aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java33
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAAuthenticationData.java50
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java3
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java25
-rw-r--r--id/ConfigWebTool/src/main/resources/applicationResources_de.properties15
-rw-r--r--id/ConfigWebTool/src/main/resources/applicationResources_en.properties10
-rw-r--r--id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp15
-rw-r--r--id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/authentication.jsp15
-rw-r--r--id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralMOAIDConfigurationTask.java36
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java118
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfiguration.java6
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/IOAAuthParameters.java3
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java26
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java54
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/DynamicOAAuthParameters.java18
-rw-r--r--id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationMigrationUtils.java43
-rw-r--r--id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MOAIDConfigurationConstants.java4
-rw-r--r--id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/TestCredentials.java40
-rw-r--r--id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/VerifyAuthBlock.java21
-rw-r--r--id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/VerifyIdentityLink.java18
-rw-r--r--id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/IdentityLinkTestModule.java2
21 files changed, 476 insertions, 79 deletions
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java
index bcf99d246..83795567c 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java
@@ -81,6 +81,9 @@ public class GeneralMOAIDConfig {
private List<String> authTransformList = null;
private String moaspssIdlTrustProfile = null;
+ private String moaspssIdlTrustProfileTest = null;
+ private String moaspssAuthTrustProfileTest = null;
+
private String mandateURL = null;
private boolean protocolActiveSAML1 = false;
@@ -184,6 +187,7 @@ public class GeneralMOAIDConfig {
VerifyAuthBlock authblock = moaspss.getVerifyAuthBlock();
if (authblock != null) {
moaspssAuthTrustProfile = authblock.getTrustProfileID();
+ moaspssAuthTrustProfileTest = authblock.getTestTrustProfileID();
List<String> list = authblock.getVerifyTransformsInfoProfileID();
if (list.size() == 1)
@@ -197,6 +201,7 @@ public class GeneralMOAIDConfig {
VerifyIdentityLink idl = moaspss.getVerifyIdentityLink();
if (idl != null) {
moaspssIdlTrustProfile = idl.getTrustProfileID();
+ moaspssIdlTrustProfileTest = idl.getTestTrustProfileID();
}
}
@@ -928,6 +933,34 @@ public class GeneralMOAIDConfig {
public void setPublicURLPrefix(String publicURLPrefix) {
this.publicURLPrefix = publicURLPrefix;
}
+
+ /**
+ * @return the moaspssIdlTrustProfileTest
+ */
+ public String getMoaspssIdlTrustProfileTest() {
+ return moaspssIdlTrustProfileTest;
+ }
+
+ /**
+ * @param moaspssIdlTrustProfileTest the moaspssIdlTrustProfileTest to set
+ */
+ public void setMoaspssIdlTrustProfileTest(String moaspssIdlTrustProfileTest) {
+ this.moaspssIdlTrustProfileTest = moaspssIdlTrustProfileTest;
+ }
+
+ /**
+ * @return the moaspssAuthTrustProfileTest
+ */
+ public String getMoaspssAuthTrustProfileTest() {
+ return moaspssAuthTrustProfileTest;
+ }
+
+ /**
+ * @param moaspssAuthTrustProfileTest the moaspssAuthTrustProfileTest to set
+ */
+ public void setMoaspssAuthTrustProfileTest(String moaspssAuthTrustProfileTest) {
+ this.moaspssAuthTrustProfileTest = moaspssAuthTrustProfileTest;
+ }
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAAuthenticationData.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAAuthenticationData.java
index 0c633f312..9b0172a24 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAAuthenticationData.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAAuthenticationData.java
@@ -70,7 +70,9 @@ public class OAAuthenticationData implements IOnlineApplicationData {
private Map<String, byte[]> transformations;
private boolean enableTestCredentials = false;
- private List<String> testCredentialOIDs = null;
+ private List<String> testCredentialOIDs = null;
+ private boolean useTestIDLValidationTrustStore = false;
+ private boolean useTestAuthblockValidationTrustStore = false;
/**
*
@@ -210,7 +212,9 @@ public class OAAuthenticationData implements IOnlineApplicationData {
enableTestCredentials = oaauth.getTestCredentials().isEnableTestCredentials();
testCredentialOIDs = new ArrayList<String>();
testCredentialOIDs.addAll(oaauth.getTestCredentials().getCredentialOID());
-
+
+ useTestAuthblockValidationTrustStore = oaauth.getTestCredentials().isUseTestAuthBlockTrustStore();
+ useTestIDLValidationTrustStore = oaauth.getTestCredentials().isUseTestIDLTrustStore();
}
return null;
@@ -332,6 +336,17 @@ public class OAAuthenticationData implements IOnlineApplicationData {
}
+ TestCredentials testing = authoa.getTestCredentials();
+ if (testing == null) {
+ testing = new TestCredentials();
+ authoa.setTestCredentials(testing);
+
+ }
+ testing.setUseTestAuthBlockTrustStore(useTestAuthblockValidationTrustStore);
+ testing.setUseTestIDLTrustStore(useTestIDLValidationTrustStore);
+
+
+
return null;
}
@@ -614,5 +629,36 @@ public class OAAuthenticationData implements IOnlineApplicationData {
this.testCredentialOIDs.add(oidList[i].trim());
}
}
+
+ /**
+ * @return the useTestIDLValidationTrustStore
+ */
+ public boolean isUseTestIDLValidationTrustStore() {
+ return useTestIDLValidationTrustStore;
+ }
+
+ /**
+ * @param useTestIDLValidationTrustStore the useTestIDLValidationTrustStore to set
+ */
+ public void setUseTestIDLValidationTrustStore(
+ boolean useTestIDLValidationTrustStore) {
+ this.useTestIDLValidationTrustStore = useTestIDLValidationTrustStore;
+ }
+
+ /**
+ * @return the useTestAuthblockValidationTrustStore
+ */
+ public boolean isUseTestAuthblockValidationTrustStore() {
+ return useTestAuthblockValidationTrustStore;
+ }
+
+ /**
+ * @param useTestAuthblockValidationTrustStore the useTestAuthblockValidationTrustStore to set
+ */
+ public void setUseTestAuthblockValidationTrustStore(
+ boolean useTestAuthblockValidationTrustStore) {
+ this.useTestAuthblockValidationTrustStore = useTestAuthblockValidationTrustStore;
+ }
+
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java
index 13256a6a0..725a2eded 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java
@@ -586,12 +586,15 @@ public class EditGeneralConfigAction extends BasicAction {
dbmoasp.setVerifyIdentityLink(moaidl);
}
moaidl.setTrustProfileID(moaconfig.getMoaspssIdlTrustProfile());
+ moaidl.setTestTrustProfileID(moaconfig.getMoaspssIdlTrustProfileTest());
+
VerifyAuthBlock moaauth = dbmoasp.getVerifyAuthBlock();
if (moaauth == null) {
moaauth = new VerifyAuthBlock();
dbmoasp.setVerifyAuthBlock(moaauth);
}
moaauth.setTrustProfileID(moaconfig.getMoaspssAuthTrustProfile());
+ moaauth.setTestTrustProfileID(moaconfig.getMoaspssAuthTrustProfileTest());
if (moaauth.getVerifyTransformsInfoProfileID() != null &&
moaauth.getVerifyTransformsInfoProfileID().size() > 0)
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java
index 73f5e098f..95502cedb 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java
@@ -207,6 +207,31 @@ public class MOAConfigValidator {
}
}
+ check = form.getMoaspssAuthTrustProfileTest();
+ if (MiscUtil.isEmpty(check)) {
+ log.info("Empty MOA-SP/SS Test-Authblock TrustProfile");
+ errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.test.empty", request));
+ } else {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ log.info("Test-Authblock TrustProfile is not valid: " +check);
+ errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.test.valid",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request ));
+ }
+ }
+
+ check = form.getMoaspssIdlTrustProfileTest();
+ if (MiscUtil.isEmpty(check)) {
+ log.info("Empty MOA-SP/SS Test-IdentityLink TrustProfile");
+ errors.add(LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.test.empty", request));
+ } else {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ log.info("Test-IdentityLink TrustProfile is not valid: " +check);
+ errors.add(LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.test.valid",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request ));
+ }
+ }
+
+
check = form.getMoaspssURL();
if (MiscUtil.isNotEmpty(check)) {
if (!ValidationHelper.validateURL(check)) {
diff --git a/id/ConfigWebTool/src/main/resources/applicationResources_de.properties b/id/ConfigWebTool/src/main/resources/applicationResources_de.properties
index 9116d6ef8..5248690d6 100644
--- a/id/ConfigWebTool/src/main/resources/applicationResources_de.properties
+++ b/id/ConfigWebTool/src/main/resources/applicationResources_de.properties
@@ -138,8 +138,10 @@ webpages.moaconfig.timeout.assertion=Anmeldedaten [sec]
webpages.moaconfig.timeout.MOASessionCreated=SSO Session authentifiziert [sec]
webpages.moaconfig.timeout.MOASessionUpdated=SSO Session letzter Zugriff [sec]
webpages.moaconfig.moasp.header=MOA-SP Konfiguration
-webpages.moaconfig.moasp.idltrustprofile=Personenbindung Trustprofil
+webpages.moaconfig.moasp.idltrustprofile=Personenbindung Trustprofil
+webpages.moaconfig.moasp.idltrustprofile.test=Test-Personenbindung Trustprofil
webpages.moaconfig.moasp.authtrustprofile=Authentfizierungsblock Trustprofil
+webpages.moaconfig.moasp.authtrustprofile.test=Test-Authentfizierungsblock Trustprofil
webpages.moaconfig.moasp.authblocktransform=Authentfizierungsblock Transformationen
webpages.moaconfig.moasp.url=URL zum MOA-SP Service
webpages.moaconfig.identitylinksigners=IdentityLinkSigners
@@ -281,6 +283,9 @@ webpages.oaconfig.general.BKUSelection.header.applet.width=Appletbreite
webpages.oaconfig.general.testing.header=Test Identit\u00E4ten
webpages.oaconfig.general.testing.usetesting=Test Identit\u00E4ten erlauben
webpages.oaconfig.general.testing.oids=OIDs f\u00FCr Test Identit\u00E4ten einschr\u00E4nken.
+webpages.oaconfig.general.testing.idltruststore=Test-Persondenbindungs TrustStore verwenden
+webpages.oaconfig.general.testing.authblocktruststore=Test-AuthBlockValidation TrustStore verwenden
+
webpages.oaconfig.sso.header=Single Sign-On
webpages.oaconfig.sso.singlelogouturl=Single Log-Out URL
@@ -378,7 +383,7 @@ validation.edituser.bpk.valid=Die BPK enth\u00E4lt nicht erlaubte Zeichen. Folge
validation.general.SAML1SourceID=Die SAML1SourceID enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
validation.general.publicURLprefix.empty=Public URL Prefix Feld ist leer.
-validation.general.publicURLprefix.valid=Public URL Prefix hat kein g\u00F6ltiges Format.
+validation.general.publicURLprefix.valid=Public URL Prefix {0} hat kein g\u00F6ltiges Format.
validation.general.certStoreDirectory.empty=CertStoreDirectory Feld ist leer.
validation.general.certStoreDirectory.valid=Das CertStoreDirectory Feld enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
validation.general.Defaultchainigmode.empty=Es wurde kein DefaultChainingMode gew\u00E4hlt.
@@ -392,6 +397,12 @@ validation.general.moasp.auth.trustprofile.empty=Das TrustProfile zur Pr\u00F6fu
validation.general.moasp.auth.trustprofile.valid=Das TrustProfile zur Pr\u00F6fung des Authentfizierungsblock enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
validation.general.moasp.idl.trustprofile.empty=Das TrustProfile zur Pr\u00F6fung der Personenbindung ist leer.
validation.general.moasp.idl.trustprofile.valid=Das TrustProfile zur Pr\u00F6fung der Personenbindung enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+
+validation.general.moasp.auth.trustprofile.test.empty=Das Test-TrustProfile zur Pr\u00F6fung des Authentfizierungsblock ist leer.
+validation.general.moasp.auth.trustprofile.test.valid=Das Test-TrustProfile zur Pr\u00F6fung des Authentfizierungsblock enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.moasp.idl.trustprofile.test.empty=Das Test-TrustProfile zur Pr\u00F6fung der Personenbindung ist leer.
+validation.general.moasp.idl.trustprofile.test.valid=Das Test-TrustProfile zur Pr\u00F6fung der Personenbindung enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+
validation.general.moaspss.url.valid=Die URL zum MOA-SP/SS Service hat kein g\u00F6ltiges Format.
validation.general.protocol.pvp2.issuername.valid=PVP2\: Service Name enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
validation.general.protocol.pvp2.org.displayname.valid=PVP2 Organisation\: Vollst\u00E4ndiger Name enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
diff --git a/id/ConfigWebTool/src/main/resources/applicationResources_en.properties b/id/ConfigWebTool/src/main/resources/applicationResources_en.properties
index 38cc6341b..22453ed2b 100644
--- a/id/ConfigWebTool/src/main/resources/applicationResources_en.properties
+++ b/id/ConfigWebTool/src/main/resources/applicationResources_en.properties
@@ -139,6 +139,8 @@ webpages.moaconfig.timeout.MOASessionUpdated=SSO Session last access[sec]
webpages.moaconfig.moasp.header=MOA-SP configuration
webpages.moaconfig.moasp.idltrustprofile=Trustprofile for IdentityLink
webpages.moaconfig.moasp.authtrustprofile=Trustprofile for authentication block
+webpages.moaconfig.moasp.idltrustprofile.test=Test Trustprofile for IdentityLink
+webpages.moaconfig.moasp.authtrustprofile.test=Test Trustprofile for authentication block
webpages.moaconfig.moasp.authblocktransform=Transformations for authentication block
webpages.moaconfig.moasp.url=URL for MOA-SP Service
webpages.moaconfig.identitylinksigners=IdentityLinkSigners
@@ -200,6 +202,8 @@ webpages.oaconfig.general.bku.sltemplate.third=SecurityLayer Template (WhiteList
webpages.oaconfig.general.testing.header=Test Credentials
webpages.oaconfig.general.testing.usetesting=Allow test credentials
webpages.oaconfig.general.testing.oids=Use special test credential OIDs
+webpages.oaconfig.general.testing.idltruststore=Use Test-IdentityLink TrustStore
+webpages.oaconfig.general.testing.authblocktruststore=Use Test-AuthBlockValidation TrustStore
webpages.oaconfig.revisionsLog.header=Revisions Logging
webpages.oaconfig.revisionsLog.active=Activ
@@ -391,6 +395,12 @@ validation.general.moasp.auth.trustprofile.empty=TrustProfile for checking of au
validation.general.moasp.auth.trustprofile.valid=TrustProfile for checking of authentication block contains forbidden characters. The following characters are not allowed\: {0}
validation.general.moasp.idl.trustprofile.empty=TrustProfile for checking of IdentityLink is blank.
validation.general.moasp.idl.trustprofile.valid=TrustProfile for checking of IdentityLink contain forbidden characters. The following characters are not allowed\: {0}
+
+validation.general.moasp.auth.trustprofile.test.empty=Test-TrustProfile for checking of authentication block is blank.
+validation.general.moasp.auth.trustprofile.test.valid=Test-TrustProfile for checking of authentication block contains forbidden characters. The following characters are not allowed\: {0}
+validation.general.moasp.idl.trustprofile.test.empty=Test-TrustProfile for checking of IdentityLink is blank.
+validation.general.moasp.idl.trustprofile.test.valid=Test-TrustProfile for checking of IdentityLink contain forbidden characters. The following characters are not allowed\: {0}
+
validation.general.moaspss.url.valid=URL for MOA-SP/SS service has invalid format.
validation.general.protocol.pvp2.issuername.valid=PVP2\: service name contains forbidden characters. The following characters are not allowed\: {0}
validation.general.protocol.pvp2.org.displayname.valid=PVP2 organization\: complete name contains forbidden characters. The following characters are not allowed\: {0}
diff --git a/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp b/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp
index 03f8a6b50..e6f07f847 100644
--- a/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp
+++ b/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp
@@ -152,6 +152,13 @@
cssClass="textfield_long">
</s:textfield>
+ <s:textfield name="moaconfig.moaspssIdlTrustProfileTest"
+ value="%{moaconfig.moaspssIdlTrustProfileTest}"
+ labelposition="left"
+ key="webpages.moaconfig.moasp.idltrustprofile.test"
+ cssClass="textfield_long">
+ </s:textfield>
+
<%-- <s:textarea name="moaconfig.identityLinkSigners"
value="%{moaconfig.identityLinkSigners}"
labelposition="left"
@@ -166,6 +173,14 @@
cssClass="textfield_long">
</s:textfield>
+ <s:textfield name="moaconfig.moaspssAuthTrustProfileTest"
+ value="%{moaconfig.moaspssAuthTrustProfileTest}"
+ labelposition="left"
+ key="webpages.moaconfig.moasp.authtrustprofile.test"
+ cssClass="textfield_long">
+ </s:textfield>
+
+
<%-- <s:textarea name="moaconfig.moaspssAuthTransformations"
value="%{moaconfig.moaspssAuthTransformations}"
labelposition="left"
diff --git a/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/authentication.jsp b/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/authentication.jsp
index 3dda0c0a4..f0b5c816a 100644
--- a/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/authentication.jsp
+++ b/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/authentication.jsp
@@ -84,6 +84,21 @@
key="webpages.oaconfig.general.testing.oids"
cssClass="textfield_long">
</s:textfield>
+
+ <s:checkbox key="webpages.oaconfig.general.testing.idltruststore"
+ labelposition="left"
+ cssClass="checkbox"
+ value="%{authOA.useTestIDLValidationTrustStore}"
+ name="authOA.useTestIDLValidationTrustStore">
+ </s:checkbox>
+
+ <s:checkbox key="webpages.oaconfig.general.testing.authblocktruststore"
+ labelposition="left"
+ cssClass="checkbox"
+ value="%{authOA.useTestAuthblockValidationTrustStore}"
+ name="authOA.useTestAuthblockValidationTrustStore">
+ </s:checkbox>
+
</div>
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralMOAIDConfigurationTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralMOAIDConfigurationTask.java
index b8836b90c..ed02f8186 100644
--- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralMOAIDConfigurationTask.java
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralMOAIDConfigurationTask.java
@@ -301,6 +301,42 @@ public class GeneralMOAIDConfigurationTask extends AbstractTaskValidator impleme
}
}
+ check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_TRUSTPROFILE_AUTHBLOCK_TEST, getKeyPrefix()));
+ if (MiscUtil.isEmpty(check)) {
+ log.info("Empty MOA-SP/SS Test-Authblock TrustProfile");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_TRUSTPROFILE_AUTHBLOCK_PROD,
+ "MOA-SP - Test-TrustProfile AuthBlock",
+ LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.test.empty")));
+ } else {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ log.info("Authblock Test-TrustProfile is not valid: " +check);
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_TRUSTPROFILE_AUTHBLOCK_PROD,
+ "MOA-SP - Test-TrustProfile AuthBlock",
+ LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.test.valid",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}) ));
+ }
+ }
+
+ check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_TRUSTPROFILE_IDL_TEST, getKeyPrefix()));
+ if (MiscUtil.isEmpty(check)) {
+ log.info("Empty MOA-SP/SS Test-IdentityLink TrustProfile");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_TRUSTPROFILE_IDL_PROD,
+ "MOA-SP - Test-TrustProfile IdL",
+ LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.test.empty")));
+ } else {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ log.info("IdentityLink Test-TrustProfile is not valid: " +check);
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_TRUSTPROFILE_IDL_PROD,
+ "MOA-SP - Test-TrustProfile IdL",
+ LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.test.valid",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}) ));
+ }
+ }
+
check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_DEFAULTS_TEMPLATES_HANDY, getKeyPrefix()));
if (MiscUtil.isEmpty(check)) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
index 63bdab919..e2b0f78a5 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
@@ -353,7 +353,7 @@ public class AuthenticationServer extends MOAIDAuthConstants {
// builds a <VerifyXMLSignatureRequest> for a call of MOA-SP
Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder()
.build(identityLink, authConf
- .getMoaSpIdentityLinkTrustProfileID());
+ .getMoaSpIdentityLinkTrustProfileID(pendingReq.getOnlineApplicationConfiguration().isUseIDLTestTrustStore()));
// invokes the call
Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker()
@@ -586,63 +586,63 @@ public class AuthenticationServer extends MOAIDAuthConstants {
return createXMLSignatureRequest;
}
- /**
- * Processes an <code>&lt;CreateXMLSignatureResponse&gt;</code> sent by the
- * security layer implementation.<br>
- * <ul>
- * <li>Validates given <code>&lt;CreateXMLSignatureResponse&gt;</code></li>
- * <li>Parses response enclosed in
- * <code>&lt;CreateXMLSignatureResponse&gt;</code></li>
- * <li>Verifies signature by calling the MOA SP component</li>
- * <li>Returns the signer certificate</li>
- * </ul>
- *
- * @param sessionID ID of associated authentication session data
- * @param createXMLSignatureResponseParameters The parameters from the response returned from the BKU
- * including the <code>&lt;CreateXMLSignatureResponse&gt;</code>
- * @throws BKUException
- */
- public X509Certificate verifyXMLSignature(String sessionID,
- Map<String, String> createXMLSignatureResponseParameters)
- throws AuthenticationException, BuildException, ParseException,
- ConfigurationException, ValidateException, ServiceException, BKUException {
-
- if (isEmpty(sessionID))
- throw new AuthenticationException("auth.10", new Object[]{
- REQ_GET_FOREIGN_ID, PARAM_SESSIONID});
-
- String xmlCreateXMLSignatureResponse = (String) createXMLSignatureResponseParameters
- .get(PARAM_XMLRESPONSE);
-
- if (isEmpty(xmlCreateXMLSignatureResponse))
- throw new AuthenticationException("auth.10", new Object[]{
- REQ_GET_FOREIGN_ID, PARAM_XMLRESPONSE});
-
- AuthConfiguration authConf = AuthConfigurationProviderFactory
- .getInstance();
-
- // parses the <CreateXMLSignatureResponse>
- CreateXMLSignatureResponseParser p = new CreateXMLSignatureResponseParser(
- xmlCreateXMLSignatureResponse);
- CreateXMLSignatureResponse createXMLSignatureResponse = p
- .parseResponseDsig();
-
- // builds a <VerifyXMLSignatureRequest> for a call of MOA-SP
- Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder()
- .buildDsig(createXMLSignatureResponse, authConf
- .getMoaSpAuthBlockTrustProfileID());
-
- // invokes the call
- Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker()
- .verifyXMLSignature(domVerifyXMLSignatureRequest);
-
- // parses the <VerifyXMLSignatureResponse>
- VerifyXMLSignatureResponse verifyXMLSignatureResponse = new VerifyXMLSignatureResponseParser(
- domVerifyXMLSignatureResponse).parseData();
-
- return verifyXMLSignatureResponse.getX509certificate();
-
- }
+// /**
+// * Processes an <code>&lt;CreateXMLSignatureResponse&gt;</code> sent by the
+// * security layer implementation.<br>
+// * <ul>
+// * <li>Validates given <code>&lt;CreateXMLSignatureResponse&gt;</code></li>
+// * <li>Parses response enclosed in
+// * <code>&lt;CreateXMLSignatureResponse&gt;</code></li>
+// * <li>Verifies signature by calling the MOA SP component</li>
+// * <li>Returns the signer certificate</li>
+// * </ul>
+// *
+// * @param sessionID ID of associated authentication session data
+// * @param createXMLSignatureResponseParameters The parameters from the response returned from the BKU
+// * including the <code>&lt;CreateXMLSignatureResponse&gt;</code>
+// * @throws BKUException
+// */
+// public X509Certificate verifyXMLSignature(String sessionID,
+// Map<String, String> createXMLSignatureResponseParameters)
+// throws AuthenticationException, BuildException, ParseException,
+// ConfigurationException, ValidateException, ServiceException, BKUException {
+//
+// if (isEmpty(sessionID))
+// throw new AuthenticationException("auth.10", new Object[]{
+// REQ_GET_FOREIGN_ID, PARAM_SESSIONID});
+//
+// String xmlCreateXMLSignatureResponse = (String) createXMLSignatureResponseParameters
+// .get(PARAM_XMLRESPONSE);
+//
+// if (isEmpty(xmlCreateXMLSignatureResponse))
+// throw new AuthenticationException("auth.10", new Object[]{
+// REQ_GET_FOREIGN_ID, PARAM_XMLRESPONSE});
+//
+// AuthConfiguration authConf = AuthConfigurationProviderFactory
+// .getInstance();
+//
+// // parses the <CreateXMLSignatureResponse>
+// CreateXMLSignatureResponseParser p = new CreateXMLSignatureResponseParser(
+// xmlCreateXMLSignatureResponse);
+// CreateXMLSignatureResponse createXMLSignatureResponse = p
+// .parseResponseDsig();
+//
+// // builds a <VerifyXMLSignatureRequest> for a call of MOA-SP
+// Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder()
+// .buildDsig(createXMLSignatureResponse, authConf
+// .getMoaSpAuthBlockTrustProfileID());
+//
+// // invokes the call
+// Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker()
+// .verifyXMLSignature(domVerifyXMLSignatureRequest);
+//
+// // parses the <VerifyXMLSignatureResponse>
+// VerifyXMLSignatureResponse verifyXMLSignatureResponse = new VerifyXMLSignatureResponseParser(
+// domVerifyXMLSignatureResponse).parseData();
+//
+// return verifyXMLSignatureResponse.getX509certificate();
+//
+// }
/**
* Processes an <code>&lt;CreateXMLSignatureResponse&gt;</code> sent by the
@@ -1122,7 +1122,7 @@ public class AuthenticationServer extends MOAIDAuthConstants {
// builds a <VerifyXMLSignatureRequest> for a MOA-SPSS call
List<String> vtids = authConf.getMoaSpAuthBlockVerifyTransformsInfoIDs();
- String tpid = authConf.getMoaSpAuthBlockTrustProfileID();
+ String tpid = authConf.getMoaSpAuthBlockTrustProfileID(pendingReq.getOnlineApplicationConfiguration().isUseAuthBlockTestTestStore());
Element domVsreq = new VerifyXMLSignatureRequestBuilder().build(csresp,
vtids, tpid);
// debug output
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfiguration.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfiguration.java
index d8f1a28c5..c98a7d537 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfiguration.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfiguration.java
@@ -35,7 +35,7 @@ public interface AuthConfiguration extends ConfigurationProvider{
public OAAuthParameter getOnlineApplicationParameter(String oaURL);
- public String getMoaSpAuthBlockTrustProfileID() throws ConfigurationException;
+ public String getMoaSpAuthBlockTrustProfileID(boolean useTestTrustStore) throws ConfigurationException;
public List<String> getMoaSpAuthBlockVerifyTransformsInfoIDs() throws ConfigurationException;
@@ -44,8 +44,8 @@ public interface AuthConfiguration extends ConfigurationProvider{
public ConnectionParameter getForeignIDConnectionParameter() throws ConfigurationException;
public ConnectionParameter getOnlineMandatesConnectionParameter() throws ConfigurationException;
-
- public String getMoaSpIdentityLinkTrustProfileID() throws ConfigurationException;
+
+ public String getMoaSpIdentityLinkTrustProfileID(boolean useTestTrustStore) throws ConfigurationException;
public List<String> getTransformsInfos() throws ConfigurationException;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/IOAAuthParameters.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/IOAAuthParameters.java
index 92d0856ba..b68f42086 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/IOAAuthParameters.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/IOAAuthParameters.java
@@ -188,6 +188,9 @@ public interface IOAAuthParameters {
List<String> getTestCredentialOIDs();
+ boolean isUseIDLTestTrustStore();
+ boolean isUseAuthBlockTestTestStore();
+
PrivateKey getBPKDecBpkDecryptionKey();
/**
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
index 8f3091e42..fdd125156 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
@@ -888,4 +888,30 @@ public List<Integer> getReversionsLoggingEventCodes() {
return null;
}
+
+/* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#isUseIDLTestTrustStore()
+ */
+@Override
+public boolean isUseIDLTestTrustStore() {
+ String value = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TESTCREDENTIALS_USETESTIDLTRUSTSTORE);
+ if (MiscUtil.isNotEmpty(value))
+ return Boolean.parseBoolean(value);
+ else
+ return false;
+}
+
+
+/* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#isUseAuthBlockTestTestStore()
+ */
+@Override
+public boolean isUseAuthBlockTestTestStore() {
+ String value = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TESTCREDENTIALS_USETESTAUTHBLOCKTRUSTSTORE);
+ if (MiscUtil.isNotEmpty(value))
+ return Boolean.parseBoolean(value);
+ else
+ return false;
+}
+
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java
index cb9ac890d..702cd3ce3 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java
@@ -334,7 +334,14 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
* @return a string with a url-reference to the VerifyAuthBlock trust profile ID.
* @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} or in case of missing {@link MOASP}.
*/
- public String getMoaSpAuthBlockTrustProfileID() throws ConfigurationException {
+ public String getMoaSpAuthBlockTrustProfileID(boolean useTestTrustStore) throws ConfigurationException {
+ if (useTestTrustStore)
+ return getMoaSpAuthBlockTestTrustProfileID();
+ else
+ return getMoaSpAuthBlockTrustProfileID();
+ }
+
+ private String getMoaSpAuthBlockTrustProfileID() throws ConfigurationException {
try {
return configuration.getStringValue(
MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_TRUSTPROFILE_AUTHBLOCK_PROD);
@@ -344,7 +351,39 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
return null;
}
}
+
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.auth.AuthConfiguration#getMoaSpAuthBlockTestTrustProfileID()
+ */
+ private String getMoaSpAuthBlockTestTrustProfileID()
+ throws ConfigurationException {
+ try {
+ return configuration.getStringValue(
+ MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_TRUSTPROFILE_AUTHBLOCK_TEST);
+
+ } catch (at.gv.egiz.components.configuration.api.ConfigurationException e) {
+ Logger.warn("Test-AuthBlock validation trustprofile can not be read from configuration.", e);
+ return null;
+ }
+ }
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.auth.AuthConfiguration#getMoaSpIdentityLinkTestTrustProfileID()
+ */
+ private String getMoaSpIdentityLinkTestTrustProfileID()
+ throws ConfigurationException {
+ try {
+ return configuration.getStringValue(
+ MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_TRUSTPROFILE_IDL_TEST);
+
+ } catch (at.gv.egiz.components.configuration.api.ConfigurationException e) {
+ Logger.warn("Test-IdentityLink validation trustprofile can not be read from configuration.", e);
+ return null;
+ }
+ }
+
+
/**
* Returns a list of strings with references to all verify transform info IDs within the moa-sp part of the authentication component.
*
@@ -446,7 +485,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
* @return String with a url-reference to the VerifyIdentityLink trust profile ID
* @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} or in case of missing {@link VerifyIdentityLink}.
*/
- public String getMoaSpIdentityLinkTrustProfileID() throws ConfigurationException {
+ private String getMoaSpIdentityLinkTrustProfileID() throws ConfigurationException {
try {
return configuration.getStringValue(
MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_TRUSTPROFILE_IDL_PROD);
@@ -1060,4 +1099,15 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
return null;
}
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.auth.AuthConfiguration#getMoaSpIdentityLinkTrustProfileID(boolean)
+ */
+ @Override
+ public String getMoaSpIdentityLinkTrustProfileID(boolean useTestTrustStore)
+ throws ConfigurationException {
+ if (useTestTrustStore)
+ return getMoaSpIdentityLinkTestTrustProfileID();
+ else
+ return getMoaSpIdentityLinkTrustProfileID();
+ }
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/DynamicOAAuthParameters.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/DynamicOAAuthParameters.java
index e59ac827b..386e04f45 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/DynamicOAAuthParameters.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/DynamicOAAuthParameters.java
@@ -468,4 +468,22 @@ public class DynamicOAAuthParameters implements IOAAuthParameters, Serializable{
// TODO Auto-generated method stub
return null;
}
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#isUseIDLTestTrustStore()
+ */
+ @Override
+ public boolean isUseIDLTestTrustStore() {
+ // TODO Auto-generated method stub
+ return false;
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#isUseAuthBlockTestTestStore()
+ */
+ @Override
+ public boolean isUseAuthBlockTestTestStore() {
+ // TODO Auto-generated method stub
+ return false;
+ }
}
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationMigrationUtils.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationMigrationUtils.java
index 05de581d2..38a111707 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationMigrationUtils.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationMigrationUtils.java
@@ -270,7 +270,11 @@ public class ConfigurationMigrationUtils {
}
result.put(MOAIDConfigurationConstants.SERVICE_AUTH_TESTCREDENTIALS_OIDs, oids);
- }
+ }
+
+ result.put(MOAIDConfigurationConstants.SERVICE_AUTH_TESTCREDENTIALS_USETESTIDLTRUSTSTORE, String.valueOf(oaauth.getTestCredentials().isUseTestIDLTrustStore()));
+ result.put(MOAIDConfigurationConstants.SERVICE_AUTH_TESTCREDENTIALS_USETESTAUTHBLOCKTRUSTSTORE, String.valueOf(oaauth.getTestCredentials().isUseTestAuthBlockTrustStore()));
+
}
//convert foreign bPK
@@ -856,10 +860,12 @@ public class ConfigurationMigrationUtils {
}
authoa.setMandates(mandates);
- if (Boolean.parseBoolean(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TESTCREDENTIALS_ENABLED))) {
- TestCredentials testing = authoa.getTestCredentials();
- testing = new TestCredentials();
- authoa.setTestCredentials(testing);
+ TestCredentials testing = authoa.getTestCredentials();
+ if (Boolean.parseBoolean(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TESTCREDENTIALS_ENABLED))) {
+ if (testing == null) {
+ testing = new TestCredentials();
+ authoa.setTestCredentials(testing);
+ }
testing.setEnableTestCredentials(Boolean.parseBoolean(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TESTCREDENTIALS_ENABLED)));
if (oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TESTCREDENTIALS_OIDs) != null) {
@@ -868,15 +874,29 @@ public class ConfigurationMigrationUtils {
testing.setCredentialOID(testCredentialOIDs);
}
- } else {
- TestCredentials testing = authoa.getTestCredentials();
+ } else {
if (testing != null) {
testing.setEnableTestCredentials(false);
}
}
-
+
+ if (testing == null) {
+ testing = new TestCredentials();
+ authoa.setTestCredentials(testing);
+ }
+
+ if (MiscUtil.isNotEmpty(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TESTCREDENTIALS_USETESTIDLTRUSTSTORE)))
+ testing.setUseTestIDLTrustStore(Boolean.parseBoolean(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TESTCREDENTIALS_USETESTIDLTRUSTSTORE)));
+ else
+ testing.setUseTestIDLTrustStore(false);
+ if (MiscUtil.isNotEmpty(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TESTCREDENTIALS_USETESTAUTHBLOCKTRUSTSTORE)))
+ testing.setUseTestAuthBlockTrustStore(Boolean.parseBoolean(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TESTCREDENTIALS_USETESTAUTHBLOCKTRUSTSTORE)));
+ else
+ testing.setUseTestAuthBlockTrustStore(false);
+
+
EncBPKInformation bPKEncDec = authoa.getEncBPKInformation();
if (bPKEncDec == null) {
bPKEncDec = new EncBPKInformation();
@@ -1188,6 +1208,9 @@ public class ConfigurationMigrationUtils {
if (authblock != null) {
result.put(MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_TRUSTPROFILE_AUTHBLOCK_PROD,
authblock.getTrustProfileID());
+ result.put(MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_TRUSTPROFILE_AUTHBLOCK_TEST,
+ authblock.getTestTrustProfileID());
+
List<String> list = authblock.getVerifyTransformsInfoProfileID();
if (list.size() == 1)
@@ -1203,6 +1226,8 @@ public class ConfigurationMigrationUtils {
if (idl != null) {
result.put(MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_TRUSTPROFILE_IDL_PROD,
idl.getTrustProfileID());
+ result.put(MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_TRUSTPROFILE_IDL_TEST,
+ idl.getTestTrustProfileID());
}
}
@@ -1721,12 +1746,14 @@ public class ConfigurationMigrationUtils {
dbmoasp.setVerifyIdentityLink(moaidl);
}
moaidl.setTrustProfileID(moaconfig.get(MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_TRUSTPROFILE_IDL_PROD));
+ moaidl.setTestTrustProfileID(moaconfig.get(MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_TRUSTPROFILE_IDL_TEST));
VerifyAuthBlock moaauth = dbmoasp.getVerifyAuthBlock();
if (moaauth == null) {
moaauth = new VerifyAuthBlock();
dbmoasp.setVerifyAuthBlock(moaauth);
}
moaauth.setTrustProfileID(moaconfig.get(MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_TRUSTPROFILE_AUTHBLOCK_PROD));
+ moaauth.setTestTrustProfileID(moaconfig.get(MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_TRUSTPROFILE_AUTHBLOCK_TEST));
if (moaauth.getVerifyTransformsInfoProfileID() == null) {
moaauth.setVerifyTransformsInfoProfileID(new ArrayList<String>());
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MOAIDConfigurationConstants.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MOAIDConfigurationConstants.java
index 07c3151a2..c338c65ba 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MOAIDConfigurationConstants.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MOAIDConfigurationConstants.java
@@ -107,7 +107,9 @@ public final class MOAIDConfigurationConstants extends MOAIDConstants {
private static final String SERVICE_AUTH_TESTCREDENTIALS = AUTH + "." + TESTCREDENTIALS;
public static final String SERVICE_AUTH_TESTCREDENTIALS_ENABLED = SERVICE_AUTH_TESTCREDENTIALS + ".enabled";
public static final String SERVICE_AUTH_TESTCREDENTIALS_OIDs = SERVICE_AUTH_TESTCREDENTIALS + ".oids";
-
+ public static final String SERVICE_AUTH_TESTCREDENTIALS_USETESTIDLTRUSTSTORE = SERVICE_AUTH_TESTCREDENTIALS + "useTestIDLTrustStore";
+ public static final String SERVICE_AUTH_TESTCREDENTIALS_USETESTAUTHBLOCKTRUSTSTORE = SERVICE_AUTH_TESTCREDENTIALS + "useTestAuthBlockTrustStore";
+
private static final String SERVICE_AUTH_MANDATES = AUTH + "." + MANDATES;
public static final String SERVICE_AUTH_MANDATES_OVS = SERVICE_AUTH_MANDATES + ".ovs";
public static final String SERVICE_AUTH_MANDATES_OVS_USE = SERVICE_AUTH_MANDATES_OVS + ".use";
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/TestCredentials.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/TestCredentials.java
index e3bd00912..2e80cb0d5 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/TestCredentials.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/TestCredentials.java
@@ -28,6 +28,7 @@ import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlAttribute;
import javax.xml.bind.annotation.XmlSchemaType;
+import javax.xml.bind.annotation.XmlTransient;
import javax.xml.bind.annotation.XmlType;
import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter;
import com.sun.tools.xjc.runtime.ZeroOneBooleanAdapter;
@@ -82,6 +83,13 @@ public class TestCredentials
protected Long hjid;
protected transient List<TestCredentialsCredentialOIDItem> credentialOIDItems;
+ @XmlTransient
+ protected boolean useTestIDLTrustStore;
+
+ @XmlTransient
+ protected boolean useTestAuthBlockTrustStore;
+
+
/**
* Gets the value of the credentialOID property.
*
@@ -203,7 +211,37 @@ public class TestCredentials
}
}
- public boolean equals(ObjectLocator thisLocator, ObjectLocator thatLocator, Object object, EqualsStrategy strategy) {
+
+
+ /**
+ * @return the useTestIDLTrustStore
+ */
+ public boolean isUseTestIDLTrustStore() {
+ return useTestIDLTrustStore;
+ }
+
+ /**
+ * @param useTestIDLTrustStore the useTestIDLTrustStore to set
+ */
+ public void setUseTestIDLTrustStore(boolean useTestIDLTrustStore) {
+ this.useTestIDLTrustStore = useTestIDLTrustStore;
+ }
+
+ /**
+ * @return the useTestAuthBlockTrustStore
+ */
+ public boolean isUseTestAuthBlockTrustStore() {
+ return useTestAuthBlockTrustStore;
+ }
+
+ /**
+ * @param useTestAuthBlockTrustStore the useTestAuthBlockTrustStore to set
+ */
+ public void setUseTestAuthBlockTrustStore(boolean useTestAuthBlockTrustStore) {
+ this.useTestAuthBlockTrustStore = useTestAuthBlockTrustStore;
+ }
+
+ public boolean equals(ObjectLocator thisLocator, ObjectLocator thatLocator, Object object, EqualsStrategy strategy) {
if (!(object instanceof TestCredentials)) {
return false;
}
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/VerifyAuthBlock.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/VerifyAuthBlock.java
index ecfb6b701..155863b03 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/VerifyAuthBlock.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/VerifyAuthBlock.java
@@ -28,6 +28,7 @@ import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlAttribute;
import javax.xml.bind.annotation.XmlElement;
+import javax.xml.bind.annotation.XmlTransient;
import javax.xml.bind.annotation.XmlType;
import org.jvnet.hyperjaxb3.item.ItemUtils;
import org.jvnet.jaxb2_commons.lang.Equals;
@@ -80,6 +81,10 @@ public class VerifyAuthBlock
protected Long hjid;
protected transient List<VerifyAuthBlockVerifyTransformsInfoProfileIDItem> verifyTransformsInfoProfileIDItems;
+ @XmlTransient
+ protected String TestTrustProfileID;
+
+
/**
* Gets the value of the trustProfileID property.
*
@@ -106,7 +111,23 @@ public class VerifyAuthBlock
this.trustProfileID = value;
}
+
+
/**
+ * @return the testTrustProfileID
+ */
+ public String getTestTrustProfileID() {
+ return TestTrustProfileID;
+ }
+
+ /**
+ * @param testTrustProfileID the testTrustProfileID to set
+ */
+ public void setTestTrustProfileID(String testTrustProfileID) {
+ TestTrustProfileID = testTrustProfileID;
+ }
+
+ /**
* Gets the value of the verifyTransformsInfoProfileID property.
*
* <p>
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/VerifyIdentityLink.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/VerifyIdentityLink.java
index 5b54bf5f2..ac7ad96cc 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/VerifyIdentityLink.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/VerifyIdentityLink.java
@@ -22,6 +22,7 @@ import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlAttribute;
import javax.xml.bind.annotation.XmlElement;
+import javax.xml.bind.annotation.XmlTransient;
import javax.xml.bind.annotation.XmlType;
import org.jvnet.jaxb2_commons.lang.Equals;
import org.jvnet.jaxb2_commons.lang.EqualsStrategy;
@@ -68,6 +69,9 @@ public class VerifyIdentityLink
@XmlAttribute(name = "Hjid")
protected Long hjid;
+ @XmlTransient
+ protected String TestTrustProfileID;
+
/**
* Gets the value of the trustProfileID property.
*
@@ -110,6 +114,20 @@ public class VerifyIdentityLink
}
/**
+ * @return the testTrustProfileID
+ */
+ public String getTestTrustProfileID() {
+ return TestTrustProfileID;
+ }
+
+ /**
+ * @param testTrustProfileID the testTrustProfileID to set
+ */
+ public void setTestTrustProfileID(String testTrustProfileID) {
+ TestTrustProfileID = testTrustProfileID;
+ }
+
+ /**
* Sets the value of the hjid property.
*
* @param value
diff --git a/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/IdentityLinkTestModule.java b/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/IdentityLinkTestModule.java
index de6c0fed0..824791797 100644
--- a/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/IdentityLinkTestModule.java
+++ b/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/IdentityLinkTestModule.java
@@ -68,7 +68,7 @@ public class IdentityLinkTestModule implements TestModuleInterface {
// builds a <VerifyXMLSignatureRequest> for a call of MOA-SP
Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder()
.build(identityLink, config
- .getMoaSpIdentityLinkTrustProfileID());
+ .getMoaSpIdentityLinkTrustProfileID(false));
// invokes the call
Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker()