diff options
Diffstat (limited to 'id.server/src/at/gv/egovernment/moa/id/auth')
-rw-r--r-- | id.server/src/at/gv/egovernment/moa/id/auth/AuthenticationServer.java | 19 | ||||
-rw-r--r-- | id.server/src/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java | 7 | ||||
-rw-r--r-- | id.server/src/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java (renamed from id.server/src/at/gv/egovernment/moa/id/auth/builder/VPKBuilder.java) | 28 | ||||
-rw-r--r-- | id.server/src/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java | 11 | ||||
-rw-r--r-- | id.server/src/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilder.java | 13 | ||||
-rw-r--r-- | id.server/src/at/gv/egovernment/moa/id/auth/data/IdentityLink.java | 27 | ||||
-rw-r--r-- | id.server/src/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParser.java | 13 | ||||
-rw-r--r-- | id.server/src/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java | 10 | ||||
-rw-r--r-- | id.server/src/at/gv/egovernment/moa/id/auth/servlet/ConfigurationServlet.java | 37 | ||||
-rw-r--r-- | id.server/src/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java | 2 |
10 files changed, 99 insertions, 68 deletions
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id.server/src/at/gv/egovernment/moa/id/auth/AuthenticationServer.java index bc3e075be..9cb473d4f 100644 --- a/id.server/src/at/gv/egovernment/moa/id/auth/AuthenticationServer.java +++ b/id.server/src/at/gv/egovernment/moa/id/auth/AuthenticationServer.java @@ -28,7 +28,7 @@ import at.gv.egovernment.moa.id.auth.builder.InfoboxReadRequestBuilder; import at.gv.egovernment.moa.id.auth.builder.PersonDataBuilder; import at.gv.egovernment.moa.id.auth.builder.SAMLArtifactBuilder; import at.gv.egovernment.moa.id.auth.builder.SelectBKUFormBuilder; -import at.gv.egovernment.moa.id.auth.builder.VPKBuilder; +import at.gv.egovernment.moa.id.auth.builder.BPKBuilder; import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse; @@ -379,8 +379,13 @@ public class AuthenticationServer implements MOAIDAuthConstants { session.setAuthBlock(authBlock); // builds the <CreateXMLSignatureRequest> String[] transformInfos = authConf.getTransformsInfos(); + + OAAuthParameter oaParam = + AuthConfigurationProvider.getInstance().getOnlineApplicationParameter( + session.getPublicOAURLPrefix()); + String createXMLSignatureRequest = - new CreateXMLSignatureRequestBuilder().build(authBlock, transformInfos); + new CreateXMLSignatureRequestBuilder().build(authBlock, oaParam.getKeyBoxIdentifier(), transformInfos); return createXMLSignatureRequest; } /** @@ -502,12 +507,12 @@ public class AuthenticationServer implements MOAIDAuthConstants { authData.setAssertionID(Random.nextRandom()); authData.setIssuer(session.getAuthURL()); authData.setIssueInstant(DateTimeUtils.buildDateTime(Calendar.getInstance())); - String vpkBase64 = - new VPKBuilder().buildVPK( + String bpkBase64 = + new BPKBuilder().buildBPK( identityLink.getIdentificationValue(), - identityLink.getDateOfBirth(), session.getTarget()); - authData.setVPK(vpkBase64); + authData.setIdentificationType(identityLink.getIdentificationType()); + authData.setPBK(bpkBase64); authData.setGivenName(identityLink.getGivenName()); authData.setFamilyName(identityLink.getFamilyName()); authData.setDateOfBirth(identityLink.getDateOfBirth()); @@ -517,7 +522,7 @@ public class AuthenticationServer implements MOAIDAuthConstants { OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter( session.getPublicOAURLPrefix()); - String prPerson = new PersonDataBuilder().build(identityLink, oaParam.getProvideZMRZahl()); + String prPerson = new PersonDataBuilder().build(identityLink, oaParam.getProvideStammzahl()); try { String ilAssertion = diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java b/id.server/src/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java index fd7cb1a9d..ed2c863d2 100644 --- a/id.server/src/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java +++ b/id.server/src/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java @@ -19,13 +19,14 @@ public class AuthenticationDataAssertionBuilder implements Constants { /** * XML template for the <code><saml:Assertion></code> to be built */ + //TODO MOA-ID check if NameQualifier NameQualifier urn:publicid:gv.at:cdid+ "is stable" in specification private static final String AUTH_DATA = "<?xml version=\"1.0\" encoding=\"UTF-8\" ?>" + NL + "<saml:Assertion xmlns:saml=''" + SAML_NS_URI + "'' xmlns:pr=''" + PD_NS_URI + "'' xmlns:xsi=''" + XSI_NS_URI + "''" + " MajorVersion=''1'' MinorVersion=''0'' AssertionID=''{0}'' Issuer=''{1}'' IssueInstant=''{2}''>" + NL + " <saml:AttributeStatement>" + NL + " <saml:Subject>" + NL + - " <saml:NameIdentifier NameQualifier=''http://reference.e-government.gv.at/names/vpk/20020221#''>{3}</saml:NameIdentifier>" + NL + + " <saml:NameIdentifier NameQualifier=''urn:publicid:gv.at:cdid+''>{3}</saml:NameIdentifier>" + NL + " <saml:SubjectConfirmation>" + NL + " <saml:ConfirmationMethod>" + MOA_NS_URI + "cm</saml:ConfirmationMethod>" + NL + " <saml:SubjectConfirmationData>{4}{5}</saml:SubjectConfirmationData>" + NL + @@ -64,7 +65,7 @@ public class AuthenticationDataAssertionBuilder implements Constants { * @param xmlPersonData <code>lt;pr:Person></code> element as a String * @param xmlAuthBlock authentication block to be included in a * <code>lt;saml:SubjectConfirmationData></code> element; may include - * the <code>"ZMR-Zahl"</code> or not; may be empty + * the <code>"Stammzahl"</code> or not; may be empty * @param xmlIdentityLink the IdentityLink * @return the <code><saml:Assertion></code> * @throws BuildException if an error occurs during the build process @@ -89,7 +90,7 @@ public class AuthenticationDataAssertionBuilder implements Constants { authData.getAssertionID(), authData.getIssuer(), authData.getIssueInstant(), - authData.getVPK(), + authData.getPBK(), removeXMLDeclaration(xmlAuthBlock), removeXMLDeclaration(xmlIdentityLink), removeXMLDeclaration(xmlPersonData), diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/builder/VPKBuilder.java b/id.server/src/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java index c18156a01..706d0a39a 100644 --- a/id.server/src/at/gv/egovernment/moa/id/auth/builder/VPKBuilder.java +++ b/id.server/src/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java @@ -6,45 +6,43 @@ import at.gv.egovernment.moa.id.BuildException; import at.gv.egovernment.moa.util.Base64Utils; /** - * Builder for the VPK, as defined in - * <code>"Ableitung f¨r die verfahrensspezifische Personenkennzeichnung"</code> + * Builder for the BPK, as defined in + * <code>"Ableitung f¨r die bereichsspezifische Personenkennzeichnung"</code> * version <code>1.0.1</code> from <code>"reference.e-government.gv.at"</code>. * * @author Paul Ivancsics * @version $Id$ */ -public class VPKBuilder { +public class BPKBuilder { /** - * Builds the VPK from given parameters. - * @param identificationValue "ZMR-Zahl" - * @param dateOfBirth "Geburtsdatum" + * Builds the BPK from given parameters. + * @param identificationValue Base64 encoded "Stammzahl" * @param target "Verfahrensname"; will be transformed to lower case - * @return VPK in a BASE64 encoding - * @throws BuildException while building the VPK + * @return PBK in a BASE64 encoding + * @throws BuildException while building the BPK */ - public String buildVPK(String identificationValue, String dateOfBirth, String target) + public String buildBPK(String identificationValue, String target) throws BuildException { if (identificationValue == null || identificationValue.length() == 0 - || dateOfBirth == null || dateOfBirth.length() == 0 || target == null || target.length() == 0) throw new BuildException( "builder.00", - new Object[] {"VPK", + new Object[] {"BPK", "Unvollständige Parameterangaben: identificationValue=" + identificationValue + - ",dateOfBirth=" + dateOfBirth + ",target=" + target}); - String basisbegriff = identificationValue + "+" + dateOfBirth + "+" + target.toLowerCase(); + ",target=" + target}); + String basisbegriff = identificationValue + "+" + target; try { MessageDigest md = MessageDigest.getInstance("SHA-1"); - byte[] hash = md.digest(basisbegriff.getBytes()); + byte[] hash = md.digest(basisbegriff.getBytes("ISO-8859-1")); String hashBase64 = Base64Utils.encode(hash); return hashBase64; } catch (Exception ex) { throw new BuildException( "builder.00", - new Object[] {"VPK", ex.toString()}, + new Object[] {"BPK", ex.toString()}, ex); } } diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java b/id.server/src/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java index f8c287cb6..961a40303 100644 --- a/id.server/src/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java +++ b/id.server/src/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java @@ -21,12 +21,10 @@ public class CreateXMLSignatureRequestBuilder implements Constants { private static final String CREATE_XML_SIGNATURE_REQUEST = "<?xml version=\"1.0\" encoding=\"UTF-8\" ?>" + nl + "<sl11:CreateXMLSignatureRequest xmlns:dsig=''" + DSIG_NS_URI + "'' xmlns:sl10=''" + SL10_NS_URI + "'' xmlns:sl11=''" + SL11_NS_URI + "''>" + nl + - " <sl11:KeyboxIdentifier>SecureSignatureKeypair</sl11:KeyboxIdentifier>" + nl + - //TODO RS Lsg Switch SecureSignatureKeypair / CertifiedKeyPair - //" <sl11:KeyboxIdentifier>CertifiedKeypair</sl11:KeyboxIdentifier>" + nl + + " <sl11:KeyboxIdentifier>{1}</sl11:KeyboxIdentifier>" + nl + " <sl11:DataObjectInfo Structure=''detached''>" + nl + " <sl10:DataObject Reference=''''/>" + nl + - "{1}" + + "{2}" + " </sl11:DataObjectInfo>" + nl + " <sl11:SignatureInfo>" + nl + " <sl11:SignatureEnvironment>" + nl + @@ -47,14 +45,15 @@ public class CreateXMLSignatureRequestBuilder implements Constants { * Builds the <code><CreateXMLSignatureRequest></code>. * * @param authBlock String representation of XML authentication block + * @param keyBoxIdentfier the key box identifier which will be used (e.g. CertifiedKeyPair) * @return String representation of <code><CreateXMLSignatureRequest></code> */ - public String build(String authBlock, String[] dsigTransformInfos) { + public String build(String authBlock, String keyBoxIdentifier, String[] dsigTransformInfos) { String dsigTransformInfosString = ""; for (int i = 0; i < dsigTransformInfos.length; i++) dsigTransformInfosString += dsigTransformInfos[i]; String request = MessageFormat.format( - CREATE_XML_SIGNATURE_REQUEST, new Object[] { authBlock, dsigTransformInfosString }); + CREATE_XML_SIGNATURE_REQUEST, new Object[] { authBlock, keyBoxIdentifier, dsigTransformInfosString }); return request; } } diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilder.java b/id.server/src/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilder.java index 85ec1cb7f..819ed79bb 100644 --- a/id.server/src/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilder.java +++ b/id.server/src/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilder.java @@ -26,24 +26,25 @@ public class PersonDataBuilder { /** * Builds the <code><pr:Person></code> element.<br/> * Utilizes the parsed <code><prPerson></code> from the identity link - * and the information regarding inclusion of <code>"ZMR-Zahl"</code> in the + * and the information regarding inclusion of <code>"Stammzahl"</code> in the * <code><pr:Person></code> data. * * @param identityLink <code>IdentityLink</code> containing the * attribute <code>prPerson</code> - * @param provideZMRZahl true if <code>"ZMR-Zahl"</code> is to be included; + * @param provideStammzahl true if <code>"Stammzahl"</code> is to be included; * false otherwise * @return the <code><pr:Person></code> element as a String * @throws BuildException on any error */ - public String build(IdentityLink identityLink, boolean provideZMRZahl) + public String build(IdentityLink identityLink, boolean provideStammzahl) throws BuildException { try { Element prPerson = (Element)identityLink.getPrPerson().cloneNode(true); - if (! provideZMRZahl) { - Node prIdentification = XPathUtils.selectSingleNode(prPerson, "pr:Identification"); - prPerson.removeChild(prIdentification); + if (! provideStammzahl) { + Node prIdentification = XPathUtils.selectSingleNode(prPerson, "pr:Identification/pr:Value"); + //remove IdentificationValue + prIdentification.getFirstChild().setNodeValue(""); } String xmlString = DOMUtils.serializeNode(prPerson); return xmlString; diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/data/IdentityLink.java b/id.server/src/at/gv/egovernment/moa/id/auth/data/IdentityLink.java index e2ad2625a..cc58db916 100644 --- a/id.server/src/at/gv/egovernment/moa/id/auth/data/IdentityLink.java +++ b/id.server/src/at/gv/egovernment/moa/id/auth/data/IdentityLink.java @@ -14,10 +14,14 @@ import org.w3c.dom.Element; */ public class IdentityLink { /** - * <code>"identificationValue"</code> is the translation of <code>"ZMR-Zahl"</code>. + * <code>"identificationValue"</code> is the translation of <code>"Stammzahl"</code>. */ private String identificationValue; /** + * <code>"identificationType"</code> type of the identificationValue in the IdentityLink. + */ + private String identificationType; + /** * first name */ private String givenName; @@ -82,13 +86,22 @@ public class IdentityLink { /** * Returns the identificationValue. - * <code>"identificationValue"</code> is the translation of <code>"ZMR-Zahl"</code>. + * <code>"identificationValue"</code> is the translation of <code>"Stammzahl"</code>. * @return String */ public String getIdentificationValue() { return identificationValue; } + /** + * Returns the identificationType. + * <code>"identificationType"</code> type of the identificationValue in the IdentityLink. + * @return String + */ + public String getIdentificationType() { + return identificationType; + } + /** * Sets the dateOfBirth. * @param dateOfBirth The dateOfBirth to set @@ -115,12 +128,20 @@ public class IdentityLink { /** * Sets the identificationValue. - * <code>"identificationValue"</code> is the translation of <code>"ZMR-Zahl"</code>. + * <code>"identificationValue"</code> is the translation of <code>"Stammzahl"</code>. * @param identificationValue The identificationValue to set */ public void setIdentificationValue(String identificationValue) { this.identificationValue = identificationValue; } + + /** + * Sets the Type of the identificationValue. + * @param identificationType The type of identificationValue to set + */ + public void setIdentificationType(String identificationType) { + this.identificationType = identificationType; + } /** * Returns the samlAssertion. diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParser.java b/id.server/src/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParser.java index f9ef54884..49baf1bf5 100644 --- a/id.server/src/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParser.java +++ b/id.server/src/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParser.java @@ -97,6 +97,16 @@ public class IdentityLinkAssertionParser { + "Identification/" + PDATA + "Value"; + + /** Xpath expression to the Identification Value element */ + private static final String PERSON_IDENT_TYPE_XPATH = + PERSON_XPATH + + "/" + + PDATA + + "Identification/" + + PDATA + + "Type"; + /** Xpath expression to the RSAKeyValue element */ private static final String RSA_KEY_VALUE_XPATH = ROOT @@ -179,12 +189,13 @@ public class IdentityLinkAssertionParser { IdentityLink identityLink; try { identityLink = new IdentityLink(); - //ÄNDERN: NUR der Identification-Teil identityLink.setSamlAssertion(assertionElem); identityLink.setPrPerson((Element) XPathUtils.selectSingleNode(assertionElem, PERSON_XPATH)); identityLink.setIdentificationValue( XPathUtils.getElementValue(assertionElem, PERSON_IDENT_VALUE_XPATH, "")); + identityLink.setIdentificationType( + XPathUtils.getElementValue(assertionElem, PERSON_IDENT_TYPE_XPATH, "")); identityLink.setGivenName( XPathUtils.getElementValue(assertionElem, PERSON_GIVEN_NAME_XPATH, "")); identityLink.setFamilyName( diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java b/id.server/src/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java index 6ff52bc4a..95878007e 100644 --- a/id.server/src/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java +++ b/id.server/src/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java @@ -35,7 +35,7 @@ public class AuthServlet extends HttpServlet implements MOAIDAuthConstants { * <ul> * <li>Logs the error</li> * <li>Places error message and exception thrown into the request - * as request attributes (to be used by <code>"/errorpage.jsp"</code>)</li> + * as request attributes (to be used by <code>"/errorpage-auth.jsp"</code>)</li> * <li>Sets HTTP status 500 (internal server error)</li> * </ul> * @@ -59,9 +59,9 @@ public class AuthServlet extends HttpServlet implements MOAIDAuthConstants { req.setAttribute("ExceptionThrown", exceptionThrown); } - //forward this to errorpage.jsp wher the HTML error page is generated + //forward this to errorpage-auth.jsp where the HTML error page is generated ServletContext context = getServletContext(); - RequestDispatcher dispatcher = context.getRequestDispatcher("/errorpage.jsp"); + RequestDispatcher dispatcher = context.getRequestDispatcher("/errorpage-auth.jsp"); try { dispatcher.forward(req, resp); } catch (ServletException e) { @@ -80,9 +80,9 @@ public class AuthServlet extends HttpServlet implements MOAIDAuthConstants { Logger.error(ex.toString()); req.setAttribute("WrongParameters", ex.getMessage()); - // forward this to errorpage.jsp where the HTML error page is generated + // forward this to errorpage-auth.jsp where the HTML error page is generated ServletContext context = getServletContext(); - RequestDispatcher dispatcher = context.getRequestDispatcher("/errorpage.jsp"); + RequestDispatcher dispatcher = context.getRequestDispatcher("/errorpage-auth.jsp"); try { dispatcher.forward(req, resp); } catch (ServletException e) { diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/servlet/ConfigurationServlet.java b/id.server/src/at/gv/egovernment/moa/id/auth/servlet/ConfigurationServlet.java index 1dc1897b2..f33377547 100644 --- a/id.server/src/at/gv/egovernment/moa/id/auth/servlet/ConfigurationServlet.java +++ b/id.server/src/at/gv/egovernment/moa/id/auth/servlet/ConfigurationServlet.java @@ -1,17 +1,18 @@ package at.gv.egovernment.moa.id.auth.servlet; import java.io.IOException; -import java.io.PrintWriter; import java.text.DateFormat; import java.util.Date; import java.util.Locale; +import javax.servlet.ServletConfig; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import at.gv.egovernment.moa.id.auth.MOAIDAuthInitializer; +import at.gv.egovernment.moa.id.util.HTTPRequestJSPForwarder; import at.gv.egovernment.moa.id.util.MOAIDMessageProvider; import at.gv.egovernment.moa.logging.Logger; @@ -22,9 +23,6 @@ import at.gv.egovernment.moa.logging.Logger; * @version $Id$ */ public class ConfigurationServlet extends HttpServlet { - /** Constant for the DTD-Doc type */ - private static final String DOC_TYPE = - "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.0 Transitional//EN\">\n"; /** * Handle a HTTP GET request, used to indicated that the MOA @@ -36,13 +34,7 @@ public class ConfigurationServlet extends HttpServlet { throws ServletException, IOException { MOAIDMessageProvider msg = MOAIDMessageProvider.getInstance(); - PrintWriter out; - response.setContentType("text/html"); - out = response.getWriter(); - out.println(DOC_TYPE); - out.println("<head><title>MOA configuration update</title></head>"); - out.println("<body bgcolor=\"#FFFFFF\">"); try { MOAIDAuthInitializer.initialized=false; MOAIDAuthInitializer.initialize(); @@ -50,21 +42,13 @@ public class ConfigurationServlet extends HttpServlet { { DateFormat.getTimeInstance(DateFormat.MEDIUM, Locale.GERMAN).format(new Date())} ); Logger.info(message); - //TODO low-priority: change to ErrorPage - out.println("<p><b>"); - out.println(message); - out.println("</b></p>"); + HTTPRequestJSPForwarder.forwardNamed(message, "/message-auth.jsp", getServletContext(), request, response); + } catch (Throwable t) { String errorMessage = msg.getMessage("config.04", null); Logger.error(errorMessage, t); - out.println("<p><b>"); - out.println(errorMessage); - out.println("</b></p>"); + HTTPRequestJSPForwarder.forwardNamed(errorMessage, "/message-auth.jsp", getServletContext(), request, response); } - out.println("</body>"); - - out.flush(); - out.close(); } /** @@ -77,4 +61,15 @@ public class ConfigurationServlet extends HttpServlet { doGet(request, response); } + /** + * Calls the web application initializer. + * + * @see javax.servlet.Servlet#init(ServletConfig) + */ + public void init(ServletConfig servletConfig) throws ServletException { + super.init(servletConfig); + } + } + + diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java b/id.server/src/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java index 8de475f95..ec8cb7b1a 100644 --- a/id.server/src/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java +++ b/id.server/src/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java @@ -53,7 +53,7 @@ public class VerifyXMLSignatureResponseValidator { if (verifyXMLSignatureResponse.getSignatureCheckCode() != 0) throw new ValidateException("validator.06", null); - //TODO enhance error messages (reason why check failed) + //TODO MOA-ID enhance error messages (reason why check failed) if (verifyXMLSignatureResponse.getCertificateCheckCode() != 0) if (whatToCheck.equals(CHECK_IDENTITY_LINK)) throw new ValidateException("validator.07", null); |