diff options
Diffstat (limited to 'id.server/src/at/gv/egovernment/moa/id/util')
8 files changed, 0 insertions, 1014 deletions
diff --git a/id.server/src/at/gv/egovernment/moa/id/util/AxisSecureSocketFactory.java b/id.server/src/at/gv/egovernment/moa/id/util/AxisSecureSocketFactory.java deleted file mode 100644 index 8967bdbba..000000000 --- a/id.server/src/at/gv/egovernment/moa/id/util/AxisSecureSocketFactory.java +++ /dev/null @@ -1,213 +0,0 @@ -package at.gv.egovernment.moa.id.util; - -import java.io.BufferedWriter; -import java.io.IOException; -import java.io.InputStream; -import java.io.OutputStream; -import java.io.OutputStreamWriter; -import java.io.PrintWriter; -import java.net.Socket; -import java.security.GeneralSecurityException; -import java.util.Hashtable; - -import javax.net.ssl.SSLSocket; -import javax.net.ssl.SSLSocketFactory; - -import org.apache.axis.components.net.BooleanHolder; -import org.apache.axis.components.net.DefaultSocketFactory; -import org.apache.axis.components.net.SecureSocketFactory; -import org.apache.axis.components.net.TransportClientProperties; -import org.apache.axis.components.net.TransportClientPropertiesFactory; -import org.apache.axis.utils.Messages; -import org.apache.axis.utils.XMLUtils; - -import at.gv.egovernment.moa.logging.Logger; - -/** - * Secure socket factory for Axis webs service clients of the MOA-ID component, - * which are the MOA-SP calls from MOA-ID Auth, - * and the MOA-ID Auth calls from MOA-ID Proxy. - * <br/>Use this initialization code:<br/> - * <code> // ConnectionParameter connParam = ... get from ConfigurationProvider - * AxisSecureSocketFactory.initialize(connParam);</code> - * <br/>See the Apache Axis documentation on how to configure this class - * as the default secure socket factory to be used by Axis. - * <br/> - * This code has been copied from <code>JSSESocketFactory</code>, the - * method <code>initialize()</code> has been added. - * - * - * @author Paul Ivancsics - * @version $Id$ - */ -public class AxisSecureSocketFactory - extends DefaultSocketFactory implements SecureSocketFactory { - - /** Field sslFactory */ - private static SSLSocketFactory sslFactory; - - /** - * Constructor for AxisSecureSocketFactory. - * @param attributes ??? - */ - public AxisSecureSocketFactory(Hashtable attributes) { - super(attributes); - } - /** - * Initializes the factory by setting the connection parameters to be used for - * setting the secure socket factory, and by setting the system property - * <code>axis.socketSecureFactory</code>. - * @param connParam <code>ConnectionParameter</code> to derive the - * secure socket factory from - */ - public static void initialize(SSLSocketFactory ssf) - throws IOException, GeneralSecurityException { - - Logger.debug("Initialize AxisSecureSocketFactory"); - sslFactory = ssf; - } - - /** - * creates a secure socket - * - * @param host - * @param port - * @param otherHeaders - * @param useFullURL - * - * @return Socket - * @throws Exception - */ - public Socket create( - String host, - int port, - StringBuffer otherHeaders, - BooleanHolder useFullURL) - throws Exception { - if (port == -1) { - port = 443; - } - - TransportClientProperties tcp = - TransportClientPropertiesFactory.create("https"); - - boolean hostInNonProxyList = - isHostInNonProxyList(host, tcp.getNonProxyHosts()); - - Socket sslSocket = null; - if (tcp.getProxyHost().length() == 0 || hostInNonProxyList) { - // direct SSL connection - sslSocket = sslFactory.createSocket(host, port); - } - else { - - // Default proxy port is 80, even for https - int tunnelPort = - (tcp.getProxyPort().length() != 0) - ? Integer.parseInt(tcp.getProxyPort()) - : 80; - if (tunnelPort < 0) - tunnelPort = 80; - - // Create the regular socket connection to the proxy - Socket tunnel = new Socket(tcp.getProxyHost(), tunnelPort); - - // The tunnel handshake method (condensed and made reflexive) - OutputStream tunnelOutputStream = tunnel.getOutputStream(); - PrintWriter out = - new PrintWriter( - new BufferedWriter(new OutputStreamWriter(tunnelOutputStream))); - - // More secure version... engage later? - // PasswordAuthentication pa = - // Authenticator.requestPasswordAuthentication( - // InetAddress.getByName(tunnelHost), - // tunnelPort, "SOCK", "Proxy","HTTP"); - // if(pa == null){ - // printDebug("No Authenticator set."); - // }else{ - // printDebug("Using Authenticator."); - // tunnelUser = pa.getUserName(); - // tunnelPassword = new String(pa.getPassword()); - // } - out.print( - "CONNECT " - + host - + ":" - + port - + " HTTP/1.0\r\n" - + "User-Agent: AxisClient"); - if (tcp.getProxyUser().length() != 0 - && tcp.getProxyPassword().length() != 0) { - - // add basic authentication header for the proxy - String encodedPassword = - XMLUtils.base64encode( - (tcp.getProxyUser() + ":" + tcp.getProxyPassword()).getBytes()); - - out.print("\nProxy-Authorization: Basic " + encodedPassword); - } - out.print("\nContent-Length: 0"); - out.print("\nPragma: no-cache"); - out.print("\r\n\r\n"); - out.flush(); - InputStream tunnelInputStream = tunnel.getInputStream(); - - if (log.isDebugEnabled()) { - log.debug( - Messages.getMessage( - "isNull00", - "tunnelInputStream", - "" + (tunnelInputStream == null))); - } - String replyStr = ""; - - // Make sure to read all the response from the proxy to prevent SSL negotiation failure - // Response message terminated by two sequential newlines - int newlinesSeen = 0; - boolean headerDone = false; /* Done on first newline */ - - while (newlinesSeen < 2) { - int i = tunnelInputStream.read(); - - if (i < 0) { - throw new IOException("Unexpected EOF from proxy"); - } - if (i == '\n') { - headerDone = true; - ++newlinesSeen; - } - else if (i != '\r') { - newlinesSeen = 0; - if (!headerDone) { - replyStr += String.valueOf((char) i); - } - } - } - if (!replyStr.startsWith("HTTP/1.0 200") - && !replyStr.startsWith("HTTP/1.1 200")) { - throw new IOException( - Messages.getMessage( - "cantTunnel00", - new String[] { tcp.getProxyHost(), "" + tunnelPort, replyStr })); - } - - // End of condensed reflective tunnel handshake method - sslSocket = sslFactory.createSocket(tunnel, host, port, true); - if (log.isDebugEnabled()) { - log.debug( - Messages.getMessage( - "setupTunnel00", - tcp.getProxyHost(), - "" + tunnelPort)); - } - } - - ((SSLSocket) sslSocket).startHandshake(); - if (log.isDebugEnabled()) { - log.debug(Messages.getMessage("createdSSL00")); - } - return sslSocket; - } - -} diff --git a/id.server/src/at/gv/egovernment/moa/id/util/HTTPRequestJSPForwarder.java b/id.server/src/at/gv/egovernment/moa/id/util/HTTPRequestJSPForwarder.java deleted file mode 100644 index 7c4731555..000000000 --- a/id.server/src/at/gv/egovernment/moa/id/util/HTTPRequestJSPForwarder.java +++ /dev/null @@ -1,76 +0,0 @@ -/* - * Created on 17.02.2004 - * - * To change the template for this generated file go to - * Window>Preferences>Java>Code Generation>Code and Comments - */ -package at.gv.egovernment.moa.id.util; - -import java.io.IOException; -import javax.servlet.ServletContext; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import at.gv.egovernment.moa.logging.Logger; - -/** - * @author rschamberger - * - * To change the template for this generated type comment go to - * Window>Preferences>Java>Code Generation>Code and Comments - */ -public class HTTPRequestJSPForwarder { - - /** - * Forwards the HttpServletRequest to a customizable JSP Page and serves the Response. <br> - * <ul> - * <li>Logs the message</li> - * </ul> - * - * @param message message text - * @param jspPageURI URI of the JSP page - * @param context the servlet context of the servlet belonging to the req, resp - * @param req servlet request - * @param resp servlet response - */ - public static void forwardNamed( - String message, - String jspPageURI, - ServletContext context, - HttpServletRequest req, - HttpServletResponse resp) { - - if (null != message) { - Logger.info(message); - req.setAttribute("Message", message); - } - - //forward this to the given jsp page where the HTML response is generated - try { - context.getRequestDispatcher(jspPageURI).forward(req, resp); - } catch (IOException e) { - Logger.error(e); - } catch (ServletException e) { - Logger.error(e); - } - } - - /** - * Forwards the HttpServletRequest to the customizable JSP Page 'message.jsp' and serves the Response. <br> - * <ul> - * <li>Logs the message</li> - * </ul> - * - * @param message message text - * @param context the servlet context of the servlet belonging to the req, resp - * @param req servlet request - * @param resp servlet response - */ - public static void forwardDefault( - String message, - ServletContext context, - HttpServletRequest req, - HttpServletResponse resp) { - forwardNamed(message, "/message.jsp", context, req, resp); - } -}
\ No newline at end of file diff --git a/id.server/src/at/gv/egovernment/moa/id/util/HTTPUtils.java b/id.server/src/at/gv/egovernment/moa/id/util/HTTPUtils.java deleted file mode 100644 index 270b0c968..000000000 --- a/id.server/src/at/gv/egovernment/moa/id/util/HTTPUtils.java +++ /dev/null @@ -1,63 +0,0 @@ -package at.gv.egovernment.moa.id.util; - -/** - * HTTP Utilities - * - * @author Rudolf Schamberger - * @version $Id$ - */ - -import java.io.BufferedInputStream; -import java.io.BufferedReader; -import java.io.IOException; -import java.io.InputStream; -import java.io.InputStreamReader; -import java.io.Reader; -import java.net.HttpURLConnection; -import java.net.URL; - -import org.apache.regexp.RE; - -/** - * - * @author Rudolf Schamberger - * - */ -public class HTTPUtils { - - /** - * Utility used to obtainin correct encoded HTTP content. - * Reads a given Content adressed by HTTP-URL into String. - * Content encoding is considered by using the Content-Type HTTP header charset value. - * @param URL HTTP URL to read from. - * @return String representation of content - * @throws IOException on data-reading problems - */ - public static String readHttpURL(String URL) - throws IOException { - - URL url = new URL(URL); - HttpURLConnection conn = (HttpURLConnection)url.openConnection(); - conn.setRequestMethod("GET"); - String contentType = conn.getContentType(); - RE regExp = new RE("(;.*charset=)(\"*)(.*[^\"])"); - boolean charsetSupplied = regExp.match(contentType); - String encoding = "ISO-8859-1"; //default HTTP encoding - if (charsetSupplied) { - encoding = regExp.getParen(3); - } - //TODO RS TEST if this works on all platforms - InputStream instream = new BufferedInputStream(conn.getInputStream()); - InputStreamReader isr = new InputStreamReader(instream, encoding); - Reader in = new BufferedReader(isr); - int ch; - StringBuffer buffer = new StringBuffer(); - while ((ch = in.read()) > -1) { - buffer.append((char)ch); - } - in.close(); - conn.disconnect(); - return buffer.toString(); - } - -} diff --git a/id.server/src/at/gv/egovernment/moa/id/util/InOrderServletRequestWrapper.java b/id.server/src/at/gv/egovernment/moa/id/util/InOrderServletRequestWrapper.java deleted file mode 100644 index 78d0a0db0..000000000 --- a/id.server/src/at/gv/egovernment/moa/id/util/InOrderServletRequestWrapper.java +++ /dev/null @@ -1,345 +0,0 @@ -/* - * Created on 01.10.2004 - * - * @author rschamberger - * $ID$ - */ -package at.gv.egovernment.moa.id.util; - -import java.io.IOException; -import java.util.Enumeration; -import java.util.Hashtable; -import java.util.StringTokenizer; -import java.util.Vector; - -import javax.servlet.ServletInputStream; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.ServletContext; -import javax.servlet.http.HttpServletRequestWrapper; - -import at.gv.egovernment.moa.util.URLDecoder; - -/** - * Special ServletRequestWrapper class which provides a more precise implementation of the getParameter* - * family. This implementation cares about the order of the parameters from Query String and HTTP POST - * Body. Use this as Filter class for Servlets which such needs. - * - * @author Rudolf Schamberger - * @version $Id$ - */ -public class InOrderServletRequestWrapper extends HttpServletRequestWrapper { - - /** - * standard encoding used to decode the URL string. - */ - // - public static final String DEFAULT_CHARACTER_ENCODING = "ISO-8859-1"; - /** - * Vector that stores the order of the query paramters - */ - private Vector queryParamOrder; - - /** - * Hashtable that stores the content of the query paramters - */ - private Hashtable queryParameters; - - /** - * Vector that stores the order of the HTTP body paramters - */ - private Vector bodyParamOrder; - - /** - * Hashtable that stores the content of the HTTP body paramters - */ - private Hashtable bodyParameters; - - /** - * ServletContext - */ - private ServletContext context; - - /** - * Identifier used to identify query parameters - */ - public static final int QUERY_PARAM = 1; - - /** - * Identifier used to identify HTTP body parameters - */ - public static final int BODY_PARAM = 2; - - /** - * @see HttpServletRequestWrapper - */ - public InOrderServletRequestWrapper(final HttpServletRequest request, final ServletContext sContext) { - super(request); - this.context = sContext; - } - - /** - * parses the Query and if availlable also HTTP POST parameters - * - * @param req a <code>HttpServletRequest</code> which should be parsed - */ - protected final void parseParameters(final HttpServletRequest req) - { - queryParamOrder = new Vector(); - queryParameters = new Hashtable(); - bodyParamOrder = new Vector(); - bodyParameters = new Hashtable(); - - //Insert code for Query string parsing - String rawQuery = req.getQueryString(); - queryParameters = tokenize(queryParameters, queryParamOrder, rawQuery, DEFAULT_CHARACTER_ENCODING); - - //analyze HTTP Post body parameters - if (req.getMethod().equalsIgnoreCase("POST")) - { - //get body encoding - String enc = req.getCharacterEncoding(); - if (enc == null) enc = DEFAULT_CHARACTER_ENCODING; - - if (req.getContentType().equals("application/x-www-form-urlencoded")) - { - try - { - bodyParameters = parsePostData(bodyParameters, req.getContentLength(), req.getInputStream(), enc); - } - catch (IOException e) - { - context.log("could not open input stream of reqest \n" + e.toString()); - } - } - else - { - //TODO add multipart code - context.log( - "ERROR other Content-Types than 'application/x-www-form-urlencoded' not supported!"); - } - - }// end POST - } - - /** - * parses the HTTP POST parameters - * - * @param ht parameter Hashtable to put parameters in. - * @param length of content - * @param instream the ServletInputStream of the request - * @param encoding encoding of the instream - * - * @return the Hashtable with the parsed data - */ - private Hashtable parsePostData(Hashtable ht, final int length, final ServletInputStream instream, - final String encoding) - { - int inputLen, offset; - byte[] postedBytes = null; - boolean dataRemaining = true; - String postedBody; - - StringBuffer sb = new StringBuffer(); - - if (length <= 0) - { - return null; - } - - postedBytes = new byte[length]; - try - { - offset = 0; - while (dataRemaining) - { - inputLen = instream.read(postedBytes, offset, length - offset); - if (inputLen <= 0) - { - throw new IOException("read error during reading the HTTP POST body"); - } - offset += inputLen; - if ((length - offset) == 0) - { - dataRemaining = false; - } - } - } - catch (IOException e) - { - System.out.println("Exception =" + e); - return null; - } - - postedBody = new String(postedBytes); - Hashtable ht2 = tokenize(ht, bodyParamOrder, postedBody, encoding); - return ht2; - } - - - /** - * tokenizes parameter strings - * - * @param ht parameter Hashtable to put parameters in. - * @param order Vector in which the order of the tokenized parameters will be stored. - * @param parameterString String to tokenize. - * @param encoding which will be used to decode the parameterString. - * - * @return the Hashtable with the parsed data - */ - private Hashtable tokenize(Hashtable ht, Vector order, final String parameterString, final String encoding) - { - String[] valArray = null; - - if (null == parameterString) return ht; - - StringTokenizer st = new StringTokenizer(parameterString, "&"); - - String key = null; - String val = null; - - while (st.hasMoreTokens()) - { - String pair = (String) st.nextToken(); - int pos = pair.indexOf('='); - if (pos == -1) - { - throw new IllegalArgumentException(); - } - try - { - key = URLDecoder.decode(pair.substring(0, pos), encoding); - val = URLDecoder.decode(pair.substring(pos + 1, pair.length()), encoding); - } - catch (Exception e) - { - throw new IllegalArgumentException(); - } - if (ht.containsKey(key)) - { - String oldVals[] = (String[]) ht.get(key); - valArray = new String[oldVals.length + 1]; - for (int i = 0; i < oldVals.length; i++) - { - valArray[i] = oldVals[i]; - } - valArray[oldVals.length] = val; - } - else - { - valArray = new String[1]; - valArray[0] = val; - } - ht.put(key, valArray); - order.addElement(key); - } - return ht; - - } - - /** - * Returns the value of a request parameter as a <code>String</code>, or <code>null</code> if the - * parameter does not exist. Request parameters are extra information sent with the request. For HTTP - * servlets, parameters are contained in the query string or posted form data. - * - * <p> - * You should only use this method when you are sure the parameter has only one value. If the parameter - * might have more than one value, use {@link #getParameterValues}. - * - * <p> - * If you use this method with a multivalued parameter, the value returned is equal to the first value in - * the array returned by <code>getParameterValues</code>. - * - * <p> - * If the parameter data was sent in the request body, such as occurs with an HTTP POST request, then - * reading the body directly via {@link#getInputStream} or {@link #getReader}can interfere with the - * execution of this method. - * - * @param name a <code>String</code> containing the name of the parameter whose value is requested - * - * @return a <code>String</code> representing the single value of the parameter - * - * @see #getParameterValues - * - */ - public final String getParameter(final String name) { - String val = getParameter(name, QUERY_PARAM); - return (null != val) ? val : getParameter(name, BODY_PARAM); - } - - /** - * Returns the value of a request parameter as a <code>String</code>, or <code>null</code> if the - * parameter does not exist. - * - * @param name a <code>String</code> containing the name of the parameter whose value is requested - * @param parameterType type of parameter - * @see at.gv.egovernment.moa.id.util.ParametersInOrderServlet#QUERY_PARAM - * and @see at.gv.egovernment.moa.id.util.ParametersInOrderServlet#BODY_PARAM - * @see getParameterValues(String name); - * @return value of the (single) parameter or null if not availlable - **/ - public final String getParameter(final String name, final int parameterType) - { - - Hashtable parameters = (parameterType == QUERY_PARAM) ? queryParameters : bodyParameters; - String[] vals = (String[]) parameters.get(name); - if (vals == null) - { - return null; - } - return vals[0]; - } - - - /** - * Returns an array of <code>String</code> objects containing all of the values the given request - * parameter has, or <code>null</code> if the parameter does not exist. - * - * <p> - * If the parameter has a single value, the array has a length of 1. - * - * @param name a <code>String</code> containing the name of the parameter whose value is requested - * @param parameterType type of parameter - * @see at.gv.egovernment.moa.id.util.ParametersInOrderServlet#QUERY_PARAM - * and @see at.gv.egovernment.moa.id.util.ParametersInOrderServlet#BODY_PARAM - * @return an array of <code>String</code> objects containing the parameter's values or null - * - * @see #getParameter - */ - public final String getParameterValues(final String name, final int parameterType) - { - Hashtable parameters = (parameterType == QUERY_PARAM) ? queryParameters : bodyParameters; - String[] vals = (String[]) parameters.get(name); - if (vals == null) - { - return null; - } - String vallist = vals[0]; - for (int i = 1; i < vals.length; i++) - { - vallist = vallist + "," + vals[i]; - } - return vallist; - } - - /** - * - * Returns an <code>Enumeration</code> of <code>String</code> objects containing the names of the - * parameters contained in this request. If the request has no parameters, the method returns an empty - * <code>Enumeration</code>. - * @param parameterType type of parameter - * @see at.gv.egovernment.moa.id.util.ParametersInOrderServlet#QUERY_PARAM - * and @see at.gv.egovernment.moa.id.util.ParametersInOrderServlet#BODY_PARAM - * - * @return an <code>Enumeration</code> of <code>String</code> objects, each <code>String</code> - * containing the name of a request parameter; or an empty <code>Enumeration</code> if the - * request has no parameters - * - */ - public final Enumeration getParameterNames(final int parameterType) - { - if (QUERY_PARAM == parameterType) - return queryParamOrder.elements(); - else - return bodyParamOrder.elements(); - } -} //End InOrderServletRequestWrapper
\ No newline at end of file diff --git a/id.server/src/at/gv/egovernment/moa/id/util/MOAIDMessageProvider.java b/id.server/src/at/gv/egovernment/moa/id/util/MOAIDMessageProvider.java deleted file mode 100644 index d31aa6ec1..000000000 --- a/id.server/src/at/gv/egovernment/moa/id/util/MOAIDMessageProvider.java +++ /dev/null @@ -1,58 +0,0 @@ -package at.gv.egovernment.moa.id.util; - -import java.util.Locale; - -import at.gv.egovernment.moa.util.Messages; - -/** - * A singleton wrapper around a <code>Message</code> object, providing the messages used in MOA-ID. - * - * @author Paul Ivancsics - * @version $Id$ - */ -public class MOAIDMessageProvider { - - /** DEFAULT_MESSAGE_RESOURCES are resources/properties/id_messages */ - private static final String[] DEFAULT_MESSAGE_RESOURCES = - { "resources/properties/id_messages" }; - /** DEFAULT_MESSAGE_LOCALES are "de", "AT" */ - private static final Locale[] DEFAULT_MESSAGE_LOCALES = - new Locale[] { new Locale("de", "AT") }; - /** The instance for our singleton */ - private static MOAIDMessageProvider instance; - /** The Messages */ - private Messages messages; - - /** - * Returns the single instance of <code>MOAIDMessageProvider</code>. - * - * @return the single instance of <code>MOAIDMessageProvider</code> - */ - public static MOAIDMessageProvider getInstance() { - if (instance == null) - instance = new MOAIDMessageProvider(DEFAULT_MESSAGE_RESOURCES, DEFAULT_MESSAGE_LOCALES); - return instance; - } - - /** - * Create a <code>MOAIDMessageProvider</code>. - * - * @param resourceNames The names of the resources containing the messages. - * @param locales The corresponding locales. - */ - protected MOAIDMessageProvider(String[] resourceNames, Locale[] locales) { - this.messages = new Messages(resourceNames, locales); - } - - /** - * Get the message corresponding to a given message ID. - * - * @param messageId The ID of the message. - * @param parameters The parameters to fill in into the message arguments. - * @return The formatted message. - */ - public String getMessage(String messageId, Object[] parameters) { - return messages.getMessage(messageId, parameters); - } - -} diff --git a/id.server/src/at/gv/egovernment/moa/id/util/ParameterInOrderFilter.java b/id.server/src/at/gv/egovernment/moa/id/util/ParameterInOrderFilter.java deleted file mode 100644 index 3f5fddba2..000000000 --- a/id.server/src/at/gv/egovernment/moa/id/util/ParameterInOrderFilter.java +++ /dev/null @@ -1,62 +0,0 @@ -package at.gv.egovernment.moa.id.util; - -import java.io.IOException; - -import javax.servlet.Filter; -import javax.servlet.FilterChain; -import javax.servlet.FilterConfig; -import javax.servlet.ServletException; -import javax.servlet.ServletRequest; -import javax.servlet.ServletResponse; -import javax.servlet.http.HttpServletRequest; - -/** - * @author rschamberger - * - */ -/** - * A Filter class wich uses the InOrderServletRequestWrapper to provide servlets a more precise - * implementation of the getParameter* family. This implementation cares about the order of the parameters - * from Query String and HTTP POST Body. Use this as Filter class for Servlets which such needs. - * - * @author Rudolf Schamberger - * @version $Id$ - */ -public class ParameterInOrderFilter implements Filter -{ - - /** - * filterConfig - */ - private FilterConfig filterConfig; - - /** - * @see javax.servlet.Filter#init(javax.servlet.FilterConfig) - */ - public final void init(final FilterConfig config) - { - this.filterConfig = config; - } - - /** - * @see javax.servlet.Filter#destroy() - */ - public final void destroy() - { - }; - - /** - * @see javax.servlet.Filter#doFilter(javax.servlet.ServletRequest, javax.servlet.ServletResponse, - * javax.servlet.FilterChain) - */ - public final void doFilter(final ServletRequest request, final ServletResponse response, - final FilterChain chain) throws IOException, ServletException - { - InOrderServletRequestWrapper sRequ = new InOrderServletRequestWrapper((HttpServletRequest) request, - filterConfig.getServletContext()); - //parse the Query (and Body) parameters - sRequ.parseParameters((HttpServletRequest) request); - //process the rest of filter chain - chain.doFilter(sRequ, response); - } -}
\ No newline at end of file diff --git a/id.server/src/at/gv/egovernment/moa/id/util/Random.java b/id.server/src/at/gv/egovernment/moa/id/util/Random.java deleted file mode 100644 index da75b4213..000000000 --- a/id.server/src/at/gv/egovernment/moa/id/util/Random.java +++ /dev/null @@ -1,22 +0,0 @@ -package at.gv.egovernment.moa.id.util; - -import java.util.Date; - -/** - * Random number generator used to generate ID's - * @author Paul Ivancsics - * @version $Id$ - */ -public class Random { - - /** random number generator used */ - private static java.util.Random random = new java.util.Random(new Date().getTime()); - /** - * Creates a new random number, to be used as an ID. - * - * @return random long as a String - */ - public static String nextRandom() { - return "" + random.nextLong(); - } -} diff --git a/id.server/src/at/gv/egovernment/moa/id/util/SSLUtils.java b/id.server/src/at/gv/egovernment/moa/id/util/SSLUtils.java deleted file mode 100644 index bd64b5a42..000000000 --- a/id.server/src/at/gv/egovernment/moa/id/util/SSLUtils.java +++ /dev/null @@ -1,175 +0,0 @@ -package at.gv.egovernment.moa.id.util; - -import iaik.pki.PKIConfiguration; -import iaik.pki.PKIException; -import iaik.pki.PKIFactory; -import iaik.pki.PKIProfile; -import iaik.pki.jsse.IAIKX509TrustManager; - -import java.io.BufferedInputStream; -import java.io.BufferedReader; -import java.io.IOException; -import java.io.InputStream; -import java.io.InputStreamReader; -import java.io.Reader; -import java.net.URL; -import java.security.GeneralSecurityException; -import java.security.Security; -import java.util.HashMap; -import java.util.Map; - -import javax.net.ssl.SSLSocketFactory; - -import org.apache.regexp.RE; - -import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.ConfigurationProvider; -import at.gv.egovernment.moa.id.config.ConnectionParameter; -import at.gv.egovernment.moa.id.iaik.config.PKIConfigurationImpl; -import at.gv.egovernment.moa.id.iaik.pki.PKIProfileImpl; -import at.gv.egovernment.moa.id.iaik.pki.jsse.MOAIDTrustManager; -import at.gv.egovernment.moa.logging.Logger; -import com.sun.net.ssl.HttpsURLConnection; -import com.sun.net.ssl.KeyManager; -import com.sun.net.ssl.SSLContext; -import com.sun.net.ssl.TrustManager; - -/** - * Utility for a obtaining a secure socket factory using <code>IAIKX509TrustManager</code>. - * This <code>TrustManager</code> implementation features CRL checking.<br/> - * <code>SSLUtils</code> caches secure socket factories for given <code>ConnectionParameter</code>s. - * - * @author Paul Ivancsics - * @version $Id$ - */ -public class SSLUtils { - - /** SSLSocketFactory store, mapping URL->SSLSocketFactory **/ - private static Map sslSocketFactories = new HashMap(); - - /** - * Initializes the SSLSocketFactory store. - */ - public static void initialize() { - sslSocketFactories = new HashMap(); - Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider()); - System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol"); - } - - /** - * Creates an <code>SSLSocketFactory</code> which utilizes an - * <code>IAIKX509TrustManager</code> for the given trust store, - * and the given key store. - * - * @param conf configuration provider providing a generic properties pointing - * to trusted CA store and certificate store root - * @param connParam connection parameter containing the client key store settings - * to be used in case of client authentication; - * if <code>connParam.getClientKeyStore() == null</code>, client authentication - * is assumed to be disabled - * @return <code>SSLSocketFactory</code> to be used by an <code>HttpsURLConnection</code> - * @throws IOException thrown while reading key store file - * @throws GeneralSecurityException thrown while creating the socket factory - * @throws ConfigurationException on invalid configuration data - * @throws PKIException while initializing the <code>IAIKX509TrustManager</code> - */ - public static SSLSocketFactory getSSLSocketFactory( - ConfigurationProvider conf, - ConnectionParameter connParam) - throws IOException, GeneralSecurityException, ConfigurationException, PKIException { - - Logger.debug("Get SSLSocketFactory for " + connParam.getUrl()); - // retrieve SSLSocketFactory if already created - SSLSocketFactory ssf = (SSLSocketFactory)sslSocketFactories.get(connParam.getUrl()); - if (ssf != null) - return ssf; - // else create new SSLSocketFactory - String trustStoreURL = conf.getTrustedCACertificates(); - if (trustStoreURL == null) - throw new ConfigurationException( - "config.08", new Object[] {"TrustedCACertificates"}); - String acceptedServerCertURL = connParam.getAcceptedServerCertificates(); - TrustManager[] tms = getTrustManagers(conf, trustStoreURL, acceptedServerCertURL); - KeyManager[] kms = at.gv.egovernment.moa.util.SSLUtils.getKeyManagers( - "pkcs12", connParam.getClientKeyStore(), connParam.getClientKeyStorePassword()); - SSLContext ctx = SSLContext.getInstance("TLS"); - ctx.init(kms, tms, null); - ssf = ctx.getSocketFactory(); - // store SSLSocketFactory - sslSocketFactories.put(connParam.getUrl(), ssf); - return ssf; - } - - /** - * Initializes an <code>IAIKX509TrustManager</code> for a given trust store, - * using configuration data. - * - * @param conf MOA-ID configuration provider - * @param trustStoreURL trust store URL - * @param acceptedServerCertURL file URL pointing to directory containing accepted server SSL certificates - * @return <code>TrustManager</code> array containing the <code>IAIKX509TrustManager</code> - * @throws ConfigurationException on invalid configuration data - * @throws IOException on data-reading problems - * @throws PKIException while initializing the <code>IAIKX509TrustManager</code> - */ - public static TrustManager[] getTrustManagers( - ConfigurationProvider conf, String trustStoreURL, String acceptedServerCertURL) - throws ConfigurationException, PKIException, IOException, GeneralSecurityException { - - PKIConfiguration cfg = null; - if (! PKIFactory.getInstance().isAlreadyConfigured()) - cfg = new PKIConfigurationImpl(conf); - String boolString = conf.getGenericConfigurationParameter(ConfigurationProvider.TRUST_MANAGER_REVOCATION_CHECKING); - //not using BoolUtils because default value hast to be true! - boolean checkRevocation = !("false".equals(boolString) || "0".equals(boolString)); - PKIProfile profile = new PKIProfileImpl(trustStoreURL, checkRevocation); - // This call fixes a bug occuring when PKIConfiguration is - // initialized by the MOA-SP initialization code, in case - // MOA-SP is called by API - MOAIDTrustManager.initializeLoggingContext(); - IAIKX509TrustManager tm = new MOAIDTrustManager(acceptedServerCertURL); - tm.init(cfg, profile); - return new TrustManager[] {tm}; - } - /** - * Reads a file, given by URL, into a byte array, - * securing the connection by IAIKX509TrustManager. - * @param connParam containing URL and accepted server certificates - * @param conf ConfigurationProvider for reading - * @return String representation of content - * @throws ConfigurationException on invalid configuration data - * @throws PKIException on invalid configuration data - * @throws IOException on data-reading problems - * @throws GeneralSecurityException on security issues - */ - public static String readHttpsURL(ConfigurationProvider conf, ConnectionParameter connParam) - throws ConfigurationException, PKIException, IOException, GeneralSecurityException { - - URL url = new URL(connParam.getUrl()); - HttpsURLConnection conn = (HttpsURLConnection)url.openConnection(); - conn.setRequestMethod("GET"); - conn.setDoInput(true); - SSLSocketFactory sslSocketFactory = getSSLSocketFactory(conf, connParam); - conn.setSSLSocketFactory(sslSocketFactory); - conn.connect(); - String contentType = conn.getContentType(); - RE regExp = new RE("(;.*charset=)(\"*)(.*[^\"])"); - boolean charsetSupplied = regExp.match(contentType); - String encoding = "ISO-8859-1"; //default HTTP encoding - if (charsetSupplied) { - encoding = regExp.getParen(3); - } - //TODO RS TEST if this works on other platforms - InputStream instream = new BufferedInputStream(conn.getInputStream()); - InputStreamReader isr = new InputStreamReader(instream, encoding); - Reader in = new BufferedReader(isr); - int ch; - StringBuffer buffer = new StringBuffer(); - while ((ch = in.read()) > -1) { - buffer.append((char)ch); - } - in.close(); - conn.disconnect(); - return buffer.toString(); - } -} |