aboutsummaryrefslogtreecommitdiff
path: root/id.server/src/at/gv/egovernment/moa/id/proxy/servlet
diff options
context:
space:
mode:
Diffstat (limited to 'id.server/src/at/gv/egovernment/moa/id/proxy/servlet')
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ConfigurationServlet.java35
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ProxyServlet.java189
2 files changed, 134 insertions, 90 deletions
diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ConfigurationServlet.java b/id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ConfigurationServlet.java
index d6ec4951b..4ab2e2cf7 100644
--- a/id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ConfigurationServlet.java
+++ b/id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ConfigurationServlet.java
@@ -1,17 +1,18 @@
package at.gv.egovernment.moa.id.proxy.servlet;
import java.io.IOException;
-import java.io.PrintWriter;
import java.text.DateFormat;
import java.util.Date;
import java.util.Locale;
+import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import at.gv.egovernment.moa.id.proxy.MOAIDProxyInitializer;
+import at.gv.egovernment.moa.id.util.HTTPRequestJSPForwarder;
import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
import at.gv.egovernment.moa.logging.Logger;
@@ -22,9 +23,6 @@ import at.gv.egovernment.moa.logging.Logger;
* @version $Id$
*/
public class ConfigurationServlet extends HttpServlet {
- /** The standard String for DTD Doc-type */
- private static final String DOC_TYPE =
- "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.0 Transitional//EN\">\n";
/**
* Handle a HTTP GET request, used to indicated that the MOA
@@ -36,13 +34,6 @@ public class ConfigurationServlet extends HttpServlet {
throws ServletException, IOException {
MOAIDMessageProvider msg = MOAIDMessageProvider.getInstance();
- PrintWriter out;
-
- response.setContentType("text/html");
- out = response.getWriter();
- out.println(DOC_TYPE);
- out.println("<head><title>MOA configuration update</title></head>");
- out.println("<body bgcolor=\"#FFFFFF\">");
try {
MOAIDProxyInitializer.initialize();
@@ -50,21 +41,12 @@ public class ConfigurationServlet extends HttpServlet {
{ DateFormat.getTimeInstance(DateFormat.MEDIUM, Locale.GERMAN).format(new Date())} );
Logger.info(message);
- //TODO low-priority: change to ErrorPage
- out.println("<p><b>");
- out.println(message);
- out.println("</b></p>");
+ HTTPRequestJSPForwarder.forwardNamed(message, "/message-proxy.jsp", getServletContext(), request, response);
} catch (Throwable t) {
String errorMessage = msg.getMessage("config.04", null);
Logger.error(errorMessage, t);
- out.println("<p><b>");
- out.println(errorMessage);
- out.println("</b></p>");
+ HTTPRequestJSPForwarder.forwardNamed(errorMessage, "/message-proxy.jsp", getServletContext(), request, response);
}
- out.println("</body>");
-
- out.flush();
- out.close();
}
/**
@@ -77,4 +59,13 @@ public class ConfigurationServlet extends HttpServlet {
doGet(request, response);
}
+/**
+ * Calls the web application initializer.
+ *
+ * @see javax.servlet.Servlet#init(ServletConfig)
+ */
+public void init(ServletConfig servletConfig) throws ServletException {
+ super.init(servletConfig);
}
+
+} \ No newline at end of file
diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ProxyServlet.java b/id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ProxyServlet.java
index 362849fb1..7980778d9 100644
--- a/id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ProxyServlet.java
+++ b/id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ProxyServlet.java
@@ -3,7 +3,6 @@ package at.gv.egovernment.moa.id.proxy.servlet;
import java.io.BufferedInputStream;
import java.io.BufferedOutputStream;
import java.io.IOException;
-import java.io.OutputStream;
import java.io.PrintWriter;
import java.io.StringWriter;
import java.net.HttpURLConnection;
@@ -14,7 +13,9 @@ import java.util.Iterator;
import java.util.Map;
import javax.net.ssl.SSLSocketFactory;
+import javax.servlet.RequestDispatcher;
import javax.servlet.ServletConfig;
+import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
@@ -39,6 +40,7 @@ import at.gv.egovernment.moa.id.proxy.LoginParameterResolver;
import at.gv.egovernment.moa.id.proxy.LoginParameterResolverException;
import at.gv.egovernment.moa.id.proxy.LoginParameterResolverFactory;
import at.gv.egovernment.moa.id.proxy.MOAIDProxyInitializer;
+import at.gv.egovernment.moa.id.proxy.NotAllowedException;
import at.gv.egovernment.moa.id.proxy.invoke.GetAuthenticationDataInvoker;
import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
import at.gv.egovernment.moa.id.util.SSLUtils;
@@ -67,6 +69,8 @@ public class ProxyServlet extends HttpServlet {
private static final String ATT_LOGIN_HEADERS = "LoginHeaders";
/** Name of the Attribute for the LoginParameters */
private static final String ATT_LOGIN_PARAMETERS = "LoginParameters";
+ /** Name of the Attribute for the SAMLARTIFACT */
+ private static final String ATT_SAML_ARTIFACT = "SamlArtifact";
/**
* @see javax.servlet.http.HttpServlet#service(HttpServletRequest, HttpServletResponse)
@@ -75,17 +79,25 @@ public class ProxyServlet extends HttpServlet {
Logger.debug("getRequestURL:" + req.getRequestURL().toString());
try {
- if (req.getParameter(PARAM_SAMLARTIFACT) != null && req.getParameter(PARAM_TARGET) != null)
- login(req, resp);
+ if (req.getParameter(PARAM_SAMLARTIFACT) != null && req.getParameter(PARAM_TARGET) != null) {
+
+ // check if SAML Artifact was already used in this session (in case of page reload)
+ HttpSession session = req.getSession();
+ if(null != session && req.getParameter(PARAM_SAMLARTIFACT).equals(session.getAttribute(ATT_SAML_ARTIFACT))) {
+ tunnelRequest(req, resp);
+ } else
+ // it is the first time that the SAML Artifact was used
+ login(req, resp);
+ }
else
tunnelRequest(req, resp);
}
catch (MOAIDException ex) {
- handleError(resp, ex.toString(), ex);
+ handleError(ex.getMessage(), ex, req, resp);
}
catch (Throwable ex) {
- handleError(resp, ex.toString(), ex);
- }
+ handleError(ex.getMessage(), ex, req, resp);
+ }
}
/**
@@ -113,8 +125,15 @@ public class ProxyServlet extends HttpServlet {
// String target = req.getParameter(PARAM_TARGET); parameter given but not processed
// get authentication data from the MOA-ID Auth component
- AuthenticationData authData = new GetAuthenticationDataInvoker().getAuthenticationData(samlArtifact);
-
+ AuthenticationData authData;
+ try {
+ authData = new GetAuthenticationDataInvoker().getAuthenticationData(samlArtifact);
+ } catch (ServiceException ex) {
+ throw new ProxyException("proxy.14", new Object[] {ex});
+ } catch (ProxyException ex) {
+ throw new ProxyException("proxy.14", new Object[] {ex});
+ }
+
String urlRequested = req.getRequestURL().toString();
// read configuration data
@@ -129,29 +148,34 @@ public class ProxyServlet extends HttpServlet {
ConnectionParameter oaConnParam = oaParam.getConnectionParameter();
String realURLPrefix = oaConnParam.getUrl();
- // resolve login parameters to be forwarded to online application
- LoginParameterResolver lpr = LoginParameterResolverFactory.getLoginParameterResolver(publicURLPrefix);
+ // resolve login parameters to be forwarded to online application
+ LoginParameterResolver lpr =
+ LoginParameterResolverFactory.getLoginParameterResolver(publicURLPrefix);
String clientIPAddress = req.getRemoteAddr();
Map loginHeaders = null;
Map loginParameters = null;
try {
- if (oaConf.getAuthType().equals(OAConfiguration.PARAM_AUTH))
- loginParameters = lpr.getAuthenticationParameters(oaConf, authData, clientIPAddress);
- else
- loginHeaders = lpr.getAuthenticationHeaders(oaConf, authData, clientIPAddress);
-
- } catch (LoginParameterResolverException ex) {
- throw new ProxyException("proxy.13", new Object[] { publicURLPrefix });
- }
+ if (oaConf.getAuthType().equals(OAConfiguration.PARAM_AUTH))
+ loginParameters = lpr.getAuthenticationParameters(oaConf, authData, clientIPAddress);
+ else
+ loginHeaders = lpr.getAuthenticationHeaders(oaConf, authData, clientIPAddress);
+
+ } catch (LoginParameterResolverException ex) {
+ throw new ProxyException("proxy.13", new Object[] { publicURLPrefix });
+ } catch (NotAllowedException e) {
+ throw new ProxyException("proxy.15", new Object[] { });
+ }
// setup SSLSocketFactory for communication with the online application
SSLSocketFactory ssf = null;
if (oaConnParam.isHTTPSURL()) {
try {
ssf = SSLUtils.getSSLSocketFactory(proxyConf, oaConnParam);
- }
- catch (Throwable ex) {
- throw new ProxyException("proxy.05", new Object[] { oaConnParam.getUrl(), ex.toString()}, ex);
+ } catch (Throwable ex) {
+ throw new ProxyException(
+ "proxy.05",
+ new Object[] { oaConnParam.getUrl(), ex.toString()},
+ ex);
}
}
@@ -160,6 +184,7 @@ public class ProxyServlet extends HttpServlet {
String loginType = oaConf.getLoginType();
Logger.debug("Login type: " + loginType);
if (loginType.equals(OAConfiguration.LOGINTYPE_STATELESS)) {
+
HttpSession session = req.getSession();
int sessionTimeOut = oaParam.getSessionTimeOut();
if (sessionTimeOut == 0)
@@ -170,24 +195,40 @@ public class ProxyServlet extends HttpServlet {
session.setAttribute(ATT_SSL_SOCKET_FACTORY, ssf);
session.setAttribute(ATT_LOGIN_HEADERS, loginHeaders);
session.setAttribute(ATT_LOGIN_PARAMETERS, loginParameters);
+ session.setAttribute(ATT_SAML_ARTIFACT, samlArtifact);
Logger.debug("moa-id-proxy: HTTPSession angelegt");
}
-
- // tunnel request to the online application
- int respcode = tunnelRequest(req, resp, loginHeaders, loginParameters, publicURLPrefix, realURLPrefix, ssf);
- if (respcode == 401)
- {
- Logger.debug("Got 401, trying again");
- respcode = tunnelRequest(req, resp, loginHeaders, loginParameters, publicURLPrefix, realURLPrefix, ssf);
- if (respcode == 401)
- throw new ProxyException("proxy.12", new Object[] { realURLPrefix});
- }
- }
- catch (ProxyException ex) {
- throw new ProxyException("proxy.12", new Object[] { realURLPrefix});
- }
- catch (Throwable ex) {
+
+ // tunnel request to the online application
+ int respcode =
+ tunnelRequest(
+ req,
+ resp,
+ loginHeaders,
+ loginParameters,
+ publicURLPrefix,
+ realURLPrefix,
+ ssf);
+ if (respcode == 401) {
+ Logger.debug("Got 401, trying again");
+
+ respcode =
+ tunnelRequest(
+ req,
+ resp,
+ loginHeaders,
+ loginParameters,
+ publicURLPrefix,
+ realURLPrefix,
+ ssf);
+ if (respcode == 401)
+ throw new ProxyException("proxy.12", new Object[] { realURLPrefix });
+ }
+ } catch (ProxyException ex) {
+ throw new ProxyException("proxy.12", new Object[] { realURLPrefix });
+
+ } catch (Throwable ex) {
throw new ProxyException("proxy.04", new Object[] { urlRequested, ex.toString()}, ex);
}
}
@@ -202,9 +243,15 @@ public class ProxyServlet extends HttpServlet {
Logger.debug("Tunnel request (stateless)");
HttpSession session = req.getSession(false);
+
if (session == null)
throw new ProxyException("proxy.07", null);
String publicURLPrefix = (String) session.getAttribute(ATT_PUBLIC_URLPREFIX);
+ //A sesssion is automatically created when forwarded 1st time to errorpage-proxy.jsp (with the handleError method)
+ //additional check if publicURLPrefix is OK, if not throw an Exception
+ if (publicURLPrefix == null)
+ throw new ProxyException("proxy.07", null);
+
String realURLPrefix = (String) session.getAttribute(ATT_REAL_URLPREFIX);
SSLSocketFactory ssf = (SSLSocketFactory) session.getAttribute(ATT_SSL_SOCKET_FACTORY);
Map loginHeaders = (Map) session.getAttribute(ATT_LOGIN_HEADERS);
@@ -487,6 +534,7 @@ private boolean isTransferEncodingChunkedHeader(String headerKey, String headerV
* @see javax.servlet.Servlet#init(ServletConfig)
*/
public void init(ServletConfig servletConfig) throws ServletException {
+ super.init(servletConfig);
try {
MOAIDProxyInitializer.initialize();
Logger.info(MOAIDMessageProvider.getInstance().getMessage("proxy.00", null));
@@ -496,42 +544,47 @@ public void init(ServletConfig servletConfig) throws ServletException {
throw new ServletException(ex);
}
}
+
/**
- * Handles an error in proxying the request.
+ * Handles an error. <br>
* <ul>
- * <li>Logs the error.</li>
- * <li>Outputs an HTML error page.</li>
+ * <li>Logs the error</li>
+ * <li>Places error message and exception thrown into the request
+ * as request attributes (to be used by <code>"/errorpage-proxy.jsp"</code>)</li>
+ * <li>Sets HTTP status 500 (internal server error)</li>
* </ul>
- * @param resp the HttpServletResponse
- * @param errorMessage error message to be used
- * @param ex the exception to be logged
+ *
+ * @param errorMessage error message
+ * @param exceptionThrown exception thrown
+ * @param req servlet request
+ * @param resp servlet response
*/
-private void handleError(HttpServletResponse resp, String errorMessage, Throwable ex) {
- Logger.error(errorMessage, ex);
- String htmlCode =
- "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.0 Transitional//EN\">"
- + "<html><head><title>"
- + MOAIDMessageProvider.getInstance().getMessage("proxy.10", null)
- + "</title></head><body>"
- + "<h1>"
- + MOAIDMessageProvider.getInstance().getMessage("proxy.10", null)
- + "</h1>"
- + "<p>"
- + MOAIDMessageProvider.getInstance().getMessage("proxy.11", null)
- + "</p>"
- + "<p>"
- + errorMessage
- + "</p>"
- + "</body></html>";
- resp.setContentType("text/html");
- try {
- OutputStream respOut = resp.getOutputStream();
- respOut.write(htmlCode.getBytes());
- respOut.flush();
- }
- catch (IOException ioex) {
- Logger.error("", ioex);
- }
+protected void handleError(
+ String errorMessage, Throwable exceptionThrown, HttpServletRequest req, HttpServletResponse resp) {
+
+
+ if(null != errorMessage) {
+ Logger.error(errorMessage);
+ req.setAttribute("ErrorMessage", errorMessage );
+ }
+
+ if (null != exceptionThrown) {
+ if(null == errorMessage) errorMessage = exceptionThrown.getMessage();
+ Logger.error(errorMessage, exceptionThrown);
+ //req.setAttribute("ExceptionThrown", exceptionThrown);
+ }
+
+ //forward this to errorpage-proxy.jsp wher the HTML error page is generated
+ ServletContext context = getServletContext();
+ RequestDispatcher dispatcher = context.getRequestDispatcher("/errorpage-proxy.jsp");
+ try {
+ dispatcher.forward(req, resp);
+ } catch (ServletException e) {
+ Logger.error(e);
+ } catch (IOException e) {
+ Logger.error(e);
+ }
+
}
}