diff options
Diffstat (limited to 'id.server/src')
5 files changed, 341 insertions, 17 deletions
diff --git a/id.server/src/at/gv/egovernment/moa/id/config/ConfigurationProvider.java b/id.server/src/at/gv/egovernment/moa/id/config/ConfigurationProvider.java index 48e82011d..e65c47bad 100644 --- a/id.server/src/at/gv/egovernment/moa/id/config/ConfigurationProvider.java +++ b/id.server/src/at/gv/egovernment/moa/id/config/ConfigurationProvider.java @@ -64,6 +64,20 @@ public class ConfigurationProvider { */ protected String trustedCACertificates; + /** + * main configuration file directory name used to configure MOA-ID + */ + protected String rootConfigFileDir; + + /** + * Returns the main configuration file directory used to configure MOA-ID + * + * @return the directory + */ + public String getRootConfigFileDir() { + return rootConfigFileDir; + } + /** * Returns the mapping of generic configuration properties. * diff --git a/id.server/src/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java b/id.server/src/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java index 2e133130c..a722868e0 100644 --- a/id.server/src/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java +++ b/id.server/src/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java @@ -81,11 +81,6 @@ public class AuthConfigurationProvider extends ConfigurationProvider { // // configuration data // - - /** - * main configuration file directory name used to configure MOA-ID - */ - private String rootConfigFileDir; /** * configuration files containing transformations for rendering in the diff --git a/id.server/src/at/gv/egovernment/moa/id/config/proxy/ProxyConfigurationProvider.java b/id.server/src/at/gv/egovernment/moa/id/config/proxy/ProxyConfigurationProvider.java index 622ae6f82..5859d2ae9 100644 --- a/id.server/src/at/gv/egovernment/moa/id/config/proxy/ProxyConfigurationProvider.java +++ b/id.server/src/at/gv/egovernment/moa/id/config/proxy/ProxyConfigurationProvider.java @@ -35,10 +35,6 @@ public class ProxyConfigurationProvider extends ConfigurationProvider { /** Singleton instance. <code>null</code>, if none has been created. */ private static ProxyConfigurationProvider instance; - /** - * main configuration file directory name used to configure MOA-ID - */ - private String rootConfigFileDir; // // configuration data @@ -133,6 +129,8 @@ public class ProxyConfigurationProvider extends ConfigurationProvider { throw new ConfigurationException("config.03", null, t); } + //TODO enhance: use the getter method in makeAbsoluteURL + // build the internal datastructures builder = new ConfigurationBuilder(configElem, rootConfigFileDir); authComponentConnectionParameter = builder.buildAuthComponentConnectionParameter(); diff --git a/id.server/src/at/gv/egovernment/moa/id/iaik/config/CertStoreConfigurationImpl.java b/id.server/src/at/gv/egovernment/moa/id/iaik/config/CertStoreConfigurationImpl.java index 421286876..012dbfbe3 100644 --- a/id.server/src/at/gv/egovernment/moa/id/iaik/config/CertStoreConfigurationImpl.java +++ b/id.server/src/at/gv/egovernment/moa/id/iaik/config/CertStoreConfigurationImpl.java @@ -5,6 +5,7 @@ import java.io.File; import at.gv.egovernment.moa.id.config.ConfigurationException; import at.gv.egovernment.moa.id.config.ConfigurationProvider; import at.gv.egovernment.moa.id.iaik.servertools.observer.ObservableImpl; +import at.gv.egovernment.moa.util.FileUtils; import iaik.pki.store.certstore.CertStoreConfiguration; import iaik.pki.store.certstore.CertStoreParameters; import iaik.pki.store.certstore.CertStoreTypes; @@ -31,16 +32,20 @@ public class CertStoreConfigurationImpl extends ObservableImpl */ public CertStoreConfigurationImpl(ConfigurationProvider conf) throws ConfigurationException { String paramName = ConfigurationProvider.DIRECTORY_CERTSTORE_PARAMETER_PROPERTY; - String rootDirParam = conf.getGenericConfigurationParameter(paramName); - if (rootDirParam == null) + String certStoreRootDirParam = conf.getGenericConfigurationParameter(paramName); + if (certStoreRootDirParam == null) throw new ConfigurationException( "config.08", new Object[] {paramName}); - File f = new File(rootDirParam); - if (f.isDirectory()) - rootDirectory = f.getAbsolutePath(); - else - throw new ConfigurationException( - "config.05", new Object[] {paramName}); + + System.out.print("certStoreRootDirParam: " + certStoreRootDirParam); + System.out.print("configRootDirectory: " + getRootDirectory()); + + rootDirectory = FileUtils.makeAbsoluteURL(certStoreRootDirParam, getRootDirectory()); + + File f = new File(rootDirectory); + if (!f.isDirectory()) + throw new ConfigurationException( + "config.05", new Object[] {paramName}); parameters = new CertStoreParameters[] { this }; } diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/OldXMLLoginParameterResolver.java b/id.server/src/at/gv/egovernment/moa/id/proxy/OldXMLLoginParameterResolver.java new file mode 100644 index 000000000..c53ed30a6 --- /dev/null +++ b/id.server/src/at/gv/egovernment/moa/id/proxy/OldXMLLoginParameterResolver.java @@ -0,0 +1,312 @@ +package at.gv.egovernment.moa.id.proxy; + +import at.gv.egovernment.moa.id.config.proxy.OAConfiguration; +import at.gv.egovernment.moa.id.data.AuthenticationData; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.Base64Utils; +import java.io.IOException; +import java.util.*; +import org.apache.xerces.parsers.DOMParser; +import org.w3c.dom.*; + +// Referenced classes of package at.gv.egovernment.moa.id.proxy: +// LoginParameterResolver +// Old Implementation of XMLLoginParameterResolver (used to migrate old labs applications rapidely to +// version 1.1.1 of MOA-ID +// TODO RS migrate this to XMLLoginParameterResolver + + +public class OldXMLLoginParameterResolver + implements LoginParameterResolver +{ + private String configuration; + + class LPRParams + { + + public boolean getEnabled() + { + return enabled.booleanValue(); + } + + public String getUN() + { + return UN; + } + + public String getPW() + { + return PW; + } + + public String getParam1() + { + return Param1; + } + + public String getParam2() + { + return Param2; + } + + public String getParam3() + { + return Param3; + } + + public String toString() + { + return "Enabled:" + enabled.toString() + "UN: '" + UN + "' PW: '" + PW + "' Param1: '" + Param1 + "' Param2: '" + Param2 + "' Param3: '" + Param3 + "'\n"; + } + + private Boolean enabled; + private String UN; + private String PW; + private String Param1; + private String Param2; + private String Param3; + + LPRParams(boolean enabled, String UN, String PW, String Param1, String Param2, String Param3) + { + this.enabled = new Boolean(enabled); + this.UN = UN; + this.PW = PW; + this.Param1 = Param1; + this.Param1 = Param2; + this.Param1 = Param3; + } + + LPRParams(boolean enabled, String UN, String PW) + { + this(enabled, UN, PW, null, null, null); + } + } + + + + public OldXMLLoginParameterResolver() + { + bPKMap = new HashMap(); + namedMap = new HashMap(); + + } + + public Map getAuthenticationHeaders(OAConfiguration oaConf, AuthenticationData authData, String clientIPAddress) + { + Map result = new HashMap(); + if(oaConf.getAuthType().equals("basic")) + { + String famName = resolveValue("MOAFamilyName", authData, clientIPAddress); + String givenName = resolveValue("MOAGivenName", authData, clientIPAddress); + String bPK = resolveValue("MOAVPK", authData, clientIPAddress); + String userid = ""; + String password = ""; + LPRParams params = null; + boolean userFound = false; + Logger.debug("OldXMLLoginParameterResolver: search for automatic login data for bPK:" + bPK); + params = (LPRParams)bPKMap.get(bPK); + if(params == null) + Logger.debug("OldXMLLoginParameterResolver: params for bPK: " + bPK + " not found!"); + else + if(params.getEnabled()) + { + Logger.debug("OldXMLLoginParameterResolver: bPK: " + bPK + "found in list; user is enabled"); + Logger.debug("OldXMLLoginParameterResolver: using: " + params.toString()); + userid = params.getUN(); + password = params.getPW(); + userFound = true; + } else + { + Logger.info("OldXMLLoginParameterResolver: bPK: " + bPK + "found in list; user is NOT enabled"); + } + if(!userFound) + { + Logger.debug("OldXMLLoginParameterResolver: search for automatic login data for SurName:" + famName + " GivenName: " + givenName); + params = (LPRParams)namedMap.get(famName + "," + givenName); + if(params == null) + Logger.debug("OldXMLLoginParameterResolver: params for Surname: " + famName + " GivenName: " + givenName + " not found!"); + else + if(params.getEnabled()) + { + Logger.debug("OldXMLLoginParameterResolver: SurName:" + famName + " GivenName: " + givenName + "found in list; user is enabled"); + Logger.debug("OldXMLLoginParameterResolver: using: " + params.toString()); + userid = params.getUN(); + password = params.getPW(); + userFound = true; + } else + { + Logger.info("OldXMLLoginParameterResolver: SurName:" + famName + " GivenName: " + givenName + "found in list; user is NOT enabled"); + } + } + if(!userFound) + { + Logger.info("OldXMLLoginParameterResolver: Person is not allowed No automatic login"); + return result; + } + try + { + String userIDPassword = userid + ":" + password; + String credentials = Base64Utils.encode(userIDPassword.getBytes()); + Logger.debug("OldXMLLoginParameterResolver: calculated credentials: " + credentials); + result.put("Authorization", "Basic " + credentials); + } + catch(IOException ignore) { } + } else + if(oaConf.getAuthType().equals("header")) + { + String key; + String resolvedValue; + for(Iterator iter = oaConf.getHeaderAuthMapping().keySet().iterator(); iter.hasNext(); result.put(key, resolvedValue)) + { + key = (String)iter.next(); + String predicate = (String)oaConf.getHeaderAuthMapping().get(key); + resolvedValue = resolveValue(predicate, authData, clientIPAddress); + } + + } + return result; + } + + public Map getAuthenticationParameters(OAConfiguration oaConf, AuthenticationData authData, String clientIPAddress) + { + Map result = new HashMap(); + if(oaConf.getAuthType().equals("param")) + { + String key; + String resolvedValue; + for(Iterator iter = oaConf.getParamAuthMapping().keySet().iterator(); iter.hasNext(); result.put(key, resolvedValue)) + { + key = (String)iter.next(); + String predicate = (String)oaConf.getParamAuthMapping().get(key); + resolvedValue = resolveValue(predicate, authData, clientIPAddress); + } + + } + return result; + } + + private static String resolveValue(String predicate, AuthenticationData authData, String clientIPAddress) + { + if(predicate.equals("MOAGivenName")) + return authData.getGivenName(); + if(predicate.equals("MOAFamilyName")) + return authData.getFamilyName(); + if(predicate.equals("MOADateOfBirth")) + return authData.getDateOfBirth(); + if(predicate.equals("MOAVPK")) + return authData.getVPK(); + if(predicate.equals("MOAPublicAuthority")) + if(authData.isPublicAuthority()) + return "true"; + else + return "false"; + if(predicate.equals("MOABKZ")) + return authData.getPublicAuthorityCode(); + if(predicate.equals("MOAQualifiedCertificate")) + if(authData.isQualifiedCertificate()) + return "true"; + else + return "false"; + if(predicate.equals("MOAZMRZahl")) + return authData.getIdentificationValue(); + if(predicate.equals("MOAIPAddress")) + return clientIPAddress; + else + return null; + } + + private Document readXMLFile(String fileName) + { + Logger.info("OldXMLLoginParameterResolver: Loading MOA-OA configuration " + fileName); + DOMParser parser = new DOMParser(); + try + { + parser.setFeature("http://xml.org/sax/features/validation", true); + parser.setFeature("http://apache.org/xml/features/validation/schema", true); + parser.parse(fileName); + return parser.getDocument(); + } + catch(Exception e) + { + String msg = e.toString(); + Logger.error("OldXMLLoginParameterResolver: Error parsing file" + fileName + "\n" + msg); + return null; + } + } + + private void buildInfo(Document doc) + { + Element root = doc.getDocumentElement(); + NodeList idList = root.getElementsByTagName("Identity"); + NodeList paramList = root.getElementsByTagName("Parameters"); + for(int i = 0; i < idList.getLength(); i++) + Logger.debug("OldXMLLoginParameterResolver: LocalName idList: " + idList.item(i).getLocalName()); + + for(int i = 0; i < paramList.getLength(); i++) + Logger.debug("OldXMLLoginParameterResolver: LocalName paramList: " + paramList.item(i).getLocalName()); + + for(int i = 0; i < idList.getLength(); i++) + { + Element tmpElem = (Element)idList.item(i); + NodeList tmpList = tmpElem.getElementsByTagName("NamedIdentity"); + for(int j = 0; j < tmpList.getLength(); j++) + Logger.debug("OldXMLLoginParameterResolver: LocalName tmp: " + tmpList.item(j).getLocalName()); + + if(1 == tmpList.getLength()) + { + tmpElem = (Element)tmpList.item(0); + String tmpStr = tmpElem.getAttribute("SurName") + "," + tmpElem.getAttribute("GivenName"); + boolean tmpBool = false; + if(tmpElem.getFirstChild() != null && "1".compareTo(tmpElem.getFirstChild().getNodeValue()) == 0) + tmpBool = true; + Logger.debug("OldXMLLoginParameterResolver: tmpStr: " + tmpStr + " value: " + (new Boolean(tmpBool)).toString()); + tmpElem = (Element)paramList.item(i); + Logger.debug("OldXMLLoginParameterResolver: attribute UN: " + tmpElem.getAttribute("UN") + " attribute PW: " + tmpElem.getAttribute("PW")); + namedMap.put(tmpStr, new LPRParams(tmpBool, tmpElem.getAttribute("UN"), tmpElem.getAttribute("PW"))); + } else + { + tmpList = tmpElem.getElementsByTagName("bPKIdentity"); + if(1 == tmpList.getLength()) + { + tmpElem = (Element)tmpList.item(0); + String tmpStr = tmpElem.getAttribute("bPK"); + boolean tmpBool = false; + if(tmpElem.getFirstChild() != null && "1".compareTo(tmpElem.getFirstChild().getNodeValue()) == 0) + tmpBool = true; + Logger.debug("OldXMLLoginParameterResolver: tmpStr: " + tmpStr + " value: " + (new Boolean(tmpBool)).toString()); + tmpElem = (Element)paramList.item(i); + Logger.debug("OldXMLLoginParameterResolver: attribute UN: " + tmpElem.getAttribute("UN") + " attribute PW: " + tmpElem.getAttribute("PW") + " attribute Param1: " + tmpElem.getAttribute("Param1")); + bPKMap.put(tmpStr, new LPRParams(tmpBool, tmpElem.getAttribute("UN"), tmpElem.getAttribute("PW"))); + } else + { + Logger.warn("OldXMLLoginParameterResolver: wrong format no NamedIdentity or bPKIdentity found"); + } + } + } + + Logger.debug("namedMap:" + namedMap.toString()); + Logger.debug("bPKMap:" + bPKMap.toString()); + } + + public static final String XSD_DOCELEM = "MOAIdentities"; + public static final String XSD_IDELEM = "Identity"; + public static final String XSD_NAMEDIDELEM = "NamedIdentity"; + public static final String XSD_BPKIDELEM = "bPKIdentity"; + public static final String XSD_PARAMELEM = "Parameters"; + public static final String XML_LPR_CONFIG_PROPERTY_NAME1 = "moa.id.xmllpr1.configuration"; + private Map bPKMap; + private Map namedMap; + + + public void configure(String configuration) throws LoginParameterResolverException { + Logger.info("OldXMLLoginParameterResolver: initialization string: " + configuration); + this.configuration = configuration; + String fileName = configuration; + if(fileName == null) { + fileName = "file:conf/moa-id/Identities.xml"; + Logger.info("OldXMLLoginParameterResolver: used file name string: " + fileName); + } + Document doc = readXMLFile(fileName); + buildInfo(doc); + } +}
\ No newline at end of file |