aboutsummaryrefslogtreecommitdiff
path: root/id.server/src/at/gv/egovernment/moa/id/auth
diff options
context:
space:
mode:
Diffstat (limited to 'id.server/src/at/gv/egovernment/moa/id/auth')
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java95
1 files changed, 56 insertions, 39 deletions
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java b/id.server/src/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java
index e5504028f..359280fe2 100644
--- a/id.server/src/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java
+++ b/id.server/src/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java
@@ -6,6 +6,7 @@ import iaik.pki.jsse.IAIKX509TrustManager;
import java.security.GeneralSecurityException;
import java.util.HashMap;
+import java.io.File;
import java.io.IOException;
import javax.net.ssl.SSLSocketFactory;
@@ -23,6 +24,10 @@ import at.gv.egovernment.moa.logging.LoggingContextManager;
import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
import at.gv.egovernment.moa.spss.server.iaik.config.IaikConfigurator;
import at.gv.egovernment.moa.util.Constants;
+import javax.activation.MailcapCommandMap;
+import javax.activation.CommandMap;
+import java.util.Properties;
+import javax.mail.Session;
/**
* Web application initializer
@@ -37,18 +42,32 @@ public class MOAIDAuthInitializer {
- /**
- * Initializes the web application components which need initialization:
- * logging, JSSE, MOA-ID Auth configuration, Axis, session cleaner.
- */
- public static void initialize()
- throws ConfigurationException, PKIException, IOException, GeneralSecurityException {
- if (initialized)
+ /**
+ * Initializes the web application components which need initialization:
+ * logging, JSSE, MOA-ID Auth configuration, Axis, session cleaner.
+ */
+ public static void initialize()
+ throws ConfigurationException, PKIException, IOException, GeneralSecurityException {
+ if (initialized)
return;
initialized=true;
- Logger.setHierarchy("moa.id.auth");
- Logger.info("Default java file.encoding: " + System.getProperty( "file.encoding" ));
- // Restricts TLS cipher suites
+ Logger.setHierarchy("moa.id.auth");
+ Logger.info("Default java file.encoding: " + System.getProperty( "file.encoding" ));
+
+ //JDK bug workaround according to: http://jce.iaik.tugraz.at/products/03_cms/faq/index.php#JarVerifier
+ // register content data handlers for S/MIME types
+ MailcapCommandMap mc = new MailcapCommandMap();
+ CommandMap.setDefaultCommandMap(mc);
+
+ // create some properties and get the default Session
+ Properties props = new Properties();
+ props.put("mail.smtp.host", "localhost");
+ Session session = Session.getDefaultInstance(props, null);
+
+ // TODO remove (only used for debugging)
+ Logger.debug("System supportet https.cipherSuites: " + System.getProperty("https.cipherSuites", "SSL_RSA_WITH_RC4_128_SHA,SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_3DES_EDE_CBC_SHA"));
+
+ // Restricts TLS cipher suites
System.setProperty("https.cipherSuites", "SSL_RSA_WITH_RC4_128_SHA,SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_3DES_EDE_CBC_SHA");
// load some jsse classes so that the integrity of the jars can be verified
// before the iaik jce is installed as the security provider
@@ -62,13 +81,11 @@ public class MOAIDAuthInitializer {
Logger.warn(MOAIDMessageProvider.getInstance().getMessage("init.01", null), e);
}
- // Initializes SSLSocketFactory store
+ // Initializes SSLSocketFactory store
SSLUtils.initialize();
// Initializes Namespace Map
Constants.nSMap.put(Constants.SAML_PREFIX, Constants.SAML_NS_URI);
- //TODO RS change to correct Namespace as soon BMI has corrected the wrong NS
- //nSMap.put(Constants.ECDSA_PREFIX, Constants.ECDSA_NS_URI); correct version
Constants.nSMap.put(Constants.ECDSA_PREFIX, "http://www.w3.org/2001/04/xmldsig-more#");
Constants.nSMap.put(Constants.DSIG_PREFIX, Constants.DSIG_NS_URI);
@@ -95,34 +112,34 @@ public class MOAIDAuthInitializer {
IAIKX509TrustManager.initLog(new LoggerConfigImpl(log4jConfigURL));
}
- // Initializes the Axis secure socket factory for use in calling the MOA-SP web service
- if (moaSPConnParam != null && moaSPConnParam.isHTTPSURL()) {
+ // Initializes the Axis secure socket factory for use in calling the MOA-SP web service
+ if (moaSPConnParam != null && moaSPConnParam.isHTTPSURL()) {
SSLSocketFactory ssf = SSLUtils.getSSLSocketFactory(authConf, moaSPConnParam);
- AxisSecureSocketFactory.initialize(ssf);
+ AxisSecureSocketFactory.initialize(ssf);
}
- // sets the authentication session and authentication data time outs
- String param = authConf.getGenericConfigurationParameter(AuthConfigurationProvider.AUTH_SESSION_TIMEOUT_PROPERTY);
- if (param != null) {
- long sessionTimeOut = 0;
- try { sessionTimeOut = new Long(param).longValue(); }
- catch (NumberFormatException ex) {
- Logger.error(MOAIDMessageProvider.getInstance().getMessage("config.05", new Object[] {AuthConfigurationProvider.AUTH_SESSION_TIMEOUT_PROPERTY}));
- }
- if (sessionTimeOut > 0)
- AuthenticationServer.getInstance().setSecondsSessionTimeOut(sessionTimeOut);
- }
- param = authConf.getGenericConfigurationParameter(AuthConfigurationProvider.AUTH_DATA_TIMEOUT_PROPERTY);
- if (param != null) {
- long authDataTimeOut = 0;
- try { authDataTimeOut = new Long(param).longValue(); }
- catch (NumberFormatException ex) {
- Logger.error(MOAIDMessageProvider.getInstance().getMessage("config.05", new Object[] {AuthConfigurationProvider.AUTH_DATA_TIMEOUT_PROPERTY}));
- }
- if (authDataTimeOut > 0)
- AuthenticationServer.getInstance().setSecondsAuthDataTimeOut(authDataTimeOut);
- }
+ // sets the authentication session and authentication data time outs
+ String param = authConf.getGenericConfigurationParameter(AuthConfigurationProvider.AUTH_SESSION_TIMEOUT_PROPERTY);
+ if (param != null) {
+ long sessionTimeOut = 0;
+ try { sessionTimeOut = new Long(param).longValue(); }
+ catch (NumberFormatException ex) {
+ Logger.error(MOAIDMessageProvider.getInstance().getMessage("config.05", new Object[] {AuthConfigurationProvider.AUTH_SESSION_TIMEOUT_PROPERTY}));
+ }
+ if (sessionTimeOut > 0)
+ AuthenticationServer.getInstance().setSecondsSessionTimeOut(sessionTimeOut);
+ }
+ param = authConf.getGenericConfigurationParameter(AuthConfigurationProvider.AUTH_DATA_TIMEOUT_PROPERTY);
+ if (param != null) {
+ long authDataTimeOut = 0;
+ try { authDataTimeOut = new Long(param).longValue(); }
+ catch (NumberFormatException ex) {
+ Logger.error(MOAIDMessageProvider.getInstance().getMessage("config.05", new Object[] {AuthConfigurationProvider.AUTH_DATA_TIMEOUT_PROPERTY}));
+ }
+ if (authDataTimeOut > 0)
+ AuthenticationServer.getInstance().setSecondsAuthDataTimeOut(authDataTimeOut);
+ }
- }
-
+ }
+
}