aboutsummaryrefslogtreecommitdiff
path: root/id.server
diff options
context:
space:
mode:
Diffstat (limited to 'id.server')
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/config/ConfigurationBuilder.java300
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/config/proxy/ProxyConfigurationBuilder.java265
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/config/proxy/ProxyConfigurationProvider.java9
3 files changed, 318 insertions, 256 deletions
diff --git a/id.server/src/at/gv/egovernment/moa/id/config/ConfigurationBuilder.java b/id.server/src/at/gv/egovernment/moa/id/config/ConfigurationBuilder.java
index 43c018e76..c4483b250 100644
--- a/id.server/src/at/gv/egovernment/moa/id/config/ConfigurationBuilder.java
+++ b/id.server/src/at/gv/egovernment/moa/id/config/ConfigurationBuilder.java
@@ -4,7 +4,6 @@ import iaik.pki.pathvalidation.ChainingModes;
import iaik.utils.RFC2253NameParser;
import iaik.utils.RFC2253NameParserException;
-import java.io.ByteArrayInputStream;
import java.math.BigInteger;
import java.security.Principal;
import java.util.ArrayList;
@@ -13,7 +12,6 @@ import java.util.Hashtable;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
-import java.util.Set;
import java.util.Vector;
import org.w3c.dom.Attr;
@@ -28,8 +26,6 @@ import at.gv.egovernment.moa.id.auth.data.SchemaImpl;
import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
import at.gv.egovernment.moa.id.config.auth.VerifyInfoboxParameter;
import at.gv.egovernment.moa.id.config.auth.VerifyInfoboxParameters;
-import at.gv.egovernment.moa.id.config.proxy.OAConfiguration;
-import at.gv.egovernment.moa.id.config.proxy.OAProxyParameter;
import at.gv.egovernment.moa.id.data.IssuerAndSerial;
import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
import at.gv.egovernment.moa.logging.Logger;
@@ -54,158 +50,116 @@ public class ConfigurationBuilder {
// XPath namespace prefix shortcuts
//
/** an XPATH-Expression */
- private static final String CONF = Constants.MOA_ID_CONFIG_PREFIX + ":";
+ protected static final String CONF = Constants.MOA_ID_CONFIG_PREFIX + ":";
/** an XPATH-Expression */
- private static final String DSIG = Constants.DSIG_PREFIX + ":";
+ protected static final String DSIG = Constants.DSIG_PREFIX + ":";
//
// chaining mode constants appearing in the configuration file
//
/** an XPATH-Expression */
- private static final String CM_CHAINING = "chaining";
+ protected static final String CM_CHAINING = "chaining";
/** an XPATH-Expression */
- private static final String CM_PKIX = "pkix";
+ protected static final String CM_PKIX = "pkix";
/** an XPATH-Expression */
- private static final String DEFAULT_ENCODING = "UTF-8";
-
- /**
- * Default online application configuration file name
- * (used when <code>/OnlineApplication/ProxyComponent@configFileURL</code> is <code>null</code>).
- */
- public static final String DEFAULT_OA_CONFIG_FILENAME = "MOAConfig.xml";
+ protected static final String DEFAULT_ENCODING = "UTF-8";
//
// XPath expressions to select certain parts of the configuration
//
/** an XPATH-Expression */
- private static final String ROOT = "/" + CONF + "MOA-IDConfiguration/";
- /** an XPATH-Expression */
- private static final String ROOTOA = "/" + CONF + "Configuration/";
+ protected static final String ROOT = "/" + CONF + "MOA-IDConfiguration/";
+
/** an XPATH-Expression */
- private static final String AUTH_BKU_XPATH =
+ protected static final String AUTH_BKU_XPATH =
ROOT + CONF + "AuthComponent/" + CONF + "BKUSelection";
/** an XPATH-Expression */
- private static final String AUTH_BKUSELECT_TEMPLATE_XPATH =
+ protected static final String AUTH_BKUSELECT_TEMPLATE_XPATH =
ROOT + CONF + "AuthComponent/" + CONF + "Templates/" + CONF + "BKUSelectionTemplate/@URL";
/** an XPATH-Expression */
- private static final String AUTH_TEMPLATE_XPATH =
+ protected static final String AUTH_TEMPLATE_XPATH =
ROOT + CONF + "AuthComponent/" + CONF + "Templates/" + CONF + "Template/@URL";
/** an XPATH-Expression */
public static final String AUTH_SECLAYER_TRANSFORMS_INFO_FILENAME_XPATH =
ROOT + CONF + "AuthComponent/" + CONF + "SecurityLayer/" + CONF + "TransformsInfo/@filename";
/** an XPATH-Expression */
- private static final String AUTH_MOA_SP_XPATH =
+ protected static final String AUTH_MOA_SP_XPATH =
ROOT + CONF + "AuthComponent/" + CONF + "MOA-SP";
/** an XPATH-Expression */
- private static final String AUTH_MOA_SP_VERIFY_IDENTITY_TRUST_ID_XPATH =
+ protected static final String AUTH_MOA_SP_VERIFY_IDENTITY_TRUST_ID_XPATH =
ROOT + CONF + "AuthComponent/" + CONF + "MOA-SP/" + CONF + "VerifyIdentityLink/" + CONF + "TrustProfileID";
/** an XPATH-Expression */
- private static final String AUTH_MOA_SP_VERIFY_AUTH_TRUST_ID_XPATH =
+ protected static final String AUTH_MOA_SP_VERIFY_AUTH_TRUST_ID_XPATH =
ROOT + CONF + "AuthComponent/" + CONF + "MOA-SP/" + CONF + "VerifyAuthBlock/" + CONF + "TrustProfileID";
/** an XPATH-Expression */
- private static final String AUTH_MOA_SP_VERIFY_AUTH_VERIFY_ID_XPATH =
+ protected static final String AUTH_MOA_SP_VERIFY_AUTH_VERIFY_ID_XPATH =
ROOT + CONF + "AuthComponent/" + CONF + "MOA-SP/" + CONF + "VerifyAuthBlock/" + CONF + "VerifyTransformsInfoProfileID";
/** an XPATH-Expression */
- private static final String AUTH_IDENTITY_LINK_X509SUBJECTNAME_XPATH =
+ protected static final String AUTH_IDENTITY_LINK_X509SUBJECTNAME_XPATH =
ROOT + CONF + "AuthComponent/" + CONF + "IdentityLinkSigners/" + CONF + "X509SubjectName";
/** an XPATH-Expression */
public static final String AUTH_VERIFY_INFOBOXES_XPATH =
ROOT + CONF + "AuthComponent/" + CONF + "VerifyInfoboxes";
-
- /** an XPATH-Expression */
- private static final String PROXY_AUTH_XPATH =
- ROOT + CONF + "ProxyComponent/" + CONF + "AuthComponent";
-
+
/** an XPATH-Expression */
- private static final String OA_XPATH = ROOT + CONF + "OnlineApplication";
+ protected static final String OA_XPATH = ROOT + CONF + "OnlineApplication";
/** an XPATH-Expression */
- private static final String OA_LOGIN_XPATH = ROOT + CONF + "OnlineApplication/@loginURL";
+ protected static final String OA_LOGIN_XPATH = ROOT + CONF + "OnlineApplication/@loginURL";
/** an XPATH-Expression */
- private static final String OA_AUTH_COMPONENT_XPATH = CONF + "AuthComponent";
+ protected static final String OA_AUTH_COMPONENT_XPATH = CONF + "AuthComponent";
/** an XPATH-Expression */
- private static final String OA_AUTH_COMPONENT_IDENT_NUMBER_XPATH = CONF + "IdentificationNumber";
+ protected static final String OA_AUTH_COMPONENT_IDENT_NUMBER_XPATH = CONF + "IdentificationNumber";
/** an XPATH-Expression */
- private static final String OA_AUTH_COMPONENT_BKUSELECT_TEMPLATE_XPATH =
+ protected static final String OA_AUTH_COMPONENT_BKUSELECT_TEMPLATE_XPATH =
CONF + "Templates/" + CONF + "BKUSelectionTemplate/@URL";
/** an XPATH-Expression */
- private static final String OA_AUTH_COMPONENT_TEMPLATE_XPATH =
+ protected static final String OA_AUTH_COMPONENT_TEMPLATE_XPATH =
CONF + "Templates/" + CONF + "Template/@URL";
/** an XPATH-Expression */
- private static final String OA_AUTH_COMPONENT_TRANSFORMS_INFO_FILENAME_XPATH = CONF + "TransformsInfo/@filename";
- /** an XPATH-Expression */
- private static final String OA_AUTH_COMPONENT_VERIFY_INFOBOXES_XPATH = CONF + "VerifyInfoboxes";
+ protected static final String OA_AUTH_COMPONENT_TRANSFORMS_INFO_FILENAME_XPATH = CONF + "TransformsInfo/@filename";
/** an XPATH-Expression */
- private static final String OA_PROXY_COMPONENT_XPATH = CONF + "ProxyComponent";
+ protected static final String OA_AUTH_COMPONENT_VERIFY_INFOBOXES_XPATH = CONF + "VerifyInfoboxes";
/** an XPATH-Expression */
- private static final String OA_PROXY_COMPONENT_ABSOLUTE_XPATH = ROOT + CONF + "OnlineApplication/" + CONF + "ProxyComponent";
- /** an XPATH-Expression */
- private static final String OA_PROXY_URL_XPATH = CONF + "ProxyComponent/@configFileURL";
- /** an XPATH-Expression */
- private static final String OA_PROXY_SESSION_TIMEOUT_XPATH = CONF + "ProxyComponent/@sessionTimeOut";
- /** an XPATH-Expression */
- private static final String OA_PROXY_LOGIN_PARA_XPATH = CONF + "ProxyComponent/@loginParameterResolverImpl";
- /** an XPATH-Expression */
- private static final String OA_PROXY_LOGIN_PARA_CONF_XPATH = CONF + "ProxyComponent/@loginParameterResolverConfiguration";
- /** an XPATH-Expression */
- private static final String OA_PROXY_CONNECTION_BUILDER_XPATH = CONF + "ProxyComponent/@connectionBuilderImpl";
- /** an XPATH-Expression */
- private static final String CONNECTION_PARAMETER_URL_XPATH =
+ protected static final String CONNECTION_PARAMETER_URL_XPATH =
CONF + "ConnectionParameter/@URL";
/** an XPATH-Expression */
- private static final String CONNECTION_PARAMETER_ACCEPTED_CERTS_XPATH =
+ protected static final String CONNECTION_PARAMETER_ACCEPTED_CERTS_XPATH =
CONF + "ConnectionParameter/" + CONF + "AcceptedServerCertificates";
/** an XPATH-Expression */
- private static final String CONNECTION_PARAMETERN_KEYSTORE_XPATH =
+ protected static final String CONNECTION_PARAMETERN_KEYSTORE_XPATH =
CONF + "ConnectionParameter/" + CONF + "ClientKeyStore";
/** an XPATH-Expression */
- private static final String CONNECTION_PARAMETER_KEYSTORE_PASS_XPATH =
+ protected static final String CONNECTION_PARAMETER_KEYSTORE_PASS_XPATH =
CONNECTION_PARAMETERN_KEYSTORE_XPATH + "/@password";
/** an XPATH-Expression */
- private static final String GENERIC_CONFIGURATION_XPATH =
+ protected static final String GENERIC_CONFIGURATION_XPATH =
ROOT + CONF + "GenericConfiguration";
+
/** an XPATH-Expression */
- private static final String OACONF_LOGIN_TYPE_XPATH =
- ROOTOA + CONF + "LoginType";
- /** an XPATH-Expression */
- private static final String OACONF_BINDING_TYPE_XPATH =
- ROOTOA + CONF + "Binding";
- /** an XPATH-Expression */
- private static final String OACONF_PARAM_AUTH_PARAMETER_XPATH =
- ROOTOA + CONF + "ParamAuth/" + CONF + "Parameter";
- /** an XPATH-Expression */
- private static final String OACONF_USER_ID_XPATH =
- ROOTOA + CONF + "BasicAuth/" + CONF + "UserID";
- /** an XPATH-Expression */
- private static final String OACONF_PASSWORD_XPATH =
- ROOTOA + CONF + "BasicAuth/" + CONF + "Password";
- /** an XPATH-Expression */
- private static final String OACONF_HEADER_AUTH_HEADER_XPATH =
- ROOTOA + CONF + "HeaderAuth/" + CONF + "Header";
- /** an XPATH-Expression */
- private static final String CHAINING_MODES_XPATH =
+ protected static final String CHAINING_MODES_XPATH =
ROOT + CONF + "ChainingModes";
/** an XPATH-Expression */
- private static final String CHAINING_MODES_DEFAULT_XPATH =
+ protected static final String CHAINING_MODES_DEFAULT_XPATH =
CHAINING_MODES_XPATH + "/@systemDefaultMode";
/** an XPATH-Expression */
- private static final String TRUST_ANCHOR_XPATH =
+ protected static final String TRUST_ANCHOR_XPATH =
ROOT + CONF + "ChainingModes/" + CONF + "TrustAnchor";
/** an XPATH-Expression */
- private static final String ISSUER_XPATH = DSIG + "X509IssuerName";
+ protected static final String ISSUER_XPATH = DSIG + "X509IssuerName";
/** an XPATH-Expression */
- private static final String SERIAL_XPATH = DSIG + "X509SerialNumber";
+ protected static final String SERIAL_XPATH = DSIG + "X509SerialNumber";
/** an XPATH-Expression */
- private static final String TRUSTED_CA_CERTIFICATES_XPATH =
+ protected static final String TRUSTED_CA_CERTIFICATES_XPATH =
ROOT + CONF + "TrustedCACertificates";
/** an XPATH-Expression */
- private static final String VERIFY_INFOBOXES_DEFAULT_TRUST_PROFILE_XPATH = CONF + "DefaultTrustProfile";
+ protected static final String VERIFY_INFOBOXES_DEFAULT_TRUST_PROFILE_XPATH = CONF + "DefaultTrustProfile";
/** an XPATH-Expression */
- private static final String VERIFY_INFOBOXES_TRUST_PROFILE_ID_XPATH = CONF + "TrustProfileID";
+ protected static final String VERIFY_INFOBOXES_TRUST_PROFILE_ID_XPATH = CONF + "TrustProfileID";
/** an XPATH-Expression */
- private static final String VERIFY_INFOBOXES_INFOBOX_XPATH = CONF + "Infobox";
+ protected static final String VERIFY_INFOBOXES_INFOBOX_XPATH = CONF + "Infobox";
@@ -213,10 +167,10 @@ public class ConfigurationBuilder {
/**
* main configuration file directory name used to configure MOA-ID
*/
- private String rootConfigFileDir_;
+ protected String rootConfigFileDir_;
/** The root element of the MOA-ID configuration */
- private Element configElem_;
+ protected Element configElem_;
/**
* Creates a new <code>MOAConfigurationProvider</code>.
@@ -536,7 +490,7 @@ public class ConfigurationBuilder {
* or, if no template is specified within the online appliacation,
* the default url. Both may be <code>null</code>.
*/
- private String buildTemplateURL(Element oaAAuthComponent, String xpathExpr, String defaultURL) {
+ protected String buildTemplateURL(Element oaAAuthComponent, String xpathExpr, String defaultURL) {
String templateURL = XPathUtils.getAttributeValue(oaAAuthComponent, xpathExpr, defaultURL);
if (templateURL != null) {
templateURL = FileUtils.makeAbsoluteURL(templateURL, rootConfigFileDir_);
@@ -544,18 +498,7 @@ public class ConfigurationBuilder {
return templateURL;
}
- /**
- * Build a bean containing all information about the ProxyComponent
- * @return The ConnectionParameter for the Proxy Component
- */
- public ConnectionParameter buildAuthComponentConnectionParameter()
- {
-
- Element connectionParameter = (Element) XPathUtils.selectSingleNode(configElem_, PROXY_AUTH_XPATH);
- if (connectionParameter==null) return null;
- return buildConnectionParameter(connectionParameter);
-
- }
+
/**
* Method buildConnectionParameter: internal Method for creating a
* ConnectionParameter object with all data found in the incoming element
@@ -591,52 +534,7 @@ public class ConfigurationBuilder {
return result;
}
- /**
- * Build an array of OnlineApplication Parameter Beans containing information
- * about the proxy component
- * @return An OAProxyParameter array containing beans
- * with all relevant information for the proxy component of the online
- * application
- */
- public OAProxyParameter[] buildOnlineApplicationProxyParameters() throws ConfigurationException{
-
- List oA_list = new ArrayList();
- NodeList OAIter = XPathUtils.selectNodeList(configElem_, OA_XPATH);
-
- for (int i = 0; i < OAIter.getLength(); i++) {
- Element oAElem = (Element) OAIter.item(i);
- OAProxyParameter oap = new OAProxyParameter();
-
- oap.setPublicURLPrefix(oAElem.getAttribute("publicURLPrefix"));
- oap.setOaType(oAElem.getAttribute("type"));
- Element proxyComponentElem = (Element) XPathUtils.selectSingleNode(oAElem,OA_PROXY_COMPONENT_XPATH);
- if (proxyComponentElem != null) {
- oap.setConfigFileURL(XPathUtils.getAttributeValue(oAElem, OA_PROXY_URL_XPATH, null));
- oap.setConfigFileURL(FileUtils.makeAbsoluteURL(oap.getConfigFileURL(), rootConfigFileDir_));
- // default session time out: 3600 sec = 1 h
- oap.setSessionTimeOut(new Integer(XPathUtils.getAttributeValue(oAElem,OA_PROXY_SESSION_TIMEOUT_XPATH,"3600")).intValue());
- oap.setLoginParameterResolverImpl(XPathUtils.getAttributeValue(oAElem, OA_PROXY_LOGIN_PARA_XPATH, null));
- oap.setLoginParameterResolverConfiguration(XPathUtils.getAttributeValue(oAElem, OA_PROXY_LOGIN_PARA_CONF_XPATH, null));
- oap.setLoginParameterResolverConfiguration(FileUtils.makeAbsoluteURL(oap.getLoginParameterResolverConfiguration(), rootConfigFileDir_));
- oap.setConnectionBuilderImpl(XPathUtils.getAttributeValue(oAElem,OA_PROXY_CONNECTION_BUILDER_XPATH, null));
-
- ConnectionParameter conPara = buildConnectionParameter(proxyComponentElem);
- oap.setConnectionParameter(conPara);
- OAConfiguration oaConf = buildOAConfiguration(getOAConfigElement(oap));
- oap.setOaConfiguration(oaConf);
-
- oA_list.add(oap);
- }
- }
- OAProxyParameter[] result =
- new OAProxyParameter[oA_list.size()];
- oA_list.toArray(result);
-
- return result;
-
- }
-
/**
* Build the mapping of generic configuration properties.
*
@@ -661,107 +559,7 @@ public class ConfigurationBuilder {
return genericConfiguration;
}
- /**
- * Method buildOAConfiguration.
- *
- * Build an {@link OAConfiguration} Object from the given configuration DOM element
- *
- * @param root
- * @return OAConfiguration
- * @throws ConfigurationException
- */
- public OAConfiguration buildOAConfiguration(Element root) throws ConfigurationException{
-
- OAConfiguration oaConfiguration = new OAConfiguration();
-
- //The LoginType hast to be "stateless" or "stateful" to be valid
-
- oaConfiguration.setLoginType(
- XPathUtils.getElementValue(root, OACONF_LOGIN_TYPE_XPATH, null));
-
- oaConfiguration.setBinding(
- XPathUtils.getElementValue(root, OACONF_BINDING_TYPE_XPATH, OAConfiguration.BINDUNG_FULL));
-
- //Try to build the Parameter Auth Parameters
- NodeIterator paramAuthIter =
- XPathUtils.selectNodeIterator(
- root,
- OACONF_PARAM_AUTH_PARAMETER_XPATH);
- Element paramAuthElem;
- HashMap paramAuthMap = new HashMap();
- while ((paramAuthElem = (Element) paramAuthIter.nextNode()) != null) {
- String name = XPathUtils.getAttributeValue(paramAuthElem, "@Name", null);
- String value = XPathUtils.getAttributeValue(paramAuthElem, "@Value", null);
- if (paramAuthMap.containsKey(name))
- throw new ConfigurationException("config.06", new Object[]{"Doppelter Wert für Parameter per HeaderAuthentication"});
- paramAuthMap.put(name, value);
- }
- oaConfiguration.setParamAuthMapping(paramAuthMap);
- // Try to build the BasicAuthParameters
- oaConfiguration.setBasicAuthUserIDMapping(
- XPathUtils.getElementValue(root, OACONF_USER_ID_XPATH, null));
- oaConfiguration.setBasicAuthPasswordMapping(
- XPathUtils.getElementValue(root, OACONF_PASSWORD_XPATH, null));
-
- //Try to build the Parameter Auth Parameters
- NodeIterator headerAuthIter = XPathUtils.selectNodeIterator(root,OACONF_HEADER_AUTH_HEADER_XPATH);
-
- Element headerAuthElem;
- HashMap headerAuthMap = new HashMap();
- while ((headerAuthElem = (Element) headerAuthIter.nextNode()) != null) {
- String name =
- XPathUtils.getAttributeValue(headerAuthElem, "@Name", null);
- String value =
- XPathUtils.getAttributeValue(headerAuthElem, "@Value", null);
- // Contains Key (Neue Config-Exception: doppelte werte)
- if (headerAuthMap.containsKey(name))
- throw new ConfigurationException("config.06", new Object[]{"Doppelter Wert für Parameter per HeaderAuthentication"});
- headerAuthMap.put(name, value);
- }
- oaConfiguration.setHeaderAuthMapping(headerAuthMap);
-
- if (paramAuthMap.size() == 0) {
- if (oaConfiguration.getBasicAuthUserIDMapping() == null) {
- oaConfiguration.setAuthType(OAConfiguration.HEADER_AUTH);
- }
- else
- oaConfiguration.setAuthType(OAConfiguration.BASIC_AUTH);
- }
- else
- oaConfiguration.setAuthType(OAConfiguration.PARAM_AUTH);
-
- return oaConfiguration;
- }
-
- /**
- * Reads the configuration file of the online application, and creates a DOM tree from it.
- * If <code>/OnlineApplication/ProxyComponent@configFileURL</code> is not given,
- * uses default configuration file location.
- *
- * @param oap configuration data of online application, meant for use by MOA-ID-PROXY
- * @return Element DOM tree root element
- * @throws ConfigurationException on any exception thrown
- */
- private Element getOAConfigElement(OAProxyParameter oap) throws ConfigurationException
- {
- try {
- String configFileURL = oap.getConfigFileURL();
- if (configFileURL == null) {
- // use default config file URL, when config file URL is not given
- configFileURL = oap.getConnectionParameter().getUrl();
- if (configFileURL.charAt(configFileURL.length() - 1) != '/')
- configFileURL += "/";
- configFileURL += DEFAULT_OA_CONFIG_FILENAME;
- }
- Logger.info("Loading MOA-OA configuration " + configFileURL);
- Element configElem = DOMUtils.parseXmlValidating(
- new ByteArrayInputStream(FileUtils.readURL(configFileURL)));
- return configElem;
- }
- catch (Throwable t) {
- throw new ConfigurationException("config.03", new Object[] {"OAConfiguration"} , t);
- }
- }
+
/**
* Returns the default chaining mode from the configuration.
@@ -809,7 +607,7 @@ public class ConfigurationBuilder {
* @return The issuer and serial number contained in the <code>root</code>
* element or <code>null</code> if could not be built for any reason.
*/
- private IssuerAndSerial buildIssuerAndSerial(Element root) {
+ protected IssuerAndSerial buildIssuerAndSerial(Element root) {
String issuer = XPathUtils.getElementValue(root, ISSUER_XPATH, null);
String serial = XPathUtils.getElementValue(root, SERIAL_XPATH, null);
@@ -839,7 +637,7 @@ public class ConfigurationBuilder {
* interface.
* @see iaik.pki.pathvalidation.ChainingModes
*/
- private String translateChainingMode(String chainingMode) {
+ protected String translateChainingMode(String chainingMode) {
if (chainingMode.equals(CM_CHAINING)) {
return ChainingModes.CHAIN_MODE;
} else if (chainingMode.equals(CM_PKIX)) {
@@ -863,7 +661,7 @@ public class ConfigurationBuilder {
* company.
* @return
*/
- private String buildIdentityLinkDomainIdentifier(Element number) {
+ protected String buildIdentityLinkDomainIdentifier(Element number) {
if (number == null) {
return null;
}
@@ -1080,7 +878,7 @@ public class ConfigurationBuilder {
// various utility methods
//
- private static void warn(String messageId, Object[] parameters) {
+ protected static void warn(String messageId, Object[] parameters) {
Logger.warn(MOAIDMessageProvider.getInstance().getMessage(messageId, parameters));
}
@@ -1090,7 +888,7 @@ public class ConfigurationBuilder {
* @param args for the logger
* @param t as throwabl
*/
- private static void warn(String messageId, Object[] args, Throwable t) {
+ protected static void warn(String messageId, Object[] args, Throwable t) {
Logger.warn(MOAIDMessageProvider.getInstance().getMessage(messageId, args), t);
}
}
diff --git a/id.server/src/at/gv/egovernment/moa/id/config/proxy/ProxyConfigurationBuilder.java b/id.server/src/at/gv/egovernment/moa/id/config/proxy/ProxyConfigurationBuilder.java
new file mode 100644
index 000000000..ebb06dd3d
--- /dev/null
+++ b/id.server/src/at/gv/egovernment/moa/id/config/proxy/ProxyConfigurationBuilder.java
@@ -0,0 +1,265 @@
+// Copyright (C) 2002 IAIK
+// http://jce.iaik.tugraz.at
+//
+// Copyright (C) 2007 Stiftung Secure Information and
+// Communication Technologies SIC
+// http://www.sic.st
+//
+// All rights reserved.
+//
+// This source is provided for inspection purposes and recompilation only,
+// unless specified differently in a contract with IAIK. This source has to
+// be kept in strict confidence and must not be disclosed to any third party
+// under any circumstances. Redistribution in source and binary forms, with
+// or without modification, are <not> permitted in any case!
+//
+// THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+// ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+// IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+// ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+// FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+// DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+// OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+// LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+// OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+// SUCH DAMAGE.
+
+package at.gv.egovernment.moa.id.config.proxy;
+
+import java.io.ByteArrayInputStream;
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.List;
+
+import org.w3c.dom.Element;
+import org.w3c.dom.NodeList;
+import org.w3c.dom.traversal.NodeIterator;
+
+import at.gv.egovernment.moa.id.config.ConfigurationBuilder;
+import at.gv.egovernment.moa.id.config.ConfigurationException;
+import at.gv.egovernment.moa.id.config.ConnectionParameter;
+import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.util.DOMUtils;
+import at.gv.egovernment.moa.util.FileUtils;
+import at.gv.egovernment.moa.util.XPathUtils;
+
+public class ProxyConfigurationBuilder extends ConfigurationBuilder {
+
+ /**
+ * Default online application configuration file name
+ * (used when <code>/OnlineApplication/ProxyComponent@configFileURL</code> is <code>null</code>).
+ */
+ public static final String DEFAULT_OA_CONFIG_FILENAME = "MOAConfig.xml";
+
+ /** an XPATH-Expression */
+ private static final String PROXY_AUTH_XPATH =
+ ROOT + CONF + "ProxyComponent/" + CONF + "AuthComponent";
+ /** an XPATH-Expression */
+ protected static final String ROOTOA = "/" + CONF + "Configuration/";
+ /** an XPATH-Expression */
+ private static final String OA_PROXY_COMPONENT_XPATH = CONF + "ProxyComponent";
+ /** an XPATH-Expression */
+ private static final String OA_PROXY_COMPONENT_ABSOLUTE_XPATH = ROOT + CONF + "OnlineApplication/" + CONF + "ProxyComponent";
+ /** an XPATH-Expression */
+ private static final String OA_PROXY_URL_XPATH = CONF + "ProxyComponent/@configFileURL";
+ /** an XPATH-Expression */
+ private static final String OA_PROXY_SESSION_TIMEOUT_XPATH = CONF + "ProxyComponent/@sessionTimeOut";
+ /** an XPATH-Expression */
+ private static final String OA_PROXY_LOGIN_PARA_XPATH = CONF + "ProxyComponent/@loginParameterResolverImpl";
+ /** an XPATH-Expression */
+ private static final String OA_PROXY_LOGIN_PARA_CONF_XPATH = CONF + "ProxyComponent/@loginParameterResolverConfiguration";
+ /** an XPATH-Expression */
+ private static final String OA_PROXY_CONNECTION_BUILDER_XPATH = CONF + "ProxyComponent/@connectionBuilderImpl";
+ /** an XPATH-Expression */
+ protected static final String OACONF_LOGIN_TYPE_XPATH =
+ ROOTOA + CONF + "LoginType";
+ /** an XPATH-Expression */
+ protected static final String OACONF_BINDING_TYPE_XPATH =
+ ROOTOA + CONF + "Binding";
+ /** an XPATH-Expression */
+ protected static final String OACONF_PARAM_AUTH_PARAMETER_XPATH =
+ ROOTOA + CONF + "ParamAuth/" + CONF + "Parameter";
+ /** an XPATH-Expression */
+ protected static final String OACONF_USER_ID_XPATH =
+ ROOTOA + CONF + "BasicAuth/" + CONF + "UserID";
+ /** an XPATH-Expression */
+ protected static final String OACONF_PASSWORD_XPATH =
+ ROOTOA + CONF + "BasicAuth/" + CONF + "Password";
+ /** an XPATH-Expression */
+ protected static final String OACONF_HEADER_AUTH_HEADER_XPATH =
+ ROOTOA + CONF + "HeaderAuth/" + CONF + "Header";
+
+ /**
+ * Creates a new <code>MOAConfigurationProvider</code>.
+ *
+ * @param configElem The root element of the MOA-ID configuration.
+ */
+ public ProxyConfigurationBuilder(Element configElem, String rootConfigDir) {
+ super(configElem, rootConfigDir);
+ }
+
+ /**
+ * Method buildOAConfiguration.
+ *
+ * Build an {@link OAConfiguration} Object from the given configuration DOM element
+ *
+ * @param root
+ * @return OAConfiguration
+ * @throws ConfigurationException
+ */
+ public OAConfiguration buildOAConfiguration(Element root) throws ConfigurationException{
+
+ OAConfiguration oaConfiguration = new OAConfiguration();
+
+ //The LoginType hast to be "stateless" or "stateful" to be valid
+
+ oaConfiguration.setLoginType(
+ XPathUtils.getElementValue(root, OACONF_LOGIN_TYPE_XPATH, null));
+
+ oaConfiguration.setBinding(
+ XPathUtils.getElementValue(root, OACONF_BINDING_TYPE_XPATH, OAConfiguration.BINDUNG_FULL));
+
+ //Try to build the Parameter Auth Parameters
+ NodeIterator paramAuthIter =
+ XPathUtils.selectNodeIterator(
+ root,
+ OACONF_PARAM_AUTH_PARAMETER_XPATH);
+ Element paramAuthElem;
+ HashMap paramAuthMap = new HashMap();
+ while ((paramAuthElem = (Element) paramAuthIter.nextNode()) != null) {
+ String name = XPathUtils.getAttributeValue(paramAuthElem, "@Name", null);
+ String value = XPathUtils.getAttributeValue(paramAuthElem, "@Value", null);
+ if (paramAuthMap.containsKey(name))
+ throw new ConfigurationException("config.06", new Object[]{"Doppelter Wert für Parameter per HeaderAuthentication"});
+ paramAuthMap.put(name, value);
+ }
+ oaConfiguration.setParamAuthMapping(paramAuthMap);
+ // Try to build the BasicAuthParameters
+ oaConfiguration.setBasicAuthUserIDMapping(
+ XPathUtils.getElementValue(root, OACONF_USER_ID_XPATH, null));
+ oaConfiguration.setBasicAuthPasswordMapping(
+ XPathUtils.getElementValue(root, OACONF_PASSWORD_XPATH, null));
+
+ //Try to build the Parameter Auth Parameters
+ NodeIterator headerAuthIter = XPathUtils.selectNodeIterator(root,OACONF_HEADER_AUTH_HEADER_XPATH);
+
+ Element headerAuthElem;
+ HashMap headerAuthMap = new HashMap();
+ while ((headerAuthElem = (Element) headerAuthIter.nextNode()) != null) {
+ String name =
+ XPathUtils.getAttributeValue(headerAuthElem, "@Name", null);
+ String value =
+ XPathUtils.getAttributeValue(headerAuthElem, "@Value", null);
+ // Contains Key (Neue Config-Exception: doppelte werte)
+ if (headerAuthMap.containsKey(name))
+ throw new ConfigurationException("config.06", new Object[]{"Doppelter Wert für Parameter per HeaderAuthentication"});
+ headerAuthMap.put(name, value);
+ }
+ oaConfiguration.setHeaderAuthMapping(headerAuthMap);
+
+ if (paramAuthMap.size() == 0) {
+ if (oaConfiguration.getBasicAuthUserIDMapping() == null) {
+ oaConfiguration.setAuthType(OAConfiguration.HEADER_AUTH);
+ }
+ else
+ oaConfiguration.setAuthType(OAConfiguration.BASIC_AUTH);
+ }
+ else
+ oaConfiguration.setAuthType(OAConfiguration.PARAM_AUTH);
+
+ return oaConfiguration;
+ }
+
+
+ /**
+ * Build an array of OnlineApplication Parameter Beans containing information
+ * about the proxy component
+ * @return An OAProxyParameter array containing beans
+ * with all relevant information for the proxy component of the online
+ * application
+ */
+ public OAProxyParameter[] buildOnlineApplicationProxyParameters() throws ConfigurationException{
+
+ List oA_list = new ArrayList();
+ NodeList OAIter = XPathUtils.selectNodeList(configElem_, OA_XPATH);
+
+ for (int i = 0; i < OAIter.getLength(); i++) {
+ Element oAElem = (Element) OAIter.item(i);
+
+ Element proxyComponentElem = (Element) XPathUtils.selectSingleNode(oAElem,OA_PROXY_COMPONENT_XPATH);
+ if (proxyComponentElem != null) {
+ OAProxyParameter oap = new OAProxyParameter();
+
+ oap.setPublicURLPrefix(oAElem.getAttribute("publicURLPrefix"));
+ oap.setOaType(oAElem.getAttribute("type"));
+ oap.setConfigFileURL(XPathUtils.getAttributeValue(oAElem, OA_PROXY_URL_XPATH, null));
+ oap.setConfigFileURL(FileUtils.makeAbsoluteURL(oap.getConfigFileURL(), rootConfigFileDir_));
+ // default session time out: 3600 sec = 1 h
+ oap.setSessionTimeOut(new Integer(XPathUtils.getAttributeValue(oAElem,OA_PROXY_SESSION_TIMEOUT_XPATH,"3600")).intValue());
+ oap.setLoginParameterResolverImpl(XPathUtils.getAttributeValue(oAElem, OA_PROXY_LOGIN_PARA_XPATH, null));
+ oap.setLoginParameterResolverConfiguration(XPathUtils.getAttributeValue(oAElem, OA_PROXY_LOGIN_PARA_CONF_XPATH, null));
+ oap.setLoginParameterResolverConfiguration(FileUtils.makeAbsoluteURL(oap.getLoginParameterResolverConfiguration(), rootConfigFileDir_));
+ oap.setConnectionBuilderImpl(XPathUtils.getAttributeValue(oAElem,OA_PROXY_CONNECTION_BUILDER_XPATH, null));
+
+ ConnectionParameter conPara = buildConnectionParameter(proxyComponentElem);
+ oap.setConnectionParameter(conPara);
+
+ OAConfiguration oaConf = buildOAConfiguration(getOAConfigElement(oap));
+ oap.setOaConfiguration(oaConf);
+
+ oA_list.add(oap);
+ }
+ }
+ OAProxyParameter[] result =
+ new OAProxyParameter[oA_list.size()];
+ oA_list.toArray(result);
+
+ return result;
+
+ }
+
+ /**
+ * Reads the configuration file of the online application, and creates a DOM tree from it.
+ * If <code>/OnlineApplication/ProxyComponent@configFileURL</code> is not given,
+ * uses default configuration file location.
+ *
+ * @param oap configuration data of online application, meant for use by MOA-ID-PROXY
+ * @return Element DOM tree root element
+ * @throws ConfigurationException on any exception thrown
+ */
+ private Element getOAConfigElement(OAProxyParameter oap) throws ConfigurationException
+ {
+ try {
+ String configFileURL = oap.getConfigFileURL();
+ if (configFileURL == null) {
+ // use default config file URL, when config file URL is not given
+ configFileURL = oap.getConnectionParameter().getUrl();
+ if (configFileURL.charAt(configFileURL.length() - 1) != '/')
+ configFileURL += "/";
+ configFileURL += DEFAULT_OA_CONFIG_FILENAME;
+ }
+ Logger.info("Loading MOA-OA configuration " + configFileURL);
+ Element configElem = DOMUtils.parseXmlValidating(
+ new ByteArrayInputStream(FileUtils.readURL(configFileURL)));
+ return configElem;
+ }
+ catch (Throwable t) {
+ throw new ConfigurationException("config.03", new Object[] {"OAConfiguration"} , t);
+ }
+ }
+
+ /**
+ * Build a bean containing all information about the ProxyComponent
+ * @return The ConnectionParameter for the Proxy Component
+ */
+ public ConnectionParameter buildAuthComponentConnectionParameter()
+ {
+
+ Element connectionParameter = (Element) XPathUtils.selectSingleNode(configElem_, PROXY_AUTH_XPATH);
+ if (connectionParameter==null) return null;
+ return buildConnectionParameter(connectionParameter);
+
+ }
+
+}
diff --git a/id.server/src/at/gv/egovernment/moa/id/config/proxy/ProxyConfigurationProvider.java b/id.server/src/at/gv/egovernment/moa/id/config/proxy/ProxyConfigurationProvider.java
index fdb7e6f55..572ce5708 100644
--- a/id.server/src/at/gv/egovernment/moa/id/config/proxy/ProxyConfigurationProvider.java
+++ b/id.server/src/at/gv/egovernment/moa/id/config/proxy/ProxyConfigurationProvider.java
@@ -7,7 +7,6 @@ import java.net.MalformedURLException;
import org.w3c.dom.Element;
-import at.gv.egovernment.moa.id.config.ConfigurationBuilder;
import at.gv.egovernment.moa.id.config.ConfigurationException;
import at.gv.egovernment.moa.id.config.ConfigurationProvider;
import at.gv.egovernment.moa.id.config.ConnectionParameter;
@@ -101,7 +100,7 @@ public class ProxyConfigurationProvider extends ConfigurationProvider {
private void load(String fileName) throws ConfigurationException {
FileInputStream stream = null;
Element configElem;
- ConfigurationBuilder builder;
+ ProxyConfigurationBuilder builder;
try {
// load the main config file
@@ -130,12 +129,12 @@ public class ProxyConfigurationProvider extends ConfigurationProvider {
}
// build the internal datastructures
- builder = new ConfigurationBuilder(configElem, rootConfigFileDir);
+ builder = new ProxyConfigurationBuilder(configElem, rootConfigFileDir);
authComponentConnectionParameter = builder.buildAuthComponentConnectionParameter();
-
+
onlineApplicationProxyParameter = builder.buildOnlineApplicationProxyParameters();
for(int i = 0; i < onlineApplicationProxyParameter.length; i++) {
- onlineApplicationProxyParameter[i].setConfigFileURL(FileUtils.makeAbsoluteURL(onlineApplicationProxyParameter[i].getConfigFileURL(), rootConfigFileDir));
+ onlineApplicationProxyParameter[i].setConfigFileURL(FileUtils.makeAbsoluteURL(onlineApplicationProxyParameter[i].getConfigFileURL(), rootConfigFileDir));
}
genericConfiguration = builder.buildGenericConfiguration();