.ECCParameterSpec; - import java.math.BigInteger; import java.security.PublicKey; +import java.security.spec.ECField; +import java.security.spec.ECFieldF2m; +import java.security.spec.ECFieldFp; +import java.security.spec.ECPoint; import java.util.HashMap; import java.util.Iterator; import java.util.Vector; @@ -72,6 +39,15 @@ import org.w3c.dom.NamedNodeMap; import org.w3c.dom.Node; import org.w3c.dom.NodeList; +import at.gv.egovernment.moa.logging.Logger; +import iaik.security.ec.common.ECParameterSpec; +import iaik.security.ec.common.ECPublicKey; +import iaik.security.ec.common.ECStandardizedParameterFactory; +import iaik.security.ec.common.EllipticCurve; +import iaik.security.ec.math.field.Field; +import iaik.security.ec.math.field.FieldElement; +import iaik.security.ec.math.field.PrimeField; + public class ECDSAKeyValueConverter { @@ -94,15 +70,13 @@ public class ECDSAKeyValueConverter if (domainParams == null) throw new Exception("Domain parameters must not be implicit."); Element namedCurve = getChildElement(domainParams, ecdsaNS, "NamedCurve", 1); - ECCParameterSpec eccParameterSpec; + ECParameterSpec eccParameterSpec; if (namedCurve != null) { // URL curveNameURN = new URL(namedCurve.getAttributeNS(null, "URN")); String curveNameOID = namedCurve.getAttributeNS(null, "URN").substring(8); - ECCParameterFactory eccParamFactory = ECCParameterFactory.getInstance(); - // eccParameterSpec = eccParamFactory.getParameterByOID(curveNameURN.getPath().substring(4)); - eccParameterSpec = eccParamFactory.getParameterByOID(curveNameOID); + eccParameterSpec = ECStandardizedParameterFactory.getParametersByOID(curveNameOID); } else { @@ -167,14 +141,21 @@ public class ECDSAKeyValueConverter String cofactorStr = getChildElementText(basePointParams, ecdsaNS, "Cofactor", 1); BigInteger cofactor = (cofactorStr != null) ? new BigInteger(cofactorStr, 10) : null; + BigInteger a = new BigInteger(aStr, 10); + BigInteger b = new BigInteger(bStr, 10); + BigInteger basePointX = new BigInteger(basePointXStr, 10); + BigInteger basePointY = new BigInteger(basePointYStr, 10); + if (fieldParamsType == FIELD_TYPE_PRIME) - { - BigInteger a = new BigInteger(aStr, 10); - BigInteger b = new BigInteger(bStr, 10); - BigInteger basePointX = new BigInteger(basePointXStr, 10); - BigInteger basePointY = new BigInteger(basePointYStr, 10); - eccParameterSpec = new ECCParameterSpec(p, cofactor, order, seed, null, a, b, basePointX, - basePointY, null); + { + ECField javaECField = new ECFieldFp(p); + java.security.spec.EllipticCurve curve = + new java.security.spec.EllipticCurve(javaECField, a, b, seed.toByteArray()); + java.security.spec.ECPoint javaECbasePoint = + new java.security.spec.ECPoint(basePointX, basePointY); + java.security.spec.ECParameterSpec javaECSpec = + new java.security.spec.ECParameterSpec(curve, javaECbasePoint, order, cofactor.intValue()); + eccParameterSpec = ECParameterSpec.getParameterSpec(javaECSpec); } else { @@ -193,9 +174,19 @@ public class ECDSAKeyValueConverter irreducible[k1/32] += 1 << k1 % 32; irreducible[0] += 1; } - eccParameterSpec = new ECCParameterSpec(irreducible, cofactor, order, octetString2IntArray(aStr), - octetString2IntArray(bStr), octetString2IntArray(basePointXStr), - octetString2IntArray(basePointYStr), null); + + ECField javaECField = new ECFieldF2m(m, irreducible); + java.security.spec.EllipticCurve curve = + new java.security.spec.EllipticCurve(javaECField, a, b, seed.toByteArray()); + java.security.spec.ECPoint javaECbasePoint = + new java.security.spec.ECPoint(basePointX, basePointY); + java.security.spec.ECParameterSpec javaECSpec = + new java.security.spec.ECParameterSpec(curve, javaECbasePoint, order, cofactor.intValue()); + eccParameterSpec = ECParameterSpec.getParameterSpec(javaECSpec); + +// eccParameterSpec = new ECCParameterSpec(irreducible, cofactor, order, octetString2IntArray(aStr), +// octetString2IntArray(bStr), octetString2IntArray(basePointXStr), +// octetString2IntArray(basePointYStr), null); } } @@ -206,10 +197,14 @@ public class ECDSAKeyValueConverter Element publicKeyYElem = getChildElement(publicKeyElem, ecdsaNS, "Y", 1); String publicKeyYStr = publicKeyYElem.getAttributeNS(null, "Value"); - ECDSAParameter ecdsaParams = new ECDSAParameter(eccParameterSpec, CoordinateTypes.PROJECTIVE_COORDINATES); - ECGroupFactory ecGroupFactory = ECGroupFactory.getInstance(); - EllipticCurve eCurve = ecGroupFactory.getCurve(eccParameterSpec.getA(), - eccParameterSpec.getB(), eccParameterSpec.getR(), CoordinateTypes.PROJECTIVE_COORDINATES); + //ECParameterSpec ecdsaParams = new ECParameterSpec(eccParameterSpec, CoordinateTypes.PROJECTIVE_COORDINATES); + //ECGroupFactory ecGroupFactory = ECGroupFactory.getInstance(); + + EllipticCurve eCurve = eccParameterSpec.getCurve(); + +// EllipticCurve eCurve = ecGroupFactory.getCurve(eccParameterSpec.getA(), +// eccParameterSpec.getB(), eccParameterSpec.getR(), CoordinateTypes.PROJECTIVE_COORDINATES); + Field field = eCurve.getField(); // Detect type of public key field elements @@ -239,10 +234,19 @@ public class ECDSAKeyValueConverter } // ProjectiveCoordinate publicKeyPointCoordinate = new ProjectiveCoordinate(publicKeyPointX, // publicKeyPointY, field.getONEelement()); - Coordinate publicKeyPointCoordinate = new AffineCoordinate(publicKeyPointX, - publicKeyPointY).toProjective(); - ECPoint publicKeyPoint = eCurve.newPoint(publicKeyPointCoordinate); - ECPublicKey publicKey = new ECPublicKey(ecdsaParams, publicKeyPoint); +// Coordinate publicKeyPointCoordinate = new AffineCoordinate(publicKeyPointX, +// publicKeyPointY).toProjective(); + + ECPoint publicKeyPointECPoint = new ECPoint(publicKeyPointX.toBigInteger(), + publicKeyPointY.toBigInteger()); + + if (!eCurve.containsPoint(publicKeyPointECPoint)) { + Logger.error("IDL ECC parameter extraction FAILED! Public-Key ECPoint is not on the curve!"); + throw new Exception("IDL ECC parameter extraction FAILED! Public-Key ECPoint is not on the curve!"); + + } + + ECPublicKey publicKey = new ECPublicKey(eccParameterSpec, publicKeyPointECPoint); return publicKey; } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SSLUtils.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SSLUtils.java index f0cec1d61..cd700c74a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SSLUtils.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SSLUtils.java @@ -46,9 +46,6 @@ package at.gv.egovernment.moa.id.util; -import iaik.pki.PKIException; -import iaik.security.provider.IAIK; - import java.io.BufferedInputStream; import java.io.BufferedReader; import java.io.IOException; @@ -57,7 +54,6 @@ import java.io.InputStreamReader; import java.io.Reader; import java.net.URL; import java.security.GeneralSecurityException; -import java.security.Security; import javax.net.ssl.HttpsURLConnection; import javax.net.ssl.SSLSocketFactory; @@ -71,6 +67,7 @@ import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; import at.gv.egovernment.moa.id.commons.utils.ssl.SSLConfigurationException; import at.gv.egovernment.moa.id.config.ConnectionParameter; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; +import iaik.pki.PKIException; /** @@ -86,7 +83,7 @@ public class SSLUtils { public static void initialize() { // JSSE Abhängigkeit //Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider()); - Security.addProvider(new IAIK()); + //Security.addProvider(new IAIK()); //System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol"); @@ -126,14 +123,14 @@ public class SSLUtils { //INFO: MOA-ID 2.x always use defaultChainingMode try { - SSLSocketFactory ssf = - at.gv.egovernment.moa.id.commons.utils.ssl.SSLUtils.getSSLSocketFactory( - connParam.getUrl(), - conf.getCertstoreDirectory(), + SSLSocketFactory ssf = at.gv.egovernment.moa.id.commons.utils.ssl.SSLUtils.getSSLSocketFactory( + connParam.getUrl(), + null, trustStoreURL, acceptedServerCertURL, AuthConfigurationProviderFactory.getInstance().getDefaultChainingMode(), - AuthConfigurationProviderFactory.getInstance().isTrustmanagerrevoationchecking(), + AuthConfigurationProviderFactory.getInstance().isTrustmanagerrevoationchecking(), + AuthConfigurationProviderFactory.getInstance().getRevocationMethodOrder(), connParam.getClientKeyStore(), connParam.getClientKeyStorePassword(), "pkcs12"); diff --git a/id/server/idserverlib/src/main/resources/moaid.authentication.beans.xml b/id/server/idserverlib/src/main/resources/moaid.authentication.beans.xml index 11d92cea3..ba8c47304 100644 --- a/id/server/idserverlib/src/main/resources/moaid.authentication.beans.xml +++ b/id/server/idserverlib/src/main/resources/moaid.authentication.beans.xml @@ -4,10 +4,17 @@ xmlns:context="http://www.springframework.org/schema/context" xmlns:tx="http://www.springframework.org/schema/tx" xmlns:aop="http://www.springframework.org/schema/aop" + xmlns:p="http://www.springframework.org/schema/p" + xmlns:task="http://www.springframework.org/schema/task" xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd - http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd"> + http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd + http://www.springframework.org/schema/task http://www.springframework.org/schema/task/spring-task-3.0.xsd"> + + <task:annotation-driven executor="MOA-ID-Auth_TaskExecutor" scheduler="MOA-ID-Auth_Scheduler"/> + <task:executor id="MOA-ID-Auth_TaskExecutor" pool-size="5"/> + <task:scheduler id="MOA-ID-Auth_Scheduler" pool-size="10"/> <bean id="processEngine" class="at.gv.egovernment.moa.id.process.ProcessEngineImpl"> <property name="transitionConditionExpressionEvaluator"> @@ -35,8 +42,7 @@ <bean id="MOAID_SSOManager" class="at.gv.egovernment.moa.id.moduls.SSOManager"/> - <bean id="TransactionStorage" - class="at.gv.egovernment.moa.id.storage.DBTransactionStorage"/> + <bean id="AuthenticationSessionStoreage" class="at.gv.egovernment.moa.id.storage.DBAuthenticationSessionStoreage"/> @@ -47,14 +53,20 @@ <bean id="ProcessInstanceStoreage" class="at.gv.egovernment.moa.id.process.dao.ProcessInstanceStoreDAOImpl"/> - <bean id="StatisticLogger" - class="at.gv.egovernment.moa.id.advancedlogging.StatisticLogger"/> - <bean id="MOAReversionLogger" class="at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger"/> <bean id="AuthenticationSessionCleaner" - class="at.gv.egovernment.moa.id.auth.AuthenticationSessionCleaner"/> + class="at.gv.egovernment.moa.id.auth.AuthenticationSessionCleaner"/> + + <bean id="MOAGarbageCollector" + class="at.gv.egovernment.moa.id.auth.MOAGarbageCollector"/> + +<!-- <bean id="taskExecutor" class="org.springframework.scheduling.concurrent.ThreadPoolTaskExecutor"> + <property name="corePoolSize" value="5" /> + <property name="maxPoolSize" value="10" /> + <property name="queueCapacity" value="25" /> + </bean> --> <!-- Authentication Process Tasks --> <bean id="GenerateBKUSelectionFrameTask" @@ -79,6 +91,18 @@ <bean id="EvaluateSSOConsentsTaskImpl" class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.EvaluateSSOConsentsTaskImpl" - scope="prototype"/> + scope="prototype"/> -</beans>
\ No newline at end of file + <beans profile="advancedLogOn"> + <bean id="StatisticLogger" + class="at.gv.egovernment.moa.id.advancedlogging.StatisticLogger"/> + </beans> + + <beans profile="advancedLogOff"> + <bean id="StatisticLogger" + class="at.gv.egovernment.moa.id.advancedlogging.DummyStatisticLogger"/> + </beans> + +</beans> + + diff --git a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties index 89f54d008..b88df0b9d 100644 --- a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties +++ b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties @@ -113,9 +113,9 @@ service.00=Fehler beim Aufruf des Web Service: {0} service.01=Fehler beim Aufruf des Web Service: kein Endpoint
service.02=Fehler beim Aufruf des Web Service, Status {0}: {1}
service.03=Fehler beim Aufruf des SPSS-API: {0}
-service.04=Das Online-Vollmachten Service ist unter {0} nicht erreichbar.
+service.04=Das Online-Vollmachten Service ist unter {0} nicht erreichbar. Ursache:{1}
service.05=Fehler beim Anfragen des Online-Vollmachen Service: {0} / {1}
-service.06=Allgemeiner Fehler beim Anfragen des Online-Vollmachten Service
+service.06=Allgemeiner Fehler beim Anfragen des Online-Vollmachten Service. Ursache:{0}
service.07=Der SZR-Gateway ist unter {0} nicht erreichbar.
service.08=Die Eintragung der ausländischen Person am SZR-Gateway ist fehlgeschlagen.
service.09=Der SZR-Gateway Client konnte nicht initialisiert werden. Ursache:{0}
@@ -258,7 +258,7 @@ stork.29=Fehler bei der Generierung von STORK-Attribut (eIdentifier/eLPIdentifie eIDAS.00=eIDAS Engine initialization FAILED. Reason:{0}
eIDAS.01=Received eIDAS AuthnRequest is not valid. Reason:{0}
-eIDAS.02=Generate eIDAS AuthnRequest FAILED. Reason:{0}
+eIDAS.02=Generation of eIDAS AuthnRequest FAILED. Reason:{0}
eIDAS.03=Can not connect to eIDAS Node. Reason:No CitizenCountry selected.
eIDAS.04=Can not connect to eIDAS Node. Reason:{0} is not a valid CitizenCountry.
eIDAS.05=Can not generate eIDAS metadata. Reason:{0}
@@ -267,7 +267,10 @@ eIDAS.07=Missing eIDAS-Attribute:{0} eIDAS.08=No valid eIDAs-Node configuration for enityID:{0}
eIDAS.09=Received eIDAS Response is not valid. Reason:{0}
eIDAS.10=Internal server error. Reason:{0}
-eIDAS.11=Received eIDAS Error-Response. Reason:{0}
+eIDAS.11=Received eIDAS Error-Response. Reason:{0}
+eIDAS.12=Received eIDAS AuthnRequest is not valid. Reason:{0}
+eIDAS.13=Generation of eIDAS Response FAILED. Reason:{0}
+eIDAS.14=eIDAS Response validation FAILED: LevelOfAssurance {0} is to low.
pvp2.01=Fehler beim kodieren der PVP2 Antwort
pvp2.02=Ungueltiges Datumsformat
diff --git a/id/server/idserverlib/src/main/resources/resources/properties/protocol_response_statuscodes_de.properties b/id/server/idserverlib/src/main/resources/resources/properties/protocol_response_statuscodes_de.properties index bfaf5ffb1..e72a28046 100644 --- a/id/server/idserverlib/src/main/resources/resources/properties/protocol_response_statuscodes_de.properties +++ b/id/server/idserverlib/src/main/resources/resources/properties/protocol_response_statuscodes_de.properties @@ -225,6 +225,9 @@ eIDAS.08=1304 eIDAS.09=1301 eIDAS.10=9199 eIDAS.11=1302 +eIDAS.12=1305 +eIDAS.13=1307 +eIDAS.14=1301 pvp2.01=6100 pvp2.06=6100 diff --git a/id/server/idserverlib/src/main/resources/session.common.beans.xml b/id/server/idserverlib/src/main/resources/session.common.beans.xml new file mode 100644 index 000000000..bd3db0a5e --- /dev/null +++ b/id/server/idserverlib/src/main/resources/session.common.beans.xml @@ -0,0 +1,73 @@ +<?xml version="1.0" encoding="UTF-8"?> +<beans + xmlns="http://www.springframework.org/schema/beans" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xmlns:context="http://www.springframework.org/schema/context" + xmlns:tx="http://www.springframework.org/schema/tx" + xmlns:aop="http://www.springframework.org/schema/aop" + xmlns:p="http://www.springframework.org/schema/p" + xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd + http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd + http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd + http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd"> + + <context:property-placeholder location="${moa.id.configuration}"/> + <context:annotation-config/> + + <bean id="sessionDataSource" class="org.apache.commons.dbcp2.BasicDataSource" lazy-init="true" destroy-method="close"> + <aop:scoped-proxy/> + <property name="driverClassName" value="${moasession.hibernate.connection.driver_class}" /> + <property name="url" value="${moasession.hibernate.connection.url}"/> + <property name="username" value="${moasession.hibernate.connection.username}" /> + <property name="password" value="${moasession.hibernate.connection.password}" /> + + <property name="connectionProperties" value="${moasession.dbcp.connectionProperties}" /> + <property name="initialSize" value="${moasession.dbcp.initialSize}" /> + <property name="maxTotal" value="${moasession.dbcp.maxActive}" /> + <property name="maxIdle" value="${moasession.dbcp.maxIdle}" /> + <property name="minIdle" value="${moasession.dbcp.minIdle}" /> + <!-- property name="maxWait" value="${moasession.dbcp.maxWaitMillis}" / --> + <property name="testOnBorrow" value="${moasession.dbcp.testOnBorrow}" /> + <property name="testOnReturn" value="${moasession.dbcp.testOnReturn}" /> + <property name="testWhileIdle" value="${moasession.dbcp.testWhileIdle}" /> + <property name="validationQuery" value="${moasession.dbcp.validationQuery}" /> + </bean> + +<!-- <bean id="sessionSessionFactory" class="org.springframework.orm.hibernate5.LocalSessionFactoryBean"> + <property name="dataSource" ref="sessionDataSource"/> + <property name="packagesToScan" value="at.gv.egovernment.moa.id.commons.db.dao.session" /> + <property name="hibernateProperties"> + <props> + <prop key="hibernate.dialect">${moasession.hibernate.dialect}</prop> + <prop key="hibernate.show_sql">${moasession.hibernate.show_sql}</prop> + <prop key="hibernate.hbm2ddl.auto">${moasession.hibernate.hbm2ddl.auto}</prop> + <prop key="current_session_context_class">${moasession.hibernate.current_session_context_class}</prop> + <prop key="hibernate.transaction.flush_before_completion">${moasession.hibernate.transaction.flush_before_completion}</prop> + <prop key="hibernate.transaction.auto_close_session">${moasession.hibernate.transaction.auto_close_session}</prop> + </props> + </property> + </bean> --> + + <!-- MYSQL Conector --> + <tx:annotation-driven transaction-manager="sessionTransactionManager"/> + + <bean id="sessionJpaVendorAdapter" class="org.springframework.orm.jpa.vendor.HibernateJpaVendorAdapter"> + <property name="showSql" value="${moasession.hibernate.show_sql}" /> + <property name="generateDdl" value="${moasession.jpaVendorAdapter.generateDdl}" /> + <property name="databasePlatform" value="${moasession.hibernate.dialect}" /> + </bean> + + <bean name="session" id="session" class="org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean" depends-on="sessionDataSource"> + <property name="dataSource" ref="sessionDataSource" /> + <property name="jpaVendorAdapter" ref="sessionJpaVendorAdapter" /> + <property name="packagesToScan" value="at.gv.egovernment.moa.id.commons.db.dao.session" /> + <property name="persistenceUnitName" value="session" /> + </bean> + + <bean name="sessionTransactionManager" id="sessionTransactionManager" class="org.springframework.orm.jpa.JpaTransactionManager"> + <property name="entityManagerFactory" ref="session" /> + </bean> + + <!-- bean id="moaSessionDBUtils" class="at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils"/--> + +</beans>
\ No newline at end of file diff --git a/id/server/idserverlib/src/main/resources/session.db.beans.xml b/id/server/idserverlib/src/main/resources/session.db.beans.xml new file mode 100644 index 000000000..5ed390ffe --- /dev/null +++ b/id/server/idserverlib/src/main/resources/session.db.beans.xml @@ -0,0 +1,20 @@ +<?xml version="1.0" encoding="UTF-8"?> +<beans profile="dbBackend" + xmlns="http://www.springframework.org/schema/beans" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xmlns:context="http://www.springframework.org/schema/context" + xmlns:tx="http://www.springframework.org/schema/tx" + xmlns:aop="http://www.springframework.org/schema/aop" + xmlns:p="http://www.springframework.org/schema/p" + xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd + http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd + http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd + http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd"> + + <context:property-placeholder location="${moa.id.configuration}"/> + + <bean id="TransactionStorage" + class="at.gv.egovernment.moa.id.storage.DBTransactionStorage" + /> + +</beans>
\ No newline at end of file diff --git a/id/server/idserverlib/src/main/resources/session.redis.beans.xml b/id/server/idserverlib/src/main/resources/session.redis.beans.xml new file mode 100644 index 000000000..feda9b273 --- /dev/null +++ b/id/server/idserverlib/src/main/resources/session.redis.beans.xml @@ -0,0 +1,37 @@ +<?xml version="1.0" encoding="UTF-8"?> +<beans profile="redisBackend" + xmlns="http://www.springframework.org/schema/beans" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xmlns:context="http://www.springframework.org/schema/context" + xmlns:tx="http://www.springframework.org/schema/tx" + xmlns:aop="http://www.springframework.org/schema/aop" + xmlns:p="http://www.springframework.org/schema/p" + xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd + http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd + http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd + http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd"> + + <context:property-placeholder location="${moa.id.configuration}"/> + + <bean id="TransactionStorage" + class="at.gv.egovernment.moa.id.storage.RedisTransactionStorage"/> + + <!-- Redis Beans --> + <bean id="jedisConnFactory" + class="org.springframework.data.redis.connection.jedis.JedisConnectionFactory" + p:use-pool="${redis.use-pool}" + p:host-name="${redis.host-name}" + p:port="${redis.port}"/> + + <bean id="RedisStringSerializer" class="org.springframework.data.redis.serializer.StringRedisSerializer" /> + <bean id="assertionStoreSerializer" class="org.springframework.data.redis.serializer.JacksonJsonRedisSerializer"> + <constructor-arg type="java.lang.Class" value="at.gv.egovernment.moa.id.commons.db.dao.session.AssertionStore"/> + </bean> + + <bean id="redisTemplate" + class="org.springframework.data.redis.core.RedisTemplate" + p:connection-factory-ref="jedisConnFactory" + p:value-serializer-ref="RedisStringSerializer" + p:key-serializer-ref="RedisStringSerializer"/> + +</beans>
\ No newline at end of file diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/module/test/TestRequestImpl.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/module/test/TestRequestImpl.java index 66dffe311..3ecbb84a2 100644 --- a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/module/test/TestRequestImpl.java +++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/module/test/TestRequestImpl.java @@ -24,8 +24,11 @@ package at.gv.egovernment.moa.id.module.test; import java.util.Collection; +import org.opensaml.saml2.metadata.provider.MetadataProvider; + import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.commons.api.IRequest; +import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession; import at.gv.egovernment.moa.id.commons.api.exceptions.SessionDataStorageException; /** @@ -118,15 +121,6 @@ public class TestRequestImpl implements IRequest { } /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.moduls.IRequest#getMOASessionIdentifier() - */ - @Override - public String getMOASessionIdentifier() { - // TODO Auto-generated method stub - return null; - } - - /* (non-Javadoc) * @see at.gv.egovernment.moa.id.moduls.IRequest#getUniqueTransactionIdentifier() */ @Override @@ -254,10 +248,37 @@ public class TestRequestImpl implements IRequest { * @see at.gv.egovernment.moa.id.moduls.IRequest#getRequestedAttributes() */ @Override - public Collection<String> getRequestedAttributes() { + public Collection<String> getRequestedAttributes(MetadataProvider metadataProvider) { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.commons.api.IRequest#getInternalSSOSessionIdentifier() + */ + @Override + public String getInternalSSOSessionIdentifier() { // TODO Auto-generated method stub return null; } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.commons.api.IRequest#getMOASession() + */ + @Override + public IAuthenticationSession getMOASession() { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.commons.api.IRequest#populateMOASessionWithSSOInformation(at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession) + */ + @Override + public void populateMOASessionWithSSOInformation(IAuthenticationSession ssoSession) { + // TODO Auto-generated method stub + + } diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/DummyTransactionStorage.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/DummyTransactionStorage.java new file mode 100644 index 000000000..ab08c0f5c --- /dev/null +++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/DummyTransactionStorage.java @@ -0,0 +1,147 @@ +package at.gv.egovernment.moa.id.process.spring.test; + +import java.util.ArrayList; +import java.util.Date; +import java.util.Iterator; +import java.util.List; + +import javax.sql.DataSource; + +import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; +import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; +import at.gv.egovernment.moa.id.storage.ITransactionStorage; +import at.gv.egovernment.moa.logging.Logger; + +/** + * Dummy DataSource implementation for convenience in test cases where a + * database connection will never actually be acquired. + * + * @see DataSource + * @author Chris Beams + */ +public class DummyTransactionStorage implements ITransactionStorage { + + public class DummyDBEntry{ + public DummyDBEntry(String key, Object value){ + this.obj =value; + this.key = key; + } + public String getKey() { + return key; + } + public void setKey(String key) { + this.key = key; + } + public Object getObj() { + return obj; + } + public void setObj(Object obj) { + this.obj = obj; + } + private String key; + private Object obj; + } + + private ArrayList<DummyDBEntry> ds = new ArrayList<DummyDBEntry>(); + + + + @Override + public boolean containsKey(String key) { + // TODO Auto-generated method stub + Iterator<DummyDBEntry> it = ds.iterator(); + while(it.hasNext()){ + DummyDBEntry t = it.next(); + if(t.getKey().equals(key)) + return true; + } + return false; + } + + @Override + public void put(String key, Object value, int timeout_ms) + throws MOADatabaseException { + // TODO Auto-generated method stub + this.remove(key); + this.ds.add(new DummyDBEntry(key, value)); + + } + + @Override + public Object get(String key) throws MOADatabaseException { + // TODO Auto-generated method stub + Iterator<DummyDBEntry> it = ds.iterator(); + while(it.hasNext()){ + DummyDBEntry t = it.next(); + if(t.getKey().equals(key)) + return t; + } + return null; + } + + @Override + public <T> T get(String key, Class<T> clazz) throws MOADatabaseException { + + DummyDBEntry o = (DummyDBEntry) get(key); + if(o == null) + return null; + try { + @SuppressWarnings("unchecked") + T test = (T) (clazz.cast(o.getObj())); + return test; + + } catch (Exception e) { + Logger.warn("Sessioninformation Cast-Exception by using Artifact=" + key); + throw new MOADatabaseException("Sessioninformation Cast-Exception"); + + } + } + + @Override + public <T> T get(String key, Class<T> clazz, long dataTimeOut) + throws MOADatabaseException, AuthenticationException { + // TODO Auto-generated method stub + return get(key,clazz); + } + + @Override + public void changeKey(String oldKey, String newKey, Object value) + throws MOADatabaseException { + this.remove(oldKey); + this.put(newKey, value, -1); + + } + + @Override + public void remove(String key) { + Iterator<DummyDBEntry> it = ds.iterator(); + while(it.hasNext()){ + DummyDBEntry t = it.next(); + if(t.getKey().equals(key)){ + this.ds.remove(t); + return; + } + } + + } + + @Override + public List<String> clean(Date now, long dataTimeOut) { + // TODO Auto-generated method stub + return null; + } + + @Override + public Object getAssertionStore(String key) throws MOADatabaseException { + // TODO Auto-generated method stub + return null; + } + + @Override + public void putAssertionStore(Object element) throws MOADatabaseException { + // TODO Auto-generated method stub + + } + + +}
\ No newline at end of file diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionAwareProcessEngineTest.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionAwareProcessEngineTest.java index 2cb2a3278..c06735f9e 100644 --- a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionAwareProcessEngineTest.java +++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionAwareProcessEngineTest.java @@ -18,7 +18,6 @@ import org.springframework.context.ApplicationContext; import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; -import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils; import at.gv.egovernment.moa.id.commons.db.dao.session.AssertionStore; import at.gv.egovernment.moa.id.module.test.TestRequestImpl; import at.gv.egovernment.moa.id.process.ProcessDefinitionParserException; @@ -78,7 +77,7 @@ public class SpringExpressionAwareProcessEngineTest { config.addProperties(props); //config.addAnnotatedClass(ProcessInstanceStore.class); config.addAnnotatedClass(AssertionStore.class); - MOASessionDBUtils.initHibernate(config, props); + //MOASessionDBUtils.initHibernate(config, props); } catch (Exception e) { e.printStackTrace(); } diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/test/ProcessEngineTest.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/test/ProcessEngineTest.java index a7e351e25..6744c0403 100644 --- a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/test/ProcessEngineTest.java +++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/test/ProcessEngineTest.java @@ -17,7 +17,6 @@ import org.springframework.context.ApplicationContext; import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; -import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils; import at.gv.egovernment.moa.id.commons.db.dao.session.AssertionStore; import at.gv.egovernment.moa.id.module.test.TestRequestImpl; import at.gv.egovernment.moa.id.process.ProcessDefinitionParser; @@ -73,7 +72,7 @@ public class ProcessEngineTest { config.addProperties(props); //config.addAnnotatedClass(ProcessInstanceStore.class); config.addAnnotatedClass(AssertionStore.class); - MOASessionDBUtils.initHibernate(config, props); + //MOASessionDBUtils.initHibernate(config, props); } catch (Exception e) { e.printStackTrace(); } diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/storage/test/DBTransactionStorageTest.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/storage/test/DBTransactionStorageTest.java new file mode 100644 index 000000000..4b7f61ef5 --- /dev/null +++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/storage/test/DBTransactionStorageTest.java @@ -0,0 +1,122 @@ +package at.gv.egovernment.moa.id.storage.test; + +import java.io.IOException; + +import javax.xml.parsers.ParserConfigurationException; + +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.context.ApplicationContext; +import org.springframework.context.ConfigurableApplicationContext; +import org.springframework.context.support.FileSystemXmlApplicationContext; +import org.w3c.dom.Element; +import org.xml.sax.SAXException; + +import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; +import at.gv.egovernment.moa.id.storage.DBTransactionStorage; +import at.gv.egovernment.moa.id.storage.ITransactionStorage; +import at.gv.egovernment.moa.util.Constants; +import at.gv.util.DOMUtils; + +public class DBTransactionStorageTest { + + public static void main (String[] args) throws SAXException, IOException, ParserConfigurationException, MOADatabaseException{ + DBTransactionStorageTest t = new DBTransactionStorageTest(); + t.test(); + } + + @Autowired + DBTransactionStorage rts; + + public DBTransactionStorageTest(){ + + } + + + public void test() throws SAXException, IOException, ParserConfigurationException, MOADatabaseException{ + + + ApplicationContext context = new FileSystemXmlApplicationContext("src/test/java/testBeans.xml"); + + + String requestString = + "<?xml version=\"1.0\" encoding=\"UTF-8\" ?>" + + "<samlp:Request xmlns:samlp=\"urn:oasis:names:tc:SAML:1.0:protocol\" xmlns:saml=\"urn:oasis:names:tc:SAML:1.0:assertion\" RequestID=\"123456\" MajorVersion=\"1\" MinorVersion=\"0\" IssueInstant=\"2003-02-13T13:59:00\">" + + "<samlp:AssertionArtifact>WRONGARTIFACT</samlp:AssertionArtifact>" + + "</samlp:Request>"; + Element request = DOMUtils.parseDocument(requestString, false, Constants.ALL_SCHEMA_LOCATIONS, null).getDocumentElement(); + + ITransactionStorage rts = (ITransactionStorage) context.getBean("DBTransactionStorage"); + //GenericToStringSerializer redisStringSerializer = (GenericToStringSerializer) context.getBean("valueObjectSerializer"); + + // rts.getTemplate().setValueSerializer(new GenericToStringSerializer<Object>(Object.class)); + // rts.getTemplate().setHashValueSerializer(new GenericToStringSerializer<Object>(Object.class)); + + int cnt = 10; + int averageCnt = 10; + long putTime = 0, getTime = 0, changeTime = 0, removeTime = 0; + long total = 0; + for(int a=0;a<averageCnt;a++){ + long totalPerRound = 0; + + System.out.println("Starting MySql store operation."); + long start = System.currentTimeMillis(); + for(int i=0; i<cnt;i++) + rts.put("test"+i, request,-1); + long end = System.currentTimeMillis(); + putTime += end-start; + System.out.println("MySql store operation done in "+(end-start)+" ms."); + totalPerRound+=(end-start); + + Element test; + System.out.println("Starting MySql get operation."); + start = System.currentTimeMillis(); + for(int i=0; i<cnt;i++) + test = (Element)rts.get("test"+i); + end = System.currentTimeMillis(); + getTime += end-start; + System.out.println("MySql get operation done in "+(end-start)+" ms."); + totalPerRound+=(end-start); + //Element test = (Element)rts.get("test0"); + //System.out.println("Read Element from Redis Store: "+test.getTextContent()); + + String requestString2 = + "<?xml version=\"1.0\" encoding=\"UTF-8\" ?>" + + "<samlp:Request xmlns:samlp=\"urn:oasis:names:tc:SAML:1.0:protocol\" xmlns:saml=\"urn:oasis:names:tc:SAML:1.0:assertion\" RequestID=\"test_new\" MajorVersion=\"1\" MinorVersion=\"0\" IssueInstant=\"2003-02-13T13:59:00\">" + + "<samlp:AssertionArtifact>WRONGARTIFACT</samlp:AssertionArtifact>" + + "</samlp:Request>"; + Element request2 = DOMUtils.parseDocument(requestString2, false, Constants.ALL_SCHEMA_LOCATIONS, null).getDocumentElement(); + + System.out.println("Starting MySql change operation."); + start = System.currentTimeMillis(); + for(int i=0; i<cnt;i++) + rts.changeKey("test"+i, "test_new"+i, request2); + end = System.currentTimeMillis(); + changeTime += end-start; + System.out.println("MySql change operation done in "+(end-start)+" ms."); + totalPerRound+=(end-start); + + + + System.out.println("Starting MySql remove operation."); + start = System.currentTimeMillis(); + for(int i=0; i<cnt;i++) + rts.remove("test_new"+i); + end = System.currentTimeMillis(); + removeTime += end-start; + System.out.println("MySql remove operation done in "+(end-start)+" ms."); + totalPerRound+=(end-start); + total+=totalPerRound; + + System.out.println("Redis Total Time in this round: "+totalPerRound+" ms."); + System.out.println("______________________________________________________"); + } + System.out.println("______________________________________________________"); + System.out.println("Redis average get time over " + averageCnt +" rounds: "+getTime/averageCnt+" ms."); + System.out.println("Redis average put time over " + averageCnt +" rounds: "+putTime/averageCnt+" ms."); + System.out.println("Redis average change time over " + averageCnt +" rounds: "+changeTime/averageCnt+" ms."); + System.out.println("Redis average remove time over " + averageCnt +" rounds: "+removeTime/averageCnt+" ms."); + System.out.println("Redis average total time over " + averageCnt +" rounds: "+total/averageCnt+" ms."); + ((ConfigurableApplicationContext)context).close(); + } + +} diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/storage/test/RedisTransactionMultiThreadTest.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/storage/test/RedisTransactionMultiThreadTest.java new file mode 100644 index 000000000..60b55f497 --- /dev/null +++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/storage/test/RedisTransactionMultiThreadTest.java @@ -0,0 +1,130 @@ +package at.gv.egovernment.moa.id.storage.test; + +import java.io.IOException; + +import javax.xml.parsers.ParserConfigurationException; + +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.context.ApplicationContext; +import org.springframework.context.ConfigurableApplicationContext; +import org.springframework.context.support.FileSystemXmlApplicationContext; +import org.springframework.core.task.TaskExecutor; +import org.w3c.dom.Element; +import org.xml.sax.SAXException; + +import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; +import at.gv.egovernment.moa.id.storage.RedisTransactionStorage; +import at.gv.egovernment.moa.util.Constants; +import at.gv.util.DOMUtils; + +public class RedisTransactionMultiThreadTest { + + private ApplicationContext context; + + public RedisTransactionMultiThreadTest() throws SAXException, IOException, ParserConfigurationException, MOADatabaseException{ + this.context = new FileSystemXmlApplicationContext("src/test/java/testBeans.xml"); + TaskExecutor te = (TaskExecutor) context.getBean("taskExecutor"); + + for(int i=0;i<50;i++){ + te.execute(new RedisTask("Task"+i)); + } + + + } + + public static void main(String[] args) throws SAXException, IOException, ParserConfigurationException, MOADatabaseException{ + + RedisTransactionMultiThreadTest t = new RedisTransactionMultiThreadTest(); + System.out.println("End"); + +// String requestString = +// "<?xml version=\"1.0\" encoding=\"UTF-8\" ?>" + +// "<samlp:Request xmlns:samlp=\"urn:oasis:names:tc:SAML:1.0:protocol\" xmlns:saml=\"urn:oasis:names:tc:SAML:1.0:assertion\" RequestID=\"123456\" MajorVersion=\"1\" MinorVersion=\"0\" IssueInstant=\"2003-02-13T13:59:00\">" + +// "<samlp:AssertionArtifact>WRONGARTIFACT</samlp:AssertionArtifact>" + +// "</samlp:Request>"; +// Element request = DOMUtils.parseDocument(requestString, false, Constants.ALL_SCHEMA_LOCATIONS, null).getDocumentElement(); +// +// +// +// +// RedisTransactionStorage rts = (RedisTransactionStorage) context.getBean("TransactionStorage"); +// //GenericToStringSerializer redisStringSerializer = (GenericToStringSerializer) context.getBean("valueObjectSerializer"); +// +//// rts.getTemplate().setValueSerializer(new GenericToStringSerializer<Object>(Object.class)); +//// rts.getTemplate().setHashValueSerializer(new GenericToStringSerializer<Object>(Object.class)); +// +// +// rts.put("test", request,-1); +// System.out.println("Redis store operation done!"); +// +// Element test = (Element)rts.get("test"); +// System.out.println("Read Element from Redis Store: "+test.getTextContent()); +// +// String requestString2 = +// "<?xml version=\"1.0\" encoding=\"UTF-8\" ?>" + +// "<samlp:Request xmlns:samlp=\"urn:oasis:names:tc:SAML:1.0:protocol\" xmlns:saml=\"urn:oasis:names:tc:SAML:1.0:assertion\" RequestID=\"test_new\" MajorVersion=\"1\" MinorVersion=\"0\" IssueInstant=\"2003-02-13T13:59:00\">" + +// "<samlp:AssertionArtifact>WRONGARTIFACT</samlp:AssertionArtifact>" + +// "</samlp:Request>"; +// Element request2 = DOMUtils.parseDocument(requestString2, false, Constants.ALL_SCHEMA_LOCATIONS, null).getDocumentElement(); +// +// +// rts.changeKey("test", "test_new", request2); +// +// rts.remove("test"); +// rts.remove("test_new"); +// +// ((ConfigurableApplicationContext)context).close(); + } + + private class RedisTask implements Runnable { + + private String message; + + public RedisTask(String message) throws SAXException, IOException, ParserConfigurationException, MOADatabaseException { + + this.message = message; + + + + } + + public void run() { + String requestString = + "<?xml version=\"1.0\" encoding=\"UTF-8\" ?>" + + "<samlp:Request xmlns:samlp=\"urn:oasis:names:tc:SAML:1.0:protocol\" xmlns:saml=\"urn:oasis:names:tc:SAML:1.0:assertion\" RequestID=\"123456\" MajorVersion=\"1\" MinorVersion=\"0\" IssueInstant=\"2003-02-13T13:59:00\">" + + "<samlp:AssertionArtifact>WRONGARTIFACT</samlp:AssertionArtifact>" + + "</samlp:Request>"; + + Element request = null; + try { + request = DOMUtils.parseDocument(requestString, false, Constants.ALL_SCHEMA_LOCATIONS, null).getDocumentElement(); + } catch (SAXException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + return; + } catch (IOException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + return; + } catch (ParserConfigurationException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + return; + } + + RedisTransactionStorage rts = (RedisTransactionStorage) context.getBean("RedisTransactionStorage"); + + try { + rts.put(message, request,-1); + rts.changeKey(message, message+"n", request); + } catch (MOADatabaseException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + return; + } + System.out.println("Done with task "+message); + } + + } + +} diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/storage/test/RedisTransactionStorageTest.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/storage/test/RedisTransactionStorageTest.java new file mode 100644 index 000000000..e957ffe05 --- /dev/null +++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/storage/test/RedisTransactionStorageTest.java @@ -0,0 +1,116 @@ +package at.gv.egovernment.moa.id.storage.test; + +import java.io.IOException; + +import javax.xml.parsers.ParserConfigurationException; + +import org.springframework.context.ApplicationContext; +import org.springframework.context.ConfigurableApplicationContext; +import org.springframework.context.support.FileSystemXmlApplicationContext; +import org.w3c.dom.Element; +import org.xml.sax.SAXException; + +import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; +import at.gv.egovernment.moa.id.storage.DBTransactionStorage; +import at.gv.egovernment.moa.id.storage.RedisTransactionStorage; +import at.gv.egovernment.moa.util.Constants; +import at.gv.util.DOMUtils; + +public class RedisTransactionStorageTest { + + + public RedisTransactionStorageTest(){ + + } + + public static void main(String[] args) throws SAXException, IOException, ParserConfigurationException, MOADatabaseException{ + + + ApplicationContext context = new FileSystemXmlApplicationContext("src/test/java/testBeans.xml"); + + + String requestString = + "<?xml version=\"1.0\" encoding=\"UTF-8\" ?>" + + "<samlp:Request xmlns:samlp=\"urn:oasis:names:tc:SAML:1.0:protocol\" xmlns:saml=\"urn:oasis:names:tc:SAML:1.0:assertion\" RequestID=\"123456\" MajorVersion=\"1\" MinorVersion=\"0\" IssueInstant=\"2003-02-13T13:59:00\">" + + "<samlp:AssertionArtifact>WRONGARTIFACT</samlp:AssertionArtifact>" + + "</samlp:Request>"; + Element request = DOMUtils.parseDocument(requestString, false, Constants.ALL_SCHEMA_LOCATIONS, null).getDocumentElement(); + + RedisTransactionStorage rts = (RedisTransactionStorage) context.getBean("RedisTransactionStorage"); + //GenericToStringSerializer redisStringSerializer = (GenericToStringSerializer) context.getBean("valueObjectSerializer"); + + // rts.getTemplate().setValueSerializer(new GenericToStringSerializer<Object>(Object.class)); + // rts.getTemplate().setHashValueSerializer(new GenericToStringSerializer<Object>(Object.class)); + + int cnt = 100; + int averageCnt = 10; + long putTime = 0, getTime = 0, changeTime = 0, removeTime = 0; + long total = 0; + for(int a=0;a<averageCnt;a++){ + long totalPerRound = 0; + + System.out.println("Starting Redis store operation."); + long start = System.currentTimeMillis(); + for(int i=0; i<cnt;i++) + rts.put("test"+i, request,-1); + long end = System.currentTimeMillis(); + putTime += end-start; + System.out.println("Redis store operation done in "+(end-start)+" ms."); + totalPerRound+=(end-start); + + Element test; + System.out.println("Starting Redis get operation."); + start = System.currentTimeMillis(); + for(int i=0; i<cnt;i++) + test = (Element)rts.get("test"+i); + end = System.currentTimeMillis(); + getTime += end-start; + System.out.println("Redis get operation done in "+(end-start)+" ms."); + totalPerRound+=(end-start); + //Element test = (Element)rts.get("test0"); + //System.out.println("Read Element from Redis Store: "+test.getTextContent()); + + String requestString2 = + "<?xml version=\"1.0\" encoding=\"UTF-8\" ?>" + + "<samlp:Request xmlns:samlp=\"urn:oasis:names:tc:SAML:1.0:protocol\" xmlns:saml=\"urn:oasis:names:tc:SAML:1.0:assertion\" RequestID=\"test_new\" MajorVersion=\"1\" MinorVersion=\"0\" IssueInstant=\"2003-02-13T13:59:00\">" + + "<samlp:AssertionArtifact>WRONGARTIFACT</samlp:AssertionArtifact>" + + "</samlp:Request>"; + Element request2 = DOMUtils.parseDocument(requestString2, false, Constants.ALL_SCHEMA_LOCATIONS, null).getDocumentElement(); + + System.out.println("Starting Redis change operation."); + start = System.currentTimeMillis(); + for(int i=0; i<cnt;i++) + rts.changeKey("test"+i, "test_new"+i, request2); + end = System.currentTimeMillis(); + changeTime += end-start; + System.out.println("Redis change operation done in "+(end-start)+" ms."); + totalPerRound+=(end-start); + + + + System.out.println("Starting Redis remove operation."); + start = System.currentTimeMillis(); + for(int i=0; i<cnt;i++) + rts.remove("test_new"+i); + end = System.currentTimeMillis(); + removeTime += end-start; + System.out.println("Redis remove operation done in "+(end-start)+" ms."); + totalPerRound+=(end-start); + total+=totalPerRound; + + System.out.println("Redis Total Time in this round: "+totalPerRound+" ms."); + System.out.println("______________________________________________________"); + } + System.out.println("______________________________________________________"); + System.out.println("Redis average get time over " + averageCnt +" rounds: "+getTime/averageCnt+" ms."); + System.out.println("Redis average put time over " + averageCnt +" rounds: "+putTime/averageCnt+" ms."); + System.out.println("Redis average change time over " + averageCnt +" rounds: "+changeTime/averageCnt+" ms."); + System.out.println("Redis average remove time over " + averageCnt +" rounds: "+removeTime/averageCnt+" ms."); + System.out.println("Redis average total time over " + averageCnt +" rounds: "+total/averageCnt+" ms."); + + ((ConfigurableApplicationContext)context).close(); + + + } + +} diff --git a/id/server/idserverlib/src/test/java/test/tlenz/simpletest.java b/id/server/idserverlib/src/test/java/test/tlenz/simpletest.java index 2c80b7ffd..05cd74ed2 100644 --- a/id/server/idserverlib/src/test/java/test/tlenz/simpletest.java +++ b/id/server/idserverlib/src/test/java/test/tlenz/simpletest.java @@ -1,23 +1,23 @@ package test.tlenz; -import java.io.File; import java.io.FileInputStream; -import java.io.InputStream; -import java.io.ObjectInputStream; -import java.net.URI; -import java.net.URISyntaxException; +import java.util.HashMap; +import java.util.List; -import org.w3c.dom.Element; +import org.apache.commons.io.IOUtils; +import org.w3c.dom.NodeList; -import iaik.asn1.structures.Name; -import iaik.utils.RFC2253NameParser; -import iaik.utils.RFC2253NameParserException; -import at.gv.egovernment.moa.id.auth.data.IdentityLink; -import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser; -import at.gv.egovernment.moa.id.data.AuthenticationRole; -import at.gv.egovernment.moa.id.data.AuthenticationRoleFactory; -import at.gv.egovernment.moa.id.util.IdentityLinkReSigner; -import at.gv.egovernment.moa.util.DOMUtils; +import at.gv.egovernment.moa.spss.api.SPSSFactory; +import at.gv.egovernment.moa.spss.api.SignatureVerificationService; +import at.gv.egovernment.moa.spss.api.common.Content; +import at.gv.egovernment.moa.spss.api.common.ContentBinary; +import at.gv.egovernment.moa.spss.api.common.ContentXML; +import at.gv.egovernment.moa.spss.api.common.InputData; +import at.gv.egovernment.moa.spss.api.common.SignerInfo; +import at.gv.egovernment.moa.spss.api.xmlverify.VerifySignatureInfo; +import at.gv.egovernment.moa.spss.api.xmlverify.VerifySignatureLocation; +import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureRequest; +import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureResponse; /******************************************************************************* * Copyright 2014 Federal Chancellery Austria @@ -62,71 +62,130 @@ import at.gv.egovernment.moa.util.DOMUtils; public class simpletest { // public static void main(String[] args) { - - URI fileURI = null; - try { - fileURI = new URI("file:c:/moa3/tomcat8/conf/moa-id/moa-id.properties"); - File propertiesFile = new File(fileURI); + try { + FileInputStream sigDocFIS = null; + sigDocFIS = new FileInputStream("D:/idl_test/identity_link.xml"); - InputStream in = new FileInputStream(propertiesFile); - ObjectInputStream testOIS = new ObjectInputStream(in); + SPSSFactory spssFac = SPSSFactory.getInstance(); + SignatureVerificationService sigVerifyService = SignatureVerificationService.getInstance(); + Content sigDocContent = spssFac.createContent(sigDocFIS, null); + + + // Position der zu pruefenden Signatur + HashMap nSMap = new HashMap(); + nSMap.put("dsig", "http://www.w3.org/2000/09/xmldsig#"); + VerifySignatureLocation sigLocation = spssFac.createVerifySignatureLocation("//dsig:Signature", nSMap); + + // Pruefrequest zusammenstellen + VerifySignatureInfo sigInfo = spssFac.createVerifySignatureInfo(sigDocContent, sigLocation); + VerifyXMLSignatureRequest verifyRequest = spssFac.createVerifyXMLSignatureRequest( + null, // Verwende aktuelle Zeit als Pruefzeit + sigInfo, + null, // Keine Ergaenzungsobjekte + null, // Signaturmanifest-Pruefung soll nicht durchgefuehrt werden + true, // Hash-Inputdaten, d.h. tatsaechlich signierte Daten werden nicht zurueckgeliefert + "MOAIDBuergerkarteAuthentisierungsDaten"); + + + VerifyXMLSignatureResponse verifyResponse = null; + verifyResponse = sigVerifyService.verifyXMLSignature(verifyRequest); + + SignerInfo signerInfo = verifyResponse.getSignerInfo(); + String signerCertificateEncoded = null; + + List hashInputDatas = verifyResponse.getHashInputDatas(); + if (hashInputDatas != null && !hashInputDatas.isEmpty()) { + for (Object el : hashInputDatas) { + InputData inputData = (InputData) el; + switch (inputData.getContentType()) { + case Content.XML_CONTENT : + ContentXML contentXml = (ContentXML) inputData; + NodeList input_XML = contentXml.getXMLContent(); + + break; + case Content.BINARY_CONTENT : + ContentBinary contentBinary = (ContentBinary) inputData; + String input_Binary = IOUtils.toString(contentBinary.getBinaryContent()); + + } + } + } + + - Object test = testOIS.readObject(); + } catch (Exception e) { - } catch (Exception e1) { - e1.printStackTrace(); - } - - try { - fileURI = new URI("file:/c:/moa3/tomcat8/conf/moa-id/moa-id.properties"); - File propertiesFile = new File(fileURI); - } catch (Exception e1) { - e1.printStackTrace(); - } - - try { - fileURI = new URI("file://c:/moa3/tomcat8/conf/moa-id/moa-id.properties"); - File propertiesFile = new File(fileURI); - } catch (Exception e1) { - e1.printStackTrace(); - } - - try { - fileURI = new URI("file:///c:/moa3/tomcat8/conf/moa-id/moa-id.properties"); - File propertiesFile = new File(fileURI); - } catch (Exception e1) { - e1.printStackTrace(); } - try { - InputStream s = new FileInputStream("D:/idl_test/identity_link.xml"); - Element idlTemplate = DOMUtils.parseXmlValidating(s); - - //resign IDL - IdentityLinkReSigner identitylinkresigner = IdentityLinkReSigner.getInstance(); - Element resignedilAssertion = identitylinkresigner.resignIdentityLink(idlTemplate, "IDLSigning"); - IdentityLink identityLink = new IdentityLinkAssertionParser(resignedilAssertion).parseIdentityLink(); - - } catch (Exception e) { - System.out.println(e.getMessage()); - - } - String subjectName = "serialNumber=896929130327, givenName=OCSP, SN=Responder 03-1, CN=OCSP Responder 03-1, C=AT"; - try { - Name test = new RFC2253NameParser(subjectName).parse(); - - System.out.println(test.getRFC2253String()); - - } catch (RFC2253NameParserException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } +// URI fileURI = null; +// try { +// fileURI = new URI("file:c:/moa3/tomcat8/conf/moa-id/moa-id.properties"); +// File propertiesFile = new File(fileURI); +// +// InputStream in = new FileInputStream(propertiesFile); +// ObjectInputStream testOIS = new ObjectInputStream(in); +// +// Object test = testOIS.readObject(); +// +// +// } catch (Exception e1) { +// e1.printStackTrace(); +// } +// +// try { +// fileURI = new URI("file:/c:/moa3/tomcat8/conf/moa-id/moa-id.properties"); +// File propertiesFile = new File(fileURI); +// } catch (Exception e1) { +// e1.printStackTrace(); +// } +// +// try { +// fileURI = new URI("file://c:/moa3/tomcat8/conf/moa-id/moa-id.properties"); +// File propertiesFile = new File(fileURI); +// } catch (Exception e1) { +// e1.printStackTrace(); +// } +// +// try { +// fileURI = new URI("file:///c:/moa3/tomcat8/conf/moa-id/moa-id.properties"); +// File propertiesFile = new File(fileURI); +// } catch (Exception e1) { +// e1.printStackTrace(); +// } +// +// +// +// try { +// InputStream s = new FileInputStream("D:/idl_test/identity_link.xml"); +// Element idlTemplate = DOMUtils.parseXmlValidating(s); +// +// //resign IDL +// IdentityLinkReSigner identitylinkresigner = IdentityLinkReSigner.getInstance(); +// Element resignedilAssertion = identitylinkresigner.resignIdentityLink(idlTemplate, "IDLSigning"); +// IdentityLink identityLink = new IdentityLinkAssertionParser(resignedilAssertion).parseIdentityLink(); +// +// } catch (Exception e) { +// System.out.println(e.getMessage()); +// +// } +// +// String subjectName = "serialNumber=896929130327, givenName=OCSP, SN=Responder 03-1, CN=OCSP Responder 03-1, C=AT"; +// +// try { +// Name test = new RFC2253NameParser(subjectName).parse(); +// +// System.out.println(test.getRFC2253String()); +// +// } catch (RFC2253NameParserException e) { +// // TODO Auto-generated catch block +// e.printStackTrace(); +// } // AuthenticationRole test = AuthenticationRoleFactory.buildFormPVPole("ecas-demo-EUROPEAN_COMMISSION(key=A\\,B)"); diff --git a/id/server/idserverlib/src/test/java/testBeans.xml b/id/server/idserverlib/src/test/java/testBeans.xml new file mode 100644 index 000000000..238a571cb --- /dev/null +++ b/id/server/idserverlib/src/test/java/testBeans.xml @@ -0,0 +1,130 @@ +<?xml version="1.0" encoding="UTF-8"?> +<beans xmlns="http://www.springframework.org/schema/beans" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xmlns:context="http://www.springframework.org/schema/context" + xmlns:tx="http://www.springframework.org/schema/tx" + xmlns:aop="http://www.springframework.org/schema/aop" + xmlns:p="http://www.springframework.org/schema/p" + xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd + http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd + http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd + http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd"> + +<context:annotation-config /> + <bean id="configPropertyDao" + class="at.gv.egovernment.moa.id.commons.db.dao.config.DatabaseConfigPropertyImpl"/> + + <bean id="moaidconfig" class="at.gv.egovernment.moa.id.commons.config.persistence.MOAIDConfigurationImpl" /> + + <bean name="config" id="entityManagerFactory" class="org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean"> + <property name="dataSource" ref="dataSource" /> + <property name="jpaVendorAdapter" ref="jpaVendorAdapter" /> + <property name="persistenceUnitName" value="config" /> + </bean> + + <bean name="transactionManager" id="transactionManager" class="org.springframework.orm.jpa.JpaTransactionManager"> + <property name="entityManagerFactory" ref="entityManagerFactory" /> + </bean> + <tx:annotation-driven transaction-manager="transactionManager"/> + + <bean id="RedisTransactionStorage" + class="at.gv.egovernment.moa.id.storage.RedisTransactionStorage"/> + + <bean id="DBTransactionStorage" + class="at.gv.egovernment.moa.id.storage.DBTransactionStorage"/> + + <!-- Redis Beans --> + <bean id="jedisConnFactory" + class="org.springframework.data.redis.connection.jedis.JedisConnectionFactory" + p:use-pool="true" + p:poolConfig-ref="jedisPoolConfig"/> + + <bean id="jedisPoolConfig" + class="redis.clients.jedis.JedisPoolConfig" + p:maxTotal="100" + p:maxIdle="10"/> + + <bean id="RedisStringSerializer" class="org.springframework.data.redis.serializer.StringRedisSerializer" /> + <bean id="assertionStoreSerializer" class="org.springframework.data.redis.serializer.JacksonJsonRedisSerializer"> + <constructor-arg type="java.lang.Class" value="at.gv.egovernment.moa.id.commons.db.dao.session.AssertionStore"/> + </bean> + + <bean id="redisTemplate" + class="org.springframework.data.redis.core.RedisTemplate" + p:connection-factory-ref="jedisConnFactory" + p:value-serializer-ref="RedisStringSerializer" + p:key-serializer-ref="RedisStringSerializer" + p:enableTransactionSupport="true"/> + + <context:property-placeholder location="${moa.id.configuration}"/> + + <bean id="moaidauthconfig" class="at.gv.egovernment.moa.id.config.auth.PropertyBasedAuthConfigurationProvider"> + <constructor-arg value="#{systemProperties['moa.id.configuration']}"/> + </bean> + + <bean id="dataSource" class="org.apache.commons.dbcp2.BasicDataSource" lazy-init="true" destroy-method="close"> + <aop:scoped-proxy/> + <property name="driverClassName" value="${configuration.hibernate.connection.driver_class}" /> + <property name="url" value="${configuration.hibernate.connection.url}"/> + <property name="username" value="${configuration.hibernate.connection.username}" /> + <property name="password" value="${configuration.hibernate.connection.password}" /> + + <property name="connectionProperties" value="${configuration.dbcp.connectionProperties}" /> + <property name="initialSize" value="${configuration.dbcp.initialSize}" /> + <property name="maxTotal" value="${configuration.dbcp.maxActive}" /> + <property name="maxIdle" value="${configuration.dbcp.maxIdle}" /> + <property name="minIdle" value="${configuration.dbcp.minIdle}" /> + <!-- property name="maxWait" value="${configuration.dbcp.maxWaitMillis}" / --> + <property name="testOnBorrow" value="${configuration.dbcp.testOnBorrow}" /> + <property name="testOnReturn" value="${configuration.dbcp.testOnReturn}" /> + <property name="testWhileIdle" value="${configuration.dbcp.testWhileIdle}" /> + <property name="validationQuery" value="${configuration.dbcp.validationQuery}" /> + </bean> + + <bean id="jpaVendorAdapter" class="org.springframework.orm.jpa.vendor.HibernateJpaVendorAdapter"> + <property name="showSql" value="${configuration.hibernate.show_sql}" /> + <property name="generateDdl" value="${configuration.jpaVendorAdapter.generateDdl}" /> + <property name="databasePlatform" value="${configuration.hibernate.dialect}" /> + </bean> + + <bean id="taskExecutor" class="org.springframework.scheduling.concurrent.ThreadPoolTaskExecutor"> + <property name="corePoolSize" value="1" /> + <property name="maxPoolSize" value="50" /> + <property name="queueCapacity" value="50" /> + </bean> + + <bean id="sessionDataSource" class="org.apache.commons.dbcp2.BasicDataSource" lazy-init="true" destroy-method="close"> + <aop:scoped-proxy/> + <property name="driverClassName" value="${moasession.hibernate.connection.driver_class}" /> + <property name="url" value="${moasession.hibernate.connection.url}"/> + <property name="username" value="${moasession.hibernate.connection.username}" /> + <property name="password" value="${moasession.hibernate.connection.password}" /> + + <property name="connectionProperties" value="${moasession.dbcp.connectionProperties}" /> + <property name="initialSize" value="${moasession.dbcp.initialSize}" /> + <property name="maxTotal" value="${moasession.dbcp.maxActive}" /> + <property name="maxIdle" value="${moasession.dbcp.maxIdle}" /> + <property name="minIdle" value="${moasession.dbcp.minIdle}" /> + <!-- property name="maxWait" value="${moasession.dbcp.maxWaitMillis}" / --> + <property name="testOnBorrow" value="${moasession.dbcp.testOnBorrow}" /> + <property name="testOnReturn" value="${moasession.dbcp.testOnReturn}" /> + <property name="testWhileIdle" value="${moasession.dbcp.testWhileIdle}" /> + <property name="validationQuery" value="${moasession.dbcp.validationQuery}" /> + </bean> + + <bean id="sessionJpaVendorAdapter" class="org.springframework.orm.jpa.vendor.HibernateJpaVendorAdapter"> + <property name="showSql" value="${moasession.hibernate.show_sql}" /> + <property name="generateDdl" value="${moasession.jpaVendorAdapter.generateDdl}" /> + <property name="databasePlatform" value="${moasession.hibernate.dialect}" /> + </bean> + + <bean name="sessionEntityManagerFactory" id="sessionEntityManagerFactory" class="org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean"> + <property name="dataSource" ref="sessionDataSource" /> + <property name="jpaVendorAdapter" ref="sessionJpaVendorAdapter" /> + <property name="persistenceUnitName" value="session" /> + </bean> + + <bean name="sessionTransactionManager" id="sessionTransactionManager" class="org.springframework.orm.jpa.JpaTransactionManager"> + <property name="entityManagerFactory" ref="sessionEntityManagerFactory" /> + </bean> +</beans>
\ No newline at end of file diff --git a/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionAwareProcessEngineTest-context.xml b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionAwareProcessEngineTest-context.xml index bf47c0445..7d9db0ab7 100644 --- a/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionAwareProcessEngineTest-context.xml +++ b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionAwareProcessEngineTest-context.xml @@ -1,9 +1,13 @@ <?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xmlns:task="http://www.springframework.org/schema/task" - xsi:schemaLocation="http://www.springframework.org/schema/task http://www.springframework.org/schema/task/spring-task.xsd - http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd"> + xmlns:context="http://www.springframework.org/schema/context" + xmlns:tx="http://www.springframework.org/schema/tx" + xmlns:aop="http://www.springframework.org/schema/aop" + xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd + http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd + http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd + http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd"> <bean id="springElAwareExpressionEvaluator" class="at.gv.egovernment.moa.id.process.spring.SpringExpressionEvaluator" /> @@ -12,7 +16,7 @@ </bean> <bean id="TransactionStorage" - class="at.gv.egovernment.moa.id.storage.DBTransactionStorage"/> + class="at.gv.egovernment.moa.id.process.spring.test.DummyTransactionStorage"/> <bean id="ProcessInstanceStoreage" class="at.gv.egovernment.moa.id.process.dao.ProcessInstanceStoreDAOImpl"/> @@ -40,4 +44,5 @@ <bean id="ValidateSignedAuthBlockTask" class="at.gv.egovernment.moa.id.process.spring.test.task.ValidateSignedAuthBlockTask"/> + </beans> diff --git a/id/server/moa-id-commons/pom.xml b/id/server/moa-id-commons/pom.xml index ea9e06fd6..a3d902262 100644 --- a/id/server/moa-id-commons/pom.xml +++ b/id/server/moa-id-commons/pom.xml @@ -56,6 +56,10 @@ <dependencies> <dependency> + <groupId>MOA.id.server</groupId> + <artifactId>moa-id-jaxb_classes</artifactId> + </dependency> + <dependency> <groupId>at.gv.util</groupId> <artifactId>egovutils</artifactId> <exclusions> @@ -97,16 +101,18 @@ <groupId>iaik.prod</groupId> <artifactId>iaik_jce_full</artifactId> </dependency> - <dependency> - <groupId>iaik.prod</groupId> - <artifactId>iaik_moa</artifactId> - </dependency> + <dependency> + <groupId>MOA.id</groupId> + <artifactId>moa-spss-container</artifactId> + <version>${moa-id-version}</version> + </dependency> + <dependency> <groupId>iaik.prod</groupId> <artifactId>iaik_X509TrustManager</artifactId> </dependency> - + <dependency> <groupId>joda-time</groupId> <artifactId>joda-time</artifactId> @@ -142,17 +148,17 @@ <groupId>org.hibernate</groupId> <artifactId>hibernate-core</artifactId> <version>${hibernate.version}</version> - </dependency> - <dependency> + </dependency> + <!-- dependency> <groupId>org.hibernate</groupId> <artifactId>hibernate-c3p0</artifactId> <version>${hibernate.version}</version> - </dependency> - <dependency> + </dependency--> +<!-- <dependency> <groupId>org.hibernate</groupId> <artifactId>hibernate-entitymanager</artifactId> <version>${hibernate.version}</version> - </dependency> + </dependency> --> <dependency> <groupId>jaxen</groupId> @@ -232,6 +238,17 @@ <groupId>org.springframework</groupId> <artifactId>spring-orm</artifactId> </dependency> + <dependency> + <groupId>org.springframework</groupId> + <artifactId>spring-tx</artifactId> + <version>${org.springframework.version}</version> + </dependency> + <dependency> + <groupId>org.springframework.data</groupId> + <artifactId>spring-data-jpa</artifactId> + <version>1.10.4.RELEASE</version> + </dependency> + <dependency> <groupId>com.fasterxml.jackson.core</groupId> diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/MOAIDConstants.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/MOAIDConstants.java index 6726aacb5..6d573efe8 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/MOAIDConstants.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/MOAIDConstants.java @@ -40,11 +40,13 @@ public class MOAIDConstants { public static final String PREFIX_WPBK = "urn:publicid:gv.at:wbpk+"; public static final String PREFIX_STORK = "urn:publicid:gv.at:storkid+"; + public static final String PREFIX_EIDAS = "urn:publicid:gv.at:eidasid+"; public static final String IDENIFICATIONTYPE_FN = "FN"; public static final String IDENIFICATIONTYPE_ERSB = "ERSB"; public static final String IDENIFICATIONTYPE_ZVR = "ZVR"; public static final String IDENIFICATIONTYPE_STORK = "STORK"; + public static final String IDENIFICATIONTYPE_EIDAS = "eIDAS"; public static final String KEYBOXIDENTIFIER_SECURE = "SecureSignatureKeypair"; public static final String KEYBOXIDENTIFIER_CERTIFIED = "CertifiedKeypair"; @@ -61,16 +63,22 @@ public class MOAIDConstants { public static final List<String> ALLOWED_KEYBOXIDENTIFIER; public static final List<String> ALLOWED_REDIRECTTARGETNAMES; public static final List<String> ALLOWED_STORKATTRIBUTEPROVIDERS; + public static final List<String> ALLOWED_eIDAS_LOA; public static final List<String> JDBC_DRIVER_NEEDS_WORKAROUND; public static final String UNIQUESESSIONIDENTIFIER = "uniqueSessionIdentifier"; + public static final String eIDAS_LOA_LOW = "http://eidas.europa.eu/LoA/low"; + public static final String eIDAS_LOA_SUBSTANTIAL = "http://eidas.europa.eu/LoA/substantial"; + public static final String eIDAS_LOA_HIGH = "http://eidas.europa.eu/LoA/high"; + static { Hashtable<String, String> tmp = new Hashtable<String, String>(); tmp.put(IDENIFICATIONTYPE_FN, "Firmenbuchnummer"); tmp.put(IDENIFICATIONTYPE_ZVR, "Vereinsnummer"); tmp.put(IDENIFICATIONTYPE_ERSB, "ERsB Kennzahl"); tmp.put(IDENIFICATIONTYPE_STORK, "STORK"); + tmp.put(IDENIFICATIONTYPE_EIDAS, "eIDAS"); BUSINESSSERVICENAMES = Collections.unmodifiableMap(tmp); List<String> awbpk = new ArrayList<String>(); @@ -87,6 +95,12 @@ public class MOAIDConstants { keyboxIDs.add(KEYBOXIDENTIFIER_CERTIFIED); ALLOWED_KEYBOXIDENTIFIER = Collections.unmodifiableList(keyboxIDs); + List<String> eIDASLOA = new ArrayList<String>(); + eIDASLOA.add(eIDAS_LOA_LOW); + eIDASLOA.add(eIDAS_LOA_SUBSTANTIAL); + eIDASLOA.add(eIDAS_LOA_HIGH); + ALLOWED_eIDAS_LOA = Collections.unmodifiableList(eIDASLOA); + List<String> redirectTargets = new ArrayList<String>(); redirectTargets.add(REDIRECTTARGET_BLANK); redirectTargets.add(REDIRECTTARGET_PARENT); diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/AuthConfiguration.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/AuthConfiguration.java index 6b51c8683..2a8f8727a 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/AuthConfiguration.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/AuthConfiguration.java @@ -31,6 +31,16 @@ public interface AuthConfiguration extends ConfigurationProvider{ */ public String getBasicMOAIDConfiguration(final String key); + + /** + * Get a configuration value from basic file based MOA-ID configuration + * + * @param key configuration key + * @param defaultValue Default value if no value with this key is found + * @return configuration value + */ + public String getBasicMOAIDConfiguration(final String key, final String defaultValue); + public int getTransactionTimeOut(); public int getSSOCreatedTimeOut(); public int getSSOUpdatedTimeOut(); diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/ConfigurationProvider.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/ConfigurationProvider.java index ca0a56049..e14f9c9ce 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/ConfigurationProvider.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/ConfigurationProvider.java @@ -60,7 +60,12 @@ public interface ConfigurationProvider { public String getTrustedCACertificates(); - public String getCertstoreDirectory(); - public boolean isTrustmanagerrevoationchecking(); + + /** + * Get active Spring profiles from file based configuration + * + * @return Array of currently configurated Spring profiles + */ + public String[] getActiveProfiles(); } diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/IOAAuthParameters.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/IOAAuthParameters.java index be6d34275..1aea8d7b6 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/IOAAuthParameters.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/IOAAuthParameters.java @@ -152,7 +152,12 @@ public interface IOAAuthParameters { */ public boolean isShowStorkLogin(); - public Integer getQaaLevel(); + /** + * Return the eIDAS LoA which is minimum required + * + * @return eIDAS LoA as URL identifier + */ + public String getQaaLevel(); public boolean isRequireConsentForStorkAttributes(); diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/IRequest.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/IRequest.java index b23b4474b..88cd89319 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/IRequest.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/IRequest.java @@ -24,6 +24,9 @@ package at.gv.egovernment.moa.id.commons.api; import java.util.Collection; +import org.opensaml.saml2.metadata.provider.MetadataProvider; + +import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession; import at.gv.egovernment.moa.id.commons.api.exceptions.SessionDataStorageException; public interface IRequest { @@ -107,14 +110,30 @@ public interface IRequest { /** - * Hold the identifier of the MOASession which is associated with this request + * Hold the identifier of the SSO MOASession which is associated with this request * - * @return MOASession identifier if a associated session exists, otherwise null + * @return SSO MOASession identifier if a associated session exists, otherwise null */ - public String getMOASessionIdentifier(); + public String getInternalSSOSessionIdentifier(); /** + * Hold the MOASession object of a pending request + * This MOASession object is NOT stored to AuthenticationSession database, because it is only part of the pending request + * + * @return {@link IAuthenticationSession} AuthenticationSession data object of this pending request + */ + public IAuthenticationSession getMOASession(); + + + /** + * Populate the MOASession object of a pending request with information from an SSO session database + * + * @param ssoSession + */ + public void populateMOASessionWithSSOInformation(IAuthenticationSession ssoSession); + + /** * Holds a unique transaction identifier, which could be used for looging * This transaction identifier is unique for a single identification and authentication process * @@ -193,9 +212,10 @@ public interface IRequest { /** * This method get a Set of PVP 2.1 attribute, which are request by this pending-request. + * @param metadataProvider SAML2 Metadata Provider, or null if no metadata provider is required * * @return A set of PVP attribute names or null if no attributes are requested * or the Service Provider, which sends this request needs no attributes */ - public Collection<String> getRequestedAttributes(); + public Collection<String> getRequestedAttributes(MetadataProvider metadataProvider); } diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/AuthProzessDataConstants.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/AuthProzessDataConstants.java new file mode 100644 index 000000000..db413b0f5 --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/AuthProzessDataConstants.java @@ -0,0 +1,66 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.commons.api.data; + +/** + * @author tlenz + * + */ +public interface AuthProzessDataConstants { + + public static final String GENERIC_PREFIX = "generic_"; + + + public static final String FLAG_IS_FOREIGNER = "direct_flagIsForeigner"; + public static final String FLAG_USE_MANDATE = "direct_flagUseMandate"; + public static final String FLAG_IS_ORGANWALTER = "direct_flagOrganwalter"; + public static final String FLAG_IS_AUTHENTICATED = "direct_flagIsAuth"; + public static final String FLAG_SAMLATTRIBUTEGEBEORWBPK = "direct_SAMLAttributeGebeORwbpk"; + + + public static final String VALUE_CREATED = "direct_created"; + public static final String VALUE_ISSUEINSTANT = "direct_issueInstant"; + public static final String VALUE_SESSIONID = "direct_sessionId"; + public static final String VALUE_SIGNER_CERT = "direct_signerCert"; + public static final String VALUE_IDENTITYLINK = "direct_idl"; + public static final String VALUE_BKUURL = "direct_bkuUrl"; + public static final String VALUE_AUTHBLOCK = "direct_authBlock"; + + public static final String VALUE_AUTNBLOCKTOKKEN = "direct_authblocktokken"; + public static final String VALUE_QAALEVEL = "direct_qaaLevel"; + public static final String VALUE_VERIFYSIGRESP = "direct_verifySigResp"; + + public static final String VALUE_MISSESSIONID = "direct_MIS_SessionId"; + public static final String VALUE_MISREFVALUE = "direct_MIS_RefValue"; + public static final String VALUE_MISMANDATE = "direct_MIS_Mandate"; + + + + + @Deprecated + public static final String VALUE_EXTENTEDSAMLATTRAUTH = "direct_extSamlAttrAuth"; + + @Deprecated + public static final String VALUE_EXTENTEDSAMLATTROA = "direct_extSamlAttrOA"; + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/ExtendedSAMLAttribute.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/ExtendedSAMLAttribute.java index e1755615b..e9045e727 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/ExtendedSAMLAttribute.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/ExtendedSAMLAttribute.java @@ -44,7 +44,7 @@ */ -package at.gv.egovernment.moa.id.auth.data; +package at.gv.egovernment.moa.id.commons.api.data; /** * A SAML-Attribute to be appended to the final SAML-Assertion diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/IAuthenticationSession.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/IAuthenticationSession.java new file mode 100644 index 000000000..8bffceaed --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/IAuthenticationSession.java @@ -0,0 +1,296 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.commons.api.data; + +import java.util.Date; +import java.util.List; +import java.util.Map; + +import at.gv.egovernment.moa.id.commons.api.exceptions.SessionDataStorageException; +import iaik.x509.X509Certificate; + +/** + * @author tlenz + * + */ +public interface IAuthenticationSession { + + boolean isAuthenticated(); + + void setAuthenticated(boolean authenticated); + + X509Certificate getSignerCertificate(); + + byte[] getEncodedSignerCertificate(); + + void setSignerCertificate(X509Certificate signerCertificate); + + /** + * Returns the identityLink. + * + * @return IdentityLink + */ + IIdentityLink getIdentityLink(); + + /** + * Returns the sessionID. + * + * @return String + */ + String getSessionID(); + + /** + * Sets the identityLink. + * + * @param identityLink + * The identityLink to set + */ + void setIdentityLink(IIdentityLink identityLink); + + /** + * Sets the sessionID. + * + * @param sessionId + * The sessionID to set + */ + void setSessionID(String sessionId); + + /** + * Returns the BKU URL. + * + * @return String + */ + String getBkuURL(); + + /** + * Sets the bkuURL + * + * @param bkuURL + * The BKU URL to set + */ + void setBkuURL(String bkuURL); + + /** + * Returns the authBlock. + * + * @return String + */ + String getAuthBlock(); + + /** + * Sets the authBlock. + * + * @param authBlock + * The authBlock to set + */ + void setAuthBlock(String authBlock); + + /** + * Returns the SAML Attributes to be appended to the AUTHBlock. Maybe <code>null</code>. + * + * @return The SAML Attributes to be appended to the AUTHBlock. Maybe <code>null</code>. + */ + List<ExtendedSAMLAttribute> getExtendedSAMLAttributesAUTH(); + + /** + * Sets the SAML Attributes to be appended to the AUTHBlock. + * + * @param extendedSAMLAttributesAUTH + * The SAML Attributes to be appended to the AUTHBlock. + */ + void setExtendedSAMLAttributesAUTH(List<ExtendedSAMLAttribute> extendedSAMLAttributesAUTH); + + /** + * Returns the SAML Attributes to be appended to the SAML assertion delivered to the online + * application. Maybe <code>null</code>. + * + * @return The SAML Attributes to be appended to the SAML assertion delivered to the online + * application + */ + List<ExtendedSAMLAttribute> getExtendedSAMLAttributesOA(); + + /** + * Sets the SAML Attributes to be appended to the SAML assertion delivered to the online + * application. + * + * @param extendedSAMLAttributesOA + * The SAML Attributes to be appended to the SAML assertion delivered to the online + * application. + */ + void setExtendedSAMLAttributesOA(List<ExtendedSAMLAttribute> extendedSAMLAttributesOA); + + /** + * Returns the boolean value for either a target or a wbPK is provided as SAML Attribute in the + * SAML Assertion or not. + * + * @return true either a target or a wbPK is provided as SAML Attribute in the SAML Assertion or + * false if not. + */ + boolean getSAMLAttributeGebeORwbpk(); + + /** + * Sets the boolean value for either a target or a wbPK is provided as SAML Attribute in the + * SAML Assertion or not. + * + * @param samlAttributeGebeORwbpk + * The boolean for value either a target or wbPK is provided as SAML Attribute in the + * SAML Assertion or not. + */ + void setSAMLAttributeGebeORwbpk(boolean samlAttributeGebeORwbpk); + + /** + * Returns the issuing time of the AUTH-Block SAML assertion. + * + * @return The issuing time of the AUTH-Block SAML assertion. + */ + String getIssueInstant(); + + /** + * Sets the issuing time of the AUTH-Block SAML assertion. + * + * @param issueInstant + * The issueInstant to set. + */ + void setIssueInstant(String issueInstant); + + /** + * + * @param useMandate + * indicates if mandate is used or not + */ + void setUseMandate(String useMandate); + + void setUseMandates(boolean useMandates); + + /** + * @return + */ + boolean isMandateUsed(); + + /** + * + * @param misSessionID + * indicates the MIS session ID + */ + void setMISSessionID(String misSessionID); + + /** + * Returns the MIS session ID + * + * @return + */ + String getMISSessionID(); + + /** + * @return the mandateReferenceValue + */ + String getMandateReferenceValue(); + + /** + * @param mandateReferenceValue + * the mandateReferenceValue to set + */ + void setMandateReferenceValue(String mandateReferenceValue); + + boolean isForeigner(); + + void setForeigner(boolean isForeigner); + + IVerifiyXMLSignatureResponse getXMLVerifySignatureResponse(); + + void setXMLVerifySignatureResponse(IVerifiyXMLSignatureResponse xMLVerifySignatureResponse); + + IMISMandate getMISMandate(); + + void setMISMandate(IMISMandate mandate); + + /** + * @return the isOW + */ + boolean isOW(); + + /** + * @param isOW + * the isOW to set + */ + void setOW(boolean isOW); + + /** + * @return the authBlockTokken + */ + String getAuthBlockTokken(); + + /** + * @param authBlockTokken + * the authBlockTokken to set + */ + void setAuthBlockTokken(String authBlockTokken); + + /** + * eIDAS QAA level + * + * @return the qAALevel + */ + String getQAALevel(); + + /** + * set QAA level in eIDAS form + * + * @param qAALevel the qAALevel to set + */ + void setQAALevel(String qAALevel); + + /** + * @return the sessionCreated + */ + Date getSessionCreated(); + + Map<String, Object> getGenericSessionDataStorage(); + + /** + * Returns a generic session-data object with is stored with a specific identifier + * + * @param key The specific identifier of the session-data object + * @return The session-data object or null if no data is found with this key + */ + Object getGenericDataFromSession(String key); + + /** + * Returns a generic session-data object with is stored with a specific identifier + * + * @param key The specific identifier of the session-data object + * @param clazz The class type which is stored with this key + * @return The session-data object or null if no data is found with this key + */ + <T> T getGenericDataFromSession(String key, Class<T> clazz); + + /** + * Store a generic data-object to session with a specific identifier + * + * @param key Identifier for this data-object + * @param object Generic data-object which should be stored. This data-object had to be implement the 'java.io.Serializable' interface + * @throws SessionDataStorageException Error message if the data-object can not stored to generic session-data storage + */ + void setGenericDataToSession(String key, Object object) throws SessionDataStorageException; + +}
\ No newline at end of file diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/IIdentityLink.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/IIdentityLink.java new file mode 100644 index 000000000..3a0ccd7c9 --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/IIdentityLink.java @@ -0,0 +1,175 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.commons.api.data; + +import java.io.IOException; +import java.security.PublicKey; + +import javax.xml.transform.TransformerException; + +import org.w3c.dom.Element; + +/** + * @author tlenz + * + */ +public interface IIdentityLink { + + /** + * Returns the dateOfBirth. + * @return Calendar + */ + String getDateOfBirth(); + + /** + * Returns the familyName. + * @return String + */ + String getFamilyName(); + + /** + * Returns the givenName. + * @return String + */ + String getGivenName(); + + /** + * Returns the name. + * @return The name. + */ + String getName(); + + /** + * Returns the identificationValue. + * <code>"identificationValue"</code> is the translation of <code>"Stammzahl"</code>. + * @return String + */ + String getIdentificationValue(); + + /** + * Returns the identificationType. + * <code>"identificationType"</code> type of the identificationValue in the IdentityLink. + * @return String + */ + String getIdentificationType(); + + /** + * Sets the dateOfBirth. + * @param dateOfBirth The dateOfBirth to set + */ + void setDateOfBirth(String dateOfBirth); + + /** + * Sets the familyName. + * @param familyName The familyName to set + */ + void setFamilyName(String familyName); + + /** + * Sets the givenName. + * @param givenName The givenName to set + */ + void setGivenName(String givenName); + + /** + * Sets the identificationValue. + * <code>"identificationValue"</code> is the translation of <code>"Stammzahl"</code>. + * @param identificationValue The identificationValue to set + */ + void setIdentificationValue(String identificationValue); + + /** + * Sets the Type of the identificationValue. + * @param identificationType The type of identificationValue to set + */ + void setIdentificationType(String identificationType); + + /** + * Returns the samlAssertion. + * @return Element + */ + Element getSamlAssertion(); + + /** + * Returns the samlAssertion. + * @return Element + */ + String getSerializedSamlAssertion(); + + /** + * Sets the samlAssertion and the serializedSamlAssertion. + * @param samlAssertion The samlAssertion to set + */ + void setSamlAssertion(Element samlAssertion) throws TransformerException, IOException; + + /** + * Returns the dsigReferenceTransforms. + * @return Element[] + */ + Element[] getDsigReferenceTransforms(); + + /** + * Sets the dsigReferenceTransforms. + * @param dsigReferenceTransforms The dsigReferenceTransforms to set + */ + void setDsigReferenceTransforms(Element[] dsigReferenceTransforms); + + /** + * Returns the publicKey. + * @return PublicKey[] + */ + PublicKey[] getPublicKey(); + + /** + * Sets the publicKey. + * @param publicKey The publicKey to set + */ + void setPublicKey(PublicKey[] publicKey); + + /** + * Returns the prPerson. + * @return Element + */ + Element getPrPerson(); + + /** + * Sets the prPerson. + * @param prPerson The prPerson to set + */ + void setPrPerson(Element prPerson); + + /** + * Returns the issuing time of the identity link SAML assertion. + * + * @return The issuing time of the identity link SAML assertion. + */ + String getIssueInstant(); + + /** + * Sets the issuing time of the identity link SAML assertion. + * + * @param issueInstant The issueInstant to set. + */ + void setIssueInstant(String issueInstant); + +}
\ No newline at end of file diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/IMISMandate.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/IMISMandate.java new file mode 100644 index 000000000..5bf8b9779 --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/IMISMandate.java @@ -0,0 +1,65 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.commons.api.data; + +import org.w3c.dom.Element; + +import at.gv.e_government.reference.namespace.mandates._20040701_.Mandate; + +/** + * @author tlenz + * + */ +public interface IMISMandate { + + String getProfRep(); + + void setProfRep(String oid); + + void setOWbPK(String oWbPK); + + String getOWbPK(); + + byte[] getMandate(); + + Element getMandateDOM(); + + Mandate getMandateJaxB(); + + void setMandate(byte[] mandate); + + String getTextualDescriptionOfOID(); + // /** + // * @return the isFullMandateIncluded + // */ + // public boolean isFullMandateIncluded() { + // return isFullMandateIncluded; + // } + // /** + // * @param isFullMandateIncluded the isFullMandateIncluded to set + // */ + // public void setFullMandateIncluded(boolean isFullMandateIncluded) { + // this.isFullMandateIncluded = isFullMandateIncluded; + // } + +}
\ No newline at end of file diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/IVerifiyXMLSignatureResponse.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/IVerifiyXMLSignatureResponse.java new file mode 100644 index 000000000..08dfcae71 --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/IVerifiyXMLSignatureResponse.java @@ -0,0 +1,161 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.commons.api.data; + +import java.util.Date; + +import iaik.x509.X509Certificate; + +/** + * @author tlenz + * + */ +public interface IVerifiyXMLSignatureResponse { + + /** + * Returns the certificateCheckCode. + * @return int + */ + int getCertificateCheckCode(); + + /** + * Returns the signatureCheckCode. + * @return int + */ + int getSignatureCheckCode(); + + /** + * Returns the xmlDSIGManifestCheckCode. + * @return int + */ + int getXmlDSIGManifestCheckCode(); + + /** + * Returns the xmlDsigSubjectName. + * @return String + */ + String getXmlDsigSubjectName(); + + /** + * Sets the certificateCheckCode. + * @param certificateCheckCode The certificateCheckCode to set + */ + void setCertificateCheckCode(int certificateCheckCode); + + /** + * Sets the signatureCheckCode. + * @param signatureCheckCode The signatureCheckCode to set + */ + void setSignatureCheckCode(int signatureCheckCode); + + /** + * Sets the xmlDSIGManifestCheckCode. + * @param xmlDSIGManifestCheckCode The xmlDSIGManifestCheckCode to set + */ + void setXmlDSIGManifestCheckCode(int xmlDSIGManifestCheckCode); + + /** + * Sets the xmlDsigSubjectName. + * @param xmlDsigSubjectName The xmlDsigSubjectName to set + */ + void setXmlDsigSubjectName(String xmlDsigSubjectName); + + /** + * Returns the publicAuthorityCode. + * @return int + */ + String getPublicAuthorityCode(); + + /** + * Sets the publicAuthorityCode. + * @param publicAuthorityCode The publicAuthorityCode to set + */ + void setPublicAuthorityCode(String publicAuthorityCode); + + /** + * Returns the qualifiedCertificate. + * @return boolean + */ + boolean isQualifiedCertificate(); + + /** + * Returns the x509certificate. + * @return X509Certificate + */ + X509Certificate getX509certificate(); + + /** + * Sets the qualifiedCertificate. + * @param qualifiedCertificate The qualifiedCertificate to set + */ + void setQualifiedCertificate(boolean qualifiedCertificate); + + /** + * Sets the x509certificate. + * @param x509certificate The x509certificate to set + */ + void setX509certificate(X509Certificate x509certificate); + + /** + * Returns the xmlDSIGManigest. + * @return boolean + */ + boolean isXmlDSIGManigest(); + + /** + * Sets the xmlDSIGManigest. + * @param xmlDSIGManigest The xmlDSIGManigest to set + */ + void setXmlDSIGManigest(boolean xmlDSIGManigest); + + /** + * Returns the publicAuthority. + * @return boolean + */ + boolean isPublicAuthority(); + + /** + * Sets the publicAuthority. + * @param publicAuthority The publicAuthority to set + */ + void setPublicAuthority(boolean publicAuthority); + + /** + * Returns the the resulting code of the signature manifest check. + * + * @return The code of the sigature manifest check. + */ + int getSignatureManifestCheckCode(); + + /** + * Sets the signatureManifestCode. + * + * @param signatureManifestCheckCode The signatureManifestCode to set. + */ + void setSignatureManifestCheckCode(int signatureManifestCheckCode); + + Date getSigningDateTime(); + + void setSigningDateTime(Date signingDateTime); + +}
\ No newline at end of file diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/exceptions/SessionDataStorageException.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/exceptions/SessionDataStorageException.java index 9414556a2..caff67985 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/exceptions/SessionDataStorageException.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/exceptions/SessionDataStorageException.java @@ -42,4 +42,13 @@ public class SessionDataStorageException extends MOAIDException { } + /** + * @param string + * @param object + * @param e + */ + public SessionDataStorageException(String string, Object[] object, Throwable e) { + super(string, object, e); + } + } diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationMigrationUtils.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationMigrationUtils.java index d80856c1c..b1abcdd06 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationMigrationUtils.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationMigrationUtils.java @@ -32,6 +32,7 @@ import java.util.Iterator; import java.util.List; import java.util.Map; +import at.gv.egovernment.moa.id.commons.MOAIDConstants; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.AttributeProviderPlugin; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.AuthComponentGeneral; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.AuthComponentOA; @@ -188,6 +189,10 @@ public class ConfigurationMigrationUtils { if (MOAIDConfigurationConstants.PREFIX_WPBK.startsWith(split[0]) && split.length >= 2) { result.put(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_TYPE, split[1]); result.put(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_VALUE, split[2]); + + } else if (MOAIDConfigurationConstants.PREFIX_EIDAS.startsWith(split[0]) && split.length >= 2) { + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_TYPE, MOAIDConfigurationConstants.IDENIFICATIONTYPE_EIDAS); + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_VALUE, split[1] + "+" + split[2]); } else if (MOAIDConfigurationConstants.PREFIX_STORK.startsWith(split[0]) && split.length >= 2) { result.put(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_TYPE, MOAIDConfigurationConstants.IDENIFICATIONTYPE_STORK); @@ -362,10 +367,11 @@ public class ConfigurationMigrationUtils { else result.put(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ENABLED, Boolean.FALSE.toString()); - if (config.getQaa() != null) - result.put(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_MINQAALEVEL, config.getQaa().toString()); + if (config.geteIDAS_LOA() != null) + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_MINQAALEVEL, config.geteIDAS_LOA()); else - result.put(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_MINQAALEVEL, "4"); + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_MINQAALEVEL, + MOAIDConstants.eIDAS_LOA_HIGH); // fetch vidp config @@ -773,9 +779,15 @@ public class ConfigurationMigrationUtils { if (oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_TYPE) != null && oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_VALUE) != null) { - if (oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_TYPE).equals(MOAIDConfigurationConstants.IDENIFICATIONTYPE_STORK)) { + + if (oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_TYPE).equals(MOAIDConfigurationConstants.IDENIFICATIONTYPE_EIDAS)) { + idnumber.setValue(MOAIDConfigurationConstants.PREFIX_EIDAS + oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_VALUE)); + idnumber.setType(MOAIDConfigurationConstants.BUSINESSSERVICENAMES.get(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_TYPE))); + + } else if (oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_TYPE).equals(MOAIDConfigurationConstants.IDENIFICATIONTYPE_STORK)) { idnumber.setValue(MOAIDConfigurationConstants.PREFIX_STORK + "AT" + "+" + oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_VALUE)); idnumber.setType(MOAIDConfigurationConstants.BUSINESSSERVICENAMES.get(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_TYPE))); + } else { idnumber.setValue(MOAIDConfigurationConstants.PREFIX_WPBK + oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_TYPE) + "+" + oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_VALUE)); idnumber.setType(MOAIDConfigurationConstants.BUSINESSSERVICENAMES.get(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_TYPE))); @@ -1487,11 +1499,11 @@ public class ConfigurationMigrationUtils { try { result.put(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_QAA, - String.valueOf(stork.getQualityAuthenticationAssuranceLevel())); + stork.getGeneral_eIDAS_LOA()); } catch(NullPointerException e) { result.put(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_QAA, - String.valueOf(4)); + MOAIDConstants.eIDAS_LOA_HIGH); } } @@ -1735,6 +1747,12 @@ public class ConfigurationMigrationUtils { } + //set eIDAS default LoA from general configuration + String eIDASDefaultLOA = moaconfig.get(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_QAA); + if (MiscUtil.isNotEmpty(eIDASDefaultLOA)) + stork.setGeneral_eIDAS_LOA(eIDASDefaultLOA); + + Map<String, StorkAttribute> attrMap = new HashMap<String, StorkAttribute>(); Map<String, CPEPS> cpepsMap = new HashMap<String, CPEPS>(); diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/SpringProfileConstants.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/SpringProfileConstants.java new file mode 100644 index 000000000..14824b1f8 --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/SpringProfileConstants.java @@ -0,0 +1,8 @@ +package at.gv.egovernment.moa.id.commons.config; + +public final class SpringProfileConstants { + + public static final String ADVANCED_LOG = "advancedLogOn"; + public static final String REDIS_BACKEND = "redisBackend"; + public static final String DB_BACKEND = "dbBackend"; +} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/MOASessionDBUtils.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/MOASessionDBUtils.java deleted file mode 100644 index ecb13ef34..000000000 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/MOASessionDBUtils.java +++ /dev/null @@ -1,192 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.commons.db; - -import java.util.Properties; - -import org.apache.commons.lang3.StringUtils; -import org.hibernate.HibernateException; -import org.hibernate.Session; -import org.hibernate.SessionFactory; -import org.hibernate.Transaction; -import org.hibernate.boot.registry.StandardServiceRegistryBuilder; -import org.hibernate.cfg.Configuration; -import org.hibernate.service.ServiceRegistry; - -import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; -import at.gv.egovernment.moa.logging.Logger; - -public final class MOASessionDBUtils { - - private static SessionFactory sessionFactory; - private static ServiceRegistry serviceRegistry; - - @SuppressWarnings("rawtypes") - private static final ThreadLocal THREAD_LOCAL = new ThreadLocal(); - private static boolean automaticSessionHandling = false; - - private static final String[] AUTOMATIC_SESSION_HANDLING_VALUES = new String[] { "jta", "thread" }; - private static final String SESSION_HANDLING_KEY = "hibernate.current_session_context_class"; - - protected MOASessionDBUtils() { } - - public static void initHibernate(Configuration config, Properties hibernateProperties) { - - String scm = StringUtils.trimToNull(hibernateProperties.getProperty(SESSION_HANDLING_KEY)); - if (scm != null) { - automaticSessionHandling = scm.indexOf(AUTOMATIC_SESSION_HANDLING_VALUES[0]) != -1 || scm.indexOf(AUTOMATIC_SESSION_HANDLING_VALUES[1]) != -1; - } - Logger.debug("Evaluating hibernate property \"" + SESSION_HANDLING_KEY + "\"."); - if (automaticSessionHandling) { - Logger.info("Hibernate is automatically handling session context management."); - } else { - Logger.info("Hibernate is NOT automatically handling session context management. Using build-in ThreadLocal session handling."); - } - try { - //Create the SessionFactory - Logger.debug("Creating initial MOASession session factory..."); - - config.configure("hibernate_moasession.cfg.xml"); - //serviceRegistry = new ServiceRegistryBuilder().applySettings(config.getProperties()).buildServiceRegistry(); - - serviceRegistry = new StandardServiceRegistryBuilder(). - applySettings(config.getProperties()).build(); - - sessionFactory = config.buildSessionFactory(serviceRegistry); - Logger.debug("Initial MOASession session factory successfully created."); - - } catch (Throwable ex) { - Logger.error("Initial MOASession session factory creation failed: " + ex.getMessage()); - throw new ExceptionInInitializerError(ex); - } - } - - /** - * Checks if a session factory is currently available. If necessary a new - * session factory is created. - * - * @return current (or new) session factory - * @throws HibernateException - * thrown if a hibernate error occurs - */ - public static Session getCurrentSession() { - if (automaticSessionHandling) { - return sessionFactory.getCurrentSession(); - } - Session session = (Session) THREAD_LOCAL.get(); - // Open a new Session, if this Thread has none yet - if (session == null || !session.isConnected()) { - session = getNewSession(); - } - return session; - } - - @SuppressWarnings("unchecked") - public static Session getNewSession() { - if (automaticSessionHandling) { - Logger.warn("Session is being automatically handled by hibernate. Therefore this session maybe not being newly created. Use HibernateUtil.getCurrentSession() instead."); - return sessionFactory.getCurrentSession(); - } - Session session = (Session) THREAD_LOCAL.get(); - if (session != null) { - Logger.warn("Previous MOASession session has not been closed; closing session now."); - closeSession(); - } - Logger.debug("Opening new MOASession hibernate session..."); - try { - session = sessionFactory.openSession(); - THREAD_LOCAL.set(session); - } catch (HibernateException hex) { - Logger.error(hex.getMessage()); - } - return session; - } - - /** - * Closes the current session. - * - * @throws HibernateException - * thrown if session is already closed or a hibernate error - * occurs. - */ - @SuppressWarnings("unchecked") - public static void closeSession() { - if (automaticSessionHandling) { - Logger.warn("Session is being automatically handled by hibernate. Therefore the current session cannot be closed on demand."); - return; - } - Logger.debug("Closing current MOASession hibernate session..."); - Session session = (Session) THREAD_LOCAL.get(); - THREAD_LOCAL.set(null); - if (session != null) { - try { - session.close(); - - } catch (HibernateException hex) { - Logger.error(hex.getMessage()); - } - } - } - - public static boolean saveOrUpdate(Object dbo) throws MOADatabaseException { - Transaction tx = null; - try { - Session session = MOASessionDBUtils.getCurrentSession(); - - synchronized (session) { - tx = session.beginTransaction(); - session.saveOrUpdate(dbo); - tx.commit(); - } - return true; - - } catch(HibernateException e) { - Logger.warn("Error during MOASession database saveOrUpdate. Rollback.", e); - if (tx != null) - tx.rollback(); - throw new MOADatabaseException(e); - } - } - - public static boolean delete(Object dbo) { - Transaction tx = null; - try { - Session session = MOASessionDBUtils.getCurrentSession(); - - synchronized (session) { - tx = session.beginTransaction(); - session.delete(dbo); - tx.commit(); - } - - return true; - - } catch(HibernateException e) { - Logger.warn("Error during MOASession database delete. Rollback.", e); - if (tx != null) - tx.rollback(); - return false; - } - } - -} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/NewConfigurationDBRead.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/NewConfigurationDBRead.java index e2f793edf..3928cf8c0 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/NewConfigurationDBRead.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/NewConfigurationDBRead.java @@ -6,6 +6,7 @@ import java.util.List; import java.util.Map; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.transaction.annotation.Transactional; import at.gv.egiz.components.configuration.api.ConfigurationException; import at.gv.egovernment.moa.id.commons.config.ConfigurationMigrationUtils; @@ -39,6 +40,7 @@ public class NewConfigurationDBRead { } + @Transactional public Map<String, String> getOnlineApplicationKeyValueWithId(String id, boolean backupVersion) { try { if (backupVersion) @@ -57,6 +59,7 @@ public class NewConfigurationDBRead { * * @return */ + @Transactional public List<OnlineApplication> getAllOnlineApplications() { Logger.trace("Get All OnlineApplications from database."); @@ -113,6 +116,7 @@ public class NewConfigurationDBRead { * * @return */ + @Transactional public List<OnlineApplication> getAllNewOnlineApplications() { Logger.trace("Get All New OnlineApplications from database."); @@ -139,6 +143,7 @@ public class NewConfigurationDBRead { * * @return */ + @Transactional public at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.MOAIDConfiguration getMOAIDConfiguration() { Logger.trace("Load MOAID Configuration from database."); Map<String, String> generalConfig; @@ -168,6 +173,7 @@ public class NewConfigurationDBRead { * * @return */ + @Transactional public List<OnlineApplication> getAllActiveOnlineApplications() { Logger.trace("Get All New OnlineApplications from database."); @@ -195,6 +201,7 @@ public class NewConfigurationDBRead { * @param id * @return */ + @Transactional public OnlineApplication getActiveOnlineApplication(String id) { Logger.trace("Getting Active OnlineApplication with ID " + id + " from database."); @@ -226,6 +233,7 @@ public class NewConfigurationDBRead { * @param dbid * @return */ + @Transactional public OnlineApplication getOnlineApplication(long dbid) { Logger.trace("Getting OnlineApplication with DBID " + dbid + " from database."); @@ -248,6 +256,7 @@ public class NewConfigurationDBRead { * @param id * @return */ + @Transactional public List<OnlineApplication> getOnlineApplications(String id) { Logger.trace("Getting OnlineApplication with ID " + id + " from database."); @@ -273,6 +282,7 @@ public class NewConfigurationDBRead { * @param id * @return */ + @Transactional public OnlineApplication getOnlineApplication(String id) { Logger.trace("Getting OnlineApplication with ID " + id + " from database."); @@ -297,6 +307,7 @@ public class NewConfigurationDBRead { * @param id * @return */ + @Transactional public List<OnlineApplication> searchOnlineApplications(String id) { Logger.trace("Getting OnlineApplication with ID " + id + " from database."); diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/StatisticLogDBUtils.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/StatisticLogDBUtils.java deleted file mode 100644 index 7e031cc76..000000000 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/StatisticLogDBUtils.java +++ /dev/null @@ -1,192 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.commons.db; - -import java.util.Properties; - -import org.apache.commons.lang3.StringUtils; -import org.hibernate.HibernateException; -import org.hibernate.Session; -import org.hibernate.SessionFactory; -import org.hibernate.Transaction; -import org.hibernate.boot.registry.StandardServiceRegistryBuilder; -import org.hibernate.cfg.Configuration; -import org.hibernate.service.ServiceRegistry; - -import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; -import at.gv.egovernment.moa.logging.Logger; - -public final class StatisticLogDBUtils { - - private static SessionFactory sessionFactory; - private static ServiceRegistry serviceRegistry; - - @SuppressWarnings("rawtypes") - private static final ThreadLocal THREAD_LOCAL_STATISTIC = new ThreadLocal(); - private static boolean automaticSessionHandling = false; - - private static final String[] AUTOMATIC_SESSION_HANDLING_VALUES = new String[] { "jta", "thread" }; - private static final String SESSION_HANDLING_KEY = "hibernate.current_session_context_class"; - - protected StatisticLogDBUtils() { } - - public static void initHibernate(Configuration config, Properties hibernateProperties) { - - String scm = StringUtils.trimToNull(hibernateProperties.getProperty(SESSION_HANDLING_KEY)); - if (scm != null) { - automaticSessionHandling = scm.indexOf(AUTOMATIC_SESSION_HANDLING_VALUES[0]) != -1 || scm.indexOf(AUTOMATIC_SESSION_HANDLING_VALUES[1]) != -1; - } - Logger.debug("Evaluating hibernate property \"" + SESSION_HANDLING_KEY + "\"."); - if (automaticSessionHandling) { - Logger.info("Hibernate is automatically handling session context management."); - } else { - Logger.info("Hibernate is NOT automatically handling session context management. Using build-in ThreadLocal session handling."); - } - try { - //Create the SessionFactory - Logger.debug("Creating initial StatisicLogger session factory..."); - - config.configure("hibernate_statistic.cfg.xml"); - //serviceRegistry = new ServiceRegistryBuilder().applySettings(config.getProperties()).buildServiceRegistry(); - - serviceRegistry = new StandardServiceRegistryBuilder(). - applySettings(config.getProperties()).build(); - - sessionFactory = config.buildSessionFactory(serviceRegistry); - Logger.debug("Initial StatisicLogger session factory successfully created."); - - } catch (Throwable ex) { - Logger.error("Initial StatisicLogger session factory creation failed: " + ex.getMessage()); - throw new ExceptionInInitializerError(ex); - } - } - - /** - * Checks if a session factory is currently available. If necessary a new - * session factory is created. - * - * @return current (or new) session factory - * @throws HibernateException - * thrown if a hibernate error occurs - */ - public static Session getCurrentSession() { - if (automaticSessionHandling) { - return sessionFactory.getCurrentSession(); - } - Session session = (Session) THREAD_LOCAL_STATISTIC.get(); - // Open a new Session, if this Thread has none yet - if (session == null || !session.isConnected()) { - session = getNewSession(); - } - return session; - } - - @SuppressWarnings("unchecked") - public static Session getNewSession() { - if (automaticSessionHandling) { - Logger.warn("Session is being automatically handled by hibernate. Therefore this session maybe not being newly created. Use HibernateUtil.getCurrentSession() instead."); - return sessionFactory.getCurrentSession(); - } - Session session = (Session) THREAD_LOCAL_STATISTIC.get(); - if (session != null) { - Logger.warn("Previous StatisicLogger session has not been closed; closing session now."); - closeSession(); - } - Logger.debug("Opening new StatisicLogger hibernate session..."); - try { - session = sessionFactory.openSession(); - THREAD_LOCAL_STATISTIC.set(session); - } catch (HibernateException hex) { - Logger.error(hex.getMessage()); - } - return session; - } - - /** - * Closes the current session. - * - * @throws HibernateException - * thrown if session is already closed or a hibernate error - * occurs. - */ - @SuppressWarnings("unchecked") - public static void closeSession() { - if (automaticSessionHandling) { - Logger.warn("Session is being automatically handled by hibernate. Therefore the current session cannot be closed on demand."); - return; - } - Logger.debug("Closing current StatisicLogger hibernate session..."); - Session session = (Session) THREAD_LOCAL_STATISTIC.get(); - THREAD_LOCAL_STATISTIC.set(null); - if (session != null) { - try { - session.close(); - - } catch (HibernateException hex) { - Logger.error(hex.getMessage()); - } - } - } - - public static boolean saveOrUpdate(Object dbo) throws MOADatabaseException { - Transaction tx = null; - try { - Session session = StatisticLogDBUtils.getCurrentSession(); - - synchronized (session) { - tx = session.beginTransaction(); - session.saveOrUpdate(dbo); - tx.commit(); - } - - Logger.info("Insert advanced statistic log entry into database"); - return true; - - } catch(HibernateException e) { - Logger.warn("Error during StatisicLogger database saveOrUpdate. Rollback.", e); - tx.rollback(); - throw new MOADatabaseException(e); - } - } - - public static boolean delete(Object dbo) { - Transaction tx = null; - try { - Session session = StatisticLogDBUtils.getCurrentSession(); - - synchronized (session) { - tx = session.beginTransaction(); - session.delete(dbo); - tx.commit(); - } - - return true; - - } catch(HibernateException e) { - Logger.warn("Error during StatisicLogger database delete. Rollback.", e); - tx.rollback(); - return false; - } - } - -} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/OASTORK.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/OASTORK.java index 397fd828b..0f76c4e63 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/OASTORK.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/OASTORK.java @@ -11,29 +11,21 @@ package at.gv.egovernment.moa.id.commons.db.dao.config.deprecated; import java.io.Serializable; import java.util.ArrayList; import java.util.List; -import javax.persistence.Basic; + import javax.persistence.CascadeType; -import javax.persistence.Column; -import javax.persistence.Entity; -import javax.persistence.GeneratedValue; -import javax.persistence.GenerationType; -import javax.persistence.Id; -import javax.persistence.Inheritance; -import javax.persistence.InheritanceType; -import javax.persistence.JoinColumn; import javax.persistence.JoinTable; import javax.persistence.ManyToMany; import javax.persistence.OneToMany; -import javax.persistence.Table; import javax.xml.bind.annotation.XmlAccessType; import javax.xml.bind.annotation.XmlAccessorType; import javax.xml.bind.annotation.XmlAttribute; import javax.xml.bind.annotation.XmlElement; import javax.xml.bind.annotation.XmlRootElement; import javax.xml.bind.annotation.XmlSchemaType; +import javax.xml.bind.annotation.XmlTransient; import javax.xml.bind.annotation.XmlType; import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter; -import com.sun.tools.xjc.runtime.ZeroOneBooleanAdapter; + import org.jvnet.jaxb2_commons.lang.Equals; import org.jvnet.jaxb2_commons.lang.EqualsStrategy; import org.jvnet.jaxb2_commons.lang.HashCode; @@ -43,6 +35,8 @@ import org.jvnet.jaxb2_commons.lang.JAXBHashCodeStrategy; import org.jvnet.jaxb2_commons.locator.ObjectLocator; import org.jvnet.jaxb2_commons.locator.util.LocatorUtils; +import com.sun.tools.xjc.runtime.ZeroOneBooleanAdapter; + /** * <p>Java class for anonymous complex type. @@ -110,6 +104,9 @@ public class OASTORK @XmlAttribute(name = "Hjid") protected Long hjid; + @XmlTransient + protected String eIDAS_LOA = null; + /** * Gets the value of the storkLogonEnabled property. * @@ -162,7 +159,23 @@ public class OASTORK this.qaa = value; } + + /** + * @return the eIDAS_LOA + */ + public String geteIDAS_LOA() { + return eIDAS_LOA; + } + + /** + * @param eIDAS_LOA the eIDAS_LOA to set + */ + public void seteIDAS_LOA(String eIDAS_LOA) { + this.eIDAS_LOA = eIDAS_LOA; + } + + /** * Gets the value of the oaAttributes property. * * <p> diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/STORK.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/STORK.java index 59b300e95..bcd159702 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/STORK.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/STORK.java @@ -11,25 +11,18 @@ package at.gv.egovernment.moa.id.commons.db.dao.config.deprecated; import java.io.Serializable; import java.util.ArrayList; import java.util.List; -import javax.persistence.Basic; + import javax.persistence.CascadeType; -import javax.persistence.Column; -import javax.persistence.Entity; -import javax.persistence.GeneratedValue; -import javax.persistence.GenerationType; -import javax.persistence.Id; -import javax.persistence.Inheritance; -import javax.persistence.InheritanceType; -import javax.persistence.JoinColumn; import javax.persistence.ManyToOne; import javax.persistence.OneToMany; -import javax.persistence.Table; import javax.xml.bind.annotation.XmlAccessType; import javax.xml.bind.annotation.XmlAccessorType; import javax.xml.bind.annotation.XmlAttribute; import javax.xml.bind.annotation.XmlElement; import javax.xml.bind.annotation.XmlRootElement; +import javax.xml.bind.annotation.XmlTransient; import javax.xml.bind.annotation.XmlType; + import org.jvnet.jaxb2_commons.lang.Equals; import org.jvnet.jaxb2_commons.lang.EqualsStrategy; import org.jvnet.jaxb2_commons.lang.HashCode; @@ -94,6 +87,9 @@ public class STORK @XmlAttribute(name = "Hjid") protected Long hjid; + @XmlTransient + protected String general_eIDAS_LOA = null; + /** * Gets the value of the cpeps property. * @@ -257,7 +253,21 @@ public class STORK this.hjid = value; } - public boolean equals(ObjectLocator thisLocator, ObjectLocator thatLocator, Object object, EqualsStrategy strategy) { + /** + * @return the general_eIDAS_LOA + */ + public String getGeneral_eIDAS_LOA() { + return general_eIDAS_LOA; + } + + /** + * @param general_eIDAS_LOA the general_eIDAS_LOA to set + */ + public void setGeneral_eIDAS_LOA(String general_eIDAS_LOA) { + this.general_eIDAS_LOA = general_eIDAS_LOA; + } + + public boolean equals(ObjectLocator thisLocator, ObjectLocator thatLocator, Object object, EqualsStrategy strategy) { if (!(object instanceof STORK)) { return false; } diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/AssertionStore.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/AssertionStore.java index 46683a928..4c6cd16c0 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/AssertionStore.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/AssertionStore.java @@ -37,6 +37,8 @@ import javax.persistence.Table; import org.hibernate.annotations.DynamicUpdate; +import com.fasterxml.jackson.annotation.JsonCreator; + @Entity @@ -48,11 +50,22 @@ import org.hibernate.annotations.DynamicUpdate; }) public class AssertionStore implements Serializable{ + /** + * + */ + private static final long serialVersionUID = 2804964892915004185L; + + + + @JsonCreator + public AssertionStore(){ + + } + - private static final long serialVersionUID = 1L; @Id - @GeneratedValue(strategy = GenerationType.AUTO) + @GeneratedValue(strategy = GenerationType.AUTO) @Column(name = "id", unique=true, nullable=false) private long id; diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/AuthenticatedSessionStore.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/AuthenticatedSessionStore.java index 128dd79df..eeaf03544 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/AuthenticatedSessionStore.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/AuthenticatedSessionStore.java @@ -59,7 +59,9 @@ import org.hibernate.annotations.DynamicUpdate; @NamedQuery(name="getMOASessionWithNameIDandOAID", query = "select authenticatedsessionstore from AuthenticatedSessionStore authenticatedsessionstore join fetch authenticatedsessionstore.activeOAsessions activeOAsessions where activeOAsessions.oaurlprefix = :oaID and activeOAsessions.userNameID = :nameID"), @NamedQuery(name="getInterfederatedIDPForAttributeQueryWithSessionID", query = "select authenticatedsessionstore from AuthenticatedSessionStore authenticatedsessionstore join fetch authenticatedsessionstore.inderfederation inderfederations where inderfederations.attributesRequested is false and authenticatedsessionstore.sessionid = :sessionID"), @NamedQuery(name="getInterfederatedIDPForSSOWithSessionID", query = "select authenticatedsessionstore from AuthenticatedSessionStore authenticatedsessionstore join fetch authenticatedsessionstore.inderfederation inderfederations where inderfederations.attributesRequested is true and inderfederations.storeSSOInformation is true and authenticatedsessionstore.sessionid = :sessionID order by inderfederations.QAALevel DESC"), - @NamedQuery(name="getInterfederatedIDPForSSOWithSessionIDIDPID", query = "select authenticatedsessionstore from AuthenticatedSessionStore authenticatedsessionstore join fetch authenticatedsessionstore.inderfederation inderfederations where inderfederations.attributesRequested is true and authenticatedsessionstore.sessionid = :sessionID and inderfederations.idpurlprefix = :idpID") + @NamedQuery(name="getInterfederatedIDPForSSOWithSessionIDIDPID", query = "select authenticatedsessionstore from AuthenticatedSessionStore authenticatedsessionstore join fetch authenticatedsessionstore.inderfederation inderfederations where inderfederations.attributesRequested is true and authenticatedsessionstore.sessionid = :sessionID and inderfederations.idpurlprefix = :idpID"), + @NamedQuery(name="getAllActiveOAsForSessionID", query = "select activeOAsessions from AuthenticatedSessionStore authenticatedsessionstore join authenticatedsessionstore.activeOAsessions activeOAsessions where authenticatedsessionstore.sessionid = :sessionID "), + @NamedQuery(name="getAllActiveIDPsForSessionID", query = "select inderfederation from AuthenticatedSessionStore authenticatedsessionstore join authenticatedsessionstore.inderfederation inderfederation where authenticatedsessionstore.sessionid = :sessionID ") }) public class AuthenticatedSessionStore implements Serializable{ diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/statistic/StatisticLog.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/statistic/StatisticLog.java index 97f26812f..ba48f8caf 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/statistic/StatisticLog.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/statistic/StatisticLog.java @@ -39,7 +39,7 @@ import org.hibernate.annotations.DynamicUpdate; @Entity -@DynamicUpdate(value=true) +//@DynamicUpdate(value=true) @Table(name = "statisticlog") @NamedQueries({ @NamedQuery(name="getAllEntriesNotBeforeTimeStamp", query = "select statisiclog from StatisticLog statisiclog where statisiclog.timestamp > :timeout") diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/MOAHttpProtocolSocketFactory.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/MOAHttpProtocolSocketFactory.java index 2ade63c1c..84743b8c7 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/MOAHttpProtocolSocketFactory.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/MOAHttpProtocolSocketFactory.java @@ -22,24 +22,25 @@ */ package at.gv.egovernment.moa.id.commons.utils; -import iaik.pki.PKIException; - import java.io.IOException; import java.net.InetAddress; import java.net.Socket; import java.net.UnknownHostException; import java.security.GeneralSecurityException; -import javax.net.ssl.SSLContext; +import javax.net.ssl.SSLSocket; import javax.net.ssl.SSLSocketFactory; import org.apache.commons.httpclient.ConnectTimeoutException; import org.apache.commons.httpclient.params.HttpConnectionParams; import org.apache.commons.httpclient.protocol.SecureProtocolSocketFactory; +import org.apache.commons.lang3.StringUtils; import at.gv.egovernment.moa.id.commons.ex.MOAHttpProtocolSocketFactoryException; import at.gv.egovernment.moa.id.commons.utils.ssl.SSLConfigurationException; -import at.gv.egovernment.moa.id.commons.utils.ssl.SSLUtils; +import at.gv.egovernment.moa.util.MiscUtil; +import at.gv.egovernment.moaspss.logging.Logger; +import iaik.pki.PKIException; /** * @author tlenz @@ -53,22 +54,47 @@ public class MOAHttpProtocolSocketFactory implements SecureProtocolSocketFactory public MOAHttpProtocolSocketFactory ( String url, - String certStoreRootDirParam, String trustStoreURL, String acceptedServerCertURL, String chainingMode, - boolean checkRevocation - ) throws MOAHttpProtocolSocketFactoryException { - super(); + boolean checkRevocation, + String[] revocationMethodOrder) throws MOAHttpProtocolSocketFactoryException { + internalInitialize(url, null, trustStoreURL, acceptedServerCertURL, chainingMode, checkRevocation, revocationMethodOrder); + } + + /** + * @param string + * @param certStoreDirectory + * @param trustStoreDirectory + * @param object + * @param string2 + * @param b + * @param strings + */ + public MOAHttpProtocolSocketFactory(String url, String certStoreDirectory, String trustStoreURL, + String acceptedServerCertURL, + String chainingMode, + boolean checkRevocation, + String[] revocationMethodOrder) throws MOAHttpProtocolSocketFactoryException { + internalInitialize(url, certStoreDirectory, trustStoreURL, acceptedServerCertURL, chainingMode, checkRevocation, revocationMethodOrder); + + } + + private void internalInitialize(String url, String certStoreDirectory, String trustStoreURL, + String acceptedServerCertURL, + String chainingMode, + boolean checkRevocation, + String[] revocationMethodOrder) throws MOAHttpProtocolSocketFactoryException { try { - this.sslfactory = SSLUtils.getSSLSocketFactory( + this.sslfactory = at.gv.egovernment.moa.id.commons.utils.ssl.SSLUtils.getSSLSocketFactory( url, - certStoreRootDirParam, + certStoreDirectory, trustStoreURL, acceptedServerCertURL, chainingMode, - checkRevocation, + checkRevocation, + revocationMethodOrder, null, null, null); @@ -86,7 +112,7 @@ public class MOAHttpProtocolSocketFactory implements SecureProtocolSocketFactory throw new MOAHttpProtocolSocketFactoryException("Initialize SSL Context FAILED", e); } - + } /* (non-Javadoc) @@ -94,8 +120,8 @@ public class MOAHttpProtocolSocketFactory implements SecureProtocolSocketFactory */ public Socket createSocket(String host, int port, InetAddress localAddress, int localPort) throws IOException, UnknownHostException { - return this.sslfactory.createSocket(host, port, - localAddress, localPort); + return setEnabledSslCiphers(this.sslfactory.createSocket(host, port, + localAddress, localPort)); } /* (non-Javadoc) @@ -104,8 +130,8 @@ public class MOAHttpProtocolSocketFactory implements SecureProtocolSocketFactory public Socket createSocket(String host, int port, InetAddress localAddress, int localPort, HttpConnectionParams params) throws IOException, UnknownHostException, ConnectTimeoutException { - return this.sslfactory.createSocket(host, port, - localAddress, localPort); + return setEnabledSslCiphers(this.sslfactory.createSocket(host, port, + localAddress, localPort)); } /* (non-Javadoc) @@ -113,16 +139,40 @@ public class MOAHttpProtocolSocketFactory implements SecureProtocolSocketFactory */ public Socket createSocket(String host, int port) throws IOException, UnknownHostException { - return this.sslfactory.createSocket(host, port); + return setEnabledSslCiphers(this.sslfactory.createSocket(host, port)); } - + /* (non-Javadoc) * @see org.apache.commons.httpclient.protocol.SecureProtocolSocketFactory#createSocket(java.net.Socket, java.lang.String, int, boolean) */ public Socket createSocket(Socket socket, String host, int port, boolean autoClose) throws IOException, UnknownHostException { - return this.sslfactory.createSocket(socket, host, - port, autoClose); + return setEnabledSslCiphers(this.sslfactory.createSocket(socket, host, + port, autoClose)); } + /** + * Enable only a specific subset of TLS cipher suites + * This subset can be set by 'https.cipherSuites' SystemProperty (z.B. -Dhttps.cipherSuites=...) + * + * @param sslSocket {@link SSLSocket} + * @return {@link SSLSocket} with Ciphersuites + */ + private Socket setEnabledSslCiphers(Socket sslSocket) { + if (sslSocket instanceof SSLSocket) { + String systemProp = System.getProperty("https.cipherSuites"); + if (MiscUtil.isNotEmpty(systemProp)) { + ((SSLSocket) sslSocket).setEnabledCipherSuites(systemProp.split(",")); + + } + + try { + Logger.trace("Enabled SSL-Cipher: " + StringUtils.join(((SSLSocket) sslSocket).getEnabledCipherSuites(), ",")); + } catch (Exception e) { + Logger.error(e); + } + } + + return sslSocket; + } } diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/CertStoreConfigurationImpl.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/CertStoreConfigurationImpl.java index 00e750f58..d65cea08c 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/CertStoreConfigurationImpl.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/CertStoreConfigurationImpl.java @@ -46,14 +46,16 @@ package at.gv.egovernment.moa.id.commons.utils.ssl; +import java.io.File; +import java.util.Collections; +import java.util.Set; + import at.gv.egovernment.moa.logging.Logger; import iaik.pki.store.certstore.CertStoreConfiguration; import iaik.pki.store.certstore.CertStoreParameters; import iaik.pki.store.certstore.CertStoreTypes; import iaik.pki.store.certstore.directory.DirectoryCertStoreParameters; -import java.io.File; - /** * Implementation of interface needed to initialize an IAIK JSSE <code>TrustManager</code> * @@ -128,7 +130,7 @@ public class CertStoreConfigurationImpl extends ObservableImpl * @see iaik.pki.store.certstore.directory.DirectoryCertStoreParameters#createNew() */ public boolean createNew() { - return false; + return true; } /** @@ -153,4 +155,14 @@ public class CertStoreConfigurationImpl extends ObservableImpl return CertStoreTypes.DIRECTORY; } + /* (non-Javadoc) + * @see iaik.pki.store.certstore.directory.DirectoryCertStoreParameters#getVirtualStores() + */ + @Override + public Set getVirtualStores() { + //TODO: only for Testing and not complete !!!Ask Harald !!!! + return Collections.EMPTY_SET; + + } + } diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/MOAIDTrustManager.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/MOAIDTrustManager.java index eaef3f1d4..9fc6f799d 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/MOAIDTrustManager.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/MOAIDTrustManager.java @@ -57,11 +57,11 @@ import java.util.ArrayList; import java.util.List; import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.logging.LoggingContext; -import at.gv.egovernment.moa.logging.LoggingContextManager; - +import at.gv.egovernment.moaspss.logging.LoggingContext; +import at.gv.egovernment.moaspss.logging.LoggingContextManager; import iaik.pki.jsse.IAIKX509TrustManager; + /** * <code>TrustManager</code> implementation featuring CRL checking (inherited from * <code>IAIKX509TrustManager</code>), plus server-end-SSL-certificate checking. @@ -95,14 +95,14 @@ public class MOAIDTrustManager extends IAIKX509TrustManager { * Fixes a bug occuring in the case MOA-SP is called by API. * In this case, IAIKX509TrustManager uses the LogginConfig of MOA-SP. * This method must be called before a MOAIDTrustManager is constructed, - * from every thread. - */ + * from every thread. + */ public static void initializeLoggingContext() { if (LoggingContextManager.getInstance().getLoggingContext() == null) LoggingContextManager.getInstance().setLoggingContext( new LoggingContext(Thread.currentThread().getName())); } - + /** * Builds an Array of accepted server certificates from an URL, @@ -161,4 +161,36 @@ public class MOAIDTrustManager extends IAIKX509TrustManager { { return true; } + +// public void init(PKIConfiguration pkiConfig, PKIProfile pkiProfile) throws PKIException { +// if (pkiProfile == null) { +// throw new NullPointerException("pkiConfig parameter must not be null"); +// +// } +// +// TransactionId tid = new TransactionIdImpl("Init"); +// log_.info(tid, "Setting up IAIKX509TrustManager", null); +// if (pkiConfig != null) { +// PKIFactory.getInstance().configure(pkiConfig, tid); +//// log_.info(tid, "Registering LDAP protocol handler", null); +//// String protocolHandlers = +//// System.getProperty("java.protocol.handler.pkgs"); +//// if (protocolHandlers == null) { +//// protocolHandlers = "iaik.pki"; +//// +//// } else { +//// protocolHandlers = protocolHandlers + "|iaik.pki"; +//// +//// } +//// +//// System.setProperty("java.protocol.handler.pkgs", protocolHandlers); +//// log_.info(tid, "Registered protocol handlers: " + protocolHandlers, null); +// +// } +// +// pkiProfile_ = pkiProfile; +// pkiFactory_ = PKIFactory.getInstance(); +// initialized_ = true; +// } + } diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/PKIConfigurationImpl.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/PKIConfigurationImpl.java deleted file mode 100644 index 5d8c7a54e..000000000 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/PKIConfigurationImpl.java +++ /dev/null @@ -1,118 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.id.commons.utils.ssl; - -import iaik.pki.PKIConfiguration; -import iaik.pki.pathvalidation.ValidationConfiguration; -import iaik.pki.revocation.RevocationConfiguration; -import iaik.pki.store.certstore.CertStoreConfiguration; -import iaik.pki.store.revocation.archive.ArchiveConfiguration; - -/** - * Implementation of interface <code>PKIConfiguration</code> needed to - * initialize an IAIK JSSE <code>TrustManager</code> - * - * @author Paul Ivancsics - * @version $Id$ - */ -public class PKIConfigurationImpl implements PKIConfiguration { - /** The configuration for the CertStore */ - private CertStoreConfiguration certStoreConfiguration; - /** The configuration for the RevocationChecks */ - private RevocationConfiguration revocationConfiguration; - /** The configuration for the Validation */ - private ValidationConfiguration validationConfiguration; - - /** - * Constructor - * @param conf the Configuration for the PKIConfig - * @throws ConfigurationException for any config error - */ - public PKIConfigurationImpl(String certStoreRootDirParam, String chainingMode) throws SSLConfigurationException { - - certStoreConfiguration = new CertStoreConfigurationImpl(certStoreRootDirParam); - revocationConfiguration = new RevocationConfigurationImpl(); - validationConfiguration = new ValidationConfigurationImpl(chainingMode); - } - - /** - * @see iaik.pki.PKIConfiguration#getCertStoreConfiguration() - */ - public CertStoreConfiguration getCertStoreConfiguration() { - return certStoreConfiguration; - } - - /** - * @see iaik.pki.PKIConfiguration#getRevocationConfiguration() - */ - public RevocationConfiguration getRevocationConfiguration() { - return revocationConfiguration; - } - - /** - * @see iaik.pki.PKIConfiguration#getArchiveConfiguration() - */ - public ArchiveConfiguration getArchiveConfiguration() { - return null; - } - - /** - * @see iaik.pki.PKIConfiguration#getValidationConfiguration() - */ - public ValidationConfiguration getValidationConfiguration() { - return validationConfiguration; - } - -/* (non-Javadoc) - * @see iaik.pki.PKIConfiguration#getTimeout() - */ - public int getTimeout() { - // TODO Auto-generated method stub - return 0; -} - -} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/PKIProfileImpl.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/PKIProfileImpl.java index 59994a257..1c8b6e18d 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/PKIProfileImpl.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/PKIProfileImpl.java @@ -46,10 +46,12 @@ package at.gv.egovernment.moa.id.commons.utils.ssl; +import java.security.NoSuchAlgorithmException; import java.security.cert.X509Certificate; import java.util.Collections; import java.util.Set; +import iaik.asn1.structures.AlgorithmID; import iaik.pki.PKIProfile; import iaik.pki.pathvalidation.ValidationProfile; import iaik.pki.revocation.RevocationProfile; @@ -66,7 +68,7 @@ import iaik.pki.store.truststore.TrustStoreTypes; */ public class PKIProfileImpl extends ObservableImpl implements PKIProfile, RevocationProfile, TrustStoreProfile, ValidationProfile { - + /** * URI to the truststore */ @@ -77,6 +79,10 @@ public class PKIProfileImpl extends ObservableImpl */ private boolean revocationChecking; + + private String[] revocationCheckMethode = new String[] {RevocationSourceTypes.CRL}; + protected String ocspRequestHashAlgorithm_ = null; + /** * The trust profile identifier. */ @@ -96,13 +102,6 @@ public class PKIProfileImpl extends ObservableImpl } /** - * @see iaik.pki.PKIProfile#autoAddCertificates() - */ - public boolean autoAddCertificates() { - return true; - } - - /** * @see iaik.pki.PKIProfile#getRevocationProfile() */ public RevocationProfile getRevocationProfile() { @@ -134,23 +133,43 @@ public class PKIProfileImpl extends ObservableImpl * @see iaik.pki.revocation.RevocationProfile#getMaxRevocationAge(java.lang.String) */ public long getMaxRevocationAge(String arg0) { - return 0; + return 0L; } /** * @see iaik.pki.revocation.RevocationProfile#getOCSPRequestHashAlgorithm() */ public String getOCSPRequestHashAlgorithm() { - return null; + if (ocspRequestHashAlgorithm_ == null) { + try + { + ocspRequestHashAlgorithm_ = AlgorithmID.sha1.getImplementationName(); + } + catch (NoSuchAlgorithmException localNoSuchAlgorithmException) {} + } + return ocspRequestHashAlgorithm_; } + public void setOCSPRequestHashAlgorithm(AlgorithmID paramAlgorithmID) + throws NoSuchAlgorithmException + { + if (paramAlgorithmID == null) { + throw new NullPointerException("Algorithm must not be null."); + } + ocspRequestHashAlgorithm_ = paramAlgorithmID.getImplementationName(); + } + /** * @see iaik.pki.revocation.RevocationProfile#getPreferredServiceOrder(java.security.cert.X509Certificate) */ public String[] getPreferredServiceOrder(X509Certificate arg0) { - return new String[] {RevocationSourceTypes.CRL}; + return revocationCheckMethode; } + public void setPreferredServiceOrder(String[] order) { + this.revocationCheckMethode = order; + } + /** * @see iaik.pki.store.truststore.TrustStoreProfile#getType() */ @@ -227,4 +246,22 @@ public class PKIProfileImpl extends ObservableImpl public void setId(String id) { this.id = id; } + +/* (non-Javadoc) + * @see iaik.pki.PKIProfile#autoAddCertificates() + */ +@Override +public int autoAddCertificates() { + return 1; + +} + +/* (non-Javadoc) + * @see iaik.pki.PKIProfile#getIndirectRevocationTrustStoreProfile() + */ +@Override +public TrustStoreProfile getIndirectRevocationTrustStoreProfile() { + return null; + +} } diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/RevocationConfigurationImpl.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/RevocationConfigurationImpl.java index b5e0543db..449f77209 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/RevocationConfigurationImpl.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/RevocationConfigurationImpl.java @@ -46,13 +46,14 @@ package at.gv.egovernment.moa.id.commons.utils.ssl; -import iaik.pki.revocation.RevocationConfiguration; - import java.security.cert.X509Certificate; import java.util.Collections; import java.util.Date; import java.util.Set; +import iaik.pki.revocation.RevocationConfiguration; +import iaik.pki.revocation.dbcrl.config.DBCrlConfig; + /** * Implementation of interface needed to initialize an IAIK JSSE <code>TrustManager</code> * @author Paul Ivancsics @@ -81,4 +82,43 @@ public class RevocationConfigurationImpl extends ObservableImpl implements Revoc return null; } +/* (non-Javadoc) + * @see iaik.pki.revocation.RevocationConfiguration#getKeepRevocationInfo() + */ +@Override +public boolean getKeepRevocationInfo() { + return false; +} + +/* (non-Javadoc) + * @see iaik.pki.revocation.RevocationConfiguration#getPositiveOCSPResponders() + */ +@Override +public Set getPositiveOCSPResponders() { + +// //TODO: !!!!! ASK Harald !!!!! +// Map<String, String> test = new HashMap<String, String>(); +// test.put("ALL", "ALL"); +// return test.keySet(); + + return Collections.EMPTY_SET; +} + +/* (non-Javadoc) + * @see iaik.pki.revocation.RevocationConfiguration#skipIndirectCRLCheckForAlternativeDistributionPoints() + */ +@Override +public boolean skipIndirectCRLCheckForAlternativeDistributionPoints() { + //TODO: !!!!! ASK Harald !!!!! + return false; +} + +/* (non-Javadoc) + * @see iaik.pki.revocation.RevocationConfiguration#getDataBaseCRLConfig() + */ +@Override +public DBCrlConfig getDataBaseCRLConfig() { + return null; +} + } diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/SSLUtils.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/SSLUtils.java index 68437a04d..4ecda435d 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/SSLUtils.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/SSLUtils.java @@ -46,25 +46,26 @@ package at.gv.egovernment.moa.id.commons.utils.ssl; -import iaik.pki.PKIConfiguration; -import iaik.pki.PKIException; -import iaik.pki.PKIFactory; -import iaik.pki.PKIProfile; -import iaik.pki.jsse.IAIKX509TrustManager; -import iaik.security.provider.IAIK; - import java.io.IOException; import java.security.GeneralSecurityException; +import java.security.KeyStore; import java.security.Security; import java.util.HashMap; import java.util.Map; import javax.net.ssl.KeyManager; +import javax.net.ssl.KeyManagerFactory; import javax.net.ssl.SSLContext; import javax.net.ssl.SSLSocketFactory; import javax.net.ssl.TrustManager; import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.KeyStoreUtils; +import iaik.pki.DefaultPKIConfiguration; +import iaik.pki.PKIException; +import iaik.pki.PKIFactory; +//import iaik.pki.jsse.IAIKX509TrustManager; +import iaik.security.provider.IAIK; /** @@ -92,24 +93,7 @@ public class SSLUtils { } - - /** - * Creates an <code>SSLSocketFactory</code> which utilizes an - * <code>IAIKX509TrustManager</code> for the given trust store, - * and the given key store. - * - * @param conf configuration provider providing a generic properties pointing - * to trusted CA store and certificate store root - * @param connParam connection parameter containing the client key store settings - * to be used in case of client authentication; - * if <code>connParam.getClientKeyStore() == null</code>, client authentication - * is assumed to be disabled - * @return <code>SSLSocketFactory</code> to be used by an <code>HttpsURLConnection</code> - * @throws IOException thrown while reading key store file - * @throws GeneralSecurityException thrown while creating the socket factory - * @throws ConfigurationException on invalid configuration data - * @throws PKIException while initializing the <code>IAIKX509TrustManager</code> - */ + public static SSLSocketFactory getSSLSocketFactory( String url, String certStoreRootDirParam, @@ -117,9 +101,10 @@ public class SSLUtils { String acceptedServerCertURL, String chainingMode, boolean checkRevocation, + String[] revocationMethodOrder, String clientKeyStoreURL, String clientKeyStorePassword, - String clientKeyStoreType + String clientKeyStoreType ) throws IOException, GeneralSecurityException, SSLConfigurationException, PKIException { @@ -134,9 +119,10 @@ public class SSLUtils { chainingMode, trustStoreURL, acceptedServerCertURL, - checkRevocation); + checkRevocation, + revocationMethodOrder); - KeyManager[] kms = at.gv.egovernment.moa.util.SSLUtils.getKeyManagers( + KeyManager[] kms = getKeyManagers( clientKeyStoreType, clientKeyStoreURL, clientKeyStorePassword); SSLContext ctx = SSLContext.getInstance("TLS"); ctx.init(kms, tms, null); @@ -154,6 +140,68 @@ public class SSLUtils { } /** + * Loads the client key store from file and gets the + * <code>KeyManager</code>s from a default <code>KeyManagerFactory</code>, + * initialized from the given client key store. + * @param clientKeyStoreType key store type of <code>clientKeyStore</code> + * @param clientKeyStoreURL URL of key store containing keys to be used for + * client authentication; if <code>null</code>, the default key store will be utilized + * @param clientKeyStorePassword password used to check the integrity of the client key store; + * if <code>null</code>, it will not be checked + * @return <code>KeyManager</code>s to be used for creating an + * <code>SSLSocketFactory</code> utilizing the given client key store + * @throws IOException thrown while reading from the key store file + * @throws GeneralSecurityException thrown while initializing the + * default <code>KeyManagerFactory</code> + */ + public static KeyManager[] getKeyManagers ( + String clientKeyStoreType, + String clientKeyStoreURL, + String clientKeyStorePassword) + throws IOException, GeneralSecurityException { + + if (clientKeyStoreURL == null) + return null; + + // Set up the KeyStore to use. We need to load the file into + // a KeyStore instance. + KeyStore clientKeyStore = KeyStoreUtils.loadKeyStore( + clientKeyStoreType, clientKeyStoreURL, clientKeyStorePassword); + return getKeyManagers(clientKeyStore, clientKeyStorePassword); + } + /** + * Gets the <code>KeyManager</code>s from a default <code>KeyManagerFactory</code>, + * initialized from the given client key store. + * @param clientKeyStore client key store + * @param clientKeyStorePassword if provided, it will be used to check + * the integrity of the client key store; if omitted, it will not be checked + * @return <code>KeyManager</code>s to be used for creating an + * <code>SSLSocketFactory</code> utilizing the given client key store + * @throws GeneralSecurityException thrown while initializing the + * default <code>KeyManagerFactory</code> + */ + public static KeyManager[] getKeyManagers ( + KeyStore clientKeyStore, + String clientKeyStorePassword) + throws GeneralSecurityException { + + if (clientKeyStore == null) + return null; + + // Now we initialize the default KeyManagerFactory with this KeyStore + String alg=KeyManagerFactory.getDefaultAlgorithm(); + KeyManagerFactory kmFact=KeyManagerFactory.getInstance(alg); + char[] password = null; + if (clientKeyStorePassword != null) + password = clientKeyStorePassword.toCharArray(); + kmFact.init(clientKeyStore, password); + + // And now get the KeyManagers + KeyManager[] kms=kmFact.getKeyManagers(); + return kms; + } + + /** * Initializes an <code>IAIKX509TrustManager</code> for a given trust store, * using configuration data. * @@ -167,18 +215,26 @@ public class SSLUtils { */ private static TrustManager[] getTrustManagers(String certStoreRootDirParam, String chainingMode, String trustStoreURL, String acceptedServerCertURL, - boolean checkRevocation) + boolean checkRevocation, String[] revocationMethodOrder) throws SSLConfigurationException, PKIException, IOException, GeneralSecurityException { - PKIConfiguration cfg = null; - if (! PKIFactory.getInstance().isAlreadyConfigured()) - cfg = new PKIConfigurationImpl(certStoreRootDirParam, chainingMode); - PKIProfile profile = new PKIProfileImpl(trustStoreURL, checkRevocation); + DefaultPKIConfiguration cfg = null; + if (! PKIFactory.getInstance().isAlreadyConfigured()) { + CertStoreConfigurationImpl certStoreConf = new CertStoreConfigurationImpl(certStoreRootDirParam); + cfg = new DefaultPKIConfiguration(certStoreConf.getParameters()); + cfg.setChainingMode(chainingMode); + Logger.info("Set-up PKI module configuration ... "); + + } + + PKIProfileImpl profile = new PKIProfileImpl(trustStoreURL, checkRevocation); + profile.setPreferredServiceOrder(revocationMethodOrder); + // This call fixes a bug occuring when PKIConfiguration is // initialized by the MOA-SP initialization code, in case // MOA-SP is called by API MOAIDTrustManager.initializeLoggingContext(); - IAIKX509TrustManager tm = new MOAIDTrustManager(acceptedServerCertURL); + MOAIDTrustManager tm = new MOAIDTrustManager(acceptedServerCertURL); tm.init(cfg, profile); return new TrustManager[] {tm}; } diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/logging/LogMsg.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/logging/LogMsg.java deleted file mode 100644 index 51667f010..000000000 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/logging/LogMsg.java +++ /dev/null @@ -1,67 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.logging; - -/** - * A unified message type to log messages from inside the MOA subsystem. - * - * @author Patrick Peck - * @version $Id$ - */ -public class LogMsg { - /** The message to log. */ - private Object message; - - /** - * Create a <code>LogMsg</code> object. - * - * @param message The actual message to log. May be <code>null</code>. - */ - public LogMsg(Object message) { - this.message = message; - } - - /** - * Convert this log message to a <code>String</code>. - * - * @return The <code>String</code> representation of this log message. - */ - public String toString() { - StringBuffer msg = new StringBuffer(); - LoggingContext ctx = - LoggingContextManager.getInstance().getLoggingContext(); - String tid = ctx != null ? ctx.getTransactionID() : null; - String nodeId = ctx != null ? ctx.getNodeID() : null; - - msg.append("TID="); - msg.append(tid != null ? tid : "<null>"); - msg.append(" NID="); - msg.append(nodeId != null ? nodeId : "<null>"); - msg.append(" MSG="); - msg.append(message != null ? message.toString() : "<null>"); - - return msg.toString(); - } -} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/logging/LoggingContext.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/logging/LoggingContext.java deleted file mode 100644 index db4b93a0b..000000000 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/logging/LoggingContext.java +++ /dev/null @@ -1,70 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.logging; - -/** - * Encapsulates contextual information (i.e. per request information) for - * logging purposes. - * - * @author Patrick Peck - * @version $Id$ - */ -public class LoggingContext { - /** The name of the node ID system property. */ - public static final String NODE_ID_PROPERTY = "moa.node-id"; - - /** The current transaction ID. */ - private String transactionID; - /** The node ID. */ - private String nodeID; - - /** - * Create a new <code>LoggingContext</code>. - * - * @param transactionID The transaction ID. May be <code>null</code>. - */ - public LoggingContext(String transactionID) { - this.transactionID = transactionID; - this.nodeID = System.getProperty(NODE_ID_PROPERTY); - } - - /** - * Return the transaction ID. - * - * @return The transaction ID. - */ - public String getTransactionID() { - return transactionID; - } - - /** - * Return the node ID. - * - * @return The node ID. - */ - public String getNodeID() { - return nodeID; - } -} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/logging/LoggingContextManager.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/logging/LoggingContextManager.java deleted file mode 100644 index f0d7b4c07..000000000 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/logging/LoggingContextManager.java +++ /dev/null @@ -1,80 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.logging; - -/** - * Provides each thread with a single instance of <code>LoggingContext</code>. - * - * @author Patrick Peck - * @version $Id$ - */ -public class LoggingContextManager { - /** The single instance of this class. */ - private static LoggingContextManager instance = null; - - /** The <code>LoggingContext</code> for each thread. */ - private ThreadLocal context; - - /** - * Get the single instance of the <code>LoggingContextManager</code> class. - * - * @return LoggingContextManager The single instance. - */ - public static synchronized LoggingContextManager getInstance() { - if (instance == null) { - instance = new LoggingContextManager(); - } - return instance; - } - - /** - * Creates a new <code>LoggingContextManager</code>. - * - * Protected to disallow direct instantiation. - */ - protected LoggingContextManager() { - context = new ThreadLocal(); - } - - /** - * Set the <code>LoggingContext</code> context for the current thread. - * - * @param ctx The <code>LoggingContext</code> for the current thread. - */ - public void setLoggingContext(LoggingContext ctx) { - context.set(ctx); - } - - /** - * Return the <code>LoggingContext</code> for the current thread. - * - * @return LoggingContext The <code>LoggingContext</code> for the current - * thread, or <code>null</code> if none has been set. - */ - public LoggingContext getLoggingContext() { - return (LoggingContext) context.get(); - } - -} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/Constants.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/Constants.java index 5a5f4edac..260b2ecb1 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/Constants.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/Constants.java @@ -24,7 +24,10 @@ package at.gv.egovernment.moa.util; +import java.util.Collections; import java.util.HashMap; +import java.util.Map; + /** * Contains various constants used throughout the system. @@ -509,6 +512,14 @@ public interface Constants { /** * A map used to map namespace prefixes to namespace URIs */ - public static HashMap<String, String> nSMap = new HashMap<String, String>(5); + public static final Map<String, String> nSMap = Collections.unmodifiableMap(new HashMap<String, String>(){ + private static final long serialVersionUID = 3845384324295136490L; + { + put(Constants.SAML_PREFIX, Constants.SAML_NS_URI); + put(Constants.ECDSA_PREFIX, "http://www.w3.org/2001/04/xmldsig-more#"); + put(Constants.DSIG_PREFIX, Constants.DSIG_NS_URI); + } + }); + } diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/MOAEntityResolver.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/MOAEntityResolver.java index 8f3ffd4c6..b1a3f8446 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/MOAEntityResolver.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/MOAEntityResolver.java @@ -31,7 +31,6 @@ import org.apache.xerces.util.URI.MalformedURIException; import org.xml.sax.EntityResolver; import org.xml.sax.InputSource; -import at.gv.egovernment.moa.logging.LogMsg; import at.gv.egovernment.moa.logging.Logger; /** @@ -72,7 +71,7 @@ public class MOAEntityResolver implements EntityResolver { if (Logger.isDebugEnabled()) { Logger.debug( - new LogMsg("resolveEntity: p=" + publicId + " s=" + systemId)); + new at.gv.egovernment.moaspss.logging.LogMsg("resolveEntity: p=" + publicId + " s=" + systemId)); } if (publicId != null) { diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/MOAErrorHandler.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/MOAErrorHandler.java index 3769b264d..ea71a677f 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/MOAErrorHandler.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/MOAErrorHandler.java @@ -28,8 +28,8 @@ import org.apache.xml.utils.DefaultErrorHandler; import org.xml.sax.SAXException; import org.xml.sax.SAXParseException; -import at.gv.egovernment.moa.logging.LogMsg; import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moaspss.logging.LogMsg; /** * An <code>ErrorHandler</code> that logs a message and throws a diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/SSLUtils.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/SSLUtils.java deleted file mode 100644 index c2c67ec58..000000000 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/SSLUtils.java +++ /dev/null @@ -1,244 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.util; - -import java.io.IOException; -import java.io.InputStream; -import java.security.GeneralSecurityException; -import java.security.KeyStore; - -import javax.net.ssl.KeyManager; -import javax.net.ssl.KeyManagerFactory; -import javax.net.ssl.SSLContext; -import javax.net.ssl.SSLSocketFactory; -import javax.net.ssl.TrustManager; -import javax.net.ssl.TrustManagerFactory; - -/** - * Utility for connecting to server applications via SSL. - * - * @author Paul Ivancsics - * @version $Id$ - */ -public class SSLUtils { - - /** - * Creates an <code>SSLSocketFactory</code> which utilizes the given trust store. - * - * @param trustStoreType key store type of trust store - * @param trustStoreInputStream input stream for reading JKS trust store containing - * trusted server certificates; if <code>null</code>, the default - * trust store will be utilized - * @param trustStorePassword if provided, it will be used to check - * the integrity of the trust store; if omitted, it will not be checked - * @return <code>SSLSocketFactory</code> to be used by an <code>HttpsURLConnection</code> - * @throws IOException thrown while reading from the input stream - * @throws GeneralSecurityException thrown while creating the socket factory - */ - public static SSLSocketFactory getSSLSocketFactory( - String trustStoreType, - InputStream trustStoreInputStream, - String trustStorePassword) - throws IOException, GeneralSecurityException { - - TrustManager[] tms = getTrustManagers(trustStoreType, trustStoreInputStream, trustStorePassword); - SSLContext ctx = SSLContext.getInstance("TLS"); - ctx.init(null, tms, null); - - SSLSocketFactory sf = ctx.getSocketFactory(); - return sf; - } - /** - * Creates an <code>SSLSocketFactory</code> which utilizes the - * given trust store and keystore. - * - * @param trustStore trust store containing trusted server certificates; - * if <code>null</code>, the default trust store will be utilized - * @param clientKeyStoreType key store type of <code>clientKeyStore</code> - * @param clientKeyStoreURL URL of key store containing keys to be used for - * client authentication; if <code>null</code>, the default key store will be utilized - * @param clientKeyStorePassword if provided, it will be used to check - * the integrity of the client key store; if omitted, it will not be checked - * @return <code>SSLSocketFactory</code> to be used by an <code>HttpsURLConnection</code> - * @throws IOException thrown while reading key store file - * @throws GeneralSecurityException thrown while creating the socket factory - */ - public static SSLSocketFactory getSSLSocketFactory( - KeyStore trustStore, - String clientKeyStoreType, - String clientKeyStoreURL, - String clientKeyStorePassword) - throws IOException, GeneralSecurityException { - - SSLContext ctx = getSSLContext( - trustStore, clientKeyStoreType, clientKeyStoreURL, clientKeyStorePassword); - SSLSocketFactory sf = ctx.getSocketFactory(); - return sf; - } - /** - * Creates an <code>SSLContext</code> initialized for the - * given trust store and keystore. - * - * @param trustStore trust store containing trusted server certificates; - * if <code>null</code>, the default trust store will be utilized - * @param clientKeyStoreType key store type of <code>clientKeyStore</code> - * @param clientKeyStoreURL URL of key store containing keys to be used for - * client authentication; if <code>null</code>, the default key store will be utilized - * @param clientKeyStorePassword if provided, it will be used to check - * the integrity of the client key store; if omitted, it will not be checked - * @return <code>SSLContext</code> to be used for creating an <code>SSLSocketFactory</code> - * @throws IOException thrown while reading key store file - * @throws GeneralSecurityException thrown while creating the SSL context - */ - public static SSLContext getSSLContext( - KeyStore trustStore, - String clientKeyStoreType, - String clientKeyStoreURL, - String clientKeyStorePassword) - throws IOException, GeneralSecurityException { - - TrustManager[] tms = getTrustManagers(trustStore); - KeyManager[] kms = getKeyManagers(clientKeyStoreType, clientKeyStoreURL, clientKeyStorePassword); - SSLContext ctx = SSLContext.getInstance("TLS"); - ctx.init(kms, tms, null); - return ctx; - } - /** - * Loads the trust store from an input stream and gets the - * <code>TrustManager</code>s from a default <code>TrustManagerFactory</code>, - * initialized from the given trust store. - * @param trustStoreType key store type of trust store - * @param trustStoreInputStream input stream for reading JKS trust store containing - * trusted server certificates; if <code>null</code>, the default - * trust store will be utilized - * @param trustStorePassword if provided, it will be used to check - * the integrity of the trust store; if omitted, it will not be checked - * @return <code>TrustManager</code>s to be used for creating an - * <code>SSLSocketFactory</code> utilizing the given trust store - * @throws IOException thrown while reading from the input stream - * @throws GeneralSecurityException thrown while initializing the - * default <code>TrustManagerFactory</code> - */ - protected static TrustManager[] getTrustManagers( - String trustStoreType, - InputStream trustStoreInputStream, - String trustStorePassword) - throws IOException, GeneralSecurityException { - - if (trustStoreInputStream == null) - return null; - - // Set up the TrustStore to use. We need to load the file into - // a KeyStore instance. - KeyStore trustStore = KeyStoreUtils.loadKeyStore(trustStoreType, trustStoreInputStream, trustStorePassword); - return getTrustManagers(trustStore); - } - /** - * Gets the <code>TrustManager</code>s from a default <code>TrustManagerFactory</code>, - * initialized from the given trust store. - * - * @param trustStore the trust store to use - * @return <code>TrustManager</code>s to be used for creating an - * <code>SSLSocketFactory</code> utilizing the given trust store - * @throws GeneralSecurityException thrown while initializing the - * default <code>TrustManagerFactory</code> - */ - protected static TrustManager[] getTrustManagers(KeyStore trustStore) - throws GeneralSecurityException { - - if (trustStore == null) - return null; - - // Initialize the default TrustManagerFactory with this KeyStore - String alg=TrustManagerFactory.getDefaultAlgorithm(); - TrustManagerFactory tmFact=TrustManagerFactory.getInstance(alg); - tmFact.init(trustStore); - - // And now get the TrustManagers - TrustManager[] tms=tmFact.getTrustManagers(); - return tms; - } - /** - * Loads the client key store from file and gets the - * <code>KeyManager</code>s from a default <code>KeyManagerFactory</code>, - * initialized from the given client key store. - * @param clientKeyStoreType key store type of <code>clientKeyStore</code> - * @param clientKeyStoreURL URL of key store containing keys to be used for - * client authentication; if <code>null</code>, the default key store will be utilized - * @param clientKeyStorePassword password used to check the integrity of the client key store; - * if <code>null</code>, it will not be checked - * @return <code>KeyManager</code>s to be used for creating an - * <code>SSLSocketFactory</code> utilizing the given client key store - * @throws IOException thrown while reading from the key store file - * @throws GeneralSecurityException thrown while initializing the - * default <code>KeyManagerFactory</code> - */ - public static KeyManager[] getKeyManagers ( - String clientKeyStoreType, - String clientKeyStoreURL, - String clientKeyStorePassword) - throws IOException, GeneralSecurityException { - - if (clientKeyStoreURL == null) - return null; - - // Set up the KeyStore to use. We need to load the file into - // a KeyStore instance. - KeyStore clientKeyStore = KeyStoreUtils.loadKeyStore( - clientKeyStoreType, clientKeyStoreURL, clientKeyStorePassword); - return getKeyManagers(clientKeyStore, clientKeyStorePassword); - } - /** - * Gets the <code>KeyManager</code>s from a default <code>KeyManagerFactory</code>, - * initialized from the given client key store. - * @param clientKeyStore client key store - * @param clientKeyStorePassword if provided, it will be used to check - * the integrity of the client key store; if omitted, it will not be checked - * @return <code>KeyManager</code>s to be used for creating an - * <code>SSLSocketFactory</code> utilizing the given client key store - * @throws GeneralSecurityException thrown while initializing the - * default <code>KeyManagerFactory</code> - */ - public static KeyManager[] getKeyManagers ( - KeyStore clientKeyStore, - String clientKeyStorePassword) - throws GeneralSecurityException { - - if (clientKeyStore == null) - return null; - - // Now we initialize the default KeyManagerFactory with this KeyStore - String alg=KeyManagerFactory.getDefaultAlgorithm(); - KeyManagerFactory kmFact=KeyManagerFactory.getInstance(alg); - char[] password = null; - if (clientKeyStorePassword != null) - password = clientKeyStorePassword.toCharArray(); - kmFact.init(clientKeyStore, password); - - // And now get the KeyManagers - KeyManager[] kms=kmFact.getKeyManagers(); - return kms; - } -} diff --git a/id/server/moa-id-commons/src/main/resources/META-INF/persistence.xml b/id/server/moa-id-commons/src/main/resources/META-INF/persistence.xml deleted file mode 100644 index 9bebfa66f..000000000 --- a/id/server/moa-id-commons/src/main/resources/META-INF/persistence.xml +++ /dev/null @@ -1,16 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<persistence xmlns="http://java.sun.com/xml/ns/persistence" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://java.sun.com/xml/ns/persistence -http://java.sun.com/xml/ns/persistence/persistence_2_0.xsd" - version="2.0"> - - <persistence-unit name="config" transaction-type="RESOURCE_LOCAL"> - <provider>org.hibernate.ejb.HibernatePersistence</provider> - <class>at.gv.egovernment.moa.id.commons.db.dao.config.ConfigProperty</class> - <!-- <class>at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase</class> --> - <properties> - </properties> - </persistence-unit> - -</persistence>
\ No newline at end of file diff --git a/id/server/moa-id-commons/src/main/resources/configuration.beans.xml b/id/server/moa-id-commons/src/main/resources/configuration.beans.xml index 4d3caea8c..b97b1c88b 100644 --- a/id/server/moa-id-commons/src/main/resources/configuration.beans.xml +++ b/id/server/moa-id-commons/src/main/resources/configuration.beans.xml @@ -17,6 +17,7 @@ <bean id="moaidconfig" class="at.gv.egovernment.moa.id.commons.config.persistence.MOAIDConfigurationImpl" /> <bean name="config" id="entityManagerFactory" class="org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean"> + <property name="packagesToScan" value="at.gv.egovernment.moa.id.commons.db.dao.config" /> <property name="dataSource" ref="dataSource" /> <property name="jpaVendorAdapter" ref="jpaVendorAdapter" /> <property name="persistenceUnitName" value="config" /> diff --git a/id/server/moa-id-commons/src/main/resources/hibernate_moasession.cfg.xml b/id/server/moa-id-commons/src/main/resources/hibernate_moasession.cfg.xml deleted file mode 100644 index e40c8b8a9..000000000 --- a/id/server/moa-id-commons/src/main/resources/hibernate_moasession.cfg.xml +++ /dev/null @@ -1,15 +0,0 @@ -<?xml version='1.0' encoding='utf-8'?> -<!DOCTYPE hibernate-configuration PUBLIC -"-//Hibernate/Hibernate Configuration DTD 3.0//EN" -"http://www.hibernate.org/dtd/hibernate-configuration-3.0.dtd"> - -<hibernate-configuration> - <session-factory> - <!-- MOA Session handling mapping files --> - <mapping class="at.gv.egovernment.moa.id.commons.db.dao.session.AssertionStore"/> - <mapping class="at.gv.egovernment.moa.id.commons.db.dao.session.AuthenticatedSessionStore"/> - <mapping class="at.gv.egovernment.moa.id.commons.db.dao.session.OASessionStore"/> - <mapping class="at.gv.egovernment.moa.id.commons.db.dao.session.OldSSOSessionIDStore"/> - <mapping class="at.gv.egovernment.moa.id.commons.db.dao.session.ExceptionStore"/> - </session-factory> -</hibernate-configuration>
\ No newline at end of file diff --git a/id/server/moa-id-commons/src/main/resources/hibernate_statistic.cfg.xml b/id/server/moa-id-commons/src/main/resources/hibernate_statistic.cfg.xml deleted file mode 100644 index aa77a9c67..000000000 --- a/id/server/moa-id-commons/src/main/resources/hibernate_statistic.cfg.xml +++ /dev/null @@ -1,11 +0,0 @@ -<?xml version='1.0' encoding='utf-8'?> -<!DOCTYPE hibernate-configuration PUBLIC -"-//Hibernate/Hibernate Configuration DTD 3.0//EN" -"http://www.hibernate.org/dtd/hibernate-configuration-3.0.dtd"> - -<hibernate-configuration> - <session-factory> - <!-- MOA advanced statistic handling mapping files --> - <mapping class="at.gv.egovernment.moa.id.commons.db.dao.statistic.StatisticLog"/> - </session-factory> -</hibernate-configuration>
\ No newline at end of file diff --git a/id/server/moa-id-commons/src/main/resources/statistic.logging.beans.xml b/id/server/moa-id-commons/src/main/resources/statistic.logging.beans.xml new file mode 100644 index 000000000..9b00ff3cd --- /dev/null +++ b/id/server/moa-id-commons/src/main/resources/statistic.logging.beans.xml @@ -0,0 +1,74 @@ +<?xml version="1.0" encoding="UTF-8"?> +<beans profile="advancedLogOn" + xmlns="http://www.springframework.org/schema/beans" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xmlns:context="http://www.springframework.org/schema/context" + xmlns:tx="http://www.springframework.org/schema/tx" + xmlns:aop="http://www.springframework.org/schema/aop" + xmlns:p="http://www.springframework.org/schema/p" + xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd + http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd + http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd + http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd"> + + <context:annotation-config></context:annotation-config> + <tx:annotation-driven transaction-manager="statisticLogTransactionManager"/> + + <bean id="statisticLogDataSource" class="org.apache.commons.dbcp2.BasicDataSource" lazy-init="true" destroy-method="close"> + <aop:scoped-proxy/> + <property name="driverClassName" value="${advancedlogging.hibernate.connection.driver_class}" /> + <property name="url" value="${advancedlogging.hibernate.connection.url}"/> + <property name="username" value="${advancedlogging.hibernate.connection.username}" /> + <property name="password" value="${advancedlogging.hibernate.connection.password}" /> + + <property name="connectionProperties" value="${advancedlogging.dbcp.connectionProperties}" /> + <property name="initialSize" value="${advancedlogging.dbcp.initialSize}" /> + <property name="maxTotal" value="${advancedlogging.dbcp.maxActive}" /> + <property name="maxIdle" value="${advancedlogging.dbcp.maxIdle}" /> + <property name="minIdle" value="${advancedlogging.dbcp.minIdle}" /> + <!-- property name="maxWait" value="${moasession.dbcp.maxWaitMillis}" / --> + <property name="testOnBorrow" value="${advancedlogging.dbcp.testOnBorrow}" /> + <property name="testOnReturn" value="${advancedlogging.dbcp.testOnReturn}" /> + <property name="testWhileIdle" value="${advancedlogging.dbcp.testWhileIdle}" /> + <property name="validationQuery" value="${advancedlogging.dbcp.validationQuery}" /> + </bean> + +<!-- <bean id="statisticLogSessionFactory" class="org.springframework.orm.hibernate5.LocalSessionFactoryBean"> + <property name="dataSource" ref="statisticLogDataSource"/> + <property name="packagesToScan" value="at.gv.egovernment.moa.id.commons.db.dao.statistic" /> + <property name="hibernateProperties"> + + <props> + <prop key="hibernate.dialect">${advancedlogging.hibernate.dialect}</prop> + <prop key="hibernate.show_sql">${advancedlogging.hibernate.show_sql}</prop> + <prop key="hibernate.hbm2ddl.auto">${advancedlogging.hibernate.hbm2ddl.auto}</prop> + <prop key="current_session_context_class">${advancedlogging.hibernate.current_session_context_class}</prop> + <prop key="hibernate.transaction.flush_before_completion">${advancedlogging.hibernate.transaction.flush_before_completion}</prop> + <prop key="hibernate.transaction.auto_close_session">${advancedlogging.hibernate.transaction.auto_close_session}</prop> + </props> + </property> + </bean> --> + + + <!-- bean id="statisticLogDBUtils" class="at.gv.egovernment.moa.id.commons.db.StatisticLogDBUtils"/--> + + <bean name="statisticLogTransactionManager" id="statisticLogTransactionManager" class="org.springframework.orm.jpa.JpaTransactionManager"> + <property name="entityManagerFactory" ref="statistic" /> + </bean> + + <bean id="statisticJpaVendorAdapter" class="org.springframework.orm.jpa.vendor.HibernateJpaVendorAdapter"> + <property name="showSql" value="${advancedlogging.hibernate.show_sql}" /> + <property name="generateDdl" value="${advancedlogging.jpaVendorAdapter.generateDdl}" /> + <property name="databasePlatform" value="${advancedlogging.hibernate.dialect}" /> + </bean> + + <bean name="statistic" id="statistic" class="org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean"> + <property name="dataSource" ref="statisticLogDataSource" /> + <property name="jpaVendorAdapter" ref="statisticJpaVendorAdapter" /> + <property name="packagesToScan" value="at.gv.egovernment.moa.id.commons.db.dao.statistic" /> + <property name="persistenceUnitName" value="statistic" /> + </bean> + + + +</beans>
\ No newline at end of file diff --git a/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/AllTests.java b/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/AllTests.java index c0a93bf03..16d1e5adc 100644 --- a/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/AllTests.java +++ b/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/AllTests.java @@ -1,56 +1,56 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package test.at.gv.egovernment.moa; - -import junit.awtui.TestRunner; -import junit.framework.Test; -import junit.framework.TestSuite; - -/** - * @author patrick - * @version $Id$ - */ -public class AllTests { - - public static Test suite() { - TestSuite suite = new TestSuite(); - -// suite.addTestSuite(DOMUtilsTest.class); -// suite.addTestSuite(DateTimeUtilsTest.class); -// suite.addTestSuite(XPathUtilsTest.class); -// suite.addTestSuite(KeyStoreUtilsTest.class); -// suite.addTestSuite(SSLUtilsTest.class); - - return suite; - } - - public static void main(String[] args) { - try { - TestRunner.run(AllTests.class); - } catch (Exception e) { - e.printStackTrace(); - } - } -} +///* +// * Copyright 2003 Federal Chancellery Austria +// * MOA-ID has been developed in a cooperation between BRZ, the Federal +// * Chancellery Austria - ICT staff unit, and Graz University of Technology. +// * +// * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by +// * the European Commission - subsequent versions of the EUPL (the "Licence"); +// * You may not use this work except in compliance with the Licence. +// * You may obtain a copy of the Licence at: +// * http://www.osor.eu/eupl/ +// * +// * Unless required by applicable law or agreed to in writing, software +// * distributed under the Licence is distributed on an "AS IS" basis, +// * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// * See the Licence for the specific language governing permissions and +// * limitations under the Licence. +// * +// * This product combines work with different licenses. See the "NOTICE" text +// * file for details on the various modules and licenses. +// * The "NOTICE" text file is part of the distribution. Any derivative works +// * that you distribute must include a readable copy of the "NOTICE" text file. +// */ +// +// +//package test.at.gv.egovernment.moa; +// +//import junit.awtui.TestRunner; +//import junit.framework.Test; +//import junit.framework.TestSuite; +// +///** +// * @author patrick +// * @version $Id$ +// */ +//public class AllTests { +// +// public static Test suite() { +// TestSuite suite = new TestSuite(); +// +//// suite.addTestSuite(DOMUtilsTest.class); +//// suite.addTestSuite(DateTimeUtilsTest.class); +//// suite.addTestSuite(XPathUtilsTest.class); +//// suite.addTestSuite(KeyStoreUtilsTest.class); +//// suite.addTestSuite(SSLUtilsTest.class); +// +// return suite; +// } +// +// public static void main(String[] args) { +// try { +// TestRunner.run(AllTests.class); +// } catch (Exception e) { +// e.printStackTrace(); +// } +// } +//} diff --git a/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/util/SSLUtilsTest.java b/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/util/SSLUtilsTest.java deleted file mode 100644 index 2b5094fb8..000000000 --- a/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/util/SSLUtilsTest.java +++ /dev/null @@ -1,181 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package test.at.gv.egovernment.moa.util; - -import java.net.URL; -import java.security.KeyStore; -import java.security.Security; - -import javax.net.ssl.SSLException; -import javax.net.ssl.SSLSocketFactory; - -import junit.framework.TestCase; -import at.gv.egovernment.moa.util.KeyStoreUtils; -import at.gv.egovernment.moa.util.SSLUtils; - -import com.sun.net.ssl.HostnameVerifier; -import com.sun.net.ssl.HttpsURLConnection; - -/** - * @author Paul Ivancsics - * @version $Id$ - */ -public class SSLUtilsTest extends TestCase { - - public SSLUtilsTest(String arg0) { - super(arg0); - } - - - protected void setUp() throws Exception { - //System.setProperty("javax.net.debug", "all"); - Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider()); - System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol"); - System.setProperty("https.cipherSuites", "SSL_DHE_DSS_WITH_DES_CBC_SHA,SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA,SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA,SSL_RSA_WITH_DES_CBC_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA,SSL_RSA_EXPORT_WITH_RC4_40_MD5"); - } - - public void testGetSSLSocketFactoryBaltimoreOK() throws Exception { - doTestGetSSLSocketFactory( - "GET", - "https://www.baltimore.com/", - false, - "file:data/test/security/cacerts+gt_cybertrust_root", - "changeit", - true); - } - public void testGetSSLSocketFactoryBaltimoreNOK() throws Exception { - doTestGetSSLSocketFactory( - "GET", - "https://www.baltimore.com/", - false, - "file:data/test/security/cacerts", - "changeit", - false); - } - public void testGetSSLSocketFactoryVerisignOK() throws Exception { - doTestGetSSLSocketFactory( - "GET", - "https://www.verisign.com/", - false, - "file:data/test/security/cacerts", - "changeit", - true); - } - public void testGetSSLSocketFactoryVerisignNoTruststoreOK() throws Exception { - doTestGetSSLSocketFactory( - "GET", - "https://www.verisign.com/", - false, - null, - null, - true); - } - public void testGetSSLSocketFactoryLocalhostOK() throws Exception { - String urlString = "https://localhost:8443/moa-id-auth/index.jsp"; - doTestGetSSLSocketFactory( - "GET", - urlString, - true, - "file:data/test/security/server.keystore.tomcat", - "changeit", - true); - } - public void testGetSSLSocketFactoryLocalhostNOK() throws Exception { - String urlString = "https://localhost:8443/moa-id-auth/index.jsp"; - doTestGetSSLSocketFactory( - "GET", - urlString, - true, - null, - null, - false); - } - - public void doTestGetSSLSocketFactory( - String requestMethod, - String urlString, - boolean useHostnameVerifierHack, - String truststoreurl, - String trustpassword, - boolean shouldOk - ) throws Exception { - - doTestGetSSLSocketFactory( - requestMethod, urlString, useHostnameVerifierHack, truststoreurl, trustpassword, null, null, null, shouldOk); - } - public void doTestGetSSLSocketFactory( - String requestMethod, - String urlString, - boolean useHostnameVerifierHack, - String truststoreurl, - String trustpassword, - String keystoretype, - String keystoreurl, - String keypassword, - boolean shouldOk - ) throws Exception { - - KeyStore truststore = null; - if (truststoreurl != null) - truststore = KeyStoreUtils.loadKeyStore("jks", truststoreurl, trustpassword); - SSLSocketFactory sf = SSLUtils.getSSLSocketFactory( - truststore, keystoretype, keystoreurl, keypassword); - System.out.println(requestMethod + " " + urlString); - - URL url = new URL(urlString); - HttpsURLConnection conn = (HttpsURLConnection)url.openConnection(); - conn.setRequestMethod(requestMethod); - conn.setDoInput(true); - conn.setDoOutput(true); - conn.setUseCaches(false); - conn.setAllowUserInteraction(false); - conn.setSSLSocketFactory(sf); - if (useHostnameVerifierHack) - conn.setHostnameVerifier(new HostnameVerifierHack()); - try { - conn.connect(); - assertTrue(shouldOk); - assertEquals(200, conn.getResponseCode()); - conn.disconnect(); - } - catch (SSLException ex) { - assertFalse(shouldOk); - } - } -// private byte[] readTruststore(String filename) throws IOException { -// if (filename == null) -// return null; -// FileInputStream in = new FileInputStream(filename); -// byte[] buffer = new byte[in.available()]; -// in.read(buffer); -// in.close(); -// return buffer; -// } - private class HostnameVerifierHack implements HostnameVerifier { - public boolean verify(String arg0, String arg1) { - return true; - } - } -} diff --git a/id/server/moa-id-jaxb_classes/pom.xml b/id/server/moa-id-jaxb_classes/pom.xml new file mode 100644 index 000000000..9dbb28dfe --- /dev/null +++ b/id/server/moa-id-jaxb_classes/pom.xml @@ -0,0 +1,55 @@ +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> + <modelVersion>4.0.0</modelVersion> + <parent> + <groupId>MOA.id</groupId> + <artifactId>moa-id</artifactId> + <version>3.x</version> + </parent> + <groupId>MOA.id.server</groupId> + <artifactId>moa-id-jaxb_classes</artifactId> + + + <profiles> + <profile> + <id>default</id> + <activation> + <activeByDefault>true</activeByDefault> + </activation> + <repositories> + <repository> + <id>local</id> + <name>local</name> + <url>file:${basedir}/../../../repository</url> + </repository> + <repository> + <id>shibboleth.internet2.edu</id> + <name>Internet2</name> + <url>https://build.shibboleth.net/nexus/content/groups/public/</url> + </repository> + <repository> + <id>hyberjaxb</id> + <url>http://repository.highsource.org/maven2/releases/</url> + <releases> + <enabled>false</enabled> + </releases> + </repository> + <repository> + <id>jboss</id> + <url>https://repository.jboss.org/nexus/content/repositories/central/</url> + <releases> + <enabled>true</enabled> + </releases> + </repository> + <repository> + <id>egiz-commons</id> + <url>https://demo.egiz.gv.at/int-repo/</url> + <releases> + <enabled>true</enabled> + </releases> + </repository> + </repositories> + </profile> + </profiles> + + <version>${moa-id-version}</version> +</project>
\ No newline at end of file diff --git a/id/server/idserverlib/src/main/java/at/gv/e_government/reference/namespace/mandates/_20040701_/Issued.java b/id/server/moa-id-jaxb_classes/src/main/java/at/gv/e_government/reference/namespace/mandates/_20040701_/Issued.java index c2d950ee3..c2d950ee3 100644 --- a/id/server/idserverlib/src/main/java/at/gv/e_government/reference/namespace/mandates/_20040701_/Issued.java +++ b/id/server/moa-id-jaxb_classes/src/main/java/at/gv/e_government/reference/namespace/mandates/_20040701_/Issued.java diff --git a/id/server/idserverlib/src/main/java/at/gv/e_government/reference/namespace/mandates/_20040701_/Mandate.java b/id/server/moa-id-jaxb_classes/src/main/java/at/gv/e_government/reference/namespace/mandates/_20040701_/Mandate.java index e16ad89c5..e16ad89c5 100644 --- a/id/server/idserverlib/src/main/java/at/gv/e_government/reference/namespace/mandates/_20040701_/Mandate.java +++ b/id/server/moa-id-jaxb_classes/src/main/java/at/gv/e_government/reference/namespace/mandates/_20040701_/Mandate.java diff --git a/id/server/idserverlib/src/main/java/at/gv/e_government/reference/namespace/mandates/_20040701_/Mandator.java b/id/server/moa-id-jaxb_classes/src/main/java/at/gv/e_government/reference/namespace/mandates/_20040701_/Mandator.java index de7ded5f0..de7ded5f0 100644 --- a/id/server/idserverlib/src/main/java/at/gv/e_government/reference/namespace/mandates/_20040701_/Mandator.java +++ b/id/server/moa-id-jaxb_classes/src/main/java/at/gv/e_government/reference/namespace/mandates/_20040701_/Mandator.java diff --git a/id/server/idserverlib/src/main/java/at/gv/e_government/reference/namespace/mandates/_20040701_/ObjectFactory.java b/id/server/moa-id-jaxb_classes/src/main/java/at/gv/e_government/reference/namespace/mandates/_20040701_/ObjectFactory.java index 4c5993d09..4c5993d09 100644 --- a/id/server/idserverlib/src/main/java/at/gv/e_government/reference/namespace/mandates/_20040701_/ObjectFactory.java +++ b/id/server/moa-id-jaxb_classes/src/main/java/at/gv/e_government/reference/namespace/mandates/_20040701_/ObjectFactory.java diff --git a/id/server/idserverlib/src/main/java/at/gv/e_government/reference/namespace/mandates/_20040701_/ParameterDefinition.java b/id/server/moa-id-jaxb_classes/src/main/java/at/gv/e_government/reference/namespace/mandates/_20040701_/ParameterDefinition.java index 4ea066295..4ea066295 100644 --- a/id/server/idserverlib/src/main/java/at/gv/e_government/reference/namespace/mandates/_20040701_/ParameterDefinition.java +++ b/id/server/moa-id-jaxb_classes/src/main/java/at/gv/e_government/reference/namespace/mandates/_20040701_/ParameterDefinition.java diff --git a/id/server/idserverlib/src/main/java/at/gv/e_government/reference/namespace/mandates/_20040701_/ParameterisedDescriptionType.java b/id/server/moa-id-jaxb_classes/src/main/java/at/gv/e_government/reference/namespace/mandates/_20040701_/ParameterisedDescriptionType.java index a7f1410be..a7f1410be 100644 --- a/id/server/idserverlib/src/main/java/at/gv/e_government/reference/namespace/mandates/_20040701_/ParameterisedDescriptionType.java +++ b/id/server/moa-id-jaxb_classes/src/main/java/at/gv/e_government/reference/namespace/mandates/_20040701_/ParameterisedDescriptionType.java diff --git a/id/server/idserverlib/src/main/java/at/gv/e_government/reference/namespace/mandates/_20040701_/ParameterisedTextType.java b/id/server/moa-id-jaxb_classes/src/main/java/at/gv/e_government/reference/namespace/mandates/_20040701_/ParameterisedTextType.java index ec90a9ffb..ec90a9ffb 100644 --- a/id/server/idserverlib/src/main/java/at/gv/e_government/reference/namespace/mandates/_20040701_/ParameterisedTextType.java +++ b/id/server/moa-id-jaxb_classes/src/main/java/at/gv/e_government/reference/namespace/mandates/_20040701_/ParameterisedTextType.java diff --git a/id/server/idserverlib/src/main/java/at/gv/e_government/reference/namespace/mandates/_20040701_/PasteParameter.java b/id/server/moa-id-jaxb_classes/src/main/java/at/gv/e_government/reference/namespace/mandates/_20040701_/PasteParameter.java index d130a97ab..d130a97ab 100644 --- a/id/server/idserverlib/src/main/java/at/gv/e_government/reference/namespace/mandates/_20040701_/PasteParameter.java +++ b/id/server/moa-id-jaxb_classes/src/main/java/at/gv/e_government/reference/namespace/mandates/_20040701_/PasteParameter.java diff --git a/id/server/idserverlib/src/main/java/at/gv/e_government/reference/namespace/mandates/_20040701_/PropertiesType.java b/id/server/moa-id-jaxb_classes/src/main/java/at/gv/e_government/reference/namespace/mandates/_20040701_/PropertiesType.java index 43de36cdd..43de36cdd 100644 --- a/id/server/idserverlib/src/main/java/at/gv/e_government/reference/namespace/mandates/_20040701_/PropertiesType.java +++ b/id/server/moa-id-jaxb_classes/src/main/java/at/gv/e_government/reference/namespace/mandates/_20040701_/PropertiesType.java diff --git a/id/server/idserverlib/src/main/java/at/gv/e_government/reference/namespace/mandates/_20040701_/Representative.java b/id/server/moa-id-jaxb_classes/src/main/java/at/gv/e_government/reference/namespace/mandates/_20040701_/Representative.java index 3d2e7935a..3d2e7935a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/e_government/reference/namespace/mandates/_20040701_/Representative.java +++ b/id/server/moa-id-jaxb_classes/src/main/java/at/gv/e_government/reference/namespace/mandates/_20040701_/Representative.java diff --git a/id/server/idserverlib/src/main/java/at/gv/e_government/reference/namespace/mandates/_20040701_/SetParameter.java b/id/server/moa-id-jaxb_classes/src/main/java/at/gv/e_government/reference/namespace/mandates/_20040701_/SetParameter.java index 3fc572dc4..3fc572dc4 100644 --- a/id/server/idserverlib/src/main/java/at/gv/e_government/reference/namespace/mandates/_20040701_/SetParameter.java +++ b/id/server/moa-id-jaxb_classes/src/main/java/at/gv/e_government/reference/namespace/mandates/_20040701_/SetParameter.java diff --git a/id/server/idserverlib/src/main/java/at/gv/e_government/reference/namespace/mandates/_20040701_/SimpleMandateContentType.java b/id/server/moa-id-jaxb_classes/src/main/java/at/gv/e_government/reference/namespace/mandates/_20040701_/SimpleMandateContentType.java index efb341189..efb341189 100644 --- a/id/server/idserverlib/src/main/java/at/gv/e_government/reference/namespace/mandates/_20040701_/SimpleMandateContentType.java +++ b/id/server/moa-id-jaxb_classes/src/main/java/at/gv/e_government/reference/namespace/mandates/_20040701_/SimpleMandateContentType.java diff --git a/id/server/idserverlib/src/main/java/at/gv/e_government/reference/namespace/mandates/_20040701_/package-info.java b/id/server/moa-id-jaxb_classes/src/main/java/at/gv/e_government/reference/namespace/mandates/_20040701_/package-info.java index 061074c1a..061074c1a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/e_government/reference/namespace/mandates/_20040701_/package-info.java +++ b/id/server/moa-id-jaxb_classes/src/main/java/at/gv/e_government/reference/namespace/mandates/_20040701_/package-info.java diff --git a/id/server/idserverlib/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/AbstractAddressType.java b/id/server/moa-id-jaxb_classes/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/AbstractAddressType.java index de1027a1b..de1027a1b 100644 --- a/id/server/idserverlib/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/AbstractAddressType.java +++ b/id/server/moa-id-jaxb_classes/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/AbstractAddressType.java diff --git a/id/server/idserverlib/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/AbstractPersonType.java b/id/server/moa-id-jaxb_classes/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/AbstractPersonType.java index 38bc0c680..38bc0c680 100644 --- a/id/server/idserverlib/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/AbstractPersonType.java +++ b/id/server/moa-id-jaxb_classes/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/AbstractPersonType.java diff --git a/id/server/idserverlib/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/CorporateBodyType.java b/id/server/moa-id-jaxb_classes/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/CorporateBodyType.java index 7bbe7ac53..7bbe7ac53 100644 --- a/id/server/idserverlib/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/CorporateBodyType.java +++ b/id/server/moa-id-jaxb_classes/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/CorporateBodyType.java diff --git a/id/server/idserverlib/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/DefinedAlternativeNameTypeType.java b/id/server/moa-id-jaxb_classes/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/DefinedAlternativeNameTypeType.java index 45e786a23..45e786a23 100644 --- a/id/server/idserverlib/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/DefinedAlternativeNameTypeType.java +++ b/id/server/moa-id-jaxb_classes/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/DefinedAlternativeNameTypeType.java diff --git a/id/server/idserverlib/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/DefinedRelationType.java b/id/server/moa-id-jaxb_classes/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/DefinedRelationType.java index 7eda59b00..7eda59b00 100644 --- a/id/server/idserverlib/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/DefinedRelationType.java +++ b/id/server/moa-id-jaxb_classes/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/DefinedRelationType.java diff --git a/id/server/idserverlib/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/IdentificationType.java b/id/server/moa-id-jaxb_classes/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/IdentificationType.java index 39cdda9cb..39cdda9cb 100644 --- a/id/server/idserverlib/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/IdentificationType.java +++ b/id/server/moa-id-jaxb_classes/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/IdentificationType.java diff --git a/id/server/idserverlib/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/InternetAddressType.java b/id/server/moa-id-jaxb_classes/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/InternetAddressType.java index 77a0d6d9b..77a0d6d9b 100644 --- a/id/server/idserverlib/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/InternetAddressType.java +++ b/id/server/moa-id-jaxb_classes/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/InternetAddressType.java diff --git a/id/server/idserverlib/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/MaritalStatusType.java b/id/server/moa-id-jaxb_classes/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/MaritalStatusType.java index 6dfbe424d..6dfbe424d 100644 --- a/id/server/idserverlib/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/MaritalStatusType.java +++ b/id/server/moa-id-jaxb_classes/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/MaritalStatusType.java diff --git a/id/server/idserverlib/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/MobileTelcomNumberType.java b/id/server/moa-id-jaxb_classes/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/MobileTelcomNumberType.java index 828128e4c..828128e4c 100644 --- a/id/server/idserverlib/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/MobileTelcomNumberType.java +++ b/id/server/moa-id-jaxb_classes/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/MobileTelcomNumberType.java diff --git a/id/server/idserverlib/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/ObjectFactory.java b/id/server/moa-id-jaxb_classes/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/ObjectFactory.java index 77450bb79..77450bb79 100644 --- a/id/server/idserverlib/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/ObjectFactory.java +++ b/id/server/moa-id-jaxb_classes/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/ObjectFactory.java diff --git a/id/server/idserverlib/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/PersonDataType.java b/id/server/moa-id-jaxb_classes/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/PersonDataType.java index 2611f1d34..2611f1d34 100644 --- a/id/server/idserverlib/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/PersonDataType.java +++ b/id/server/moa-id-jaxb_classes/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/PersonDataType.java diff --git a/id/server/idserverlib/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/PersonNameType.java b/id/server/moa-id-jaxb_classes/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/PersonNameType.java index f272ae433..f272ae433 100644 --- a/id/server/idserverlib/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/PersonNameType.java +++ b/id/server/moa-id-jaxb_classes/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/PersonNameType.java diff --git a/id/server/idserverlib/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/PhysicalPersonType.java b/id/server/moa-id-jaxb_classes/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/PhysicalPersonType.java index 7555dcb53..7555dcb53 100644 --- a/id/server/idserverlib/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/PhysicalPersonType.java +++ b/id/server/moa-id-jaxb_classes/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/PhysicalPersonType.java diff --git a/id/server/idserverlib/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/PostalAddressType.java b/id/server/moa-id-jaxb_classes/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/PostalAddressType.java index dacaa1340..dacaa1340 100644 --- a/id/server/idserverlib/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/PostalAddressType.java +++ b/id/server/moa-id-jaxb_classes/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/PostalAddressType.java diff --git a/id/server/idserverlib/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/SexType.java b/id/server/moa-id-jaxb_classes/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/SexType.java index 669a99164..669a99164 100644 --- a/id/server/idserverlib/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/SexType.java +++ b/id/server/moa-id-jaxb_classes/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/SexType.java diff --git a/id/server/idserverlib/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/TelcomNumberListType.java b/id/server/moa-id-jaxb_classes/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/TelcomNumberListType.java index 8f220eec4..8f220eec4 100644 --- a/id/server/idserverlib/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/TelcomNumberListType.java +++ b/id/server/moa-id-jaxb_classes/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/TelcomNumberListType.java diff --git a/id/server/idserverlib/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/TelcomNumberType.java b/id/server/moa-id-jaxb_classes/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/TelcomNumberType.java index 838ae5a45..838ae5a45 100644 --- a/id/server/idserverlib/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/TelcomNumberType.java +++ b/id/server/moa-id-jaxb_classes/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/TelcomNumberType.java diff --git a/id/server/idserverlib/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/TelephoneAddressType.java b/id/server/moa-id-jaxb_classes/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/TelephoneAddressType.java index 350e5090a..350e5090a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/TelephoneAddressType.java +++ b/id/server/moa-id-jaxb_classes/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/TelephoneAddressType.java diff --git a/id/server/idserverlib/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/TypedPostalAddressType.java b/id/server/moa-id-jaxb_classes/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/TypedPostalAddressType.java index 15b294cc5..15b294cc5 100644 --- a/id/server/idserverlib/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/TypedPostalAddressType.java +++ b/id/server/moa-id-jaxb_classes/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/TypedPostalAddressType.java diff --git a/id/server/idserverlib/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/package-info.java b/id/server/moa-id-jaxb_classes/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/package-info.java index ac6e42243..ac6e42243 100644 --- a/id/server/idserverlib/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/package-info.java +++ b/id/server/moa-id-jaxb_classes/src/main/java/at/gv/e_government/reference/namespace/persondata/_20020228_/package-info.java diff --git a/id/server/idserverlib/src/main/java/org/w3/_2000/_09/xmldsig_/CanonicalizationMethodType.java b/id/server/moa-id-jaxb_classes/src/main/java/org/w3/_2000/_09/xmldsig_/CanonicalizationMethodType.java index dcb81c09c..dcb81c09c 100644 --- a/id/server/idserverlib/src/main/java/org/w3/_2000/_09/xmldsig_/CanonicalizationMethodType.java +++ b/id/server/moa-id-jaxb_classes/src/main/java/org/w3/_2000/_09/xmldsig_/CanonicalizationMethodType.java diff --git a/id/server/idserverlib/src/main/java/org/w3/_2000/_09/xmldsig_/DSAKeyValueType.java b/id/server/moa-id-jaxb_classes/src/main/java/org/w3/_2000/_09/xmldsig_/DSAKeyValueType.java index f45c89656..f45c89656 100644 --- a/id/server/idserverlib/src/main/java/org/w3/_2000/_09/xmldsig_/DSAKeyValueType.java +++ b/id/server/moa-id-jaxb_classes/src/main/java/org/w3/_2000/_09/xmldsig_/DSAKeyValueType.java diff --git a/id/server/idserverlib/src/main/java/org/w3/_2000/_09/xmldsig_/DigestMethodType.java b/id/server/moa-id-jaxb_classes/src/main/java/org/w3/_2000/_09/xmldsig_/DigestMethodType.java index 99f5f9c4c..99f5f9c4c 100644 --- a/id/server/idserverlib/src/main/java/org/w3/_2000/_09/xmldsig_/DigestMethodType.java +++ b/id/server/moa-id-jaxb_classes/src/main/java/org/w3/_2000/_09/xmldsig_/DigestMethodType.java diff --git a/id/server/idserverlib/src/main/java/org/w3/_2000/_09/xmldsig_/KeyInfoType.java b/id/server/moa-id-jaxb_classes/src/main/java/org/w3/_2000/_09/xmldsig_/KeyInfoType.java index 9bedc2b80..9bedc2b80 100644 --- a/id/server/idserverlib/src/main/java/org/w3/_2000/_09/xmldsig_/KeyInfoType.java +++ b/id/server/moa-id-jaxb_classes/src/main/java/org/w3/_2000/_09/xmldsig_/KeyInfoType.java diff --git a/id/server/idserverlib/src/main/java/org/w3/_2000/_09/xmldsig_/KeyValueType.java b/id/server/moa-id-jaxb_classes/src/main/java/org/w3/_2000/_09/xmldsig_/KeyValueType.java index cf12d02bf..cf12d02bf 100644 --- a/id/server/idserverlib/src/main/java/org/w3/_2000/_09/xmldsig_/KeyValueType.java +++ b/id/server/moa-id-jaxb_classes/src/main/java/org/w3/_2000/_09/xmldsig_/KeyValueType.java diff --git a/id/server/idserverlib/src/main/java/org/w3/_2000/_09/xmldsig_/ManifestType.java b/id/server/moa-id-jaxb_classes/src/main/java/org/w3/_2000/_09/xmldsig_/ManifestType.java index a7fce9128..a7fce9128 100644 --- a/id/server/idserverlib/src/main/java/org/w3/_2000/_09/xmldsig_/ManifestType.java +++ b/id/server/moa-id-jaxb_classes/src/main/java/org/w3/_2000/_09/xmldsig_/ManifestType.java diff --git a/id/server/idserverlib/src/main/java/org/w3/_2000/_09/xmldsig_/ObjectFactory.java b/id/server/moa-id-jaxb_classes/src/main/java/org/w3/_2000/_09/xmldsig_/ObjectFactory.java index 02a0cdfa9..02a0cdfa9 100644 --- a/id/server/idserverlib/src/main/java/org/w3/_2000/_09/xmldsig_/ObjectFactory.java +++ b/id/server/moa-id-jaxb_classes/src/main/java/org/w3/_2000/_09/xmldsig_/ObjectFactory.java diff --git a/id/server/idserverlib/src/main/java/org/w3/_2000/_09/xmldsig_/ObjectType.java b/id/server/moa-id-jaxb_classes/src/main/java/org/w3/_2000/_09/xmldsig_/ObjectType.java index e91ef1247..e91ef1247 100644 --- a/id/server/idserverlib/src/main/java/org/w3/_2000/_09/xmldsig_/ObjectType.java +++ b/id/server/moa-id-jaxb_classes/src/main/java/org/w3/_2000/_09/xmldsig_/ObjectType.java diff --git a/id/server/idserverlib/src/main/java/org/w3/_2000/_09/xmldsig_/PGPDataType.java b/id/server/moa-id-jaxb_classes/src/main/java/org/w3/_2000/_09/xmldsig_/PGPDataType.java index 586969889..586969889 100644 --- a/id/server/idserverlib/src/main/java/org/w3/_2000/_09/xmldsig_/PGPDataType.java +++ b/id/server/moa-id-jaxb_classes/src/main/java/org/w3/_2000/_09/xmldsig_/PGPDataType.java diff --git a/id/server/idserverlib/src/main/java/org/w3/_2000/_09/xmldsig_/RSAKeyValueType.java b/id/server/moa-id-jaxb_classes/src/main/java/org/w3/_2000/_09/xmldsig_/RSAKeyValueType.java index 8f5fc2d7f..8f5fc2d7f 100644 --- a/id/server/idserverlib/src/main/java/org/w3/_2000/_09/xmldsig_/RSAKeyValueType.java +++ b/id/server/moa-id-jaxb_classes/src/main/java/org/w3/_2000/_09/xmldsig_/RSAKeyValueType.java diff --git a/id/server/idserverlib/src/main/java/org/w3/_2000/_09/xmldsig_/ReferenceType.java b/id/server/moa-id-jaxb_classes/src/main/java/org/w3/_2000/_09/xmldsig_/ReferenceType.java index 2789fb0d4..2789fb0d4 100644 --- a/id/server/idserverlib/src/main/java/org/w3/_2000/_09/xmldsig_/ReferenceType.java +++ b/id/server/moa-id-jaxb_classes/src/main/java/org/w3/_2000/_09/xmldsig_/ReferenceType.java diff --git a/id/server/idserverlib/src/main/java/org/w3/_2000/_09/xmldsig_/RetrievalMethodType.java b/id/server/moa-id-jaxb_classes/src/main/java/org/w3/_2000/_09/xmldsig_/RetrievalMethodType.java index 5eabf665a..5eabf665a 100644 --- a/id/server/idserverlib/src/main/java/org/w3/_2000/_09/xmldsig_/RetrievalMethodType.java +++ b/id/server/moa-id-jaxb_classes/src/main/java/org/w3/_2000/_09/xmldsig_/RetrievalMethodType.java diff --git a/id/server/idserverlib/src/main/java/org/w3/_2000/_09/xmldsig_/SPKIDataType.java b/id/server/moa-id-jaxb_classes/src/main/java/org/w3/_2000/_09/xmldsig_/SPKIDataType.java index 385f0fa1a..385f0fa1a 100644 --- a/id/server/idserverlib/src/main/java/org/w3/_2000/_09/xmldsig_/SPKIDataType.java +++ b/id/server/moa-id-jaxb_classes/src/main/java/org/w3/_2000/_09/xmldsig_/SPKIDataType.java diff --git a/id/server/idserverlib/src/main/java/org/w3/_2000/_09/xmldsig_/SignatureMethodType.java b/id/server/moa-id-jaxb_classes/src/main/java/org/w3/_2000/_09/xmldsig_/SignatureMethodType.java index 50bc849df..50bc849df 100644 --- a/id/server/idserverlib/src/main/java/org/w3/_2000/_09/xmldsig_/SignatureMethodType.java +++ b/id/server/moa-id-jaxb_classes/src/main/java/org/w3/_2000/_09/xmldsig_/SignatureMethodType.java diff --git a/id/server/idserverlib/src/main/java/org/w3/_2000/_09/xmldsig_/SignaturePropertiesType.java b/id/server/moa-id-jaxb_classes/src/main/java/org/w3/_2000/_09/xmldsig_/SignaturePropertiesType.java index 6903605c2..6903605c2 100644 --- a/id/server/idserverlib/src/main/java/org/w3/_2000/_09/xmldsig_/SignaturePropertiesType.java +++ b/id/server/moa-id-jaxb_classes/src/main/java/org/w3/_2000/_09/xmldsig_/SignaturePropertiesType.java diff --git a/id/server/idserverlib/src/main/java/org/w3/_2000/_09/xmldsig_/SignaturePropertyType.java b/id/server/moa-id-jaxb_classes/src/main/java/org/w3/_2000/_09/xmldsig_/SignaturePropertyType.java index 0c17a4ae0..0c17a4ae0 100644 --- a/id/server/idserverlib/src/main/java/org/w3/_2000/_09/xmldsig_/SignaturePropertyType.java +++ b/id/server/moa-id-jaxb_classes/src/main/java/org/w3/_2000/_09/xmldsig_/SignaturePropertyType.java diff --git a/id/server/idserverlib/src/main/java/org/w3/_2000/_09/xmldsig_/SignatureType.java b/id/server/moa-id-jaxb_classes/src/main/java/org/w3/_2000/_09/xmldsig_/SignatureType.java index 86c249910..86c249910 100644 --- a/id/server/idserverlib/src/main/java/org/w3/_2000/_09/xmldsig_/SignatureType.java +++ b/id/server/moa-id-jaxb_classes/src/main/java/org/w3/_2000/_09/xmldsig_/SignatureType.java diff --git a/id/server/idserverlib/src/main/java/org/w3/_2000/_09/xmldsig_/SignatureValueType.java b/id/server/moa-id-jaxb_classes/src/main/java/org/w3/_2000/_09/xmldsig_/SignatureValueType.java index dbeb621d5..dbeb621d5 100644 --- a/id/server/idserverlib/src/main/java/org/w3/_2000/_09/xmldsig_/SignatureValueType.java +++ b/id/server/moa-id-jaxb_classes/src/main/java/org/w3/_2000/_09/xmldsig_/SignatureValueType.java diff --git a/id/server/idserverlib/src/main/java/org/w3/_2000/_09/xmldsig_/SignedInfoType.java b/id/server/moa-id-jaxb_classes/src/main/java/org/w3/_2000/_09/xmldsig_/SignedInfoType.java index 88ff5ed1a..88ff5ed1a 100644 --- a/id/server/idserverlib/src/main/java/org/w3/_2000/_09/xmldsig_/SignedInfoType.java +++ b/id/server/moa-id-jaxb_classes/src/main/java/org/w3/_2000/_09/xmldsig_/SignedInfoType.java diff --git a/id/server/idserverlib/src/main/java/org/w3/_2000/_09/xmldsig_/TransformType.java b/id/server/moa-id-jaxb_classes/src/main/java/org/w3/_2000/_09/xmldsig_/TransformType.java index 865377939..865377939 100644 --- a/id/server/idserverlib/src/main/java/org/w3/_2000/_09/xmldsig_/TransformType.java +++ b/id/server/moa-id-jaxb_classes/src/main/java/org/w3/_2000/_09/xmldsig_/TransformType.java diff --git a/id/server/idserverlib/src/main/java/org/w3/_2000/_09/xmldsig_/TransformsType.java b/id/server/moa-id-jaxb_classes/src/main/java/org/w3/_2000/_09/xmldsig_/TransformsType.java index 9e055f696..9e055f696 100644 --- a/id/server/idserverlib/src/main/java/org/w3/_2000/_09/xmldsig_/TransformsType.java +++ b/id/server/moa-id-jaxb_classes/src/main/java/org/w3/_2000/_09/xmldsig_/TransformsType.java diff --git a/id/server/idserverlib/src/main/java/org/w3/_2000/_09/xmldsig_/X509DataType.java b/id/server/moa-id-jaxb_classes/src/main/java/org/w3/_2000/_09/xmldsig_/X509DataType.java index 1e665277a..1e665277a 100644 --- a/id/server/idserverlib/src/main/java/org/w3/_2000/_09/xmldsig_/X509DataType.java +++ b/id/server/moa-id-jaxb_classes/src/main/java/org/w3/_2000/_09/xmldsig_/X509DataType.java diff --git a/id/server/idserverlib/src/main/java/org/w3/_2000/_09/xmldsig_/X509IssuerSerialType.java b/id/server/moa-id-jaxb_classes/src/main/java/org/w3/_2000/_09/xmldsig_/X509IssuerSerialType.java index 951840456..951840456 100644 --- a/id/server/idserverlib/src/main/java/org/w3/_2000/_09/xmldsig_/X509IssuerSerialType.java +++ b/id/server/moa-id-jaxb_classes/src/main/java/org/w3/_2000/_09/xmldsig_/X509IssuerSerialType.java diff --git a/id/server/idserverlib/src/main/java/org/w3/_2000/_09/xmldsig_/package-info.java b/id/server/moa-id-jaxb_classes/src/main/java/org/w3/_2000/_09/xmldsig_/package-info.java index 43fe7bcc9..43fe7bcc9 100644 --- a/id/server/idserverlib/src/main/java/org/w3/_2000/_09/xmldsig_/package-info.java +++ b/id/server/moa-id-jaxb_classes/src/main/java/org/w3/_2000/_09/xmldsig_/package-info.java diff --git a/id/server/moa-id-spring-initializer/src/main/java/at/gv/egovernment/moa/id/auth/MOAContextCloseHandler.java b/id/server/moa-id-spring-initializer/src/main/java/at/gv/egovernment/moa/id/auth/MOAContextCloseHandler.java new file mode 100644 index 000000000..f99013082 --- /dev/null +++ b/id/server/moa-id-spring-initializer/src/main/java/at/gv/egovernment/moa/id/auth/MOAContextCloseHandler.java @@ -0,0 +1,166 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth; + +import java.util.Iterator; +import java.util.Map; +import java.util.Map.Entry; +import java.util.concurrent.TimeUnit; + +import org.springframework.beans.BeansException; +import org.springframework.beans.factory.config.BeanPostProcessor; +import org.springframework.context.ApplicationContext; +import org.springframework.context.ApplicationContextAware; +import org.springframework.context.ApplicationListener; +import org.springframework.context.event.ContextClosedEvent; +import org.springframework.scheduling.concurrent.ThreadPoolTaskExecutor; +import org.springframework.scheduling.concurrent.ThreadPoolTaskScheduler; +import org.springframework.stereotype.Component; + +import at.gv.egovernment.moa.logging.Logger; + +/** + * @author tlenz + * + */ +@Component +public class MOAContextCloseHandler implements ApplicationListener<ContextClosedEvent>, ApplicationContextAware, BeanPostProcessor { + + private ApplicationContext context; + + /* (non-Javadoc) + * @see org.springframework.context.ApplicationListener#onApplicationEvent(org.springframework.context.ApplicationEvent) + */ + @Override + public void onApplicationEvent(ContextClosedEvent arg0) { + Logger.info("MOA-ID-Auth shutdown process started ..."); + + try { + Logger.debug("CleanUp objects with implements the IDestroyable interface ... "); + Map<String, IDestroyableObject> objectsToDestroy = context.getBeansOfType(IDestroyableObject.class); + if (objectsToDestroy != null) { + Iterator<Entry<String, IDestroyableObject>> interator = + objectsToDestroy.entrySet().iterator(); + while (interator.hasNext()) { + Entry<String, IDestroyableObject> object = interator.next(); + try { + object.getValue().fullyDestroy(); + Logger.debug("Object with ID:" + object.getKey() + " is destroyed"); + + } catch (Exception e) { + Logger.warn("Destroing object with ID:" + object.getKey() + " FAILED!", e); + + } + } + } + Logger.info("Object cleanUp complete"); + + Logger.debug("Stopping Spring Thread-Pools ... "); + //shut-down task schedulers + Map<String, ThreadPoolTaskScheduler> schedulers = context.getBeansOfType(ThreadPoolTaskScheduler.class); + for (ThreadPoolTaskScheduler scheduler : schedulers.values()) { + scheduler.getScheduledExecutor().shutdown(); + try { + scheduler.getScheduledExecutor().awaitTermination(20000, TimeUnit.MILLISECONDS); + if(scheduler.getScheduledExecutor().isTerminated() || scheduler.getScheduledExecutor().isShutdown()) + Logger.debug("Scheduler "+scheduler.getThreadNamePrefix() + " has stoped"); + else{ + Logger.debug("Scheduler "+scheduler.getThreadNamePrefix() + " has not stoped normally and will be shut down immediately"); + scheduler.getScheduledExecutor().shutdownNow(); + Logger.info("Scheduler "+scheduler.getThreadNamePrefix() + " has shut down immediately"); + } + } catch (IllegalStateException e) { + e.printStackTrace(); + } catch (InterruptedException e) { + e.printStackTrace(); + + } finally { + scheduler.shutdown(); + + } + } + + //shut-down task executors + Map<String, ThreadPoolTaskExecutor> executers = context.getBeansOfType(ThreadPoolTaskExecutor.class); + for (ThreadPoolTaskExecutor executor: executers.values()) { + int retryCount = 0; + while(executor.getActiveCount()>0 && ++retryCount<51){ + try { + Logger.debug("Executer "+executor.getThreadNamePrefix()+" is still working with active " + executor.getActiveCount()+" work. Retry count is "+retryCount); + Thread.sleep(1000); + } catch (InterruptedException e) { + e.printStackTrace(); + } + } + if(!(retryCount<51)) + Logger.debug("Executer "+executor.getThreadNamePrefix()+" is still working.Since Retry count exceeded max value "+retryCount+", will be killed immediately"); + executor.shutdown(); + Logger.debug("Executer "+executor.getThreadNamePrefix()+" with active " + executor.getActiveCount()+" work has killed"); + } + + Logger.debug("Spring Thread-Pools stopped"); + + Logger.info("MOA-ID-Auth shutdown process finished"); + + } catch (Exception e) { + Logger.warn("MOA-ID-Auth shutdown process has an error.", e); + + } + + //System.exit(0); + //Thread.currentThread().interrupt(); + + } + + /* (non-Javadoc) + * @see org.springframework.beans.factory.config.BeanPostProcessor#postProcessAfterInitialization(java.lang.Object, java.lang.String) + */ + @Override + public Object postProcessAfterInitialization(Object arg0, String arg1) throws BeansException { + if(arg0 instanceof ThreadPoolTaskScheduler) + ((ThreadPoolTaskScheduler)arg0).setWaitForTasksToCompleteOnShutdown(true); + if(arg0 instanceof ThreadPoolTaskExecutor) + ((ThreadPoolTaskExecutor)arg0).setWaitForTasksToCompleteOnShutdown(true); + return arg0; + + } + + /* (non-Javadoc) + * @see org.springframework.beans.factory.config.BeanPostProcessor#postProcessBeforeInitialization(java.lang.Object, java.lang.String) + */ + @Override + public Object postProcessBeforeInitialization(Object arg0, String arg1) throws BeansException { + return arg0; + + } + + /* (non-Javadoc) + * @see org.springframework.context.ApplicationContextAware#setApplicationContext(org.springframework.context.ApplicationContext) + */ + @Override + public void setApplicationContext(ApplicationContext arg0) throws BeansException { + this.context = arg0; + + } + +} diff --git a/id/server/moa-id-spring-initializer/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthSpringInitializer.java b/id/server/moa-id-spring-initializer/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthSpringInitializer.java index 327d659ec..07ba6a89e 100644 --- a/id/server/moa-id-spring-initializer/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthSpringInitializer.java +++ b/id/server/moa-id-spring-initializer/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthSpringInitializer.java @@ -7,6 +7,8 @@ import javax.servlet.ServletRegistration; import org.springframework.beans.factory.config.BeanDefinition; import org.springframework.beans.factory.support.BeanDefinitionRegistry; import org.springframework.beans.factory.xml.XmlBeanDefinitionReader; +import org.springframework.context.ApplicationContext; +import org.springframework.context.support.ClassPathXmlApplicationContext; import org.springframework.context.support.GenericApplicationContext; import org.springframework.core.io.ClassPathResource; import org.springframework.web.WebApplicationInitializer; @@ -17,6 +19,7 @@ import org.springframework.web.context.support.ServletContextResource; import org.springframework.web.servlet.DispatcherServlet; import at.gv.egiz.components.spring.api.SpringLoader; +import at.gv.egovernment.moa.id.commons.api.ConfigurationProvider; import at.gv.egovernment.moa.id.commons.utils.MOAIDMessageProvider; import at.gv.egovernment.moa.logging.Logger; @@ -50,16 +53,35 @@ public class MOAIDAuthSpringInitializer implements WebApplicationInitializer { @Override public void onStartup(ServletContext servletContext) throws ServletException { try { + Logger.info("=============== Loading Config Root Context! ==============="); + ApplicationContext cfgRootContext = + new ClassPathXmlApplicationContext(new String[] { + "/moaid.configuration.beans.xml", + "/configuration.beans.xml"}); + + Logger.info("=============== Loading Root Context! ==============="); GenericWebApplicationContext rootContext = new GenericWebApplicationContext(); rootContext.setServletContext(servletContext); + rootContext.setParent(cfgRootContext); + ConfigurationProvider moaidconfig = (ConfigurationProvider) cfgRootContext.getBean("moaidauthconfig"); + String[] springProfiles = moaidconfig.getActiveProfiles(); + + + Logger.info("=============== Setting active profiles! ==============="); if (this.activeProfiles != null) { for (String profile : this.activeProfiles) { rootContext.getEnvironment().addActiveProfile(profile); } } + + if (springProfiles != null) { + for (String profile : springProfiles) { + rootContext.getEnvironment().addActiveProfile(profile); + } + } Logger.info("=============== Loading Local Contexts! ==============="); XmlBeanDefinitionReader xmlReader = new XmlBeanDefinitionReader( @@ -76,7 +98,7 @@ public class MOAIDAuthSpringInitializer implements WebApplicationInitializer { // logger.debug("Beans after logAMQP in {}", rootContext); // dumpBeanDefinitions(rootContext); - + Logger.info("=============== Loading SPI Context! ==============="); // logger.debug("Startup with context {}", rootContext); if (rootContext instanceof BeanDefinitionRegistry) { diff --git a/id/server/moa-id-spring-initializer/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthSpringResourceProvider.java b/id/server/moa-id-spring-initializer/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthSpringResourceProvider.java index def32e144..565e1cccd 100644 --- a/id/server/moa-id-spring-initializer/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthSpringResourceProvider.java +++ b/id/server/moa-id-spring-initializer/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthSpringResourceProvider.java @@ -38,11 +38,12 @@ public class MOAIDAuthSpringResourceProvider implements SpringResourceProvider { */ @Override public Resource[] getResourcesToLoad() { - ClassPathResource moaidauthConfig = new ClassPathResource("/moaid.configuration.beans.xml", MOAIDAuthInitializer.class); - ClassPathResource configurationDBConfig = new ClassPathResource("/configuration.beans.xml", MOAIDAuthInitializer.class); - ClassPathResource moaIdAuthBeans = new ClassPathResource("/moaid.authentication.beans.xml", MOAIDAuthInitializer.class); - - return new Resource[] {configurationDBConfig, moaidauthConfig, moaIdAuthBeans}; + ClassPathResource moaIdAuthBeans = new ClassPathResource("/moaid.authentication.beans.xml", MOAIDAuthInitializer.class); + ClassPathResource moaSessionCommonBeans = new ClassPathResource("/session.common.beans.xml", MOAIDAuthInitializer.class); + ClassPathResource moaSessionDBBeans = new ClassPathResource("/session.db.beans.xml", MOAIDAuthInitializer.class); + ClassPathResource moaSessionRedisBeans = new ClassPathResource("/session.redis.beans.xml", MOAIDAuthInitializer.class); + ClassPathResource configurationStatisticLog = new ClassPathResource("/statistic.logging.beans.xml", MOAIDAuthInitializer.class); + return new Resource[] {configurationStatisticLog, moaIdAuthBeans, moaSessionDBBeans, moaSessionRedisBeans, moaSessionCommonBeans}; } diff --git a/id/server/moa-id-spring-initializer/src/main/resources/applicationContext.xml b/id/server/moa-id-spring-initializer/src/main/resources/applicationContext.xml index ae38c836e..2c53d55b9 100644 --- a/id/server/moa-id-spring-initializer/src/main/resources/applicationContext.xml +++ b/id/server/moa-id-spring-initializer/src/main/resources/applicationContext.xml @@ -27,5 +27,8 @@ <bean class="at.gv.egovernment.moa.id.auth.servlet.interceptor.UniqueSessionIdentifierInterceptor" /> </mvc:interceptors> + <bean id="MOAIDContextCloseHandler" + class="at.gv.egovernment.moa.id.auth.MOAContextCloseHandler"/> + </beans> diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/pom.xml b/id/server/modules/moa-id-modul-citizencard_authentication/pom.xml index f2403a62e..e5b38f9b6 100644 --- a/id/server/modules/moa-id-modul-citizencard_authentication/pom.xml +++ b/id/server/modules/moa-id-modul-citizencard_authentication/pom.xml @@ -23,6 +23,13 @@ </dependency> <dependency> + <groupId>iaik.prod</groupId> + <artifactId>iaik_ixsil</artifactId> + <version>1.2.2.5</version> + <scope>test</scope> + </dependency> + + <dependency> <groupId>MOA.id.server</groupId> <artifactId>moa-id-commons</artifactId> <type>test-jar</type> diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java index f5000581c..66161e508 100644 --- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java @@ -36,9 +36,7 @@ import at.gv.egovernment.moa.id.auth.builder.InfoboxReadRequestBuilder; import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse; -import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute; import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttributeImpl; -import at.gv.egovernment.moa.id.auth.data.IdentityLink; import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.exception.BKUException; @@ -60,12 +58,15 @@ import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.commons.api.IRequest; +import at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute; +import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession; +import at.gv.egovernment.moa.id.commons.api.data.IIdentityLink; +import at.gv.egovernment.moa.id.commons.api.data.IMISMandate; +import at.gv.egovernment.moa.id.commons.api.data.IVerifiyXMLSignatureResponse; import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; -import at.gv.egovernment.moa.id.data.MISMandate; import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; import at.gv.egovernment.moa.id.util.XMLUtil; -import at.gv.egovernment.moa.logging.LogMsg; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.Constants; import at.gv.egovernment.moa.util.DOMUtils; @@ -73,6 +74,7 @@ import at.gv.egovernment.moa.util.DateTimeUtils; import at.gv.egovernment.moa.util.FileUtils; import at.gv.egovernment.moa.util.MiscUtil; import at.gv.egovernment.moa.util.StringUtils; +import at.gv.egovernment.moaspss.logging.LogMsg; import iaik.asn1.ObjectID; import iaik.x509.X509Certificate; import iaik.x509.X509ExtensionInitException; @@ -134,7 +136,7 @@ public class AuthenticationServer extends BaseAuthenticationServer { * @see GetIdentityLinkFormBuilder * @see InfoboxReadRequestBuilder */ - public String startAuthentication(AuthenticationSession session, HttpServletRequest req, IRequest pendingReq) throws WrongParametersException, + public String startAuthentication(IAuthenticationSession session, HttpServletRequest req, IRequest pendingReq) throws WrongParametersException, AuthenticationException, ConfigurationException, BuildException { if (session == null) { @@ -246,7 +248,7 @@ public class AuthenticationServer extends BaseAuthenticationServer { * link results in an Exception being thrown. * @throws BKUException */ - public String verifyIdentityLink(IRequest pendingReq, AuthenticationSession session, + public String verifyIdentityLink(IRequest pendingReq, IAuthenticationSession session, Map<String, String> infoboxReadResponseParameters) throws AuthenticationException, BuildException, ParseException, ConfigurationException, ValidateException, ServiceException, BKUException { @@ -285,7 +287,7 @@ public class AuthenticationServer extends BaseAuthenticationServer { } // parses the <InfoboxReadResponse> - IdentityLink identityLink = new InfoboxReadResponseParser( + IIdentityLink identityLink = new InfoboxReadResponseParser( xmlInfoboxReadResponse).parseIdentityLink(); // validates the identity link IdentityLinkValidator.getInstance().validate(identityLink); @@ -298,7 +300,7 @@ public class AuthenticationServer extends BaseAuthenticationServer { Element domVerifyXMLSignatureResponse = SignatureVerificationInvoker.getInstance() .verifyXMLSignature(domVerifyXMLSignatureRequest); // parses the <VerifyXMLSignatureResponse> - VerifyXMLSignatureResponse verifyXMLSignatureResponse = new VerifyXMLSignatureResponseParser( + IVerifiyXMLSignatureResponse verifyXMLSignatureResponse = new VerifyXMLSignatureResponseParser( domVerifyXMLSignatureResponse).parseData(); IOAAuthParameters oaParam = pendingReq.getOnlineApplicationConfiguration(); @@ -346,7 +348,7 @@ public class AuthenticationServer extends BaseAuthenticationServer { * @return String representation of the * <code><CreateXMLSignatureRequest></code> */ - public void verifyCertificate(AuthenticationSession session, + public void verifyCertificate(IAuthenticationSession session, X509Certificate certificate, IRequest pendingReq) throws AuthenticationException, BuildException, ParseException, ConfigurationException, ValidateException, ServiceException, MOAIDException { @@ -387,7 +389,7 @@ public class AuthenticationServer extends BaseAuthenticationServer { * @return String representation of the * <code><CreateXMLSignatureRequest></code> */ - public void verifyMandate(IRequest pendingReq, AuthenticationSession session, MISMandate mandate) + public void verifyMandate(IRequest pendingReq, IAuthenticationSession session, IMISMandate mandate) throws AuthenticationException, BuildException, ParseException, ConfigurationException, ValidateException, ServiceException { @@ -429,7 +431,7 @@ public class AuthenticationServer extends BaseAuthenticationServer { * @throws ValidateException */ public String getCreateXMLSignatureRequestAuthBlockOrRedirect( - AuthenticationSession session, IRequest pendingReq) throws ConfigurationException, + IAuthenticationSession session, IRequest pendingReq) throws ConfigurationException, BuildException, ValidateException { IOAAuthParameters oaParam = pendingReq.getOnlineApplicationConfiguration(); @@ -522,10 +524,10 @@ public class AuthenticationServer extends BaseAuthenticationServer { * @throws BuildException If an error occurs on serializing an extended SAML attribute * to be appended to the AUTH-Block. */ - private String buildAuthenticationBlock(AuthenticationSession session, + private String buildAuthenticationBlock(IAuthenticationSession session, IOAAuthParameters oaParam, IRequest pendingReq) throws BuildException { - IdentityLink identityLink = session.getIdentityLink(); + IIdentityLink identityLink = session.getIdentityLink(); String issuer = identityLink.getName(); String gebDat = identityLink.getDateOfBirth(); @@ -583,28 +585,32 @@ public class AuthenticationServer extends BaseAuthenticationServer { List<ExtendedSAMLAttribute> extendedSAMLAttributes = session.getExtendedSAMLAttributesAUTH(); - + String authBlock = null; if (pendingReq.needSingleSignOnFunctionality()) { String oaURL = pendingReq.getAuthURL(); if (MiscUtil.isNotEmpty(oaURL)) oaURL = oaURL.replaceAll("&", "&"); - String authBlock = new AuthenticationBlockAssertionBuilder() - .buildAuthBlockSSO(issuer, issueInstant, authURL, requestedTarget, - targetFriendlyName, identificationValue, - identificationType, oaURL, gebDat, - extendedSAMLAttributes, session, oaParam); - return authBlock; + authBlock = new AuthenticationBlockAssertionBuilder() + .buildAuthBlockSSO(issuer, issueInstant, authURL, requestedTarget, + targetFriendlyName, identificationValue, + identificationType, oaURL, gebDat, + extendedSAMLAttributes, session, oaParam); + } else { String oaURL = oaParam.getPublicURLPrefix().replaceAll("&", "&"); - String authBlock = new AuthenticationBlockAssertionBuilder() - .buildAuthBlock(issuer, issueInstant, authURL, requestedTarget, - targetFriendlyName, identificationValue, - identificationType, oaURL, gebDat, - extendedSAMLAttributes, session, oaParam); - return authBlock; + authBlock = new AuthenticationBlockAssertionBuilder() + .buildAuthBlock(issuer, issueInstant, authURL, requestedTarget, + targetFriendlyName, identificationValue, + identificationType, oaURL, gebDat, + extendedSAMLAttributes, session, oaParam); + } + + session.setExtendedSAMLAttributesAUTH(extendedSAMLAttributes); + return authBlock; + } @@ -622,7 +628,7 @@ public class AuthenticationServer extends BaseAuthenticationServer { * @throws SAXException */ private void validateExtendedSAMLAttributeForMandates( - AuthenticationSession session, MISMandate mandate, + IAuthenticationSession session, IMISMandate mandate, boolean business) throws ValidateException, ConfigurationException, SAXException, IOException, ParserConfigurationException, TransformerException { @@ -654,7 +660,7 @@ public class AuthenticationServer extends BaseAuthenticationServer { * @throws SAXException */ private void setExtendedSAMLAttributeForMandatesOID( - AuthenticationSession session, MISMandate mandate, boolean business) + IAuthenticationSession session, IMISMandate mandate, boolean business) throws ValidateException, ConfigurationException, SAXException, IOException, ParserConfigurationException, TransformerException { @@ -677,7 +683,7 @@ public class AuthenticationServer extends BaseAuthenticationServer { * @param friendlyNam The friendly name of the infobox for debug purposes */ private static void AddAdditionalSAMLAttributes( - AuthenticationSession session, + IAuthenticationSession session, ExtendedSAMLAttribute[] extendedSAMLAttributes, String identifier, String friendlyName) throws ValidateException { if (extendedSAMLAttributes == null) @@ -745,7 +751,7 @@ public class AuthenticationServer extends BaseAuthenticationServer { */ protected static ExtendedSAMLAttribute[] addExtendedSamlAttributes( - MISMandate mandate, boolean business, boolean provideStammzahl) + IMISMandate mandate, boolean business, boolean provideStammzahl) throws SAXException, IOException, ParserConfigurationException, TransformerException { Vector<ExtendedSAMLAttribute> extendedSamlAttributes = new Vector<ExtendedSAMLAttribute>(); @@ -811,7 +817,7 @@ public class AuthenticationServer extends BaseAuthenticationServer { * @throws TransformerException */ private static ExtendedSAMLAttribute[] addExtendedSamlAttributesOID( - MISMandate mandate, boolean business) throws SAXException, + IMISMandate mandate, boolean business) throws SAXException, IOException, ParserConfigurationException, TransformerException { Vector<ExtendedSAMLAttribute> extendedSamlAttributes = new Vector<ExtendedSAMLAttribute>(); @@ -855,7 +861,7 @@ public class AuthenticationServer extends BaseAuthenticationServer { * @throws IOException * @throws SAXException */ - private static Element mandateToElement(MISMandate mandate) + private static Element mandateToElement(IMISMandate mandate) throws SAXException, IOException, ParserConfigurationException { ByteArrayInputStream bais = new ByteArrayInputStream(mandate .getMandate()); @@ -910,7 +916,7 @@ public class AuthenticationServer extends BaseAuthenticationServer { * BASE64</strike><br/>New id of the authenticated MOA session or {@code null} in case of mandate mode (???) * @throws BKUException */ - public void verifyAuthenticationBlock(IRequest pendingReq, AuthenticationSession session, + public void verifyAuthenticationBlock(IRequest pendingReq, IAuthenticationSession session, String xmlCreateXMLSignatureReadResponse) throws AuthenticationException, BuildException, ParseException, ConfigurationException, ServiceException, ValidateException, BKUException { @@ -958,7 +964,7 @@ public class AuthenticationServer extends BaseAuthenticationServer { domVsresp = SignatureVerificationInvoker.getInstance().verifyXMLSignature(domVsreq); // parses the <VerifyXMLSignatureResponse> - VerifyXMLSignatureResponse vsresp = new VerifyXMLSignatureResponseParser( + IVerifiyXMLSignatureResponse vsresp = new VerifyXMLSignatureResponseParser( domVsresp).parseData(); if (Logger.isTraceEnabled()) { @@ -1103,14 +1109,14 @@ public class AuthenticationServer extends BaseAuthenticationServer { * @param sessionID session ID of the running authentication session * @return String "new Session" */ - public void getForeignAuthenticationData(AuthenticationSession session) + public void getForeignAuthenticationData(IAuthenticationSession session) throws AuthenticationException, BuildException, ParseException, ConfigurationException, ServiceException, ValidateException { if (session == null) throw new AuthenticationException("auth.10", new Object[]{ REQ_VERIFY_AUTH_BLOCK, PARAM_SESSIONID}); - VerifyXMLSignatureResponse vsresp = new VerifyXMLSignatureResponse(); + IVerifiyXMLSignatureResponse vsresp = new VerifyXMLSignatureResponse(); X509Certificate cert = session.getSignerCertificate(); vsresp.setX509certificate(cert); diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationAssertionBuilder.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationAssertionBuilder.java index 89f42ab7d..9a807ca00 100644 --- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationAssertionBuilder.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationAssertionBuilder.java @@ -31,8 +31,8 @@ import javax.xml.transform.TransformerException; import org.w3c.dom.Element; -import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute; import at.gv.egovernment.moa.id.auth.exception.ParseException; +import at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.DOMUtils; import at.gv.egovernment.moa.util.StringUtils; diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java index e51700111..ecc91991e 100644 --- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java @@ -43,12 +43,12 @@ import javax.xml.transform.stream.StreamResult; import org.w3c.dom.Element; import org.w3c.dom.Node; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; -import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute; import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttributeImpl; import at.gv.egovernment.moa.id.auth.exception.BuildException; import at.gv.egovernment.moa.id.auth.exception.ParseException; import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute; +import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession; import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; import at.gv.egovernment.moa.id.config.TargetToSectorNameMapper; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; @@ -173,7 +173,7 @@ public class AuthenticationBlockAssertionBuilder extends AuthenticationAssertion String oaURL, String gebDat, List<ExtendedSAMLAttribute> extendedSAMLAttributes, - AuthenticationSession session, + IAuthenticationSession session, IOAAuthParameters oaParam) throws BuildException @@ -339,7 +339,7 @@ public class AuthenticationBlockAssertionBuilder extends AuthenticationAssertion String oaURL, String gebDat, List<ExtendedSAMLAttribute> extendedSAMLAttributes, - AuthenticationSession session, + IAuthenticationSession session, IOAAuthParameters oaParam) throws BuildException { @@ -479,7 +479,7 @@ public class AuthenticationBlockAssertionBuilder extends AuthenticationAssertion String oaURL, String gebDat, List<ExtendedSAMLAttribute> extendedSAMLAttributes, - AuthenticationSession session, + IAuthenticationSession session, IOAAuthParameters oaParam) throws BuildException { diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilder.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilder.java index 333d8680c..9dcc93e9f 100644 --- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilder.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilder.java @@ -49,8 +49,8 @@ package at.gv.egovernment.moa.id.auth.builder; import org.w3c.dom.Element; import org.w3c.dom.Node; -import at.gv.egovernment.moa.id.auth.data.IdentityLink; import at.gv.egovernment.moa.id.auth.exception.BuildException; +import at.gv.egovernment.moa.id.commons.api.data.IIdentityLink; import at.gv.egovernment.moa.util.DOMUtils; import at.gv.egovernment.moa.util.XPathUtils; @@ -82,7 +82,7 @@ public class PersonDataBuilder { * @return the <code><pr:Person></code> element as a String * @throws BuildException on any error */ - public String build(IdentityLink identityLink, boolean provideStammzahl) + public String build(IIdentityLink identityLink, boolean provideStammzahl) throws BuildException { try { diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilder.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilder.java index d2ea53011..e6adcf159 100644 --- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilder.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilder.java @@ -56,9 +56,9 @@ import org.w3c.dom.Element; import org.w3c.dom.Node; import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse; -import at.gv.egovernment.moa.id.auth.data.IdentityLink; import at.gv.egovernment.moa.id.auth.exception.BuildException; import at.gv.egovernment.moa.id.auth.exception.ParseException; +import at.gv.egovernment.moa.id.commons.api.data.IIdentityLink; import at.gv.egovernment.moa.util.Base64Utils; import at.gv.egovernment.moa.util.Constants; @@ -118,7 +118,7 @@ public class VerifyXMLSignatureRequestBuilder { * * @throws ParseException */ - public Element build(IdentityLink identityLink, String trustProfileID) + public Element build(IIdentityLink identityLink, String trustProfileID) throws ParseException { try { diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetForeignIDTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetForeignIDTask.java index 4a28658ff..ba778002d 100644 --- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetForeignIDTask.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetForeignIDTask.java @@ -21,7 +21,6 @@ import org.w3c.dom.Element; import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants; import at.gv.egovernment.moa.id.auth.AuthenticationServer; import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse; -import at.gv.egovernment.moa.id.auth.data.IdentityLink; import at.gv.egovernment.moa.id.auth.exception.ParseException; import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask; @@ -30,8 +29,8 @@ import at.gv.egovernment.moa.id.auth.parser.CreateXMLSignatureResponseParser; import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser; import at.gv.egovernment.moa.id.client.SZRGWClientException; import at.gv.egovernment.moa.id.client.utils.SZRGWClientUtils; +import at.gv.egovernment.moa.id.commons.api.data.IIdentityLink; import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; -import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; import at.gv.egovernment.moa.id.process.api.ExecutionContext; import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; import at.gv.egovernment.moa.id.util.ParamValidatorUtils; @@ -136,7 +135,7 @@ public class GetForeignIDTask extends AbstractAuthServletTask { } else { IdentityLinkAssertionParser ilParser = new IdentityLinkAssertionParser(new ByteArrayInputStream( response.getIdentityLink())); - IdentityLink identitylink = ilParser.parseIdentityLink(); + IIdentityLink identitylink = ilParser.parseIdentityLink(); moasession.setIdentityLink(identitylink); // set QAA Level four in case of card authentifcation @@ -146,13 +145,9 @@ public class GetForeignIDTask extends AbstractAuthServletTask { revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(), pendingReq, MOAIDEventConstants.AUTHPROCESS_FOREIGN_SZRGW_RECEIVED); - - try { - authenticatedSessionStorage.storeSession(moasession); - - } catch (MOADatabaseException e) { - throw new MOAIDException("Session store error", null); - } + + //store pending request + requestStoreage.storePendingRequest(pendingReq); } diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetMISSessionIDTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetMISSessionIDTask.java index 3f63c207e..a24cc9a43 100644 --- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetMISSessionIDTask.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetMISSessionIDTask.java @@ -21,6 +21,7 @@ import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask; import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; import at.gv.egovernment.moa.id.commons.api.ConnectionParameterInterface; +import at.gv.egovernment.moa.id.commons.api.data.IMISMandate; import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; import at.gv.egovernment.moa.id.data.MISMandate; import at.gv.egovernment.moa.id.process.api.ExecutionContext; @@ -91,7 +92,7 @@ public class GetMISSessionIDTask extends AbstractAuthServletTask { // for now: list contains only one element - MISMandate mandate = (MISMandate) list.get(0); + IMISMandate mandate = (IMISMandate) list.get(0); String sMandate = new String(mandate.getMandate(), "UTF-8"); if (sMandate == null || sMandate.compareToIgnoreCase("") == 0) { @@ -115,8 +116,8 @@ public class GetMISSessionIDTask extends AbstractAuthServletTask { //log mandate specific set of events revisionsLogger.logMandateEventSet(pendingReq, mandate); - //Stor MOAsession - authenticatedSessionStorage.storeSession(moasession); + //store pending request with new MOASession data information + requestStoreage.storePendingRequest(pendingReq); } catch (MOAIDException ex) { diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/InitializeBKUAuthenticationTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/InitializeBKUAuthenticationTask.java index c1fae1f1e..608f50200 100644 --- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/InitializeBKUAuthenticationTask.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/InitializeBKUAuthenticationTask.java @@ -64,18 +64,8 @@ public class InitializeBKUAuthenticationTask extends AbstractAuthServletTask { try { // - internalInitializeWithoutPersist(executionContext, request, response); - - // make sure MOASession and Pending-Request has been persisted before running the process - try { - authenticatedSessionStorage.storeSession(moasession); - requestStoreage.storePendingRequest(pendingReq); - - } catch (MOADatabaseException e) { - Logger.error("Database Error! MOASession is not stored!"); - throw new MOAIDException("init.04", new Object[] { - moasession.getSessionID()}); - } + internalInitializeWithoutPersist(executionContext, request, response); + requestStoreage.storePendingRequest(pendingReq); } catch (MOADatabaseException | MOAIDException e) { @@ -106,7 +96,7 @@ public class InitializeBKUAuthenticationTask extends AbstractAuthServletTask { Logger.info("Start Authentication Module: " + pendingReq.requestedModule() + " Action: " + pendingReq.requestedAction()); - authInitialisationParser.parse(executionContext, request, moasession, pendingReq); + authInitialisationParser.parse(executionContext, moasession, request, pendingReq); } else { String bkuid = (String) executionContext.get(MOAIDAuthConstants.PARAM_BKU); diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareAuthBlockSignatureTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareAuthBlockSignatureTask.java index ed49201b8..f7a816c74 100644 --- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareAuthBlockSignatureTask.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareAuthBlockSignatureTask.java @@ -55,8 +55,8 @@ public class PrepareAuthBlockSignatureTask extends AbstractAuthServletTask { String createXMLSignatureRequest = authServer .getCreateXMLSignatureRequestAuthBlockOrRedirect(moasession, pendingReq); - //store MOASession - authenticatedSessionStorage.storeSession(moasession); + //store pending request with new MOASession data information + requestStoreage.storePendingRequest(pendingReq); //write response CitizenCardServletUtils.writeCreateXMLSignatureRequestOrRedirect(resp, pendingReq, diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareGetMISMandateTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareGetMISMandateTask.java index 88560eacf..8acfd255b 100644 --- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareGetMISMandateTask.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareGetMISMandateTask.java @@ -37,14 +37,11 @@ import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants; import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; -import at.gv.egovernment.moa.id.auth.exception.BuildException; import at.gv.egovernment.moa.id.auth.exception.MISSimpleClientException; import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask; import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; import at.gv.egovernment.moa.id.commons.api.ConnectionParameterInterface; import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; -import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; -import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; import at.gv.egovernment.moa.id.process.api.ExecutionContext; import at.gv.egovernment.moa.id.util.SSLUtils; import at.gv.egovernment.moa.id.util.client.mis.simple.MISSessionId; @@ -136,13 +133,8 @@ public class PrepareGetMISMandateTask extends AbstractAuthServletTask { String redirectMISGUI = misSessionID.getRedirectURL(); moasession.setMISSessionID(misSessionID.getSessiondId()); - try { - authenticatedSessionStorage.storeSession(moasession); - - } catch (MOADatabaseException | BuildException e) { - throw new MOAIDException("Session store error", null); - - } + //store pending request with new MOASession data information + requestStoreage.storePendingRequest(pendingReq); revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(), pendingReq, MOAIDEventConstants.AUTHPROCESS_MANDATE_REDIRECT); diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyAuthenticationBlockTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyAuthenticationBlockTask.java index 516e9501b..ddd52c337 100644 --- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyAuthenticationBlockTask.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyAuthenticationBlockTask.java @@ -94,8 +94,8 @@ public class VerifyAuthenticationBlockTask extends AbstractAuthServletTask { //verify authBlock authServer.verifyAuthenticationBlock(pendingReq, moasession, createXMLSignatureResponse); - //store all changes in session DAO - authenticatedSessionStorage.storeSession(moasession); + //store pending request with new MOASession data information + requestStoreage.storePendingRequest(pendingReq); } diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyCertificateTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyCertificateTask.java index df158a7ec..6aefb75a1 100644 --- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyCertificateTask.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyCertificateTask.java @@ -20,7 +20,6 @@ import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask; import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; -import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; import at.gv.egovernment.moa.id.process.api.ExecutionContext; import at.gv.egovernment.moa.id.util.CitizenCardServletUtils; import at.gv.egovernment.moa.logging.Logger; @@ -98,12 +97,8 @@ public class VerifyCertificateTask extends AbstractAuthServletTask { String createXMLSignatureRequestOrRedirect = authServer.getCreateXMLSignatureRequestAuthBlockOrRedirect(moasession, pendingReq); - try { - authenticatedSessionStorage.storeSession(moasession); - - } catch (MOADatabaseException e) { - throw new MOAIDException("session store error", null); - } + //store pending request with new MOASession data information + requestStoreage.storePendingRequest(pendingReq); CitizenCardServletUtils.writeCreateXMLSignatureRequestOrRedirect(resp, pendingReq, createXMLSignatureRequestOrRedirect, AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, "VerifyCertificate"); diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyIdentityLinkTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyIdentityLinkTask.java index 0deda4d43..4408f3852 100644 --- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyIdentityLinkTask.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyIdentityLinkTask.java @@ -73,8 +73,8 @@ public class VerifyIdentityLinkTask extends AbstractAuthServletTask { //verify identityLink boolean identityLinkAvailable = authServer.verifyIdentityLink(pendingReq, moasession, parameters) != null; - //store session - authenticatedSessionStorage.storeSession(moasession); + //store pending request with new MOASession data information + requestStoreage.storePendingRequest(pendingReq); //set 'identityLink exists' flag to context executionContext.put("identityLinkAvailable", identityLinkAvailable); diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/parser/InfoboxReadResponseParser.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/parser/InfoboxReadResponseParser.java index 90fd7e1c7..275a85129 100644 --- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/parser/InfoboxReadResponseParser.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/parser/InfoboxReadResponseParser.java @@ -63,10 +63,10 @@ import org.apache.xpath.XPathAPI; import org.w3c.dom.Document; import org.w3c.dom.Element; -import at.gv.egovernment.moa.id.auth.data.IdentityLink; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.exception.BKUException; import at.gv.egovernment.moa.id.auth.exception.ParseException; +import at.gv.egovernment.moa.id.commons.api.data.IIdentityLink; import at.gv.egovernment.moa.util.Base64Utils; import at.gv.egovernment.moa.util.Constants; import at.gv.egovernment.moa.util.DOMUtils; @@ -241,7 +241,7 @@ public class InfoboxReadResponseParser { * @return Identity link * @throws ParseException on any parsing error */ - public IdentityLink parseIdentityLink() throws ParseException { + public IIdentityLink parseIdentityLink() throws ParseException { Element samlAssertion = parseSAMLAssertion(); IdentityLinkAssertionParser ilParser = new IdentityLinkAssertionParser(samlAssertion); return ilParser.parseIdentityLink(); diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java index 4b0e7b869..a227ab5be 100644 --- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java @@ -57,15 +57,15 @@ import org.jaxen.SimpleNamespaceContext; import org.w3c.dom.Element; import at.gv.egovernment.moa.id.auth.builder.AuthenticationBlockAssertionBuilder; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse; -import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute; -import at.gv.egovernment.moa.id.auth.data.IdentityLink; import at.gv.egovernment.moa.id.auth.data.SAMLAttribute; import at.gv.egovernment.moa.id.auth.exception.ValidateException; import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.commons.api.IRequest; +import at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute; +import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession; +import at.gv.egovernment.moa.id.commons.api.data.IIdentityLink; import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; import at.gv.egovernment.moa.id.config.TargetToSectorNameMapper; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; @@ -129,7 +129,7 @@ public class CreateXMLSignatureResponseValidator { * @param pendingReq * @throws ValidateException */ - public void validate(CreateXMLSignatureResponse createXMLSignatureResponse, AuthenticationSession session, IRequest pendingReq) + public void validate(CreateXMLSignatureResponse createXMLSignatureResponse, IAuthenticationSession session, IRequest pendingReq) throws ValidateException { // A3.056: more then one /saml:Assertion/saml:AttributeStatement/saml:Subject/saml:NameIdentifier @@ -142,7 +142,7 @@ public class CreateXMLSignatureResponseValidator { String oaURL = oaParam.getPublicURLPrefix(); boolean businessService = oaParam.getBusinessService(); - IdentityLink identityLink = session.getIdentityLink(); + IIdentityLink identityLink = session.getIdentityLink(); Element samlAssertion = createXMLSignatureResponse.getSamlAssertion(); String issuer = samlAssertion.getAttribute("Issuer"); @@ -415,13 +415,13 @@ public class CreateXMLSignatureResponseValidator { * @param pendingReq * @throws ValidateException */ - public void validateSSO(CreateXMLSignatureResponse createXMLSignatureResponse, AuthenticationSession session, IRequest pendingReq) + public void validateSSO(CreateXMLSignatureResponse createXMLSignatureResponse, IAuthenticationSession session, IRequest pendingReq) throws ValidateException { // A3.056: more then one /saml:Assertion/saml:AttributeStatement/saml:Subject/saml:NameIdentifier String oaURL = pendingReq.getAuthURL(); - IdentityLink identityLink = session.getIdentityLink(); + IIdentityLink identityLink = session.getIdentityLink(); Element samlAssertion = createXMLSignatureResponse.getSamlAssertion(); String issuer = samlAssertion.getAttribute("Issuer"); diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/IdentityLinkValidator.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/IdentityLinkValidator.java index fa6486afe..f3ce6888b 100644 --- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/IdentityLinkValidator.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/IdentityLinkValidator.java @@ -51,6 +51,7 @@ import org.w3c.dom.NodeList; import at.gv.egovernment.moa.id.auth.data.IdentityLink; import at.gv.egovernment.moa.id.auth.exception.ValidateException; +import at.gv.egovernment.moa.id.commons.api.data.IIdentityLink; import at.gv.egovernment.moa.util.Constants; import at.gv.egovernment.moa.util.XPathUtils; @@ -134,7 +135,7 @@ public class IdentityLinkValidator implements Constants { * @param identityLink The identityLink to validate * @throws ValidateException on any validation error */ - public void validate(IdentityLink identityLink) throws ValidateException { + public void validate(IIdentityLink identityLink) throws ValidateException { Element samlAssertion = identityLink.getSamlAssertion(); //Search the SAML:ASSERTION Object (A2.054) diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java index df101f5b7..4953dad02 100644 --- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java @@ -46,13 +46,6 @@ package at.gv.egovernment.moa.id.auth.validator; -import iaik.asn1.ObjectID; -import iaik.asn1.structures.Name; -import iaik.security.ecc.ecdsa.ECPublicKey; -import iaik.utils.RFC2253NameParserException; -import iaik.x509.X509Certificate; -import iaik.x509.X509ExtensionInitException; - import java.security.InvalidKeyException; import java.security.PublicKey; import java.security.interfaces.RSAPublicKey; @@ -61,15 +54,21 @@ import java.util.Iterator; import java.util.List; import java.util.Set; -import at.gv.egovernment.moa.id.auth.data.IdentityLink; import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse; import at.gv.egovernment.moa.id.auth.exception.ValidateException; import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.data.IIdentityLink; +import at.gv.egovernment.moa.id.commons.api.data.IVerifiyXMLSignatureResponse; import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; import at.gv.egovernment.moa.id.commons.utils.MOAIDMessageProvider; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.logging.Logger; +import iaik.asn1.structures.Name; +import iaik.security.ec.common.ECPublicKey; +import iaik.utils.RFC2253NameParserException; +import iaik.x509.X509Certificate; +import iaik.x509.X509ExtensionInitException; /** * This class is used to validate an {@link VerifyXMLSignatureResponse} @@ -111,7 +110,7 @@ public class VerifyXMLSignatureResponseValidator { * @throws ValidateException on any validation error * @throws ConfigurationException */ - public void validate(VerifyXMLSignatureResponse verifyXMLSignatureResponse, + public void validate(IVerifiyXMLSignatureResponse verifyXMLSignatureResponse, List<String> identityLinkSignersSubjectDNNames, String whatToCheck, IOAAuthParameters oaParam) @@ -242,8 +241,8 @@ public class VerifyXMLSignatureResponseValidator { * @throws ValidateException */ public void validateCertificate( - VerifyXMLSignatureResponse verifyXMLSignatureResponse, - IdentityLink idl) + IVerifiyXMLSignatureResponse verifyXMLSignatureResponse, + IIdentityLink idl) throws ValidateException { X509Certificate x509Response = verifyXMLSignatureResponse.getX509certificate(); @@ -268,9 +267,9 @@ public class VerifyXMLSignatureResponseValidator { //compare ECDSAPublicKeys if( ( (idl.getPublicKey()[i] instanceof java.security.interfaces.ECPublicKey) || - (idl.getPublicKey()[i] instanceof iaik.security.ecc.ecdsa.ECPublicKey)) && + (idl.getPublicKey()[i] instanceof ECPublicKey)) && ( (pubKeySignature instanceof java.security.interfaces.ECPublicKey) || - (pubKeySignature instanceof iaik.security.ecc.ecdsa.ECPublicKey) ) ) { + (pubKeySignature instanceof ECPublicKey) ) ) { try { ECPublicKey ecdsaPubKeySignature = new ECPublicKey(pubKeySignature.getEncoded()); diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/util/CitizenCardServletUtils.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/util/CitizenCardServletUtils.java index 1f2cda680..d093cc7f0 100644 --- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/util/CitizenCardServletUtils.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/util/CitizenCardServletUtils.java @@ -57,9 +57,9 @@ import javax.servlet.http.HttpServletResponse; import com.google.common.net.MediaType; import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; import at.gv.egovernment.moa.id.commons.api.IRequest; +import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession; import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; import at.gv.egovernment.moa.logging.Logger; @@ -148,7 +148,7 @@ public class CitizenCardServletUtils extends ServletUtils{ * @throws MOAIDException * @throws IOException */ - public static void writeCreateXMLSignatureRequestURLEncoded(HttpServletResponse resp, AuthenticationSession session, String createXMLSignatureRequestOrRedirect, String servletGoal, String servletName, String dataURL) + public static void writeCreateXMLSignatureRequestURLEncoded(HttpServletResponse resp, IAuthenticationSession session, String createXMLSignatureRequestOrRedirect, String servletGoal, String servletName, String dataURL) throws MOAIDException, IOException { resp.setStatus(200); diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/util/client/mis/simple/MISSimpleClient.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/util/client/mis/simple/MISSimpleClient.java index 7b5a7b9c0..12e58342a 100644 --- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/util/client/mis/simple/MISSimpleClient.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/util/client/mis/simple/MISSimpleClient.java @@ -152,11 +152,11 @@ public class MISSimpleClient { } return foundMandates; } catch (ParserConfigurationException e) { - throw new MISSimpleClientException("service.06", e); + throw new MISSimpleClientException("service.06", new Object[]{e.getMessage()}, e); } catch (DOMException e) { - throw new MISSimpleClientException("service.06", e); + throw new MISSimpleClientException("service.06", new Object[]{e.getMessage()}, e); } catch (TransformerException e) { - throw new MISSimpleClientException("service.06", e); + throw new MISSimpleClientException("service.06", new Object[]{e.getMessage()}, e); } } @@ -259,11 +259,11 @@ public class MISSimpleClient { return msid; } catch (ParserConfigurationException e) { - throw new MISSimpleClientException("service.06", e); + throw new MISSimpleClientException("service.06", new Object[]{e.getMessage()}, e); } catch (DOMException e) { - throw new MISSimpleClientException("service.06", e); + throw new MISSimpleClientException("service.06", new Object[]{e.getMessage()}, e); } catch (TransformerException e) { - throw new MISSimpleClientException("service.06", e); + throw new MISSimpleClientException("service.06", new Object[]{e.getMessage()}, e); } } @@ -315,19 +315,19 @@ public class MISSimpleClient { return unpackFromSOAP(doc.getDocumentElement()); } catch(IOException e) { - throw new MISSimpleClientException("service.04", e); + throw new MISSimpleClientException("service.04", new Object[]{webServiceURL, e.getMessage()}, e); } catch (TransformerException e) { - throw new MISSimpleClientException("service.06", e); + throw new MISSimpleClientException("service.06", new Object[]{e.getMessage()}, e); } catch (SAXException e) { - throw new MISSimpleClientException("service.06", e); + throw new MISSimpleClientException("service.06", new Object[]{e.getMessage()}, e); } catch (ParserConfigurationException e) { - throw new MISSimpleClientException("service.06", e); + throw new MISSimpleClientException("service.06", new Object[]{e.getMessage()}, e); } catch (Exception e) { - throw new MISSimpleClientException("service.06", e); + throw new MISSimpleClientException("service.06", new Object[]{e.getMessage()}, e); } diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilderTest.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilderTest.java index b26fd4738..f2fde6322 100644 --- a/id/server/modules/moa-id-modul-citizencard_authentication/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilderTest.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilderTest.java @@ -47,8 +47,8 @@ package test.at.gv.egovernment.moa.id.auth.builder; import at.gv.egovernment.moa.id.auth.builder.PersonDataBuilder; -import at.gv.egovernment.moa.id.auth.data.IdentityLink; import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser; +import at.gv.egovernment.moa.id.commons.api.data.IIdentityLink; import at.gv.egovernment.moa.util.Constants; import test.at.gv.egovernment.moa.id.UnitTestCase; @@ -67,14 +67,14 @@ public class PersonDataBuilderTest extends UnitTestCase implements Constants { } public void testBuild() throws Exception { String xmlInfoboxReadResponse = readFile("data/test/xmldata/testperson1/InfoboxReadResponse.xml"); - IdentityLink il = new InfoboxReadResponseParser(xmlInfoboxReadResponse).parseIdentityLink(); + IIdentityLink il = new InfoboxReadResponseParser(xmlInfoboxReadResponse).parseIdentityLink(); String xmlPersonData = new PersonDataBuilder().build(il, true); String xmlPersonDataShould = "<pr:Person xsi:type=\"pr:PhysicalPersonType\"><pr:Identification><pr:Value>123456789012</pr:Value><pr:Type>http://reference.e-government.gv.at/names/persondata/20020228#zmr-zahl</pr:Type></pr:Identification><pr:Name><pr:GivenName>Hermann</pr:GivenName><pr:FamilyName primary=\"undefined\">Muster</pr:FamilyName></pr:Name><pr:DateOfBirth>1968-10-22</pr:DateOfBirth></pr:Person>"; assertPersonDataEquals(xmlPersonDataShould, xmlPersonData); } public void testBuildNoZMRZahl() throws Exception { String xmlInfoboxReadResponse = readFile("data/test/xmldata/testperson1/InfoboxReadResponse.xml"); - IdentityLink il = new InfoboxReadResponseParser(xmlInfoboxReadResponse).parseIdentityLink(); + IIdentityLink il = new InfoboxReadResponseParser(xmlInfoboxReadResponse).parseIdentityLink(); String xmlPersonData = new PersonDataBuilder().build(il, false); String xmlPersonDataShould = XML_DECL + "<pr:Person xsi:type=\"pr:PhysicalPersonType\"><pr:Name><pr:GivenName>Hermann</pr:GivenName><pr:FamilyName primary=\"undefined\">Muster</pr:FamilyName></pr:Name><pr:DateOfBirth>1968-10-22</pr:DateOfBirth></pr:Person>"; assertPersonDataEquals(xmlPersonDataShould, xmlPersonData); diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/InfoboxReadResponseParserTest.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/InfoboxReadResponseParserTest.java index 8d7dee597..38bf1cab6 100644 --- a/id/server/modules/moa-id-modul-citizencard_authentication/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/InfoboxReadResponseParserTest.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/InfoboxReadResponseParserTest.java @@ -49,10 +49,9 @@ package test.at.gv.egovernment.moa.id.auth.parser; import java.io.RandomAccessFile; import test.at.gv.egovernment.moa.id.UnitTestCase; - -import at.gv.egovernment.moa.id.auth.data.IdentityLink; import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser; import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser; +import at.gv.egovernment.moa.id.commons.api.data.IIdentityLink; /** * @author Paul Ivancsics @@ -81,7 +80,7 @@ public class InfoboxReadResponseParserTest extends UnitTestCase { InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(xmlInfoboxReadResponse); ilap = new IdentityLinkAssertionParser(irrp.parseSAMLAssertion()); - IdentityLink idl = ilap.parseIdentityLink(); + IIdentityLink idl = ilap.parseIdentityLink(); System.out.println(idl.getGivenName()); System.out.println(idl.getFamilyName()); System.out.println(idl.getDateOfBirth()); @@ -101,7 +100,7 @@ public class InfoboxReadResponseParserTest extends UnitTestCase { InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(xmlInfoboxReadResponse); ilap = new IdentityLinkAssertionParser(irrp.parseSAMLAssertion()); - IdentityLink idl = ilap.parseIdentityLink(); + IIdentityLink idl = ilap.parseIdentityLink(); System.out.println(idl.getGivenName()); System.out.println(idl.getFamilyName()); System.out.println(idl.getDateOfBirth()); diff --git a/id/server/modules/moa-id-module-eIDAS/pom.xml b/id/server/modules/moa-id-module-eIDAS/pom.xml index addf086d8..174ce40cb 100644 --- a/id/server/modules/moa-id-module-eIDAS/pom.xml +++ b/id/server/modules/moa-id-module-eIDAS/pom.xml @@ -12,10 +12,11 @@ <properties> <repositoryPath>${basedir}/../../../../repository</repositoryPath> - <eidas-commons.version>eidas.1.0</eidas-commons.version> - <eidas-saml-engine.version>eidas.1.0</eidas-saml-engine.version> - <eidas-encryption.version>eidas.1.0</eidas-encryption.version> - <eidas-configmodule.version>eidas.1.0</eidas-configmodule.version> + <eidas-commons.version>1.1.0</eidas-commons.version> + <eidas-light-commons.version>1.1.0</eidas-light-commons.version> + <eidas-saml-engine.version>1.1.0</eidas-saml-engine.version> + <eidas-encryption.version>1.1.0</eidas-encryption.version> + <eidas-configmodule.version>1.1.0</eidas-configmodule.version> </properties> @@ -44,6 +45,11 @@ <dependencies> <dependency> + <groupId>MOA.id.server</groupId> + <artifactId>moa-id-lib</artifactId> + </dependency> + + <dependency> <groupId>org.springframework</groupId> <artifactId>spring-test</artifactId> <scope>test</scope> @@ -75,6 +81,12 @@ <dependency> <groupId>eu.eidas</groupId> + <artifactId>eidas-light-commons</artifactId> + <version>${eidas-light-commons.version}</version> + </dependency> + + <dependency> + <groupId>eu.eidas</groupId> <artifactId>eidas-configmodule</artifactId> <version>${eidas-configmodule.version}</version> <exclusions> @@ -100,7 +112,7 @@ <!-- eidas SAML Engine --> <dependency> <groupId>eu.eidas</groupId> - <artifactId>saml-engine</artifactId> + <artifactId>eidas-saml-engine</artifactId> <version>${eidas-saml-engine.version}</version> <scope>compile</scope> <exclusions> diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/Constants.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/Constants.java index d93d739b1..f45b6ffa5 100644 --- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/Constants.java +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/Constants.java @@ -22,15 +22,12 @@ */ package at.gv.egovernment.moa.id.auth.modules.eidas; -import java.util.Collections; -import java.util.HashMap; -import java.util.Map; - import org.opensaml.xml.encryption.EncryptionConstants; import org.opensaml.xml.signature.SignatureConstants; +//import eu.eidas.auth.engine.core.validator.eidas.EIDASAttributes; -import eu.eidas.auth.engine.core.eidas.EidasAttributesTypes; -import eu.eidas.auth.engine.core.validator.eidas.EIDASAttributes; +import eu.eidas.auth.commons.attribute.AttributeRegistries; +import eu.eidas.auth.commons.attribute.AttributeRegistry; /** * @author tlenz @@ -54,6 +51,7 @@ public class Constants { //configuration property keys public static final String CONIG_PROPS_EIDAS_PREFIX="moa.id.protocols.eIDAS"; public static final String CONIG_PROPS_EIDAS_SAMLENGINE="samlengine"; + public static final String CONIG_PROPS_EIDAS_NODE= CONIG_PROPS_EIDAS_PREFIX + ".node"; public static final String CONIG_PROPS_EIDAS_SAMLENGINE_PREFIX=CONIG_PROPS_EIDAS_PREFIX + "." + CONIG_PROPS_EIDAS_SAMLENGINE; public static final String CONIG_PROPS_EIDAS_SAMLENGINE_BASIC_CONFIGFILE = CONIG_PROPS_EIDAS_SAMLENGINE_PREFIX + ".config.file"; public static final String CONIG_PROPS_EIDAS_SAMLENGINE_SIGN="sign"; @@ -64,23 +62,33 @@ public class Constants { + CONIG_PROPS_EIDAS_SAMLENGINE_ENCRYPT + ".config.file"; public static final String CONIG_PROPS_EIDAS_METADATA_VALIDATION_TRUSTSTORE = CONIG_PROPS_EIDAS_PREFIX + ".metadata.validation.truststore"; + public static final String CONIG_PROPS_EIDAS_NODE_COUNTRYCODE = CONIG_PROPS_EIDAS_NODE + ".countrycode"; + public static final String CONIG_PROPS_EIDAS_NODE_COUNTRY = CONIG_PROPS_EIDAS_NODE + ".country"; + public static final String CONIG_PROPS_EIDAS_NODE_LoA = CONIG_PROPS_EIDAS_NODE + ".LoA"; + + //timeouts and clock skews - public static final long CONFIG_PROPS_SKEWTIME = 2 * 60 * 1000; //2 minutes skew time for response validation + public static final int CONFIG_PROPS_SKEWTIME = 2 * 60 * 1000; //2 minutes skew time for response validation public static final int CONFIG_PROPS_METADATA_SOCKED_TIMEOUT = 20 * 1000; //20 seconds metadata socked timeout public static final long CONFIG_PROPS_METADATA_GARBAGE_TIMEOUT = 7 * 24 * 60 * 60 * 1000; //remove unused eIDAS metadata after 7 days - - //eIDAS attribute names - public static final String eIDAS_ATTR_PERSONALIDENTIFIER = EIDASAttributes.ATTRIBUTE_NAME_SUFFIX_PERSONIDENTIFIER; - public static final String eIDAS_ATTR_DATEOFBIRTH = EIDASAttributes.ATTRIBUTE_NAME_SUFFIX_DATEOFBIRTH; - public static final String eIDAS_ATTR_CURRENTGIVENNAME = EIDASAttributes.ATTRIBUTE_NAME_SUFFIX_FIRSTNAME; - public static final String eIDAS_ATTR_CURRENTFAMILYNAME = EIDASAttributes.ATTRIBUTE_NAME_SUFFIX_GIVENNAME; + + //eIDAS request parameters + public static final String eIDAS_REQ_NAMEID_FORMAT = "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"; + + //eIDAS attribute names + public static final String eIDAS_ATTR_PERSONALIDENTIFIER = "PersonIdentifier"; + public static final String eIDAS_ATTR_DATEOFBIRTH = "DateOfBirth"; + public static final String eIDAS_ATTR_CURRENTGIVENNAME = "FirstName"; + public static final String eIDAS_ATTR_CURRENTFAMILYNAME = "FamilyName"; + public static final String eIDAS_ATTR_LEGALPERSONIDENTIFIER = "LegalPersonIdentifier"; + public static final String eIDAS_ATTR_LEGALNAME = "LegalName"; //http endpoint descriptions public static final String eIDAS_HTTP_ENDPOINT_SP_POST = "/eidas/sp/post"; public static final String eIDAS_HTTP_ENDPOINT_SP_REDIRECT = "/eidas/sp/redirect"; - public static final String eIDAS_HTTP_ENDPOINT_IDP_POST = "/eidas/idp/post"; + //public static final String eIDAS_HTTP_ENDPOINT_IDP_POST = "/eidas/idp/post"; + //public static final String eIDAS_HTTP_ENDPOINT_IDP_REDIRECT = "/eidas/idp/redirect"; public static final String eIDAS_HTTP_ENDPOINT_IDP_COLLEAGUEREQUEST = "/eidas/ColleagueRequest"; - public static final String eIDAS_HTTP_ENDPOINT_IDP_REDIRECT = "/eidas/idp/redirect"; public static final String eIDAS_HTTP_ENDPOINT_METADATA = "/eidas/metadata"; @@ -92,22 +100,38 @@ public class Constants { public static final int eIDAS_REVERSIONSLOG_SP_AUTHRESPONSE= 3404; //metadata constants - public final static Map<String, EidasAttributesTypes> METADATA_POSSIBLE_ATTRIBUTES = Collections.unmodifiableMap( - new HashMap<String, EidasAttributesTypes>(){ - private static final long serialVersionUID = 1L; - { - put(EIDASAttributes.ATTRIBUTE_GIVENNAME, EidasAttributesTypes.NATURAL_PERSON_MANDATORY); - put(EIDASAttributes.ATTRIBUTE_FIRSTNAME, EidasAttributesTypes.NATURAL_PERSON_MANDATORY); - put(EIDASAttributes.ATTRIBUTE_DATEOFBIRTH, EidasAttributesTypes.NATURAL_PERSON_MANDATORY); - put(EIDASAttributes.ATTRIBUTE_PERSONIDENTIFIER, EidasAttributesTypes.NATURAL_PERSON_MANDATORY); - - //TODO: add additional attributes for eIDAS with mandates - //put(EIDASAttributes.ATTRIBUTE_LEGALIDENTIFIER, EidasAttributesTypes.LEGAL_PERSON_MANDATORY); - //put(EIDASAttributes.ATTRIBUTE_LEGALNAME, EidasAttributesTypes.LEGAL_PERSON_MANDATORY); - } - } - ); +// public final static Map<String, EidasAttributesTypes> METADATA_POSSIBLE_ATTRIBUTES = Collections.unmodifiableMap( +// new HashMap<String, EidasAttributesTypes>(){ +// private static final long serialVersionUID = 1L; +// { +// put(EIDASAttributes.ATTRIBUTE_GIVENNAME, EidasAttributesTypes.NATURAL_PERSON_MANDATORY); +// put(EIDASAttributes.ATTRIBUTE_FIRSTNAME, EidasAttributesTypes.NATURAL_PERSON_MANDATORY); +// put(EIDASAttributes.ATTRIBUTE_DATEOFBIRTH, EidasAttributesTypes.NATURAL_PERSON_MANDATORY); +// put(EIDASAttributes.ATTRIBUTE_PERSONIDENTIFIER, EidasAttributesTypes.NATURAL_PERSON_MANDATORY); +// +// //TODO: add additional attributes for eIDAS with mandates +// //put(EIDASAttributes.ATTRIBUTE_LEGALIDENTIFIER, EidasAttributesTypes.LEGAL_PERSON_MANDATORY); +// //put(EIDASAttributes.ATTRIBUTE_LEGALNAME, EidasAttributesTypes.LEGAL_PERSON_MANDATORY); +// } +// } +// ); + public static final AttributeRegistry NAT_ATTR = + AttributeRegistries.of( eu.eidas.auth.engine.core.eidas.spec.NaturalPersonSpec.Definitions.PERSON_IDENTIFIER, + eu.eidas.auth.engine.core.eidas.spec.NaturalPersonSpec.Definitions.CURRENT_FAMILY_NAME, + eu.eidas.auth.engine.core.eidas.spec.NaturalPersonSpec.Definitions.CURRENT_GIVEN_NAME, + eu.eidas.auth.engine.core.eidas.spec.NaturalPersonSpec.Definitions.DATE_OF_BIRTH + ); + + public static final AttributeRegistry LEGAL_ATTR = + AttributeRegistries.of( eu.eidas.auth.engine.core.eidas.spec.LegalPersonSpec.Definitions.LEGAL_PERSON_IDENTIFIER, + eu.eidas.auth.engine.core.eidas.spec.LegalPersonSpec.Definitions.LEGAL_NAME + ); + + public static final AttributeRegistry MOA_IDP_ATTR_REGISTRY = + AttributeRegistries.copyOf(NAT_ATTR, LEGAL_ATTR); + + public static final String METADATA_ALLOWED_ALG_DIGIST = SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256 + ";" + SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA512 ; diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/config/MOASWSigner.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/config/MOASWSigner.java new file mode 100644 index 000000000..302c12aaa --- /dev/null +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/config/MOASWSigner.java @@ -0,0 +1,56 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.eidas.config; + +import java.util.Map; + +import at.gv.egovernment.moa.id.auth.modules.eidas.Constants; +import eu.eidas.auth.engine.configuration.SamlEngineConfigurationException; +import eu.eidas.auth.engine.configuration.dom.ConfigurationAdapter; +import eu.eidas.auth.engine.configuration.dom.ConfigurationKey; +import eu.eidas.auth.engine.core.impl.KeyStoreProtocolSigner; +import eu.eidas.samlengineconfig.CertificateConfigurationManager; + +/** + * @author tlenz + * + */ +public class MOASWSigner extends KeyStoreProtocolSigner { + + public MOASWSigner(Map<String, String> properties) throws SamlEngineConfigurationException { + super(properties); + + } + + /** + * @param configManager + * @throws SamlEngineConfigurationException + */ + public MOASWSigner(CertificateConfigurationManager configManager) throws SamlEngineConfigurationException { + super(ConfigurationAdapter.adapt(configManager).getInstances().get(Constants.eIDAS_SAML_ENGINE_NAME).getConfigurationEntries().get(ConfigurationKey.SIGNATURE_CONFIGURATION.getKey()).getParameters()); + + } + + + +} diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/config/MOAeIDASSAMLEngineConfigurationImpl.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/config/MOAeIDASSAMLEngineConfigurationImpl.java index 5d1874157..78793d3fc 100644 --- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/config/MOAeIDASSAMLEngineConfigurationImpl.java +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/config/MOAeIDASSAMLEngineConfigurationImpl.java @@ -42,9 +42,7 @@ import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.FileUtils; import at.gv.egovernment.moa.util.MiscUtil; - import eu.eidas.samlengineconfig.BinaryParameter; -import eu.eidas.samlengineconfig.ConfigurationParameter; import eu.eidas.samlengineconfig.EngineInstance; import eu.eidas.samlengineconfig.InstanceConfiguration; import eu.eidas.samlengineconfig.PropsParameter; @@ -57,10 +55,10 @@ import eu.eidas.samlengineconfig.SamlEngineConfiguration; public class MOAeIDASSAMLEngineConfigurationImpl extends SamlEngineConfiguration { - private static final String KEYSTORE_PATH="keystorePath"; - private static final String METADATA_KEYSTORE_PATH="metadata.keystorePath"; + private static final String KEYSTORE_PATH="keyStorePath"; + private static final String METADATA_KEYSTORE_PATH="metadata.keyStorePath"; private static final String ENCRYPTION_ACTIVATION="encryptionActivation"; - private static final String[] BINARY_PARAMETERS={KEYSTORE_PATH, ENCRYPTION_ACTIVATION,METADATA_KEYSTORE_PATH}; + public static final String[] BINARY_PARAMETERS={KEYSTORE_PATH, ENCRYPTION_ACTIVATION,METADATA_KEYSTORE_PATH}; public List<EngineInstance> getInstances(){ return super.getInstances(); @@ -95,7 +93,7 @@ public class MOAeIDASSAMLEngineConfigurationImpl extends //add basic eIDAS SAML-engine configuration MOAeIDASSAMLInstanceConfigurationImpl samlBaseConfig = new MOAeIDASSAMLInstanceConfigurationImpl(); samlBaseConfig.setName(Constants.eIDAS_SAML_ENGINE_NAME_ID_BASICCONFIG); - samlBaseConfig.addParameter(loadConfigurationFromExternalFile(Constants.CONIG_PROPS_EIDAS_SAMLENGINE_BASIC_CONFIGFILE)); + samlBaseConfig.addParameter(buildPropsParameter(Constants.CONIG_PROPS_EIDAS_SAMLENGINE_BASIC_CONFIGFILE)); engineConfigs.add(samlBaseConfig); //add signing eIDAS SAML-engine configuration @@ -103,7 +101,7 @@ public class MOAeIDASSAMLEngineConfigurationImpl extends samlSignConfig.setName(Constants.eIDAS_SAML_ENGINE_NAME_ID_SIGNATURECONFIG); samlSignConfig.addParameter(Constants.eIDAS_SAML_ENGINE_NAME_ID_CLASS, Constants.SAML_SIGNING_IMPLENTATION); - + //TODO: load signing keys directly from MOA-ID configuration in finale version samlSignConfig.addParameter(loadConfigurationFromExternalFile(Constants.CONIG_PROPS_EIDAS_SAMLENGINE_SIGN_CONFIGFILE)); engineConfigs.add(samlSignConfig); @@ -122,16 +120,16 @@ public class MOAeIDASSAMLEngineConfigurationImpl extends super.addInstance(engineInst); } - + /** * Load an external eIDAS SAML-engine configuration file, which is referenced from MOA-ID configuration * * @param key Configuration key, which is used in property based MOA-ID configuration file - * @return eIDAS SAML-engine configuration object + * @return eIDAS SAML-engine configuration Properties * @throws ConfigurationException */ - private ConfigurationParameter loadConfigurationFromExternalFile(String key) throws ConfigurationException { + private Properties loadConfigurationFromExternalFile(String key) throws ConfigurationException { String configFile = AuthConfigurationProviderFactory.getInstance().getBasicMOAIDConfiguration(key); if (MiscUtil.isEmpty(configFile)) { @@ -141,15 +139,21 @@ public class MOAeIDASSAMLEngineConfigurationImpl extends return null; } - Properties inputProps = loadPropsFromXml(configFile); - return buildPropsParameter(inputProps, configFile); + Properties inputProps = loadPropsFromXml(configFile); + return inputProps; + //return buildPropsParameter(inputProps, configFile); } - private PropsParameter buildPropsParameter(Properties inputProps, String fileName) throws EIDASEngineConfigurationException { + private PropsParameter buildPropsParameter(String configKey) throws ConfigurationException { + Properties inputProps = loadConfigurationFromExternalFile(configKey); + + String configFile = + AuthConfigurationProviderFactory.getInstance().getBasicMOAIDConfiguration(configKey); + PropsParameter outputProps = new PropsParameter(); - outputProps.setFileName(fileName); + outputProps.setFileName(configFile); //original eIDAS SAML-engine use this identifier outputProps.setName("fileConfiguration"); @@ -241,6 +245,8 @@ public class MOAeIDASSAMLEngineConfigurationImpl extends configFile, AuthConfigurationProviderFactory.getInstance().getRootConfigFileDir()); + Logger.debug("Load eIDAS configuration from file:" + absoluteConfigFile); + File file = new File(new URL(absoluteConfigFile).toURI()); is = new FileInputStream(file); props.loadFromXML(is); diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/config/MOAeIDASSAMLInstanceConfigurationImpl.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/config/MOAeIDASSAMLInstanceConfigurationImpl.java index dccd39905..384d6be0b 100644 --- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/config/MOAeIDASSAMLInstanceConfigurationImpl.java +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/config/MOAeIDASSAMLInstanceConfigurationImpl.java @@ -22,9 +22,22 @@ */ package at.gv.egovernment.moa.id.auth.modules.eidas.config; +import java.io.File; +import java.io.IOException; +import java.net.URI; +import java.net.URISyntaxException; +import java.net.URL; import java.util.ArrayList; +import java.util.Arrays; +import java.util.Iterator; import java.util.List; +import java.util.Map.Entry; +import java.util.Properties; +import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.FileUtils; import eu.eidas.samlengineconfig.ConfigurationParameter; import eu.eidas.samlengineconfig.InstanceConfiguration; import eu.eidas.samlengineconfig.StringParameter; @@ -56,5 +69,49 @@ public class MOAeIDASSAMLInstanceConfigurationImpl extends addParameter(param); } + + public void addParameter(Properties parameters) { + Iterator<Entry<Object, Object>> paramInterator = parameters.entrySet().iterator(); + while (paramInterator.hasNext()) { + Entry<Object, Object> next = paramInterator.next(); + + StringParameter param = new StringParameter(); + String keyName = (String) next.getKey(); + param.setName(keyName); + + //make path to binary files absolute + if (Arrays.asList(MOAeIDASSAMLEngineConfigurationImpl.BINARY_PARAMETERS).contains(keyName)) + try { + String absoluteConfigFile = FileUtils.makeAbsoluteURL( + (String)next.getValue(), + AuthConfigurationProviderFactory.getInstance().getRootConfigFileDir()); + + URI uri = new URL(absoluteConfigFile).toURI(); + + File file = new File(uri); + if (file.exists()) + param.setValue(file.getCanonicalPath()); + + else { + Logger.error("eIDAS-configuration fileparameter with key:" + param.getName() + " and path:" + uri.toString() + " NOT exist!"); + param.setValue(null); + + } + + + } catch (ConfigurationException | URISyntaxException | IOException e) { + //TODO: make final!!!! + e.printStackTrace(); + param.setValue(next.getValue()); + + } + else + param.setValue(next.getValue()); + + addParameter(param); + + } + + } } diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/config/ModifiedEncryptionSW.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/config/ModifiedEncryptionSW.java index 1ba344fd1..9ad5f0db3 100644 --- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/config/ModifiedEncryptionSW.java +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/config/ModifiedEncryptionSW.java @@ -1,18 +1,95 @@ package at.gv.egovernment.moa.id.auth.modules.eidas.config; +import java.security.cert.X509Certificate; +import java.util.Map; + +import org.apache.commons.lang.StringUtils; + +import com.google.common.collect.ImmutableMap; +import com.sun.istack.Nullable; + import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.logging.Logger; -import eu.eidas.auth.engine.core.impl.EncryptionSW; +import eu.eidas.auth.commons.EidasErrorKey; +import eu.eidas.auth.commons.io.ReloadableProperties; +import eu.eidas.auth.engine.configuration.SamlEngineConfigurationException; +import eu.eidas.auth.engine.configuration.dom.EncryptionKey; +import eu.eidas.auth.engine.core.impl.CertificateValidator; +import eu.eidas.auth.engine.core.impl.KeyStoreSamlEngineEncryption; +import eu.eidas.auth.engine.xml.opensaml.CertificateUtil; +import eu.eidas.engine.exceptions.EIDASSAMLEngineException; /** * This encryption module asks the moa configuration on whether to encrypt the response or not. In doubt, encryption is enforced. */ -public class ModifiedEncryptionSW extends EncryptionSW { +public class ModifiedEncryptionSW extends KeyStoreSamlEngineEncryption { + + private final ImmutableMap<String, String> properties; + + private final ReloadableProperties encryptionActivationProperties; + + private static ReloadableProperties initActivationConf(Map<String, String> properties) { + String activationConfigurationFile = EncryptionKey.ENCRYPTION_ACTIVATION.getAsString(properties); + Logger.debug("File containing encryption configuration: \"" + activationConfigurationFile + "\""); + return new ReloadableProperties(activationConfigurationFile); + } + + /** + * @param properties + * @throws SamlEngineConfigurationException + */ + public ModifiedEncryptionSW(Map<String, String> properties) throws SamlEngineConfigurationException { + super(properties); + this.properties = ImmutableMap.copyOf(properties); + encryptionActivationProperties = initActivationConf(properties); + } + + /* (non-Javadoc) + * @see eu.eidas.auth.engine.core.ProtocolEncrypterI#getEncryptionCertificate(java.lang.String) + */ + @Override + @Nullable + public X509Certificate getEncryptionCertificate(@Nullable String destinationCountryCode) + throws EIDASSAMLEngineException { + if (isEncryptionEnabled(destinationCountryCode)) { + String issuerKey = new StringBuilder(EncryptionKey.RESPONSE_TO_POINT_ISSUER_PREFIX.getKey()).append( + destinationCountryCode).toString(); + String serialNumberKey = + new StringBuilder(EncryptionKey.RESPONSE_TO_POINT_SERIAL_NUMBER_PREFIX.getKey()).append( + destinationCountryCode).toString(); + String serialNumber = properties.get(serialNumberKey); + String responseToPointIssuer = properties.get(issuerKey); + if (StringUtils.isNotBlank(responseToPointIssuer)) { + for (final X509Certificate certificate : getEncryptionCertificates()) { + if (CertificateUtil.matchesCertificate(serialNumber, responseToPointIssuer, certificate)) { + + if (isDisallowedSelfSignedCertificate()) { + CertificateValidator.checkCertificateIssuer(certificate); + } + if (isCheckedValidityPeriod()) { + CertificateValidator.checkCertificateValidityPeriod(certificate); + } + + return certificate; + } + } + throw new EIDASSAMLEngineException(EidasErrorKey.SAML_ENGINE_INVALID_CERTIFICATE.errorCode(), + EidasErrorKey.SAML_ENGINE_INVALID_CERTIFICATE.errorMessage()); + } else { + Logger.error("Encryption of SAML Response NOT done, because no \"" + issuerKey + + "\" configured!"); + } + } + return null; + } + /* (non-Javadoc) + * @see eu.eidas.auth.engine.core.ProtocolEncrypterI#isEncryptionEnabled(java.lang.String) + */ @Override - public boolean isEncryptionEnable(String countryCode) { + public boolean isEncryptionEnabled(String countryCode) { // - encrypt if so configured try { AuthConfiguration moaconfig = AuthConfigurationProviderFactory.getInstance(); diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/engine/MOAEidasProtocolProcesser.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/engine/MOAEidasProtocolProcesser.java new file mode 100644 index 000000000..c24c5efca --- /dev/null +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/engine/MOAEidasProtocolProcesser.java @@ -0,0 +1,57 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.eidas.engine; + +import eu.eidas.auth.engine.core.eidas.EidasProtocolProcessor; +import eu.eidas.auth.engine.metadata.MetadataFetcherI; +import eu.eidas.auth.engine.metadata.MetadataSignerI; + +/** + * @author tlenz + * + */ +public class MOAEidasProtocolProcesser extends EidasProtocolProcessor { + + private static final String OWN_EIDAS_RESPONSE_VALIDATOR_SUITE_ID = "moaEidasResponseValidatorSuiteId"; + + private final MetadataFetcherI metadataFetcher; + private final MetadataSignerI metadataSigner; + + /** + * @param metadataFetcher + * @param metadataSigner + */ + public MOAEidasProtocolProcesser(MetadataFetcherI metadataFetcher, MetadataSignerI metadataSigner) { + super(metadataFetcher, metadataSigner); + + this.metadataFetcher = metadataFetcher; + this.metadataSigner = metadataSigner; + + } + + @Override + public String getResponseValidatorId() { + return OWN_EIDAS_RESPONSE_VALIDATOR_SUITE_ID; + } + +} diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/engine/MOAeIDASChainingMetadataProvider.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/engine/MOAeIDASChainingMetadataProvider.java index 80a2734f2..0cb6228a7 100644 --- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/engine/MOAeIDASChainingMetadataProvider.java +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/engine/MOAeIDASChainingMetadataProvider.java @@ -18,58 +18,80 @@ import org.opensaml.saml2.metadata.EntitiesDescriptor; import org.opensaml.saml2.metadata.EntityDescriptor; import org.opensaml.saml2.metadata.RoleDescriptor; import org.opensaml.saml2.metadata.provider.ChainingMetadataProvider; -import org.opensaml.saml2.metadata.provider.FilterException; import org.opensaml.saml2.metadata.provider.HTTPMetadataProvider; import org.opensaml.saml2.metadata.provider.MetadataFilter; import org.opensaml.saml2.metadata.provider.MetadataProvider; import org.opensaml.saml2.metadata.provider.MetadataProviderException; import org.opensaml.saml2.metadata.provider.ObservableMetadataProvider; import org.opensaml.xml.XMLObject; +import org.springframework.stereotype.Service; +import at.gv.egovernment.moa.id.auth.IDestroyableObject; +import at.gv.egovernment.moa.id.auth.IGarbageCollectorProcessing; import at.gv.egovernment.moa.id.auth.modules.eidas.Constants; import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; import at.gv.egovernment.moa.id.commons.ex.MOAHttpProtocolSocketFactoryException; import at.gv.egovernment.moa.id.commons.utils.MOAHttpProtocolSocketFactory; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.id.config.auth.IGarbageCollectorProcessing; -import at.gv.egovernment.moa.id.config.auth.MOAGarbageCollector; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.filter.SchemaValidationException; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.filter.SignatureValidationException; import at.gv.egovernment.moa.id.protocols.pvp2x.verification.metadata.MOASPMetadataSignatureFilter; import at.gv.egovernment.moa.id.saml2.MetadataFilterChain; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; -import eu.eidas.auth.engine.AbstractSAMLEngine; +import eu.eidas.auth.engine.AbstractProtocolEngine; -public class MOAeIDASChainingMetadataProvider implements ObservableMetadataProvider, IGarbageCollectorProcessing { +@Service("eIDASMetadataProvider") +public class MOAeIDASChainingMetadataProvider implements ObservableMetadataProvider, + IGarbageCollectorProcessing, IDestroyableObject { - private static MOAeIDASChainingMetadataProvider instance = null; +// private static MOAeIDASChainingMetadataProvider instance = null; private static Object mutex = new Object(); private MetadataProvider internalProvider; private Map<String, Date> lastAccess = null; - public static MOAeIDASChainingMetadataProvider getInstance() { - if (instance == null) { - synchronized (mutex) { - if (instance == null) { - instance = new MOAeIDASChainingMetadataProvider(); - MOAGarbageCollector.addModulForGarbageCollection(instance); - } - } - } - return instance; - } +// public static MOAeIDASChainingMetadataProvider getInstance() { +// if (instance == null) { +// synchronized (mutex) { +// if (instance == null) { +// instance = new MOAeIDASChainingMetadataProvider(); +// MOAGarbageCollector.addModulForGarbageCollection(instance); +// } +// } +// } +// return instance; +// } - private MOAeIDASChainingMetadataProvider() { + public MOAeIDASChainingMetadataProvider() { internalProvider = new ChainingMetadataProvider(); lastAccess = new HashMap<String, Date>(); } /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.IDestroyableObject#fullyDestroy() + */ + @Override + public void fullyDestroy() { + Map<String, HTTPMetadataProvider> loadedproviders = getAllActuallyLoadedProviders(); + if (loadedproviders != null) { + for (Entry<String, HTTPMetadataProvider> el : loadedproviders.entrySet()) { + try { + el.getValue().destroy(); + Logger.debug("Destroy eIDAS Matadataprovider: " + el.getKey() + " finished"); + + } catch (Exception e) { + Logger.warn("Destroy eIDAS Matadataprovider: " + el.getKey() + " FAILED"); + + } + } + } + } + + /* (non-Javadoc) * @see at.gv.egovernment.moa.id.config.auth.IGarbageCollectorProcessing#runGarbageCollector() */ @Override @@ -128,9 +150,11 @@ public class MOAeIDASChainingMetadataProvider implements ObservableMetadataProvi List<String> nonValidMetadataProvider = new ArrayList<String>(); for (HTTPMetadataProvider provider : loadedproviders.values()) { try { - provider.getMetadataFilter().doFilter(provider.getMetadata()); + provider.refresh(); - } catch (FilterException | MetadataProviderException e) { + //provider.getMetadataFilter().doFilter(provider.getMetadata()); + + } catch (MetadataProviderException e) { Logger.info("eIDAS MetadataProvider: " + provider.getMetadataURI() + " is not valid any more. Reason:" + e.getMessage()); if (Logger.isDebugEnabled()) @@ -182,11 +206,11 @@ public class MOAeIDASChainingMetadataProvider implements ObservableMetadataProvi try { MOAHttpProtocolSocketFactory protoSocketFactory = new MOAHttpProtocolSocketFactory( Constants.SSLSOCKETFACTORYNAME, - authConfig.getCertstoreDirectory(), authConfig.getTrustedCACertificates(), null, AuthConfiguration.DEFAULT_X509_CHAININGMODE, - authConfig.isTrustmanagerrevoationchecking()); + authConfig.isTrustmanagerrevoationchecking(), + authConfig.getRevocationMethodOrder()); httpClient.setCustomSSLTrustStore(metadataURL, protoSocketFactory); @@ -196,10 +220,10 @@ public class MOAeIDASChainingMetadataProvider implements ObservableMetadataProvi } } - timer = new Timer(); + timer = new Timer(true); httpProvider = new HTTPMetadataProvider(timer, httpClient, metadataURL); - httpProvider.setParserPool(AbstractSAMLEngine.getNewBasicSecuredParserPool()); + httpProvider.setParserPool(AbstractProtocolEngine.getSecuredParserPool()); httpProvider.setRequireValidMetadata(true); httpProvider.setMinRefreshDelay(1000*60*15); //15 minutes httpProvider.setMaxRefreshDelay(1000*60*60*24); //24 hours @@ -282,14 +306,17 @@ public class MOAeIDASChainingMetadataProvider implements ObservableMetadataProvi } else { //load new Metadata Provider ChainingMetadataProvider chainProvider = (ChainingMetadataProvider) internalProvider; - HTTPMetadataProvider newMetadataProvider = createNewHTTPMetaDataProvider(metadataURL); - chainProvider.addMetadataProvider(newMetadataProvider); + HTTPMetadataProvider newMetadataProvider = createNewHTTPMetaDataProvider(metadataURL); - emitChangeEvent(); - Logger.info("eIDAS metadata for " - + metadataURL + " is added."); - return true; - + if (newMetadataProvider != null) { + chainProvider.addMetadataProvider(newMetadataProvider); + + emitChangeEvent(); + Logger.info("eIDAS metadata for " + + metadataURL + " is added."); + return true; + + } } } else @@ -405,5 +432,4 @@ public class MOAeIDASChainingMetadataProvider implements ObservableMetadataProvi if (observer != null) observer.onEvent(this); } - } diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/engine/MOAeIDASMetadataProviderDecorator.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/engine/MOAeIDASMetadataProviderDecorator.java index 7537c4d84..c5e56502b 100644 --- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/engine/MOAeIDASMetadataProviderDecorator.java +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/engine/MOAeIDASMetadataProviderDecorator.java @@ -31,15 +31,17 @@ import org.opensaml.saml2.metadata.SPSSODescriptor; import org.opensaml.saml2.metadata.provider.MetadataProvider; import org.opensaml.saml2.metadata.provider.MetadataProviderException; -import eu.eidas.auth.engine.EIDASSAMLEngine; -import eu.eidas.auth.engine.metadata.MetadataProcessorI; +import eu.eidas.auth.engine.ProtocolEngineI; +import eu.eidas.auth.engine.metadata.MetadataFetcherI; +import eu.eidas.auth.engine.metadata.MetadataSignerI; +import eu.eidas.engine.exceptions.EIDASSAMLEngineException; import eu.eidas.engine.exceptions.SAMLEngineException; /** * @author tlenz * */ -public class MOAeIDASMetadataProviderDecorator implements MetadataProcessorI { +public class MOAeIDASMetadataProviderDecorator implements MetadataFetcherI { private MetadataProvider metadataprovider = null; @@ -51,10 +53,31 @@ public class MOAeIDASMetadataProviderDecorator implements MetadataProcessorI { } + /* (non-Javadoc) - * @see eu.eidas.auth.engine.metadata.MetadataProcessorI#getEntityDescriptor(java.lang.String) + * @see eu.eidas.auth.engine.metadata.MetadataFetcherI#getEntityDescriptor(java.lang.String, eu.eidas.auth.engine.metadata.MetadataSignerI) */ @Override + public EntityDescriptor getEntityDescriptor(String url, MetadataSignerI paramMetadataSignerI) + throws EIDASSAMLEngineException { + try { + /*TODO: maybe implement metadata signature validation on every request, + * but it is not needed in case of cached metadata provider, + * because signature must be only validated in case of cache reload operation + */ + return this.metadataprovider.getEntityDescriptor(url); + + } catch (MetadataProviderException e) { + throw new EIDASSAMLEngineException("eIDAS Metadata processing FAILED.", e); + + } + } + + + /* (non-Javadoc) + * @see eu.eidas.auth.engine.metadata.MetadataProcessorI#getEntityDescriptor(java.lang.String) + */ + @Deprecated public EntityDescriptor getEntityDescriptor(String url) throws SAMLEngineException { try { @@ -69,7 +92,7 @@ public class MOAeIDASMetadataProviderDecorator implements MetadataProcessorI { /* (non-Javadoc) * @see eu.eidas.auth.engine.metadata.MetadataProcessorI#getSPSSODescriptor(java.lang.String) */ - @Override + @Deprecated public SPSSODescriptor getSPSSODescriptor(String url) throws SAMLEngineException { return getFirstRoleDescriptor(getEntityDescriptor(url), SPSSODescriptor.class); @@ -79,7 +102,7 @@ public class MOAeIDASMetadataProviderDecorator implements MetadataProcessorI { /* (non-Javadoc) * @see eu.eidas.auth.engine.metadata.MetadataProcessorI#getIDPSSODescriptor(java.lang.String) */ - @Override + @Deprecated public IDPSSODescriptor getIDPSSODescriptor(String url) throws SAMLEngineException { return getFirstRoleDescriptor(getEntityDescriptor(url), IDPSSODescriptor.class); @@ -89,8 +112,8 @@ public class MOAeIDASMetadataProviderDecorator implements MetadataProcessorI { /* (non-Javadoc) * @see eu.eidas.auth.engine.metadata.MetadataProcessorI#checkValidMetadataSignature(java.lang.String, eu.eidas.auth.engine.EIDASSAMLEngine) */ - @Override - public void checkValidMetadataSignature(String url, EIDASSAMLEngine engine) + @Deprecated + public void checkValidMetadataSignature(String url, ProtocolEngineI engine) throws SAMLEngineException { //Do nothing, because metadata signature is already validated during //metadata provider initialization @@ -102,7 +125,7 @@ public class MOAeIDASMetadataProviderDecorator implements MetadataProcessorI { /* (non-Javadoc) * @see eu.eidas.auth.engine.metadata.MetadataProcessorI#checkValidMetadataSignature(java.lang.String, java.security.KeyStore) */ - @Override + @Deprecated public void checkValidMetadataSignature(String url, KeyStore trustStore) throws SAMLEngineException { //Do nothing, because metadata signature is already validated during @@ -110,6 +133,7 @@ public class MOAeIDASMetadataProviderDecorator implements MetadataProcessorI { } + @Deprecated protected <T extends RoleDescriptor> T getFirstRoleDescriptor(EntityDescriptor entityDescriptor, final Class<T> clazz){ for(RoleDescriptor rd:entityDescriptor.getRoleDescriptors()){ if(clazz.isInstance(rd)){ @@ -119,4 +143,6 @@ public class MOAeIDASMetadataProviderDecorator implements MetadataProcessorI { return null; } + + } diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/engine/validation/MoaEidasConditionsValidator.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/engine/validation/MoaEidasConditionsValidator.java new file mode 100644 index 000000000..d9453322f --- /dev/null +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/engine/validation/MoaEidasConditionsValidator.java @@ -0,0 +1,83 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.eidas.engine.validation; + +import org.joda.time.DateTime; +import org.opensaml.saml2.core.Conditions; +import org.opensaml.saml2.core.validator.ConditionsSpecValidator; +import org.opensaml.xml.validation.ValidationException; + +import at.gv.egovernment.moa.id.auth.modules.eidas.Constants; +import at.gv.egovernment.moa.logging.Logger; + +/** + * @author tlenz + * + * MOA-ID specific eIDAS Response Condition validator + * + * This validator allows time jitter in 'notBefore' validation + * + */ + +public class MoaEidasConditionsValidator extends ConditionsSpecValidator { + + + + @Override + public void validate(Conditions conditions) throws ValidationException { + Logger.debug("conditions.getNotBefore() "+ conditions.getNotBefore()); + Logger.debug("conditions.getNotOnOrAfter() "+ conditions.getNotOnOrAfter()); + Logger.debug("dateTime.now() "+ DateTime.now()); + + super.validate(conditions); + + if (conditions.getNotBefore() == null) { + + throw new ValidationException("NotBefore is required."); + } + + if (conditions.getNotBefore().minusMillis(Constants.CONFIG_PROPS_SKEWTIME).isAfterNow()) { + throw new ValidationException("Current time is before NotBefore condition"); + } + + if (conditions.getNotOnOrAfter() == null) { + + throw new ValidationException("NotOnOrAfter is required."); + } + if (conditions.getNotOnOrAfter().isBeforeNow()) { + + throw new ValidationException("Current time is after NotOnOrAfter condition"); + } + + if (conditions.getAudienceRestrictions() == null || conditions.getAudienceRestrictions().isEmpty()) { + + throw new ValidationException("AudienceRestriction is required."); + } + + if (conditions.getOneTimeUse() == null) { + + throw new ValidationException("OneTimeUse is required."); + } + + } +} diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/exceptions/eIDASAuthnRequestProcessingException.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/exceptions/EIDASAuthnRequestProcessingException.java index c96af37ef..d51629d9e 100644 --- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/exceptions/eIDASAuthnRequestProcessingException.java +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/exceptions/EIDASAuthnRequestProcessingException.java @@ -30,7 +30,7 @@ import at.gv.egovernment.moa.util.MiscUtil; * @author tlenz * */ -public class eIDASAuthnRequestProcessingException extends eIDASException { +public class EIDASAuthnRequestProcessingException extends EIDASException { private String subStatusCode = null; @@ -43,20 +43,20 @@ public class eIDASAuthnRequestProcessingException extends eIDASException { * @param messageId * @param parameters */ - public eIDASAuthnRequestProcessingException(String messageId, Object[] parameters) { + public EIDASAuthnRequestProcessingException(String messageId, Object[] parameters) { super(messageId, parameters); } - public eIDASAuthnRequestProcessingException(String subStatusCode, String messageId, Object[] parameters) { + public EIDASAuthnRequestProcessingException(String subStatusCode, String messageId, Object[] parameters) { super(messageId, parameters); this.subStatusCode = subStatusCode; } - public eIDASAuthnRequestProcessingException(String messageId, Object[] parameters, Throwable e) { + public EIDASAuthnRequestProcessingException(String messageId, Object[] parameters, Throwable e) { super(messageId, parameters, e ); } - public eIDASAuthnRequestProcessingException(String subStatusCode, String messageId, Object[] parameters, Throwable e) { + public EIDASAuthnRequestProcessingException(String subStatusCode, String messageId, Object[] parameters, Throwable e) { super(messageId, parameters, e ); this.subStatusCode = subStatusCode; } diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/exceptions/eIDASAuthnRequestValidationException.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/exceptions/EIDASAuthnRequestValidationException.java index 2a15ee18a..a6da769b7 100644 --- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/exceptions/eIDASAuthnRequestValidationException.java +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/exceptions/EIDASAuthnRequestValidationException.java @@ -28,7 +28,7 @@ import org.opensaml.saml2.core.StatusCode; * @author tlenz * */ -public class eIDASAuthnRequestValidationException extends eIDASException { +public class EIDASAuthnRequestValidationException extends EIDASException { /** * @@ -39,7 +39,7 @@ public class eIDASAuthnRequestValidationException extends eIDASException { * @param messageId * @param parameters */ - public eIDASAuthnRequestValidationException(String messageId, Object[] parameters) { + public EIDASAuthnRequestValidationException(String messageId, Object[] parameters) { super(messageId, parameters); } diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/exceptions/EIDASEngineException.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/exceptions/EIDASEngineException.java index 234c4e038..8bf7f7452 100644 --- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/exceptions/EIDASEngineException.java +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/exceptions/EIDASEngineException.java @@ -28,7 +28,7 @@ import org.opensaml.saml2.core.StatusCode; * @author tlenz * */ -public class EIDASEngineException extends eIDASException { +public class EIDASEngineException extends EIDASException { /** * @param objects diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/exceptions/eIDASException.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/exceptions/EIDASException.java index f42004abc..e3d6c5a2e 100644 --- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/exceptions/eIDASException.java +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/exceptions/EIDASException.java @@ -28,7 +28,7 @@ import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; * @author tlenz * */ -public abstract class eIDASException extends MOAIDException { +public abstract class EIDASException extends MOAIDException { /** * @@ -44,7 +44,7 @@ public abstract class eIDASException extends MOAIDException { * @param messageId * @param parameters */ - public eIDASException(String messageId, Object[] parameters) { + public EIDASException(String messageId, Object[] parameters) { super(messageId, parameters); } @@ -52,7 +52,7 @@ public abstract class eIDASException extends MOAIDException { * @param messageId * @param parameters */ - public eIDASException(String messageId, Object[] parameters, Throwable e) { + public EIDASException(String messageId, Object[] parameters, Throwable e) { super(messageId, parameters, e); } diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/exceptions/eIDASResponseBuildException.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/exceptions/EIDASResponseBuildException.java index 0ffcf11ef..5e6b87b39 100644 --- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/exceptions/eIDASResponseBuildException.java +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/exceptions/EIDASResponseBuildException.java @@ -28,7 +28,7 @@ import org.opensaml.saml2.core.StatusCode; * @author tlenz * */ -public class eIDASResponseBuildException extends eIDASException { +public class EIDASResponseBuildException extends EIDASException { /** * @@ -39,11 +39,11 @@ public class eIDASResponseBuildException extends eIDASException { * @param messageId * @param parameters */ - public eIDASResponseBuildException(String messageId, Object[] parameters) { + public EIDASResponseBuildException(String messageId, Object[] parameters) { super(messageId, parameters); } - public eIDASResponseBuildException(String messageId, Object[] parameters, Throwable e) { + public EIDASResponseBuildException(String messageId, Object[] parameters, Throwable e) { super(messageId, parameters, e); } diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/exceptions/eIDASResponseNotSuccessException.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/exceptions/EIDASResponseNotSuccessException.java index d10ca1c88..460561eb3 100644 --- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/exceptions/eIDASResponseNotSuccessException.java +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/exceptions/EIDASResponseNotSuccessException.java @@ -28,14 +28,14 @@ import org.opensaml.saml2.core.StatusCode; * @author tlenz * */ -public class eIDASResponseNotSuccessException extends eIDASException { +public class EIDASResponseNotSuccessException extends EIDASException { /** * */ private static final long serialVersionUID = 6145402939313568907L; - public eIDASResponseNotSuccessException(String messageId, Object[] parameters) { + public EIDASResponseNotSuccessException(String messageId, Object[] parameters) { super(messageId, parameters); } @@ -44,7 +44,7 @@ public class eIDASResponseNotSuccessException extends eIDASException { * @param parameters * @param e */ - public eIDASResponseNotSuccessException(String messageId, Object[] parameters, Throwable e) { + public EIDASResponseNotSuccessException(String messageId, Object[] parameters, Throwable e) { super(messageId, parameters, e); } diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/exceptions/eIDASAttributeException.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/exceptions/eIDASAttributeException.java index b25895eca..17f0a9b72 100644 --- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/exceptions/eIDASAttributeException.java +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/exceptions/eIDASAttributeException.java @@ -28,7 +28,7 @@ import org.opensaml.saml2.core.StatusCode; * @author tlenz * */ -public class eIDASAttributeException extends eIDASException { +public class eIDASAttributeException extends EIDASException { private static final long serialVersionUID = 1L; diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/CreateIdentityLinkTask.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/CreateIdentityLinkTask.java index 5d7430dd7..cf3a13e32 100644 --- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/CreateIdentityLinkTask.java +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/CreateIdentityLinkTask.java @@ -28,18 +28,20 @@ import java.text.SimpleDateFormat; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import org.joda.time.DateTime; import org.springframework.stereotype.Component; import org.w3c.dom.Element; import org.w3c.dom.Node; import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants; import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionStorageConstants; -import at.gv.egovernment.moa.id.auth.data.IdentityLink; import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask; import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; import at.gv.egovernment.moa.id.auth.modules.eidas.Constants; import at.gv.egovernment.moa.id.auth.modules.eidas.exceptions.eIDASAttributeException; +import at.gv.egovernment.moa.id.auth.modules.eidas.utils.SAMLEngineUtils; import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser; +import at.gv.egovernment.moa.id.commons.api.data.IIdentityLink; import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; import at.gv.egovernment.moa.id.process.api.ExecutionContext; @@ -47,7 +49,7 @@ import at.gv.egovernment.moa.id.util.IdentityLinkReSigner; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.DOMUtils; import at.gv.egovernment.moa.util.XPathUtils; -import eu.eidas.auth.commons.IPersonalAttributeList; +import eu.eidas.auth.commons.attribute.ImmutableAttributeMap; /** * @author tlenz @@ -67,11 +69,11 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask { defaultTaskInitialization(request, executionContext); //get eIDAS attributes from MOA-Session - IPersonalAttributeList eIDASAttributes = moasession.getGenericDataFromSession( + ImmutableAttributeMap eIDASAttributes = moasession.getGenericDataFromSession( AuthenticationSessionStorageConstants.eIDAS_ATTRIBUTELIST, - IPersonalAttributeList.class); + ImmutableAttributeMap.class); - IdentityLink identityLink = null; + IIdentityLink identityLink = null; //connect SZR-Gateway //TODO: implement SZR-Gateway communication!!!! @@ -86,35 +88,51 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask { // replace data Element idlassertion = identityLink.getSamlAssertion(); - - // - set bpk/wpbk; + + // - set fake baseID; Node prIdentification = XPathUtils.selectSingleNode(idlassertion, IdentityLinkAssertionParser.PERSON_IDENT_VALUE_XPATH); - if(!eIDASAttributes.containsKey(Constants.eIDAS_ATTR_PERSONALIDENTIFIER)) - throw new eIDASAttributeException(Constants.eIDAS_ATTR_PERSONALIDENTIFIER); - String eIdentifier = eIDASAttributes.get(Constants.eIDAS_ATTR_PERSONALIDENTIFIER).getValue().get(0); - prIdentification.getFirstChild().setNodeValue(eIdentifier); + + + Object eIdentifier = eIDASAttributes.getFirstValue( + SAMLEngineUtils.getMapOfAllAvailableAttributes().get( + Constants.eIDAS_ATTR_PERSONALIDENTIFIER)); + if (eIdentifier == null || !(eIdentifier instanceof String)) + throw new eIDASAttributeException(Constants.eIDAS_ATTR_PERSONALIDENTIFIER); + prIdentification.getFirstChild().setNodeValue((String) eIdentifier); + + //build personal identifier which looks like a baseID +// String fakeBaseID = new BPKBuilder().buildBPK(eIdentifier, "baseID"); +// Logger.info("Map eIDAS eIdentifier:" + eIdentifier + " to fake baseID:" + fakeBaseID); +// prIdentification.getFirstChild().setNodeValue(fakeBaseID); // - set last name - Node prFamilyName = XPathUtils.selectSingleNode(idlassertion, IdentityLinkAssertionParser.PERSON_FAMILY_NAME_XPATH); - if(!eIDASAttributes.containsKey(Constants.eIDAS_ATTR_CURRENTFAMILYNAME)) + Node prFamilyName = XPathUtils.selectSingleNode(idlassertion, IdentityLinkAssertionParser.PERSON_FAMILY_NAME_XPATH); + Object familyName = eIDASAttributes.getFirstValue( + SAMLEngineUtils.getMapOfAllAvailableAttributes().get( + Constants.eIDAS_ATTR_CURRENTFAMILYNAME)); + if (familyName == null || !(familyName instanceof String)) throw new eIDASAttributeException(Constants.eIDAS_ATTR_CURRENTFAMILYNAME); - String familyName = eIDASAttributes.get(Constants.eIDAS_ATTR_CURRENTFAMILYNAME).getValue().get(0); - prFamilyName.getFirstChild().setNodeValue(familyName); + prFamilyName.getFirstChild().setNodeValue((String) familyName); // - set first name Node prGivenName = XPathUtils.selectSingleNode(idlassertion, IdentityLinkAssertionParser.PERSON_GIVEN_NAME_XPATH); - if(!eIDASAttributes.containsKey(Constants.eIDAS_ATTR_CURRENTGIVENNAME)) + Object givenName = eIDASAttributes.getFirstValue( + SAMLEngineUtils.getMapOfAllAvailableAttributes().get( + Constants.eIDAS_ATTR_CURRENTGIVENNAME)); + if (givenName == null || !(givenName instanceof String)) throw new eIDASAttributeException(Constants.eIDAS_ATTR_CURRENTGIVENNAME); - String givenName = eIDASAttributes.get(Constants.eIDAS_ATTR_CURRENTGIVENNAME).getValue().get(0); - prGivenName.getFirstChild().setNodeValue(givenName); + prGivenName.getFirstChild().setNodeValue((String) givenName); // - set date of birth - Node prDateOfBirth = XPathUtils.selectSingleNode(idlassertion, IdentityLinkAssertionParser.PERSON_DATE_OF_BIRTH_XPATH); - if(!eIDASAttributes.containsKey(Constants.eIDAS_ATTR_DATEOFBIRTH)) + Node prDateOfBirth = XPathUtils.selectSingleNode(idlassertion, IdentityLinkAssertionParser.PERSON_DATE_OF_BIRTH_XPATH); + Object dateOfBirth = eIDASAttributes.getFirstValue( + SAMLEngineUtils.getMapOfAllAvailableAttributes().get( + Constants.eIDAS_ATTR_DATEOFBIRTH)); + if (dateOfBirth == null || !(dateOfBirth instanceof DateTime)) throw new eIDASAttributeException(Constants.eIDAS_ATTR_DATEOFBIRTH); - String dateOfBirth = eIDASAttributes.get(Constants.eIDAS_ATTR_DATEOFBIRTH).getValue().get(0); - dateOfBirth = new SimpleDateFormat("yyyy-MM-dd").format(new SimpleDateFormat("yyyyMMdd").parse(dateOfBirth)); - prDateOfBirth.getFirstChild().setNodeValue(dateOfBirth); + + String formatedDateOfBirth = new SimpleDateFormat("yyyy-MM-dd").format(((DateTime)dateOfBirth).toDate()); + prDateOfBirth.getFirstChild().setNodeValue(formatedDateOfBirth); identityLink = new IdentityLinkAssertionParser(idlassertion).parseIdentityLink(); @@ -144,7 +162,7 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask { moasession.setBkuURL("Not applicable (eIDASAuthentication)"); //store MOA-session to database - authenticatedSessionStorage.storeSession(moasession); + requestStoreage.storePendingRequest(pendingReq); } catch (eIDASAttributeException e) { throw new TaskExecutionException(pendingReq, "Minimum required eIDAS attributeset not found.", e); diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/GenerateAuthnRequestTask.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/GenerateAuthnRequestTask.java index 84b0078b3..3522a16fd 100644 --- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/GenerateAuthnRequestTask.java +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/GenerateAuthnRequestTask.java @@ -23,7 +23,9 @@ package at.gv.egovernment.moa.id.auth.modules.eidas.tasks; import java.io.StringWriter; +import java.util.ArrayList; import java.util.Collection; +import java.util.List; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @@ -33,6 +35,11 @@ import org.apache.commons.lang3.StringUtils; import org.apache.velocity.Template; import org.apache.velocity.VelocityContext; import org.apache.velocity.app.VelocityEngine; +import org.opensaml.common.xml.SAMLConstants; +import org.opensaml.saml2.metadata.EntityDescriptor; +import org.opensaml.saml2.metadata.SingleSignOnService; +import org.opensaml.saml2.metadata.provider.MetadataProviderException; +import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Component; import com.google.common.net.MediaType; @@ -43,6 +50,7 @@ import at.gv.egovernment.moa.id.auth.frontend.velocity.VelocityProvider; import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask; import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; import at.gv.egovernment.moa.id.auth.modules.eidas.Constants; +import at.gv.egovernment.moa.id.auth.modules.eidas.engine.MOAeIDASChainingMetadataProvider; import at.gv.egovernment.moa.id.auth.modules.eidas.exceptions.EIDASEngineException; import at.gv.egovernment.moa.id.auth.modules.eidas.utils.SAMLEngineUtils; import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; @@ -52,15 +60,17 @@ import at.gv.egovernment.moa.id.commons.api.data.StorkAttribute; import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; import at.gv.egovernment.moa.id.process.api.ExecutionContext; import at.gv.egovernment.moa.logging.Logger; -import eu.eidas.auth.commons.EIDASAuthnRequest; -import eu.eidas.auth.commons.EIDASUtil; -import eu.eidas.auth.commons.EidasLoaCompareType; -import eu.eidas.auth.commons.EidasLoaLevels; -import eu.eidas.auth.commons.IPersonalAttributeList; -import eu.eidas.auth.commons.PersonalAttribute; -import eu.eidas.auth.commons.PersonalAttributeList; -import eu.eidas.auth.engine.EIDASSAMLEngine; -import eu.eidas.auth.engine.core.eidas.SPType; +import at.gv.egovernment.moa.util.MiscUtil; +import eu.eidas.auth.commons.EidasStringUtil; +import eu.eidas.auth.commons.attribute.AttributeDefinition; +import eu.eidas.auth.commons.attribute.AttributeDefinition.Builder; +import eu.eidas.auth.commons.attribute.ImmutableAttributeMap; +import eu.eidas.auth.commons.protocol.IRequestMessage; +import eu.eidas.auth.commons.protocol.eidas.LevelOfAssurance; +import eu.eidas.auth.commons.protocol.eidas.LevelOfAssuranceComparison; +import eu.eidas.auth.commons.protocol.eidas.SpType; +import eu.eidas.auth.commons.protocol.eidas.impl.EidasAuthenticationRequest; +import eu.eidas.auth.engine.ProtocolEngineI; import eu.eidas.engine.exceptions.EIDASSAMLEngineException; /** @@ -70,6 +80,8 @@ import eu.eidas.engine.exceptions.EIDASSAMLEngineException; @Component("GenerateAuthnRequestTask") public class GenerateAuthnRequestTask extends AbstractAuthServletTask { + @Autowired(required=true) MOAeIDASChainingMetadataProvider eIDASMetadataProvider; + /* (non-Javadoc) * @see at.gv.egovernment.moa.id.process.springweb.MoaIdTask#execute(at.gv.egovernment.moa.id.process.api.ExecutionContext, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) */ @@ -82,23 +94,61 @@ public class GenerateAuthnRequestTask extends AbstractAuthServletTask { //get service-provider configuration IOAAuthParameters oaConfig = pendingReq.getOnlineApplicationConfiguration(); - // get target country + // get target and validate citizen countryCode String citizenCountryCode = (String) executionContext.get(MOAIDAuthConstants.PARAM_CCC); if (StringUtils.isEmpty(citizenCountryCode)) { // illegal state; task should not have been executed without a selected country throw new AuthenticationException("eIDAS.03", new Object[] { "" }); + } - CPEPS cpeps = authConfig.getStorkConfig().getCPEPS(citizenCountryCode); if(null == cpeps) { Logger.error("PEPS unknown for country", new Object[] {citizenCountryCode}); throw new AuthenticationException("eIDAS.04", new Object[] {citizenCountryCode}); } Logger.debug("Found eIDaS Node/C-PEPS configuration for citizen of country: " + citizenCountryCode); - String destination = cpeps.getPepsURL().toString().split(";")[1].trim(); // FIXME convenience for metadata url and assertion destination + + + // select SingleSignOnService Endpoint from eIDAS-node metadata + String destination = null; String metadataUrl = cpeps.getPepsURL().toString().split(";")[0].trim(); + try { + EntityDescriptor eIDASNodeMetadata = eIDASMetadataProvider.getEntityDescriptor(metadataUrl); + if (eIDASNodeMetadata != null) { + SingleSignOnService ssoDescr = selectSingleSignOnServiceFromMetadata(eIDASNodeMetadata); + if (ssoDescr != null) { + destination = ssoDescr.getLocation(); + Logger.debug("Use destination URL:" + destination + " from eIDAS metadata:" + metadataUrl); + + } else + Logger.warn("eIDAS metadata for node:" + metadataUrl + " has no IDPSSODescriptor or no SingleSignOnService information."); + + } else + Logger.warn("No eIDAS metadata for node:" + metadataUrl + " "); + + } catch (MetadataProviderException e) { + Logger.warn("Load eIDAS metadata from node:" + metadataUrl + " FAILED with an error.", e); + + } + // load SingleSignOnService Endpoint from configuration, if Metadata contains no information + // FIXME convenience function for not standard conform metadata + if (MiscUtil.isEmpty(destination)) { + String[] splitString = cpeps.getPepsURL().toString().split(";"); + if (splitString.length > 1) + destination = cpeps.getPepsURL().toString().split(";")[1].trim(); + + if (MiscUtil.isNotEmpty(destination)) + Logger.debug("Use eIDAS node destination URL:" + destination + " from configuration"); + + else { + Logger.error("No eIDAS-node destination URL FOUND. Request eIDAS node not possible."); + throw new MOAIDException("eIDAS.02", new Object[]{"No eIDAS-node Destination-URL FOUND"}); + + } + + } //TODO: switch to entityID revisionsLogger.logEvent(oaConfig, pendingReq, @@ -109,50 +159,71 @@ public class GenerateAuthnRequestTask extends AbstractAuthServletTask { Collection<StorkAttribute> attributesFromConfig = oaConfig.getRequestedSTORKAttributes(); // - prepare attribute list - IPersonalAttributeList pAttList = new PersonalAttributeList(); - + ProtocolEngineI engine = SAMLEngineUtils.createSAMLEngine(eIDASMetadataProvider); + // - fill container - for (StorkAttribute current : attributesFromConfig) { - PersonalAttribute newAttribute = new PersonalAttribute(); - newAttribute.setName(current.getName()); - - boolean globallyMandatory = false; - for (StorkAttribute currentGlobalAttribute : authConfig.getStorkConfig().getStorkAttributes()) - if (current.getName().equals(currentGlobalAttribute.getName())) { - globallyMandatory = BooleanUtils.isTrue(currentGlobalAttribute.getMandatory()); - break; - } - - newAttribute.setIsRequired(current.getMandatory() || globallyMandatory); - pAttList.add(newAttribute); + List<AttributeDefinition<?>> reqAttrList = new ArrayList<AttributeDefinition<?>>(); + for (StorkAttribute current : attributesFromConfig) { + AttributeDefinition<?> newAttribute = SAMLEngineUtils.getMapOfAllAvailableAttributes().get(current.getName()); + + if (newAttribute == null) { + Logger.warn("eIDAS attribute with friendlyName:" + current.getName() + " is not supported."); + + } else { + boolean globallyMandatory = false; + for (StorkAttribute currentGlobalAttribute : authConfig.getStorkConfig().getStorkAttributes()) + if (current.getName().equals(currentGlobalAttribute.getName())) { + globallyMandatory = BooleanUtils.isTrue(currentGlobalAttribute.getMandatory()); + break; + } + + Builder<?> attrBuilder = AttributeDefinition.builder(newAttribute).required(current.getMandatory() || globallyMandatory); + reqAttrList.add(attrBuilder.build()); + + } } - - EIDASSAMLEngine engine = SAMLEngineUtils.createSAMLEngine(); - - //build eIDAS AuthnRequest - EIDASAuthnRequest authnRequest = new EIDASAuthnRequest(); - authnRequest.setProviderName(pendingReq.getAuthURL()); - authnRequest.setPersonalAttributeList(pAttList); - authnRequest.setIssuer(pendingReq.getAuthURL() + Constants.eIDAS_HTTP_ENDPOINT_METADATA); + //build requested attribute set + ImmutableAttributeMap reqAttrMap = new ImmutableAttributeMap.Builder().putAll(reqAttrList).build(); + + //build eIDAS AuthnRequest + EidasAuthenticationRequest.Builder authnRequestBuilder = new EidasAuthenticationRequest.Builder(); + + authnRequestBuilder.id(eu.eidas.auth.engine.xml.opensaml.SAMLEngineUtils.generateNCName()); + authnRequestBuilder.providerName(pendingReq.getAuthURL()); + String issur = pendingReq.getAuthURL() + Constants.eIDAS_HTTP_ENDPOINT_METADATA; + authnRequestBuilder.issuer(issur); + authnRequestBuilder.destination(destination); + + authnRequestBuilder.nameIdFormat(Constants.eIDAS_REQ_NAMEID_FORMAT); - authnRequest.setDestination(destination); - authnRequest.setEidasNameidFormat(EIDASAuthnRequest.NAMEID_FORMAT_UNSPECIFIED); - authnRequest.setEidasLoA(EidasLoaLevels.LOW.stringValue()); - authnRequest.setEidasLoACompareType(EidasLoaCompareType.MINIMUM.stringValue()); + //set minimum required eIDAS LoA from OA config + authnRequestBuilder.levelOfAssurance(LevelOfAssurance.fromString(oaConfig.getQaaLevel())); + authnRequestBuilder.levelOfAssuranceComparison(LevelOfAssuranceComparison.MINIMUM); //set correct SPType for this online application if (oaConfig.getBusinessService()) - authnRequest.setSPType("private"); + authnRequestBuilder.spType(SpType.PRIVATE); else - authnRequest.setSPType(SPType.DEFAULT_VALUE); - - engine.initRequestedAttributes(pAttList); - authnRequest = engine.generateEIDASAuthnRequest(authnRequest); + authnRequestBuilder.spType(SpType.PUBLIC); + + + //set service provider (eIDAS node) countryCode + authnRequestBuilder.serviceProviderCountryCode( + authConfig.getBasicMOAIDConfiguration(Constants.CONIG_PROPS_EIDAS_NODE_COUNTRYCODE, "AT")); + + //set citizen country code for foreign uses + authnRequestBuilder.citizenCountryCode(cpeps.getCountryCode()); + + //add requested attributes + authnRequestBuilder.requestedAttributes(reqAttrMap); + + + IRequestMessage authnRequest = engine.generateRequestMessage(authnRequestBuilder.build(), issur); //encode AuthnRequest - byte[] token = authnRequest.getTokenSaml(); - String SAMLRequest = EIDASUtil.encodeSAMLToken(token); + byte[] token = authnRequest.getMessageBytes(); + String SAMLRequest = EidasStringUtil.encodeToBase64(token); //send @@ -187,7 +258,7 @@ public class GenerateAuthnRequestTask extends AbstractAuthServletTask { revisionsLogger.logEvent(oaConfig, pendingReq, MOAIDEventConstants.AUTHPROCESS_PEPS_REQUESTED, - authnRequest.getSamlId()); + authnRequest.getRequest().getId()); } catch (Exception e) { Logger.error("Velocity general error: " + e.getMessage()); @@ -209,4 +280,28 @@ public class GenerateAuthnRequestTask extends AbstractAuthServletTask { } } + private SingleSignOnService selectSingleSignOnServiceFromMetadata(EntityDescriptor idpEntity) { + //select SingleSignOn Service endpoint from IDP metadata + SingleSignOnService endpoint = null; + if (idpEntity.getIDPSSODescriptor(SAMLConstants.SAML20P_NS) == null) { + return null; + + } + + for (SingleSignOnService sss : + idpEntity.getIDPSSODescriptor(SAMLConstants.SAML20P_NS).getSingleSignOnServices()) { + + // use POST binding as default if it exists + if (sss.getBinding().equals(SAMLConstants.SAML2_POST_BINDING_URI)) + endpoint = sss; + +// else if ( sss.getBinding().equals(SAMLConstants.SAML2_REDIRECT_BINDING_URI) +// && endpoint == null ) +// endpoint = sss; + + } + + return endpoint; + } + } diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/ReceiveAuthnResponseTask.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/ReceiveAuthnResponseTask.java index fae06031a..c4b2bfeae 100644 --- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/ReceiveAuthnResponseTask.java +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/ReceiveAuthnResponseTask.java @@ -4,6 +4,7 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.opensaml.saml2.core.StatusCode; +import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Component; import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants; @@ -11,9 +12,9 @@ import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionStorageConstants; import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask; import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; import at.gv.egovernment.moa.id.auth.modules.eidas.Constants; +import at.gv.egovernment.moa.id.auth.modules.eidas.engine.MOAeIDASChainingMetadataProvider; import at.gv.egovernment.moa.id.auth.modules.eidas.exceptions.EIDASEngineException; -import at.gv.egovernment.moa.id.auth.modules.eidas.exceptions.eIDASResponseNotSuccessException; -import at.gv.egovernment.moa.id.auth.modules.eidas.utils.MOAPersonalAttributeList; +import at.gv.egovernment.moa.id.auth.modules.eidas.exceptions.EIDASResponseNotSuccessException; import at.gv.egovernment.moa.id.auth.modules.eidas.utils.SAMLEngineUtils; import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; @@ -21,14 +22,17 @@ import at.gv.egovernment.moa.id.process.api.ExecutionContext; import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; -import eu.eidas.auth.commons.EIDASAuthnResponse; -import eu.eidas.auth.commons.EIDASUtil; -import eu.eidas.auth.engine.EIDASSAMLEngine; +import eu.eidas.auth.commons.EidasStringUtil; +import eu.eidas.auth.commons.protocol.IAuthenticationResponse; +import eu.eidas.auth.commons.protocol.eidas.LevelOfAssurance; +import eu.eidas.auth.engine.ProtocolEngineI; import eu.eidas.engine.exceptions.EIDASSAMLEngineException; @Component("ReceiveAuthnResponseTask") public class ReceiveAuthnResponseTask extends AbstractAuthServletTask { + @Autowired(required=true) MOAeIDASChainingMetadataProvider eIDASMetadataProvider; + @Override public void execute(ExecutionContext executionContext, HttpServletRequest request, HttpServletResponse response) throws TaskExecutionException { @@ -45,40 +49,59 @@ public class ReceiveAuthnResponseTask extends AbstractAuthServletTask { defaultTaskInitialization(request, executionContext); //decode SAML response - byte[] decSamlToken = EIDASUtil.decodeSAMLToken(base64SamlToken); + byte[] decSamlToken = EidasStringUtil.decodeBytesFromBase64(base64SamlToken); //get eIDAS SAML-engine - EIDASSAMLEngine engine = SAMLEngineUtils.createSAMLEngine(); - + ProtocolEngineI engine = SAMLEngineUtils.createSAMLEngine(eIDASMetadataProvider); + //validate SAML token - EIDASAuthnResponse samlResp = engine.validateEIDASAuthnResponse(decSamlToken, - request.getRemoteHost(), Constants.CONFIG_PROPS_SKEWTIME); - - boolean encryptedResponse=engine.isEncryptedSamlResponse(decSamlToken); - if (encryptedResponse) { + IAuthenticationResponse samlResp = engine.unmarshallResponseAndValidate(decSamlToken, + request.getRemoteHost(), + Constants.CONFIG_PROPS_SKEWTIME, + pendingReq.getAuthURL() + Constants.eIDAS_HTTP_ENDPOINT_METADATA); + + if (samlResp.isEncrypted()) { Logger.info("Received encrypted eIDAS SAML-Response."); //TODO: check if additional decryption operation is required } + //check response StatusCode if (!samlResp.getStatusCode().equals(StatusCode.SUCCESS_URI)) { Logger.info("Receice eIDAS Response with StatusCode:" + samlResp.getStatusCode() - + " Subcode:" + samlResp.getSubStatusCode() + " Msg:" + samlResp.getMessage()); - throw new eIDASResponseNotSuccessException("eIDAS.11", new Object[]{samlResp.getMessage()}); + + " Subcode:" + samlResp.getSubStatusCode() + " Msg:" + samlResp.getStatusMessage()); + throw new EIDASResponseNotSuccessException("eIDAS.11", new Object[]{samlResp.getStatusMessage()}); + + } + + // ********************************************************** + // ******* MOA-ID specific response validation ********** + // ********************************************************** + + //validate received LoA against minimum required LoA + LevelOfAssurance reqLoA = LevelOfAssurance.fromString(pendingReq.getOnlineApplicationConfiguration().getQaaLevel()); + LevelOfAssurance respLoA = LevelOfAssurance.fromString(samlResp.getLevelOfAssurance()); + if (respLoA.numericValue() < reqLoA.numericValue()) { + Logger.error("eIDAS Response LevelOfAssurance is lower than the required! " + + "(Resp-LoA:" + respLoA.getValue() + " Req-LoA:" + reqLoA.getValue() + ")"); + throw new MOAIDException("eIDAS.14", new Object[]{respLoA.getValue()}); } + - //MOA-ID specific response validation - //TODO: implement MOA-ID specific response validation + // ********************************************************** + // ******* Store resonse infos into session object ********** + // ********************************************************** //update MOA-Session data with received information Logger.debug("Store eIDAS response information into MOA-session."); - moasession.setQAALevel(samlResp.getAssuranceLevel()); + + moasession.setQAALevel(samlResp.getLevelOfAssurance()); moasession.setGenericDataToSession( AuthenticationSessionStorageConstants.eIDAS_ATTRIBUTELIST, - new MOAPersonalAttributeList(samlResp.getPersonalAttributeList())); + samlResp.getAttributes()); moasession.setGenericDataToSession( AuthenticationSessionStorageConstants.eIDAS_RESPONSE, @@ -88,17 +111,20 @@ public class ReceiveAuthnResponseTask extends AbstractAuthServletTask { moasession.setGenericDataToSession(PVPConstants.EID_ISSUING_NATION_NAME, samlResp.getCountry()); //store MOA-session to database - authenticatedSessionStorage.storeSession(moasession); + requestStoreage.storePendingRequest(pendingReq); revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(), pendingReq, MOAIDEventConstants.AUTHPROCESS_PEPS_RECEIVED, - samlResp.getSamlId()); + samlResp.getId()); + + } catch (MOAIDException e) { + throw new TaskExecutionException(pendingReq, "eIDAS Response processing FAILED.", e); }catch (EIDASSAMLEngineException e) { Logger.error("eIDAS AuthnRequest generation FAILED.", e); revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(), pendingReq, MOAIDEventConstants.AUTHPROCESS_PEPS_RECEIVED_ERROR); - throw new TaskExecutionException(pendingReq, "eIDAS AuthnRequest generation FAILED.", + throw new TaskExecutionException(pendingReq, "eIDAS Response processing FAILED.", new EIDASEngineException("eIDAS.09", new Object[]{e.getMessage()}, e)); } catch (MOADatabaseException e) { diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/MOAPersonalAttributeList.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/MOAPersonalAttributeList.java deleted file mode 100644 index 5cc100b70..000000000 --- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/MOAPersonalAttributeList.java +++ /dev/null @@ -1,343 +0,0 @@ -/* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ -package at.gv.egovernment.moa.id.auth.modules.eidas.utils; - -import java.io.IOException; -import java.io.ObjectInputStream; -import java.util.ArrayList; -import java.util.Collections; -import java.util.HashMap; -import java.util.Iterator; -import java.util.List; -import java.util.Map; -import java.util.StringTokenizer; -import java.util.concurrent.ConcurrentHashMap; - -import org.apache.commons.lang.StringUtils; - -import at.gv.egovernment.moa.logging.Logger; - -import eu.eidas.auth.commons.AttributeConstants; -import eu.eidas.auth.commons.AttributeUtil; -import eu.eidas.auth.commons.EIDASErrors; -import eu.eidas.auth.commons.EIDASParameters; -import eu.eidas.auth.commons.EIDASUtil; -import eu.eidas.auth.commons.EIDASValues; -import eu.eidas.auth.commons.IPersonalAttributeList; -import eu.eidas.auth.commons.PersonalAttribute; -import eu.eidas.auth.commons.exceptions.InternalErrorEIDASException; - -/** - * @author tlenz - * - */ -public final class MOAPersonalAttributeList extends - ConcurrentHashMap<String, PersonalAttribute> implements IPersonalAttributeList { - - /** - * - */ - private static final long serialVersionUID = -4488124133022713089L; - - public MOAPersonalAttributeList(IPersonalAttributeList eIDASAttributeList) { - super(); - Iterator<PersonalAttribute> element = eIDASAttributeList.iterator(); - while(element.hasNext()) - add(element.next()); - - } - - /** - * Hash with the latest fetched attribute name alias. - */ - private Map<String, Integer> latestAttrAlias = - new HashMap<String, Integer>(); - - /** - * Hash with mapping number of alias or the attribute name. - */ - private Map<String, Integer> attrAliasNumber = - new HashMap<String, Integer>(); - private List<String> insertOrder = new ArrayList<String>(); - - /** - * Obtain the insertOrder Collection - * - * @return defensive copy of the collection - */ - List<String> getInsertOrder() { - return Collections.unmodifiableList(this.insertOrder); - } - - /** - * Default constructor. - */ - public MOAPersonalAttributeList() { - super(); - - } - - /** - * Constructor with initial capacity for the PersonalAttributeList size. - * - * @param capacity The initial capacity for the PersonalAttributeList. - */ - public MOAPersonalAttributeList(final int capacity) { - super(capacity); - } - - /** - * {@inheritDoc} - */ - public Iterator<PersonalAttribute> iterator() { - return new MOAOrderedAttributeIterator(this); - } - - /** - * {@inheritDoc} - */ - public PersonalAttribute get(final Object key) { - String attrName = (String) key; - - if (this.latestAttrAlias == null) - this.latestAttrAlias = new HashMap<String, Integer>(); - - if (this.attrAliasNumber == null) - this.attrAliasNumber = new HashMap<String, Integer>(); - - if (this.latestAttrAlias.containsKey(key)) { - attrName = attrName + this.latestAttrAlias.get(key); - } else { - if (this.attrAliasNumber.containsKey(key)) { - this.latestAttrAlias.put(attrName, this.attrAliasNumber.get(key)); - } - } - return super.get(attrName); - } - - /** - * {@inheritDoc} - */ - public void add(final PersonalAttribute value) { - if (value != null) { - this.put(value.getName(), value); - } - } - - /** - * {@inheritDoc} - */ - public PersonalAttribute put(final String key, final PersonalAttribute val) { - if (StringUtils.isNotEmpty(key) && val != null) { - // Validate if attribute name already exists! - String attrAlias = key; - if (this.containsKey(attrAlias)) { - if (this.attrAliasNumber == null) - this.attrAliasNumber = new HashMap<String, Integer>(); - if (!val.isEmptyValue() && StringUtils.isNumeric(val.getValue().get(0))) { - final String attrValue = val.getValue().get(0); - attrAlias = key + attrValue; - this.attrAliasNumber.put(key, Integer.valueOf(attrValue)); - } else { - final PersonalAttribute attr = super.get(key); - if (!attr.isEmptyValue() - && StringUtils.isNumeric(attr.getValue().get(0))) { - attrAlias = key + attr.getValue().get(0); - super.put(key, (PersonalAttribute) attr); - this.attrAliasNumber.put(key, null); - } - } - } else { - if (insertOrder == null) - insertOrder = new ArrayList<String>(); - - insertOrder.add(key); - } - return super.put(attrAlias, val); - } else { - return null; - } - } - - @Override - public PersonalAttribute remove(Object key) { - insertOrder.remove(key); - return super.remove(key); - } - - /** - * {@inheritDoc} - */ - public void populate(final String attrList) { - final StringTokenizer strToken = - new StringTokenizer(attrList, EIDASValues.ATTRIBUTE_SEP.toString()); - - while (strToken.hasMoreTokens()) { - final PersonalAttribute persAttr = new PersonalAttribute(); - String[] tuples = - strToken.nextToken().split(EIDASValues.ATTRIBUTE_TUPLE_SEP.toString(), - AttributeConstants.NUMBER_TUPLES.intValue()); - - // Convert to the new format if needed! - tuples = convertFormat(tuples); - - if (AttributeUtil.hasValidTuples(tuples)) { - final int attrValueIndex = - AttributeConstants.ATTR_VALUE_INDEX.intValue(); - final String tmpAttrValue = - tuples[attrValueIndex].substring(1, - tuples[attrValueIndex].length() - 1); - final String[] vals = - tmpAttrValue.split(EIDASValues.ATTRIBUTE_VALUE_SEP.toString()); - - persAttr.setName(tuples[AttributeConstants.ATTR_NAME_INDEX.intValue()]); - persAttr.setIsRequired(Boolean - .valueOf(tuples[AttributeConstants.ATTR_TYPE_INDEX.intValue()])); - // check if it is a complex value - if (tuples[AttributeConstants.ATTR_NAME_INDEX.intValue()] - .equals(EIDASParameters.COMPLEX_ADDRESS_VALUE.toString())) { - persAttr.setComplexValue(createComplexValue(vals)); - } else { - persAttr.setValue(createValues(vals)); - } - - if (tuples.length == AttributeConstants.NUMBER_TUPLES.intValue()) { - persAttr.setStatus(tuples[AttributeConstants.ATTR_STATUS_INDEX - .intValue()]); - } - this.put(tuples[AttributeConstants.ATTR_NAME_INDEX.intValue()], - persAttr); - - } else { - Logger.info("BUSINESS EXCEPTION : Invalid personal attribute list tuples"); - } - - } - } - - /** - * Returns a copy of this <tt>IPersonalAttributeList</tt> instance. - * - * @return The copy of this IPersonalAttributeList. - */ - public Object clone() { - try { - MOAPersonalAttributeList theClone= (MOAPersonalAttributeList)super.clone(); - theClone.insertOrder=new ArrayList<String>(insertOrder); - return theClone; - - } catch (CloneNotSupportedException e) { - throw new InternalErrorEIDASException( - EIDASUtil.getConfig(EIDASErrors.INTERNAL_ERROR.errorCode()), - EIDASUtil.getConfig(EIDASErrors.INTERNAL_ERROR.errorMessage()), e); - } - } - - /** - * Creates a string in the following format. - * - * attrName:attrType:[attrValue1,attrValue2=attrComplexValue]:attrStatus; - * - * @return {@inheritDoc} - */ - @Override - public String toString() { - final StringBuilder strBuilder = new StringBuilder(); - final Iterator<String> iteratorInsertOrder = insertOrder.iterator(); - while (iteratorInsertOrder.hasNext()) { - String key = iteratorInsertOrder.next(); - final PersonalAttribute attr = get(key); - strBuilder.append(attr.toString()); - if (isNumberAlias(key)) { - strBuilder.append(get(key).toString()); - } - } - return strBuilder.toString(); - } - - /** - * Validates and creates the attribute's complex values. - * - * @param values The complex values. - * @return The {@link Map} with the complex values. - * @see Map - */ - private Map<String, String> createComplexValue(final String[] values) { - final Map<String, String> complexValue = new HashMap<String, String>(); - for (final String val : values) { - final String[] tVal = val.split("="); - if (StringUtils.isNotEmpty(val) && tVal.length == 2) { - complexValue.put(tVal[0], AttributeUtil.unescape(tVal[1])); - } - } - return complexValue; - } - - /** - * Validates and creates the attribute values. - * - * @param vals The attribute values. - * @return The {@link List} with the attribute values. - * @see List - */ - private List<String> createValues(final String[] vals) { - final List<String> values = new ArrayList<String>(); - for (final String val : vals) { - if (StringUtils.isNotEmpty(val)) { - values.add(AttributeUtil.unescape(val)); - } - } - return values; - } - - ////////////////// - /** - * Converts the attribute tuple (attrName:attrType...) to the new format. - * - * @param tuples The attribute tuples to convert. - * @return The attribute tuples in the new format. - */ - private String[] convertFormat(final String[] tuples) { - final String[] newFormatTuples = - new String[AttributeConstants.NUMBER_TUPLES.intValue()]; - if (tuples != null) { - System.arraycopy(tuples, 0, newFormatTuples, 0, tuples.length); - - for (int i = tuples.length; i < newFormatTuples.length; i++) { - if (i == AttributeConstants.ATTR_VALUE_INDEX.intValue()) { - newFormatTuples[i] = "[]"; - } else { - newFormatTuples[i] = ""; - } - } - } - return newFormatTuples; - } - - public boolean isNumberAlias(String key) { - return this.attrAliasNumber.containsKey(key); - } - - - -} diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/MOAProtocolEngineFactory.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/MOAProtocolEngineFactory.java new file mode 100644 index 000000000..f29d2bb65 --- /dev/null +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/MOAProtocolEngineFactory.java @@ -0,0 +1,99 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.eidas.utils; + +import at.gv.egovernment.moa.id.auth.modules.eidas.config.MOAIDCertificateManagerConfigurationImpl; +import at.gv.egovernment.moa.logging.Logger; +import eu.eidas.auth.engine.ProtocolEngineFactory; +import eu.eidas.auth.engine.configuration.SamlEngineConfigurationException; +import eu.eidas.auth.engine.configuration.dom.ProtocolEngineConfigurationFactory; +import eu.eidas.samlengineconfig.CertificateConfigurationManager; + +/** + * @author tlenz + * + */ +public class MOAProtocolEngineFactory extends ProtocolEngineFactory { + + /** + * Initialization-on-demand holder idiom. + * <p/> + * See item 71 of Effective Java 2nd Edition. + * <p/> + * See http://en.wikipedia.org/wiki/Initialization-on-demand_holder_idiom. + */ + private static final class LazyHolder { + + private static final MOAProtocolEngineFactory DEFAULT_SAML_ENGINE_FACTORY; + + private static final Exception INITIALIZATION_EXCEPTION; + + static { + Exception initializationException = null; + MOAProtocolEngineFactory defaultProtocolEngineFactory = null; + try { + //get eIDAS SAMLengine configuration from MOA-ID configuration + CertificateConfigurationManager configManager = new MOAIDCertificateManagerConfigurationImpl(); + + ProtocolEngineConfigurationFactory engineConfigurationFactory = new ProtocolEngineConfigurationFactory(configManager); + defaultProtocolEngineFactory = new MOAProtocolEngineFactory(engineConfigurationFactory); + + } catch (Exception ex) { + initializationException = ex; + Logger.error("Unable to instantiate default SAML engines: " + ex, ex); + + } + + DEFAULT_SAML_ENGINE_FACTORY = defaultProtocolEngineFactory; + INITIALIZATION_EXCEPTION = initializationException; + } + + static MOAProtocolEngineFactory getDefaultSamlEngineFactory() { + if (null == INITIALIZATION_EXCEPTION) { + return DEFAULT_SAML_ENGINE_FACTORY; + + } else { + throw new IllegalStateException(INITIALIZATION_EXCEPTION); + + } + } + } + + + public static MOAProtocolEngineFactory getInstance() { + return LazyHolder.getDefaultSamlEngineFactory(); + + } + + /** + * @param configurationFactory + * @throws SamlEngineConfigurationException + */ + private MOAProtocolEngineFactory(ProtocolEngineConfigurationFactory configurationFactory) + throws SamlEngineConfigurationException { + super(configurationFactory); + + } + + +} diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/MOAeIDASMetadataGenerator.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/MOAeIDASMetadataGenerator.java new file mode 100644 index 000000000..09c3dff38 --- /dev/null +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/MOAeIDASMetadataGenerator.java @@ -0,0 +1,621 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.eidas.utils; + +import java.security.cert.X509Certificate; +import java.util.ArrayList; +import java.util.HashMap; +import java.util.HashSet; +import java.util.List; +import java.util.Set; + +import org.apache.commons.lang.StringUtils; +import org.joda.time.DateTime; +import org.joda.time.DurationFieldType; +import org.opensaml.Configuration; +import org.opensaml.common.xml.SAMLConstants; +import org.opensaml.saml2.common.Extensions; +import org.opensaml.saml2.core.Attribute; +import org.opensaml.saml2.core.AttributeValue; +import org.opensaml.saml2.metadata.AssertionConsumerService; +import org.opensaml.saml2.metadata.Company; +import org.opensaml.saml2.metadata.ContactPerson; +import org.opensaml.saml2.metadata.ContactPersonTypeEnumeration; +import org.opensaml.saml2.metadata.EmailAddress; +import org.opensaml.saml2.metadata.EncryptionMethod; +import org.opensaml.saml2.metadata.EntitiesDescriptor; +import org.opensaml.saml2.metadata.EntityDescriptor; +import org.opensaml.saml2.metadata.GivenName; +import org.opensaml.saml2.metadata.IDPSSODescriptor; +import org.opensaml.saml2.metadata.KeyDescriptor; +import org.opensaml.saml2.metadata.LocalizedString; +import org.opensaml.saml2.metadata.NameIDFormat; +import org.opensaml.saml2.metadata.Organization; +import org.opensaml.saml2.metadata.OrganizationDisplayName; +import org.opensaml.saml2.metadata.OrganizationURL; +import org.opensaml.saml2.metadata.SPSSODescriptor; +import org.opensaml.saml2.metadata.SSODescriptor; +import org.opensaml.saml2.metadata.SingleSignOnService; +import org.opensaml.saml2.metadata.SurName; +import org.opensaml.saml2.metadata.TelephoneNumber; +import org.opensaml.samlext.saml2mdattr.EntityAttributes; +import org.opensaml.xml.XMLObject; +import org.opensaml.xml.XMLObjectBuilderFactory; +import org.opensaml.xml.schema.XSString; +import org.opensaml.xml.schema.impl.XSStringBuilder; +import org.opensaml.xml.security.SecurityException; +import org.opensaml.xml.security.credential.Credential; +import org.opensaml.xml.security.credential.UsageType; +import org.opensaml.xml.security.keyinfo.KeyInfoGenerator; +import org.opensaml.xml.security.x509.X509KeyInfoGeneratorFactory; +import org.opensaml.xml.signature.KeyInfo; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import com.google.common.collect.ImmutableSortedSet; +import com.google.common.collect.Ordering; + +import at.gv.egovernment.moa.id.auth.modules.eidas.Constants; +import eu.eidas.auth.commons.EIDASUtil; +import eu.eidas.auth.commons.EidasStringUtil; +import eu.eidas.auth.commons.attribute.AttributeDefinition; +import eu.eidas.auth.commons.protocol.impl.SamlNameIdFormat; +import eu.eidas.auth.commons.xml.opensaml.OpenSamlHelper; +import eu.eidas.auth.engine.ProtocolEngineI; +import eu.eidas.auth.engine.core.SAMLExtensionFormat; +import eu.eidas.auth.engine.core.eidas.DigestMethod; +import eu.eidas.auth.engine.core.eidas.EidasConstants; +import eu.eidas.auth.engine.core.eidas.SPType; +import eu.eidas.auth.engine.core.eidas.SigningMethod; +import eu.eidas.auth.engine.metadata.Contact; +import eu.eidas.auth.engine.metadata.EntityDescriptorContainer; +import eu.eidas.auth.engine.metadata.MetadataConfigParams; +import eu.eidas.auth.engine.metadata.MetadataGenerator; +import eu.eidas.auth.engine.metadata.MetadataSignerI; +import eu.eidas.auth.engine.xml.opensaml.BuilderFactoryUtil; +import eu.eidas.auth.engine.xml.opensaml.CertificateUtil; +import eu.eidas.encryption.exception.UnmarshallException; +import eu.eidas.engine.exceptions.EIDASSAMLEngineException; +import eu.eidas.engine.exceptions.SAMLEngineException; + +/** + * @author tlenz + * + */ +public class MOAeIDASMetadataGenerator extends MetadataGenerator { + private static final Logger LOGGER = LoggerFactory.getLogger(MetadataGenerator.class.getName()); + + MetadataConfigParams params; + + XMLObjectBuilderFactory builderFactory = Configuration.getBuilderFactory(); + + SPSSODescriptor spSSODescriptor = null; + + IDPSSODescriptor idpSSODescriptor = null; + + private String ssoLocation; + + /** + * @return a String representation of the entityDescriptr built based on the attributes previously set + */ + public String generateMetadata() throws EIDASSAMLEngineException { + EntityDescriptor entityDescriptor; + try { + entityDescriptor = (EntityDescriptor) builderFactory.getBuilder(EntityDescriptor.DEFAULT_ELEMENT_NAME) + .buildObject(EntityDescriptor.DEFAULT_ELEMENT_NAME); + + entityDescriptor.setEntityID(params.getEntityID()); + entityDescriptor.setOrganization(buildOrganization()); + entityDescriptor.getContactPersons().add(buildContact(ContactPersonTypeEnumeration.SUPPORT)); + entityDescriptor.getContactPersons().add(buildContact(ContactPersonTypeEnumeration.TECHNICAL)); + entityDescriptor.setValidUntil(getExpireDate()); + + X509KeyInfoGeneratorFactory keyInfoGeneratorFactory = new X509KeyInfoGeneratorFactory(); + keyInfoGeneratorFactory.setEmitEntityCertificate(true); + Extensions e = generateExtensions(); + if (!e.getUnknownXMLObjects().isEmpty()) { + entityDescriptor.setExtensions(e); + } + if (spSSODescriptor != null) { + generateSPSSODescriptor(entityDescriptor, keyInfoGeneratorFactory); + } + if (idpSSODescriptor != null) { + generateIDPSSODescriptor(entityDescriptor, keyInfoGeneratorFactory); + } + if (params.getSpEngine() != null) { + ProtocolEngineI spEngine = params.getSpEngine(); + ((MetadataSignerI) spEngine.getSigner()).signMetadata(entityDescriptor); + } else if (params.getIdpEngine() != null) { + ProtocolEngineI idpEngine = params.getIdpEngine(); + ((MetadataSignerI) idpEngine.getSigner()).signMetadata(entityDescriptor); + } + return EidasStringUtil.toString(OpenSamlHelper.marshall(entityDescriptor, false)); + } catch (Exception ex) { + LOGGER.info("ERROR : SAMLException ", ex.getMessage()); + LOGGER.debug("ERROR : SAMLException ", ex); + throw new IllegalStateException(ex); + } + } + + private void generateSPSSODescriptor(final EntityDescriptor entityDescriptor, + final X509KeyInfoGeneratorFactory keyInfoGeneratorFactory) + throws org.opensaml.xml.security.SecurityException, IllegalAccessException, NoSuchFieldException, + SAMLEngineException, EIDASSAMLEngineException { + //the node has SP role + spSSODescriptor.setWantAssertionsSigned(params.isWantAssertionsSigned()); + spSSODescriptor.setAuthnRequestsSigned(true); + spSSODescriptor.setID(idpSSODescriptor == null ? params.getEntityID() + : ("SP" + params.getEntityID())); + if (params.getSPSignature() != null) { + spSSODescriptor.setSignature(params.getSPSignature()); + } + if (params.getSpSigningCredential() != null) { + spSSODescriptor.getKeyDescriptors() + .add(getKeyDescriptor(keyInfoGeneratorFactory, params.getSpSigningCredential(), UsageType.SIGNING)); + + } else if (params.getSigningCredential() != null) { + spSSODescriptor.getKeyDescriptors() + .add(getKeyDescriptor(keyInfoGeneratorFactory, params.getSigningCredential(), UsageType.SIGNING)); + } + + if (params.getSpEncryptionCredential() != null) { + spSSODescriptor.getKeyDescriptors() + .add(getKeyDescriptor(keyInfoGeneratorFactory, params.getSpEncryptionCredential(), + UsageType.ENCRYPTION)); + } else if (params.getEncryptionCredential() != null) { + spSSODescriptor.getKeyDescriptors() + .add(getKeyDescriptor(keyInfoGeneratorFactory, params.getEncryptionCredential(), UsageType.ENCRYPTION)); + } + spSSODescriptor.addSupportedProtocol(params.getSpSamlProtocol()); + if (!StringUtils.isEmpty(params.getAssertionConsumerUrl())) { + addAssertionConsumerService(); + } + fillNameIDFormat(spSSODescriptor); + if (params.getSpEngine() != null) { + ProtocolEngineI spEngine = params.getSpEngine(); + ((MetadataSignerI) spEngine.getSigner()).signMetadata(spSSODescriptor); + } + entityDescriptor.getRoleDescriptors().add(spSSODescriptor); + + } + + private void fillNameIDFormat(SSODescriptor ssoDescriptor) throws EIDASSAMLEngineException { + NameIDFormat persistentFormat = + (NameIDFormat) BuilderFactoryUtil.buildXmlObject(NameIDFormat.DEFAULT_ELEMENT_NAME); + persistentFormat.setFormat(SamlNameIdFormat.PERSISTENT.getNameIdFormat()); + ssoDescriptor.getNameIDFormats().add(persistentFormat); + NameIDFormat transientFormat = + (NameIDFormat) BuilderFactoryUtil.buildXmlObject(NameIDFormat.DEFAULT_ELEMENT_NAME); + transientFormat.setFormat(SamlNameIdFormat.TRANSIENT.getNameIdFormat()); + ssoDescriptor.getNameIDFormats().add(transientFormat); + NameIDFormat unspecifiedFormat = + (NameIDFormat) BuilderFactoryUtil.buildXmlObject(NameIDFormat.DEFAULT_ELEMENT_NAME); + unspecifiedFormat.setFormat(SamlNameIdFormat.UNSPECIFIED.getNameIdFormat()); + ssoDescriptor.getNameIDFormats().add(unspecifiedFormat); + } + + private void generateIDPSSODescriptor(final EntityDescriptor entityDescriptor, + final X509KeyInfoGeneratorFactory keyInfoGeneratorFactory) + throws org.opensaml.xml.security.SecurityException, IllegalAccessException, NoSuchFieldException, + SAMLEngineException, EIDASSAMLEngineException { + //the node has IDP role + idpSSODescriptor.setWantAuthnRequestsSigned(true); + idpSSODescriptor.setID(spSSODescriptor == null ? params.getEntityID() + : ("IDP" + params.getEntityID())); + if (params.getIDPSignature() != null) { + idpSSODescriptor.setSignature(params.getIDPSignature()); + } + if (params.getIdpSigningCredential() != null) { + idpSSODescriptor.getKeyDescriptors() + .add(getKeyDescriptor(keyInfoGeneratorFactory, params.getIdpSigningCredential(), UsageType.SIGNING)); + } else if (params.getSigningCredential() != null) { + idpSSODescriptor.getKeyDescriptors() + .add(getKeyDescriptor(keyInfoGeneratorFactory, params.getSigningCredential(), UsageType.SIGNING)); + } + if (params.getIdpEncryptionCredential() != null) { + idpSSODescriptor.getKeyDescriptors() + .add(getKeyDescriptor(keyInfoGeneratorFactory, params.getIdpEncryptionCredential(), + UsageType.ENCRYPTION)); + } else if (params.getEncryptionCredential() != null) { + idpSSODescriptor.getKeyDescriptors() + .add(getKeyDescriptor(keyInfoGeneratorFactory, params.getEncryptionCredential(), UsageType.ENCRYPTION)); + } + idpSSODescriptor.addSupportedProtocol(params.getIdpSamlProtocol()); + fillNameIDFormat(idpSSODescriptor); + if (params.getIdpEngine() != null) { + if (params.getIdpEngine().getProtocolProcessor() != null + && params.getIdpEngine().getProtocolProcessor().getFormat() == SAMLExtensionFormat.EIDAS10) { + + /*TODO: Only a work-around to add eIDAS attributes, which could be provided from MOA-ID, to IDP metadata + * If we restrict the eIDAS Engine attribute definitions then also additional incoming attributes can not processed any more. + * + * INFO: Maybe, this code can be removed in a future version of the eIDAS engine + */ + generateSupportedAttributes(idpSSODescriptor, getAllSupportedAttributes()); + } + ProtocolEngineI idpEngine = params.getIdpEngine(); + ((MetadataSignerI) idpEngine.getSigner()).signMetadata(idpSSODescriptor); + } + + idpSSODescriptor.getSingleSignOnServices().addAll(buildSingleSignOnServicesBindingLocations()); + + entityDescriptor.getRoleDescriptors().add(idpSSODescriptor); + + } + + /*TODO: Only a work-around to add eIDAS attributes, which could be provided from MOA-ID, to IDP metadata + * If we restrict the eIDAS Engine attribute definitions then also additional incoming attributes can not processed any more. + */ + public ImmutableSortedSet<AttributeDefinition<?>> getAllSupportedAttributes() { + ImmutableSortedSet.Builder<AttributeDefinition<?>> builder = + new ImmutableSortedSet.Builder<>(Ordering.<AttributeDefinition<?>>natural()); + builder.addAll(Constants.MOA_IDP_ATTR_REGISTRY.getAttributes()); + return builder.build(); + } + + private ArrayList<SingleSignOnService> buildSingleSignOnServicesBindingLocations() + throws NoSuchFieldException, IllegalAccessException { + ArrayList<SingleSignOnService> singleSignOnServices = new ArrayList<SingleSignOnService>(); + + HashMap<String, String> bindingLocations = params.getProtocolBindingLocation(); + for (String binding : bindingLocations.keySet()) { + SingleSignOnService ssos = BuilderFactoryUtil.buildXmlObject(SingleSignOnService.class); + ssos.setBinding(binding); + ssos.setLocation(bindingLocations.get(binding)); + singleSignOnServices.add(ssos); + } + + return singleSignOnServices; + } + + /** + * @param metadata + * @return an EntityDescriptor parsed from the given String or null + */ + // TODO (commented by donydgr) Move to a eu.eidas.auth.engine.metadata.MetadataUtil ? Throw an exception if the metadata is invalid instead of returning null ? + public static EntityDescriptorContainer deserializeEntityDescriptor(String metadata) { + EntityDescriptorContainer result = new EntityDescriptorContainer(); + try { + byte[] metaDataBytes = EidasStringUtil.getBytes(metadata); + XMLObject obj = OpenSamlHelper.unmarshall(metaDataBytes); + if (obj instanceof EntityDescriptor) { + result.addEntityDescriptor((EntityDescriptor) obj, metaDataBytes); + } else if (obj instanceof EntitiesDescriptor) { + EntitiesDescriptor ed = (EntitiesDescriptor) obj; + result.setEntitiesDescriptor(ed); + result.getEntityDescriptors().addAll(((EntitiesDescriptor) obj).getEntityDescriptors()); + result.setSerializedEntitesDescriptor(metaDataBytes); + } + } catch (UnmarshallException ue) { + LOGGER.info("ERROR : unmarshalling error", ue.getMessage()); + LOGGER.debug("ERROR : unmarshalling error", ue); + } + return result; + } + + private KeyDescriptor getKeyDescriptor(X509KeyInfoGeneratorFactory keyInfoGeneratorFactory, + Credential credential, + UsageType usage) + throws NoSuchFieldException, IllegalAccessException, SecurityException, EIDASSAMLEngineException { + KeyDescriptor keyDescriptor = null; + if (credential != null) { + keyDescriptor = BuilderFactoryUtil.buildXmlObject(KeyDescriptor.class); + KeyInfoGenerator keyInfoGenerator = keyInfoGeneratorFactory.newInstance(); + + KeyInfo keyInfo = keyInfoGenerator.generate(credential); + keyDescriptor.setUse(usage); + keyDescriptor.setKeyInfo(keyInfo); + if (usage == UsageType.ENCRYPTION && params.getEncryptionAlgorithms() != null) { + Set<String> encryptionAlgos = EIDASUtil.parseSemicolonSeparatedList(params.getEncryptionAlgorithms()); + for (String encryptionAlgo : encryptionAlgos) { + EncryptionMethod em = + (EncryptionMethod) BuilderFactoryUtil.buildXmlObject(EncryptionMethod.DEFAULT_ELEMENT_NAME); + em.setAlgorithm(encryptionAlgo); + keyDescriptor.getEncryptionMethods().add(em); + } + } + + } + return keyDescriptor; + } + + private Organization buildOrganization() { + Organization organization = null; + try { + organization = BuilderFactoryUtil.buildXmlObject(Organization.class); + OrganizationDisplayName odn = BuilderFactoryUtil.buildXmlObject(OrganizationDisplayName.class); + odn.setName(new LocalizedString(params.getCountryName(), "en")); + organization.getDisplayNames().add(odn); + OrganizationURL url = BuilderFactoryUtil.buildXmlObject(OrganizationURL.class); + url.setURL(new LocalizedString(params.getNodeUrl(), "en")); + organization.getURLs().add(url); + } catch (IllegalAccessException iae) { + LOGGER.info("ERROR : error generating the Organization: {}", iae.getMessage()); + LOGGER.debug("ERROR : error generating the Organization: {}", iae); + } catch (NoSuchFieldException nfe) { + LOGGER.info("ERROR : error generating the Organization: {}", nfe.getMessage()); + LOGGER.debug("ERROR : error generating the Organization: {}", nfe); + } + return organization; + } + + private ContactPerson buildContact(ContactPersonTypeEnumeration contactType) { + ContactPerson contact = null; + try { + Contact currentContact = null; + if (contactType == ContactPersonTypeEnumeration.SUPPORT) { + currentContact = params.getSupportContact(); + } else if (contactType == ContactPersonTypeEnumeration.TECHNICAL) { + currentContact = params.getTechnicalContact(); + } else { + LOGGER.error("ERROR: unsupported contact type"); + } + contact = BuilderFactoryUtil.buildXmlObject(ContactPerson.class); + if (currentContact == null) { + LOGGER.error("ERROR: cannot retrieve contact from the configuration"); + return contact; + } + + EmailAddress emailAddressObj = BuilderFactoryUtil.buildXmlObject(EmailAddress.class); + Company company = BuilderFactoryUtil.buildXmlObject(Company.class); + GivenName givenName = BuilderFactoryUtil.buildXmlObject(GivenName.class); + SurName surName = BuilderFactoryUtil.buildXmlObject(SurName.class); + TelephoneNumber phoneNumber = BuilderFactoryUtil.buildXmlObject(TelephoneNumber.class); + contact.setType(contactType); + emailAddressObj.setAddress(currentContact.getEmail()); + company.setName(currentContact.getCompany()); + givenName.setName(currentContact.getGivenName()); + surName.setName(currentContact.getSurName()); + phoneNumber.setNumber(currentContact.getPhone()); + + populateContact(contact, currentContact, emailAddressObj, company, givenName, surName, phoneNumber); + + } catch (IllegalAccessException iae) { + LOGGER.info("ERROR : error generating the Organization: {}", iae.getMessage()); + LOGGER.debug("ERROR : error generating the Organization: {}", iae); + } catch (NoSuchFieldException nfe) { + LOGGER.info("ERROR : error generating the Organization: {}", nfe.getMessage()); + LOGGER.debug("ERROR : error generating the Organization: {}", nfe); + } + return contact; + } + + private void populateContact(ContactPerson contact, + Contact currentContact, + EmailAddress emailAddressObj, + Company company, + GivenName givenName, + SurName surName, + TelephoneNumber phoneNumber) { + if (!StringUtils.isEmpty(currentContact.getEmail())) { + contact.getEmailAddresses().add(emailAddressObj); + } + if (!StringUtils.isEmpty(currentContact.getCompany())) { + contact.setCompany(company); + } + if (!StringUtils.isEmpty(currentContact.getGivenName())) { + contact.setGivenName(givenName); + } + if (!StringUtils.isEmpty(currentContact.getSurName())) { + contact.setSurName(surName); + } + if (!StringUtils.isEmpty(currentContact.getPhone())) { + contact.getTelephoneNumbers().add(phoneNumber); + } + + } + + /** + * @param engine a EIDASSamlEngine from which signing and encryption information is extracted + */ + + public void initialize(ProtocolEngineI engine) throws EIDASSAMLEngineException { + + X509Certificate decryptionCertificate = engine.getDecryptionCertificate(); + if (null != decryptionCertificate) { + params.setEncryptionCredential(CertificateUtil.toCredential(decryptionCertificate)); + } + params.setSigningCredential(CertificateUtil.toCredential(engine.getSigningCertificate())); + params.setIdpEngine(engine); + params.setSpEngine(engine); + } + + /** + * @param spEngine a EIDASSamlEngine for the + */ + + public void initialize(ProtocolEngineI spEngine, ProtocolEngineI idpEngine) throws EIDASSAMLEngineException { + if (idpEngine != null) { + idpEngine.getProtocolProcessor().configure(); + params.setIdpSigningCredential(CertificateUtil.toCredential(idpEngine.getSigningCertificate())); + + final X509Certificate idpEngineDecryptionCertificate = idpEngine.getDecryptionCertificate(); + if (idpEngineDecryptionCertificate != null) { + params.setIdpEncryptionCredential(CertificateUtil.toCredential(idpEngineDecryptionCertificate)); + } + + } + if (spEngine != null) { + spEngine.getProtocolProcessor().configure(); + params.setSpSigningCredential(CertificateUtil.toCredential(spEngine.getSigningCertificate())); + + final X509Certificate spEngineDecryptionCertificate = spEngine.getDecryptionCertificate(); + if (spEngineDecryptionCertificate != null) { + params.setSpEncryptionCredential(CertificateUtil.toCredential(spEngineDecryptionCertificate)); + } + } + + params.setIdpEngine(idpEngine); + params.setSpEngine(spEngine); + } + + public void addSPRole() throws EIDASSAMLEngineException { + try { + if (spSSODescriptor == null) { + spSSODescriptor = BuilderFactoryUtil.buildXmlObject(SPSSODescriptor.class); + } + } catch (IllegalAccessException iae) { + throw new EIDASSAMLEngineException(iae); + } catch (NoSuchFieldException nsfe) { + throw new EIDASSAMLEngineException(nsfe); + } + } + + public void addIDPRole() throws EIDASSAMLEngineException { + try { + if (idpSSODescriptor == null) { + idpSSODescriptor = BuilderFactoryUtil.buildXmlObject(IDPSSODescriptor.class); + } + } catch (IllegalAccessException iae) { + throw new EIDASSAMLEngineException(iae); + } catch (NoSuchFieldException nsfe) { + throw new EIDASSAMLEngineException(nsfe); + } + } + + private void generateDigest(Extensions eidasExtensions) throws EIDASSAMLEngineException { + if (!StringUtils.isEmpty(params.getDigestMethods())) { + Set<String> signatureMethods = EIDASUtil.parseSemicolonSeparatedList(params.getDigestMethods()); + Set<String> digestMethods = new HashSet<String>(); + for (String signatureMethod : signatureMethods) { + digestMethods.add(CertificateUtil.validateDigestAlgorithm(signatureMethod)); + } + for (String digestMethod : digestMethods) { + final DigestMethod dm = (DigestMethod) BuilderFactoryUtil.buildXmlObject(DigestMethod.DEF_ELEMENT_NAME); + if (dm != null) { + dm.setAlgorithm(digestMethod); + eidasExtensions.getUnknownXMLObjects().add(dm); + } else { + LOGGER.info("BUSINESS EXCEPTION error adding DigestMethod extension"); + } + } + } + + } + + private Extensions generateExtensions() throws EIDASSAMLEngineException { + Extensions eidasExtensions = BuilderFactoryUtil.generateExtension(); + if (params.getAssuranceLevel() != null) { + generateLoA(eidasExtensions); + } + if (!StringUtils.isEmpty(params.getSpType())) { + final SPType spTypeObj = (SPType) BuilderFactoryUtil.buildXmlObject(SPType.DEF_ELEMENT_NAME); + if (spTypeObj != null) { + spTypeObj.setSPType(params.getSpType()); + eidasExtensions.getUnknownXMLObjects().add(spTypeObj); + } else { + LOGGER.info("BUSINESS EXCEPTION error adding SPType extension"); + } + } + generateDigest(eidasExtensions); + + if (!StringUtils.isEmpty(params.getSigningMethods())) { + Set<String> signMethods = EIDASUtil.parseSemicolonSeparatedList(params.getDigestMethods()); + for (String signMethod : signMethods) { + final SigningMethod sm = + (SigningMethod) BuilderFactoryUtil.buildXmlObject(SigningMethod.DEF_ELEMENT_NAME); + if (sm != null) { + sm.setAlgorithm(signMethod); + eidasExtensions.getUnknownXMLObjects().add(sm); + } else { + LOGGER.info("BUSINESS EXCEPTION error adding SigningMethod extension"); + } + } + } + return eidasExtensions; + } + + private void generateLoA(Extensions eidasExtensions) throws EIDASSAMLEngineException { + EntityAttributes loa = + (EntityAttributes) BuilderFactoryUtil.buildXmlObject(EntityAttributes.DEFAULT_ELEMENT_NAME); + Attribute loaAttrib = (Attribute) BuilderFactoryUtil.buildXmlObject(Attribute.DEFAULT_ELEMENT_NAME); + loaAttrib.setName(EidasConstants.LEVEL_OF_ASSURANCE_NAME); + loaAttrib.setNameFormat(Attribute.URI_REFERENCE); + XSStringBuilder stringBuilder = + (XSStringBuilder) Configuration.getBuilderFactory().getBuilder(XSString.TYPE_NAME); + XSString stringValue = stringBuilder.buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSString.TYPE_NAME); + stringValue.setValue(params.getAssuranceLevel()); + loaAttrib.getAttributeValues().add(stringValue); + loa.getAttributes().add(loaAttrib); + eidasExtensions.getUnknownXMLObjects().add(loa); + + } + + private static final Set<String> DEFAULT_BINDING = new HashSet<String>() {{ + this.add(SAMLConstants.SAML2_POST_BINDING_URI); + }}; + + private void addAssertionConsumerService() throws EIDASSAMLEngineException { + int index = 0; + Set<String> bindings = params.getProtocolBinding().isEmpty() ? DEFAULT_BINDING : params.getProtocolBinding(); + for (String binding : bindings) { + AssertionConsumerService asc = (AssertionConsumerService) BuilderFactoryUtil.buildXmlObject( + AssertionConsumerService.DEFAULT_ELEMENT_NAME); + asc.setLocation(params.getAssertionConsumerUrl()); + asc.setBinding(checkBinding(binding)); + asc.setIndex(index); + if (index == 0) { + asc.setIsDefault(true); + } + index++; + spSSODescriptor.getAssertionConsumerServices().add(asc); + } + } + + private String checkBinding(String binding) { + if (binding != null && (binding.equals(SAMLConstants.SAML2_REDIRECT_BINDING_URI) || binding.equals( + SAMLConstants.SAML2_POST_BINDING_URI))) { + return binding; + } + return SAMLConstants.SAML2_POST_BINDING_URI; + } + + private DateTime getExpireDate() { + DateTime expiryDate = DateTime.now(); + expiryDate = + expiryDate.withFieldAdded(DurationFieldType.seconds(), (int) (getConfigParams().getValidityDuration())); + return expiryDate; + } + + private void generateSupportedAttributes(IDPSSODescriptor idpssoDescriptor, + ImmutableSortedSet<AttributeDefinition<?>> attributeDefinitions) + throws EIDASSAMLEngineException { + List<Attribute> attributes = idpssoDescriptor.getAttributes(); + for (AttributeDefinition<?> attributeDefinition : attributeDefinitions) { + Attribute a = (Attribute) BuilderFactoryUtil.buildXmlObject(Attribute.DEFAULT_ELEMENT_NAME); + a.setName(attributeDefinition.getNameUri().toASCIIString()); + a.setFriendlyName(attributeDefinition.getFriendlyName()); + a.setNameFormat(Attribute.URI_REFERENCE); + attributes.add(a); + } + } + + public MetadataConfigParams getConfigParams() { + return params; + } + + public void setConfigParams(MetadataConfigParams params) { + this.params = params; + } + +} diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/SAMLEngineUtils.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/SAMLEngineUtils.java index eeb8305cf..eb50c113f 100644 --- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/SAMLEngineUtils.java +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/SAMLEngineUtils.java @@ -22,15 +22,27 @@ */ package at.gv.egovernment.moa.id.auth.modules.eidas.utils; +import java.io.InputStream; +import java.util.HashMap; +import java.util.Map; + +import org.opensaml.xml.ConfigurationException; +import org.opensaml.xml.XMLConfigurator; + import at.gv.egovernment.moa.id.auth.modules.eidas.Constants; import at.gv.egovernment.moa.id.auth.modules.eidas.config.MOAIDCertificateManagerConfigurationImpl; +import at.gv.egovernment.moa.id.auth.modules.eidas.config.MOASWSigner; +import at.gv.egovernment.moa.id.auth.modules.eidas.engine.MOAEidasProtocolProcesser; import at.gv.egovernment.moa.id.auth.modules.eidas.engine.MOAeIDASChainingMetadataProvider; import at.gv.egovernment.moa.id.auth.modules.eidas.engine.MOAeIDASMetadataProviderDecorator; -import at.gv.egovernment.moa.id.auth.modules.eidas.engine.MOAeIDAsExtensionProcessor; import at.gv.egovernment.moa.id.auth.modules.eidas.exceptions.EIDASEngineException; import at.gv.egovernment.moa.logging.Logger; -import eu.eidas.auth.engine.EIDASSAMLEngine; -import eu.eidas.auth.engine.core.ExtensionProcessorI; +import eu.eidas.auth.commons.attribute.AttributeDefinition; +import eu.eidas.auth.engine.ProtocolEngineI; +import eu.eidas.auth.engine.SamlEngineSystemClock; +import eu.eidas.auth.engine.metadata.MetadataFetcherI; +import eu.eidas.auth.engine.metadata.MetadataSignerI; +import eu.eidas.auth.engine.xml.opensaml.SAMLBootstrap; import eu.eidas.engine.exceptions.EIDASSAMLEngineException; import eu.eidas.samlengineconfig.CertificateConfigurationManager; @@ -40,31 +52,44 @@ import eu.eidas.samlengineconfig.CertificateConfigurationManager; */ public class SAMLEngineUtils { - private static EIDASSAMLEngine eIDASEngine = null; + private static ProtocolEngineI eIDASEngine = null; + private static MetadataSignerI metadataSigner = null; + private static MetadataFetcherI metadataFetcher = null; + private static Map<String, AttributeDefinition<?>> allSupportedAttributeMap = + new HashMap<String, AttributeDefinition<?>>(); - public static synchronized EIDASSAMLEngine createSAMLEngine() throws EIDASEngineException{ + public static synchronized ProtocolEngineI createSAMLEngine(MOAeIDASChainingMetadataProvider moaeIDASMetadataProvider) throws EIDASEngineException{ if (eIDASEngine == null) { try { //get eIDAS SAMLengine configuration from MOA-ID configuration CertificateConfigurationManager configManager = new MOAIDCertificateManagerConfigurationImpl(); + + //set metadata management to eIDAS SAMLengine + metadataFetcher = new MOAeIDASMetadataProviderDecorator(moaeIDASMetadataProvider); + + //set metadata signer + metadataSigner = new MOASWSigner(configManager); + + //build eIDAS SAML eninge + ProtocolEngineI engine = MOAProtocolEngineFactory.createProtocolEngine( + Constants.eIDAS_SAML_ENGINE_NAME, + configManager, + new MOAEidasProtocolProcesser(metadataFetcher, metadataSigner), + new SamlEngineSystemClock()); + + //build a map with all actually supported attributes + for (AttributeDefinition<?> el : engine.getProtocolProcessor().getAllSupportedAttributes()) + allSupportedAttributeMap.put(el.getFriendlyName(), el); + + //TODO: check if bug is fixed in next eIDAS SAML-engine version + //overwrite eIDAS response validator suite because Condition-Valitator has not time jitter + initOpenSAMLConfig("own-saml-eidasnode-config.xml"); - //initial eIDAS SAMLengine - EIDASSAMLEngine engine = EIDASSAMLEngine.createSAMLEngine(Constants.eIDAS_SAML_ENGINE_NAME, - configManager); - - //set metadata management to eIDAS SAMLengine - engine.setMetadataProcessor( - new MOAeIDASMetadataProviderDecorator( - MOAeIDASChainingMetadataProvider.getInstance())); - - //set MOA specific extension processor - ExtensionProcessorI extensionProcessor = new MOAeIDAsExtensionProcessor(); - engine.setExtensionProcessor(extensionProcessor); eIDASEngine = engine; - } catch (EIDASSAMLEngineException e) { + } catch (EIDASSAMLEngineException | ConfigurationException e) { Logger.error("eIDAS SAMLengine initialization FAILED!", e); throw new EIDASEngineException("eIDAS.00", new Object[]{e.getMessage()}, e); @@ -73,5 +98,51 @@ public class SAMLEngineUtils { return eIDASEngine; } + + /** + * Get a map of all eIDAS attributes, which are actually supported by eIDAS engine + * + * @return Map<Attr. FriendlyName, AttributeDefinition> + */ + public static Map<String, AttributeDefinition<?>> getMapOfAllAvailableAttributes() { + return allSupportedAttributeMap; + + } + + /** + * @return the metadataSigner + */ + public static MetadataSignerI getMetadataSigner() { + if (eIDASEngine != null) + return metadataSigner; + + else { + Logger.error("eIDAS SAMLEngine is not initialized."); + return null; + + } + } + + /** + * @return the metadataFetcher + */ + public static MetadataFetcherI getMetadataFetcher() { + if (eIDASEngine != null) + return metadataFetcher; + + else { + Logger.error("eIDAS SAMLEngine is not initialized."); + return null; + + } + } + + private static void initOpenSAMLConfig(String xmlConfig) throws ConfigurationException { + XMLConfigurator configurator = new XMLConfigurator(); + InputStream is = SAMLBootstrap.class.getClassLoader().getResourceAsStream(xmlConfig); + configurator.load(is); + + } + } diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/SimpleEidasAttributeGenerator.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/SimpleEidasAttributeGenerator.java new file mode 100644 index 000000000..d43fa1622 --- /dev/null +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/SimpleEidasAttributeGenerator.java @@ -0,0 +1,68 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.eidas.utils; + +import at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator; + +/** + * @author tlenz + * + */ +public class SimpleEidasAttributeGenerator implements IAttributeGenerator<String> { + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator#buildStringAttribute(java.lang.String, java.lang.String, java.lang.String) + */ + @Override + public String buildStringAttribute(String friendlyName, String name, String value) { + return value; + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator#buildIntegerAttribute(java.lang.String, java.lang.String, int) + */ + @Override + public String buildIntegerAttribute(String friendlyName, String name, int value) { + return String.valueOf(value); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator#buildLongAttribute(java.lang.String, java.lang.String, long) + */ + @Override + public String buildLongAttribute(String friendlyName, String name, long value) { + return String.valueOf(value); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator#buildEmptyAttribute(java.lang.String, java.lang.String) + */ + @Override + public String buildEmptyAttribute(String friendlyName, String name) { + return null; + } + +} diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASData.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASData.java index 563c3a18c..7647b4cab 100644 --- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASData.java +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASData.java @@ -2,13 +2,14 @@ package at.gv.egovernment.moa.id.protocols.eidas; import java.util.Collection; +import org.opensaml.saml2.metadata.provider.MetadataProvider; import org.springframework.beans.factory.config.BeanDefinition; import org.springframework.context.annotation.Scope; import org.springframework.stereotype.Component; -import at.gv.egovernment.moa.id.auth.modules.eidas.utils.MOAPersonalAttributeList; import at.gv.egovernment.moa.id.moduls.RequestImpl; -import eu.eidas.auth.commons.EIDASAuthnRequest; +import eu.eidas.auth.commons.attribute.ImmutableAttributeMap; +import eu.eidas.auth.commons.protocol.IAuthenticationRequest; @Component("EIDASData") @Scope(value = BeanDefinition.SCOPE_PROTOTYPE) @@ -18,10 +19,10 @@ public class EIDASData extends RequestImpl { private static final long serialVersionUID = 8765755670214923910L; /** The attributes requested by the eIDaS. */ - private MOAPersonalAttributeList attributes; + private ImmutableAttributeMap attributes; /** The incoming eIDaS SAML2 AuthnRequest. */ - private EIDASAuthnRequest authnRequest; + private IAuthenticationRequest authnRequest; /** The ip address of the requester. */ private String remoteIPAddress; @@ -29,7 +30,7 @@ public class EIDASData extends RequestImpl { private String remoteRelayState; @Override - public Collection<String> getRequestedAttributes() { + public Collection<String> getRequestedAttributes(MetadataProvider metadataProvider) { // TODO Auto-generated method stub return null; } @@ -39,17 +40,17 @@ public class EIDASData extends RequestImpl { * * @return the requested attributes */ - public MOAPersonalAttributeList getEidasRequestedAttributes() { - return (MOAPersonalAttributeList) attributes.clone(); + public ImmutableAttributeMap getEidasRequestedAttributes() { + return attributes; } /** * Sets the eidas requested attributes. * - * @param personalAttributeList the requested attributes + * @param immutableAttributeMap the requested attributes */ - public void setEidasRequestedAttributes(MOAPersonalAttributeList personalAttributeList) { - attributes = personalAttributeList; + public void setEidasRequestedAttributes(ImmutableAttributeMap immutableAttributeMap) { + attributes = immutableAttributeMap; } /** @@ -57,7 +58,7 @@ public class EIDASData extends RequestImpl { * * @return the eidas request */ - public EIDASAuthnRequest getEidasRequest() { + public IAuthenticationRequest getEidasRequest() { return authnRequest; } @@ -66,7 +67,7 @@ public class EIDASData extends RequestImpl { * * @param request the new eidas request */ - public void setEidasRequest(EIDASAuthnRequest request) { + public void setEidasRequest(IAuthenticationRequest request) { authnRequest = request; } diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java index 779d898be..13e64cdd0 100644 --- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java @@ -34,6 +34,8 @@ import org.apache.velocity.VelocityContext; import org.apache.velocity.app.VelocityEngine; import org.opensaml.saml2.core.StatusCode; import org.opensaml.saml2.metadata.AssertionConsumerService; +import org.opensaml.saml2.metadata.EntityDescriptor; +import org.springframework.beans.factory.annotation.Autowired; import org.springframework.http.MediaType; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.RequestMapping; @@ -44,11 +46,11 @@ import at.gv.egovernment.moa.id.auth.frontend.velocity.VelocityProvider; import at.gv.egovernment.moa.id.auth.modules.eidas.Constants; import at.gv.egovernment.moa.id.auth.modules.eidas.engine.MOAeIDASChainingMetadataProvider; import at.gv.egovernment.moa.id.auth.modules.eidas.engine.MOAeIDASMetadataProviderDecorator; -import at.gv.egovernment.moa.id.auth.modules.eidas.exceptions.eIDASAuthnRequestProcessingException; -import at.gv.egovernment.moa.id.auth.modules.eidas.exceptions.eIDASAuthnRequestValidationException; -import at.gv.egovernment.moa.id.auth.modules.eidas.exceptions.eIDASException; -import at.gv.egovernment.moa.id.auth.modules.eidas.utils.MOAPersonalAttributeList; +import at.gv.egovernment.moa.id.auth.modules.eidas.exceptions.EIDASAuthnRequestProcessingException; +import at.gv.egovernment.moa.id.auth.modules.eidas.exceptions.EIDASAuthnRequestValidationException; +import at.gv.egovernment.moa.id.auth.modules.eidas.exceptions.EIDASException; import at.gv.egovernment.moa.id.auth.modules.eidas.utils.SAMLEngineUtils; +import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.commons.api.IRequest; import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; @@ -56,10 +58,14 @@ import at.gv.egovernment.moa.id.moduls.RequestImpl; import at.gv.egovernment.moa.id.protocols.AbstractAuthProtocolModulController; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; -import eu.eidas.auth.commons.EIDASAuthnRequest; -import eu.eidas.auth.commons.EIDASAuthnResponse; -import eu.eidas.auth.commons.EIDASUtil; -import eu.eidas.auth.engine.EIDASSAMLEngine; +import eu.eidas.auth.commons.EidasStringUtil; +import eu.eidas.auth.commons.protocol.IAuthenticationRequest; +import eu.eidas.auth.commons.protocol.IResponseMessage; +import eu.eidas.auth.commons.protocol.eidas.IEidasAuthenticationRequest; +import eu.eidas.auth.commons.protocol.eidas.impl.EidasAuthenticationRequest; +import eu.eidas.auth.commons.protocol.impl.AuthenticationResponse; +import eu.eidas.auth.commons.protocol.impl.AuthenticationResponse.Builder; +import eu.eidas.auth.engine.ProtocolEngineI; import eu.eidas.auth.engine.metadata.MetadataUtil; import eu.eidas.engine.exceptions.EIDASSAMLEngineException; @@ -72,14 +78,17 @@ import eu.eidas.engine.exceptions.EIDASSAMLEngineException; public class EIDASProtocol extends AbstractAuthProtocolModulController { public static final String NAME = EIDASProtocol.class.getName(); - public static final String PATH = "eidas"; + public static final String PATH = "eidas"; + @Autowired(required=true) MOAeIDASChainingMetadataProvider eIDASMetadataProvider; + public EIDASProtocol() { super(); Logger.debug("Registering servlet " + getClass().getName() + " with mappings '" + Constants.eIDAS_HTTP_ENDPOINT_METADATA + "' and '" + Constants.eIDAS_HTTP_ENDPOINT_IDP_COLLEAGUEREQUEST + - "' and '" + Constants.eIDAS_HTTP_ENDPOINT_IDP_POST +"'."); + //"' and '" + Constants.eIDAS_HTTP_ENDPOINT_IDP_POST + + "'."); } @@ -164,75 +173,139 @@ public class EIDASProtocol extends AbstractAuthProtocolModulController { String base64SamlToken = request.getParameter("SAMLRequest"); if (MiscUtil.isEmpty(base64SamlToken)) { Logger.warn("No eIDAS SAMLRequest found in http request."); - throw new MOAIDException("HTTP request includes no eIDAS SAML-Request element.", null); + throw new MOAIDException("eIDAS.06", new Object[]{"HTTP request includes no eIDAS SAML-Request element."}); } - byte[] decSamlToken = EIDASUtil.decodeSAMLToken(base64SamlToken); - + try { + //decode SAML2 token + byte[] decSamlToken = EidasStringUtil.decodeBytesFromBase64(base64SamlToken); + //get eIDAS SAML-engine - EIDASSAMLEngine engine = SAMLEngineUtils.createSAMLEngine(); - - //validate SAML token - EIDASAuthnRequest samlReq = engine.validateEIDASAuthnRequest(decSamlToken); - - // - memorize remote ip - pendingReq.setRemoteAddress(request.getRemoteAddr()); + ProtocolEngineI engine = SAMLEngineUtils.createSAMLEngine(eIDASMetadataProvider); - // - memorize relaystate - String relayState = request.getParameter("RelayState"); - pendingReq.setRemoteRelayState(relayState); - - // - memorize country code of target country - pendingReq.setGenericDataToSession( - RequestImpl.eIDAS_GENERIC_REQ_DATA_COUNTRY, samlReq.getCountry()); + String cititzenCountryCode = + authConfig.getBasicMOAIDConfiguration(Constants.CONIG_PROPS_EIDAS_NODE_COUNTRYCODE, + MOAIDAuthConstants.COUNTRYCODE_AUSTRIA); - // - memorize requested attributes - pendingReq.setEidasRequestedAttributes(new MOAPersonalAttributeList(samlReq.getPersonalAttributeList())); + + //**************************************** + //***** validate eIDAS request ********* + //**************************************** + //validate SAML token + IAuthenticationRequest samlReq = engine.unmarshallRequestAndValidate(decSamlToken, cititzenCountryCode ); - // - memorize whole request - samlReq.setPersonalAttributeList(pendingReq.getEidasRequestedAttributes()); // circumvent non-serializable eidas personal attribute list - pendingReq.setEidasRequest(samlReq); + //validate internal JAVA class type + if (!(samlReq instanceof IEidasAuthenticationRequest)) { + Logger.error("eIDAS AuthnRequst from node:" + samlReq.getIssuer() + + " is NOT from Type:" + IEidasAuthenticationRequest.class.getName()); + throw new MOAIDException("eIDAS.06", new Object[]{"eIDAS AuthnRequest maps to an wrong internal Type."}); + + } + IEidasAuthenticationRequest eIDASSamlReq = (IEidasAuthenticationRequest) samlReq; + + //validate Destination against MOA-ID-Auth configuration + String reqDestination = eIDASSamlReq.getDestination(); + if (MiscUtil.isEmpty(reqDestination) || + !reqDestination.startsWith(pendingReq.getAuthURL())) { + Logger.info("eIDAS AuthnRequest contains a not valid 'Destination' attribute"); + throw new EIDASAuthnRequestValidationException("stork.01", + new Object[]{"eIDAS AuthnRequest contains a not valid 'Destination' attribute"}); + + } + + //validate AssertionConsumerServiceURL against metadata + EntityDescriptor eIDASNodeEntityDesc = new MOAeIDASMetadataProviderDecorator(eIDASMetadataProvider) + .getEntityDescriptor(eIDASSamlReq.getIssuer(), SAMLEngineUtils.getMetadataSigner()); - //validate destination against metadata - String reqDestination = samlReq.getDestination(); - if (MiscUtil.isNotEmpty(reqDestination)) { - boolean isValid = false; - List<AssertionConsumerService> allowedAssertionConsumerUrl = new MOAeIDASMetadataProviderDecorator(MOAeIDASChainingMetadataProvider.getInstance()) - .getSPSSODescriptor(samlReq.getIssuer()).getAssertionConsumerServices(); + String reqAssertionConsumerServiceURL = eIDASSamlReq.getAssertionConsumerServiceURL(); + if (MiscUtil.isNotEmpty(reqAssertionConsumerServiceURL)) { + boolean isValid = false; + List<AssertionConsumerService> allowedAssertionConsumerUrl = + MetadataUtil.getSPSSODescriptor(eIDASNodeEntityDesc).getAssertionConsumerServices(); for (AssertionConsumerService el : allowedAssertionConsumerUrl) { - if (reqDestination.equals(el.getLocation())) + if (reqAssertionConsumerServiceURL.equals(el.getLocation())) isValid = true; } if (!isValid) { - Logger.info("eIDAS AuthnRequest contains a not valid 'Destination' attribute"); - throw new eIDASAuthnRequestValidationException("stork.01", - new Object[]{"eIDAS AuthnRequest contains a not valid 'Destination' attribute"}); + Logger.info("eIDAS AuthnRequest contains a not valid 'AssertionConsumerServiceURL' attribute"); + throw new EIDASAuthnRequestValidationException("eIDAS.12", + new Object[]{"eIDAS AuthnRequest contains a not valid 'AssertionConsumerServiceURL' attribute"}); } - } + } else { + /*TODO: eIDAS SAMLEngine 1.1.0 does not validate and set AssertionConsumerServiceURL in a correct form + * + * Actually, this step is required because EidasProtocolProcesser.class only use the AssertionConsumerServiceURL + * from AuthnRequest to set the 'Destination' attribute in eIDAS Response. However, the AssertionConsumerServiceURL + * could be empty in Request, which break the Response building process. + */ + String assertionConsumerServiceURL = MetadataUtil.getAssertionConsumerUrlFromMetadata( + SAMLEngineUtils.getMetadataFetcher(), SAMLEngineUtils.getMetadataSigner(), eIDASSamlReq); + if (MiscUtil.isEmpty(assertionConsumerServiceURL)) { + Logger.error("eIDAS metadata for node:" + eIDASSamlReq.getIssuer() + + " contains NO 'AssertionConsumerServiceURL' element!"); + throw new EIDASSAMLEngineException("eIDAS metadata for node:" + eIDASSamlReq.getIssuer() + + " contains NO 'AssertionConsumerServiceURL' element!"); + + } + + EidasAuthenticationRequest.Builder test = EidasAuthenticationRequest.builder(eIDASSamlReq); + test.assertionConsumerServiceURL(assertionConsumerServiceURL); + eIDASSamlReq = test.build(); + + } + + //************************************************* + //***** store eIDAS request information ********* + //************************************************* + // - memorize remote ip + pendingReq.setRemoteAddress(request.getRemoteAddr()); + + // - memorize relaystate + String relayState = request.getParameter("RelayState"); + pendingReq.setRemoteRelayState(relayState); + + // - memorize country code of target country + pendingReq.setGenericDataToSession( + RequestImpl.eIDAS_GENERIC_REQ_DATA_COUNTRY, samlReq.getOriginCountryCode()); + + //store level of assurance + pendingReq.setGenericDataToSession(RequestImpl.eIDAS_GENERIC_REQ_DATA_LEVELOFASSURENCE, + eIDASSamlReq.getEidasLevelOfAssurance().stringValue()); + + // - memorize requested attributes + pendingReq.setEidasRequestedAttributes(eIDASSamlReq.getRequestedAttributes()); + + // - memorize whole request + pendingReq.setEidasRequest(eIDASSamlReq); + // - memorize OA url pendingReq.setOAURL(samlReq.getIssuer()); // - memorize OA config IOAAuthParameters oaConfig = authConfig.getOnlineApplicationParameter(pendingReq.getOAURL()); if (oaConfig == null) - throw new eIDASAuthnRequestProcessingException("eIDAS.08", new Object[]{pendingReq.getOAURL()}); + throw new EIDASAuthnRequestProcessingException("eIDAS.08", new Object[]{pendingReq.getOAURL()}); pendingReq.setOnlineApplicationConfiguration(oaConfig); - - String spType = samlReq.getSPType(); - if (MiscUtil.isEmpty(spType)) { - Logger.info("Load SPType from metadata ... IS NOT IMPLEMENTED YET!!!"); - //TODO: maybe implement this if required + + // - memorize service-provider type from eIDAS request + String spType = null; + if (eIDASSamlReq.getSpType() != null) + spType = eIDASSamlReq.getSpType().getValue(); + + if (MiscUtil.isEmpty(spType)) + spType = MetadataUtil.getSPTypeFromMetadata(eIDASNodeEntityDesc); - } - - Logger.debug("eIDAS request has SPType:" + spType); + if (MiscUtil.isEmpty(spType)) + Logger.debug("eIDAS request has SPType:" + spType); + else + Logger.info("eIDAS request and eIDAS metadata contains NO 'SPType' element."); } catch (MOAIDException e) { Logger.info("eIDAS AuthnRequest preProcessing FAILED. Msg:" + e.getMessage()); @@ -240,11 +313,11 @@ public class EIDASProtocol extends AbstractAuthProtocolModulController { } catch (EIDASSAMLEngineException e) { Logger.info("eIDAS AuthnRequest preProcessing FAILED. Msg:" + e.getMessage()); - throw new eIDASAuthnRequestProcessingException("eIDAS.06", new Object[]{e.getMessage()}, e); + throw new EIDASAuthnRequestProcessingException("eIDAS.06", new Object[]{e.getMessage()}, e); } catch(Exception e) { Logger.warn("eIDAS AuthnRequest preProcessing FAILED. Msg:" + e.getMessage(), e); - throw new eIDASAuthnRequestProcessingException("eIDAS.06", new Object[]{e.getMessage()}, e); + throw new EIDASAuthnRequestProcessingException("eIDAS.06", new Object[]{e.getMessage()}, e); } } @@ -258,43 +331,40 @@ public class EIDASProtocol extends AbstractAuthProtocolModulController { } try { - EIDASAuthnResponse eIDASResp = new EIDASAuthnResponse(); - eIDASResp.setIssuer(pendingReq.getAuthURL() + Constants.eIDAS_HTTP_ENDPOINT_METADATA); - - if (e instanceof eIDASException) { - eIDASResp.setStatusCode(((eIDASException) e).getStatusCodeFirstLevel()); - eIDASResp.setSubStatusCode(((eIDASException) e).getStatusCodeSecondLevel()); - eIDASResp.setMessage(e.getMessage()); + Builder eIDASRespBuilder = new AuthenticationResponse.Builder(); + eIDASRespBuilder.issuer(pendingReq.getAuthURL() + Constants.eIDAS_HTTP_ENDPOINT_METADATA); + + if (e instanceof EIDASException) { + eIDASRespBuilder.statusCode(((EIDASException) e).getStatusCodeFirstLevel()); + eIDASRespBuilder.subStatusCode(((EIDASException) e).getStatusCodeSecondLevel()); + eIDASRespBuilder.statusMessage(e.getMessage()); } else if (e instanceof MOAIDException ) { - eIDASResp.setStatusCode(StatusCode.RESPONDER_URI); - eIDASResp.setSubStatusCode(StatusCode.AUTHN_FAILED_URI); - eIDASResp.setMessage(e.getMessage()); + eIDASRespBuilder.statusCode(StatusCode.RESPONDER_URI); + eIDASRespBuilder.subStatusCode(StatusCode.AUTHN_FAILED_URI); + eIDASRespBuilder.statusMessage(e.getMessage()); } else { - eIDASResp.setStatusCode(StatusCode.RESPONDER_URI); - eIDASResp.setSubStatusCode(StatusCode.AUTHN_FAILED_URI); - eIDASResp.setMessage(e.getMessage()); + eIDASRespBuilder.statusCode(StatusCode.RESPONDER_URI); + eIDASRespBuilder.subStatusCode(StatusCode.AUTHN_FAILED_URI); + eIDASRespBuilder.statusMessage(e.getMessage()); } - + + eIDASRespBuilder.id(eu.eidas.auth.engine.xml.opensaml.SAMLEngineUtils.generateNCName()); + eIDASRespBuilder.inResponseTo(eidasReq.getEidasRequest().getId()); - EIDASSAMLEngine engine = SAMLEngineUtils.createSAMLEngine(); + //build response + AuthenticationResponse eIDASResp = eIDASRespBuilder.build(); - if(null == eidasReq.getEidasRequest().getAssertionConsumerServiceURL()) { - String assertionConsumerUrl = MetadataUtil.getAssertionUrlFromMetadata( - new MOAeIDASMetadataProviderDecorator(MOAeIDASChainingMetadataProvider.getInstance()), - engine, - eidasReq.getEidasRequest()); - eidasReq.getEidasRequest().setAssertionConsumerServiceURL(assertionConsumerUrl); - - } //get eIDAS SAML-engine + ProtocolEngineI engine = SAMLEngineUtils.createSAMLEngine(eIDASMetadataProvider); + + //build response message + IResponseMessage eIDASRespMsg = engine.generateResponseErrorMessage(eidasReq.getEidasRequest(),eIDASResp, eidasReq.getRemoteAddress()); - eIDASResp = engine.generateEIDASAuthnResponseFail(eidasReq.getEidasRequest(), eIDASResp, - eidasReq.getRemoteAddress(), true); - String token = EIDASUtil.encodeSAMLToken(eIDASResp.getTokenSaml()); + String token = EidasStringUtil.encodeToBase64(eIDASRespMsg.getMessageBytes()); VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine(); Template template = velocityEngine.getTemplate("/resources/templates/stork2_postbinding_template.html"); diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EidasMetaDataRequest.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EidasMetaDataRequest.java index b4db5c83d..174fa2c17 100644 --- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EidasMetaDataRequest.java +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EidasMetaDataRequest.java @@ -21,14 +21,20 @@ import java.util.List; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import org.opensaml.common.xml.SAMLConstants; import org.opensaml.saml2.metadata.ContactPerson; import org.opensaml.saml2.metadata.Organization; +import org.springframework.beans.factory.annotation.Autowired; import org.springframework.http.MediaType; import org.springframework.stereotype.Service; import at.gv.egovernment.moa.id.auth.modules.eidas.Constants; +import at.gv.egovernment.moa.id.auth.modules.eidas.engine.MOAeIDASChainingMetadataProvider; import at.gv.egovernment.moa.id.auth.modules.eidas.exceptions.EIDASEngineException; +import at.gv.egovernment.moa.id.auth.modules.eidas.utils.MOAeIDASMetadataGenerator; import at.gv.egovernment.moa.id.auth.modules.eidas.utils.SAMLEngineUtils; +import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; import at.gv.egovernment.moa.id.commons.api.IRequest; import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; @@ -37,11 +43,10 @@ import at.gv.egovernment.moa.id.data.SLOInformationInterface; import at.gv.egovernment.moa.id.moduls.IAction; import at.gv.egovernment.moa.id.protocols.pvp2x.config.PVPConfiguration; import at.gv.egovernment.moa.logging.Logger; -import eu.eidas.auth.engine.EIDASSAMLEngine; +import eu.eidas.auth.engine.ProtocolEngineI; import eu.eidas.auth.engine.metadata.Contact; import eu.eidas.auth.engine.metadata.MetadataConfigParams; -import eu.eidas.auth.engine.metadata.MetadataGenerator; -import eu.eidas.engine.exceptions.SAMLEngineException; +import eu.eidas.engine.exceptions.EIDASSAMLEngineException; /** @@ -50,6 +55,9 @@ import eu.eidas.engine.exceptions.SAMLEngineException; @Service("EidasMetaDataRequest") public class EidasMetaDataRequest implements IAction { + @Autowired(required=true) MOAeIDASChainingMetadataProvider eIDASMetadataProvider; + @Autowired(required=true) AuthConfiguration authConfig; + /* (non-Javadoc) * @see at.gv.egovernment.moa.id.moduls.IAction#processRequest(at.gv.egovernment.moa.id.moduls.IRequest, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, at.gv.egovernment.moa.id.data.IAuthData) */ @@ -61,10 +69,10 @@ public class EidasMetaDataRequest implements IAction { try { String pubURLPrefix = req.getAuthURL(); - String metadata_url = pubURLPrefix + Constants.eIDAS_HTTP_ENDPOINT_METADATA; + String metadata_url = pubURLPrefix + Constants.eIDAS_HTTP_ENDPOINT_METADATA; + String sp_return_url = pubURLPrefix + Constants.eIDAS_HTTP_ENDPOINT_SP_POST; - String sp_return_url = pubURLPrefix + Constants.eIDAS_HTTP_ENDPOINT_SP_POST; - String metaData = generateMetadata(metadata_url, sp_return_url); + String metaData = generateMetadata(req, metadata_url, sp_return_url); Logger.trace(metaData); @@ -100,24 +108,30 @@ public class EidasMetaDataRequest implements IAction { } - public String generateMetadata(String metadata_url, String sp_return_url) throws SAMLEngineException, EIDASEngineException{ + public String generateMetadata(IRequest pendingReq, String metadata_url, String sp_return_url) throws EIDASSAMLEngineException, EIDASEngineException{ String metadata="invalid metadata"; - EIDASSAMLEngine engine = SAMLEngineUtils.createSAMLEngine(); + ProtocolEngineI engine = SAMLEngineUtils.createSAMLEngine(eIDASMetadataProvider); - MetadataGenerator generator = new MetadataGenerator(); + MOAeIDASMetadataGenerator generator = new MOAeIDASMetadataGenerator(); MetadataConfigParams mcp=new MetadataConfigParams(); generator.setConfigParams(mcp); generator.initialize(engine); mcp.setEntityID(metadata_url); mcp.setAssertionConsumerUrl(sp_return_url); + mcp.getProtocolBindingLocation().put( + SAMLConstants.SAML2_POST_BINDING_URI, + pendingReq.getAuthURL() + Constants.eIDAS_HTTP_ENDPOINT_IDP_COLLEAGUEREQUEST); //TODO: make it configurable mcp.setAuthnRequestsSigned(true); mcp.setWantAssertionsSigned(true); - mcp.setAssuranceLevel("http://eidas.europa.eu/LoA/substantial"); + mcp.setAssuranceLevel( + authConfig.getBasicMOAIDConfiguration( + Constants.CONIG_PROPS_EIDAS_NODE_LoA, + MOAIDAuthConstants.eIDAS_LOA_HIGH)); //must be set in request, because it could be different for every online-application //mcp.setSpType(SPType.DEFAULT_VALUE); @@ -133,18 +147,24 @@ public class EidasMetaDataRequest implements IAction { Contact technicalContact = new Contact(); List<ContactPerson> contacts = PVPConfiguration.getInstance().getIDPContacts(); - if (contacts != null && contacts.size() >= 1) { - technicalContact.setEmail(contacts.get(0).getEmailAddresses().get(0).getAddress()); - technicalContact.setGivenName(contacts.get(0).getGivenName().getName()); - technicalContact.setSurName(contacts.get(0).getSurName().getName()); - technicalContact.setPhone(contacts.get(0).getTelephoneNumbers().get(0).getNumber()); + if (contacts != null && contacts.size() >= 1) { + ContactPerson contact = contacts.get(0); + technicalContact.setGivenName(contact.getGivenName().getName()); + technicalContact.setSurName(contact.getSurName().getName()); + + if (!contact.getEmailAddresses().isEmpty()) + technicalContact.setEmail(contact.getEmailAddresses().get(0).getAddress()); + + if (!contact.getTelephoneNumbers().isEmpty()) + technicalContact.setPhone(contact.getTelephoneNumbers().get(0).getNumber()); + mcp.setTechnicalContact(technicalContact ); } if (pvpOrganisation != null) { mcp.setNodeUrl(pvpOrganisation.getURLs().get(0).getURL().getLocalString()); - mcp.setCountryName("Austria"); + mcp.setCountryName(authConfig.getBasicMOAIDConfiguration(Constants.CONIG_PROPS_EIDAS_NODE_COUNTRY, "Austria")); technicalContact.setCompany(pvpOrganisation.getDisplayNames().get(0).getName().getLocalString()); } diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/eIDASAuthenticationRequest.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/eIDASAuthenticationRequest.java index ebd4e1e6d..22ac37604 100644 --- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/eIDASAuthenticationRequest.java +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/eIDASAuthenticationRequest.java @@ -23,8 +23,8 @@ package at.gv.egovernment.moa.id.protocols.eidas; import java.io.StringWriter; +import java.security.MessageDigest; import java.text.SimpleDateFormat; -import java.util.Map.Entry; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @@ -32,29 +32,44 @@ import javax.servlet.http.HttpServletResponse; import org.apache.velocity.Template; import org.apache.velocity.VelocityContext; import org.apache.velocity.app.VelocityEngine; +import org.opensaml.saml2.core.StatusCode; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.http.MediaType; import org.springframework.stereotype.Service; +import com.google.common.collect.ImmutableSet; + import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger; import at.gv.egovernment.moa.id.auth.frontend.velocity.VelocityProvider; import at.gv.egovernment.moa.id.auth.modules.eidas.Constants; import at.gv.egovernment.moa.id.auth.modules.eidas.engine.MOAeIDASChainingMetadataProvider; -import at.gv.egovernment.moa.id.auth.modules.eidas.engine.MOAeIDASMetadataProviderDecorator; -import at.gv.egovernment.moa.id.auth.modules.eidas.utils.MOAPersonalAttributeList; -import at.gv.egovernment.moa.id.auth.modules.eidas.utils.SAMLEngineUtils; +import at.gv.egovernment.moa.id.auth.modules.eidas.utils.SimpleEidasAttributeGenerator; import at.gv.egovernment.moa.id.commons.api.IRequest; import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; import at.gv.egovernment.moa.id.data.IAuthData; +import at.gv.egovernment.moa.id.data.SLOInformationImpl; import at.gv.egovernment.moa.id.data.SLOInformationInterface; import at.gv.egovernment.moa.id.moduls.IAction; +import at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator; +import at.gv.egovernment.moa.id.protocols.builder.attributes.MandateLegalPersonFullNameAttributeBuilder; +import at.gv.egovernment.moa.id.protocols.builder.attributes.MandateLegalPersonSourcePinAttributeBuilder; +import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException; +import at.gv.egovernment.moa.id.util.Random; import at.gv.egovernment.moa.logging.Logger; -import eu.eidas.auth.commons.EIDASAuthnResponse; -import eu.eidas.auth.commons.EIDASStatusCode; -import eu.eidas.auth.commons.EIDASUtil; -import eu.eidas.auth.commons.PersonalAttribute; -import eu.eidas.auth.engine.EIDASSAMLEngine; -import eu.eidas.auth.engine.metadata.MetadataUtil; +import at.gv.egovernment.moa.util.Base64Utils; +import at.gv.egovernment.moa.util.MiscUtil; +import eu.eidas.auth.commons.EidasStringUtil; +import eu.eidas.auth.commons.attribute.AttributeDefinition; +import eu.eidas.auth.commons.attribute.AttributeDefinition.Builder; +import eu.eidas.auth.commons.attribute.AttributeValue; +import eu.eidas.auth.commons.attribute.AttributeValueMarshaller; +import eu.eidas.auth.commons.attribute.AttributeValueMarshallingException; +import eu.eidas.auth.commons.attribute.ImmutableAttributeMap; +import eu.eidas.auth.commons.protocol.IResponseMessage; +import eu.eidas.auth.commons.protocol.impl.AuthenticationResponse; +import eu.eidas.auth.commons.protocol.impl.SamlNameIdFormat; +import eu.eidas.auth.engine.ProtocolEngineI; +import eu.eidas.auth.engine.xml.opensaml.SAMLEngineUtils; /** @@ -67,7 +82,10 @@ import eu.eidas.auth.engine.metadata.MetadataUtil; @Service("eIDASAuthenticationRequest") public class eIDASAuthenticationRequest implements IAction { + private static IAttributeGenerator<String> generator = new SimpleEidasAttributeGenerator(); + @Autowired protected MOAReversionLogger revisionsLogger; + @Autowired(required=true) MOAeIDASChainingMetadataProvider eIDASMetadataProvider; @Override public SLOInformationInterface processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, IAuthData authData) throws MOAIDException { @@ -78,67 +96,136 @@ public class eIDASAuthenticationRequest implements IAction { throw new MOAIDException("got wrong IRequest type. is: {}, should be: {}", new String[] {req.getClass().toString(), EIDASData.class.toString()}); - // gather attributes - MOAPersonalAttributeList resultingAttributeList = (MOAPersonalAttributeList) eidasRequest.getEidasRequestedAttributes().clone(); + String subjectNameID = null; - for(Entry<String, PersonalAttribute> current : resultingAttributeList.entrySet()) { + //gather attributes + ImmutableAttributeMap reqAttributeList = (ImmutableAttributeMap) eidasRequest.getEidasRequestedAttributes(); + ImmutableAttributeMap.Builder attrMapBuilder = ImmutableAttributeMap.builder(); + + //TODO: if we support more then this minimum required attributes -> redesign to a smoother attribute builder selector + for(AttributeDefinition<?> attr : reqAttributeList.getDefinitions()) { String newValue = ""; - - // TODO make use of proper builder - switch(current.getKey()) { - case Constants.eIDAS_ATTR_DATEOFBIRTH: newValue = new SimpleDateFormat("YYYY-MM-dd").format(authData.getDateOfBirth()); break; - case Constants.eIDAS_ATTR_CURRENTFAMILYNAME: newValue = authData.getFamilyName();break; - case Constants.eIDAS_ATTR_CURRENTGIVENNAME: newValue = authData.getGivenName();break; - - //TODO: change bPK builder !!!!!! - case Constants.eIDAS_ATTR_PERSONALIDENTIFIER: newValue = authData.getBPK(); break; + boolean isUniqueID = false; + try { + switch(attr.getFriendlyName()) { + case Constants.eIDAS_ATTR_DATEOFBIRTH: + newValue = new SimpleDateFormat("YYYY-MM-dd").format(authData.getDateOfBirth()); + break; + case Constants.eIDAS_ATTR_CURRENTFAMILYNAME: + newValue = authData.getFamilyName(); + break; + case Constants.eIDAS_ATTR_CURRENTGIVENNAME: + newValue = authData.getGivenName(); + break; + case Constants.eIDAS_ATTR_PERSONALIDENTIFIER: + newValue = authData.getBPK(); + isUniqueID = true; + + //generate a transient unique identifier if it is requested + String reqNameIDFormat = eidasRequest.getEidasRequest().getNameIdFormat(); + if (MiscUtil.isNotEmpty(reqNameIDFormat) + && reqNameIDFormat.equals(SamlNameIdFormat.TRANSIENT.getNameIdFormat())) + newValue = generateTransientNameID(newValue); + + subjectNameID = newValue; + break; + case Constants.eIDAS_ATTR_LEGALPERSONIDENTIFIER: + newValue = new MandateLegalPersonSourcePinAttributeBuilder().build( + req.getOnlineApplicationConfiguration(), authData, generator); + break; + case Constants.eIDAS_ATTR_LEGALNAME: + newValue = new MandateLegalPersonFullNameAttributeBuilder().build( + req.getOnlineApplicationConfiguration(), authData, generator); + break; + + } + + } catch (AttributeException e) { + Logger.debug("Attribute can not generate requested attribute:" + attr.getFriendlyName() + " Reason:" + e.getMessage()); + } - - if("".equals(newValue)) - current.getValue().setStatus(EIDASStatusCode.STATUS_NOT_AVAILABLE.toString()); - else { - current.getValue().getValue().clear(); - current.getValue().getValue().add(newValue); - current.getValue().setStatus(EIDASStatusCode.STATUS_AVAILABLE.toString()); + + if(MiscUtil.isEmpty(newValue)) { + Logger.info("eIDAS Attr:" + attr.getNameUri() + " is not available."); + + } else { + //set uniqueIdentifier attribute, because eIDAS SAMLEngine use this flag to select the + // Subject->NameID value from this attribute + Builder<?> attrBuilder = AttributeDefinition.builder(attr); + attrBuilder.uniqueIdentifier(isUniqueID); + AttributeDefinition<?> returnAttr = attrBuilder.build(); + + //unmarshal attribute value into eIDAS attribute + AttributeValueMarshaller<?> attributeValueMarshaller = returnAttr.getAttributeValueMarshaller(); + ImmutableSet.Builder<AttributeValue<?>> builder = ImmutableSet.builder(); + + AttributeValue<?> attributeValue = null; + try { + attributeValue = attributeValueMarshaller.unmarshal(newValue, false); + builder.add(attributeValue); + + } catch (AttributeValueMarshallingException e) { + throw new IllegalStateException(e); + + } + + //add attribute to Map + attrMapBuilder.put((AttributeDefinition)returnAttr, (ImmutableSet) builder.build()); + } } // construct eIDaS response - EIDASAuthnResponse response = new EIDASAuthnResponse(); - response.setPersonalAttributeList(resultingAttributeList); + AuthenticationResponse.Builder responseBuilder = new AuthenticationResponse.Builder(); + + responseBuilder.id(SAMLEngineUtils.generateNCName()); + responseBuilder.inResponseTo(eidasRequest.getEidasRequest().getId()); - // - create metadata url - String pubURLPrefix = req.getAuthURL(); + String pubURLPrefix = req.getAuthURL(); String metadata_url = pubURLPrefix + Constants.eIDAS_HTTP_ENDPOINT_METADATA; - response.setIssuer(metadata_url); - - response.setAssuranceLevel(authData.getEIDASQAALevel()); + responseBuilder.issuer(metadata_url); + + responseBuilder.levelOfAssurance(authData.getEIDASQAALevel()); + + //add attributes + responseBuilder.attributes(attrMapBuilder.build()); + + //set success statuscode + responseBuilder.statusCode(StatusCode.SUCCESS_URI); + + //build response + AuthenticationResponse response = responseBuilder.build(); String token = null; + IResponseMessage eIDASRespMsg = null; try { - EIDASSAMLEngine engine = SAMLEngineUtils.createSAMLEngine(); + ProtocolEngineI engine = at.gv.egovernment.moa.id.auth.modules.eidas.utils.SAMLEngineUtils.createSAMLEngine(eIDASMetadataProvider); // encryption is done by the SamlEngine, i.e. by the module we provide in the config // but we need to set the appropriate request issuer - engine.setRequestIssuer(eidasRequest.getEidasRequest().getIssuer()); - + //engine.setRequestIssuer(eidasRequest.getEidasRequest().getIssuer()); - if(null == eidasRequest.getEidasRequest().getAssertionConsumerServiceURL()) { - String assertionConsumerUrl = MetadataUtil.getAssertionUrlFromMetadata( - new MOAeIDASMetadataProviderDecorator(MOAeIDASChainingMetadataProvider.getInstance()), - engine, - eidasRequest.getEidasRequest()); - eidasRequest.getEidasRequest().setAssertionConsumerServiceURL(assertionConsumerUrl); - - } + eIDASRespMsg = engine.generateResponseMessage(eidasRequest.getEidasRequest(), + response, true, eidasRequest.getRemoteAddress()); + +// if(null == eidasRequest.getEidasRequest().getAssertionConsumerServiceURL()) { +// String assertionConsumerUrl = MetadataUtil.getAssertionUrlFromMetadata( +// new MOAeIDASMetadataProviderDecorator(eIDASMetadataProvider), +// engine, +// eidasRequest.getEidasRequest()); +// eidasRequest.getEidasRequest().setAssertionConsumerServiceURL(assertionConsumerUrl); +// +// } - response = engine.generateEIDASAuthnResponse(eidasRequest.getEidasRequest(), response, eidasRequest.getRemoteAddress(), true); +// response = engine.generateEIDASAuthnResponse(eidasRequest.getEidasRequest(), response, eidasRequest.getRemoteAddress(), true); - token = EIDASUtil.encodeSAMLToken(response.getTokenSaml()); + token = EidasStringUtil.encodeToBase64(eIDASRespMsg.getMessageBytes()); + + } catch(Exception e) { + Logger.error("eIDAS Response encoding error." , e); + throw new MOAIDException("eIDAS.13", new Object[]{e.getMessage()}, e); - } catch(Exception e) { - e.printStackTrace(); } revisionsLogger.logEvent(req, Constants.eIDAS_REVERSIONSLOG_IDP_AUTHREQUEST); @@ -172,10 +259,28 @@ public class eIDASAuthenticationRequest implements IAction { } catch (Exception e) { - Logger.error("Velocity error: " + e.getMessage()); + Logger.error("Velocity error: " + e.getMessage()); + throw new MOAIDException("eIDAS.13", new Object[]{e.getMessage()}, e); + } - - return null; + + SLOInformationInterface ssoContainer = null; + try { + ssoContainer = new SLOInformationImpl( + req.getAuthURL(), + eidasRequest.getEidasRequest().getIssuer(), + null, + subjectNameID, + eidasRequest.getEidasRequest().getNameIdFormat(), + EIDASProtocol.NAME); + + } catch (Exception e) { + Logger.error("Can not generate container with SSO information!", e); + + } + + return ssoContainer; + } @Override @@ -189,4 +294,20 @@ public class eIDASAuthenticationRequest implements IAction { } + private String generateTransientNameID(String nameID) { + String random = Random.nextLongRandom(); + + try { + MessageDigest md = MessageDigest.getInstance("SHA-1"); + byte[] hash = md.digest((nameID + random).getBytes("ISO-8859-1")); + return Base64Utils.encode(hash); + + } catch (Exception e) { + Logger.error("Can not generate transient personal identifier!", e); + return null; + + } + + } + } diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/resources/moaid_eidas_auth.beans.xml b/id/server/modules/moa-id-module-eIDAS/src/main/resources/moaid_eidas_auth.beans.xml index 5d79d082a..20395f210 100644 --- a/id/server/modules/moa-id-module-eIDAS/src/main/resources/moaid_eidas_auth.beans.xml +++ b/id/server/modules/moa-id-module-eIDAS/src/main/resources/moaid_eidas_auth.beans.xml @@ -14,6 +14,9 @@ <bean id="EIDASProtocol" class="at.gv.egovernment.moa.id.protocols.eidas.EIDASProtocol"/> + + <bean id="eIDASMetadataProvider" + class="at.gv.egovernment.moa.id.auth.modules.eidas.engine.MOAeIDASChainingMetadataProvider"/> <!-- Authentication Process Tasks --> <bean id="GenerateAuthnRequestTask" diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/resources/own-saml-eidasnode-config.xml b/id/server/modules/moa-id-module-eIDAS/src/main/resources/own-saml-eidasnode-config.xml new file mode 100644 index 000000000..856ebd96a --- /dev/null +++ b/id/server/modules/moa-id-module-eIDAS/src/main/resources/own-saml-eidasnode-config.xml @@ -0,0 +1,42 @@ +<?xml version="1.0" encoding="UTF-8"?> +<XMLTooling xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://www.opensaml.org/xmltooling-config ../../src/schema/xmltooling-config.xsd" + xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" + xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" + xmlns:stork="urn:eu:stork:names:tc:STORK:1.0:assertion" + xmlns:storkp="urn:eu:stork:names:tc:STORK:1.0:protocol" + xmlns:eidas="http://eidas.europa.eu/saml-extensions" + xmlns="http://www.opensaml.org/xmltooling-config"> + +<!-- SAML 2.0 Protocol Object providers --> + <ValidatorSuites> + <!-- SAML 2.0 Schema Validation Rules --> + + <ValidatorSuite id="moaEidasResponseValidatorSuiteId"> + + <Validator qualifiedName="saml2p:Response" + className="eu.eidas.auth.engine.core.validator.eidas.EidasResponseOneAssertionValidator"/> + + <Validator qualifiedName="saml2p:Response" + className="eu.eidas.auth.engine.core.validator.eidas.EidasResponseValidator"/> + + <Validator qualifiedName="saml2:Assertion" + className="eu.eidas.auth.engine.core.validator.eidas.EidasAssertionValidator"/> + + + <Validator qualifiedName="saml2:Conditions" + className="at.gv.egovernment.moa.id.auth.modules.eidas.engine.validation.MoaEidasConditionsValidator"/> + + <Validator qualifiedName="saml2:AuthnStatement" + className="eu.eidas.auth.engine.core.validator.eidas.EidasAuthnStatementValidator"/> + + <Validator qualifiedName="saml2:Attribute" + className="eu.eidas.auth.engine.core.validator.eidas.EidasAttributeValidator"/> + + </ValidatorSuite> + + + </ValidatorSuites> + + +</XMLTooling>
\ No newline at end of file diff --git a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/ReceiveElgaMandateResponseTask.java b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/ReceiveElgaMandateResponseTask.java index 07bde7762..81c3322c9 100644 --- a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/ReceiveElgaMandateResponseTask.java +++ b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/ReceiveElgaMandateResponseTask.java @@ -175,7 +175,7 @@ public class ReceiveElgaMandateResponseTask extends AbstractAuthServletTask { } //store MOASession - authenticatedSessionStorage.storeSession(moasession); + requestStoreage.storePendingRequest(pendingReq); //write revisions log entry revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_ELGA_MANDATE_RECEIVED, diff --git a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/utils/ELGAMandateServiceMetadataProvider.java b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/utils/ELGAMandateServiceMetadataProvider.java index b538ba3e9..b35ffdf62 100644 --- a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/utils/ELGAMandateServiceMetadataProvider.java +++ b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/utils/ELGAMandateServiceMetadataProvider.java @@ -23,6 +23,7 @@ package at.gv.egovernment.moa.id.auth.modules.elgamandates.utils; import java.util.List; +import java.util.Timer; import javax.xml.namespace.QName; @@ -38,6 +39,7 @@ import org.opensaml.xml.XMLObject; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; +import at.gv.egovernment.moa.id.auth.IDestroyableObject; import at.gv.egovernment.moa.id.auth.modules.elgamandates.ELGAMandatesAuthConstants; import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; import at.gv.egovernment.moa.id.protocols.pvp2x.metadata.SimpleMOAMetadataProvider; @@ -53,11 +55,13 @@ import at.gv.egovernment.moa.util.MiscUtil; */ @Service("ELGAMandate_MetadataProvider") -public class ELGAMandateServiceMetadataProvider extends SimpleMOAMetadataProvider { +public class ELGAMandateServiceMetadataProvider extends SimpleMOAMetadataProvider + implements IDestroyableObject { @Autowired AuthConfiguration authConfig; private ChainingMetadataProvider metadataProvider = new ChainingMetadataProvider(); + private Timer timer = null; public ELGAMandateServiceMetadataProvider() { @@ -74,6 +78,8 @@ public class ELGAMandateServiceMetadataProvider extends SimpleMOAMetadataProvide fullyDestroy(); } + + /* (non-Javadoc) * @see org.opensaml.saml2.metadata.provider.MetadataProvider#requireValidMetadata() @@ -240,7 +246,11 @@ public class ELGAMandateServiceMetadataProvider extends SimpleMOAMetadataProvide Logger.error("Create ELGA Mandate-Service Client FAILED: No trustProfileID to verify PVP metadata." ); throw new MetadataProviderException("No trustProfileID to verify PVP metadata."); } - + + //initialize Timer if it is null + if (timer == null) + timer = new Timer(true); + //create metadata validation filter chain MetadataFilterChain filter = new MetadataFilterChain(); filter.addFilter(new SchemaValidationFilter(true)); @@ -248,7 +258,8 @@ public class ELGAMandateServiceMetadataProvider extends SimpleMOAMetadataProvide HTTPMetadataProvider idpMetadataProvider = createNewHTTPMetaDataProvider(metdataURL, filter, - ELGAMandatesAuthConstants.MODULE_NAME_FOR_LOGGING); + ELGAMandatesAuthConstants.MODULE_NAME_FOR_LOGGING, + timer); if (idpMetadataProvider == null) { Logger.error("Create ELGA Mandate-Service Client FAILED."); @@ -275,12 +286,20 @@ public class ELGAMandateServiceMetadataProvider extends SimpleMOAMetadataProvide } } - private void fullyDestroy() { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.IDestroyableObject#fullyDestroy() + */ + @Override + public void fullyDestroy() { + Logger.info("Destroy ELGA Mandate-Service PVP metadata pool ... "); + if (metadataProvider != null) { metadataProvider.destroy(); } + if (timer != null) + timer.cancel(); } } diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/json/OAuth20SignatureUtil.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/json/OAuth20SignatureUtil.java index 9f20ee956..cd7b8312d 100644 --- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/json/OAuth20SignatureUtil.java +++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/json/OAuth20SignatureUtil.java @@ -54,7 +54,7 @@ public final class OAuth20SignatureUtil { } else if (key instanceof ECPrivateKey) { Logger.debug("OAuth - going to uses SHA256withECDSA signature"); return OAuthSignatureAlgorithm.ECDSA256; - } else if (key instanceof iaik.security.ecc.ecdsa.ECPrivateKey) { + } else if (key instanceof iaik.security.ec.common.ECPrivateKey) { Logger.debug("OAuth - going to uses SHA256withECDSA signature with iaik"); return OAuthSignatureAlgorithm.ECDSA256_IAKIK; } else { @@ -69,7 +69,7 @@ public final class OAuth20SignatureUtil { } else if (key instanceof ECPublicKey) { Logger.debug("OAuth - going to uses SHA256withECDSA signature"); return OAuthSignatureAlgorithm.ECDSA256; - } else if (key instanceof iaik.security.ecc.ecdsa.ECPublicKey) { + } else if (key instanceof iaik.security.ec.common.ECPublicKey) { Logger.debug("OAuth - going to uses SHA256withECDSA signature with iaik"); return OAuthSignatureAlgorithm.ECDSA256_IAKIK; } else { diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthAction.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthAction.java index 803ae388f..b9bed7a22 100644 --- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthAction.java +++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthAction.java @@ -93,7 +93,7 @@ class OAuth20AuthAction implements IAction { // store data in oath session - transactionStorage.put(code, o); + transactionStorage.put(code, o, -1); Logger.debug("Saved OAuth20SessionObject in session with id: " + code); diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java index 98fcdc8dc..258b77b98 100644 --- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java +++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java @@ -28,6 +28,7 @@ import java.util.Map; import javax.servlet.http.HttpServletRequest; +import org.opensaml.saml2.metadata.provider.MetadataProvider; import org.springframework.beans.factory.config.BeanDefinition; import org.springframework.context.annotation.Scope; import org.springframework.stereotype.Component; @@ -209,7 +210,7 @@ public class OAuth20AuthRequest extends OAuth20BaseRequest { * @see at.gv.egovernment.moa.id.moduls.RequestImpl#getRequestedAttributes() */ @Override - public Collection<String> getRequestedAttributes() { + public Collection<String> getRequestedAttributes(MetadataProvider metadataProvider) { Map<String, String> reqAttr = new HashMap<String, String>(); for (String el : PVP2XProtocol.DEFAULTREQUESTEDATTRFORINTERFEDERATION) reqAttr.put(el, ""); diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenRequest.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenRequest.java index f35de9c58..50638ebf8 100644 --- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenRequest.java +++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenRequest.java @@ -26,6 +26,7 @@ import java.util.Collection; import javax.servlet.http.HttpServletRequest; +import org.opensaml.saml2.metadata.provider.MetadataProvider; import org.springframework.beans.factory.config.BeanDefinition; import org.springframework.context.annotation.Scope; import org.springframework.stereotype.Component; @@ -168,7 +169,7 @@ class OAuth20TokenRequest extends OAuth20BaseRequest { * @see at.gv.egovernment.moa.id.moduls.RequestImpl#getRequestedAttributes() */ @Override - public Collection<String> getRequestedAttributes() { + public Collection<String> getRequestedAttributes(MetadataProvider metadataProvider) { return null; } } diff --git a/id/server/modules/moa-id-module-openID/src/test/java/test/at/gv/egovernment/moa/id/auth/oauth/CertTest.java b/id/server/modules/moa-id-module-openID/src/test/java/test/at/gv/egovernment/moa/id/auth/oauth/CertTest.java index 6cf1e8280..35bbac6e7 100644 --- a/id/server/modules/moa-id-module-openID/src/test/java/test/at/gv/egovernment/moa/id/auth/oauth/CertTest.java +++ b/id/server/modules/moa-id-module-openID/src/test/java/test/at/gv/egovernment/moa/id/auth/oauth/CertTest.java @@ -22,15 +22,10 @@ *******************************************************************************/ package test.at.gv.egovernment.moa.id.auth.oauth; -import iaik.security.ecc.provider.ECCProvider; - import java.security.KeyStore; import java.security.PrivateKey; import java.security.cert.X509Certificate; -import net.oauth.jsontoken.crypto.Signer; -import net.oauth.jsontoken.crypto.Verifier; - import org.opensaml.xml.security.x509.BasicX509Credential; import org.testng.Assert; import org.testng.annotations.Test; @@ -39,6 +34,9 @@ import at.gv.egovernment.moa.id.protocols.oauth20.json.OAuth20SHA256Signer; import at.gv.egovernment.moa.id.protocols.oauth20.json.OAuth20SHA256Verifier; import at.gv.egovernment.moa.util.KeyStoreUtils; +import net.oauth.jsontoken.crypto.Signer; +import net.oauth.jsontoken.crypto.Verifier; + public class CertTest { /** KeyStore Path */ @@ -122,7 +120,7 @@ public class CertTest { @Test public void testECDSA() throws Exception { - ECCProvider.addAsProvider(); + //ECCProvider.addAsProvider(); // Security.addProvider(new ECCProvider()); BasicX509Credential credential = this.getCredentials(this.ecdsaKeyStorePath); diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferAuthenticationData.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferAuthenticationData.java index 78cbd788d..2f6a54027 100644 --- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferAuthenticationData.java +++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferAuthenticationData.java @@ -28,14 +28,14 @@ import java.util.List; import org.w3c.dom.Element; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; -import at.gv.egovernment.moa.id.auth.data.IdentityLink; import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; +import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession; +import at.gv.egovernment.moa.id.commons.api.data.IIdentityLink; +import at.gv.egovernment.moa.id.commons.api.data.IMISMandate; import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; import at.gv.egovernment.moa.id.data.AuthenticationRole; import at.gv.egovernment.moa.id.data.IAuthData; -import at.gv.egovernment.moa.id.data.MISMandate; import at.gv.egovernment.moa.logging.Logger; /** @@ -44,10 +44,10 @@ import at.gv.egovernment.moa.logging.Logger; */ public class SSOTransferAuthenticationData implements IAuthData { - private AuthenticationSession authSession = null; + private IAuthenticationSession authSession = null; boolean isIDPPrivateService = true; - public SSOTransferAuthenticationData(AuthConfiguration authConfig, AuthenticationSession authSession) throws ConfigurationException { + public SSOTransferAuthenticationData(AuthConfiguration authConfig, IAuthenticationSession authSession) throws ConfigurationException { this.authSession = authSession; String domainIdentifier = authConfig.getSSOTagetIdentifier(); if (domainIdentifier != null) @@ -197,9 +197,9 @@ public class SSOTransferAuthenticationData implements IAuthData { * @see at.gv.egovernment.moa.id.data.IAuthData#getIdentityLink() */ @Override - public IdentityLink getIdentityLink() { + public IIdentityLink getIdentityLink() { return this.authSession.getIdentityLink(); - } + } /* (non-Javadoc) * @see at.gv.egovernment.moa.id.data.IAuthData#getSignerCertificate() @@ -272,7 +272,7 @@ public class SSOTransferAuthenticationData implements IAuthData { * @see at.gv.egovernment.moa.id.data.IAuthData#getMISMandate() */ @Override - public MISMandate getMISMandate() { + public IMISMandate getMISMandate() { return this.authSession.getMISMandate(); } diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferOnlineApplication.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferOnlineApplication.java index af180ff10..3affa17b3 100644 --- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferOnlineApplication.java +++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferOnlineApplication.java @@ -265,7 +265,7 @@ public class SSOTransferOnlineApplication implements IOAAuthParameters { * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getQaaLevel() */ @Override - public Integer getQaaLevel() { + public String getQaaLevel() { // TODO Auto-generated method stub return null; } diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferServlet.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferServlet.java index b18425839..7d1bfd7b9 100644 --- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferServlet.java +++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferServlet.java @@ -82,6 +82,7 @@ import at.gv.egovernment.moa.id.auth.modules.ssotransfer.data.SSOTransferContain import at.gv.egovernment.moa.id.auth.modules.ssotransfer.utils.SSOContainerUtils; import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser; import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; +import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession; import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; import at.gv.egovernment.moa.id.commons.api.exceptions.SessionDataStorageException; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; @@ -190,7 +191,7 @@ public class SSOTransferServlet{ Logger.debug("Load token:" + token + " from storage."); SSOTransferContainer container = transactionStorage.get(token, SSOTransferContainer.class, transmisionTimeOut * 1000); if (container != null) { - AuthenticationSession moaSession = new AuthenticationSession("123456", new Date()); + IAuthenticationSession moaSession = new AuthenticationSession("123456", new Date()); URL idlURL = new URL(FileUtils.makeAbsoluteURL( authConfig.getMonitoringTestIdentityLinkURL(), @@ -288,7 +289,7 @@ public class SSOTransferServlet{ try { SSOTransferContainer container = transactionStorage.get(token, SSOTransferContainer.class, transmisionTimeOut); if (container != null) { - AuthenticationSession moaSession = authenticationSessionStorage.getSession(container.getMoaSessionID()); + IAuthenticationSession moaSession = authenticationSessionStorage.getInternalSSOSession(container.getMoaSessionID()); if (moaSession != null) { internalTransferPersonalInformation(req, resp, container, moaSession, false); @@ -405,19 +406,16 @@ public class SSOTransferServlet{ //create first step of SSO Transfer GUI - String moaSessionID = authenticationSessionStorage.getMOASessionSSOID(ssoid); - if (MiscUtil.isNotEmpty(moaSessionID)) { - AuthenticationSession authSession = authenticationSessionStorage.getSession(moaSessionID); - if(authSession != null) { - internalCreateQRCodeForTransfer(resp, authURL, - authSession.getSessionID(), - SSOTransferConstants.SERVLET_SSOTRANSFER_TO_SMARTPHONE, config); + IAuthenticationSession authSession = authenticationSessionStorage.getInternalMOASessionWithSSOID(ssoid); + if(authSession != null) { + internalCreateQRCodeForTransfer(resp, authURL, + authSession.getSessionID(), + SSOTransferConstants.SERVLET_SSOTRANSFER_TO_SMARTPHONE, config); - return; - } + return; } - } + config.putCustomParameter("errorMsg", "No active Single Sign-On session found! SSO Session transfer is not possible."); @@ -439,7 +437,7 @@ public class SSOTransferServlet{ } private void internalTransferPersonalInformation(HttpServletRequest req, HttpServletResponse resp, - SSOTransferContainer container, AuthenticationSession moaSession, boolean developmentMode) throws IOException, InvalidKeyException, NoSuchAlgorithmException, InvalidKeySpecException, OperatorCreationException, CredentialsNotAvailableException, PKCSException, CertificateException, SessionDataStorageException, IllegalBlockSizeException, BadPaddingException, NoSuchPaddingException { + SSOTransferContainer container, IAuthenticationSession moaSession, boolean developmentMode) throws IOException, InvalidKeyException, NoSuchAlgorithmException, InvalidKeySpecException, OperatorCreationException, CredentialsNotAvailableException, PKCSException, CertificateException, SessionDataStorageException, IllegalBlockSizeException, BadPaddingException, NoSuchPaddingException { Logger.debug(""); JsonObject receivedData = getJSONObjectFromPostMessage(req, developmentMode); @@ -535,7 +533,7 @@ public class SSOTransferServlet{ container.setDhParams(dhKeyIDP); //store container - transactionStorage.put(token, container); + transactionStorage.put(token, container,(int)transmisionTimeOut); //build QR code String containerURL = authURL diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/RestoreSSOSessionTask.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/RestoreSSOSessionTask.java index 003ce8c21..cf4590fc1 100644 --- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/RestoreSSOSessionTask.java +++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/RestoreSSOSessionTask.java @@ -200,14 +200,7 @@ public class RestoreSSOSessionTask extends AbstractAuthServletTask { ssoTransferUtils.parseSSOContainerToMOASessionDataObject(pendingReq, moasession, attributeExtractor); // store MOASession into database - try { - authenticatedSessionStorage.storeSession(moasession); - - } catch (MOADatabaseException e) { - Logger.error("Database Error! MOASession is not stored!"); - throw new MOAIDException("init.04", new Object[] { - moasession.getSessionID()}); - } + requestStoreage.storePendingRequest(pendingReq); executionContext.put(SSOTransferConstants.FLAG_SSO_SESSION_RESTORED, true); executionContext.put("sessionRestoreFinished", false); diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/SSOContainerUtils.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/SSOContainerUtils.java index 0785f767b..568ffb330 100644 --- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/SSOContainerUtils.java +++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/SSOContainerUtils.java @@ -97,7 +97,6 @@ import org.w3c.dom.NodeList; import com.google.gson.JsonObject; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.ParseException; import at.gv.egovernment.moa.id.auth.modules.ssotransfer.SSOTransferConstants; import at.gv.egovernment.moa.id.auth.modules.ssotransfer.data.Pair; @@ -107,6 +106,8 @@ import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser; import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.commons.api.IRequest; +import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession; +import at.gv.egovernment.moa.id.commons.api.data.IMISMandate; import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; @@ -168,7 +169,7 @@ public class SSOContainerUtils { @Autowired SAMLVerificationEngineSP samlVerificationEngine; @Autowired AuthConfiguration authConfig; - public void parseSSOContainerToMOASessionDataObject(IRequest pendingReq, AuthenticationSession moasession, AssertionAttributeExtractor attributeExtractor) throws AssertionAttributeExtractorExeption, ConfigurationException { + public void parseSSOContainerToMOASessionDataObject(IRequest pendingReq, IAuthenticationSession moasession, AssertionAttributeExtractor attributeExtractor) throws AssertionAttributeExtractorExeption, ConfigurationException { // AssertionAttributeExtractor attributeExtractor = new AssertionAttributeExtractor(ssoInformation); //TODO: maybe change to correct URL @@ -233,7 +234,7 @@ public class SSOContainerUtils { Logger.info("Found mandate information in SSO session-container."); try { - MISMandate mandate = new MISMandate(); + IMISMandate mandate = new MISMandate(); String mandateFull = attributeExtractor.getSingleAttributeValue(PVPConstants.MANDATE_FULL_MANDATE_NAME); if (MiscUtil.isNotEmpty(mandateFull)) { @@ -336,7 +337,7 @@ public class SSOContainerUtils { public String generateSignedAndEncryptedSSOContainer(String authURL, - AuthenticationSession authSession, Date date, byte[] hashedSecret) { + IAuthenticationSession authSession, Date date, byte[] hashedSecret) { try { String entityID = PVPConfiguration.getInstance().getIDPSSOMetadataService(authURL); AuthnContextClassRef authnContextClassRef = SAML2Utils @@ -527,7 +528,7 @@ public class SSOContainerUtils { } - private static List<Attribute> buildSSOAttributeForTransfer(AuthenticationSession authSession, IAuthData authData) { + private static List<Attribute> buildSSOAttributeForTransfer(IAuthenticationSession authSession, IAuthData authData) { List<Attribute> attrList = new ArrayList<Attribute>(); IOAAuthParameters oaParam = new SSOTransferOnlineApplication(); diff --git a/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/CreateAuthnRequestTask.java b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/CreateAuthnRequestTask.java index d581e7e75..f5896bc25 100644 --- a/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/CreateAuthnRequestTask.java +++ b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/CreateAuthnRequestTask.java @@ -62,7 +62,7 @@ public class CreateAuthnRequestTask extends AbstractAuthServletTask { @Autowired PVPAuthnRequestBuilder authnReqBuilder; @Autowired FederatedAuthCredentialProvider credential; - + @Autowired(required=true) MOAMetadataProvider metadataProvider; /* (non-Javadoc) * @see at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask#execute(at.gv.egovernment.moa.id.process.api.ExecutionContext, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) @@ -95,7 +95,7 @@ public class CreateAuthnRequestTask extends AbstractAuthServletTask { } //load IDP SAML2 entitydescriptor - EntityDescriptor idpEntity = MOAMetadataProvider.getInstance(). + EntityDescriptor idpEntity = metadataProvider. getEntityDescriptor(idpEntityID); if (idpEntity == null) { Logger.warn("Requested IDP " + idpEntityID diff --git a/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/ReceiveAuthnResponseTask.java b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/ReceiveAuthnResponseTask.java index 1c3134b77..8f5a231ee 100644 --- a/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/ReceiveAuthnResponseTask.java +++ b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/ReceiveAuthnResponseTask.java @@ -75,6 +75,7 @@ import at.gv.egovernment.moa.id.protocols.pvp2x.utils.AssertionAttributeExtracto import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils; import at.gv.egovernment.moa.id.protocols.pvp2x.verification.SAMLVerificationEngineSP; import at.gv.egovernment.moa.id.protocols.pvp2x.verification.TrustEngineFactory; +import at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; @@ -90,7 +91,8 @@ public class ReceiveAuthnResponseTask extends AbstractAuthServletTask { @Autowired private SSOManager ssoManager; @Autowired private AttributQueryBuilder attributQueryBuilder; @Autowired private AuthenticationDataBuilder authDataBuilder; - + @Autowired(required=true) MOAMetadataProvider metadataProvider; + @Autowired(required=true) protected IAuthenticationSessionStoreage authenticatedSessionStorage; /* (non-Javadoc) @@ -125,7 +127,7 @@ public class ReceiveAuthnResponseTask extends AbstractAuthServletTask { //decode PVP response object msg = (InboundMessage) decoder.decode( - request, response, MOAMetadataProvider.getInstance(), true, + request, response, metadataProvider, true, comperator); if (MiscUtil.isEmpty(msg.getEntityID())) { @@ -135,7 +137,7 @@ public class ReceiveAuthnResponseTask extends AbstractAuthServletTask { //validate response signature if(!msg.isVerified()) { - samlVerificationEngine.verify(msg, TrustEngineFactory.getSignatureKnownKeysTrustEngine(MOAMetadataProvider.getInstance())); + samlVerificationEngine.verify(msg, TrustEngineFactory.getSignatureKnownKeysTrustEngine(metadataProvider)); msg.setVerified(true); } @@ -176,7 +178,7 @@ public class ReceiveAuthnResponseTask extends AbstractAuthServletTask { PVPTargetConfiguration.DATAID_INTERFEDERATION_QAALEVEL, extractor.getQAALevel()); authenticatedSessionStorage. - addFederatedSessionInformation(pendingReq, + addFederatedSessionInformation(pendingReq, idpConfig.getPublicURLPrefix(), extractor); } else { @@ -192,9 +194,6 @@ public class ReceiveAuthnResponseTask extends AbstractAuthServletTask { addFederatedSessionInformation(pendingReq, idpConfig.getPublicURLPrefix(), extractor); - //update MOASession - authenticatedSessionStorage.storeSession(moasession); - } //store valid assertion into pending-request @@ -247,7 +246,7 @@ public class ReceiveAuthnResponseTask extends AbstractAuthServletTask { try { Logger.debug("Service Provider is no federated IDP --> start Attribute validation or requesting ... "); - Collection<String> requestedAttr = pendingReq.getRequestedAttributes(); + Collection<String> requestedAttr = pendingReq.getRequestedAttributes(metadataProvider); //check if SAML2 Assertion contains a minimal set of attributes if (!extractor.containsAllRequiredAttributes()) { @@ -267,7 +266,7 @@ public class ReceiveAuthnResponseTask extends AbstractAuthServletTask { //check if all attributes are include if (!extractor.containsAllRequiredAttributes( - pendingReq.getRequestedAttributes())) { + pendingReq.getRequestedAttributes(metadataProvider))) { Logger.warn("PVP Response from federated IDP contains not all requested attributes."); throw new AssertionValidationExeption("sp.pvp2.06", new Object[]{FederatedAuthConstants.MODULE_NAME_FOR_LOGGING}); diff --git a/id/server/modules/moa-id-modules-saml1/pom.xml b/id/server/modules/moa-id-modules-saml1/pom.xml index 323edee8d..0463bf8d9 100644 --- a/id/server/modules/moa-id-modules-saml1/pom.xml +++ b/id/server/modules/moa-id-modules-saml1/pom.xml @@ -26,6 +26,13 @@ </dependency> <dependency> + <groupId>MOA.id.server</groupId> + <artifactId>moa-id-commons</artifactId> + <type>test-jar</type> + <scope>test</scope> + </dependency> + + <dependency> <groupId>MOA.id.server</groupId> <artifactId>moa-id-lib</artifactId> </dependency> diff --git a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java index fc04fa9a7..f6c8cb6e3 100644 --- a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java +++ b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java @@ -29,9 +29,9 @@ import java.text.MessageFormat; import java.util.Calendar; import java.util.List; -import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute; import at.gv.egovernment.moa.id.auth.exception.BuildException; import at.gv.egovernment.moa.id.auth.exception.ParseException; +import at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute; import at.gv.egovernment.moa.id.data.AuthenticationData; import at.gv.egovernment.moa.id.protocols.saml1.SAML1AuthenticationData; import at.gv.egovernment.moa.logging.Logger; diff --git a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java index c421bf8cc..d3ebffdfd 100644 --- a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java +++ b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java @@ -22,16 +22,12 @@ *******************************************************************************/ package at.gv.egovernment.moa.id.protocols.saml1; -import java.util.List; - import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionStorageConstants; -import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.servlet.RedirectServlet; import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; @@ -43,7 +39,6 @@ import at.gv.egovernment.moa.id.data.SLOInformationInterface; import at.gv.egovernment.moa.id.moduls.IAction; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.URLEncoder; -import eu.eidas.auth.commons.IPersonalAttributeList; @Service("SAML1_GetArtifactAction") public class GetArtifactAction implements IAction { @@ -74,13 +69,16 @@ public class GetArtifactAction implements IAction { try { IOAAuthParameters oaParam = req.getOnlineApplicationConfiguration(); + //TODO: add eIDAS to SAML1 protocol if it is really necessary + // add other stork attributes to MOA assertion if available - IPersonalAttributeList storkAttributes = authData.getGenericData( - AuthenticationSessionStorageConstants.STORK_ATTRIBUTELIST, - IPersonalAttributeList.class); +// IPersonalAttributeList storkAttributes = authData.getGenericData( +// AuthenticationSessionStorageConstants.STORK_ATTRIBUTELIST, +// IPersonalAttributeList.class); + Object storkAttributes = null; if(null != storkAttributes) { - List<ExtendedSAMLAttribute> moaExtendedSAMLAttibutes = saml1server.addAdditionalSTORKAttributes(storkAttributes); - authData.getExtendedSAMLAttributesOA().addAll(moaExtendedSAMLAttibutes); +// List<ExtendedSAMLAttribute> moaExtendedSAMLAttibutes = saml1server.addAdditionalSTORKAttributes(storkAttributes); +// authData.getExtendedSAMLAttributesOA().addAll(moaExtendedSAMLAttibutes); Logger.info("MOA assertion assembled and SAML Artifact generated."); } diff --git a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationData.java b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationData.java index d48c0a9bb..2a7cce89e 100644 --- a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationData.java +++ b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationData.java @@ -49,7 +49,7 @@ package at.gv.egovernment.moa.id.protocols.saml1; import java.text.ParseException; import java.util.List; -import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute; +import at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute; import at.gv.egovernment.moa.id.data.AuthenticationData; import at.gv.egovernment.moa.id.util.Random; import at.gv.egovernment.moa.logging.Logger; diff --git a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java index 0ec0d95a2..df8f13544 100644 --- a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java +++ b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java @@ -25,7 +25,6 @@ package at.gv.egovernment.moa.id.protocols.saml1; import java.io.ByteArrayOutputStream; import java.io.IOException; import java.util.List; -import java.util.Vector; import java.util.regex.Matcher; import java.util.regex.Pattern; @@ -37,7 +36,6 @@ import javax.xml.namespace.QName; import javax.xml.parsers.ParserConfigurationException; import javax.xml.transform.TransformerException; -import org.apache.commons.lang3.StringEscapeUtils; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; import org.w3c.dom.Element; @@ -51,8 +49,6 @@ import at.gv.egovernment.moa.id.auth.builder.BPKBuilder; import at.gv.egovernment.moa.id.auth.builder.PersonDataBuilder; import at.gv.egovernment.moa.id.auth.builder.SAMLArtifactBuilder; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; -import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute; -import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttributeImpl; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.exception.BuildException; import at.gv.egovernment.moa.id.auth.exception.ParseException; @@ -63,6 +59,7 @@ import at.gv.egovernment.moa.id.auth.validator.parep.ParepUtils; import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.commons.api.IRequest; +import at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute; import at.gv.egovernment.moa.id.commons.api.data.SAML1ConfigurationParameters; import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; @@ -82,8 +79,6 @@ import at.gv.util.xsd.persondata.IdentificationType.Value; import at.gv.util.xsd.persondata.PersonNameType; import at.gv.util.xsd.persondata.PersonNameType.FamilyName; import at.gv.util.xsd.persondata.PhysicalPersonType; -import eu.eidas.auth.commons.IPersonalAttributeList; -import eu.eidas.auth.commons.PersonalAttribute; //import at.gv.egovernment.moa.id.util.IdentityLinkReSigner; @Service("SAML1AuthenticationServer") @@ -95,7 +90,7 @@ public class SAML1AuthenticationServer extends AuthenticationServer { * time out in milliseconds used by {@link cleanup} for authentication data * store */ - private static final long authDataTimeOut = 2 * 60 * 1000; // default 2 minutes + private static final int authDataTimeOut = 2 * 60 * 1000; // default 2 minutes public Throwable getErrorResponse(String samlArtifact) throws AuthenticationException { @@ -127,41 +122,43 @@ public class SAML1AuthenticationServer extends AuthenticationServer { return error; } - /** - * Transforms additional STORK attributes to MOA Extended attributes - * @param iPersonalAttributeList STORK attribute list - * @return - */ - public List<ExtendedSAMLAttribute> addAdditionalSTORKAttributes(IPersonalAttributeList iPersonalAttributeList) { - List<ExtendedSAMLAttribute> moaExtendedSAMLAttributeList = new Vector<ExtendedSAMLAttribute>(); - - if(null == iPersonalAttributeList) - return moaExtendedSAMLAttributeList; - - Logger.trace("Adding the following attributes to MOA assertion: "); - int count = 0; - - for (PersonalAttribute attribute : iPersonalAttributeList) { - Object attributeValue = attribute.getValue(); - if (null == attributeValue) - attributeValue = attribute.getComplexValue(); - - // escape attributeValue - attributeValue = StringEscapeUtils.escapeXml10(attributeValue.toString()); - // and remove trailing and tailing brackets. Might break something but we never saw an array with more than one entry! - attributeValue = ((String) attributeValue).substring(1, ((String) attributeValue).length() - 1); - - ExtendedSAMLAttribute extendedSAMLAttribute = - new ExtendedSAMLAttributeImpl(attribute.getName(), attributeValue, Constants.STORK_NS_URI, 0); - moaExtendedSAMLAttributeList.add(extendedSAMLAttribute); - count++; - Logger.trace("Additional attribute: " + attribute.getName()); - } - - Logger.debug("Added " + count + " STORK attribute(s) to the MOA assertion."); - - return moaExtendedSAMLAttributeList; - } + + //TODO: add eIDAS to SAML1 protocol if it is really necessary +// /** +// * Transforms additional STORK attributes to MOA Extended attributes +// * @param iPersonalAttributeList STORK attribute list +// * @return +// */ +// public List<ExtendedSAMLAttribute> addAdditionalSTORKAttributes(IPersonalAttributeList iPersonalAttributeList) { +// List<ExtendedSAMLAttribute> moaExtendedSAMLAttributeList = new Vector<ExtendedSAMLAttribute>(); +// +// if(null == iPersonalAttributeList) +// return moaExtendedSAMLAttributeList; +// +// Logger.trace("Adding the following attributes to MOA assertion: "); +// int count = 0; +// +// for (PersonalAttribute attribute : iPersonalAttributeList) { +// Object attributeValue = attribute.getValue(); +// if (null == attributeValue) +// attributeValue = attribute.getComplexValue(); +// +// // escape attributeValue +// attributeValue = StringEscapeUtils.escapeXml10(attributeValue.toString()); +// // and remove trailing and tailing brackets. Might break something but we never saw an array with more than one entry! +// attributeValue = ((String) attributeValue).substring(1, ((String) attributeValue).length() - 1); +// +// ExtendedSAMLAttribute extendedSAMLAttribute = +// new ExtendedSAMLAttributeImpl(attribute.getName(), attributeValue, Constants.STORK_NS_URI, 0); +// moaExtendedSAMLAttributeList.add(extendedSAMLAttribute); +// count++; +// Logger.trace("Additional attribute: " + attribute.getName()); +// } +// +// Logger.debug("Added " + count + " STORK attribute(s) to the MOA assertion."); +// +// return moaExtendedSAMLAttributeList; +// } /** @@ -210,7 +207,7 @@ public class SAML1AuthenticationServer extends AuthenticationServer { protocolRequest.getOAURL(), protocolRequest.getRequestID(), null); - authenticationDataStore.put(samlArtifact, error); + authenticationDataStore.put(samlArtifact, error, authDataTimeOut); return samlArtifact; } @@ -721,7 +718,7 @@ public class SAML1AuthenticationServer extends AuthenticationServer { //synchronized (authenticationDataStore) { Logger.debug("Assertion stored for SAML Artifact: " + samlArtifact); - authenticationDataStore.put(samlArtifact, samlAssertion); + authenticationDataStore.put(samlArtifact, samlAssertion,authDataTimeOut); //} } catch (AuthenticationException ex) { diff --git a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1RequestImpl.java b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1RequestImpl.java index 42fafc01e..1d3525626 100644 --- a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1RequestImpl.java +++ b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1RequestImpl.java @@ -26,6 +26,7 @@ import java.util.ArrayList; import java.util.Collection; import java.util.List; +import org.opensaml.saml2.metadata.provider.MetadataProvider; import org.springframework.beans.factory.config.BeanDefinition; import org.springframework.context.annotation.Scope; import org.springframework.stereotype.Component; @@ -81,7 +82,7 @@ public class SAML1RequestImpl extends RequestImpl { * @see at.gv.egovernment.moa.id.moduls.RequestImpl#getRequestedAttributes() */ @Override - public Collection<String> getRequestedAttributes() { + public Collection<String> getRequestedAttributes(MetadataProvider metadataProvider) { List<String> reqAttr = new ArrayList<String>(); reqAttr.addAll(SAML1Protocol.DEFAULTREQUESTEDATTRFORINTERFEDERATION); diff --git a/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/auth/servlet/MonitoringServlet.java b/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/auth/servlet/MonitoringController.java index 9adf2edc3..b232b9512 100644 --- a/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/auth/servlet/MonitoringServlet.java +++ b/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/auth/servlet/MonitoringController.java @@ -24,7 +24,6 @@ package at.gv.egovernment.moa.id.auth.servlet; import java.io.IOException; import java.io.PrintWriter; -import java.util.Arrays; import java.util.List; import javax.servlet.ServletException; @@ -37,39 +36,51 @@ import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; -import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; import at.gv.egovernment.moa.id.monitoring.TestManager; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; @Controller -public class MonitoringServlet { +public class MonitoringController { private static final String REQUEST_ATTR_MODULE = "module"; @Autowired private AuthConfiguration authConfig; + @Autowired private TestManager tests; - public MonitoringServlet() { + public MonitoringController() { super(); Logger.debug("Registering servlet " + getClass().getName() + " with mapping '/MonitoringServlet'."); } @RequestMapping(value = "/MonitoringServlet", method = RequestMethod.GET) public void getStatusInformation(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException { + throws ServletException, IOException{ - try { - if (authConfig.isMonitoringActive()) { - Logger.debug("Monitoring Servlet received request"); + if (authConfig.isMonitoringActive()) { + Logger.debug("Monitoring Servlet received request"); - TestManager tests = TestManager.getInstance(); - - String modulename = req.getParameter(REQUEST_ATTR_MODULE); - if (MiscUtil.isEmpty(modulename)) { + + + String modulename = req.getParameter(REQUEST_ATTR_MODULE); + if (MiscUtil.isEmpty(modulename)) { + + List<String> error = tests.executeTests(); + if (error != null && error.size() > 0) { + createErrorMessage(req, resp, error); + + } else { + resp.setStatus(HttpServletResponse.SC_OK); + resp.setContentType("text/html;charset=UTF-8"); + resp.getWriter().write(getHtml(authConfig.getMonitoringMessageSuccess())); + Logger.info("Monitoring Servlet finished without errors"); + } - List<String> error = tests.executeTests(); - if (error != null && error.size() > 0) { - createErrorMessage(req, resp, error); + } else { + if (tests.existsModule(modulename)) { + List<String> errors = tests.executeTest(modulename); + if (errors != null && errors.size() > 0) { + createErrorMessage(req, resp, errors); } else { resp.setStatus(HttpServletResponse.SC_OK); @@ -79,38 +90,21 @@ public class MonitoringServlet { } } else { - if (tests.existsModule(modulename)) { - List<String> errors = tests.executeTest(modulename); - if (errors != null && errors.size() > 0) { - createErrorMessage(req, resp, errors); - - } else { - resp.setStatus(HttpServletResponse.SC_OK); - resp.setContentType("text/html;charset=UTF-8"); - resp.getWriter().write(getHtml(authConfig.getMonitoringMessageSuccess())); - Logger.info("Monitoring Servlet finished without errors"); - } - - } else { - Logger.warn("NO Testmodule exists with modulename " + modulename); - resp.setStatus(HttpServletResponse.SC_NOT_FOUND); - resp.setContentType("text/html;charset=UTF-8"); - PrintWriter out; - try { - out = new PrintWriter(resp.getOutputStream()); - out.write("NO Testmodule exists with modulename " + modulename); - out.flush(); - - } catch (IOException e) { - Logger.warn("Internal Monitoring Servlet Error. ", e); - } - } - - } - } - - } catch (ConfigurationException e) { - createErrorMessage(req, resp, Arrays.asList(e.getMessage())); + Logger.warn("NO Testmodule exists with modulename " + modulename); + resp.setStatus(HttpServletResponse.SC_NOT_FOUND); + resp.setContentType("text/html;charset=UTF-8"); + PrintWriter out; + try { + out = new PrintWriter(resp.getOutputStream()); + out.write("NO Testmodule exists with modulename " + modulename); + out.flush(); + + } catch (IOException e) { + Logger.warn("Internal Monitoring Servlet Error. ", e); + } + } + + } } } diff --git a/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/DatabaseTestModule.java b/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/DatabaseTestModule.java index 5e4183146..b21c5e93f 100644 --- a/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/DatabaseTestModule.java +++ b/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/DatabaseTestModule.java @@ -23,23 +23,25 @@ package at.gv.egovernment.moa.id.monitoring; import java.util.ArrayList; -import java.util.Date; import java.util.List; -import org.hibernate.Query; -import org.hibernate.Session; - +import at.gv.egovernment.moa.id.advancedlogging.IStatisticLogger; import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; -import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils; -import at.gv.egovernment.moa.id.commons.db.StatisticLogDBUtils; -import at.gv.egovernment.moa.id.commons.db.dao.session.AssertionStore; -import at.gv.egovernment.moa.id.commons.db.dao.statistic.StatisticLog; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; +import at.gv.egovernment.moa.id.storage.ITransactionStorage; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; public class DatabaseTestModule implements TestModuleInterface{ + private ITransactionStorage transactionStorage; + private IStatisticLogger statLogUtils; + + public DatabaseTestModule(ITransactionStorage transactionStorage, IStatisticLogger statLogUtils){ + this.statLogUtils = statLogUtils; + this.transactionStorage = transactionStorage; + } + public List<String> performTests() throws Exception { Logger.trace("Start MOA-ID Database Test."); @@ -67,20 +69,9 @@ public class DatabaseTestModule implements TestModuleInterface{ private String testMOASessionDatabase() throws Exception{ Logger.trace("Start Test: MOASessionDatabase"); - - Date expioredate = new Date(new Date().getTime() - 120); - - try { - List<AssertionStore> results; - Session session = MOASessionDBUtils.getCurrentSession(); - - synchronized (session) { - session.beginTransaction(); - Query query = session.getNamedQuery("getAssertionWithTimeOut"); - query.setTimestamp("timeout", expioredate); - results = query.list(); - session.getTransaction().commit(); - } + + try { + transactionStorage.get("testKey"); Logger.trace("Finish Test: MOASessionDatabase"); return null; @@ -101,21 +92,9 @@ public class DatabaseTestModule implements TestModuleInterface{ return null; } - private String testMOAAdvancedLoggingDatabase() { - - Date expioredate = new Date(new Date().getTime() - 120); + private String testMOAAdvancedLoggingDatabase() { try { - Session session = StatisticLogDBUtils.getCurrentSession(); - - List<StatisticLog> results; - - synchronized (session) { - session.beginTransaction(); - Query query = session.getNamedQuery("getAllEntriesNotBeforeTimeStamp"); - query.setTimestamp("timeout", expioredate); - results = query.list(); - session.getTransaction().commit(); - } + statLogUtils.testConnection(); Logger.trace("Finish Test: AdvancedLoggingDataBase"); return null; diff --git a/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/IdentityLinkTestModule.java b/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/IdentityLinkTestModule.java index 7994e7a06..6372fefa8 100644 --- a/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/IdentityLinkTestModule.java +++ b/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/IdentityLinkTestModule.java @@ -29,8 +29,6 @@ import java.util.List; import org.w3c.dom.Element; import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder; -import at.gv.egovernment.moa.id.auth.data.IdentityLink; -import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse; import at.gv.egovernment.moa.id.auth.exception.ValidateException; import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker; import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser; @@ -38,6 +36,8 @@ import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser; import at.gv.egovernment.moa.id.auth.validator.IdentityLinkValidator; import at.gv.egovernment.moa.id.auth.validator.VerifyXMLSignatureResponseValidator; import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; +import at.gv.egovernment.moa.id.commons.api.data.IIdentityLink; +import at.gv.egovernment.moa.id.commons.api.data.IVerifiyXMLSignatureResponse; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.data.DynamicOAAuthParameters; import at.gv.egovernment.moa.logging.Logger; @@ -45,7 +45,7 @@ import at.gv.egovernment.moa.util.MiscUtil; public class IdentityLinkTestModule implements TestModuleInterface { - private static IdentityLink identityLink = null; + private static IIdentityLink identityLink = null; public void initializeTest(long delayParam, String url) throws Exception{ @@ -56,7 +56,7 @@ public class IdentityLinkTestModule implements TestModuleInterface { identityLink = new IdentityLinkAssertionParser(idlstream).parseIdentityLink(); } - } + } public List<String> performTests() throws Exception{ Logger.trace("Start MOA-ID IdentityLink Test"); @@ -74,7 +74,7 @@ public class IdentityLinkTestModule implements TestModuleInterface { .verifyXMLSignature(domVerifyXMLSignatureRequest); // parses the <VerifyXMLSignatureResponse> try { - VerifyXMLSignatureResponse verifyXMLSignatureResponse = new VerifyXMLSignatureResponseParser( + IVerifiyXMLSignatureResponse verifyXMLSignatureResponse = new VerifyXMLSignatureResponseParser( domVerifyXMLSignatureResponse).parseData(); DynamicOAAuthParameters oaParam = new DynamicOAAuthParameters(); diff --git a/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/MonitoringSpringResourceProvider.java b/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/MonitoringSpringResourceProvider.java new file mode 100644 index 000000000..0f7dfc7fe --- /dev/null +++ b/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/MonitoringSpringResourceProvider.java @@ -0,0 +1,29 @@ +package at.gv.egovernment.moa.id.monitoring; + +import org.springframework.core.io.ClassPathResource; +import org.springframework.core.io.Resource; + +import at.gv.egiz.components.spring.api.SpringResourceProvider; + +public class MonitoringSpringResourceProvider implements SpringResourceProvider{ + + @Override + public String getName() { + // TODO Auto-generated method stub + return "MOA-ID Monitoring Module"; + } + + @Override + public String[] getPackagesToScan() { + // TODO Auto-generated method stub + return null; + } + + @Override + public Resource[] getResourcesToLoad() { + ClassPathResource monitoringResource = new ClassPathResource("/moaid_monitoring.beans.xml", MonitoringSpringResourceProvider.class); + + return new Resource[] {monitoringResource}; + } + +} diff --git a/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/TestManager.java b/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/TestManager.java index b25eed520..9f0083fb8 100644 --- a/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/TestManager.java +++ b/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/TestManager.java @@ -27,49 +27,29 @@ import java.util.HashMap; import java.util.List; import java.util.Map; +import org.springframework.beans.factory.annotation.Autowired; + +import at.gv.egovernment.moa.id.advancedlogging.IStatisticLogger; import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; +import at.gv.egovernment.moa.id.storage.ITransactionStorage; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.FileUtils; -public class TestManager { - - private static TestManager instance; +public class TestManager{ + @Autowired private ITransactionStorage transactionStorage; + @Autowired(required=false) private IStatisticLogger statisticLogDBUtils = null; + @Autowired private AuthConfiguration authConfig; private Map<String, TestModuleInterface> tests = new HashMap<String, TestModuleInterface>(); - public static TestManager getInstance() throws ConfigurationException { - if (instance == null) - instance = new TestManager(); - - return instance; - } - - private TestManager() throws ConfigurationException { - - AuthConfiguration config = AuthConfigurationProviderFactory.getInstance(); - - //add Database test - DatabaseTestModule test1 = new DatabaseTestModule(); - tests.put(test1.getName(), test1); - - //add IdentityLink verification test - IdentityLinkTestModule test2 = new IdentityLinkTestModule(); - String idlurl = FileUtils.makeAbsoluteURL(config.getMonitoringTestIdentityLinkURL(), config.getRootConfigFileDir()); - try { - test2.initializeTest(0, idlurl); - tests.put(test2.getName(), test2);; - - } catch (Exception e) { - Logger.warn("MOA-ID IdentityLink Test can not performed without IdentityLink. Insert IdentityLink file to MOA-ID configuration", e); - } + public TestManager(){ + } public List<String> executeTests() { Logger.debug("Start MOA-ID-Auth testing"); - List<String> errors; for (TestModuleInterface test : tests.values()) { @@ -109,4 +89,24 @@ public class TestManager { public boolean existsModule(String modulename) { return tests.containsKey(modulename); } + + public void init() throws ConfigurationException{ + Logger.debug("Start initializing MOA-ID-Auth TestManager"); + + //add Database test + DatabaseTestModule test1 = new DatabaseTestModule(this.transactionStorage, this.statisticLogDBUtils); + tests.put(test1.getName(), test1); + + //add IdentityLink verification test + IdentityLinkTestModule test2 = new IdentityLinkTestModule(); + String idlurl = FileUtils.makeAbsoluteURL(authConfig.getMonitoringTestIdentityLinkURL(), authConfig.getRootConfigFileDir()); + try { + test2.initializeTest(0, idlurl); + tests.put(test2.getName(), test2);; + + } catch (Exception e) { + Logger.warn("MOA-ID IdentityLink Test can not performed without IdentityLink. Insert IdentityLink file to MOA-ID configuration", e); + } + } + } diff --git a/id/server/modules/module-monitoring/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider b/id/server/modules/module-monitoring/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider new file mode 100644 index 000000000..b696bcdd7 --- /dev/null +++ b/id/server/modules/module-monitoring/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider @@ -0,0 +1 @@ +at.gv.egovernment.moa.id.monitoring.MonitoringSpringResourceProvider
\ No newline at end of file diff --git a/id/server/modules/module-monitoring/src/main/resources/moaid_monitoring.beans.xml b/id/server/modules/module-monitoring/src/main/resources/moaid_monitoring.beans.xml new file mode 100644 index 000000000..6c195e7d7 --- /dev/null +++ b/id/server/modules/module-monitoring/src/main/resources/moaid_monitoring.beans.xml @@ -0,0 +1,16 @@ +<?xml version="1.0" encoding="UTF-8"?> +<beans + xmlns="http://www.springframework.org/schema/beans" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xmlns:context="http://www.springframework.org/schema/context" + xmlns:tx="http://www.springframework.org/schema/tx" + xmlns:aop="http://www.springframework.org/schema/aop" + xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd + http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd + http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd + http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd"> + + <bean id="testManager" + class="at.gv.egovernment.moa.id.monitoring.TestManager" + init-method="init"/> +</beans>
\ No newline at end of file diff --git a/id/server/pom.xml b/id/server/pom.xml index 56d317cf5..55bff295a 100644 --- a/id/server/pom.xml +++ b/id/server/pom.xml @@ -20,11 +20,12 @@ <modules>
<module>moa-id-spring-initializer</module>
<module>moa-id-frontend-resources</module>
+ <module>moa-id-jaxb_classes</module>
<module>idserverlib</module>
<module>moa-id-commons</module>
<module>modules</module>
<module>auth-final</module>
- <module>auth-edu</module>
+ <module>auth-edu</module>
</modules>
<dependencyManagement>
@@ -104,7 +105,7 @@ <dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
- <version>4.11</version>
+ <version>4.12</version>
<scope>test</scope>
</dependency>
<dependency>
@@ -22,45 +22,52 @@ --> <!-- Project Version --> - <moa-id-version>3.1.5</moa-id-version> + <moa-id-version>3.2.1-Snapshot</moa-id-version> - <moa-id-version-final>3.1.5-final</moa-id-version-final> - <moa-id-version-edu>3.2.0-OPB-Snapshot</moa-id-version-edu> + <moa-id-version-final>3.2.1-Snapshot</moa-id-version-final> + <moa-id-version-edu>3.2.1-edu-Snapshot</moa-id-version-edu> <moa-id-proxy-version>2.0.1-Snapshot</moa-id-proxy-version> - <configtool-version>2.2.5-final</configtool-version> - <demo-oa-version>2.0.5</demo-oa-version> + <configtool-version>2.3.1-Snapshot</configtool-version> + <demo-oa-version>2.0.6</demo-oa-version> - <moa-id-module-elga_mandate_client>1.2</moa-id-module-elga_mandate_client> + <moa-id-module-elga_mandate_client>1.1</moa-id-module-elga_mandate_client> - <!-- Library Versions --> - <moa-spss-version>2.0.5</moa-spss-version> + <moa-spss-version>3.0.0</moa-spss-version> - <org.springframework.version>4.2.6.RELEASE</org.springframework.version> + <org.springframework.version>4.3.3.RELEASE</org.springframework.version> <surefire.version>2.19.1</surefire.version> <opensaml.version>2.6.6</opensaml.version> <!-- update to v3 (v2 is end-of-life in june 2016)--> <xmltooling.version>1.4.6</xmltooling.version> - <xmlsec.version>2.0.6</xmlsec.version> + <xmlsec.version>2.0.7</xmlsec.version> - <hibernate.version>5.1.0.Final</hibernate.version> <!-- update to v5 --> - <cxf.version>3.1.6</cxf.version> - <struts.version>2.3.28.1</struts.version> + <!-- Maybe problems with 5.2.3.Final --> + <hibernate.version>5.2.3.Final</hibernate.version> <!-- update to v5 --> + <!-- <hibernate.version>5.0.10.Final</hibernate.version> update to v5 --> + + + <cxf.version>3.1.7</cxf.version> + <struts.version>2.3.30</struts.version> <egovutils.version>2.0.0</egovutils.version> <slf4j.version>1.7.21</slf4j.version> - <mysql-connector.java>5.1.39</mysql-connector.java> - <junit.version>3.8.2</junit.version> - <org.apache.commons.io.version>2.4</org.apache.commons.io.version> + + <!-- Maybe problems with Hibernate 5.0.10 --> + <mysql-connector.java>6.0.4</mysql-connector.java> + <!-- <mysql-connector.java>5.1.40</mysql-connector.java> --> + + <junit.version>4.12</junit.version> + <org.apache.commons.io.version>2.5</org.apache.commons.io.version> <org.apache.commons.lang3.version>3.4</org.apache.commons.lang3.version> <org.apache.commons.collections4.version>4.1</org.apache.commons.collections4.version> <org.apache.commons.collections3.version>3.2.2</org.apache.commons.collections3.version> - <jodatime.version>2.7</jodatime.version> + <jodatime.version>2.9.4</jodatime.version> - <jackson-version>2.7.4</jackson-version> + <jackson-version>2.8.4</jackson-version> <apache-cli-version>1.3.1</apache-cli-version> <spring-orm-version>${org.springframework.version}</spring-orm-version> @@ -207,8 +214,8 @@ <executable>${env.BUILD_EXECUTEABLE}</executable> <compilerVersion>${env.BUILD_VERSION}</compilerVersion> <encoding>${project.build.sourceEncoding}</encoding> - <source>1.7</source> - <target>1.7</target> + <source>1.8</source> + <target>1.8</target> </configuration> </plugin> <plugin> @@ -348,33 +355,7 @@ <artifactId>slf4j-log4j12</artifactId> <version>${slf4j.version}</version> </dependency> - - -<!-- <dependency> - <groupId>axis</groupId> - <artifactId>axis</artifactId> - <version>1.0_IAIK_1.2</version> - <scope>compile</scope> - </dependency> - <dependency> - <groupId>org.apache.axis</groupId> - <artifactId>axis-jaxrpc</artifactId> - <version>1.4</version> - <scope>compile</scope> - </dependency> - <dependency> - <groupId>org.apache.axis</groupId> - <artifactId>axis-saaj</artifactId> - <version>1.4</version> - <scope>compile</scope> - </dependency> - <dependency> - <groupId>axis</groupId> - <artifactId>axis-wsdl4j</artifactId> - <version>1.5.1</version> - <scope>compile</scope> - </dependency> --> - + <dependency> <groupId>jaxen</groupId> <artifactId>jaxen</artifactId> @@ -387,12 +368,6 @@ <scope>compile</scope> </dependency> - <!-- <dependency> - <groupId>log4j</groupId> - <artifactId>log4j</artifactId> - <version>1.2.17</version> - <scope>compile</scope> - </dependency> --> <dependency> <groupId>org.apache.logging.log4j</groupId> <artifactId>log4j-core</artifactId> @@ -471,6 +446,8 @@ <type>pom</type> </dependency> + + <dependency> <groupId>MOA.id.server</groupId> <artifactId>moa-id-lib</artifactId> @@ -483,6 +460,13 @@ <version>${moa-id-version}</version> <scope>compile</scope> </dependency> + + <dependency> + <groupId>MOA.id.server</groupId> + <artifactId>moa-id-jaxb_classes</artifactId> + <version>${moa-id-version}</version> + </dependency> + <dependency> <groupId>MOA.id.server</groupId> <artifactId>moa-id-lib</artifactId> @@ -539,13 +523,20 @@ </dependency> - <dependency> +<!-- <dependency> <groupId>MOA.spss.server</groupId> - <artifactId>moa-spss-lib</artifactId> + <artifactId>moa-sig-lib</artifactId> <version>${moa-spss-version}</version> <scope>compile</scope> </dependency> + <dependency> + <groupId>MOA.spss</groupId> + <artifactId>common</artifactId> + <version>${moa-spss-version}</version> + <scope>compile</scope> + </dependency> --> + <dependency> <groupId>MOA.id.server</groupId> <artifactId>moa-id-commons</artifactId> @@ -595,38 +586,14 @@ <dependency> <groupId>iaik.prod</groupId> <artifactId>iaik_jce_full</artifactId> - <!-- <version>4.0_MOA</version>--> - <version>5.2</version> - <scope>compile</scope> - </dependency> - <dependency> - <groupId>iaik.prod</groupId> - <artifactId>iaik_moa</artifactId> - <version>1.51</version> - <scope>compile</scope> - </dependency> - <dependency> - <groupId>iaik.prod</groupId> - <artifactId>iaik_cms</artifactId> - <version>5.0</version> - <scope>compile</scope> - </dependency> - <dependency> - <groupId>iaik.prod</groupId> - <artifactId>iaik_ecc</artifactId> - <version>2.19</version> - <scope>provided</scope> - </dependency> - <dependency> - <groupId>iaik.prod</groupId> - <artifactId>iaik_ixsil</artifactId> - <version>1.2.2.5</version> + <version>5.3_MOA</version> <scope>compile</scope> </dependency> + <dependency> <groupId>iaik.prod</groupId> <artifactId>iaik_X509TrustManager</artifactId> - <version>0.3</version> + <version>0.3.1</version> <scope>compile</scope> </dependency> <dependency> @@ -695,40 +662,7 @@ <artifactId>jaxb-api</artifactId> <version>2.2.12</version> </dependency> - - <!-- TSL --> - <dependency> - <groupId>iaik</groupId> - <artifactId>iaik_tsl</artifactId> - <version>1.1</version> - </dependency> - -<!-- <dependency> - <groupId>iaik</groupId> - <artifactId>iaik_util</artifactId> - <version>0.23</version> - </dependency> - <dependency> - <groupId>iaik</groupId> - <artifactId>iaik_xsect_eval</artifactId> - <version>1.1709142</version> - </dependency> - <dependency> - <groupId>com.sun.xml.bind</groupId> - <artifactId>jaxb-impl</artifactId> - <version>2.2.7</version> - </dependency> - <dependency> - <groupId>org.xerial</groupId> - <artifactId>sqlite-jdbc</artifactId> - <version>3.7.8-SNAPSHOT</version> - </dependency> - <dependency> - <groupId>iaik</groupId> - <artifactId>iaik_jsse</artifactId> - <version>4.4</version> - </dependency> --> - + <dependency> <groupId>xerces</groupId> <artifactId>xercesImpl</artifactId> @@ -804,7 +738,7 @@ <dependency> <groupId>org.unitils</groupId> <artifactId>unitils-core</artifactId> - <version>3.4.2</version> + <version>3.4.3</version> </dependency> </dependencies> diff --git a/repository/MOA/spss/common/3.0.0-RC1/common-3.0.0-RC1.jar b/repository/MOA/spss/common/3.0.0-RC1/common-3.0.0-RC1.jar Binary files differnew file mode 100644 index 000000000..46b4118cd --- /dev/null +++ b/repository/MOA/spss/common/3.0.0-RC1/common-3.0.0-RC1.jar diff --git a/repository/MOA/spss/common/3.0.0-RC5/common-3.0.0-RC5.jar b/repository/MOA/spss/common/3.0.0-RC5/common-3.0.0-RC5.jar Binary files differnew file mode 100644 index 000000000..07f59e006 --- /dev/null +++ b/repository/MOA/spss/common/3.0.0-RC5/common-3.0.0-RC5.jar diff --git a/repository/MOA/spss/common/3.0.0/common-3.0.0.jar b/repository/MOA/spss/common/3.0.0/common-3.0.0.jar Binary files differnew file mode 100644 index 000000000..dafb5aef7 --- /dev/null +++ b/repository/MOA/spss/common/3.0.0/common-3.0.0.jar diff --git a/repository/MOA/spss/server/moa-sig-lib/3.0.0-RC1/moa-sig-lib-3.0.0-RC1.jar b/repository/MOA/spss/server/moa-sig-lib/3.0.0-RC1/moa-sig-lib-3.0.0-RC1.jar Binary files differnew file mode 100644 index 000000000..6ed6a8c44 --- /dev/null +++ b/repository/MOA/spss/server/moa-sig-lib/3.0.0-RC1/moa-sig-lib-3.0.0-RC1.jar diff --git a/repository/MOA/spss/server/moa-sig-lib/3.0.0-RC5/moa-sig-lib-3.0.0-RC5.jar b/repository/MOA/spss/server/moa-sig-lib/3.0.0-RC5/moa-sig-lib-3.0.0-RC5.jar Binary files differnew file mode 100644 index 000000000..16112cd27 --- /dev/null +++ b/repository/MOA/spss/server/moa-sig-lib/3.0.0-RC5/moa-sig-lib-3.0.0-RC5.jar diff --git a/repository/MOA/spss/server/moa-sig-lib/3.0.0/moa-sig-lib-3.0.0.jar b/repository/MOA/spss/server/moa-sig-lib/3.0.0/moa-sig-lib-3.0.0.jar Binary files differnew file mode 100644 index 000000000..d89f547aa --- /dev/null +++ b/repository/MOA/spss/server/moa-sig-lib/3.0.0/moa-sig-lib-3.0.0.jar diff --git a/repository/eu/eidas/eidas-commons/1.1.0-mod1/eidas-commons-1.1.0-mod1.jar b/repository/eu/eidas/eidas-commons/1.1.0-mod1/eidas-commons-1.1.0-mod1.jar Binary files differnew file mode 100644 index 000000000..c6fabd8fb --- /dev/null +++ b/repository/eu/eidas/eidas-commons/1.1.0-mod1/eidas-commons-1.1.0-mod1.jar diff --git a/repository/eu/eidas/eidas-commons/1.1.0/eidas-commons-1.1.0.jar b/repository/eu/eidas/eidas-commons/1.1.0/eidas-commons-1.1.0.jar Binary files differnew file mode 100644 index 000000000..c6fabd8fb --- /dev/null +++ b/repository/eu/eidas/eidas-commons/1.1.0/eidas-commons-1.1.0.jar diff --git a/repository/eu/eidas/eidas-configmodule/1.1.0/eidas-configmodule-1.1.0.jar b/repository/eu/eidas/eidas-configmodule/1.1.0/eidas-configmodule-1.1.0.jar Binary files differnew file mode 100644 index 000000000..7df369d68 --- /dev/null +++ b/repository/eu/eidas/eidas-configmodule/1.1.0/eidas-configmodule-1.1.0.jar diff --git a/repository/eu/eidas/eidas-encryption/1.1.0/eidas-encryption-1.1.0.jar b/repository/eu/eidas/eidas-encryption/1.1.0/eidas-encryption-1.1.0.jar Binary files differnew file mode 100644 index 000000000..3886d6f9c --- /dev/null +++ b/repository/eu/eidas/eidas-encryption/1.1.0/eidas-encryption-1.1.0.jar diff --git a/repository/eu/eidas/eidas-light-commons/1.1.0/eidas-light-commons-1.1.0.jar b/repository/eu/eidas/eidas-light-commons/1.1.0/eidas-light-commons-1.1.0.jar Binary files differnew file mode 100644 index 000000000..aaf5c74d8 --- /dev/null +++ b/repository/eu/eidas/eidas-light-commons/1.1.0/eidas-light-commons-1.1.0.jar diff --git a/repository/eu/eidas/eidas-saml-engine/1.1.0/eidas-saml-engine-1.1.0.jar b/repository/eu/eidas/eidas-saml-engine/1.1.0/eidas-saml-engine-1.1.0.jar Binary files differnew file mode 100644 index 000000000..5dc5955e7 --- /dev/null +++ b/repository/eu/eidas/eidas-saml-engine/1.1.0/eidas-saml-engine-1.1.0.jar diff --git a/repository/iaik/asit/1.3.4/asit-1.3.4.jar b/repository/iaik/asit/1.3.4/asit-1.3.4.jar Binary files differdeleted file mode 100644 index e331f467c..000000000 --- a/repository/iaik/asit/1.3.4/asit-1.3.4.jar +++ /dev/null diff --git a/repository/iaik/asit/1.3.4/asit-1.3.4.jar.md5 b/repository/iaik/asit/1.3.4/asit-1.3.4.jar.md5 deleted file mode 100644 index b34c0523d..000000000 --- a/repository/iaik/asit/1.3.4/asit-1.3.4.jar.md5 +++ /dev/null @@ -1 +0,0 @@ -b7224977a72089a9d5e78af0b402c56d
\ No newline at end of file diff --git a/repository/iaik/asit/1.3.4/asit-1.3.4.jar.sha1 b/repository/iaik/asit/1.3.4/asit-1.3.4.jar.sha1 deleted file mode 100644 index c7a57ac50..000000000 --- a/repository/iaik/asit/1.3.4/asit-1.3.4.jar.sha1 +++ /dev/null @@ -1 +0,0 @@ -d3d60e9f28392c28c8a8ece918281bce5358dd59
\ No newline at end of file diff --git a/repository/iaik/asit/1.3.4/asit-1.3.4.pom b/repository/iaik/asit/1.3.4/asit-1.3.4.pom deleted file mode 100644 index 93ca1f600..000000000 --- a/repository/iaik/asit/1.3.4/asit-1.3.4.pom +++ /dev/null @@ -1,390 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> - <modelVersion>4.0.0</modelVersion> - - <groupId>iaik</groupId> - <artifactId>asit</artifactId> - <version>1.3.4</version> - - <packaging>jar</packaging> - - <name>A-SIT framework</name> - <description>Framework fuer A-SIT Anwendungen</description> - <url>http://www.iaik.tugraz.at</url> - <inceptionYear>2007</inceptionYear> - - <developers> - <developer> - <id>atauber</id> - <name>Arne Tauber</name> - <organization>IAIK</organization> - <email>arne.tauber@iaik.tugraz.at</email> - <timezone>+1</timezone> - <roles> - <role>developer</role> - </roles> - </developer> - <developer> - <id>tknall</id> - <name>Thomas Knall</name> - <organization>IAIK</organization> - <email>thomas.knall@iaik.tugraz.at</email> - <timezone>+1</timezone> - <roles> - <role>developer</role> - </roles> - </developer> - <developer> - <id>troessler</id> - <name>Thomas Roessler</name> - <organization>IAIK</organization> - <email>thomas.roessler@iaik.tugraz.at</email> - <timezone>+1</timezone> - <roles> - <role>developer</role> - </roles> - </developer> - </developers> - - <ciManagement> - <system>continuum</system> - <url>http://development:8088/continuum</url> - <notifiers> - <notifier> - <type>mail</type> - <configuration> - <address>tknall</address> - </configuration> - </notifier> - <notifier> - <type>mail</type> - <configuration> - <address>atauber</address> - </configuration> - </notifier> - </notifiers> - </ciManagement> - - <scm> - <connection>scm:svn:http://bugzilla.iaik.tugraz.at/svn/egiz/prj/current/framework/asit/trunk</connection> - <developerConnection>scm:svn:http://bugzilla.iaik.tugraz.at/svn/egiz/prj/current/framework/asit/trunk</developerConnection> - <url>http://bugzilla.iaik.tugraz.at/svn/egiz/prj/current/framework/asit/trunk</url> - </scm> - - <organization> - <name>Institut fuer Angewandte Informationsverarbeitung und Kommunikationstechnologie</name> - <url>http://www.iaik.tugraz.at/</url> - </organization> - - <distributionManagement> - <site> - <id>website</id> - <url> - file://development/c:/data/public/websites/PROJECTS/${pom.artifactId}/${pom.version} - </url> - </site> - </distributionManagement> - - <build> - - <resources> - <resource> - <filtering>true</filtering> - <directory>src/main/resources</directory> - <excludes> - <exclude>**/package.html</exclude> - <exclude>**/.svn</exclude> - </excludes> - </resource> - <resource> - <filtering>false</filtering> - <directory>src/main/java</directory> - <excludes> - <exclude>**/package.html</exclude> - <exclude>**/.svn</exclude> - </excludes> - </resource> - </resources> - - <finalName>${artifactId}-${version}</finalName> - - <plugins> - <plugin> - <artifactId>maven-surefire-plugin</artifactId> - <configuration> - <!-- skip>true</skip--> - </configuration> - </plugin> - <plugin> - <artifactId>maven-site-plugin</artifactId> - <configuration> - <locales>en</locales> - </configuration> - </plugin> - - <plugin> - <artifactId>maven-compiler-plugin</artifactId> - <configuration> - <compilerArguments> - <verbose /> - </compilerArguments> - <excludes> - <exclude>asit/test/*/</exclude> - </excludes> - <source>1.4</source> - <target>1.4</target> - </configuration> - </plugin> - - <plugin> - <artifactId>maven-jar-plugin</artifactId> - <configuration> - <archive> - <manifest> - <!--mainClass>resource_uri_to_main_class</mainClass--> - <addClasspath>true</addClasspath> - </manifest> - </archive> - </configuration> - </plugin> - - <plugin> - <artifactId>maven-assembly-plugin</artifactId> - <configuration> - <descriptor>src/main/assembly/assemble_libraries.xml</descriptor> - </configuration> - </plugin> - - <plugin> - <artifactId>maven-javadoc-plugin</artifactId> - <configuration> - <additionalparam></additionalparam> - <public>true</public> - <package>true</package> - <private>true</private> - <links> - <link>http://java.sun.com/j2se/1.5.0/docs/api/</link> - <link>http://java.sun.com/j2ee/1.4/docs/api/</link> - <link>http://struts.apache.org/1.2.4/api/</link> - <link>http://logging.apache.org/log4j/docs/api/</link> - </links> - <source>1.4</source> - <target>1.4</target> - <windowtitle>${pom.name} v${pom.version}:${build.date} API</windowtitle> - <bottom>Copyright ${pom.inceptionYear} <a href="${pom.organization.url}" target="_blank">${pom.organization.name}</a>. All Rights Reserved.</bottom> - </configuration> - </plugin> - - </plugins> - - </build> - - <reporting> - <plugins> - - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-project-info-reports-plugin</artifactId> - <reportSets> - <reportSet> - <reports> - <report>dependencies</report> - <report>project-team</report> - <!-- report>mailing-list</report --> - <!-- report>cim</report --> - <!-- report>issue-tracking</report --> - <!-- >report>license</report --> - <!-- >report>scm</report --> - </reports> - </reportSet> - </reportSets> - </plugin> - - <plugin> - <artifactId>maven-javadoc-plugin</artifactId> - <configuration> - <additionalparam></additionalparam> - <public>true</public> - <package>true</package> - <private>true</private> - <links> - <link>http://java.sun.com/j2se/1.4.2/docs/api/</link> - <link>http://java.sun.com/j2ee/1.4/docs/api/</link> - <link>http://struts.apache.org/1.2.4/api/</link> - <link>http://logging.apache.org/log4j/docs/api/</link> - </links> - <source>1.4</source> - <target>1.4</target> - <windowtitle>${pom.name} v${pom.version}:${build.date} API</windowtitle> - <bottom>Copyright ${pom.inceptionYear} <a href="${pom.organization.url}" target="_blank">${pom.organization.name}</a>. All Rights Reserved.</bottom> - </configuration> - </plugin> - - <!-- - <plugin> - <groupId>www.ibiblio.org</groupId> - <artifactId>maven-jcoverage-plugin</artifactId> - </plugin> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-docck-plugin</artifactId> - </plugin> - <plugin> - <groupId>org.codehaus.mojo</groupId> - <artifactId>changes-maven-plugin</artifactId> - </plugin> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-doap-plugin</artifactId> - <plugin> - </plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-clover-plugin</artifactId> - </plugin> - --> - - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-changes-plugin</artifactId> - <configuration> - <xmlPath>${basedir}/src/site/changes.xml</xmlPath> - </configuration> - <reportSets> - <reportSet> - <reports> - <report>changes-report</report> - </reports> - </reportSet> - </reportSets> - </plugin> - - <plugin> - <groupId>org.codehaus.mojo</groupId> - <artifactId>taglist-maven-plugin</artifactId> - <version>2.0-beta-1</version> - </plugin> - - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-jxr-plugin</artifactId> - </plugin> - - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-surefire-report-plugin</artifactId> - <configuration> - <showSuccess>true</showSuccess> - </configuration> - </plugin> - - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-pmd-plugin</artifactId> - <configuration> - <targetJdk>1.5</targetJdk> - </configuration> - </plugin> - - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-checkstyle-plugin</artifactId> - <configuration> - <configLocation>${basedir}/src/site/checkstyle.xml</configLocation> - </configuration> - </plugin> - - </plugins> - </reporting> - - <dependencies> - <!-- see http://maven.apache.org/guides/introduction/introduction-to-dependency-mechanism.html --> - <dependency> - <groupId>javax.servlet</groupId> - <artifactId>servlet-api</artifactId> - <version>2.3</version> <!-- was: 2.3.1 --> - <scope>provided</scope> - <!-- - available scopes: compile, provided, runtime, test, system - --> - <!-- - projects that are libraries should declare dependencies as optional - see: http://maven.apache.org/guides/introduction/introduction-to-optional-and-excludes-dependencies.html - --> - <optional>true</optional> - </dependency> - <dependency> - <groupId>struts</groupId> - <artifactId>struts</artifactId> - <version>1.2.4</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>iaik</groupId> - <artifactId>iaik_jce_eval_signed</artifactId> - <version>3.142</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>iaik</groupId> - <artifactId>iaik_ixsil_eval</artifactId> - <version>1.2.0</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>javax.mail</groupId> - <artifactId>mail</artifactId> - <version>1.4</version> <!-- was: 1.3.1 --> - <optional>true</optional> - </dependency> - <dependency> - <groupId>commons-logging</groupId> - <artifactId>commons-logging</artifactId> - <version>1.0.3</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>log4j</groupId> - <artifactId>log4j</artifactId> - <version>1.2.8</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>iaik</groupId> - <artifactId>iaik_ecc_eval_signed</artifactId> - <version>2.15</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>net.sf.hibernate</groupId> - <artifactId>hibernate</artifactId> - <version>2.1.7c</version> <!-- was: 2.1.7 --> - <optional>true</optional> - </dependency> - <dependency> - <groupId>fop</groupId> - <artifactId>fop</artifactId> - <version>0.20.5</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>axis</groupId> - <artifactId>axis-jaxrpc</artifactId> - <version>1.0</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>tomcat</groupId> - <artifactId>catalina</artifactId> - <version>4.1.31</version> <!-- was: unknown --> - <optional>true</optional> - </dependency> - <dependency> - <groupId>junit</groupId> - <artifactId>junit</artifactId> - <version>4.1</version> - <scope>test</scope> - <optional>true</optional> - </dependency> - </dependencies> -</project> diff --git a/repository/iaik/asit/1.3.4/asit-1.3.4.pom.md5 b/repository/iaik/asit/1.3.4/asit-1.3.4.pom.md5 deleted file mode 100644 index 3bfb19649..000000000 --- a/repository/iaik/asit/1.3.4/asit-1.3.4.pom.md5 +++ /dev/null @@ -1 +0,0 @@ -f42cef68752c2b2c0d6de5a6fb1a9d7c
\ No newline at end of file diff --git a/repository/iaik/asit/1.3.4/asit-1.3.4.pom.sha1 b/repository/iaik/asit/1.3.4/asit-1.3.4.pom.sha1 deleted file mode 100644 index 9253d46cf..000000000 --- a/repository/iaik/asit/1.3.4/asit-1.3.4.pom.sha1 +++ /dev/null @@ -1 +0,0 @@ -dd7966e311b2b719ecabe6bb7b6bde3f80d7ce01
\ No newline at end of file diff --git a/repository/iaik/asit/1.3.5/asit-1.3.5.jar b/repository/iaik/asit/1.3.5/asit-1.3.5.jar Binary files differdeleted file mode 100644 index f04ec1e6f..000000000 --- a/repository/iaik/asit/1.3.5/asit-1.3.5.jar +++ /dev/null diff --git a/repository/iaik/asit/1.3.5/asit-1.3.5.jar.sha1 b/repository/iaik/asit/1.3.5/asit-1.3.5.jar.sha1 deleted file mode 100644 index 564da72b0..000000000 --- a/repository/iaik/asit/1.3.5/asit-1.3.5.jar.sha1 +++ /dev/null @@ -1 +0,0 @@ -56ef339009e19c81b9ead9262c43a84371e2aa73
\ No newline at end of file diff --git a/repository/iaik/asit/1.3.5/asit-1.3.5.pom b/repository/iaik/asit/1.3.5/asit-1.3.5.pom deleted file mode 100644 index 58a6e5a09..000000000 --- a/repository/iaik/asit/1.3.5/asit-1.3.5.pom +++ /dev/null @@ -1,9 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> - <modelVersion>4.0.0</modelVersion> - <groupId>iaik</groupId> - <artifactId>asit</artifactId> - <version>1.3.5</version> - <description>POM was created from install:install-file</description> -</project> diff --git a/repository/iaik/asit/1.3.5/asit-1.3.5.pom.sha1 b/repository/iaik/asit/1.3.5/asit-1.3.5.pom.sha1 deleted file mode 100644 index 0fa712339..000000000 --- a/repository/iaik/asit/1.3.5/asit-1.3.5.pom.sha1 +++ /dev/null @@ -1 +0,0 @@ -72c48087cb86db39f62d955159710f6cb8dc5d04
\ No newline at end of file diff --git a/repository/iaik/asit/1.3.6/asit-1.3.6-javadoc.jar b/repository/iaik/asit/1.3.6/asit-1.3.6-javadoc.jar Binary files differdeleted file mode 100644 index 1ba8dc308..000000000 --- a/repository/iaik/asit/1.3.6/asit-1.3.6-javadoc.jar +++ /dev/null diff --git a/repository/iaik/asit/1.3.6/asit-1.3.6-sources.jar b/repository/iaik/asit/1.3.6/asit-1.3.6-sources.jar Binary files differdeleted file mode 100644 index ae38e3336..000000000 --- a/repository/iaik/asit/1.3.6/asit-1.3.6-sources.jar +++ /dev/null diff --git a/repository/iaik/asit/1.3.6/asit-1.3.6.jar b/repository/iaik/asit/1.3.6/asit-1.3.6.jar Binary files differdeleted file mode 100644 index 8a754fe81..000000000 --- a/repository/iaik/asit/1.3.6/asit-1.3.6.jar +++ /dev/null diff --git a/repository/iaik/asit/1.3.6/asit-1.3.6.pom b/repository/iaik/asit/1.3.6/asit-1.3.6.pom deleted file mode 100644 index 7770aef52..000000000 --- a/repository/iaik/asit/1.3.6/asit-1.3.6.pom +++ /dev/null @@ -1,390 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> - <modelVersion>4.0.0</modelVersion> - - <groupId>iaik</groupId> - <artifactId>asit</artifactId> - <version>1.3.6</version> - - <packaging>jar</packaging> - - <name>A-SIT framework</name> - <description>Framework fuer A-SIT Anwendungen</description> - <url>http://www.iaik.tugraz.at</url> - <inceptionYear>2007</inceptionYear> - - <developers> - <developer> - <id>atauber</id> - <name>Arne Tauber</name> - <organization>IAIK</organization> - <email>arne.tauber@iaik.tugraz.at</email> - <timezone>+1</timezone> - <roles> - <role>developer</role> - </roles> - </developer> - <developer> - <id>tknall</id> - <name>Thomas Knall</name> - <organization>IAIK</organization> - <email>thomas.knall@iaik.tugraz.at</email> - <timezone>+1</timezone> - <roles> - <role>developer</role> - </roles> - </developer> - <developer> - <id>troessler</id> - <name>Thomas Roessler</name> - <organization>IAIK</organization> - <email>thomas.roessler@iaik.tugraz.at</email> - <timezone>+1</timezone> - <roles> - <role>developer</role> - </roles> - </developer> - </developers> - - <ciManagement> - <system>continuum</system> - <url>http://development:8088/continuum</url> - <notifiers> - <notifier> - <type>mail</type> - <configuration> - <address>tknall</address> - </configuration> - </notifier> - <notifier> - <type>mail</type> - <configuration> - <address>atauber</address> - </configuration> - </notifier> - </notifiers> - </ciManagement> - - <scm> - <connection>scm:svn:http://bugzilla.iaik.tugraz.at/svn/egiz/prj/current/framework/asit/trunk</connection> - <developerConnection>scm:svn:http://bugzilla.iaik.tugraz.at/svn/egiz/prj/current/framework/asit/trunk</developerConnection> - <url>http://bugzilla.iaik.tugraz.at/svn/egiz/prj/current/framework/asit/trunk</url> - </scm> - - <organization> - <name>Institut fuer Angewandte Informationsverarbeitung und Kommunikationstechnologie</name> - <url>http://www.iaik.tugraz.at/</url> - </organization> - - <distributionManagement> - <site> - <id>website</id> - <url> - file://development/c:/data/public/websites/PROJECTS/${pom.artifactId}/${pom.version} - </url> - </site> - </distributionManagement> - - <build> - - <resources> - <resource> - <filtering>true</filtering> - <directory>src/main/resources</directory> - <excludes> - <exclude>**/package.html</exclude> - <exclude>**/.svn</exclude> - </excludes> - </resource> - <resource> - <filtering>false</filtering> - <directory>src/main/java</directory> - <excludes> - <exclude>**/package.html</exclude> - <exclude>**/.svn</exclude> - </excludes> - </resource> - </resources> - - <finalName>${artifactId}-${version}</finalName> - - <plugins> - <plugin> - <artifactId>maven-surefire-plugin</artifactId> - <configuration> - <!-- skip>true</skip--> - </configuration> - </plugin> - <plugin> - <artifactId>maven-site-plugin</artifactId> - <configuration> - <locales>en</locales> - </configuration> - </plugin> - - <plugin> - <artifactId>maven-compiler-plugin</artifactId> - <configuration> - <compilerArguments> - <verbose /> - </compilerArguments> - <excludes> - <exclude>asit/test/*/</exclude> - </excludes> - <source>1.4</source> - <target>1.4</target> - </configuration> - </plugin> - - <plugin> - <artifactId>maven-jar-plugin</artifactId> - <configuration> - <archive> - <manifest> - <!--mainClass>resource_uri_to_main_class</mainClass--> - <addClasspath>true</addClasspath> - </manifest> - </archive> - </configuration> - </plugin> - - <plugin> - <artifactId>maven-assembly-plugin</artifactId> - <configuration> - <descriptor>src/main/assembly/assemble_libraries.xml</descriptor> - </configuration> - </plugin> - - <plugin> - <artifactId>maven-javadoc-plugin</artifactId> - <configuration> - <additionalparam></additionalparam> - <public>true</public> - <package>true</package> - <private>true</private> - <links> - <link>http://java.sun.com/j2se/1.5.0/docs/api/</link> - <link>http://java.sun.com/j2ee/1.4/docs/api/</link> - <link>http://struts.apache.org/1.2.4/api/</link> - <link>http://logging.apache.org/log4j/docs/api/</link> - </links> - <source>1.4</source> - <target>1.4</target> - <windowtitle>${pom.name} v${pom.version}:${build.date} API</windowtitle> - <bottom>Copyright ${pom.inceptionYear} <a href="${pom.organization.url}" target="_blank">${pom.organization.name}</a>. All Rights Reserved.</bottom> - </configuration> - </plugin> - - </plugins> - - </build> - - <reporting> - <plugins> - - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-project-info-reports-plugin</artifactId> - <reportSets> - <reportSet> - <reports> - <report>dependencies</report> - <report>project-team</report> - <!-- report>mailing-list</report --> - <!-- report>cim</report --> - <!-- report>issue-tracking</report --> - <!-- >report>license</report --> - <!-- >report>scm</report --> - </reports> - </reportSet> - </reportSets> - </plugin> - - <plugin> - <artifactId>maven-javadoc-plugin</artifactId> - <configuration> - <additionalparam></additionalparam> - <public>true</public> - <package>true</package> - <private>true</private> - <links> - <link>http://java.sun.com/j2se/1.4.2/docs/api/</link> - <link>http://java.sun.com/j2ee/1.4/docs/api/</link> - <link>http://struts.apache.org/1.2.4/api/</link> - <link>http://logging.apache.org/log4j/docs/api/</link> - </links> - <source>1.4</source> - <target>1.4</target> - <windowtitle>${pom.name} v${pom.version}:${build.date} API</windowtitle> - <bottom>Copyright ${pom.inceptionYear} <a href="${pom.organization.url}" target="_blank">${pom.organization.name}</a>. All Rights Reserved.</bottom> - </configuration> - </plugin> - - <!-- - <plugin> - <groupId>www.ibiblio.org</groupId> - <artifactId>maven-jcoverage-plugin</artifactId> - </plugin> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-docck-plugin</artifactId> - </plugin> - <plugin> - <groupId>org.codehaus.mojo</groupId> - <artifactId>changes-maven-plugin</artifactId> - </plugin> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-doap-plugin</artifactId> - <plugin> - </plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-clover-plugin</artifactId> - </plugin> - --> - - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-changes-plugin</artifactId> - <configuration> - <xmlPath>${basedir}/src/site/changes.xml</xmlPath> - </configuration> - <reportSets> - <reportSet> - <reports> - <report>changes-report</report> - </reports> - </reportSet> - </reportSets> - </plugin> - - <plugin> - <groupId>org.codehaus.mojo</groupId> - <artifactId>taglist-maven-plugin</artifactId> - <version>2.0-beta-1</version> - </plugin> - - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-jxr-plugin</artifactId> - </plugin> - - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-surefire-report-plugin</artifactId> - <configuration> - <showSuccess>true</showSuccess> - </configuration> - </plugin> - - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-pmd-plugin</artifactId> - <configuration> - <targetJdk>1.5</targetJdk> - </configuration> - </plugin> - - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-checkstyle-plugin</artifactId> - <configuration> - <configLocation>${basedir}/src/site/checkstyle.xml</configLocation> - </configuration> - </plugin> - - </plugins> - </reporting> - - <dependencies> - <!-- see http://maven.apache.org/guides/introduction/introduction-to-dependency-mechanism.html --> - <dependency> - <groupId>javax.servlet</groupId> - <artifactId>servlet-api</artifactId> - <version>2.3</version> <!-- was: 2.3.1 --> - <scope>provided</scope> - <!-- - available scopes: compile, provided, runtime, test, system - --> - <!-- - projects that are libraries should declare dependencies as optional - see: http://maven.apache.org/guides/introduction/introduction-to-optional-and-excludes-dependencies.html - --> - <optional>true</optional> - </dependency> - <dependency> - <groupId>struts</groupId> - <artifactId>struts</artifactId> - <version>1.2.4</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>iaik</groupId> - <artifactId>iaik_jce_eval_signed</artifactId> - <version>3.142</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>iaik</groupId> - <artifactId>iaik_ixsil_eval</artifactId> - <version>1.2.0</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>javax.mail</groupId> - <artifactId>mail</artifactId> - <version>1.4</version> <!-- was: 1.3.1 --> - <optional>true</optional> - </dependency> - <dependency> - <groupId>commons-logging</groupId> - <artifactId>commons-logging</artifactId> - <version>1.0.3</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>log4j</groupId> - <artifactId>log4j</artifactId> - <version>1.2.8</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>iaik</groupId> - <artifactId>iaik_ecc_eval_signed</artifactId> - <version>2.15</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>net.sf.hibernate</groupId> - <artifactId>hibernate</artifactId> - <version>2.1.7c</version> <!-- was: 2.1.7 --> - <optional>true</optional> - </dependency> - <dependency> - <groupId>fop</groupId> - <artifactId>fop</artifactId> - <version>0.20.5</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>axis</groupId> - <artifactId>axis-jaxrpc</artifactId> - <version>1.0</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>tomcat</groupId> - <artifactId>catalina</artifactId> - <version>4.1.31</version> <!-- was: unknown --> - <optional>true</optional> - </dependency> - <dependency> - <groupId>junit</groupId> - <artifactId>junit</artifactId> - <version>4.1</version> - <scope>test</scope> - <optional>true</optional> - </dependency> - </dependencies> -</project> diff --git a/repository/iaik/bescheide/2007-09-13/bescheide-2007-09-13.jar b/repository/iaik/bescheide/2007-09-13/bescheide-2007-09-13.jar Binary files differdeleted file mode 100644 index 78bdc2f58..000000000 --- a/repository/iaik/bescheide/2007-09-13/bescheide-2007-09-13.jar +++ /dev/null diff --git a/repository/iaik/bescheide/2007-09-13/bescheide-2007-09-13.jar.sha1 b/repository/iaik/bescheide/2007-09-13/bescheide-2007-09-13.jar.sha1 deleted file mode 100644 index 2f7b99a43..000000000 --- a/repository/iaik/bescheide/2007-09-13/bescheide-2007-09-13.jar.sha1 +++ /dev/null @@ -1 +0,0 @@ -3cd8e2702cc2706dca2cd68e675e96b115edca6c diff --git a/repository/iaik/bescheide/2007-09-13/bescheide-2007-09-13.pom b/repository/iaik/bescheide/2007-09-13/bescheide-2007-09-13.pom deleted file mode 100644 index 20666ba88..000000000 --- a/repository/iaik/bescheide/2007-09-13/bescheide-2007-09-13.pom +++ /dev/null @@ -1,6 +0,0 @@ -<project> - <modelVersion>4.0.0</modelVersion> - <groupId>iaik</groupId> - <artifactId>bescheide</artifactId> - <version>2007-09-13</version> -</project> diff --git a/repository/iaik/bescheide/2007-09-13/bescheide-2007-09-13.pom.sha1 b/repository/iaik/bescheide/2007-09-13/bescheide-2007-09-13.pom.sha1 deleted file mode 100644 index 44af41359..000000000 --- a/repository/iaik/bescheide/2007-09-13/bescheide-2007-09-13.pom.sha1 +++ /dev/null @@ -1 +0,0 @@ -0ae1ab9cc1b907d2c6dfcc227637dc72faca95fa diff --git a/repository/iaik/commons-iaik/0.5.5/commons-iaik-0.5.5.jar b/repository/iaik/commons-iaik/0.5.5/commons-iaik-0.5.5.jar Binary files differdeleted file mode 100644 index b9b08856c..000000000 --- a/repository/iaik/commons-iaik/0.5.5/commons-iaik-0.5.5.jar +++ /dev/null diff --git a/repository/iaik/commons-iaik/0.5.5/commons-iaik-0.5.5.jar.md5 b/repository/iaik/commons-iaik/0.5.5/commons-iaik-0.5.5.jar.md5 deleted file mode 100644 index 1b409ac45..000000000 --- a/repository/iaik/commons-iaik/0.5.5/commons-iaik-0.5.5.jar.md5 +++ /dev/null @@ -1 +0,0 @@ -a9ebe33840edea5854f3e8b8c0c03cab
\ No newline at end of file diff --git a/repository/iaik/commons-iaik/0.5.5/commons-iaik-0.5.5.jar.sha1 b/repository/iaik/commons-iaik/0.5.5/commons-iaik-0.5.5.jar.sha1 deleted file mode 100644 index c7e599b34..000000000 --- a/repository/iaik/commons-iaik/0.5.5/commons-iaik-0.5.5.jar.sha1 +++ /dev/null @@ -1 +0,0 @@ -b999d8a518efa41bdf67bd9fd964e9b09affe5dd
\ No newline at end of file diff --git a/repository/iaik/commons-iaik/0.5.5/commons-iaik-0.5.5.pom b/repository/iaik/commons-iaik/0.5.5/commons-iaik-0.5.5.pom deleted file mode 100644 index 3f6ccf7e5..000000000 --- a/repository/iaik/commons-iaik/0.5.5/commons-iaik-0.5.5.pom +++ /dev/null @@ -1,633 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<project xmlns="http://maven.apache.org/POM/4.0.0" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> - <modelVersion>4.0.0</modelVersion> - - <groupId>iaik</groupId> - <artifactId>commons-iaik</artifactId> - <name>COMMONS IAIK Library</name> - <version>0.5.5</version> - - <description>Sammlung haeufig verwendeter Klassen und Methoden</description> - <url>http://www.iaik.tugraz.at</url> - <inceptionYear>2006</inceptionYear> - <developers> - <developer> - <id>tknall</id> - <name>Thomas Knall</name> - <email>thomas.knall@iaik.tugraz.at</email> - <organization>IAIK</organization> - <roles> - <role>developer</role> - </roles> - <timezone>+1</timezone> - </developer> - </developers> - - <organization> - <name>IAIK - Institute for Applied Information Processing and Communications</name> - <url>http://www.iaik.tugraz.at</url> - </organization> - - <pluginRepositories> - <!-- - <pluginRepository> - <id>tlc</id> - <name>TLC Repository</name> - <url>http://commons.ucalgary.ca/pub/m2</url> - </pluginRepository> - --> - <!-- - <pluginRepository> - <id>apache.org</id> - <name>Maven Plugin Snapshots</name> - <url>http://people.apache.org/repo/m2-snapshot-repository</url> - <releases> - <enabled>false</enabled> - </releases> - <snapshots> - <enabled>true</enabled> - </snapshots> - </pluginRepository> - --> - </pluginRepositories> - - <scm> - <connection>scm:svn:http://bugzilla.iaik.tugraz.at/asit/prj/commons-iaik/trunk/</connection> - <url>http://bugzilla.iaik.tugraz.at/asit/prj/commons-iaik/trunk/</url> - </scm> - - <distributionManagement> - <site> - <id>website</id> - <url> - file://development/c:/data/public/websites/PROJECTS/${artifactId}/${project.version} - </url> - </site> - </distributionManagement> - - <build> - - <resources> - - <resource> - <filtering>true</filtering> - <directory>src/main/resources</directory> - <includes> - <include>**/CommonsIAIK.properties</include> - </includes> - <excludes> - <exclude>srgb.profile</exclude> - </excludes> - </resource> - <resource> - <filtering>false</filtering> - <directory>src/main/resources</directory> - <includes> - <!-- needed for ITextText only --> - <include>**/taglib.tld</include> - </includes> - <excludes> - <exclude>srgb.profile</exclude> - </excludes> - </resource> - <resource> - <filtering>false</filtering> - <directory>src/main/java</directory> - <includes> - <include>**/*.xml</include> - <include>**/*.xsd</include> - </includes> - <excludes> - <exclude>**/application_config.xml</exclude> - <exclude>**/application_default_config.xml</exclude> - </excludes> - </resource> - - </resources> - - <finalName>${artifactId}-${version}</finalName> - - <plugins> - <!-- - <plugin> - <groupId>org.codehaus.mojo</groupId> - <artifactId>maven-buildnumber-plugin</artifactId> - <version>0.9.6</version> - <configuration> - <format>{0,date,yyyy-MM-dd'T'HH:mm:ssZ}</format> - <items> - <item>timestamp</item> - </items> - </configuration> - <executions> - <execution> - <phase>validate</phase> - <goals> - <goal>create</goal> - </goals> - </execution> - </executions> - </plugin> - --> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-surefire-plugin</artifactId> - <version>2.3</version> - <configuration> - <showsuccess>true</showsuccess> - </configuration> - </plugin> - <plugin> - <artifactId>maven-site-plugin</artifactId> - <configuration> - <locales>en</locales> - </configuration> - </plugin> - <plugin> - <artifactId>maven-compiler-plugin</artifactId> - <configuration> - <source>1.5</source> - <target>1.5</target> - <excludes> - <exclude>at/iaik/commons/test/*/</exclude> - </excludes> - </configuration> - </plugin> - <!-- plugin> - <groupId>com.pyx4me</groupId> - <artifactId>proguard-maven-plugin</artifactId> - <executions> - <execution> - <phase>package</phase> - <goals><goal>proguard</goal></goals> - </execution> - </executions> - <configuration> - <obfuscate>true</obfuscate> - <libs> - <lib>${java.home}/lib/rt.jar</lib> - <lib>${java.home}/lib/jsse.jar</lib> - </libs> - </configuration> - </plugin--> - <plugin> - <artifactId>maven-jar-plugin</artifactId> - <configuration> - <archive> - <manifest> - <mainClass>at.iaik.commons.metadata.CommonsIAIK</mainClass> - <!-- - <addDefaultSpecificationEntries>true</addDefaultSpecificationEntries> - --> - <addDefaultImplementationEntries>true</addDefaultImplementationEntries> - <addClasspath>true</addClasspath> - </manifest> - <manifestEntries> - <!-- - <Implementation-Build>${buildNumber}</Implementation-Build> - --> - <Implementation-Build>${build.date}</Implementation-Build> - </manifestEntries> - </archive> - </configuration> - </plugin> - <plugin> - <artifactId>maven-assembly-plugin</artifactId> - <version>2.2-beta-2</version> - <configuration> - <descriptors> - <!-- - <descriptor>src/main/assembly/assemble_libraries.xml</descriptor> - <descriptor>src/main/assembly/assemble_repository.xml</descriptor> - --> - <descriptor>src/main/assembly/assemble_libraries.xml</descriptor> - </descriptors> - </configuration> - </plugin> - <plugin> - <artifactId>maven-javadoc-plugin</artifactId> - <configuration> - <additionalparam></additionalparam> - <show>public</show> - <links> - <link>http://java.sun.com/j2se/1.5.0/docs/api/</link> - <link>http://java.sun.com/j2ee/1.4/docs/api/</link> - <!-- - <link>http://struts.apache.org/1.2.9/api/</link> - --> - <link>http://struts.apache.org/1.3.10/apidocs/</link> - <link>http://logging.apache.org/log4j/docs/api/</link> - <link>http://www.jconfig.org/javadoc/</link> - <link>http://www.hibernate.org/hib_docs/v3/api/</link> - <link>http://tomcat.apache.org/tomcat-5.5-doc/catalina/docs/api/</link> - <link>http://www.saxproject.org/apidoc/</link> - </links> - <source>1.5</source> - <target>1.5</target> - <verbose>false</verbose> - <windowtitle>${pom.name} v${pom.version}:${build.date} API</windowtitle> - <bottom>Copyright ${pom.inceptionYear} <a href="${pom.organization.url}" target="_blank">${pom.organization.name}</a>. All Rights Reserved.</bottom> - </configuration> - </plugin> - - </plugins> - - </build> - - <dependencies> - - <dependency> - <groupId>javax.servlet</groupId> - <artifactId>servlet-api</artifactId> - <version>2.4</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>javax.servlet</groupId> - <artifactId>jsp-api</artifactId> - <version>2.0</version> - <optional>true</optional> - </dependency> - - <!-- apache struts upgraded to 1.3.x: see http://wiki.apache.org/struts/StrutsUpgradeNotes12to13 --> - <!-- - <dependency> - <groupId>struts</groupId> - <artifactId>struts</artifactId> - <version>1.2.9</version> - <optional>true</optional> - </dependency> - --> - <dependency> - <groupId>org.apache.struts</groupId> - <artifactId>struts-core</artifactId> - <version>1.3.10</version> - <optional>true</optional> - </dependency> - - <dependency> - <groupId>org.apache.struts</groupId> - <artifactId>struts-taglib</artifactId> - <version>1.3.10</version> - <optional>true</optional> - </dependency> - - <dependency> - <groupId>org.hibernate</groupId> - <artifactId>hibernate</artifactId> - <version>3.1.3</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>log4j</groupId> - <artifactId>log4j</artifactId> - <version>1.2.14</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>org.jconfig</groupId> - <artifactId>jconfig</artifactId> - <version>2.9</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>axis</groupId> - <artifactId>axis</artifactId> - <version>1.1</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>axis</groupId> - <artifactId>axis-saaj</artifactId> - <version>1.0</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>axis</groupId> - <artifactId>axis-wsdl4j</artifactId> - <version>1.0</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>axis</groupId> - <artifactId>axis-jaxrpc</artifactId> - <version>1.0</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>commons-discovery</groupId> - <artifactId>commons-discovery</artifactId> - <version>0.2</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>jdom</groupId> - <artifactId>jdom</artifactId> - <version>1.0</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>javax.mail</groupId> - <artifactId>mail</artifactId> - <version>1.4</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>xerces</groupId> - <artifactId>xercesImpl</artifactId> - <version>2.9.1</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>tomcat</groupId> - <artifactId>catalina</artifactId> - <version>5.0.28</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>xml-apis</groupId> - <artifactId>xml-apis</artifactId> - <version>1.3.02</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>commons-io</groupId> - <artifactId>commons-io</artifactId> - <version>1.4</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>org.apache.serializer</groupId> - <artifactId>serializer</artifactId> - <version>2.7.0</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>org.apache.xmlgraphics</groupId> - <artifactId>xmlgraphics-commons</artifactId> - <version>1.0</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>xalan</groupId> - <artifactId>xalan</artifactId> - <version>2.7.1</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>junit</groupId> - <artifactId>junit</artifactId> - <version>4.1</version> - <scope>test</scope> - <optional>true</optional> - </dependency> - <dependency> - <groupId>commons-lang</groupId> - <artifactId>commons-lang</artifactId> - <version>2.4</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>commons-codec</groupId> - <artifactId>commons-codec</artifactId> - <version>1.3</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>commons-httpclient</groupId> - <artifactId>commons-httpclient</artifactId> - <version>3.1</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>iaik</groupId> - <artifactId>iaik_jce_eval_signed</artifactId> - <version>3.16</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>iaik</groupId> - <artifactId>iaik_ixsil_eval</artifactId> - <version>1.2.2</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>iaik</groupId> - <artifactId>asit</artifactId> - <version>1.3.4</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>iaik</groupId> - <artifactId>zsproxy</artifactId> - <version>2007-03-02</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>batik</groupId> - <artifactId>batik-all</artifactId> - <version>1.6</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>fop</groupId> - <artifactId>fop</artifactId> - <version>0.92beta</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>knowcenter</groupId> - <artifactId>pdf-as</artifactId> - <version>3.0.9-20090203</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>iaik</groupId> - <artifactId>iaik_xsect_eval</artifactId> - <version>1.11build48</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>iaik</groupId> - <artifactId>iaik_ecc_eval_signed</artifactId> - <version>2.15</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>iaik</groupId> - <artifactId>iaik_cms_eval</artifactId> - <version>4.0</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>at.gv.bmi</groupId> - <artifactId>szr-client</artifactId> - <version>3.71</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>commons-cli</groupId> - <artifactId>commons-cli</artifactId> - <version>1.1</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>com.lowagie</groupId> - <artifactId>itext</artifactId> - <!-- - <version>2.0.7</version> - --> - <version>2.1.3</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>commons-logging</groupId> - <artifactId>commons-logging</artifactId> - <version>1.1.1</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>javax.xml.bind</groupId> - <artifactId>jaxb-api</artifactId> - <version>2.1</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>javax.xml</groupId> - <artifactId>jaxb-impl</artifactId> - <version>2.1.6</version> - <optional>true</optional> - </dependency> - - </dependencies> - - <properties> - <build.date>2009-02-05</build.date> - </properties> - - <reporting> - - <plugins> - - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId> - maven-project-info-reports-plugin - </artifactId> - <reportSets> - <reportSet> - <reports> - <report>dependencies</report> - <report>project-team</report> - <!-- report>mailing-list</report --> - <report>cim</report> - <!-- report>issue-tracking</report --> - <report>license</report> - <report>scm</report> - </reports> - </reportSet> - </reportSets> - </plugin> - - <plugin> - <artifactId>maven-javadoc-plugin</artifactId> - <configuration> - <additionalparam></additionalparam> - <public>true</public> - <package>true</package> - <private>true</private> - <links> - <link>http://java.sun.com/j2se/1.5.0/docs/api/</link> - <link>http://java.sun.com/j2ee/1.4/docs/api/</link> - <!-- - <link>http://struts.apache.org/1.2.9/api/</link> - --> - <link>http://struts.apache.org/1.3.10/apidocs/</link> - <link>http://logging.apache.org/log4j/docs/api/</link> - </links> - <source>1.5</source> - <target>1.5</target> - <windowtitle>${pom.name} v${pom.version}:${build.date} API</windowtitle> - <bottom>Copyright ${pom.inceptionYear} <a href="${pom.organization.url}" target="_blank">${pom.organization.name}</a>. All Rights Reserved.</bottom> - </configuration> - </plugin> - - <plugin> - <groupId>org.codehaus.mojo</groupId> - <artifactId>taglist-maven-plugin</artifactId> - <version>2.0-beta-1</version> - </plugin> - - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-jxr-plugin</artifactId> - </plugin> - - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-surefire-report-plugin</artifactId> - <configuration> - <showSuccess>true</showSuccess> - </configuration> - </plugin> - - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-pmd-plugin</artifactId> - <configuration> - <targetJdk>1.5</targetJdk> - </configuration> - </plugin> - - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-changes-plugin</artifactId> - <configuration> - <xmlPath>${basedir}/src/site/changes.xml</xmlPath> - </configuration> - <reportSets> - <reportSet> - <reports> - <report>changes-report</report> - </reports> - </reportSet> - </reportSets> - </plugin> - - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-clover-plugin</artifactId> - </plugin> - - <plugin> - <groupId>org.codehaus.mojo</groupId> - <artifactId>changelog-maven-plugin</artifactId> - <version>2.0-beta-1</version> - <configuration> - <type>range</type> - <range>30</range> - </configuration> - </plugin> - - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-docck-plugin</artifactId> - </plugin> - - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-checkstyle-plugin</artifactId> - <configuration> - <configLocation> - ${basedir}/src/site/checkstyle/sun_checks_modified.xml - </configLocation> - </configuration> - </plugin> - - </plugins> - - </reporting> - -</project> diff --git a/repository/iaik/commons-iaik/0.5.5/commons-iaik-0.5.5.pom.md5 b/repository/iaik/commons-iaik/0.5.5/commons-iaik-0.5.5.pom.md5 deleted file mode 100644 index 11fa5b7a1..000000000 --- a/repository/iaik/commons-iaik/0.5.5/commons-iaik-0.5.5.pom.md5 +++ /dev/null @@ -1 +0,0 @@ -e0ba073d10f5a19f62322fc171971ff0
\ No newline at end of file diff --git a/repository/iaik/commons-iaik/0.5.5/commons-iaik-0.5.5.pom.sha1 b/repository/iaik/commons-iaik/0.5.5/commons-iaik-0.5.5.pom.sha1 deleted file mode 100644 index 24cc66dfb..000000000 --- a/repository/iaik/commons-iaik/0.5.5/commons-iaik-0.5.5.pom.sha1 +++ /dev/null @@ -1 +0,0 @@ -ecb2fcf08eb6f8a89ec587edd908fbb7d312a5ca
\ No newline at end of file diff --git a/repository/iaik/commons-iaik/0.6.2/commons-iaik-0.6.2.jar b/repository/iaik/commons-iaik/0.6.2/commons-iaik-0.6.2.jar Binary files differdeleted file mode 100644 index c6ed59d02..000000000 --- a/repository/iaik/commons-iaik/0.6.2/commons-iaik-0.6.2.jar +++ /dev/null diff --git a/repository/iaik/commons-iaik/0.7.1/commons-iaik-0.7.1.jar b/repository/iaik/commons-iaik/0.7.1/commons-iaik-0.7.1.jar Binary files differdeleted file mode 100644 index afb15c02a..000000000 --- a/repository/iaik/commons-iaik/0.7.1/commons-iaik-0.7.1.jar +++ /dev/null diff --git a/repository/iaik/commons-iaik/0.7.1/commons-iaik-0.7.1.jar.md5 b/repository/iaik/commons-iaik/0.7.1/commons-iaik-0.7.1.jar.md5 deleted file mode 100644 index f2d00d34a..000000000 --- a/repository/iaik/commons-iaik/0.7.1/commons-iaik-0.7.1.jar.md5 +++ /dev/null @@ -1 +0,0 @@ -fc0104930f152e891ee26d6e7c494959
\ No newline at end of file diff --git a/repository/iaik/commons-iaik/0.7.1/commons-iaik-0.7.1.jar.sha1 b/repository/iaik/commons-iaik/0.7.1/commons-iaik-0.7.1.jar.sha1 deleted file mode 100644 index b6bf33e23..000000000 --- a/repository/iaik/commons-iaik/0.7.1/commons-iaik-0.7.1.jar.sha1 +++ /dev/null @@ -1 +0,0 @@ -ba2377c57bd8d1000ccd825d0f1276e2111e19dd
\ No newline at end of file diff --git a/repository/iaik/commons-iaik/0.7.1/commons-iaik-0.7.1.pom b/repository/iaik/commons-iaik/0.7.1/commons-iaik-0.7.1.pom deleted file mode 100644 index f7d5274ef..000000000 --- a/repository/iaik/commons-iaik/0.7.1/commons-iaik-0.7.1.pom +++ /dev/null @@ -1,508 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<project xmlns="http://maven.apache.org/POM/4.0.0" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> - <modelVersion>4.0.0</modelVersion> - - <groupId>iaik</groupId> - <artifactId>commons-iaik</artifactId> - <name>COMMONS IAIK Library</name> - <version>0.7.1</version> - - <description>Sammlung haeufig verwendeter Klassen und Methoden</description> - <url>http://www.iaik.tugraz.at</url> - <inceptionYear>2006</inceptionYear> - <developers> - <developer> - <id>tknall</id> - <name>Thomas Knall</name> - <email>thomas.knall@iaik.tugraz.at</email> - <organization>IAIK</organization> - <roles> - <role>developer</role> - </roles> - <timezone>+1</timezone> - </developer> - </developers> - - <organization> - <name>IAIK - Institute for Applied Information Processing and Communications</name> - <url>http://www.iaik.tugraz.at</url> - </organization> - - <build> - - <resources> - - <resource> - <filtering>true</filtering> - <directory>src/main/resources</directory> - <includes> - <include>**/CommonsIAIK.properties</include> - </includes> - <excludes> - <exclude>srgb.profile</exclude> - </excludes> - </resource> - <resource> - <filtering>false</filtering> - <directory>src/main/resources</directory> - <includes> - <!-- needed for ITextText only --> - <include>**/taglib.tld</include> - </includes> - <excludes> - <exclude>srgb.profile</exclude> - </excludes> - </resource> - <resource> - <filtering>false</filtering> - <directory>src/main/java</directory> - <includes> - <include>**/*.xml</include> - <include>**/*.xsd</include> - </includes> - <excludes> - <exclude>**/application_config.xml</exclude> - <exclude>**/application_default_config.xml</exclude> - </excludes> - </resource> - - </resources> - - <finalName>${project.artifactId}-${project.version}</finalName> - - <plugins> - <!-- - <plugin> - <groupId>org.codehaus.mojo</groupId> - <artifactId>maven-buildnumber-plugin</artifactId> - <version>0.9.6</version> - <configuration> - <format>{0,date,yyyy-MM-dd'T'HH:mm:ssZ}</format> - <items> - <item>timestamp</item> - </items> - </configuration> - <executions> - <execution> - <phase>validate</phase> - <goals> - <goal>create</goal> - </goals> - </execution> - </executions> - </plugin> - --> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-surefire-plugin</artifactId> - <version>2.3</version> - <configuration> - <showsuccess>true</showsuccess> - </configuration> - </plugin> - <plugin> - <artifactId>maven-site-plugin</artifactId> - <configuration> - <locales>en</locales> - <encoding>UTF-8</encoding> - </configuration> - </plugin> - <plugin> - <artifactId>maven-compiler-plugin</artifactId> - <configuration> - <source>1.5</source> - <target>1.5</target> - <excludes> - <exclude>at/iaik/commons/test/*/</exclude> - </excludes> - <!-- - <encoding>UTF-8</encoding> - --> - </configuration> - </plugin> - <plugin> - <artifactId>maven-resources-plugin</artifactId> - <configuration> - <encoding>UTF-8</encoding> - </configuration> - </plugin> - <!-- plugin> - <groupId>com.pyx4me</groupId> - <artifactId>proguard-maven-plugin</artifactId> - <executions> - <execution> - <phase>package</phase> - <goals><goal>proguard</goal></goals> - </execution> - </executions> - <configuration> - <obfuscate>true</obfuscate> - <libs> - <lib>${java.home}/lib/rt.jar</lib> - <lib>${java.home}/lib/jsse.jar</lib> - </libs> - </configuration> - </plugin--> - <plugin> - <artifactId>maven-jar-plugin</artifactId> - <configuration> - <archive> - <manifest> - <mainClass>at.iaik.commons.metadata.CommonsIAIK</mainClass> - <!-- - <addDefaultSpecificationEntries>true</addDefaultSpecificationEntries> - --> - <addDefaultImplementationEntries>true</addDefaultImplementationEntries> - <addClasspath>true</addClasspath> - </manifest> - <manifestEntries> - <!-- - <Implementation-Build>${buildNumber}</Implementation-Build> - --> - <Implementation-Build>${build.date}</Implementation-Build> - </manifestEntries> - </archive> - </configuration> - </plugin> - <plugin> - <artifactId>maven-assembly-plugin</artifactId> - <version>2.2-beta-2</version> - <configuration> - <descriptors> - <!-- - <descriptor>src/main/assembly/assemble_libraries.xml</descriptor> - <descriptor>src/main/assembly/assemble_repository.xml</descriptor> - --> - <descriptor>src/main/assembly/assemble_libraries.xml</descriptor> - </descriptors> - </configuration> - </plugin> - <plugin> - <artifactId>maven-javadoc-plugin</artifactId> - <configuration> - <additionalparam></additionalparam> - <show>public</show> - <links> - <link>http://download.oracle.com/javase/1.5.0/docs/api/</link> - <link>http://download.oracle.com/javase/1.4.2/docs/api/</link> - <!-- - <link>http://struts.apache.org/1.2.9/api/</link> - --> - <link>http://struts.apache.org/1.3.10/apidocs/</link> - <link>http://logging.apache.org/log4j/docs/api/</link> - <link>http://www.jconfig.org/javadoc/</link> - <link>http://www.hibernate.org/hib_docs/v3/api/</link> - <link>http://tomcat.apache.org/tomcat-5.5-doc/catalina/docs/api/</link> - <link>http://www.saxproject.org/apidoc/</link> - <link>http://commons.apache.org/lang/api-release/</link> - <link>http://commons.apache.org/io/api-release/</link> - </links> - <source>1.5</source> - <target>1.5</target> - <verbose>false</verbose> - <windowtitle>${project.name} v${project.version}:${build.date} API</windowtitle> - <bottom>Copyright ${project.inceptionYear} <a href="${project.organization.url}" target="_blank">${project.organization.name}</a>. All Rights Reserved.</bottom> - <!-- - <encoding>UTF-8</encoding> - --> - </configuration> - </plugin> - - </plugins> - - </build> - - <dependencies> - - <dependency> - <groupId>javax.servlet</groupId> - <artifactId>servlet-api</artifactId> - <version>2.4</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>javax.servlet</groupId> - <artifactId>jsp-api</artifactId> - <version>2.0</version> - <optional>true</optional> - </dependency> - - <!-- apache struts upgraded to 1.3.x: see http://wiki.apache.org/struts/StrutsUpgradeNotes12to13 --> - <!-- - <dependency> - <groupId>struts</groupId> - <artifactId>struts</artifactId> - <version>1.2.9</version> - <optional>true</optional> - </dependency> - --> - <dependency> - <groupId>org.apache.struts</groupId> - <artifactId>struts-core</artifactId> - <version>1.3.10</version> - <optional>true</optional> - </dependency> - - <dependency> - <groupId>org.apache.struts</groupId> - <artifactId>struts-taglib</artifactId> - <version>1.3.10</version> - <optional>true</optional> - </dependency> - - <!-- - <dependency> - <groupId>org.hibernate</groupId> - <artifactId>hibernate</artifactId> - <version>3.1.3</version> - <optional>true</optional> - </dependency> - --> - <dependency> - <groupId>org.hibernate</groupId> - <artifactId>hibernate-core</artifactId> - <version>3.3.0.SP1</version> - <optional>true</optional> - <exclusions> - <exclusion> - <groupId>org.slf4j</groupId> - <artifactId>slf4j-api</artifactId> - </exclusion> - <exclusion> - <groupId>org.slf4j</groupId> - <artifactId>slf4j-log4j12</artifactId> - </exclusion> - </exclusions> - </dependency> - <dependency> - <groupId>log4j</groupId> - <artifactId>log4j</artifactId> - <version>1.2.14</version> - </dependency> - <dependency> - <groupId>org.jconfig</groupId> - <artifactId>jconfig</artifactId> - <version>2.9</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>axis</groupId> - <artifactId>axis</artifactId> - <version>1.1</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>axis</groupId> - <artifactId>axis-saaj</artifactId> - <version>1.0</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>axis</groupId> - <artifactId>axis-wsdl4j</artifactId> - <version>1.0</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>axis</groupId> - <artifactId>axis-jaxrpc</artifactId> - <version>1.0</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>commons-discovery</groupId> - <artifactId>commons-discovery</artifactId> - <version>0.2</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>org.jdom</groupId> - <artifactId>jdom</artifactId> - <version>1.1</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>javax.mail</groupId> - <artifactId>mail</artifactId> - <version>1.4</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>xerces</groupId> - <artifactId>xercesImpl</artifactId> - <version>2.9.1</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>tomcat</groupId> - <artifactId>catalina</artifactId> - <version>5.0.28</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>xml-apis</groupId> - <artifactId>xml-apis</artifactId> - <version>1.3.02</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>commons-io</groupId> - <artifactId>commons-io</artifactId> - <version>1.4</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>org.apache.serializer</groupId> - <artifactId>serializer</artifactId> - <version>2.7.0</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>org.apache.xmlgraphics</groupId> - <artifactId>xmlgraphics-commons</artifactId> - <version>1.0</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>xalan</groupId> - <artifactId>xalan</artifactId> - <version>2.7.1</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>junit</groupId> - <artifactId>junit</artifactId> - <version>4.1</version> - <scope>test</scope> - <optional>true</optional> - </dependency> - <dependency> - <groupId>commons-lang</groupId> - <artifactId>commons-lang</artifactId> - <version>2.5</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>commons-codec</groupId> - <artifactId>commons-codec</artifactId> - <version>1.3</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>commons-httpclient</groupId> - <artifactId>commons-httpclient</artifactId> - <version>3.1</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>iaik</groupId> - <artifactId>iaik_jce_eval_signed</artifactId> - <version>4.0</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>iaik</groupId> - <artifactId>iaik_ixsil_eval</artifactId> - <version>1.2.2</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>iaik</groupId> - <artifactId>asit</artifactId> - <version>1.3.6</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>iaik</groupId> - <artifactId>zsproxy</artifactId> - <version>2007-03-02</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>batik</groupId> - <artifactId>batik-all</artifactId> - <version>1.6</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>fop</groupId> - <artifactId>fop</artifactId> - <version>0.92beta</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>knowcenter</groupId> - <artifactId>pdf-as</artifactId> - <!-- - <version>3.1.1-snapshot</version> - --> - <version>3.1</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>iaik</groupId> - <artifactId>iaik_xsect_eval</artifactId> - <version>1.11build48</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>iaik</groupId> - <artifactId>iaik_ecc_eval_signed</artifactId> - <version>2.19</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>iaik</groupId> - <artifactId>iaik_cms_eval</artifactId> - <version>4.0</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>at.gv.bmi</groupId> - <artifactId>szr-client</artifactId> - <version>3.71</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>commons-cli</groupId> - <artifactId>commons-cli</artifactId> - <version>1.1</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>com.lowagie</groupId> - <artifactId>itext</artifactId> - <!-- - <version>2.0.7</version> - --> - <version>2.1.3</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>commons-logging</groupId> - <artifactId>commons-logging</artifactId> - <version>1.1.1</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>javax.xml.bind</groupId> - <artifactId>jaxb-api</artifactId> - <version>2.1</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>javax.xml</groupId> - <artifactId>jaxb-impl</artifactId> - <version>2.1.6</version> - <optional>true</optional> - </dependency> - - </dependencies> - - <properties> - <build.date>2011-01-16</build.date> - </properties> - -</project> diff --git a/repository/iaik/commons-iaik/0.7.1/commons-iaik-0.7.1.pom.md5 b/repository/iaik/commons-iaik/0.7.1/commons-iaik-0.7.1.pom.md5 deleted file mode 100644 index fac84458d..000000000 --- a/repository/iaik/commons-iaik/0.7.1/commons-iaik-0.7.1.pom.md5 +++ /dev/null @@ -1 +0,0 @@ -8fce1151c5036c1d834f0374f05b9482
\ No newline at end of file diff --git a/repository/iaik/commons-iaik/0.7.1/commons-iaik-0.7.1.pom.sha1 b/repository/iaik/commons-iaik/0.7.1/commons-iaik-0.7.1.pom.sha1 deleted file mode 100644 index 313186a5e..000000000 --- a/repository/iaik/commons-iaik/0.7.1/commons-iaik-0.7.1.pom.sha1 +++ /dev/null @@ -1 +0,0 @@ -dbbc777d5bf8d49d61febfda94fa67d3e12f081f
\ No newline at end of file diff --git a/repository/iaik/commons-iaik/0.7.1/m2e-lastUpdated.properties b/repository/iaik/commons-iaik/0.7.1/m2e-lastUpdated.properties deleted file mode 100644 index 439757873..000000000 --- a/repository/iaik/commons-iaik/0.7.1/m2e-lastUpdated.properties +++ /dev/null @@ -1,3 +0,0 @@ -#Mon Jan 09 10:07:25 CET 2012 -*|http\://nexus.iaik.tugraz.at/nexus/content/groups/internal|sources=1326100045570 -central|http\://repo1.maven.org/maven2|sources=1326100045570 diff --git a/repository/iaik/ecc/3.18/ecc-3.18.jar b/repository/iaik/ecc/3.18/ecc-3.18.jar Binary files differdeleted file mode 100644 index abe38aea9..000000000 --- a/repository/iaik/ecc/3.18/ecc-3.18.jar +++ /dev/null diff --git a/repository/iaik/ecc/3.18/ecc-3.18.pom b/repository/iaik/ecc/3.18/ecc-3.18.pom deleted file mode 100644 index 266ef0cf8..000000000 --- a/repository/iaik/ecc/3.18/ecc-3.18.pom +++ /dev/null @@ -1,7 +0,0 @@ -<project> - <modelVersion>4.0.0</modelVersion> - <groupId>iaik</groupId> - <artifactId>ecc</artifactId> - <name>IAIK ECC</name> - <version>3.18</version> -</project>
\ No newline at end of file diff --git a/repository/iaik/iaikPkcs11Provider/1.3/iaikPkcs11Provider-1.3.jar b/repository/iaik/iaikPkcs11Provider/1.3/iaikPkcs11Provider-1.3.jar Binary files differdeleted file mode 100644 index de1364ee9..000000000 --- a/repository/iaik/iaikPkcs11Provider/1.3/iaikPkcs11Provider-1.3.jar +++ /dev/null diff --git a/repository/iaik/iaik_ecc/2.19/iaik_ecc-2.19.jar b/repository/iaik/iaik_ecc/2.19/iaik_ecc-2.19.jar Binary files differdeleted file mode 100644 index 4a5fca3d7..000000000 --- a/repository/iaik/iaik_ecc/2.19/iaik_ecc-2.19.jar +++ /dev/null diff --git a/repository/iaik/iaik_ecc/2.19/iaik_ecc-2.19.pom b/repository/iaik/iaik_ecc/2.19/iaik_ecc-2.19.pom deleted file mode 100644 index 0594f8ef9..000000000 --- a/repository/iaik/iaik_ecc/2.19/iaik_ecc-2.19.pom +++ /dev/null @@ -1,9 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> - <modelVersion>4.0.0</modelVersion> - <groupId>iaik</groupId> - <artifactId>iaik_ecc</artifactId> - <version>2.19</version> - <description>POM was created from install:install-file</description> -</project> diff --git a/repository/iaik/iaik_ecc_eval_signed/2.15/iaik_ecc_eval_signed-2.15.jar b/repository/iaik/iaik_ecc_eval_signed/2.15/iaik_ecc_eval_signed-2.15.jar Binary files differdeleted file mode 100644 index dbed40bcd..000000000 --- a/repository/iaik/iaik_ecc_eval_signed/2.15/iaik_ecc_eval_signed-2.15.jar +++ /dev/null diff --git a/repository/iaik/iaik_ecc_signed/2.15/iaik_ecc_signed-2.15.jar b/repository/iaik/iaik_ecc_signed/2.15/iaik_ecc_signed-2.15.jar Binary files differdeleted file mode 100644 index 740f04a85..000000000 --- a/repository/iaik/iaik_ecc_signed/2.15/iaik_ecc_signed-2.15.jar +++ /dev/null diff --git a/repository/iaik/iaik_ecc_signed/2.15/iaik_ecc_signed-2.15.pom b/repository/iaik/iaik_ecc_signed/2.15/iaik_ecc_signed-2.15.pom deleted file mode 100644 index 7fb88a18f..000000000 --- a/repository/iaik/iaik_ecc_signed/2.15/iaik_ecc_signed-2.15.pom +++ /dev/null @@ -1,7 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?><project> - <modelVersion>4.0.0</modelVersion> - <groupId>iaik</groupId> - <artifactId>iaik_ecc_signed</artifactId> - <version>2.15</version> - <description>POM was created from install:install-file</description> -</project>
\ No newline at end of file diff --git a/repository/iaik/iaik_ecc_signed/2.19/iaik_ecc.jar b/repository/iaik/iaik_ecc_signed/2.19/iaik_ecc.jar Binary files differdeleted file mode 100644 index abe38aea9..000000000 --- a/repository/iaik/iaik_ecc_signed/2.19/iaik_ecc.jar +++ /dev/null diff --git a/repository/iaik/iaik_ecc_signed/2.19/iaik_ecc_signed-2.19.jar b/repository/iaik/iaik_ecc_signed/2.19/iaik_ecc_signed-2.19.jar Binary files differdeleted file mode 100644 index abe38aea9..000000000 --- a/repository/iaik/iaik_ecc_signed/2.19/iaik_ecc_signed-2.19.jar +++ /dev/null diff --git a/repository/iaik/iaik_ecc_signed/2.19/iaik_ecc_signed-2.19.jar.sha1 b/repository/iaik/iaik_ecc_signed/2.19/iaik_ecc_signed-2.19.jar.sha1 deleted file mode 100644 index c1f515b9e..000000000 --- a/repository/iaik/iaik_ecc_signed/2.19/iaik_ecc_signed-2.19.jar.sha1 +++ /dev/null @@ -1 +0,0 @@ -9bc26b101cf5ea86e060039e6df16f2df0c2fee1
\ No newline at end of file diff --git a/repository/iaik/iaik_ecc_signed/2.19/iaik_ecc_signed-2.19.pom b/repository/iaik/iaik_ecc_signed/2.19/iaik_ecc_signed-2.19.pom deleted file mode 100644 index a3f6474bf..000000000 --- a/repository/iaik/iaik_ecc_signed/2.19/iaik_ecc_signed-2.19.pom +++ /dev/null @@ -1,9 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> - <modelVersion>4.0.0</modelVersion> - <groupId>iaik</groupId> - <artifactId>iaik_ecc_signed</artifactId> - <version>2.19</version> - <description>POM was created from install:install-file</description> -</project> diff --git a/repository/iaik/iaik_ecc_signed/2.19/iaik_ecc_signed-2.19.pom.sha1 b/repository/iaik/iaik_ecc_signed/2.19/iaik_ecc_signed-2.19.pom.sha1 deleted file mode 100644 index 40428a2b8..000000000 --- a/repository/iaik/iaik_ecc_signed/2.19/iaik_ecc_signed-2.19.pom.sha1 +++ /dev/null @@ -1 +0,0 @@ -40c799da1addc280c4f04cfe65cab2b35cdf90b7
\ No newline at end of file diff --git a/repository/iaik/iaik_eccelerate/2.51/iaik_eccelerate-2.51.jar b/repository/iaik/iaik_eccelerate/2.51/iaik_eccelerate-2.51.jar Binary files differdeleted file mode 100644 index d53fcb398..000000000 --- a/repository/iaik/iaik_eccelerate/2.51/iaik_eccelerate-2.51.jar +++ /dev/null diff --git a/repository/iaik/iaik_eccelerate/2.51/iaik_eccelerate-2.51.pom b/repository/iaik/iaik_eccelerate/2.51/iaik_eccelerate-2.51.pom deleted file mode 100644 index 21a800dd7..000000000 --- a/repository/iaik/iaik_eccelerate/2.51/iaik_eccelerate-2.51.pom +++ /dev/null @@ -1,8 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> - <modelVersion>4.0.0</modelVersion> - <groupId>iaik</groupId> - <artifactId>iaik_eccelerate</artifactId> - <version>2.51</version> - <description>POM was created by Sonatype Nexus</description> -</project>
\ No newline at end of file diff --git a/repository/iaik/iaik_ixsil/1.2.0/iaik_ixsil-1.2.0-eval.jar b/repository/iaik/iaik_ixsil/1.2.0/iaik_ixsil-1.2.0-eval.jar Binary files differdeleted file mode 100644 index ada154483..000000000 --- a/repository/iaik/iaik_ixsil/1.2.0/iaik_ixsil-1.2.0-eval.jar +++ /dev/null diff --git a/repository/iaik/iaik_ixsil/1.2.0/iaik_ixsil-1.2.0.pom b/repository/iaik/iaik_ixsil/1.2.0/iaik_ixsil-1.2.0.pom deleted file mode 100644 index 0626c9021..000000000 --- a/repository/iaik/iaik_ixsil/1.2.0/iaik_ixsil-1.2.0.pom +++ /dev/null @@ -1,9 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> - <modelVersion>4.0.0</modelVersion> - <groupId>iaik</groupId> - <artifactId>iaik_ixsil</artifactId> - <version>1.2.0</version> - <description>Artifactory auto generated POM</description> -</project>
\ No newline at end of file diff --git a/repository/iaik/iaik_ixsil_eval/1.2.2/iaik_ixsil_eval-1.2.2-javadoc.jar b/repository/iaik/iaik_ixsil_eval/1.2.2/iaik_ixsil_eval-1.2.2-javadoc.jar Binary files differdeleted file mode 100644 index 95cc68e85..000000000 --- a/repository/iaik/iaik_ixsil_eval/1.2.2/iaik_ixsil_eval-1.2.2-javadoc.jar +++ /dev/null diff --git a/repository/iaik/iaik_ixsil_eval/1.2.2/iaik_ixsil_eval-1.2.2-javadoc.jar.sha1 b/repository/iaik/iaik_ixsil_eval/1.2.2/iaik_ixsil_eval-1.2.2-javadoc.jar.sha1 deleted file mode 100644 index aca85e0e9..000000000 --- a/repository/iaik/iaik_ixsil_eval/1.2.2/iaik_ixsil_eval-1.2.2-javadoc.jar.sha1 +++ /dev/null @@ -1 +0,0 @@ -eacf3e640ba6d84a2b57c65542522b6d4e5de5aa diff --git a/repository/iaik/iaik_ixsil_eval/1.2.2/iaik_ixsil_eval-1.2.2.jar b/repository/iaik/iaik_ixsil_eval/1.2.2/iaik_ixsil_eval-1.2.2.jar Binary files differdeleted file mode 100644 index 99b77eeef..000000000 --- a/repository/iaik/iaik_ixsil_eval/1.2.2/iaik_ixsil_eval-1.2.2.jar +++ /dev/null diff --git a/repository/iaik/iaik_ixsil_eval/1.2.2/iaik_ixsil_eval-1.2.2.jar.sha1 b/repository/iaik/iaik_ixsil_eval/1.2.2/iaik_ixsil_eval-1.2.2.jar.sha1 deleted file mode 100644 index b2419ec9d..000000000 --- a/repository/iaik/iaik_ixsil_eval/1.2.2/iaik_ixsil_eval-1.2.2.jar.sha1 +++ /dev/null @@ -1 +0,0 @@ -324132b942f7b1120f65c6ef7bede0e0fd9d918c diff --git a/repository/iaik/iaik_ixsil_eval/1.2.2/iaik_ixsil_eval-1.2.2.pom b/repository/iaik/iaik_ixsil_eval/1.2.2/iaik_ixsil_eval-1.2.2.pom deleted file mode 100644 index 54b44ad19..000000000 --- a/repository/iaik/iaik_ixsil_eval/1.2.2/iaik_ixsil_eval-1.2.2.pom +++ /dev/null @@ -1,6 +0,0 @@ -<project> - <modelVersion>4.0.0</modelVersion> - <groupId>iaik</groupId> - <artifactId>iaik_ixsil_eval</artifactId> - <version>1.2.2</version> -</project> diff --git a/repository/iaik/iaik_ixsil_eval/1.2.2/iaik_ixsil_eval-1.2.2.pom.sha1 b/repository/iaik/iaik_ixsil_eval/1.2.2/iaik_ixsil_eval-1.2.2.pom.sha1 deleted file mode 100644 index 4ecc2e613..000000000 --- a/repository/iaik/iaik_ixsil_eval/1.2.2/iaik_ixsil_eval-1.2.2.pom.sha1 +++ /dev/null @@ -1 +0,0 @@ -91c3b7dfbe45e151de8ba51e8f433fb8ea3dc7d4 diff --git a/repository/iaik/iaik_javax_crypto/1.0/iaik_javax_crypto-1.0.jar b/repository/iaik/iaik_javax_crypto/1.0/iaik_javax_crypto-1.0.jar Binary files differdeleted file mode 100644 index e4531328b..000000000 --- a/repository/iaik/iaik_javax_crypto/1.0/iaik_javax_crypto-1.0.jar +++ /dev/null diff --git a/repository/iaik/iaik_javax_crypto/1.0/iaik_javax_crypto-1.0.pom b/repository/iaik/iaik_javax_crypto/1.0/iaik_javax_crypto-1.0.pom deleted file mode 100644 index b4ff61576..000000000 --- a/repository/iaik/iaik_javax_crypto/1.0/iaik_javax_crypto-1.0.pom +++ /dev/null @@ -1,9 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> - <modelVersion>4.0.0</modelVersion> - <groupId>iaik</groupId> - <artifactId>iaik_javax_crypto</artifactId> - <version>1.0</version> - <description>POM was created from install:install-file</description> -</project> diff --git a/repository/iaik/iaik_jce_eval_signed/3.16/iaik_jce_eval_signed-3.16.jar b/repository/iaik/iaik_jce_eval_signed/3.16/iaik_jce_eval_signed-3.16.jar Binary files differdeleted file mode 100644 index 5687b9106..000000000 --- a/repository/iaik/iaik_jce_eval_signed/3.16/iaik_jce_eval_signed-3.16.jar +++ /dev/null diff --git a/repository/iaik/iaik_jce_eval_signed/3.181/iaik_jce_eval_signed-3.181.jar b/repository/iaik/iaik_jce_eval_signed/3.181/iaik_jce_eval_signed-3.181.jar Binary files differdeleted file mode 100644 index 932e4310f..000000000 --- a/repository/iaik/iaik_jce_eval_signed/3.181/iaik_jce_eval_signed-3.181.jar +++ /dev/null diff --git a/repository/iaik/iaik_jce_eval_signed/3.181/iaik_jce_eval_signed-3.181.pom b/repository/iaik/iaik_jce_eval_signed/3.181/iaik_jce_eval_signed-3.181.pom deleted file mode 100644 index 9bcbb93a5..000000000 --- a/repository/iaik/iaik_jce_eval_signed/3.181/iaik_jce_eval_signed-3.181.pom +++ /dev/null @@ -1,9 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> - <modelVersion>4.0.0</modelVersion> - <groupId>iaik</groupId> - <artifactId>iaik_jce_eval_signed</artifactId> - <version>3.181</version> - <description>POM was created from install:install-file</description> -</project> diff --git a/repository/iaik/iaik_jce_full/5.01/iaik_jce_full-5.01.jar b/repository/iaik/iaik_jce_full/5.01/iaik_jce_full-5.01.jar Binary files differdeleted file mode 100644 index 825bd2573..000000000 --- a/repository/iaik/iaik_jce_full/5.01/iaik_jce_full-5.01.jar +++ /dev/null diff --git a/repository/iaik/iaik_jce_full/5.01/iaik_jce_full-5.01.pom b/repository/iaik/iaik_jce_full/5.01/iaik_jce_full-5.01.pom deleted file mode 100644 index b9a480933..000000000 --- a/repository/iaik/iaik_jce_full/5.01/iaik_jce_full-5.01.pom +++ /dev/null @@ -1,9 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> - <modelVersion>4.0.0</modelVersion> - <groupId>iaik</groupId> - <artifactId>iaik_jce_full</artifactId> - <version>5.01</version> - <description>POM was created from install:install-file</description> -</project> diff --git a/repository/iaik/iaik_jce_full_signed/3.16/iaik_jce_full_signed-3.16.jar b/repository/iaik/iaik_jce_full_signed/3.16/iaik_jce_full_signed-3.16.jar Binary files differdeleted file mode 100644 index 0e6ca6fce..000000000 --- a/repository/iaik/iaik_jce_full_signed/3.16/iaik_jce_full_signed-3.16.jar +++ /dev/null diff --git a/repository/iaik/iaik_jce_full_signed/3.16/iaik_jce_full_signed-3.16.pom b/repository/iaik/iaik_jce_full_signed/3.16/iaik_jce_full_signed-3.16.pom deleted file mode 100644 index ab1026dac..000000000 --- a/repository/iaik/iaik_jce_full_signed/3.16/iaik_jce_full_signed-3.16.pom +++ /dev/null @@ -1,7 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?><project> - <modelVersion>4.0.0</modelVersion> - <groupId>iaik</groupId> - <artifactId>iaik_jce_full_signed</artifactId> - <version>3.16</version> - <description>POM was created from install:install-file</description> -</project>
\ No newline at end of file diff --git a/repository/iaik/iaik_jce_me4se/3.04/iaik_jce_me4se-3.04.jar b/repository/iaik/iaik_jce_me4se/3.04/iaik_jce_me4se-3.04.jar Binary files differdeleted file mode 100644 index d55a1d279..000000000 --- a/repository/iaik/iaik_jce_me4se/3.04/iaik_jce_me4se-3.04.jar +++ /dev/null diff --git a/repository/iaik/iaik_jce_me4se/3.04/iaik_jce_me4se-3.04.pom b/repository/iaik/iaik_jce_me4se/3.04/iaik_jce_me4se-3.04.pom deleted file mode 100644 index e6909b2ac..000000000 --- a/repository/iaik/iaik_jce_me4se/3.04/iaik_jce_me4se-3.04.pom +++ /dev/null @@ -1,7 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?><project> - <modelVersion>4.0.0</modelVersion> - <groupId>iaik</groupId> - <artifactId>iaik_jce_me4se</artifactId> - <version>3.04</version> - <description>POM was created from install:install-file</description> -</project>
\ No newline at end of file diff --git a/repository/iaik/iaik_jsse/4.4/iaik_jsse-4.4.jar b/repository/iaik/iaik_jsse/4.4/iaik_jsse-4.4.jar Binary files differdeleted file mode 100644 index 15b320422..000000000 --- a/repository/iaik/iaik_jsse/4.4/iaik_jsse-4.4.jar +++ /dev/null diff --git a/repository/iaik/iaik_jsse/4.4/iaik_jsse-4.4.pom b/repository/iaik/iaik_jsse/4.4/iaik_jsse-4.4.pom deleted file mode 100644 index 382c12003..000000000 --- a/repository/iaik/iaik_jsse/4.4/iaik_jsse-4.4.pom +++ /dev/null @@ -1,9 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> - <modelVersion>4.0.0</modelVersion> - <groupId>iaik</groupId> - <artifactId>iaik_jsse</artifactId> - <version>4.4</version> - <description>POM was created from install:install-file</description> -</project> diff --git a/repository/iaik/iaik_pki/1.0-MOCCA/iaik_pki-1.0-MOCCA.jar b/repository/iaik/iaik_pki/1.0-MOCCA/iaik_pki-1.0-MOCCA.jar Binary files differdeleted file mode 100644 index e911f1f15..000000000 --- a/repository/iaik/iaik_pki/1.0-MOCCA/iaik_pki-1.0-MOCCA.jar +++ /dev/null diff --git a/repository/iaik/iaik_pki/1.0-MOCCA/iaik_pki-1.0-MOCCA.pom b/repository/iaik/iaik_pki/1.0-MOCCA/iaik_pki-1.0-MOCCA.pom deleted file mode 100644 index dd50132a3..000000000 --- a/repository/iaik/iaik_pki/1.0-MOCCA/iaik_pki-1.0-MOCCA.pom +++ /dev/null @@ -1,7 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?><project> - <modelVersion>4.0.0</modelVersion> - <groupId>iaik</groupId> - <artifactId>iaik_pki</artifactId> - <version>1.0-MOCCA</version> - <description>POM was created from install:install-file</description> -</project> diff --git a/repository/iaik/iaik_pki_module/1.0/iaik_pki_module-1.0.jar b/repository/iaik/iaik_pki_module/1.0/iaik_pki_module-1.0.jar Binary files differdeleted file mode 100644 index 43c882876..000000000 --- a/repository/iaik/iaik_pki_module/1.0/iaik_pki_module-1.0.jar +++ /dev/null diff --git a/repository/iaik/iaik_pki_module/1.0/iaik_pki_module-1.0.pom b/repository/iaik/iaik_pki_module/1.0/iaik_pki_module-1.0.pom deleted file mode 100644 index e78656647..000000000 --- a/repository/iaik/iaik_pki_module/1.0/iaik_pki_module-1.0.pom +++ /dev/null @@ -1,9 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> - <modelVersion>4.0.0</modelVersion> - <groupId>iaik</groupId> - <artifactId>iaik_pki_module</artifactId> - <version>1.0</version> - <description>POM was created from install:install-file</description> -</project> diff --git a/repository/iaik/iaik_ssl/4.4/iaik_ssl-4.4.jar b/repository/iaik/iaik_ssl/4.4/iaik_ssl-4.4.jar Binary files differdeleted file mode 100644 index 2a875c833..000000000 --- a/repository/iaik/iaik_ssl/4.4/iaik_ssl-4.4.jar +++ /dev/null diff --git a/repository/iaik/iaik_ssl/4.4/iaik_ssl-4.4.pom b/repository/iaik/iaik_ssl/4.4/iaik_ssl-4.4.pom deleted file mode 100644 index 32c610268..000000000 --- a/repository/iaik/iaik_ssl/4.4/iaik_ssl-4.4.pom +++ /dev/null @@ -1,9 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> - <modelVersion>4.0.0</modelVersion> - <groupId>iaik</groupId> - <artifactId>iaik_ssl</artifactId> - <version>4.4</version> - <description>POM was created from install:install-file</description> -</project> diff --git a/repository/iaik/iaik_tsl/0.0.1-SNAPSHOT/iaik_tsl-0.0.1-SNAPSHOT.jar b/repository/iaik/iaik_tsl/0.0.1-SNAPSHOT/iaik_tsl-0.0.1-SNAPSHOT.jar Binary files differdeleted file mode 100644 index cc461be04..000000000 --- a/repository/iaik/iaik_tsl/0.0.1-SNAPSHOT/iaik_tsl-0.0.1-SNAPSHOT.jar +++ /dev/null diff --git a/repository/iaik/iaik_tsl/0.0.1-SNAPSHOT/iaik_tsl-0.0.1-SNAPSHOT.pom b/repository/iaik/iaik_tsl/0.0.1-SNAPSHOT/iaik_tsl-0.0.1-SNAPSHOT.pom deleted file mode 100644 index e7fe82da2..000000000 --- a/repository/iaik/iaik_tsl/0.0.1-SNAPSHOT/iaik_tsl-0.0.1-SNAPSHOT.pom +++ /dev/null @@ -1,135 +0,0 @@ -<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> - <modelVersion>4.0.0</modelVersion> - <groupId>iaik</groupId> - <artifactId>iaik_tsl</artifactId> - <packaging>jar</packaging> - <version>0.0.1-SNAPSHOT</version> - <name>TSL_library</name> - - <build> - <resources> - <resource> - <filtering>true</filtering> - <directory>src/main/resources</directory> - </resource> - </resources> - - <finalName>${project.artifactId}</finalName> - - <plugins> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-enforcer-plugin</artifactId> - <executions> - <execution> - <id>enforce-versions</id> - <goals> - <goal>enforce</goal> - </goals> - <configuration> - <rules> - <requireJavaVersion> - <version>1.5</version> - </requireJavaVersion> - </rules> - </configuration> - </execution> - </executions> - </plugin> - - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-compiler-plugin</artifactId> - <version>3.0</version> - <configuration> - <compilerArguments> - <verbose /> - </compilerArguments> - <source>1.5</source> - <target>1.5</target> - </configuration> - </plugin> - - </plugins> - </build> - - <dependencies> - <dependency> - <groupId>iaik</groupId> - <artifactId>iaik_xsect_eval</artifactId> - <version>1.17</version> - </dependency> - <dependency> - <groupId>iaik</groupId> - <artifactId>iaik_ecc_signed</artifactId> - <version>2.19</version> - </dependency> - <dependency> - <groupId>iaik</groupId> - <artifactId>iaik_jce_eval_signed</artifactId> - <version>3.181</version> - </dependency> - <dependency> - <groupId>iaik</groupId> - <artifactId>iaik_pki_module</artifactId> - <version>1.0</version> - </dependency> - <dependency> - <groupId>iaik</groupId> - <artifactId>iaik_javax_crypto</artifactId> - <version>1.0</version> - </dependency> -<!-- <dependency> - <groupId>iaik</groupId> - <artifactId>iaik_util</artifactId> - <version>0.23</version> - </dependency> --> - <dependency> - <groupId>iaik</groupId> - <artifactId>iaik_jsse</artifactId> - <version>4.4</version> - </dependency> - <dependency> - <groupId>iaik</groupId> - <artifactId>iaik_ssl</artifactId> - <version>4.4</version> - </dependency> - <dependency> - <groupId>iaik</groupId> - <artifactId>w3c_http</artifactId> - <version>1.0</version> - </dependency> - <dependency> - <groupId>org.xerial</groupId> - <artifactId>sqlite-jdbc</artifactId> - <version>3.7.2</version> - </dependency> - <dependency> - <groupId>javax.xml.bind</groupId> - <artifactId>jaxb-api</artifactId> - <version>2.2.6</version> - </dependency> - <dependency> - <groupId>com.sun.xml.bind</groupId> - <artifactId>jaxb-impl</artifactId> - <version>2.2.6</version> - </dependency> - <dependency> - <groupId>javax.activation</groupId> - <artifactId>activation</artifactId> - <version>1.1.1</version> - </dependency> - <dependency> - <groupId>stax</groupId> - <artifactId>stax-api</artifactId> - <version>1.0.1</version> - </dependency> - <dependency> - <groupId>xerces</groupId> - <artifactId>xercesImpl</artifactId> - <version>2.7.1</version> - </dependency> - - </dependencies> - -</project>
\ No newline at end of file diff --git a/repository/iaik/iaik_tsl/0.0.1-SNAPSHOT/maven-metadata-local.xml b/repository/iaik/iaik_tsl/0.0.1-SNAPSHOT/maven-metadata-local.xml deleted file mode 100644 index 64ac0d4ca..000000000 --- a/repository/iaik/iaik_tsl/0.0.1-SNAPSHOT/maven-metadata-local.xml +++ /dev/null @@ -1,24 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<metadata modelVersion="1.1.0"> - <groupId>iaik</groupId> - <artifactId>iaik_tsl</artifactId> - <version>0.0.1-SNAPSHOT</version> - <versioning> - <snapshot> - <localCopy>true</localCopy> - </snapshot> - <lastUpdated>20130308070150</lastUpdated> - <snapshotVersions> - <snapshotVersion> - <extension>jar</extension> - <value>0.0.1-SNAPSHOT</value> - <updated>20130308070150</updated> - </snapshotVersion> - <snapshotVersion> - <extension>pom</extension> - <value>0.0.1-SNAPSHOT</value> - <updated>20130308070150</updated> - </snapshotVersion> - </snapshotVersions> - </versioning> -</metadata> diff --git a/repository/iaik/iaik_tsl/0.5/iaik_tsl-0.5.jar b/repository/iaik/iaik_tsl/0.5/iaik_tsl-0.5.jar Binary files differdeleted file mode 100644 index 7a05fa705..000000000 --- a/repository/iaik/iaik_tsl/0.5/iaik_tsl-0.5.jar +++ /dev/null diff --git a/repository/iaik/iaik_tsl/0.5/iaik_tsl-0.5.pom b/repository/iaik/iaik_tsl/0.5/iaik_tsl-0.5.pom deleted file mode 100644 index aebc1b74e..000000000 --- a/repository/iaik/iaik_tsl/0.5/iaik_tsl-0.5.pom +++ /dev/null @@ -1,250 +0,0 @@ -<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> - <modelVersion>4.0.0</modelVersion> - <groupId>iaik</groupId> - <artifactId>iaik_tsl</artifactId> - <packaging>jar</packaging> - <version>0.5</version> - <name>TSL_library</name> - - <properties> - <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> - <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding> - <endorsed.dir>${project.build.directory}/endorsed</endorsed.dir> - </properties> - - - <build> - <resources> - <resource> - <filtering>true</filtering> - <directory>src/main/resources</directory> - </resource> - </resources> - - <finalName>${project.artifactId}</finalName> - - <plugins> - <plugin> - <artifactId>maven-dependency-plugin</artifactId> - <executions> - <execution> - <id>copy-dependencies</id> - <phase>validate</phase> - <goals> - <goal>copy-dependencies</goal> - </goals> - <configuration> - <outputDirectory>${endorsed.dir}</outputDirectory> - <excludeTransitive>true</excludeTransitive> - <includeArtifactIds>jaxb-api,jaxb-impl</includeArtifactIds> - </configuration> - </execution> - </executions> - </plugin> - - <plugin> - <artifactId>maven-resources-plugin</artifactId> - <version>2.5</version> - <configuration> - <encoding>UTF-8</encoding> - </configuration> - </plugin> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-compiler-plugin</artifactId> - <version>3.0</version> - <configuration> - <compilerArguments> - <verbose /> - <endorseddirs>${endorsed.dir}</endorseddirs> - </compilerArguments> - <source>${java.version}</source> - <target>${java.version}</target> - <fork>true</fork> - <compilerVersion>${java.version}</compilerVersion> - <encoding>${project.build.sourceEncoding}</encoding> - </configuration> - </plugin> - - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-enforcer-plugin</artifactId> - <version>1.2</version> - <executions> - <execution> - <id>enforce-versions</id> - <goals> - <goal>enforce</goal> - </goals> - <configuration> - <rules> - <requireJavaVersion> - <version>1.5</version> - </requireJavaVersion> - </rules> - </configuration> - </execution> - </executions> - </plugin> - </plugins> - <pluginManagement> - <plugins> - <plugin> - <groupId>org.eclipse.m2e</groupId> - <artifactId>lifecycle-mapping</artifactId> - <version>1.0.0</version> - <configuration> - <lifecycleMappingMetadata> - <pluginExecutions> - <pluginExecution> - <pluginExecutionFilter> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-dependency-plugin</artifactId> - <versionRange>[2.0,)</versionRange> - <goals> - <goal>copy-dependencies</goal> - </goals> - </pluginExecutionFilter> - <action> - <ignore /> - </action> - </pluginExecution> - </pluginExecutions> - </lifecycleMappingMetadata> - </configuration> - </plugin> - </plugins> - </pluginManagement> - </build> - - <profiles> - <profile> - <id>profile-for-jdk1.6</id> - <activation> - <activeByDefault>false</activeByDefault> - <jdk>[1.6,)</jdk> - </activation> - <properties> - <java.version>1.6</java.version> - <envClassifier>jdk${java.version}</envClassifier> - </properties> - <build> - <finalName>${project.artifactId}-${project.version}-${envClassifier}</finalName> - </build> - <dependencies> - <!-- Requires JAVA 1.6 --> - <dependency> - <groupId>javax.xml.bind</groupId> - <artifactId>jaxb-api</artifactId> - <version>2.2.6</version> - </dependency> - <dependency> - <groupId>com.sun.xml.bind</groupId> - <artifactId>jaxb-impl</artifactId> - <version>2.2.6</version> - </dependency> - - </dependencies> - </profile> - <profile> - <id>profile-for-jdk1.5</id> - <activation> - <activeByDefault>true</activeByDefault> - <jdk>(,1.5]</jdk> - </activation> - <properties> - <java.version>1.5</java.version> - <envClassifier>jdk${java.version}</envClassifier> - </properties> - <build> - <finalName>${project.artifactId}-${project.version}-${envClassifier}</finalName> - </build> - <dependencies> - <!-- Last Version with JAVA 1.5 --> - <dependency> - <groupId>javax.xml.bind</groupId> - <artifactId>jaxb-api</artifactId> - <version>2.2.4</version> - </dependency> - <dependency> - <groupId>com.sun.xml.bind</groupId> - <artifactId>jaxb-impl</artifactId> - <version>2.2.4-1</version> - </dependency> - </dependencies> - </profile> - </profiles> - - <dependencies> - - <dependency> - <groupId>iaik</groupId> - <artifactId>iaik_xsect_eval</artifactId> - <version>1.1709142</version> - </dependency> - <dependency> - <groupId>iaik</groupId> - <artifactId>iaik_ecc_signed</artifactId> - <version>2.19</version> - </dependency> - <dependency> - <groupId>iaik</groupId> - <artifactId>iaik_jce_eval_signed</artifactId> - <version>3.181</version> - </dependency> - <dependency> - <groupId>iaik</groupId> - <artifactId>iaik_pki_module</artifactId> - <version>1.0</version> - </dependency> -<!-- <dependency> - <groupId>iaik</groupId> - <artifactId>iaik_javax_crypto</artifactId> - <version>1.0</version> - </dependency> --> -<!-- <dependency> - <groupId>iaik</groupId> - <artifactId>iaik_util</artifactId> - <version>0.23 (snapshot 20121011-125127 eval)</version> - </dependency> --> - <dependency> - <groupId>iaik</groupId> - <artifactId>iaik_jsse</artifactId> - <version>4.4</version> - </dependency> - <dependency> - <groupId>iaik</groupId> - <artifactId>iaik_ssl</artifactId> - <version>4.4</version> - </dependency> - <dependency> - <groupId>iaik</groupId> - <artifactId>w3c_http</artifactId> - <version>1.0</version> - </dependency> - <dependency> - <groupId>org.xerial</groupId> - <artifactId>sqlite-jdbc</artifactId> - <version>3.7.2</version> - </dependency> - - - <dependency> - <groupId>javax.activation</groupId> - <artifactId>activation</artifactId> - <version>1.1.1</version> - </dependency> - <dependency> - <groupId>stax</groupId> - <artifactId>stax-api</artifactId> - <version>1.0.1</version> - </dependency> - <dependency> - <groupId>xerces</groupId> - <artifactId>xercesImpl</artifactId> - <version>2.7.1</version> - </dependency> - </dependencies> - -</project>
\ No newline at end of file diff --git a/repository/iaik/iaik_tsl/1.0/iaik_tsl-1.0.jar b/repository/iaik/iaik_tsl/1.0/iaik_tsl-1.0.jar Binary files differdeleted file mode 100644 index 596ec60ea..000000000 --- a/repository/iaik/iaik_tsl/1.0/iaik_tsl-1.0.jar +++ /dev/null diff --git a/repository/iaik/iaik_tsl/1.0/iaik_tsl-1.0.pom b/repository/iaik/iaik_tsl/1.0/iaik_tsl-1.0.pom deleted file mode 100644 index 2ffb92b70..000000000 --- a/repository/iaik/iaik_tsl/1.0/iaik_tsl-1.0.pom +++ /dev/null @@ -1,251 +0,0 @@ -<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> - <modelVersion>4.0.0</modelVersion> - <groupId>iaik</groupId> - <artifactId>iaik_tsl</artifactId> - <packaging>jar</packaging> - <version>1.0</version> - <name>TSL_library</name> - - <properties> - <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> - <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding> - <endorsed.dir>${project.build.directory}/endorsed</endorsed.dir> - </properties> - - - <build> - <resources> - <resource> - <filtering>true</filtering> - <directory>src/main/resources</directory> - </resource> - </resources> - - <finalName>${project.artifactId}</finalName> - - <plugins> - <plugin> - <artifactId>maven-dependency-plugin</artifactId> - <executions> - <execution> - <id>copy-dependencies</id> - <phase>validate</phase> - <goals> - <goal>copy-dependencies</goal> - </goals> - <configuration> - <outputDirectory>${endorsed.dir}</outputDirectory> - <excludeTransitive>true</excludeTransitive> - <includeArtifactIds>jaxb-api,jaxb-impl</includeArtifactIds> - </configuration> - </execution> - </executions> - </plugin> - - <plugin> - <artifactId>maven-resources-plugin</artifactId> - <version>2.5</version> - <configuration> - <encoding>UTF-8</encoding> - </configuration> - </plugin> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-compiler-plugin</artifactId> - <version>3.0</version> - <configuration> - <compilerArguments> - <verbose /> - <endorseddirs>${endorsed.dir}</endorseddirs> - </compilerArguments> - <source>${java.version}</source> - <target>${java.version}</target> - <fork>true</fork> - <compilerVersion>${java.version}</compilerVersion> - <encoding>${project.build.sourceEncoding}</encoding> - </configuration> - </plugin> - - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-enforcer-plugin</artifactId> - <version>1.2</version> - <executions> - <execution> - <id>enforce-versions</id> - <goals> - <goal>enforce</goal> - </goals> - <configuration> - <rules> - <requireJavaVersion> - <version>1.5</version> - </requireJavaVersion> - </rules> - </configuration> - </execution> - </executions> - </plugin> - </plugins> - <pluginManagement> - <plugins> - <plugin> - <groupId>org.eclipse.m2e</groupId> - <artifactId>lifecycle-mapping</artifactId> - <version>1.0.0</version> - <configuration> - <lifecycleMappingMetadata> - <pluginExecutions> - <pluginExecution> - <pluginExecutionFilter> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-dependency-plugin</artifactId> - <versionRange>[2.0,)</versionRange> - <goals> - <goal>copy-dependencies</goal> - </goals> - </pluginExecutionFilter> - <action> - <ignore /> - </action> - </pluginExecution> - </pluginExecutions> - </lifecycleMappingMetadata> - </configuration> - </plugin> - </plugins> - </pluginManagement> - </build> - - <profiles> - <profile> - <id>profile-for-jdk1.6</id> - <activation> - <activeByDefault>false</activeByDefault> - <jdk>[1.6,)</jdk> - </activation> - <properties> - <java.version>1.6</java.version> - <envClassifier>jdk${java.version}</envClassifier> - </properties> - <build> - <finalName>${project.artifactId}-${project.version}-${envClassifier}</finalName> - </build> - <dependencies> - <!-- Requires JAVA 1.6 --> - <dependency> - <groupId>javax.xml.bind</groupId> - <artifactId>jaxb-api</artifactId> - <version>2.2.6</version> - </dependency> - <dependency> - <groupId>com.sun.xml.bind</groupId> - <artifactId>jaxb-impl</artifactId> - <version>2.2.6</version> - </dependency> - - </dependencies> - </profile> - <profile> - <id>profile-for-jdk1.5</id> - <activation> - <activeByDefault>true</activeByDefault> - <jdk>(,1.5]</jdk> - </activation> - <properties> - <java.version>1.5</java.version> - <envClassifier>jdk${java.version}</envClassifier> - </properties> - <build> - <finalName>${project.artifactId}-${project.version}-${envClassifier}</finalName> - </build> - <dependencies> - <!-- Last Version with JAVA 1.5 --> - <dependency> - <groupId>javax.xml.bind</groupId> - <artifactId>jaxb-api</artifactId> - <version>2.2.4</version> - </dependency> - <dependency> - <groupId>com.sun.xml.bind</groupId> - <artifactId>jaxb-impl</artifactId> - <version>2.2.4-1</version> - </dependency> - </dependencies> - </profile> - </profiles> - - <dependencies> - - <dependency> - <groupId>iaik</groupId> - <artifactId>iaik_xsect_eval</artifactId> - <version>1.1709142</version> - </dependency> - <dependency> - <groupId>iaik</groupId> - <artifactId>iaik_ecc_signed</artifactId> - <version>2.19</version> - </dependency> - <dependency> - <groupId>iaik</groupId> - <artifactId>iaik_jce_eval_signed</artifactId> - <version>3.181</version> - </dependency> - <dependency> - <groupId>iaik</groupId> - <artifactId>iaik_pki_module</artifactId> - <version>1.0</version> - </dependency> - <dependency> - <groupId>iaik</groupId> - <artifactId>iaik_javax_crypto</artifactId> - <version>1.0</version> - </dependency> - <dependency> - <groupId>iaik</groupId> - <artifactId>iaik_util</artifactId> - <!-- <version>0.23 (snapshot 20121011-125127 eval)</version>--> - <version>0.23</version> - </dependency> - <dependency> - <groupId>iaik</groupId> - <artifactId>iaik_jsse</artifactId> - <version>4.4</version> - </dependency> - <dependency> - <groupId>iaik</groupId> - <artifactId>iaik_ssl</artifactId> - <version>4.4</version> - </dependency> - <dependency> - <groupId>iaik</groupId> - <artifactId>w3c_http</artifactId> - <version>1.0</version> - </dependency> - <dependency> - <groupId>org.xerial</groupId> - <artifactId>sqlite-jdbc</artifactId> - <version>3.7.2</version> - </dependency> - - - <dependency> - <groupId>javax.activation</groupId> - <artifactId>activation</artifactId> - <version>1.1.1</version> - </dependency> - <dependency> - <groupId>stax</groupId> - <artifactId>stax-api</artifactId> - <version>1.0.1</version> - </dependency> - <dependency> - <groupId>xerces</groupId> - <artifactId>xercesImpl</artifactId> - <version>2.7.1</version> - </dependency> - </dependencies> - -</project>
\ No newline at end of file diff --git a/repository/iaik/iaik_tsl/1.1/iaik_tsl-1.1.jar b/repository/iaik/iaik_tsl/1.1/iaik_tsl-1.1.jar Binary files differdeleted file mode 100644 index 6fa0fef7c..000000000 --- a/repository/iaik/iaik_tsl/1.1/iaik_tsl-1.1.jar +++ /dev/null diff --git a/repository/iaik/iaik_tsl/1.1/iaik_tsl-1.1.pom b/repository/iaik/iaik_tsl/1.1/iaik_tsl-1.1.pom deleted file mode 100644 index 52244bf1c..000000000 --- a/repository/iaik/iaik_tsl/1.1/iaik_tsl-1.1.pom +++ /dev/null @@ -1,276 +0,0 @@ -<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> - <modelVersion>4.0.0</modelVersion> - <groupId>iaik</groupId> - <artifactId>iaik_tsl</artifactId> - <packaging>jar</packaging> - <version>1.1</version> - <name>TSL_library</name> - - <properties> - <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> - <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding> - <endorsed.dir>${project.build.directory}/endorsed</endorsed.dir> - </properties> - - - <build> - <resources> - <resource> - <filtering>true</filtering> - <directory>src/main/resources</directory> - </resource> - </resources> - - <finalName>${project.artifactId}</finalName> - - <plugins> - <plugin> - <artifactId>maven-dependency-plugin</artifactId> - <executions> - <execution> - <id>copy-dependencies</id> - <phase>validate</phase> - <goals> - <goal>copy-dependencies</goal> - </goals> - <configuration> - <outputDirectory>${endorsed.dir}</outputDirectory> - <excludeTransitive>true</excludeTransitive> - <includeArtifactIds>jaxb-api,jaxb-impl</includeArtifactIds> - </configuration> - </execution> - </executions> - </plugin> - - <plugin> - <artifactId>maven-resources-plugin</artifactId> - <version>2.5</version> - <configuration> - <encoding>UTF-8</encoding> - </configuration> - </plugin> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-compiler-plugin</artifactId> - <version>3.0</version> - <configuration> - <compilerArguments> - <verbose /> - <endorseddirs>${endorsed.dir}</endorseddirs> - </compilerArguments> - <source>${java.version}</source> - <target>${java.version}</target> - <fork>true</fork> - <compilerVersion>${java.version}</compilerVersion> - <encoding>${project.build.sourceEncoding}</encoding> - </configuration> - </plugin> - - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-enforcer-plugin</artifactId> - <version>1.2</version> - <executions> - <execution> - <id>enforce-versions</id> - <goals> - <goal>enforce</goal> - </goals> - <configuration> - <rules> - <requireJavaVersion> - <version>1.6</version> - </requireJavaVersion> - </rules> - </configuration> - </execution> - </executions> - </plugin> - - - <!-- if maven should be used to build jaxb classes --> -<!-- <plugin> - <groupId>org.codehaus.mojo</groupId> - <artifactId>jaxb2-maven-plugin</artifactId> - <version>1.5</version> - <executions> - <execution> - <id>xjc</id> - <goals> - <goal>xjc</goal> - </goals> - </execution> - </executions> - <configuration> - <outputDirectory>${project.basedir}/src/main/xjc</outputDirectory> - <bindingDirectory>${project.basedir}/src/main/resources/spec/jaxb/</bindingDirectory> - <bindingFiles>ts_119612v010201_sie_xsd_local.xsd.binding.xml</bindingFiles> - <schemaDirectory>${project.basedir}/src/main/resources/spec/jaxb/</schemaDirectory> - <schemaFiles>ts_119612v010201_sie_xsd_local.xsd</schemaFiles> - <extension>true</extension> - </configuration> - </plugin> --> - - </plugins> - <pluginManagement> - <plugins> - <plugin> - <groupId>org.eclipse.m2e</groupId> - <artifactId>lifecycle-mapping</artifactId> - <version>1.0.0</version> - <configuration> - <lifecycleMappingMetadata> - <pluginExecutions> - <pluginExecution> - <pluginExecutionFilter> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-dependency-plugin</artifactId> - <versionRange>[2.0,)</versionRange> - <goals> - <goal>copy-dependencies</goal> - </goals> - </pluginExecutionFilter> - <action> - <ignore /> - </action> - </pluginExecution> - </pluginExecutions> - </lifecycleMappingMetadata> - </configuration> - </plugin> - </plugins> - </pluginManagement> - </build> - - <profiles> - <profile> - <id>profile-for-jdk1.6</id> - <activation> - <activeByDefault>false</activeByDefault> - <jdk>[1.6,)</jdk> - </activation> - <properties> - <java.version>1.6</java.version> - <envClassifier>jdk${java.version}</envClassifier> - </properties> - <build> - <finalName>${project.artifactId}-${project.version}-${envClassifier}</finalName> - </build> - <dependencies> - <!-- Requires JAVA 1.6 --> - <dependency> - <groupId>javax.xml.bind</groupId> - <artifactId>jaxb-api</artifactId> - <version>2.2.11</version> - </dependency> - <dependency> - <groupId>com.sun.xml.bind</groupId> - <artifactId>jaxb-impl</artifactId> - <version>2.2.7</version> - </dependency> - - </dependencies> - </profile> - <profile> - <id>profile-for-jdk1.5</id> - <activation> - <activeByDefault>true</activeByDefault> - <jdk>(,1.5]</jdk> - </activation> - <properties> - <java.version>1.5</java.version> - <envClassifier>jdk${java.version}</envClassifier> - </properties> - <build> - <finalName>${project.artifactId}-${project.version}-${envClassifier}</finalName> - </build> - <dependencies> - <!-- Last Version with JAVA 1.5 --> - <dependency> - <groupId>javax.xml.bind</groupId> - <artifactId>jaxb-api</artifactId> - <version>2.2.7</version> - </dependency> - <dependency> - <groupId>com.sun.xml.bind</groupId> - <artifactId>jaxb-impl</artifactId> - <version>2.2.7</version> - </dependency> - </dependencies> - </profile> - </profiles> - - <dependencies> - - <dependency> - <groupId>iaik</groupId> - <artifactId>iaik_xsect_eval</artifactId> - <version>1.1709142</version> - </dependency> - <dependency> - <groupId>iaik.prod</groupId> - <artifactId>iaik_ecc</artifactId> - <version>2.19</version> - </dependency> - <dependency> - <groupId>iaik</groupId> - <artifactId>iaik_jce_eval_signed</artifactId> - <version>3.181</version> - </dependency> - <dependency> - <groupId>iaik</groupId> - <artifactId>iaik_pki_module</artifactId> - <version>1.0</version> - </dependency> - <dependency> - <groupId>iaik</groupId> - <artifactId>iaik_javax_crypto</artifactId> - <version>1.0</version> - </dependency> - <dependency> - <groupId>iaik</groupId> - <artifactId>iaik_util</artifactId> - <!-- <version>0.23 (snapshot 20121011-125127 eval)</version>--> - <version>0.23</version> - </dependency> - <dependency> - <groupId>iaik</groupId> - <artifactId>iaik_jsse</artifactId> - <version>4.4</version> - </dependency> - <dependency> - <groupId>iaik</groupId> - <artifactId>iaik_ssl</artifactId> - <version>4.4</version> - </dependency> - <dependency> - <groupId>iaik</groupId> - <artifactId>w3c_http</artifactId> - <version>1.0</version> - </dependency> - <dependency> - <groupId>org.xerial</groupId> - <artifactId>sqlite-jdbc</artifactId> - <version>3.7.2</version> - </dependency> - - - <dependency> - <groupId>javax.activation</groupId> - <artifactId>activation</artifactId> - <version>1.1.1</version> - </dependency> -<!-- <dependency> - <groupId>stax</groupId> - <artifactId>stax-api</artifactId> - <version>1.0.1</version> - </dependency> --> - <dependency> - <groupId>xerces</groupId> - <artifactId>xercesImpl</artifactId> - <version>2.11.0</version> - </dependency> - </dependencies> - -</project>
\ No newline at end of file diff --git a/repository/iaik/iaik_tsl/maven-metadata-local.xml b/repository/iaik/iaik_tsl/maven-metadata-local.xml deleted file mode 100644 index 9b36d1a39..000000000 --- a/repository/iaik/iaik_tsl/maven-metadata-local.xml +++ /dev/null @@ -1,14 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<metadata> - <groupId>iaik</groupId> - <artifactId>iaik_tsl</artifactId> - <versioning> - <release>1.0</release> - <versions> - <version>0.0.1-SNAPSHOT</version> - <version>0.5</version> - <version>1.0</version> - </versions> - <lastUpdated>20140130172750</lastUpdated> - </versioning> -</metadata> diff --git a/repository/iaik/iaik_util/0.23/iaik_util-0.23.jar b/repository/iaik/iaik_util/0.23/iaik_util-0.23.jar Binary files differdeleted file mode 100644 index 78370c31e..000000000 --- a/repository/iaik/iaik_util/0.23/iaik_util-0.23.jar +++ /dev/null diff --git a/repository/iaik/iaik_util/0.23/iaik_util-0.23.pom b/repository/iaik/iaik_util/0.23/iaik_util-0.23.pom deleted file mode 100644 index 75fdc3692..000000000 --- a/repository/iaik/iaik_util/0.23/iaik_util-0.23.pom +++ /dev/null @@ -1,9 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> - <modelVersion>4.0.0</modelVersion> - <groupId>iaik</groupId> - <artifactId>iaik_util</artifactId> - <version>0.23</version> - <description>POM was created from install:install-file</description> -</project> diff --git a/repository/iaik/iaik_xsect/1.17/iaik_xsect-1.17.jar b/repository/iaik/iaik_xsect/1.17/iaik_xsect-1.17.jar Binary files differdeleted file mode 100644 index 143721433..000000000 --- a/repository/iaik/iaik_xsect/1.17/iaik_xsect-1.17.jar +++ /dev/null diff --git a/repository/iaik/iaik_xsect/1.17/iaik_xsect-1.17.jar.sha1 b/repository/iaik/iaik_xsect/1.17/iaik_xsect-1.17.jar.sha1 deleted file mode 100644 index d94a0d2e1..000000000 --- a/repository/iaik/iaik_xsect/1.17/iaik_xsect-1.17.jar.sha1 +++ /dev/null @@ -1 +0,0 @@ -a7229772fae682b3e0fb36c1ca99c7863b67183d
\ No newline at end of file diff --git a/repository/iaik/iaik_xsect/1.17/iaik_xsect-1.17.pom b/repository/iaik/iaik_xsect/1.17/iaik_xsect-1.17.pom deleted file mode 100644 index 53a1a1c69..000000000 --- a/repository/iaik/iaik_xsect/1.17/iaik_xsect-1.17.pom +++ /dev/null @@ -1,9 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> - <modelVersion>4.0.0</modelVersion> - <groupId>iaik</groupId> - <artifactId>iaik_xsect</artifactId> - <version>1.17</version> - <description>POM was created from install:install-file</description> -</project> diff --git a/repository/iaik/iaik_xsect/1.17/iaik_xsect-1.17.pom.sha1 b/repository/iaik/iaik_xsect/1.17/iaik_xsect-1.17.pom.sha1 deleted file mode 100644 index ae1a98d0d..000000000 --- a/repository/iaik/iaik_xsect/1.17/iaik_xsect-1.17.pom.sha1 +++ /dev/null @@ -1 +0,0 @@ -89ab4d09c9e7c6c635333fdd4bba4fe83eda17ed
\ No newline at end of file diff --git a/repository/iaik/iaik_xsect/1.1709142/iaik_xsect-1.1709142.jar b/repository/iaik/iaik_xsect/1.1709142/iaik_xsect-1.1709142.jar Binary files differdeleted file mode 100644 index 96732584e..000000000 --- a/repository/iaik/iaik_xsect/1.1709142/iaik_xsect-1.1709142.jar +++ /dev/null diff --git a/repository/iaik/iaik_xsect_eval/1.11build48/iaik_xsect_eval-1.11build48.jar b/repository/iaik/iaik_xsect_eval/1.11build48/iaik_xsect_eval-1.11build48.jar Binary files differdeleted file mode 100644 index 75cc08ac9..000000000 --- a/repository/iaik/iaik_xsect_eval/1.11build48/iaik_xsect_eval-1.11build48.jar +++ /dev/null diff --git a/repository/iaik/iaik_xsect_eval/1.11build48/iaik_xsect_eval-1.11build48.jar.sha1 b/repository/iaik/iaik_xsect_eval/1.11build48/iaik_xsect_eval-1.11build48.jar.sha1 deleted file mode 100644 index 9342639d0..000000000 --- a/repository/iaik/iaik_xsect_eval/1.11build48/iaik_xsect_eval-1.11build48.jar.sha1 +++ /dev/null @@ -1 +0,0 @@ -0f4ae4f842abc37209af659998de0d475401b47c diff --git a/repository/iaik/iaik_xsect_eval/1.11build48/iaik_xsect_eval-1.11build48.pom b/repository/iaik/iaik_xsect_eval/1.11build48/iaik_xsect_eval-1.11build48.pom deleted file mode 100644 index af1ce91ff..000000000 --- a/repository/iaik/iaik_xsect_eval/1.11build48/iaik_xsect_eval-1.11build48.pom +++ /dev/null @@ -1,32 +0,0 @@ -<project> - <modelVersion>4.0.0</modelVersion> - <groupId>iaik</groupId> - <artifactId>iaik_xsect_eval</artifactId> - <version>1.11build48</version> - <dependencies> - <dependency> - <groupId>iaik</groupId> - <artifactId>iaik_jce_eval_signed</artifactId> - <version>3.142</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>xalan</groupId> - <artifactId>xalan</artifactId> - <version>2.7.0</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>xerces</groupId> - <artifactId>xercesImpl</artifactId> - <version>2.7.1</version> - <optional>true</optional> - </dependency> - <dependency> - <groupId>xml-apis</groupId> - <artifactId>xml-apis</artifactId> - <version>1.0.b2</version> - <optional>true</optional> - </dependency> - </dependencies> -</project> diff --git a/repository/iaik/iaik_xsect_eval/1.11build48/iaik_xsect_eval-1.11build48.pom.sha1 b/repository/iaik/iaik_xsect_eval/1.11build48/iaik_xsect_eval-1.11build48.pom.sha1 deleted file mode 100644 index 1d18f50a4..000000000 --- a/repository/iaik/iaik_xsect_eval/1.11build48/iaik_xsect_eval-1.11build48.pom.sha1 +++ /dev/null @@ -1 +0,0 @@ -2f1a7377b98d831ae4d854f3158221e142d95d77 diff --git a/repository/iaik/iaik_xsect_eval/1.17/iaik_xsect_eval-1.17.jar b/repository/iaik/iaik_xsect_eval/1.17/iaik_xsect_eval-1.17.jar Binary files differdeleted file mode 100644 index d8ddf1925..000000000 --- a/repository/iaik/iaik_xsect_eval/1.17/iaik_xsect_eval-1.17.jar +++ /dev/null diff --git a/repository/iaik/iaik_xsect_eval/1.1709142/iaik_xsect_eval-1.1709142.jar b/repository/iaik/iaik_xsect_eval/1.1709142/iaik_xsect_eval-1.1709142.jar Binary files differdeleted file mode 100644 index 420d8c2ff..000000000 --- a/repository/iaik/iaik_xsect_eval/1.1709142/iaik_xsect_eval-1.1709142.jar +++ /dev/null diff --git a/repository/iaik/iaik_xsect_eval/1.1709142/iaik_xsect_eval-1.1709142.pom b/repository/iaik/iaik_xsect_eval/1.1709142/iaik_xsect_eval-1.1709142.pom deleted file mode 100644 index 2697348bd..000000000 --- a/repository/iaik/iaik_xsect_eval/1.1709142/iaik_xsect_eval-1.1709142.pom +++ /dev/null @@ -1,9 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> - <modelVersion>4.0.0</modelVersion> - <groupId>iaik</groupId> - <artifactId>iaik_xsect_eval</artifactId> - <version>1.1709142</version> - <description>POM was created from install:install-file</description> -</project> diff --git a/repository/iaik/ixsil/1.2.2.4/ixsil-1.2.2.4.jar b/repository/iaik/ixsil/1.2.2.4/ixsil-1.2.2.4.jar Binary files differdeleted file mode 100644 index bda9f05bd..000000000 --- a/repository/iaik/ixsil/1.2.2.4/ixsil-1.2.2.4.jar +++ /dev/null diff --git a/repository/iaik/ixsil/1.2.2.4/ixsil-1.2.2.4.pom b/repository/iaik/ixsil/1.2.2.4/ixsil-1.2.2.4.pom deleted file mode 100644 index 49a09d2df..000000000 --- a/repository/iaik/ixsil/1.2.2.4/ixsil-1.2.2.4.pom +++ /dev/null @@ -1,7 +0,0 @@ -<project> - <modelVersion>4.0.0</modelVersion> - <groupId>iaik</groupId> - <artifactId>ixsil</artifactId> - <name>IAIK IXSIL</name> - <version>1.2.2.4</version> -</project>
\ No newline at end of file diff --git a/repository/iaik/jce/3.18/jce-3.18.jar b/repository/iaik/jce/3.18/jce-3.18.jar Binary files differdeleted file mode 100644 index 4a0aa89c7..000000000 --- a/repository/iaik/jce/3.18/jce-3.18.jar +++ /dev/null diff --git a/repository/iaik/jce/3.18/jce-3.18.pom b/repository/iaik/jce/3.18/jce-3.18.pom deleted file mode 100644 index 621aaca48..000000000 --- a/repository/iaik/jce/3.18/jce-3.18.pom +++ /dev/null @@ -1,7 +0,0 @@ -<project> - <modelVersion>4.0.0</modelVersion> - <groupId>iaik</groupId> - <artifactId>jce</artifactId> - <name>IAIK JCE</name> - <version>3.18</version> -</project>
\ No newline at end of file diff --git a/repository/iaik/moa/1.28/m2e-lastUpdated.properties b/repository/iaik/moa/1.28/m2e-lastUpdated.properties deleted file mode 100644 index 325865860..000000000 --- a/repository/iaik/moa/1.28/m2e-lastUpdated.properties +++ /dev/null @@ -1,10 +0,0 @@ -#Wed Sep 04 11:22:13 CEST 2013 -iaikInternal|tlenz|http\://nexus.iaik.tugraz.at/nexus/content/groups/internal|sources=1378286533334 -central|http\://repo1.maven.org/maven2/|sources=1378286533334 -MOA|file\://D\:\\Projekte\\svn\\moa-id\\moa-idspss\\id\\server\\idserverlib/../../../repository|sources=1378286533334 -shibboleth.internet2.edu|https\://build.shibboleth.net/nexus/content/groups/public/|sources=1378286533334 -iaik3rd\ Party|tlenz|http\://nexus/nexus/content/repositories/thirdparty|sources=1378286533334 -iaikPublic|tlenz|http\://nexus.iaik.tugraz.at/nexus/content/groups/public|sources=1378286533334 -java.net-Public|https\://maven.java.net/content/groups/public/|sources=1378286533334 -hyberjaxb|http\://repository.highsource.org/maven2/releases/|sources=1378286533334 -iaikLibs|tlenz|http\://nexus/nexus/content/repositories/iaik|sources=1378286533334 diff --git a/repository/iaik/moa/1.28/moa-1.28.jar b/repository/iaik/moa/1.28/moa-1.28.jar Binary files differdeleted file mode 100644 index 15d117873..000000000 --- a/repository/iaik/moa/1.28/moa-1.28.jar +++ /dev/null diff --git a/repository/iaik/moa/1.28/moa-1.28.pom b/repository/iaik/moa/1.28/moa-1.28.pom deleted file mode 100644 index 4f974d207..000000000 --- a/repository/iaik/moa/1.28/moa-1.28.pom +++ /dev/null @@ -1,7 +0,0 @@ -<project> - <modelVersion>4.0.0</modelVersion> - <groupId>iaik</groupId> - <artifactId>moa</artifactId> - <name>IAIK MOA</name> - <version>1.28</version> -</project>
\ No newline at end of file diff --git a/repository/iaik/moa_common/2006-03-20/moa_common-2006-03-20.jar b/repository/iaik/moa_common/2006-03-20/moa_common-2006-03-20.jar Binary files differdeleted file mode 100644 index cb13672ac..000000000 --- a/repository/iaik/moa_common/2006-03-20/moa_common-2006-03-20.jar +++ /dev/null diff --git a/repository/iaik/prod/iaik_X509TrustManager/0.3.1/iaik_X509TrustManager-0.3.1.jar b/repository/iaik/prod/iaik_X509TrustManager/0.3.1/iaik_X509TrustManager-0.3.1.jar Binary files differnew file mode 100644 index 000000000..596b9aab2 --- /dev/null +++ b/repository/iaik/prod/iaik_X509TrustManager/0.3.1/iaik_X509TrustManager-0.3.1.jar diff --git a/repository/iaik/prod/iaik_cms/5.1/iaik_cms-5.1.jar b/repository/iaik/prod/iaik_cms/5.1/iaik_cms-5.1.jar Binary files differnew file mode 100644 index 000000000..6aff9745d --- /dev/null +++ b/repository/iaik/prod/iaik_cms/5.1/iaik_cms-5.1.jar diff --git a/repository/iaik/prod/iaik_cpades/2.2b3_tmp/iaik_cpades-2.2b3_tmp.jar b/repository/iaik/prod/iaik_cpades/2.2b3_tmp/iaik_cpades-2.2b3_tmp.jar Binary files differnew file mode 100644 index 000000000..914bc5426 --- /dev/null +++ b/repository/iaik/prod/iaik_cpades/2.2b3_tmp/iaik_cpades-2.2b3_tmp.jar diff --git a/repository/iaik/prod/iaik_ecc/2.16/iaik_ecc-2.16.jar b/repository/iaik/prod/iaik_ecc/2.16/iaik_ecc-2.16.jar Binary files differdeleted file mode 100644 index 3c44d1860..000000000 --- a/repository/iaik/prod/iaik_ecc/2.16/iaik_ecc-2.16.jar +++ /dev/null diff --git a/repository/iaik/prod/iaik_ecc/2.16/iaik_ecc-2.16.jar.md5 b/repository/iaik/prod/iaik_ecc/2.16/iaik_ecc-2.16.jar.md5 deleted file mode 100644 index e2100d240..000000000 --- a/repository/iaik/prod/iaik_ecc/2.16/iaik_ecc-2.16.jar.md5 +++ /dev/null @@ -1 +0,0 @@ -23cce9b0aab94023b41e4b35a384950f
\ No newline at end of file diff --git a/repository/iaik/prod/iaik_ecc/2.16/iaik_ecc-2.16.jar.sha1 b/repository/iaik/prod/iaik_ecc/2.16/iaik_ecc-2.16.jar.sha1 deleted file mode 100644 index dedf4fc96..000000000 --- a/repository/iaik/prod/iaik_ecc/2.16/iaik_ecc-2.16.jar.sha1 +++ /dev/null @@ -1 +0,0 @@ -7ae072416c4aaf58d409776109e5391fa80f8b0f
\ No newline at end of file diff --git a/repository/iaik/prod/iaik_ecc/2.16/iaik_ecc-2.16.pom b/repository/iaik/prod/iaik_ecc/2.16/iaik_ecc-2.16.pom deleted file mode 100644 index 8d663a505..000000000 --- a/repository/iaik/prod/iaik_ecc/2.16/iaik_ecc-2.16.pom +++ /dev/null @@ -1,6 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?><project> - <modelVersion>4.0.0</modelVersion> - <groupId>iaik.prod</groupId> - <artifactId>iaik_ecc</artifactId> - <version>2.16</version> -</project>
\ No newline at end of file diff --git a/repository/iaik/prod/iaik_ecc/2.16/iaik_ecc-2.16.pom.md5 b/repository/iaik/prod/iaik_ecc/2.16/iaik_ecc-2.16.pom.md5 deleted file mode 100644 index 0acca79de..000000000 --- a/repository/iaik/prod/iaik_ecc/2.16/iaik_ecc-2.16.pom.md5 +++ /dev/null @@ -1 +0,0 @@ -7103828b2e03b16490af4e732e5c1fe1
\ No newline at end of file diff --git a/repository/iaik/prod/iaik_ecc/2.16/iaik_ecc-2.16.pom.sha1 b/repository/iaik/prod/iaik_ecc/2.16/iaik_ecc-2.16.pom.sha1 deleted file mode 100644 index 6261a8b4b..000000000 --- a/repository/iaik/prod/iaik_ecc/2.16/iaik_ecc-2.16.pom.sha1 +++ /dev/null @@ -1 +0,0 @@ -8fd2d71d9861c9967f00fefaee43e0dd667bf973
\ No newline at end of file diff --git a/repository/iaik/prod/iaik_ecc/2.19/iaik_ecc-2.19.jar b/repository/iaik/prod/iaik_ecc/2.19/iaik_ecc-2.19.jar Binary files differdeleted file mode 100644 index abe38aea9..000000000 --- a/repository/iaik/prod/iaik_ecc/2.19/iaik_ecc-2.19.jar +++ /dev/null diff --git a/repository/iaik/prod/iaik_ecc/2.19/iaik_ecc-2.19.jar.md5 b/repository/iaik/prod/iaik_ecc/2.19/iaik_ecc-2.19.jar.md5 deleted file mode 100644 index c19d0dc21..000000000 --- a/repository/iaik/prod/iaik_ecc/2.19/iaik_ecc-2.19.jar.md5 +++ /dev/null @@ -1 +0,0 @@ -49E8F35B0F97BDAC499A974D4C0FEF60
\ No newline at end of file diff --git a/repository/iaik/prod/iaik_ecc/2.19/iaik_ecc-2.19.jar.sha1 b/repository/iaik/prod/iaik_ecc/2.19/iaik_ecc-2.19.jar.sha1 deleted file mode 100644 index 301e53e3b..000000000 --- a/repository/iaik/prod/iaik_ecc/2.19/iaik_ecc-2.19.jar.sha1 +++ /dev/null @@ -1 +0,0 @@ -9BC26B101CF5EA86E060039E6DF16F2DF0C2FEE1
\ No newline at end of file diff --git a/repository/iaik/prod/iaik_ecc/2.19/iaik_ecc-2.19.pom b/repository/iaik/prod/iaik_ecc/2.19/iaik_ecc-2.19.pom deleted file mode 100644 index c8036e4e5..000000000 --- a/repository/iaik/prod/iaik_ecc/2.19/iaik_ecc-2.19.pom +++ /dev/null @@ -1,6 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?><project> - <modelVersion>4.0.0</modelVersion> - <groupId>iaik.prod</groupId> - <artifactId>iaik_ecc</artifactId> - <version>2.19</version> -</project>
\ No newline at end of file diff --git a/repository/iaik/prod/iaik_ecc/2.19/iaik_ecc-2.19.pom.md5 b/repository/iaik/prod/iaik_ecc/2.19/iaik_ecc-2.19.pom.md5 deleted file mode 100644 index c9eef1446..000000000 --- a/repository/iaik/prod/iaik_ecc/2.19/iaik_ecc-2.19.pom.md5 +++ /dev/null @@ -1 +0,0 @@ -9A65E9A0DD6A3F4A60C0150097BA7A5A
\ No newline at end of file diff --git a/repository/iaik/prod/iaik_ecc/2.19/iaik_ecc-2.19.pom.sha1 b/repository/iaik/prod/iaik_ecc/2.19/iaik_ecc-2.19.pom.sha1 deleted file mode 100644 index 77924b025..000000000 --- a/repository/iaik/prod/iaik_ecc/2.19/iaik_ecc-2.19.pom.sha1 +++ /dev/null @@ -1 +0,0 @@ -8B852574CD8BF31023E398B8E3B3FE868DF9AD85
\ No newline at end of file diff --git a/repository/iaik/prod/iaik_ecc/maven-metadata.xml b/repository/iaik/prod/iaik_ecc/maven-metadata.xml deleted file mode 100644 index 282aef69f..000000000 --- a/repository/iaik/prod/iaik_ecc/maven-metadata.xml +++ /dev/null @@ -1,12 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?><metadata> - <groupId>iaik.prod</groupId> - <artifactId>iaik_ecc</artifactId> - <version>2.19</version> - <versioning> - <versions> - <version>2.16</version> - <version>2.19</version> - </versions> - <lastUpdated>20090810102119</lastUpdated> - </versioning> -</metadata>
\ No newline at end of file diff --git a/repository/iaik/prod/iaik_ecc/maven-metadata.xml.md5 b/repository/iaik/prod/iaik_ecc/maven-metadata.xml.md5 deleted file mode 100644 index 656260f63..000000000 --- a/repository/iaik/prod/iaik_ecc/maven-metadata.xml.md5 +++ /dev/null @@ -1 +0,0 @@ -B8CD86C18E600501E61BF894541B7586
\ No newline at end of file diff --git a/repository/iaik/prod/iaik_ecc/maven-metadata.xml.sha1 b/repository/iaik/prod/iaik_ecc/maven-metadata.xml.sha1 deleted file mode 100644 index 249da60ef..000000000 --- a/repository/iaik/prod/iaik_ecc/maven-metadata.xml.sha1 +++ /dev/null @@ -1 +0,0 @@ -91186D742AC2B54960AD0C6A9293DBCAD5CE7D47
\ No newline at end of file diff --git a/repository/iaik/prod/iaik_ecc_signed/2.19/iaik_ecc_signed-2.19.jar b/repository/iaik/prod/iaik_ecc_signed/2.19/iaik_ecc_signed-2.19.jar Binary files differdeleted file mode 100644 index abe38aea9..000000000 --- a/repository/iaik/prod/iaik_ecc_signed/2.19/iaik_ecc_signed-2.19.jar +++ /dev/null diff --git a/repository/iaik/prod/iaik_ecc_signed/2.19/iaik_ecc_signed-2.19.pom b/repository/iaik/prod/iaik_ecc_signed/2.19/iaik_ecc_signed-2.19.pom deleted file mode 100644 index ad3b0b202..000000000 --- a/repository/iaik/prod/iaik_ecc_signed/2.19/iaik_ecc_signed-2.19.pom +++ /dev/null @@ -1,6 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?><project> - <modelVersion>4.0.0</modelVersion> - <groupId>iaik.prod</groupId> - <artifactId>iaik_ecc_signed</artifactId> - <version>2.19</version> -</project> diff --git a/repository/iaik/prod/iaik_eccelerate/3.1_eval/iaik_eccelerate-3.1_eval.jar b/repository/iaik/prod/iaik_eccelerate/3.1_eval/iaik_eccelerate-3.1_eval.jar Binary files differnew file mode 100644 index 000000000..0ec311030 --- /dev/null +++ b/repository/iaik/prod/iaik_eccelerate/3.1_eval/iaik_eccelerate-3.1_eval.jar diff --git a/repository/iaik/prod/iaik_eccelerate_addon/3.01_eval/iaik_eccelerate_addon-3.01_eval.jar b/repository/iaik/prod/iaik_eccelerate_addon/3.01_eval/iaik_eccelerate_addon-3.01_eval.jar Binary files differnew file mode 100644 index 000000000..bd57ff24c --- /dev/null +++ b/repository/iaik/prod/iaik_eccelerate_addon/3.01_eval/iaik_eccelerate_addon-3.01_eval.jar diff --git a/repository/iaik/prod/iaik_eccelerate_cms/3.01/iaik_eccelerate_cms-3.01.jar b/repository/iaik/prod/iaik_eccelerate_cms/3.01/iaik_eccelerate_cms-3.01.jar Binary files differnew file mode 100644 index 000000000..3c9ac8325 --- /dev/null +++ b/repository/iaik/prod/iaik_eccelerate_cms/3.01/iaik_eccelerate_cms-3.01.jar diff --git a/repository/iaik/prod/iaik_ixsil/1.2.2.3/iaik_ixsil-1.2.2.3.jar b/repository/iaik/prod/iaik_ixsil/1.2.2.3/iaik_ixsil-1.2.2.3.jar Binary files differdeleted file mode 100644 index 58f082dfb..000000000 --- a/repository/iaik/prod/iaik_ixsil/1.2.2.3/iaik_ixsil-1.2.2.3.jar +++ /dev/null diff --git a/repository/iaik/prod/iaik_ixsil/1.2.2.3/iaik_ixsil-1.2.2.3.jar.md5 b/repository/iaik/prod/iaik_ixsil/1.2.2.3/iaik_ixsil-1.2.2.3.jar.md5 deleted file mode 100644 index f32005a5c..000000000 --- a/repository/iaik/prod/iaik_ixsil/1.2.2.3/iaik_ixsil-1.2.2.3.jar.md5 +++ /dev/null @@ -1 +0,0 @@ -96685dec785418dfce238865f660d5d8 *iaik_ixsil-1.2.2.3.jar
diff --git a/repository/iaik/prod/iaik_ixsil/1.2.2.3/iaik_ixsil-1.2.2.3.jar.sha1 b/repository/iaik/prod/iaik_ixsil/1.2.2.3/iaik_ixsil-1.2.2.3.jar.sha1 deleted file mode 100644 index bf504fdea..000000000 --- a/repository/iaik/prod/iaik_ixsil/1.2.2.3/iaik_ixsil-1.2.2.3.jar.sha1 +++ /dev/null @@ -1 +0,0 @@ -b8917856afa3013a6cfd46d2f228c87fad337b61
diff --git a/repository/iaik/prod/iaik_ixsil/1.2.2.3/iaik_ixsil-1.2.2.3.pom b/repository/iaik/prod/iaik_ixsil/1.2.2.3/iaik_ixsil-1.2.2.3.pom deleted file mode 100644 index dc7922545..000000000 --- a/repository/iaik/prod/iaik_ixsil/1.2.2.3/iaik_ixsil-1.2.2.3.pom +++ /dev/null @@ -1,7 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?><project> - <modelVersion>4.0.0</modelVersion> - <groupId>iaik.prod</groupId> - <artifactId>iaik_ixsil</artifactId> - <version>1.2.2.3</version> - <description>POM was created from install:install-file</description> -</project>
\ No newline at end of file diff --git a/repository/iaik/prod/iaik_ixsil/1.2.2.3/iaik_ixsil-1.2.2.3.pom.md5 b/repository/iaik/prod/iaik_ixsil/1.2.2.3/iaik_ixsil-1.2.2.3.pom.md5 deleted file mode 100644 index 820509786..000000000 --- a/repository/iaik/prod/iaik_ixsil/1.2.2.3/iaik_ixsil-1.2.2.3.pom.md5 +++ /dev/null @@ -1 +0,0 @@ -9ca977ce70b35388fba69bddae7c2f6b
\ No newline at end of file diff --git a/repository/iaik/prod/iaik_ixsil/1.2.2.3/iaik_ixsil-1.2.2.3.pom.sha1 b/repository/iaik/prod/iaik_ixsil/1.2.2.3/iaik_ixsil-1.2.2.3.pom.sha1 deleted file mode 100644 index 90e7e8781..000000000 --- a/repository/iaik/prod/iaik_ixsil/1.2.2.3/iaik_ixsil-1.2.2.3.pom.sha1 +++ /dev/null @@ -1 +0,0 @@ -16a7b5564a57458af2b469a8f38d161bd403d34c
\ No newline at end of file diff --git a/repository/iaik/prod/iaik_ixsil/1.2.2.4/iaik_ixsil-1.2.2.4.jar b/repository/iaik/prod/iaik_ixsil/1.2.2.4/iaik_ixsil-1.2.2.4.jar Binary files differdeleted file mode 100644 index bda9f05bd..000000000 --- a/repository/iaik/prod/iaik_ixsil/1.2.2.4/iaik_ixsil-1.2.2.4.jar +++ /dev/null diff --git a/repository/iaik/prod/iaik_ixsil/1.2.2.4/iaik_ixsil-1.2.2.4.jar.md5 b/repository/iaik/prod/iaik_ixsil/1.2.2.4/iaik_ixsil-1.2.2.4.jar.md5 deleted file mode 100644 index a9e0071d8..000000000 --- a/repository/iaik/prod/iaik_ixsil/1.2.2.4/iaik_ixsil-1.2.2.4.jar.md5 +++ /dev/null @@ -1 +0,0 @@ -a14e509ffd1336f5428943c1a4600915
\ No newline at end of file diff --git a/repository/iaik/prod/iaik_ixsil/1.2.2.4/iaik_ixsil-1.2.2.4.jar.sha1 b/repository/iaik/prod/iaik_ixsil/1.2.2.4/iaik_ixsil-1.2.2.4.jar.sha1 deleted file mode 100644 index 514dbcde4..000000000 --- a/repository/iaik/prod/iaik_ixsil/1.2.2.4/iaik_ixsil-1.2.2.4.jar.sha1 +++ /dev/null @@ -1 +0,0 @@ -46d39b070e41a410ab42463815f4a93b028bd6f2
\ No newline at end of file diff --git a/repository/iaik/prod/iaik_ixsil/1.2.2.4/iaik_ixsil-1.2.2.4.pom b/repository/iaik/prod/iaik_ixsil/1.2.2.4/iaik_ixsil-1.2.2.4.pom deleted file mode 100644 index f4791bd3e..000000000 --- a/repository/iaik/prod/iaik_ixsil/1.2.2.4/iaik_ixsil-1.2.2.4.pom +++ /dev/null @@ -1,7 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?><project> - <modelVersion>4.0.0</modelVersion> - <groupId>iaik.prod</groupId> - <artifactId>iaik_ixsil</artifactId> - <version>1.2.2.4</version> - <description>POM was created from install:install-file</description> -</project>
\ No newline at end of file diff --git a/repository/iaik/prod/iaik_ixsil/1.2.2.4/iaik_ixsil-1.2.2.4.pom.md5 b/repository/iaik/prod/iaik_ixsil/1.2.2.4/iaik_ixsil-1.2.2.4.pom.md5 deleted file mode 100644 index 95c95a01e..000000000 --- a/repository/iaik/prod/iaik_ixsil/1.2.2.4/iaik_ixsil-1.2.2.4.pom.md5 +++ /dev/null @@ -1 +0,0 @@ -88c888e60510bddbe74e5741c74927bb
\ No newline at end of file diff --git a/repository/iaik/prod/iaik_ixsil/1.2.2.4/iaik_ixsil-1.2.2.4.pom.sha1 b/repository/iaik/prod/iaik_ixsil/1.2.2.4/iaik_ixsil-1.2.2.4.pom.sha1 deleted file mode 100644 index 9867a2ea2..000000000 --- a/repository/iaik/prod/iaik_ixsil/1.2.2.4/iaik_ixsil-1.2.2.4.pom.sha1 +++ /dev/null @@ -1 +0,0 @@ -3f376fb5988f665e099e3364567654df766d1a6c
\ No newline at end of file diff --git a/repository/iaik/prod/iaik_ixsil/1.2.2.5/iaik_ixsil-1.2.2.5.jar b/repository/iaik/prod/iaik_ixsil/1.2.2.5/iaik_ixsil-1.2.2.5.jar Binary files differdeleted file mode 100644 index 9ac61d5c2..000000000 --- a/repository/iaik/prod/iaik_ixsil/1.2.2.5/iaik_ixsil-1.2.2.5.jar +++ /dev/null diff --git a/repository/iaik/prod/iaik_ixsil/1.2.2.5/iaik_ixsil-1.2.2.5.jar.md5 b/repository/iaik/prod/iaik_ixsil/1.2.2.5/iaik_ixsil-1.2.2.5.jar.md5 deleted file mode 100644 index 0fb8ee312..000000000 --- a/repository/iaik/prod/iaik_ixsil/1.2.2.5/iaik_ixsil-1.2.2.5.jar.md5 +++ /dev/null @@ -1 +0,0 @@ -87b8c21a7ad94ba59e315b2d2b432357
\ No newline at end of file diff --git a/repository/iaik/prod/iaik_ixsil/1.2.2.5/iaik_ixsil-1.2.2.5.jar.sha1 b/repository/iaik/prod/iaik_ixsil/1.2.2.5/iaik_ixsil-1.2.2.5.jar.sha1 deleted file mode 100644 index 8cdb3d78c..000000000 --- a/repository/iaik/prod/iaik_ixsil/1.2.2.5/iaik_ixsil-1.2.2.5.jar.sha1 +++ /dev/null @@ -1 +0,0 @@ -294e73c4de7c6ee14ec5b6313a854727a52bec52
\ No newline at end of file diff --git a/repository/iaik/prod/iaik_ixsil/1.2.2.5/iaik_ixsil-1.2.2.5.pom b/repository/iaik/prod/iaik_ixsil/1.2.2.5/iaik_ixsil-1.2.2.5.pom deleted file mode 100644 index af6c78766..000000000 --- a/repository/iaik/prod/iaik_ixsil/1.2.2.5/iaik_ixsil-1.2.2.5.pom +++ /dev/null @@ -1,9 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> - <modelVersion>4.0.0</modelVersion> - <groupId>iaik.prod</groupId> - <artifactId>iaik_ixsil</artifactId> - <version>1.2.2.5</version> - <description>POM was created from install:install-file</description> -</project> diff --git a/repository/iaik/prod/iaik_ixsil/1.2.2.5/iaik_ixsil-1.2.2.5.pom.md5 b/repository/iaik/prod/iaik_ixsil/1.2.2.5/iaik_ixsil-1.2.2.5.pom.md5 deleted file mode 100644 index 65bea702c..000000000 --- a/repository/iaik/prod/iaik_ixsil/1.2.2.5/iaik_ixsil-1.2.2.5.pom.md5 +++ /dev/null @@ -1 +0,0 @@ -00b5d4be9a715b6f408acc5690af5141
\ No newline at end of file diff --git a/repository/iaik/prod/iaik_ixsil/1.2.2.5/iaik_ixsil-1.2.2.5.pom.sha1 b/repository/iaik/prod/iaik_ixsil/1.2.2.5/iaik_ixsil-1.2.2.5.pom.sha1 deleted file mode 100644 index 5b58b5eee..000000000 --- a/repository/iaik/prod/iaik_ixsil/1.2.2.5/iaik_ixsil-1.2.2.5.pom.sha1 +++ /dev/null @@ -1 +0,0 @@ -ea0a95ac98300815bf2242da6b2738ba53d02fe9
\ No newline at end of file diff --git a/repository/iaik/prod/iaik_ixsil/maven-metadata-MOA.xml b/repository/iaik/prod/iaik_ixsil/maven-metadata-MOA.xml deleted file mode 100644 index f33956525..000000000 --- a/repository/iaik/prod/iaik_ixsil/maven-metadata-MOA.xml +++ /dev/null @@ -1,12 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?><metadata> - <groupId>iaik.prod</groupId> - <artifactId>iaik_ixsil</artifactId> - <version>1.2.2.4</version> - <versioning> - <versions> - <version>1.2.2.3</version> - <version>1.2.2.4</version> - </versions> - <lastUpdated>20080911074320</lastUpdated> - </versioning> -</metadata>
\ No newline at end of file diff --git a/repository/iaik/iaik_jce_full/5.101/iaik_jce_full-5.101.jar b/repository/iaik/prod/iaik_jce_full/5.3_MOA/iaik_jce_full-5.3_MOA.jar Binary files differindex fd0457332..736981acc 100644 --- a/repository/iaik/iaik_jce_full/5.101/iaik_jce_full-5.101.jar +++ b/repository/iaik/prod/iaik_jce_full/5.3_MOA/iaik_jce_full-5.3_MOA.jar diff --git a/repository/iaik/prod/iaik_moa/2.00/iaik_moa-2.00.jar b/repository/iaik/prod/iaik_moa/2.00/iaik_moa-2.00.jar Binary files differnew file mode 100644 index 000000000..7cd630564 --- /dev/null +++ b/repository/iaik/prod/iaik_moa/2.00/iaik_moa-2.00.jar diff --git a/repository/iaik/prod/iaik_moa/2.01/iaik_moa-2.01.jar b/repository/iaik/prod/iaik_moa/2.01/iaik_moa-2.01.jar Binary files differnew file mode 100644 index 000000000..52b3b850a --- /dev/null +++ b/repository/iaik/prod/iaik_moa/2.01/iaik_moa-2.01.jar diff --git a/repository/iaik/prod/iaik_pki_module/1.1.1_moa/iaik_pki_module-1.1.1_moa.jar b/repository/iaik/prod/iaik_pki_module/1.1.1_moa/iaik_pki_module-1.1.1_moa.jar Binary files differnew file mode 100644 index 000000000..cc0705915 --- /dev/null +++ b/repository/iaik/prod/iaik_pki_module/1.1.1_moa/iaik_pki_module-1.1.1_moa.jar diff --git a/repository/iaik/prod/iaik_pki_module/1.1_moa/iaik_pki_module-1.1_moa.jar b/repository/iaik/prod/iaik_pki_module/1.1_moa/iaik_pki_module-1.1_moa.jar Binary files differnew file mode 100644 index 000000000..6e13efa81 --- /dev/null +++ b/repository/iaik/prod/iaik_pki_module/1.1_moa/iaik_pki_module-1.1_moa.jar diff --git a/repository/iaik/prod/iaik_sva/1.0.1_moa/iaik_sva-1.0.1_moa.jar b/repository/iaik/prod/iaik_sva/1.0.1_moa/iaik_sva-1.0.1_moa.jar Binary files differnew file mode 100644 index 000000000..220deb50a --- /dev/null +++ b/repository/iaik/prod/iaik_sva/1.0.1_moa/iaik_sva-1.0.1_moa.jar diff --git a/repository/iaik/prod/iaik_sva/1.0_moa/iaik_sva-1.0_moa.jar b/repository/iaik/prod/iaik_sva/1.0_moa/iaik_sva-1.0_moa.jar Binary files differnew file mode 100644 index 000000000..7e0b64d09 --- /dev/null +++ b/repository/iaik/prod/iaik_sva/1.0_moa/iaik_sva-1.0_moa.jar diff --git a/repository/iaik/prod/iaik_tsl/1.1_moa/iaik_tsl-1.1_moa.jar b/repository/iaik/prod/iaik_tsl/1.1_moa/iaik_tsl-1.1_moa.jar Binary files differnew file mode 100644 index 000000000..b4eb067cf --- /dev/null +++ b/repository/iaik/prod/iaik_tsl/1.1_moa/iaik_tsl-1.1_moa.jar diff --git a/repository/iaik/prod/iaik_tsp/2.31_eval/iaik_tsp-2.31_eval.jar b/repository/iaik/prod/iaik_tsp/2.31_eval/iaik_tsp-2.31_eval.jar Binary files differnew file mode 100644 index 000000000..5e1936bf8 --- /dev/null +++ b/repository/iaik/prod/iaik_tsp/2.31_eval/iaik_tsp-2.31_eval.jar diff --git a/repository/iaik/prod/iaik_util/0.23/iaik_util-0.23.jar b/repository/iaik/prod/iaik_util/0.23/iaik_util-0.23.jar Binary files differindex 78370c31e..1bc0cde7c 100644 --- a/repository/iaik/prod/iaik_util/0.23/iaik_util-0.23.jar +++ b/repository/iaik/prod/iaik_util/0.23/iaik_util-0.23.jar diff --git a/repository/iaik/prod/iaik_xades/2.11_moa/iaik_xades-2.11_moa.jar b/repository/iaik/prod/iaik_xades/2.11_moa/iaik_xades-2.11_moa.jar Binary files differnew file mode 100644 index 000000000..20ae685e9 --- /dev/null +++ b/repository/iaik/prod/iaik_xades/2.11_moa/iaik_xades-2.11_moa.jar diff --git a/repository/iaik/prod/iaik_xades/20160408_eval/iaik_xades-20160408_eval.jar b/repository/iaik/prod/iaik_xades/20160408_eval/iaik_xades-20160408_eval.jar Binary files differnew file mode 100644 index 000000000..2ac459ce1 --- /dev/null +++ b/repository/iaik/prod/iaik_xades/20160408_eval/iaik_xades-20160408_eval.jar diff --git a/repository/iaik/prod/iaik_xsect/1.1709142/iaik_xsect-1.1709142.jar b/repository/iaik/prod/iaik_xsect/1.1709142/iaik_xsect-1.1709142.jar Binary files differdeleted file mode 100644 index 96732584e..000000000 --- a/repository/iaik/prod/iaik_xsect/1.1709142/iaik_xsect-1.1709142.jar +++ /dev/null diff --git a/repository/iaik/prod/iaik_xsect/1.1709142/iaik_xsect-1.1709142.jar.md5 b/repository/iaik/prod/iaik_xsect/1.1709142/iaik_xsect-1.1709142.jar.md5 deleted file mode 100644 index 3a8da6efa..000000000 --- a/repository/iaik/prod/iaik_xsect/1.1709142/iaik_xsect-1.1709142.jar.md5 +++ /dev/null @@ -1 +0,0 @@ -89b44f2bb7af33e0d64c44d7e29bf44f
\ No newline at end of file diff --git a/repository/iaik/prod/iaik_xsect/1.1709142/iaik_xsect-1.1709142.jar.sha1 b/repository/iaik/prod/iaik_xsect/1.1709142/iaik_xsect-1.1709142.jar.sha1 deleted file mode 100644 index 75ba4775e..000000000 --- a/repository/iaik/prod/iaik_xsect/1.1709142/iaik_xsect-1.1709142.jar.sha1 +++ /dev/null @@ -1 +0,0 @@ -05f1f36dc4236378636b3729aee8c3c06833e1fa
\ No newline at end of file diff --git a/repository/iaik/prod/iaik_xsect/1.1709142/iaik_xsect-1.1709142.pom b/repository/iaik/prod/iaik_xsect/1.1709142/iaik_xsect-1.1709142.pom deleted file mode 100644 index ee8f8bc32..000000000 --- a/repository/iaik/prod/iaik_xsect/1.1709142/iaik_xsect-1.1709142.pom +++ /dev/null @@ -1,9 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> - <modelVersion>4.0.0</modelVersion> - <groupId>iaik.prod</groupId> - <artifactId>iaik_xsect</artifactId> - <version>1.1709142</version> - <description>POM was created from install:install-file</description> -</project> diff --git a/repository/iaik/prod/iaik_xsect/1.1709142/iaik_xsect-1.1709142.pom.md5 b/repository/iaik/prod/iaik_xsect/1.1709142/iaik_xsect-1.1709142.pom.md5 deleted file mode 100644 index bd6040e63..000000000 --- a/repository/iaik/prod/iaik_xsect/1.1709142/iaik_xsect-1.1709142.pom.md5 +++ /dev/null @@ -1 +0,0 @@ -aa4706972500d34752b02a3742be0b7c
\ No newline at end of file diff --git a/repository/iaik/prod/iaik_xsect/1.1709142/iaik_xsect-1.1709142.pom.sha1 b/repository/iaik/prod/iaik_xsect/1.1709142/iaik_xsect-1.1709142.pom.sha1 deleted file mode 100644 index 65a5f1f18..000000000 --- a/repository/iaik/prod/iaik_xsect/1.1709142/iaik_xsect-1.1709142.pom.sha1 +++ /dev/null @@ -1 +0,0 @@ -8433f3cc273a6ed6f507a7ee15918f80872d6b61
\ No newline at end of file diff --git a/repository/iaik/prod/iaik_xsect/2.10_20160408_eval/iaik_xsect-2.10_20160408_eval.jar b/repository/iaik/prod/iaik_xsect/2.10_20160408_eval/iaik_xsect-2.10_20160408_eval.jar Binary files differnew file mode 100644 index 000000000..1f93b7c2d --- /dev/null +++ b/repository/iaik/prod/iaik_xsect/2.10_20160408_eval/iaik_xsect-2.10_20160408_eval.jar diff --git a/repository/iaik/prod/iaik_xsect/2.11_moa/iaik_xsect-2.11_moa.jar b/repository/iaik/prod/iaik_xsect/2.11_moa/iaik_xsect-2.11_moa.jar Binary files differnew file mode 100644 index 000000000..7b05174fb --- /dev/null +++ b/repository/iaik/prod/iaik_xsect/2.11_moa/iaik_xsect-2.11_moa.jar diff --git a/repository/iaik/xsect/1.02/xsect-1.02.jar b/repository/iaik/xsect/1.02/xsect-1.02.jar Binary files differdeleted file mode 100644 index 9b2e4cc41..000000000 --- a/repository/iaik/xsect/1.02/xsect-1.02.jar +++ /dev/null |