diff options
Diffstat (limited to 'id.server/src/at/gv/egovernment/moa/id/auth')
-rw-r--r-- | id.server/src/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java | 182 |
1 files changed, 102 insertions, 80 deletions
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java b/id.server/src/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java index 359280fe2..d1b7a927c 100644 --- a/id.server/src/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java +++ b/id.server/src/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java @@ -36,110 +36,132 @@ import javax.mail.Session; * @version $Id$ */ public class MOAIDAuthInitializer { - - /** a boolean identifying if the MOAIDAuthInitializer has been startet */ - public static boolean initialized = false; - + /** a boolean identifying if the MOAIDAuthInitializer has been startet */ + public static boolean initialized = false; /** - * Initializes the web application components which need initialization: + * Initializes the web application components which need initialization: * logging, JSSE, MOA-ID Auth configuration, Axis, session cleaner. */ - public static void initialize() - throws ConfigurationException, PKIException, IOException, GeneralSecurityException { - if (initialized) - return; - initialized=true; + public static void initialize() throws ConfigurationException, + PKIException, IOException, GeneralSecurityException { + if (initialized) return; + initialized = true; Logger.setHierarchy("moa.id.auth"); - Logger.info("Default java file.encoding: " + System.getProperty( "file.encoding" )); + Logger.info("Default java file.encoding: " + + System.getProperty("file.encoding")); - //JDK bug workaround according to: http://jce.iaik.tugraz.at/products/03_cms/faq/index.php#JarVerifier - // register content data handlers for S/MIME types + //JDK bug workaround according to: + // http://jce.iaik.tugraz.at/products/03_cms/faq/index.php#JarVerifier + // register content data handlers for S/MIME types MailcapCommandMap mc = new MailcapCommandMap(); - CommandMap.setDefaultCommandMap(mc); - - // create some properties and get the default Session - Properties props = new Properties(); - props.put("mail.smtp.host", "localhost"); - Session session = Session.getDefaultInstance(props, null); - - // TODO remove (only used for debugging) - Logger.debug("System supportet https.cipherSuites: " + System.getProperty("https.cipherSuites", "SSL_RSA_WITH_RC4_128_SHA,SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_3DES_EDE_CBC_SHA")); - + CommandMap.setDefaultCommandMap(mc); + + // create some properties and get the default Session + Properties props = new Properties(); + props.put("mail.smtp.host", "localhost"); + Session session = Session.getDefaultInstance(props, null); + // Restricts TLS cipher suites - System.setProperty("https.cipherSuites", "SSL_RSA_WITH_RC4_128_SHA,SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_3DES_EDE_CBC_SHA"); - // load some jsse classes so that the integrity of the jars can be verified - // before the iaik jce is installed as the security provider - // this workaround is only needed when sun jsse is used in conjunction with - // iaik-jce (on jdk1.3) - ClassLoader cl = MOAIDAuthInitializer.class.getClassLoader(); - try { - cl.loadClass("javax.security.cert.Certificate"); // from jcert.jar - } - catch (ClassNotFoundException e) { - Logger.warn(MOAIDMessageProvider.getInstance().getMessage("init.01", null), e); - } + System + .setProperty( + "https.cipherSuites", + "SSL_RSA_WITH_RC4_128_SHA,SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_3DES_EDE_CBC_SHA"); + // load some jsse classes so that the integrity of the jars can be + // verified + // before the iaik jce is installed as the security provider + // this workaround is only needed when sun jsse is used in conjunction + // with + // iaik-jce (on jdk1.3) + ClassLoader cl = MOAIDAuthInitializer.class.getClassLoader(); + try { + cl.loadClass("javax.security.cert.Certificate"); // from jcert.jar + } catch (ClassNotFoundException e) { + Logger.warn(MOAIDMessageProvider.getInstance().getMessage( + "init.01", null), e); + } // Initializes SSLSocketFactory store - SSLUtils.initialize(); - - // Initializes Namespace Map - Constants.nSMap.put(Constants.SAML_PREFIX, Constants.SAML_NS_URI); - Constants.nSMap.put(Constants.ECDSA_PREFIX, "http://www.w3.org/2001/04/xmldsig-more#"); - Constants.nSMap.put(Constants.DSIG_PREFIX, Constants.DSIG_NS_URI); - - // Loads the configuration - AuthConfigurationProvider authConf = AuthConfigurationProvider.reload(); - ConnectionParameter moaSPConnParam = authConf.getMoaSpConnectionParameter(); - - // If MOA-SP API calls: loads MOA-SP configuration and configures IAIK - if (moaSPConnParam == null) { - try { - LoggingContextManager.getInstance().setLoggingContext( - new LoggingContext("startup")); - ConfigurationProvider config = ConfigurationProvider.getInstance(); - new IaikConfigurator().configure(config); - } - catch (at.gv.egovernment.moa.spss.server.config.ConfigurationException ex) { - throw new ConfigurationException("config.10", new Object[] { ex.toString() }, ex); - } - } - - // Initializes IAIKX509TrustManager logging - String log4jConfigURL = System.getProperty("log4j.configuration"); - if (log4jConfigURL != null) { - IAIKX509TrustManager.initLog(new LoggerConfigImpl(log4jConfigURL)); - } - - // Initializes the Axis secure socket factory for use in calling the MOA-SP web service + SSLUtils.initialize(); + + // Initializes Namespace Map + Constants.nSMap.put(Constants.SAML_PREFIX, Constants.SAML_NS_URI); + Constants.nSMap.put(Constants.ECDSA_PREFIX, + "http://www.w3.org/2001/04/xmldsig-more#"); + Constants.nSMap.put(Constants.DSIG_PREFIX, Constants.DSIG_NS_URI); + + // Loads the configuration + AuthConfigurationProvider authConf = AuthConfigurationProvider.reload(); + ConnectionParameter moaSPConnParam = authConf + .getMoaSpConnectionParameter(); + + // If MOA-SP API calls: loads MOA-SP configuration and configures IAIK + if (moaSPConnParam == null) { + try { + LoggingContextManager.getInstance().setLoggingContext( + new LoggingContext("startup")); + ConfigurationProvider config = ConfigurationProvider + .getInstance(); + new IaikConfigurator().configure(config); + } catch (at.gv.egovernment.moa.spss.server.config.ConfigurationException ex) { + throw new ConfigurationException("config.10", new Object[] { ex + .toString() }, ex); + } + } + + // Initializes IAIKX509TrustManager logging + String log4jConfigURL = System.getProperty("log4j.configuration"); + if (log4jConfigURL != null) { + IAIKX509TrustManager.initLog(new LoggerConfigImpl(log4jConfigURL)); + } + + // Initializes the Axis secure socket factory for use in calling the + // MOA-SP web service if (moaSPConnParam != null && moaSPConnParam.isHTTPSURL()) { - SSLSocketFactory ssf = SSLUtils.getSSLSocketFactory(authConf, moaSPConnParam); + SSLSocketFactory ssf = SSLUtils.getSSLSocketFactory(authConf, + moaSPConnParam); AxisSecureSocketFactory.initialize(ssf); - } + } // sets the authentication session and authentication data time outs - String param = authConf.getGenericConfigurationParameter(AuthConfigurationProvider.AUTH_SESSION_TIMEOUT_PROPERTY); + String param = authConf + .getGenericConfigurationParameter(AuthConfigurationProvider.AUTH_SESSION_TIMEOUT_PROPERTY); if (param != null) { long sessionTimeOut = 0; - try { sessionTimeOut = new Long(param).longValue(); } - catch (NumberFormatException ex) { - Logger.error(MOAIDMessageProvider.getInstance().getMessage("config.05", new Object[] {AuthConfigurationProvider.AUTH_SESSION_TIMEOUT_PROPERTY})); + try { + sessionTimeOut = new Long(param).longValue(); + } catch (NumberFormatException ex) { + Logger + .error(MOAIDMessageProvider + .getInstance() + .getMessage( + "config.05", + new Object[] { AuthConfigurationProvider.AUTH_SESSION_TIMEOUT_PROPERTY })); } if (sessionTimeOut > 0) - AuthenticationServer.getInstance().setSecondsSessionTimeOut(sessionTimeOut); + AuthenticationServer.getInstance() + .setSecondsSessionTimeOut(sessionTimeOut); } - param = authConf.getGenericConfigurationParameter(AuthConfigurationProvider.AUTH_DATA_TIMEOUT_PROPERTY); + param = authConf + .getGenericConfigurationParameter(AuthConfigurationProvider.AUTH_DATA_TIMEOUT_PROPERTY); if (param != null) { long authDataTimeOut = 0; - try { authDataTimeOut = new Long(param).longValue(); } - catch (NumberFormatException ex) { - Logger.error(MOAIDMessageProvider.getInstance().getMessage("config.05", new Object[] {AuthConfigurationProvider.AUTH_DATA_TIMEOUT_PROPERTY})); + try { + authDataTimeOut = new Long(param).longValue(); + } catch (NumberFormatException ex) { + Logger + .error(MOAIDMessageProvider + .getInstance() + .getMessage( + "config.05", + new Object[] { AuthConfigurationProvider.AUTH_DATA_TIMEOUT_PROPERTY })); } if (authDataTimeOut > 0) - AuthenticationServer.getInstance().setSecondsAuthDataTimeOut(authDataTimeOut); + AuthenticationServer.getInstance() + .setSecondsAuthDataTimeOut(authDataTimeOut); } } - -} + +}
\ No newline at end of file |