aboutsummaryrefslogtreecommitdiff
path: root/id/ConfigWebTool/src/main/java/at/gv
diff options
context:
space:
mode:
Diffstat (limited to 'id/ConfigWebTool/src/main/java/at/gv')
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java14
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java48
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java359
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAPVP2Config.java126
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASAML1Config.java81
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASSOConfig.java49
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java5
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/exception/ConfigurationException.java4
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/LanguageHelper.java13
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java128
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java574
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java115
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/CompanyNumberValidator.java56
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/IdentificationNumberValidator.java7
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/ValidationHelper.java165
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAGeneralConfigValidation.java180
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java44
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASAML1ConfigValidation.java27
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASSOConfigValidation.java35
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java16
20 files changed, 2025 insertions, 21 deletions
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java
index a5a5de33c..19af2876d 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java
@@ -3,9 +3,21 @@ package at.gv.egovernment.moa.id.configuration;
public class Constants {
public static final String STRUTS_SUCCESS = "success";
public static final String STRUTS_ERROR = "error";
+ public static final String STRUTS_ERROR_VALIDATION = "error_validation";
+ public static final String STRUTS_OA_EDIT = "editOA";
+ public static final String STRUTS_REAUTHENTICATE = "reauthentication";
+ public static final String STRUTS_NOTALLOWED = "notallowed";
-
public static final String SESSION_AUTH = "authsession";
public static final String SESSION_AUTH_ERROR = "authsessionerror";
+ public static final String SESSION_OAID = "oadbidentifier";
+
+ public static final String REQUEST_OAID = "oaid";
+
+ public static final String BKU_ONLINE = "bkuonline";
+ public static final String BKU_LOCAL = "bkulocal";
+ public static final String BKU_HANDY = "bkuhandy";
+
+ public static final String MOA_CONFIG_BUSINESSSERVICE = "businessService";
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java
new file mode 100644
index 000000000..f0c4e3314
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java
@@ -0,0 +1,48 @@
+package at.gv.egovernment.moa.id.configuration.data;
+
+import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentGeneral;
+import at.gv.egovernment.moa.id.commons.db.dao.config.ConnectionParameterClientAuthType;
+import at.gv.egovernment.moa.id.commons.db.dao.config.ForeignIdentities;
+import at.gv.egovernment.moa.id.commons.db.dao.config.GeneralConfiguration;
+import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration;
+import at.gv.egovernment.moa.id.commons.db.dao.config.STORK;
+
+public class GeneralMOAIDConfig {
+
+ private String szrgwURL = null;
+ private String alternativeSourceID = null;
+ private String certStoreDirectory = null;
+
+
+ public void parse(MOAIDConfiguration config) {
+
+ if (config != null) {
+ AuthComponentGeneral auth = config.getAuthComponentGeneral();
+
+ if (auth != null) {
+ ForeignIdentities foreign = auth.getForeignIdentities();
+
+ if (foreign != null) {
+ ConnectionParameterClientAuthType connect_foreign = foreign.getConnectionParameter();
+ if (connect_foreign != null) {
+ szrgwURL = connect_foreign.getURL();
+ }
+
+ STORK stork = foreign.getSTORK();
+ if (stork != null) {
+ //TODO: add Stork config
+
+ }
+ }
+
+ GeneralConfiguration authgen = auth.getGeneralConfiguration();
+ if (authgen != null) {
+ alternativeSourceID = authgen.getAlternativeSourceID();
+ certStoreDirectory = authgen.getCertStoreDirectory();
+ }
+ }
+
+ }
+
+ }
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java
new file mode 100644
index 000000000..ebd1b3862
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java
@@ -0,0 +1,359 @@
+package at.gv.egovernment.moa.id.configuration.data.oa;
+
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA;
+import at.gv.egovernment.moa.id.commons.db.dao.config.BKUURLS;
+import at.gv.egovernment.moa.id.commons.db.dao.config.IdentificationNumber;
+import at.gv.egovernment.moa.id.commons.db.dao.config.MOAKeyBoxSelector;
+import at.gv.egovernment.moa.id.commons.db.dao.config.Mandates;
+import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
+import at.gv.egovernment.moa.id.commons.db.dao.config.TemplateType;
+import at.gv.egovernment.moa.id.commons.db.dao.config.TemplatesType;
+import at.gv.egovernment.moa.id.commons.db.dao.config.TransformsInfoType;
+import at.gv.egovernment.moa.id.configuration.Constants;
+
+
+public class OAGeneralConfig {
+
+ private String dbID = null;
+
+ private String bkuOnlineURL = null;
+ private String bkuHandyURL = null;
+ private String bkuLocalURL = null;
+
+ private String identifier = null;
+ private String friendlyName = null;
+
+ private boolean businessService = false;
+
+ private String target = null;
+ private String targetFriendlyName = null;
+
+ private String identificationNumber = null;
+ private String identificationType = null;
+
+ private String aditionalAuthBlockText = null;
+
+ //TODO: look Template!!!
+
+ private String mandateProfiles = null;
+
+ private boolean isActive = false;
+ private String slVersion = null;
+ private boolean useIFrame = false;
+ private boolean useUTC = false;
+ private boolean calculateHPI = false;
+
+ private String keyBoxIdentifier = null;
+ private static Map<String, String> keyBoxIdentifierList;
+
+ private String templateURL = null;
+
+ private Map<String, byte[]> transformations;
+
+
+
+ public OAGeneralConfig() {
+ keyBoxIdentifierList = new HashMap<String, String>();
+ MOAKeyBoxSelector[] values = MOAKeyBoxSelector.values();
+ for (int i=0; i<values.length; i++) {
+ keyBoxIdentifierList.put(values[i].value(), values[i].value());
+ }
+ }
+
+
+ public void parse(OnlineApplication dbOAConfig) {
+
+ isActive = dbOAConfig.isIsActive();
+
+ friendlyName = dbOAConfig.getFriendlyName();
+
+ keyBoxIdentifier = dbOAConfig.getKeyBoxIdentifier().value();
+
+ identifier = dbOAConfig.getPublicURLPrefix();
+ target = dbOAConfig.getTarget();
+ targetFriendlyName = dbOAConfig.getTargetFriendlyName();
+
+ if (dbOAConfig.getType().equals(Constants.MOA_CONFIG_BUSINESSSERVICE))
+ businessService = true;
+ else
+ businessService = false;
+
+ AuthComponentOA oaauth = dbOAConfig.getAuthComponentOA();
+ if (oaauth != null) {
+ BKUURLS bkuurls = oaauth.getBKUURLS();
+ if (bkuurls != null) {
+ bkuHandyURL = bkuurls.getHandyBKU();
+ bkuLocalURL = bkuurls.getLocalBKU();
+ bkuOnlineURL = bkuurls.getOnlineBKU();
+ }
+
+ IdentificationNumber idnumber = oaauth.getIdentificationNumber();
+ if (idnumber != null) {
+ identificationNumber = idnumber.getValue();
+ }
+
+ Mandates mandates = oaauth.getMandates();
+ if (mandates != null) {
+ mandateProfiles = mandates.getProfiles();
+ }
+
+ slVersion = oaauth.getSlVersion();
+
+ TemplatesType templates = oaauth.getTemplates();
+ if (templates != null) {
+ aditionalAuthBlockText = templates.getAditionalAuthBlockText();
+ TemplateType templatetype = templates.getTemplate();
+
+ if (templatetype != null) {
+ templateURL = templatetype.getURL();
+ }
+ }
+
+ List<TransformsInfoType> transforminfos = oaauth.getTransformsInfo();
+ transformations = new HashMap<String, byte[]>();
+ for (TransformsInfoType el : transforminfos) {
+ transformations.put(el.getFilename(), el.getTransformation());
+ }
+
+ useIFrame = oaauth.isUseIFrame();
+ useUTC = oaauth.isUseUTC();
+ }
+
+
+
+
+ }
+
+ public String getIdentifier() {
+ return identifier;
+ }
+
+ public void setIdentifier(String identifier) {
+ this.identifier = identifier;
+ }
+
+ public String getFriendlyName() {
+ return friendlyName;
+ }
+
+ public void setFriendlyName(String friendlyName) {
+ this.friendlyName = friendlyName;
+ }
+
+ public String getTarget() {
+ return target;
+ }
+
+ public void setTarget(String target) {
+ this.target = target;
+ }
+
+ public String getTargetFriendlyName() {
+ return targetFriendlyName;
+ }
+
+ public void setTargetFriendlyName(String targetFriendlyName) {
+ this.targetFriendlyName = targetFriendlyName;
+ }
+
+ public String getIdentificationNumber() {
+ return identificationNumber;
+ }
+
+ public void setIdentificationNumber(String identificationNumber) {
+ this.identificationNumber = identificationNumber;
+ }
+
+ public String getIdentificationType() {
+ return identificationType;
+ }
+
+ public void setIdentificationType(String identificationType) {
+ this.identificationType = identificationType;
+ }
+
+ public String getAditionalAuthBlockText() {
+ return aditionalAuthBlockText;
+ }
+
+ public void setAditionalAuthBlockText(String aditionalAuthBlockText) {
+ this.aditionalAuthBlockText = aditionalAuthBlockText;
+ }
+
+ public String getMandateProfiles() {
+ return mandateProfiles;
+ }
+
+ public void setMandateProfiles(String mandateProfiles) {
+ this.mandateProfiles = mandateProfiles;
+ }
+
+ public boolean isActive() {
+ return isActive;
+ }
+
+ public void setActive(boolean isActive) {
+ this.isActive = isActive;
+ }
+
+ public String getSlVersion() {
+ return slVersion;
+ }
+
+ public void setSlVersion(String slVersion) {
+ this.slVersion = slVersion;
+ }
+
+ public boolean isUseIFrame() {
+ return useIFrame;
+ }
+
+ public void setUseIFrame(boolean useIFrame) {
+ this.useIFrame = useIFrame;
+ }
+
+ public boolean isUseUTC() {
+ return useUTC;
+ }
+
+ public void setUseUTC(boolean useUTC) {
+ this.useUTC = useUTC;
+ }
+
+ public boolean isBusinessService() {
+ return businessService;
+ }
+
+ public void setBusinessService(boolean businessService) {
+ this.businessService = businessService;
+ }
+
+ public String getBkuOnlineURL() {
+ return bkuOnlineURL;
+ }
+
+ public void setBkuOnlineURL(String bkuOnlineURL) {
+ this.bkuOnlineURL = bkuOnlineURL;
+ }
+
+ public String getBkuHandyURL() {
+ return bkuHandyURL;
+ }
+
+ public void setBkuHandyURL(String bkuHandyURL) {
+ this.bkuHandyURL = bkuHandyURL;
+ }
+
+ public String getBkuLocalURL() {
+ return bkuLocalURL;
+ }
+
+ public void setBkuLocalURL(String bkuLocalURL) {
+ this.bkuLocalURL = bkuLocalURL;
+ }
+
+ /**
+ * @return the keyBoxIdentifier
+ */
+ public String getKeyBoxIdentifier() {
+ return keyBoxIdentifier;
+ }
+
+ /**
+ * @param keyBoxIdentifier the keyBoxIdentifier to set
+ */
+ public void setKeyBoxIdentifier(String keyBoxIdentifier) {
+ this.keyBoxIdentifier = keyBoxIdentifier;
+ }
+
+ /**
+ * @return the templateURL
+ */
+ public String getTemplateURL() {
+ return templateURL;
+ }
+
+ /**
+ * @param templateURL the templateURL to set
+ */
+ public void setTemplateURL(String templateURL) {
+ this.templateURL = templateURL;
+ }
+
+ /**
+ * @return the transformations
+ */
+ public Map<String, byte[]> getTransformations() {
+ return transformations;
+ }
+
+ /**
+ * @param transformations the transformations to set
+ */
+ public void setTransformations(Map<String, byte[]> transformations) {
+ this.transformations = transformations;
+ }
+
+
+ /**
+ * @return the dbID
+ */
+ public String getDbID() {
+ return dbID;
+ }
+
+
+ /**
+ * @param dbID the dbID to set
+ */
+ public void setDbID(long dbID) {
+ this.dbID = String.valueOf(dbID);
+ }
+
+ /**
+ * @param dbID the dbID to set
+ */
+ public void setDbID(String dbID) {
+ this.dbID = dbID;
+ }
+
+
+ /**
+ * @return the calculateHPI
+ */
+ public boolean isCalculateHPI() {
+ return calculateHPI;
+ }
+
+
+ /**
+ * @param calculateHPI the calculateHPI to set
+ */
+ public void setCalculateHPI(boolean calculateHPI) {
+ this.calculateHPI = calculateHPI;
+ }
+
+
+ /**
+ * @return the keyBoxIdentifierList
+ */
+ public Map<String, String> getKeyBoxIdentifierList() {
+ return keyBoxIdentifierList;
+ }
+
+
+ /**
+ * @param keyBoxIdentifierList the keyBoxIdentifierList to set
+ */
+ public void setKeyBoxIdentifierList(Map<String, String> list) {
+ keyBoxIdentifierList = list;
+ }
+
+
+
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAPVP2Config.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAPVP2Config.java
new file mode 100644
index 000000000..fdce518a7
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAPVP2Config.java
@@ -0,0 +1,126 @@
+package at.gv.egovernment.moa.id.configuration.data.oa;
+
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.FileNotFoundException;
+import java.io.IOException;
+import java.security.cert.CertificateException;
+import java.util.ArrayList;
+import java.util.List;
+
+import org.apache.log4j.Logger;
+
+import iaik.x509.X509Certificate;
+import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA;
+import at.gv.egovernment.moa.id.commons.db.dao.config.OAPVP2;
+import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
+import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
+import at.gv.egovernment.moa.id.configuration.struts.action.EditOAAction;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+public class OAPVP2Config {
+
+ private final Logger log = Logger.getLogger(OAPVP2Config.class);
+
+ private String metaDataURL = null;
+ private String certificateDN = null;
+
+ private File fileUpload = null;
+ private String fileUploadContentType;
+ private String fileUploadFileName;
+
+ public OAPVP2Config() {
+ }
+
+ public List<String> parse(OnlineApplication dbOAConfig) {
+ List<String> errors = new ArrayList<String>();
+
+ AuthComponentOA authdata = dbOAConfig.getAuthComponentOA();
+ if (authdata != null) {
+ OAPVP2 pvp2 = authdata.getOAPVP2();
+ if (pvp2 != null) {
+ metaDataURL = pvp2.getMetadataURL();
+
+ try {
+ byte[] cert = pvp2.getCertificate();
+
+ if (MiscUtil.isNotEmpty(cert)) {
+ X509Certificate x509 = new X509Certificate(cert);
+ certificateDN = x509.getSubjectDN().getName();
+ }
+ } catch (CertificateException e) {
+ log.warn("PVP2 certificate can not be loaded from Online-Applikation with ID " + dbOAConfig.getPublicURLPrefix());
+ errors.add(LanguageHelper.getErrorString("error.oa.pvp2.certificate"));
+ }
+ }
+ }
+ return errors;
+ }
+
+ public byte[] getCertificate() throws CertificateException, IOException {
+
+ FileInputStream filestream = new FileInputStream(fileUpload);
+ X509Certificate x509 = new X509Certificate(filestream);
+ return x509.getEncoded();
+ }
+
+ public String getMetaDataURL() {
+ return metaDataURL;
+ }
+ public void setMetaDataURL(String metaDataURL) {
+ this.metaDataURL = metaDataURL;
+ }
+
+ /**
+ * @return the certificateDN
+ */
+ public String getCertificateDN() {
+ return certificateDN;
+ }
+
+ /**
+ * @return the fileUpLoad
+ */
+ public File getFileUpload() {
+ return fileUpload;
+ }
+
+ /**
+ * @param fileUpLoad the fileUpLoad to set
+ */
+ public void setFileUpload(File fileUpload) {
+ this.fileUpload = fileUpload;
+ }
+
+ /**
+ * @return the fileUploadContentType
+ */
+ public String getFileUploadContentType() {
+ return fileUploadContentType;
+ }
+
+ /**
+ * @param fileUploadContentType the fileUploadContentType to set
+ */
+ public void setFileUploadContentType(String fileUploadContentType) {
+ this.fileUploadContentType = fileUploadContentType;
+ }
+
+ /**
+ * @return the fileUploadFileName
+ */
+ public String getFileUploadFileName() {
+ return fileUploadFileName;
+ }
+
+ /**
+ * @param fileUploadFileName the fileUploadFileName to set
+ */
+ public void setFileUploadFileName(String fileUploadFileName) {
+ this.fileUploadFileName = fileUploadFileName;
+ }
+
+
+}
+
+
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASAML1Config.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASAML1Config.java
new file mode 100644
index 000000000..687a06b9e
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASAML1Config.java
@@ -0,0 +1,81 @@
+package at.gv.egovernment.moa.id.configuration.data.oa;
+
+import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA;
+import at.gv.egovernment.moa.id.commons.db.dao.config.OASAML1;
+import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
+
+public class OASAML1Config {
+
+ private boolean provideStammZahl = false;
+ private boolean provideAuthBlock = false;
+ private boolean provideIdentityLink = false;
+ private boolean provideCertificate = false;
+ private boolean provideFullMandateData = false;
+ private boolean useCondition = false;
+ private int conditionLength = -1;
+
+
+ public OASAML1Config() {
+ }
+
+ public void parse(OnlineApplication dbOAConfig) {
+ AuthComponentOA authdata = dbOAConfig.getAuthComponentOA();
+ if (authdata != null) {
+ OASAML1 saml1 = authdata.getOASAML1();
+ if (saml1 != null) {
+ provideAuthBlock = saml1.isProvideAUTHBlock();
+ provideCertificate = saml1.isProvideCertificate();
+ provideFullMandateData = saml1.isProvideFullMandatorData();
+ provideIdentityLink = saml1.isProvideIdentityLink();
+ provideStammZahl = saml1.isProvideStammzahl();
+ useCondition = saml1.isUseCondition();
+ conditionLength = saml1.getConditionLength().intValue();
+ }
+ }
+ }
+
+ public boolean isProvideStammZahl() {
+ return provideStammZahl;
+ }
+ public void setProvideStammZahl(boolean provideStammZahl) {
+ this.provideStammZahl = provideStammZahl;
+ }
+ public boolean isProvideAuthBlock() {
+ return provideAuthBlock;
+ }
+ public void setProvideAuthBlock(boolean provideAuthBlock) {
+ this.provideAuthBlock = provideAuthBlock;
+ }
+ public boolean isProvideIdentityLink() {
+ return provideIdentityLink;
+ }
+ public void setProvideIdentityLink(boolean provideIdentityLink) {
+ this.provideIdentityLink = provideIdentityLink;
+ }
+ public boolean isProvideCertificate() {
+ return provideCertificate;
+ }
+ public void setProvideCertificate(boolean provideCertificate) {
+ this.provideCertificate = provideCertificate;
+ }
+ public boolean isProvideFullMandateData() {
+ return provideFullMandateData;
+ }
+ public void setProvideFullMandateData(boolean provideFullMandateData) {
+ this.provideFullMandateData = provideFullMandateData;
+ }
+ public boolean isUseCondition() {
+ return useCondition;
+ }
+ public void setUseCondition(boolean useCondition) {
+ this.useCondition = useCondition;
+ }
+ public int getConditionLength() {
+ return conditionLength;
+ }
+ public void setConditionLength(int conditionLength) {
+ this.conditionLength = conditionLength;
+ }
+
+
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASSOConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASSOConfig.java
new file mode 100644
index 000000000..0241b6a04
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASSOConfig.java
@@ -0,0 +1,49 @@
+package at.gv.egovernment.moa.id.configuration.data.oa;
+
+import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA;
+import at.gv.egovernment.moa.id.commons.db.dao.config.OASSO;
+import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
+
+public class OASSOConfig {
+
+ private boolean useSSO = false;
+ private boolean showAuthDataFrame = true;
+ private String singleLogOutURL = null;
+
+ public OASSOConfig() {
+
+ }
+
+ public void parse(OnlineApplication dbOAConfig) {
+ AuthComponentOA authdata = dbOAConfig.getAuthComponentOA();
+ if (authdata != null) {
+ OASSO ssoconfig = authdata.getOASSO();
+ if(ssoconfig != null) {
+ useSSO = ssoconfig.isUseSSO();
+ showAuthDataFrame = ssoconfig.isAuthDataFrame();
+ singleLogOutURL = ssoconfig.getSingleLogOutURL();
+ }
+ }
+ }
+
+ public boolean isUseSSO() {
+ return useSSO;
+ }
+ public void setUseSSO(boolean useSSO) {
+ this.useSSO = useSSO;
+ }
+ public boolean isShowAuthDataFrame() {
+ return showAuthDataFrame;
+ }
+ public void setShowAuthDataFrame(boolean showAuthDataFrame) {
+ this.showAuthDataFrame = showAuthDataFrame;
+ }
+ public String getSingleLogOutURL() {
+ return singleLogOutURL;
+ }
+ public void setSingleLogOutURL(String singleLogOutURL) {
+ this.singleLogOutURL = singleLogOutURL;
+ }
+
+
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java
new file mode 100644
index 000000000..74edde653
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java
@@ -0,0 +1,5 @@
+package at.gv.egovernment.moa.id.configuration.data.oa;
+
+public class OASTORKConfig {
+
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/exception/ConfigurationException.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/exception/ConfigurationException.java
index 39a18309a..e83bf6997 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/exception/ConfigurationException.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/exception/ConfigurationException.java
@@ -7,11 +7,11 @@ public class ConfigurationException extends Exception {
private static final long serialVersionUID = 1L;
public ConfigurationException(String errorname) {
- super(LanguageHelper.getErrorString(errorname, null));
+ super(LanguageHelper.getErrorString(errorname));
}
public ConfigurationException(String errorname, Throwable e) {
- super(LanguageHelper.getErrorString(errorname, null), e);
+ super(LanguageHelper.getErrorString(errorname), e);
}
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/LanguageHelper.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/LanguageHelper.java
index 80db5877c..08f200c50 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/LanguageHelper.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/LanguageHelper.java
@@ -17,10 +17,18 @@ public class LanguageHelper {
return guiRes_DE.getString(code);
}
+ public static String getGUIString(String code) {
+ return guiRes_DE.getString(code);
+ }
+
public static String getErrorString(String code, HttpServletRequest request) {
return errorRes_DE.getString(code);
}
+ public static String getErrorString(String code) {
+ return errorRes_DE.getString(code);
+ }
+
public static String getGUIString(String code, String parameter, HttpServletRequest request) {
return MessageFormat.format(getGUIString(code, request), parameter);
@@ -30,5 +38,10 @@ public class LanguageHelper {
return MessageFormat.format(getGUIString(code, request), parameter);
}
+
+ public static String getErrorString(String code, Object[] parameter) {
+
+ return MessageFormat.format(getGUIString(code), parameter);
+ }
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java
new file mode 100644
index 000000000..1cd4ecc0c
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java
@@ -0,0 +1,128 @@
+package at.gv.egovernment.moa.id.configuration.struts.action;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.struts2.interceptor.ServletRequestAware;
+import org.apache.struts2.interceptor.ServletResponseAware;
+
+import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead;
+import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
+import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration;
+import at.gv.egovernment.moa.id.configuration.Constants;
+import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
+import at.gv.egovernment.moa.id.configuration.data.GeneralMOAIDConfig;
+import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
+
+import com.opensymphony.xwork2.ActionSupport;
+
+public class EditGeneralConfigAction extends ActionSupport
+ implements ServletRequestAware, ServletResponseAware {
+
+ private static final long serialVersionUID = 1L;
+ private HttpServletRequest request;
+ private HttpServletResponse response;
+
+ private AuthenticatedUser authUser;
+
+ private GeneralMOAIDConfig moaconfig;
+
+ public String loadConfig() {
+
+ Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+
+ if (authUserObj != null && authUserObj instanceof AuthenticatedUser) {
+ authUser = (AuthenticatedUser) authUserObj;
+
+ if (authUser.isAdmin()) {
+
+ MOAIDConfiguration dbconfig = ConfigurationDBRead.getMOAIDConfiguration();
+
+ moaconfig = new GeneralMOAIDConfig();
+ moaconfig.parse(dbconfig);
+
+ ConfigurationDBUtils.closeSession();
+
+ return Constants.STRUTS_SUCCESS;
+
+ } else {
+ addActionError(LanguageHelper.getErrorString("errors.notallowed", request));
+ return Constants.STRUTS_NOTALLOWED;
+ }
+
+ } else
+ return Constants.STRUTS_REAUTHENTICATE;
+ }
+
+ public String saveConfig() {
+
+ Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+
+ if (authUserObj != null && authUserObj instanceof AuthenticatedUser) {
+ authUser = (AuthenticatedUser) authUserObj;
+
+ if (authUser.isAdmin()) {
+
+
+
+
+
+
+ } else {
+ addActionError(LanguageHelper.getErrorString("errors.notallowed", request));
+ return Constants.STRUTS_NOTALLOWED;
+ }
+
+ } else
+ return Constants.STRUTS_REAUTHENTICATE;
+
+ return Constants.STRUTS_SUCCESS;
+ }
+
+ public String back() {
+
+ Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+
+ if (authUserObj != null && authUserObj instanceof AuthenticatedUser) {
+ authUser = (AuthenticatedUser) authUserObj;
+ } else
+ return Constants.STRUTS_REAUTHENTICATE;
+
+ return Constants.STRUTS_SUCCESS;
+ }
+
+ public void setServletResponse(HttpServletResponse response) {
+ this.response = response;
+
+ }
+
+ public void setServletRequest(HttpServletRequest request) {
+ this.request = request;
+
+ }
+
+ /**
+ * @return the authUser
+ */
+ public AuthenticatedUser getAuthUser() {
+ return authUser;
+ }
+
+ /**
+ * @return the moaconfig
+ */
+ public GeneralMOAIDConfig getMoaconfig() {
+ return moaconfig;
+ }
+
+ /**
+ * @param moaconfig the moaconfig to set
+ */
+ public void setMoaconfig(GeneralMOAIDConfig moaconfig) {
+ this.moaconfig = moaconfig;
+ }
+
+
+
+
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java
new file mode 100644
index 000000000..1c498ecc2
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java
@@ -0,0 +1,574 @@
+package at.gv.egovernment.moa.id.configuration.struts.action;
+
+import java.io.IOException;
+import java.math.BigInteger;
+import java.security.cert.CertificateException;
+import java.util.ArrayList;
+import java.util.List;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.log4j.Logger;
+import org.apache.struts2.interceptor.ServletRequestAware;
+import org.apache.struts2.interceptor.ServletResponseAware;
+
+import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead;
+import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
+import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA;
+import at.gv.egovernment.moa.id.commons.db.dao.config.BKUURLS;
+import at.gv.egovernment.moa.id.commons.db.dao.config.IdentificationNumber;
+import at.gv.egovernment.moa.id.commons.db.dao.config.MOAKeyBoxSelector;
+import at.gv.egovernment.moa.id.commons.db.dao.config.Mandates;
+import at.gv.egovernment.moa.id.commons.db.dao.config.OAPVP2;
+import at.gv.egovernment.moa.id.commons.db.dao.config.OASAML1;
+import at.gv.egovernment.moa.id.commons.db.dao.config.OASSO;
+import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
+import at.gv.egovernment.moa.id.commons.db.dao.config.STORK;
+import at.gv.egovernment.moa.id.commons.db.dao.config.TemplateType;
+import at.gv.egovernment.moa.id.commons.db.dao.config.TemplatesType;
+import at.gv.egovernment.moa.id.commons.db.dao.config.TransformsInfoType;
+import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase;
+import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
+import at.gv.egovernment.moa.id.configuration.Constants;
+import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
+import at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig;
+import at.gv.egovernment.moa.id.configuration.data.oa.OAPVP2Config;
+import at.gv.egovernment.moa.id.configuration.data.oa.OASAML1Config;
+import at.gv.egovernment.moa.id.configuration.data.oa.OASSOConfig;
+import at.gv.egovernment.moa.id.configuration.data.oa.OASTORKConfig;
+import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
+import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper;
+import at.gv.egovernment.moa.id.configuration.validation.oa.OAGeneralConfigValidation;
+import at.gv.egovernment.moa.id.configuration.validation.oa.OAPVP2ConfigValidation;
+import at.gv.egovernment.moa.id.configuration.validation.oa.OASAML1ConfigValidation;
+import at.gv.egovernment.moa.id.configuration.validation.oa.OASSOConfigValidation;
+import at.gv.egovernment.moa.id.configuration.validation.oa.OASTORKConfigValidation;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+import com.opensymphony.xwork2.ActionSupport;
+
+public class EditOAAction extends ActionSupport implements ServletRequestAware,
+ServletResponseAware {
+
+ private final Logger log = Logger.getLogger(EditOAAction.class);
+
+ private static final long serialVersionUID = 1L;
+
+ private HttpServletRequest request;
+ private HttpServletResponse response;
+
+ private AuthenticatedUser authUser;
+
+ private String oaidobj;
+ private boolean newOA;
+
+ private OAGeneralConfig generalOA = new OAGeneralConfig();
+ private OAPVP2Config pvp2OA = new OAPVP2Config();
+ private OASAML1Config saml1OA = new OASAML1Config();
+ private OASSOConfig ssoOA = new OASSOConfig();
+ private OASTORKConfig storkOA;
+
+ //STRUTS actions
+ public String inital() {
+
+ Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+
+ if (authUserObj != null && authUserObj instanceof AuthenticatedUser) {
+ authUser = (AuthenticatedUser) authUserObj;
+ } else
+ return Constants.STRUTS_REAUTHENTICATE;
+
+ long oaid = -1;
+
+ if (!ValidationHelper.validateOAID(oaidobj)) {
+ addActionError(LanguageHelper.getErrorString("errors.edit.oa.oaid", request));
+ return Constants.STRUTS_ERROR;
+ }
+ oaid = Long.valueOf(oaidobj);
+
+ request.getSession().setAttribute(Constants.SESSION_OAID, oaid);
+
+ OnlineApplication onlineapplication = ConfigurationDBRead.getOnlineApplication(oaid);
+
+ generalOA.parse(onlineapplication);
+ ssoOA.parse(onlineapplication);
+ saml1OA.parse(onlineapplication);
+ List<String> errors = pvp2OA.parse(onlineapplication);
+
+ if (errors.size() > 0) {
+ for (String el : errors)
+ addActionError(el);
+ }
+
+ ConfigurationDBUtils.closeSession();
+
+ newOA = false;
+
+ return Constants.STRUTS_OA_EDIT;
+ }
+
+ public String newOA() {
+ log.debug("insert new Online-Application");
+
+ request.getSession().setAttribute(Constants.SESSION_OAID, null);
+
+ Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+
+ if (authUserObj != null && authUserObj instanceof AuthenticatedUser) {
+ authUser = (AuthenticatedUser) authUserObj;
+ } else
+ return Constants.STRUTS_REAUTHENTICATE;
+
+ newOA = true;
+
+ return Constants.STRUTS_OA_EDIT;
+ }
+
+ public String saveOA() {
+
+ Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+
+ if (authUserObj != null && authUserObj instanceof AuthenticatedUser) {
+ authUser = (AuthenticatedUser) authUserObj;
+ } else
+ return Constants.STRUTS_REAUTHENTICATE;
+
+ OnlineApplication onlineapplication = null;
+ List<String> errors = new ArrayList<String>();
+
+ Object oadbid = request.getSession().getAttribute(Constants.SESSION_OAID);
+ Long oaid = (long) -1;
+
+ if (oadbid != null ) {
+ try {
+ oaid = (Long) oadbid;
+ if (oaid < 0 || oaid > Long.MAX_VALUE) {
+ addActionError(LanguageHelper.getErrorString("errors.edit.oa.oaid", request));
+ return Constants.STRUTS_ERROR;
+ }
+
+ } catch (Throwable t) {
+ addActionError(LanguageHelper.getErrorString("errors.edit.oa.oaid", request));
+ return Constants.STRUTS_ERROR;
+ }
+ }
+
+ //valid DBID and check entry
+ String oaidentifier = generalOA.getIdentifier();
+ if (MiscUtil.isEmpty(oaidentifier)) {
+ log.info("Empty OA identifier");
+ errors.add(LanguageHelper.getErrorString("validation.general.oaidentifier.empty"));
+
+ } else {
+ if (ValidationHelper.isValidOAIdentifier(oaidentifier)) {
+ log.warn("IdentificationNumber contains potentail XSS characters: " + oaidentifier);
+ errors.add(LanguageHelper.getErrorString("validation.general.oaidentifier.valid",
+ new Object[] {ValidationHelper.getNotValidOAIdentifierCharacters()} ));
+ } else {
+
+ if (oaid == -1) {
+ onlineapplication = ConfigurationDBRead.getOnlineApplication(oaidentifier);
+ if (onlineapplication != null) {
+ log.info("The OAIdentifier is not unique");
+ errors.add(LanguageHelper.getErrorString("validation.general.oaidentifier.notunique"));
+ }
+
+ } else {
+ onlineapplication = ConfigurationDBRead.getOnlineApplication(oaid);
+ if (!oaidentifier.equals(onlineapplication.getPublicURLPrefix())) {
+
+ if (ConfigurationDBRead.getOnlineApplication(oaidentifier) != null) {
+ log.info("The OAIdentifier is not unique");
+ errors.add(LanguageHelper.getErrorString("validation.general.oaidentifier.notunique"));
+ }
+ }
+ }
+ }
+ }
+
+ //check form
+ OAGeneralConfigValidation validatior_general = new OAGeneralConfigValidation();
+ OAPVP2ConfigValidation validatior_pvp2 = new OAPVP2ConfigValidation();
+ OASAML1ConfigValidation validatior_saml1 = new OASAML1ConfigValidation();
+ OASSOConfigValidation validatior_sso = new OASSOConfigValidation();
+ OASTORKConfigValidation validator_stork = new OASTORKConfigValidation();
+
+ errors.addAll(validatior_general.validate(generalOA, authUser.isAdmin()));
+ errors.addAll(validatior_pvp2.validate(pvp2OA));
+ errors.addAll(validatior_saml1.validate(saml1OA, generalOA));
+ errors.addAll(validatior_sso.validate(ssoOA, authUser.isAdmin()));
+ errors.addAll(validator_stork.validate(storkOA));
+
+ if (errors.size() > 0) {
+ log.info("OAConfiguration with ID " + generalOA.getIdentifier() + " has some errors.");
+ for (String el : errors)
+ addActionError(el);
+
+ return Constants.STRUTS_ERROR_VALIDATION;
+
+ } else {
+
+ String error = saveOAConfigToDatabase(onlineapplication);
+ if (MiscUtil.isNotEmpty(error)) {
+ log.warn("OA configuration can not be stored!");
+ addActionError(error);
+ return Constants.STRUTS_ERROR_VALIDATION;
+ }
+ }
+
+
+
+ request.getSession().setAttribute(Constants.SESSION_OAID, null);
+ addActionMessage(LanguageHelper.getGUIString("webpages.oaconfig.success", generalOA.getIdentifier(), request));
+
+ ConfigurationDBUtils.closeSession();
+
+ return Constants.STRUTS_SUCCESS;
+ }
+
+ public String cancleAndBackOA() {
+
+ request.getSession().setAttribute(Constants.SESSION_OAID, null);
+
+ addActionMessage(LanguageHelper.getGUIString("webpages.oaconfig.cancle", generalOA.getIdentifier(), request));
+
+ ConfigurationDBUtils.closeSession();
+
+ return Constants.STRUTS_SUCCESS;
+ }
+
+ public String deleteOA() {
+
+ String oaidentifier = generalOA.getIdentifier();
+ if (MiscUtil.isEmpty(oaidentifier)) {
+ log.info("Empty OA identifier");
+ addActionError(LanguageHelper.getErrorString("validation.general.oaidentifier.empty"));
+ return Constants.STRUTS_ERROR_VALIDATION;
+
+ } else {
+ if (ValidationHelper.isValidOAIdentifier(oaidentifier)) {
+ log.warn("IdentificationNumber contains potentail XSS characters: " + oaidentifier);
+ addActionError(LanguageHelper.getErrorString("validation.general.oaidentifier.valid",
+ new Object[] {ValidationHelper.getNotValidOAIdentifierCharacters()} ));
+ return Constants.STRUTS_ERROR_VALIDATION;
+ }
+ }
+
+ OnlineApplication onlineapplication = ConfigurationDBRead.getOnlineApplication(oaidentifier);
+
+ request.getSession().setAttribute(Constants.SESSION_OAID, null);
+ if (ConfigurationDBUtils.delete(onlineapplication)) {
+
+ if (!authUser.isAdmin()) {
+ UserDatabase user = ConfigurationDBRead.getUserWithID(authUser.getUserID());
+ List<OnlineApplication> useroas = user.getRegistratedOAs();
+
+ for (OnlineApplication oa : useroas) {
+ if (oa.getHjid().equals(onlineapplication.getHjid())) {
+ useroas.remove(oa);
+ }
+ }
+
+ try {
+ ConfigurationDBUtils.saveOrUpdate(user);
+
+ } catch (MOADatabaseException e) {
+ log.warn("User information can not be updated in database", e);
+ addActionError(LanguageHelper.getGUIString("error.db.oa.store", request));
+ return Constants.STRUTS_ERROR;
+ }
+ }
+
+ ConfigurationDBUtils.closeSession();
+
+ addActionMessage(LanguageHelper.getGUIString("webpages.oaconfig.delete.message", generalOA.getIdentifier(), request));
+
+ return Constants.STRUTS_SUCCESS;
+
+ } else {
+ ConfigurationDBUtils.closeSession();
+ addActionError(LanguageHelper.getGUIString("webpages.oaconfig.delete.error", generalOA.getIdentifier(), request));
+ return Constants.STRUTS_SUCCESS;
+ }
+
+
+
+ }
+
+ private String saveOAConfigToDatabase(OnlineApplication dboa) {
+
+ boolean newentry = false;
+
+ if (dboa == null) {
+ dboa = new OnlineApplication();
+ newentry = true;
+ dboa.setIsActive(false);
+ }
+
+ AuthComponentOA authoa = dboa.getAuthComponentOA();
+ if (authoa == null) {
+ authoa = new AuthComponentOA();
+ dboa.setAuthComponentOA(authoa);
+ }
+
+ if (authUser.isAdmin())
+ dboa.setIsActive(generalOA.isActive());
+
+ dboa.setFriendlyName(generalOA.getFriendlyName());
+ dboa.setCalculateHPI(generalOA.isCalculateHPI());
+ dboa.setKeyBoxIdentifier(MOAKeyBoxSelector.fromValue(generalOA.getKeyBoxIdentifier()));
+ dboa.setPublicURLPrefix(generalOA.getIdentifier());
+
+ if (generalOA.isBusinessService()) {
+ dboa.setType(Constants.MOA_CONFIG_BUSINESSSERVICE);
+
+ IdentificationNumber idnumber = new IdentificationNumber();
+ idnumber.setValue(generalOA.getIdentificationNumber());
+ authoa.setIdentificationNumber(idnumber);
+
+ }
+ else {
+ dboa.setType(null);
+ dboa.setTarget(generalOA.getTarget());
+ dboa.setTargetFriendlyName(generalOA.getTargetFriendlyName());
+
+ }
+
+ BKUURLS bkuruls = new BKUURLS();
+ authoa.setBKUURLS(bkuruls);
+ bkuruls.setHandyBKU(generalOA.getBkuHandyURL());
+ bkuruls.setLocalBKU(generalOA.getBkuLocalURL());
+ bkuruls.setOnlineBKU(generalOA.getBkuOnlineURL());
+
+ Mandates mandates = new Mandates();
+ mandates.setProfiles(generalOA.getMandateProfiles());
+ authoa.setMandates(mandates);
+
+ authoa.setSlVersion(generalOA.getSlVersion());
+ authoa.setUseIFrame(generalOA.isUseIFrame());
+ authoa.setUseUTC(generalOA.isUseUTC());
+
+ TemplatesType templates = authoa.getTemplates();
+ if (templates == null) {
+ templates = new TemplatesType();
+ authoa.setTemplates(templates);
+ }
+ templates.setAditionalAuthBlockText(generalOA.getAditionalAuthBlockText());
+
+ TemplateType template = templates.getTemplate();
+ if (template == null) {
+ //TODO: if OA specific templateURL is required
+
+ }
+
+ //set default transformation if it is empty
+ List<TransformsInfoType> transformsInfo = authoa.getTransformsInfo();
+ if (transformsInfo == null) {
+ //TODO: set OA specific transformation if it is required
+
+ }
+
+ OAPVP2 pvp2 = authoa.getOAPVP2();
+ if (pvp2 == null) {
+ pvp2 = new OAPVP2();
+ authoa.setOAPVP2(pvp2);
+ }
+
+ pvp2.setMetadataURL(pvp2OA.getMetaDataURL());
+ try {
+
+ if (pvp2OA.getFileUpload() != null)
+ pvp2.setCertificate(pvp2OA.getCertificate());
+
+ } catch (CertificateException e) {
+ log.info("Uploaded Certificate can not be found", e);
+ return LanguageHelper.getErrorString("validation.pvp2.certificate.notfound");
+ } catch (IOException e) {
+ log.info("Uploaded Certificate can not be parsed", e);
+ return LanguageHelper.getErrorString("validation.pvp2.certificate.format");
+ }
+
+ OASAML1 saml1 = authoa.getOASAML1();
+ if (saml1 == null) {
+ saml1 = new OASAML1();
+ authoa.setOASAML1(saml1);
+ }
+ saml1.setProvideAUTHBlock(saml1OA.isProvideAuthBlock());
+ saml1.setProvideCertificate(saml1OA.isProvideCertificate());
+ saml1.setProvideFullMandatorData(saml1OA.isProvideFullMandateData());
+ saml1.setProvideIdentityLink(saml1OA.isProvideIdentityLink());
+ saml1.setProvideStammzahl(saml1OA.isProvideStammZahl());
+ saml1.setUseCondition(saml1OA.isUseCondition());
+ saml1.setConditionLength(BigInteger.valueOf(saml1OA.getConditionLength()));
+ //TODO: set sourceID
+ //saml1.setSourceID("");
+
+ OASSO sso = authoa.getOASSO();
+ if (sso == null) {
+ sso = new OASSO();
+ authoa.setOASSO(sso);
+ sso.setAuthDataFrame(true);
+ }
+ sso.setUseSSO(ssoOA.isUseSSO());
+
+ if (authUser.isAdmin())
+ sso.setAuthDataFrame(ssoOA.isShowAuthDataFrame());
+
+ sso.setSingleLogOutURL(ssoOA.getSingleLogOutURL());
+
+
+ STORK stork = authoa.getSTORK();
+ if (stork == null) {
+ //TODO: make stork configurable
+
+ }
+
+ try {
+ if (newentry) {
+ ConfigurationDBUtils.save(dboa);
+
+ if (!authUser.isAdmin()) {
+ UserDatabase user = ConfigurationDBRead.getUserWithID(authUser.getUserID());
+ List<OnlineApplication> useroas = user.getRegistratedOAs();
+ if (useroas == null)
+ useroas = new ArrayList<OnlineApplication>();
+
+ useroas.add(dboa);
+ ConfigurationDBUtils.save(user);
+ }
+ }
+
+ else
+ ConfigurationDBUtils.saveOrUpdate(dboa);
+
+ } catch (MOADatabaseException e) {
+ log.warn("Online-Application can not be stored.", e);
+ return LanguageHelper.getErrorString("error.db.oa.store");
+ }
+
+ return null;
+ }
+
+ public String setGeneralOAConfig() {
+
+ return Constants.STRUTS_SUCCESS;
+ }
+
+ public String setSAML1OAConfig() {
+
+ return Constants.STRUTS_SUCCESS;
+ }
+
+ public String setPVP2OAConfig() {
+
+ return Constants.STRUTS_SUCCESS;
+ }
+
+ public String setSSOOAConfig() {
+
+ return Constants.STRUTS_SUCCESS;
+ }
+
+ public String setSTORKOAConfig() {
+
+ return Constants.STRUTS_SUCCESS;
+ }
+
+
+ //Getter and Setter
+ public void setServletResponse(HttpServletResponse arg0) {
+ this.response = arg0;
+
+ }
+
+ public void setServletRequest(HttpServletRequest arg0) {
+ this.request = arg0;
+
+ }
+
+ public HttpServletRequest getRequest() {
+ return request;
+ }
+
+ public void setRequest(HttpServletRequest request) {
+ this.request = request;
+ }
+
+ public HttpServletResponse getResponse() {
+ return response;
+ }
+
+ public void setResponse(HttpServletResponse response) {
+ this.response = response;
+ }
+
+ public OAGeneralConfig getGeneralOA() {
+ return generalOA;
+ }
+
+ public void setGeneralOA(OAGeneralConfig generalOA) {
+ this.generalOA = generalOA;
+ }
+
+ public OAPVP2Config getPvp2OA() {
+ return pvp2OA;
+ }
+
+ public void setPvp2OA(OAPVP2Config pvp2oa) {
+ pvp2OA = pvp2oa;
+ }
+
+ public OASAML1Config getSaml1OA() {
+ return saml1OA;
+ }
+
+ public void setSaml1OA(OASAML1Config saml1oa) {
+ saml1OA = saml1oa;
+ }
+
+ public OASSOConfig getSsoOA() {
+ return ssoOA;
+ }
+
+ public void setSsoOA(OASSOConfig ssoOA) {
+ this.ssoOA = ssoOA;
+ }
+
+ public OASTORKConfig getStorkOA() {
+ return storkOA;
+ }
+
+ public void setStorkOA(OASTORKConfig storkOA) {
+ this.storkOA = storkOA;
+ }
+
+ /**
+ * @param oaidobj the oaidobj to set
+ */
+ public void setOaidobj(String oaidobj) {
+ this.oaidobj = oaidobj;
+ }
+
+ /**
+ * @return the authUser
+ */
+ public AuthenticatedUser getAuthUser() {
+ return authUser;
+ }
+
+ /**
+ * @return the newOA
+ */
+ public boolean isNewOA() {
+ return newOA;
+ }
+
+ /**
+ * @param newOA the newOA to set
+ */
+ public void setNewOA(boolean newOA) {
+ this.newOA = newOA;
+ }
+
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java
index cc613ef7b..9e6e04644 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java
@@ -6,6 +6,7 @@ import java.util.List;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import org.apache.log4j.Logger;
import org.apache.struts2.interceptor.ServletRequestAware;
import org.apache.struts2.interceptor.ServletResponseAware;
@@ -21,10 +22,14 @@ import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider;
import at.gv.egovernment.moa.id.configuration.data.OAListElement;
import at.gv.egovernment.moa.id.configuration.exception.ConfigurationException;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
+import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper;
+import at.gv.egovernment.moa.util.MiscUtil;
public class ListOAsAction extends ActionSupport implements ServletRequestAware,
ServletResponseAware {
+ private final Logger log = Logger.getLogger(ListOAsAction.class);
+
private static final long serialVersionUID = 1L;
private HttpServletRequest request;
@@ -33,10 +38,8 @@ public class ListOAsAction extends ActionSupport implements ServletRequestAware,
private ConfigurationProvider configuration;
private List<OAListElement> formOAs;
-
-
private AuthenticatedUser authUser;
-
+ private String friendlyname;
public ListOAsAction() throws ConfigurationException {
configuration = ConfigurationProvider.getInstance();
@@ -59,32 +62,90 @@ public class ListOAsAction extends ActionSupport implements ServletRequestAware,
UserDatabase authUserDB = ConfigurationDBRead.getUserWithID(authUser.getUserID());
dbOAs = authUserDB.getRegistratedOAs();
}
+
+ addFormOAs(dbOAs);
+
+ return Constants.STRUTS_SUCCESS;
+ }
- formOAs = new ArrayList<OAListElement>();
- if (dbOAs == null) {
- addActionError(LanguageHelper.getErrorString("errors.listOAs.noOA", request));
+ return Constants.STRUTS_ERROR;
+ }
+
+ public String searchOAInit() {
+
+ Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+
+ if (authUserObj != null && authUserObj instanceof AuthenticatedUser) {
+ authUser = (AuthenticatedUser) authUserObj;
+
+ formOAs = null;
+ friendlyname = "";
+
+ return Constants.STRUTS_SUCCESS;
+
+ } else {
+ return Constants.STRUTS_REAUTHENTICATE;
+ }
+ }
+
+ public String searchOA() {
+
+ Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+
+ if (authUserObj != null && authUserObj instanceof AuthenticatedUser) {
+ authUser = (AuthenticatedUser) authUserObj;
+
+ if (MiscUtil.isEmpty(friendlyname)) {
+ log.info("SearchOA textfield is empty");
+ addActionError(LanguageHelper.getErrorString("validation.general.oafriendlyname.empty", request));
return Constants.STRUTS_SUCCESS;
} else {
- for (OnlineApplication dboa : dbOAs) {
- OAListElement listoa = new OAListElement();
- listoa.setActive(dboa.isIsActive());
- listoa.setDataBaseID(dboa.getHjid());
- listoa.setOaFriendlyName(dboa.getFriendlyName());
- listoa.setOaIdentifier(dboa.getPublicURLPrefix());
- listoa.setOaType(dboa.getType());
- formOAs.add(listoa);
- }
+ if (ValidationHelper.containsPotentialCSSCharacter(friendlyname, false)) {
+ log.warn("SearchOA textfield contains potential XSS characters");
+ addActionError(LanguageHelper.getErrorString("validation.general.oafriendlyname",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request));
+ return Constants.STRUTS_SUCCESS;
+ }
}
- return Constants.STRUTS_SUCCESS;
+ List<OnlineApplication> dbOAs = null;
- }
+ if (authUser.isAdmin()) {
+ dbOAs = ConfigurationDBRead.searchOnlineApplications(friendlyname);
+
+ } else {
+ dbOAs = ConfigurationDBRead.searchOnlineApplicationsFromUser(authUser.getUserID(), friendlyname);
+
+ }
- return Constants.STRUTS_ERROR;
+ addFormOAs(dbOAs);
+
+ return Constants.STRUTS_SUCCESS;
+ }
+
+ return Constants.STRUTS_REAUTHENTICATE;
}
+ private void addFormOAs(List<OnlineApplication> dbOAs) {
+
+ formOAs = new ArrayList<OAListElement>();
+ if (dbOAs == null) {
+ addActionError(LanguageHelper.getErrorString("errors.listOAs.noOA", request));
+
+ } else {
+ for (OnlineApplication dboa : dbOAs) {
+ OAListElement listoa = new OAListElement();
+ listoa.setActive(dboa.isIsActive());
+ listoa.setDataBaseID(dboa.getHjid());
+ listoa.setOaFriendlyName(dboa.getFriendlyName());
+ listoa.setOaIdentifier(dboa.getPublicURLPrefix());
+ listoa.setOaType(dboa.getType());
+ formOAs.add(listoa);
+ }
+ }
+ }
public void setServletResponse(HttpServletResponse arg0) {
this.response = arg0;
@@ -107,6 +168,24 @@ public class ListOAsAction extends ActionSupport implements ServletRequestAware,
*/
public List<OAListElement> getFormOAs() {
return formOAs;
+ }
+
+
+ /**
+ * @return the friendlyname
+ */
+ public String getFriendlyname() {
+ return friendlyname;
+ }
+
+
+ /**
+ * @param friendlyname the friendlyname to set
+ */
+ public void setFriendlyname(String friendlyname) {
+ this.friendlyname = friendlyname;
}
+
+
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/CompanyNumberValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/CompanyNumberValidator.java
new file mode 100644
index 000000000..820aa7c57
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/CompanyNumberValidator.java
@@ -0,0 +1,56 @@
+package at.gv.egovernment.moa.id.configuration.validation;
+
+import org.apache.commons.lang.StringUtils;
+
+public class CompanyNumberValidator implements IdentificationNumberValidator {
+
+ public boolean validate(String commercialRegisterNumber) {
+
+ String normalizedNumber = commercialRegisterNumber.replaceAll(" ", "");
+ if(normalizedNumber.startsWith("FN")) {
+ normalizedNumber = normalizedNumber.substring(2);
+ return checkCommercialRegisterNumber(normalizedNumber);
+
+ } else
+ return true;
+ }
+
+ private boolean checkCommercialRegisterNumber(String commercialRegisterNumber) {
+ if (commercialRegisterNumber == null) {
+ return false;
+ }
+ commercialRegisterNumber = StringUtils.leftPad(commercialRegisterNumber, 7,
+ '0');
+ if (!commercialRegisterNumber.matches("\\d{6}[abdfghikmpstvwxzy]")) {
+ return false;
+ }
+ String digits = commercialRegisterNumber.substring(0,
+ commercialRegisterNumber.length() - 1);
+ char checkDigit = commercialRegisterNumber.charAt(commercialRegisterNumber
+ .length() - 1);
+ boolean result = calcCheckDigitFromCommercialRegisterNumber(digits) == checkDigit;
+ return result;
+ }
+
+ public static char calcCheckDigitFromCommercialRegisterNumber(
+ String commercialRegisterDigits) {
+ final int[] WEIGHT = { 6, 4, 14, 15, 10, 1 };
+ final char[] CHECKDIGIT = { 'a', 'b', 'd', 'f', 'g', 'h', 'i', 'k', 'm',
+ 'p', 's', 't', 'v', 'w', 'x', 'y', 'z' };
+ if (commercialRegisterDigits == null) {
+ throw new NullPointerException("Commercial register number missing.");
+ }
+ commercialRegisterDigits = StringUtils.leftPad(commercialRegisterDigits, 6,
+ '0');
+ if (!commercialRegisterDigits.matches("\\d{6}")) {
+ throw new IllegalArgumentException(
+ "Invalid commercial register number provided.");
+ }
+ int sum = 0;
+ for (int i = 0; i < commercialRegisterDigits.length(); i++) {
+ int value = commercialRegisterDigits.charAt(i) - '0';
+ sum += WEIGHT[i] * value;
+ }
+ return CHECKDIGIT[sum % 17];
+ }
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/IdentificationNumberValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/IdentificationNumberValidator.java
new file mode 100644
index 000000000..19a5bb805
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/IdentificationNumberValidator.java
@@ -0,0 +1,7 @@
+package at.gv.egovernment.moa.id.configuration.validation;
+
+public interface IdentificationNumberValidator {
+
+ boolean validate(String idNumber);
+
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/ValidationHelper.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/ValidationHelper.java
new file mode 100644
index 000000000..f0d25253d
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/ValidationHelper.java
@@ -0,0 +1,165 @@
+package at.gv.egovernment.moa.id.configuration.validation;
+
+import java.net.MalformedURLException;
+import java.net.URL;
+import java.text.ParseException;
+import java.text.SimpleDateFormat;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
+
+import org.apache.log4j.Logger;
+
+public class ValidationHelper {
+
+ private static final Logger log = Logger.getLogger(ValidationHelper.class);
+
+ public static boolean validateOAID(String oaIDObj) {
+ if (oaIDObj != null) {
+ try {
+
+ long oaID = Long.valueOf(oaIDObj);
+
+ if (oaID > 0 && oaID < Long.MAX_VALUE)
+ return true;
+
+ } catch (Throwable t) {
+ log.warn("No valid DataBase OAID received! " + oaIDObj);
+ }
+ }
+ return false;
+ }
+
+ public static boolean validateNumber(String value) {
+
+ log.debug("Validate Number " + value);
+
+ try {
+ float num = Float.valueOf(value);
+
+ return true;
+
+ } catch (NumberFormatException e) {
+ return false;
+ }
+
+
+ }
+
+
+ public static boolean validateURL(String urlString) {
+
+ log.debug("Validate URL " + urlString);
+
+ if (urlString.startsWith("http") || urlString.startsWith("https")) {
+ try {
+ URL url =new URL(urlString);
+ return true;
+
+ } catch (MalformedURLException e) {
+ }
+ }
+
+ return false;
+ }
+
+ public static boolean isValidTarget(String target) {
+
+ log.debug("Ueberpruefe Parameter Target");
+
+ Pattern pattern = Pattern.compile("[a-zA-Z-]{1,5}");
+ Matcher matcher = pattern.matcher(target);
+ boolean b = matcher.matches();
+ if (b) {
+ log.debug("Parameter Target erfolgreich ueberprueft");
+ return true;
+ }
+ else {
+ log.error("Fehler Ueberpruefung Parameter Target. Target entspricht nicht den Kriterien (nur Zeichen a-z, A-Z und -, sowie 1-5 Zeichen lang)");
+ return false;
+ }
+
+ }
+
+ public static boolean isValidSourceID(String sourceID) {
+
+ log.debug("Ueberpruefe Parameter sourceID");
+
+ Pattern pattern = Pattern.compile("[\\w-_]{1,20}");
+ Matcher matcher = pattern.matcher(sourceID);
+ boolean b = matcher.matches();
+ if (b) {
+ log.debug("Parameter sourceID erfolgreich ueberprueft");
+ return true;
+ }
+ else {
+ log.error("Fehler Ueberpruefung Parameter sourceID. SourceID entspricht nicht den Kriterien (nur Zeichen a-z, A-Z, - und _, sowie 1-20 Zeichen lang)");
+ return false;
+ }
+ }
+
+ public static boolean isDateFormat(String dateString) {
+ SimpleDateFormat sdf = new SimpleDateFormat("dd.MM.yyyy");
+ try {
+ sdf.parse(dateString);
+ return true;
+
+ } catch (ParseException e) {
+ return false;
+ }
+ }
+
+ public static boolean isEmailAddressFormat(String address) {
+ if (address == null) {
+ return false;
+ }
+ return Pattern.compile("^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,6}$").matcher(address).matches();
+ }
+
+ public static boolean isValidOAIdentifier(String param) {
+ if (param == null) {
+ return false;
+ }
+ return param.indexOf(";") != -1 ||
+ param.indexOf("%") != -1 ||
+ param.indexOf("\"") != -1 ||
+ param.indexOf("'") != -1 ||
+ param.indexOf("�") != -1 ||
+ param.indexOf("`") != -1 ||
+ param.indexOf(",") != -1 ||
+ param.indexOf("<") != -1 ||
+ param.indexOf(">") != -1 ||
+ param.indexOf("\\") != -1;
+
+ }
+
+ public static String getNotValidOAIdentifierCharacters() {
+
+ return "; % \" ' ` , < > \\";
+ }
+
+ public static boolean containsPotentialCSSCharacter(String param, boolean commaallowed) {
+
+ if (param == null) {
+ return false;
+ }
+ return param.indexOf(";") != -1 ||
+ param.indexOf("%") != -1 ||
+ param.indexOf("\"") != -1 ||
+ param.indexOf("'") != -1 ||
+ param.indexOf("�") != -1 ||
+ param.indexOf("`") != -1 ||
+ ( param.indexOf(",") != -1 && !commaallowed ) ||
+ param.indexOf("<") != -1 ||
+ param.indexOf(">") != -1 ||
+ param.indexOf("\\") != -1 ||
+ param.indexOf("/") != -1;
+ }
+
+ public static String getPotentialCSSCharacter(boolean commaallowed) {
+
+ if (commaallowed)
+ return "; % \" ' ` < > \\ /";
+ else
+ return "; % \" ' ` , < > \\ /";
+ }
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAGeneralConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAGeneralConfigValidation.java
new file mode 100644
index 000000000..06b50ac3c
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAGeneralConfigValidation.java
@@ -0,0 +1,180 @@
+package at.gv.egovernment.moa.id.configuration.validation.oa;
+
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Map;
+
+import org.apache.log4j.Logger;
+
+import at.gv.egovernment.moa.id.commons.db.dao.config.MOAKeyBoxSelector;
+import at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig;
+import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
+import at.gv.egovernment.moa.id.configuration.validation.CompanyNumberValidator;
+import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+public class OAGeneralConfigValidation {
+
+ private static final Logger log = Logger.getLogger(OASSOConfigValidation.class);
+
+ public List<String> validate(OAGeneralConfig form, boolean isAdmin) {
+
+ List<String> errors = new ArrayList<String>();
+
+ //validate aditionalAuthBlockText
+ String check = form.getAditionalAuthBlockText();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ log.warn("AditionalAuthBlockText contains potentail XSS characters: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.aditionalauthblocktext",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+ }
+ }
+
+ //Check BKU URLs
+ check =form.getBkuHandyURL();
+ if (MiscUtil.isEmpty(check)) {
+ log.info("Empty Handy-BKU URL");
+ errors.add(LanguageHelper.getErrorString("validation.general.bku.handy.empty"));
+
+ } else {
+ if (!ValidationHelper.validateURL(check)) {
+ log.info("Not valid Handy-BKU URL");
+ errors.add(LanguageHelper.getErrorString("validation.general.bku.handy.valid"));
+ }
+ }
+
+ check =form.getBkuLocalURL();
+ if (MiscUtil.isEmpty(check)) {
+ log.info("Empty Local-BKU URL");
+ errors.add(LanguageHelper.getErrorString("validation.general.bku.local.empty"));
+
+ } else {
+ if (!ValidationHelper.validateURL(check)) {
+ log.info("Not valid Online-BKU URL");
+ errors.add(LanguageHelper.getErrorString("validation.general.bku.local.valid"));
+ }
+ }
+
+ check =form.getBkuOnlineURL();
+ if (MiscUtil.isEmpty(check)) {
+ log.info("Empty Online-BKU URL");
+ errors.add(LanguageHelper.getErrorString("validation.general.bku.online.empty"));
+
+ } else {
+ if (!ValidationHelper.validateURL(check)) {
+ log.info("Not valid Online-BKU URL");
+ errors.add(LanguageHelper.getErrorString("validation.general.bku.online.valid"));
+ }
+ }
+
+ //check OA FriendlyName
+ check = form.getFriendlyName();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ log.warn("OAFriendlyName contains potentail XSS characters: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.oafriendlyname",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+ }
+ }
+
+ //check KeyBoxIdentifier
+ check = form.getKeyBoxIdentifier();
+ if (MiscUtil.isEmpty(check)) {
+ log.info("Empty KeyBoxIdentifier");
+ errors.add(LanguageHelper.getErrorString("validation.general.keyboxidentifier.empty"));
+ } else {
+ Map<String, String> list = form.getKeyBoxIdentifierList();
+ if (!list.containsKey(check)) {
+ log.info("Not valid KeyBoxIdentifier " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.keyboxidentifier.valid"));
+ }
+ }
+
+ //check Mandate Profiles
+ check = form.getMandateProfiles();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, true)) {
+ log.warn("MandateProfiles contains potentail XSS characters: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.mandate.profiles",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(true)} ));
+ }
+ }
+
+ //check SL Version
+ check = form.getSlVersion();
+ if (MiscUtil.isEmpty(check)) {
+ log.info("Empty SLVersion. Set SLVersion to 1.2");
+ form.setSlVersion("1.2");
+
+ } else {
+ if (!ValidationHelper.validateNumber(check)) {
+ log.info("Not valid SLVersion");
+ errors.add(LanguageHelper.getErrorString("validation.general.slversion"));
+ }
+ }
+
+ boolean businessservice = form.isBusinessService();
+
+ if (businessservice) {
+ //check identification number
+ check = form.getIdentificationNumber();
+ if (MiscUtil.isEmpty(check)) {
+ log.info("Empty IdentificationNumber");
+ errors.add(LanguageHelper.getErrorString("validation.general.identificationnumber.empty"));
+
+ } else {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ log.warn("IdentificationNumber contains potentail XSS characters: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.identificationnumber.valid",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+ }
+
+ if (check.startsWith("FN")) {
+ CompanyNumberValidator val = new CompanyNumberValidator();
+ if (val.validate(check)) {
+ log.info("Not valid CompanyNumber");
+ errors.add(LanguageHelper.getErrorString("validation.general.identificationnumber.fn.valid"));
+ }
+ }
+ }
+
+ try {
+ float slversion = Float.valueOf(form.getSlVersion());
+ if (slversion < 1.2) {
+ log.info("BusinessService Applications requires SLVersion >= 1.2");
+ errors.add(LanguageHelper.getErrorString("validation.general.slversion.business"));
+ form.setSlVersion("1.2");
+ }
+
+ } catch (NumberFormatException e) {
+ }
+
+ } else {
+ //check targetFrindlyName();
+ check = form.getTargetFriendlyName();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ log.warn("TargetFriendlyName contains potentail XSS characters: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.targetfriendlyname",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+ }
+ }
+
+ //check Target
+ check = form.getTarget();
+ if (MiscUtil.isEmpty(check)) {
+ log.info("Empty Target");
+ errors.add(LanguageHelper.getErrorString("validation.general.target.empty"));
+
+ } else {
+ if (!ValidationHelper.isValidTarget(check)) {
+ log.info("Not valid Target");
+ errors.add(LanguageHelper.getErrorString("validation.general.target.valid"));
+ }
+ }
+ }
+
+ return errors;
+ }
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java
new file mode 100644
index 000000000..4a1ef9261
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java
@@ -0,0 +1,44 @@
+package at.gv.egovernment.moa.id.configuration.validation.oa;
+
+import java.io.IOException;
+import java.security.cert.CertificateException;
+import java.util.ArrayList;
+import java.util.List;
+
+import org.apache.log4j.Logger;
+
+import at.gv.egovernment.moa.id.configuration.data.oa.OAPVP2Config;
+import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
+import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+public class OAPVP2ConfigValidation {
+
+ private static final Logger log = Logger.getLogger(OAPVP2ConfigValidation.class);
+
+ public List<String> validate(OAPVP2Config form) {
+
+ List<String> errors = new ArrayList<String>();
+
+ String url = form.getMetaDataURL();
+ if (MiscUtil.isNotEmpty(url) && !ValidationHelper.validateURL(url)) {
+ log.info("MetaDataURL has no valid form.");
+ errors.add(LanguageHelper.getErrorString("validation.pvp2.metadataurl.valid"));
+ }
+
+ try {
+ if (form.getFileUpload() != null)
+ form.getCertificate();
+
+ } catch (CertificateException e) {
+ log.info("Uploaded Certificate can not be found", e);
+ errors.add(LanguageHelper.getErrorString("validation.pvp2.certificate.notfound"));
+
+ } catch (IOException e) {
+ log.info("Uploaded Certificate can not be parsed", e);
+ errors.add(LanguageHelper.getErrorString("validation.pvp2.certificate.format"));
+ }
+
+ return errors;
+ }
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASAML1ConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASAML1ConfigValidation.java
new file mode 100644
index 000000000..147ea45e9
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASAML1ConfigValidation.java
@@ -0,0 +1,27 @@
+package at.gv.egovernment.moa.id.configuration.validation.oa;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import org.apache.log4j.Logger;
+
+import at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig;
+import at.gv.egovernment.moa.id.configuration.data.oa.OASAML1Config;
+import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
+
+public class OASAML1ConfigValidation {
+
+ private static final Logger log = Logger.getLogger(OASAML1ConfigValidation.class);
+
+ public List<String> validate(OASAML1Config form, OAGeneralConfig general) {
+
+ List<String> errors = new ArrayList<String>();
+
+ if (general.isBusinessService() && form.isProvideStammZahl()) {
+ log.info("ProvideStammZahl can not be used with BusinessService applications");
+ errors.add(LanguageHelper.getErrorString("validation.saml1.providestammzahl"));
+ }
+
+ return errors;
+ }
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASSOConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASSOConfigValidation.java
new file mode 100644
index 000000000..22e2406f2
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASSOConfigValidation.java
@@ -0,0 +1,35 @@
+package at.gv.egovernment.moa.id.configuration.validation.oa;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import org.apache.log4j.Logger;
+
+import at.gv.egovernment.moa.id.configuration.data.oa.OASSOConfig;
+import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
+import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+public class OASSOConfigValidation {
+
+ private static final Logger log = Logger.getLogger(OASSOConfigValidation.class);
+
+ public List<String> validate(OASSOConfig form, boolean isAdmin) {
+
+ List<String> errors = new ArrayList<String>();
+
+ String urlString = form.getSingleLogOutURL();
+ if (MiscUtil.isEmpty(urlString)) {
+ log.info("No Single Log-Out URL");
+ //TODO: set error if it is implemented
+ //errors.add(LanguageHelper.getErrorString("validation.sso.logouturl.empty"));
+ } else {
+ if (!ValidationHelper.validateURL(urlString) && form.isUseSSO()) {
+ log.info("Single Log-Out url validation error");
+ errors.add(LanguageHelper.getErrorString("validation.sso.logouturl.valid"));
+ }
+ }
+
+ return errors;
+ }
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java
new file mode 100644
index 000000000..76183caad
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java
@@ -0,0 +1,16 @@
+package at.gv.egovernment.moa.id.configuration.validation.oa;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import at.gv.egovernment.moa.id.configuration.data.oa.OASTORKConfig;
+
+public class OASTORKConfigValidation {
+ public List<String> validate(OASTORKConfig oageneral) {
+
+ List<String> errors = new ArrayList<String>();
+
+
+ return errors;
+ }
+}