diff options
Diffstat (limited to 'id.server/src/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java')
-rw-r--r-- | id.server/src/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java | 118 |
1 files changed, 0 insertions, 118 deletions
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java b/id.server/src/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java deleted file mode 100644 index f9bec8b76..000000000 --- a/id.server/src/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java +++ /dev/null @@ -1,118 +0,0 @@ -package at.gv.egovernment.moa.id.auth; - -import iaik.pki.PKIException; -import iaik.pki.jsse.IAIKX509TrustManager; - -import java.security.GeneralSecurityException; - -import java.io.IOException; - -import javax.net.ssl.SSLSocketFactory; - -import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.ConnectionParameter; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; -import at.gv.egovernment.moa.id.iaik.config.LoggerConfigImpl; -import at.gv.egovernment.moa.id.util.AxisSecureSocketFactory; -import at.gv.egovernment.moa.id.util.MOAIDMessageProvider; -import at.gv.egovernment.moa.id.util.SSLUtils; -import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.logging.LoggingContext; -import at.gv.egovernment.moa.logging.LoggingContextManager; -import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider; -import at.gv.egovernment.moa.spss.server.iaik.config.IaikConfigurator; - -/** - * Web application initializer - * - * @author Paul Ivancsics - * @version $Id$ - */ -public class MOAIDAuthInitializer { - - /** a boolean identifying if the MOAIDAuthInitializer has been startet */ - public static boolean initialized = false; - - - - /** - * Initializes the web application components which need initialization: - * logging, JSSE, MOA-ID Auth configuration, Axis, session cleaner. - */ - public static void initialize() - throws ConfigurationException, PKIException, IOException, GeneralSecurityException { - if (initialized) - return; - initialized=true; - Logger.setHierarchy("moa.id.auth"); - // Restricts TLS cipher suites - System.setProperty("https.cipherSuites", "SSL_RSA_WITH_RC4_128_SHA,SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_3DES_EDE_CBC_SHA"); - // load some jsse classes so that the integrity of the jars can be verified - // before the iaik jce is installed as the security provider - // this workaround is only needed when sun jsse is used in conjunction with - // iaik-jce (on jdk1.3) - ClassLoader cl = MOAIDAuthInitializer.class.getClassLoader(); - try { - cl.loadClass("javax.security.cert.Certificate"); // from jcert.jar - } - catch (ClassNotFoundException e) { - Logger.warn(MOAIDMessageProvider.getInstance().getMessage("init.01", null), e); - } - - // Initializes SSLSocketFactory store - SSLUtils.initialize(); - - // Loads the configuration - AuthConfigurationProvider authConf = AuthConfigurationProvider.reload(); - ConnectionParameter moaSPConnParam = authConf.getMoaSpConnectionParameter(); - - // If MOA-SP API calls: loads MOA-SP configuration and configures IAIK - if (moaSPConnParam == null) { - try { - LoggingContextManager.getInstance().setLoggingContext( - new LoggingContext("startup")); - ConfigurationProvider config = ConfigurationProvider.getInstance(); - new IaikConfigurator().configure(config); - } - catch (at.gv.egovernment.moa.spss.server.config.ConfigurationException ex) { - throw new ConfigurationException("config.10", new Object[] { ex.toString() }, ex); - } - } - - // Initializes IAIKX509TrustManager logging - String log4jConfigURL = System.getProperty("log4j.configuration"); - if (log4jConfigURL != null) { - IAIKX509TrustManager.initLog(new LoggerConfigImpl(log4jConfigURL)); - } - - // Initializes the Axis secure socket factory for use in calling the MOA-SP web service - if (moaSPConnParam != null && moaSPConnParam.isHTTPSURL()) { - SSLSocketFactory ssf = SSLUtils.getSSLSocketFactory(authConf, moaSPConnParam); - AxisSecureSocketFactory.initialize(ssf); - } - - // sets the authentication session and authentication data time outs - String param = authConf.getGenericConfigurationParameter(AuthConfigurationProvider.AUTH_SESSION_TIMEOUT_PROPERTY); - if (param != null) { - long sessionTimeOut = 0; - try { sessionTimeOut = new Long(param).longValue(); } - catch (NumberFormatException ex) { - Logger.error(MOAIDMessageProvider.getInstance().getMessage("config.05", new Object[] {AuthConfigurationProvider.AUTH_SESSION_TIMEOUT_PROPERTY})); - } - if (sessionTimeOut > 0) - AuthenticationServer.getInstance().setSecondsSessionTimeOut(sessionTimeOut); - } - param = authConf.getGenericConfigurationParameter(AuthConfigurationProvider.AUTH_DATA_TIMEOUT_PROPERTY); - if (param != null) { - long authDataTimeOut = 0; - try { authDataTimeOut = new Long(param).longValue(); } - catch (NumberFormatException ex) { - Logger.error(MOAIDMessageProvider.getInstance().getMessage("config.05", new Object[] {AuthConfigurationProvider.AUTH_DATA_TIMEOUT_PROPERTY})); - } - if (authDataTimeOut > 0) - AuthenticationServer.getInstance().setSecondsAuthDataTimeOut(authDataTimeOut); - } - - } - -} |