aboutsummaryrefslogtreecommitdiff
path: root/id/ConfigWebTool/src/main/java
diff options
context:
space:
mode:
Diffstat (limited to 'id/ConfigWebTool/src/main/java')
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java56
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/AuthenticatedUser.java86
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/AttributeListBuilder.java72
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/Authenticate.java258
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/BuildMetadata.java328
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/MetaDataVerificationFilter.java82
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java406
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/FormularCustomization.java357
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java24
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java27
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/OAListElement.java22
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/StorkAttributes.java50
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/UserDatabaseFrom.java104
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java216
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAOAuth20Config.java109
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAPVP2Config.java24
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASAML1Config.java49
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASSOConfig.java22
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java22
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/pvp2/ContactForm.java22
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/exception/ConfigurationException.java26
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java39
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/AuthenticationHelper.java22
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/DateTimeHelper.java59
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/FormDataHelper.java75
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/LanguageHelper.java22
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/MailHelper.java275
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/StringHelper.java22
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java89
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java973
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java169
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java759
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java93
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/MainAction.java46
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/OpenAdminRequestsAction.java128
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java404
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/SAML2Utils.java99
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/UserRequestCleaner.java93
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/CompanyNumberValidator.java32
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/FormularCustomizationValitator.java154
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/IdentificationNumberValidator.java22
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/TargetValidator.java104
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/UserDatabaseFormValidator.java188
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/ValidationHelper.java167
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java24
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/PVP2ContactValidator.java23
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAGeneralConfigValidation.java304
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAOAUTH20ConfigValidation.java55
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java76
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASAML1ConfigValidation.java22
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASSOConfigValidation.java22
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java22
52 files changed, 6333 insertions, 611 deletions
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java
index d088edf34..e309eaadd 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java
@@ -1,29 +1,81 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration;
public class Constants {
+ public static final String FILEPREFIX = "file:";
+
+ public static final String SERVLET_PVP2ASSERTION = "pvp2login.action";
+ public static final String SERVLET_ACCOUNTVERIFICATION = "mailAddressVerification.action";
+
public static final String STRUTS_SUCCESS = "success";
public static final String STRUTS_ERROR = "error";
public static final String STRUTS_ERROR_VALIDATION = "error_validation";
public static final String STRUTS_OA_EDIT = "editOA";
public static final String STRUTS_REAUTHENTICATE = "reauthentication";
public static final String STRUTS_NOTALLOWED = "notallowed";
+ public static final String STRUTS_NEWUSER = "newuser";
+ public static final String STRUTS_SSOLOGOUT = "ssologout";
public static final String SESSION_AUTH = "authsession";
public static final String SESSION_AUTH_ERROR = "authsessionerror";
public static final String SESSION_OAID = "oadbidentifier";
+ public static final String SESSION_FORMID = "formId";
+ public static final String SESSION_FORM = "form";
+ public static final String SESSION_PVP2REQUESTID = "pvp2requestid";
+ public static final String SESSION_RETURNAREA = "returnarea";
+ public static final String SESSION_BKUFORMPREVIEW = "bkuformpreview";
+ public static final String SESSION_OAUTH20SECRET = "oauth20secret";
+
+
+ public static enum STRUTS_RETURNAREA_VALUES {adminRequestsInit, main, usermanagementInit};
public static final String REQUEST_OAID = "oaid";
+ public static final String REQUEST_USERREQUESTTOKKEN = "tokken";
+
+ public static final String REQUEST_FORMCUSTOM_MODULE = "module";
+ public static final String REQUEST_FORMCUSTOM_VALUE = "value";
public static final String BKU_ONLINE = "bkuonline";
public static final String BKU_LOCAL = "bkulocal";
public static final String BKU_HANDY = "bkuhandy";
-
public static final String MOA_CONFIG_BUSINESSSERVICE = "businessService";
-
public static final String MOA_CONFIG_PROTOCOL_SAML1 = "id_saml1";
public static final String MOA_CONFIG_PROTOCOL_PVP2 = "id_pvp2x";
public static final String DEFAULT_LOCALBKU_URL = "https://127.0.0.1:3496/https-security-layer-request";
public static final String DEFAULT_HANDYBKU_URL = "https://www.handy-signatur.at/mobile/https-security-layer-request/default.aspx";
+
+ public static final String PUBLICSERVICE_URL_POSTFIX = ".gv.at";
+
+ public static final String IDENIFICATIONTYPE_FN = "FN";
+ public static final String IDENIFICATIONTYPE_ERSB = "ERSB";
+ public static final String IDENIFICATIONTYPE_ZVR = "ZVR";
+ public static final String IDENIFICATIONTYPE_BASEID = "urn:publicid:gv.at:baseid+";
+
+ public static final String IDENIFICATIONTYPE_BASEID_FN = IDENIFICATIONTYPE_BASEID + "X" + IDENIFICATIONTYPE_FN;
+ public static final String IDENIFICATIONTYPE_BASEID_ZVR = IDENIFICATIONTYPE_BASEID + "X" + IDENIFICATIONTYPE_ZVR;
+
+ public static final String PREFIX_WPBK = "urn:publicid:gv.at:wbpk+";
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/AuthenticatedUser.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/AuthenticatedUser.java
index 8f75a357c..b7da86db7 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/AuthenticatedUser.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/AuthenticatedUser.java
@@ -1,15 +1,42 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.auth;
import java.util.Date;
+import at.gv.egovernment.moa.id.configuration.helper.DateTimeHelper;
+
public class AuthenticatedUser {
private boolean isAuthenticated = false;
private boolean isAdmin = false;
+ private boolean isPVP2Login = false;
+ private boolean isMandateUser = false;
private long userID;
private String givenName;
private String familyName;
+ private String institute;
private String userName;
private Date lastLogin;
@@ -17,18 +44,26 @@ public class AuthenticatedUser {
}
- public AuthenticatedUser(long userID, String givenName, String familyName, String userName,
- boolean isAuthenticated, boolean isAdmin) {
+ public AuthenticatedUser(long userID, String givenName, String familyName, String institute,
+ String userName, boolean isAuthenticated, boolean isAdmin, boolean isMandateUser,
+ boolean isPVP2Login) {
this.familyName = familyName;
this.givenName = givenName;
this.userName = userName;
this.userID = userID;
+ this.institute = institute;
this.isAdmin = isAdmin;
this.isAuthenticated = isAuthenticated;
+ this.isMandateUser = isMandateUser;
+ this.isPVP2Login = isPVP2Login;
this.lastLogin = new Date();
}
+ public String getFormatedLastLogin() {
+ return DateTimeHelper.getDateTime(lastLogin);
+ }
+
/**
* @return the isAuthenticated
*/
@@ -105,7 +140,7 @@ public class AuthenticatedUser {
public Date getLastLogin() {
return lastLogin;
}
-
+
/**
* @param lastLogin the lastLogin to set
*/
@@ -126,8 +161,49 @@ public class AuthenticatedUser {
public void setUserName(String userName) {
this.userName = userName;
}
+
+ /**
+ * @return the institute
+ */
+ public String getInstitute() {
+ return institute;
+ }
+
+ /**
+ * @param institute the institute to set
+ */
+ public void setInstitute(String institute) {
+ this.institute = institute;
+ }
+
+ /**
+ * @return the isPVP2Login
+ */
+ public boolean isPVP2Login() {
+ return isPVP2Login;
+ }
+
+ /**
+ * @param isPVP2Login the isPVP2Login to set
+ */
+ public void setPVP2Login(boolean isPVP2Login) {
+ this.isPVP2Login = isPVP2Login;
+ }
+
+ /**
+ * @return the isMandateUser
+ */
+ public boolean isMandateUser() {
+ return isMandateUser;
+ }
+
+ /**
+ * @param isMandateUser the isMandateUser to set
+ */
+ public void setMandateUser(boolean isMandateUser) {
+ this.isMandateUser = isMandateUser;
+ }
-
-
+
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/AttributeListBuilder.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/AttributeListBuilder.java
new file mode 100644
index 000000000..f17ec82cb
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/AttributeListBuilder.java
@@ -0,0 +1,72 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
+package at.gv.egovernment.moa.id.configuration.auth.pvp2;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import org.opensaml.saml2.core.Attribute;
+import org.opensaml.saml2.metadata.RequestedAttribute;
+
+import at.gv.egovernment.moa.id.configuration.utils.SAML2Utils;
+import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
+
+public class AttributeListBuilder implements PVPConstants{
+
+ protected static RequestedAttribute buildReqAttribute(String name, String friendlyName, boolean required) {
+ RequestedAttribute attribute = SAML2Utils.createSAMLObject(RequestedAttribute.class);
+ attribute.setIsRequired(required);
+ attribute.setName(name);
+ attribute.setFriendlyName(friendlyName);
+ attribute.setNameFormat(Attribute.URI_REFERENCE);
+ return attribute;
+ }
+
+ public static List<RequestedAttribute> getRequestedAttributes() {
+ List<RequestedAttribute> requestedAttributes = new ArrayList<RequestedAttribute>();
+
+ requestedAttributes.add(buildReqAttribute(PVP_VERSION_NAME, PVP_VERSION_FRIENDLY_NAME, true));
+ requestedAttributes.add(buildReqAttribute(PRINCIPAL_NAME_NAME, PRINCIPAL_NAME_FRIENDLY_NAME, true));
+ requestedAttributes.add(buildReqAttribute(GIVEN_NAME_NAME, GIVEN_NAME_FRIENDLY_NAME, true));
+ requestedAttributes.add(buildReqAttribute(BIRTHDATE_NAME, BIRTHDATE_FRIENDLY_NAME, false));
+ requestedAttributes.add(buildReqAttribute(BPK_NAME, BPK_FRIENDLY_NAME, true));
+ requestedAttributes.add(buildReqAttribute(EID_CITIZEN_QAA_LEVEL_NAME, EID_CITIZEN_QAA_LEVEL_FRIENDLY_NAME, true));
+ requestedAttributes.add(buildReqAttribute(EID_ISSUING_NATION_NAME, EID_ISSUING_NATION_FRIENDLY_NAME, true));
+ requestedAttributes.add(buildReqAttribute(EID_SECTOR_FOR_IDENTIFIER_NAME, EID_SECTOR_FOR_IDENTIFIER_FRIENDLY_NAME, true));
+
+ requestedAttributes.add(buildReqAttribute(MANDATE_TYPE_NAME, MANDATE_TYPE_FRIENDLY_NAME, false));
+ requestedAttributes.add(buildReqAttribute(MANDATE_LEG_PER_FULL_NAME_NAME, MANDATE_LEG_PER_FULL_NAME_FRIENDLY_NAME, false));
+ requestedAttributes.add(buildReqAttribute(MANDATE_LEG_PER_SOURCE_PIN_NAME, MANDATE_LEG_PER_SOURCE_PIN_FRIENDLY_NAME, false));
+ requestedAttributes.add(buildReqAttribute(MANDATE_LEG_PER_SOURCE_PIN_TYPE_NAME, MANDATE_LEG_PER_SOURCE_PIN_TYPE_FRIENDLY_NAME, false));
+
+ requestedAttributes.add(buildReqAttribute(MANDATE_NAT_PER_BIRTHDATE_NAME, MANDATE_NAT_PER_BIRTHDATE_FRIENDLY_NAME, false));
+ requestedAttributes.add(buildReqAttribute(MANDATE_NAT_PER_BPK_NAME, MANDATE_NAT_PER_BPK_FRIENDLY_NAME, false));
+ requestedAttributes.add(buildReqAttribute(MANDATE_NAT_PER_FAMILY_NAME_NAME, MANDATE_NAT_PER_FAMILY_NAME_FRIENDLY_NAME, false));
+ requestedAttributes.add(buildReqAttribute(MANDATE_NAT_PER_GIVEN_NAME_NAME, MANDATE_NAT_PER_GIVEN_NAME_FRIENDLY_NAME, false));
+
+ requestedAttributes.add(buildReqAttribute(MANDATE_REFERENCE_VALUE_NAME, MANDATE_REFERENCE_VALUE_FRIENDLY_NAME, false));
+ requestedAttributes.add(buildReqAttribute(MANDATE_PROF_REP_OID_NAME, MANDATE_PROF_REP_OID_FRIENDLY_NAME, false));
+ requestedAttributes.add(buildReqAttribute(MANDATE_PROF_REP_DESC_NAME, MANDATE_PROF_REP_DESC_FRIENDLY_NAME, false));
+ return requestedAttributes;
+ }
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/Authenticate.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/Authenticate.java
new file mode 100644
index 000000000..5fa6f3531
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/Authenticate.java
@@ -0,0 +1,258 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
+package at.gv.egovernment.moa.id.configuration.auth.pvp2;
+
+import java.io.IOException;
+import java.security.KeyStore;
+import java.util.Map;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+import javax.xml.parsers.DocumentBuilder;
+import javax.xml.parsers.DocumentBuilderFactory;
+import javax.xml.parsers.ParserConfigurationException;
+import javax.xml.transform.TransformerException;
+
+import org.apache.velocity.app.VelocityEngine;
+import org.apache.velocity.runtime.RuntimeConstants;
+import org.joda.time.DateTime;
+import org.opensaml.Configuration;
+import org.opensaml.common.SAMLObject;
+import org.opensaml.common.binding.BasicSAMLMessageContext;
+import org.opensaml.common.impl.SecureRandomIdentifierGenerator;
+import org.opensaml.common.xml.SAMLConstants;
+import org.opensaml.saml2.binding.encoding.HTTPPostEncoder;
+import org.opensaml.saml2.core.AuthnContextClassRef;
+import org.opensaml.saml2.core.AuthnContextComparisonTypeEnumeration;
+import org.opensaml.saml2.core.AuthnRequest;
+import org.opensaml.saml2.core.Issuer;
+import org.opensaml.saml2.core.NameID;
+import org.opensaml.saml2.core.NameIDPolicy;
+import org.opensaml.saml2.core.NameIDType;
+import org.opensaml.saml2.core.RequestedAuthnContext;
+import org.opensaml.saml2.core.Subject;
+import org.opensaml.saml2.metadata.EntityDescriptor;
+import org.opensaml.saml2.metadata.SingleSignOnService;
+import org.opensaml.saml2.metadata.impl.SingleSignOnServiceBuilder;
+import org.opensaml.saml2.metadata.provider.HTTPMetadataProvider;
+import org.opensaml.ws.transport.http.HttpServletResponseAdapter;
+import org.opensaml.xml.XMLObject;
+import org.opensaml.xml.io.Marshaller;
+import org.opensaml.xml.io.MarshallingException;
+import org.opensaml.xml.security.x509.KeyStoreX509CredentialAdapter;
+import org.opensaml.xml.security.x509.X509Credential;
+import org.opensaml.xml.signature.Signature;
+import org.opensaml.xml.signature.SignatureConstants;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.w3c.dom.Document;
+
+import at.gv.egovernment.moa.id.configuration.Constants;
+import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider;
+import at.gv.egovernment.moa.id.configuration.exception.ConfigurationException;
+import at.gv.egovernment.moa.id.configuration.utils.SAML2Utils;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+
+/**
+ * Servlet implementation class Authenticate
+ */
+public class Authenticate extends HttpServlet {
+ private static final long serialVersionUID = 1L;
+
+ private static final Logger log = LoggerFactory
+ .getLogger(Authenticate.class);
+ /**
+ * @see HttpServlet#HttpServlet()
+ */
+ public Authenticate() {
+ super();
+ DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
+ factory.setNamespaceAware(true);
+ try {
+ builder = factory.newDocumentBuilder();
+ } catch (ParserConfigurationException e) {
+ log.warn("PVP2 AuthenticationServlet can not be initialized.", e);
+
+ }
+ }
+
+ DocumentBuilder builder;
+
+ public Document asDOMDocument(XMLObject object) throws IOException,
+ MarshallingException, TransformerException {
+ Document document = builder.newDocument();
+ Marshaller out = Configuration.getMarshallerFactory().getMarshaller(
+ object);
+ out.marshall(object, document);
+ return document;
+ }
+
+ protected void process(HttpServletRequest request,
+ HttpServletResponse response, Map<String,String> legacyParameter) throws ServletException, IOException {
+ try {
+
+ ConfigurationProvider config = ConfigurationProvider.getInstance();
+ config.initializePVP2Login();
+
+ AuthnRequest authReq = SAML2Utils
+ .createSAMLObject(AuthnRequest.class);
+ SecureRandomIdentifierGenerator gen = new SecureRandomIdentifierGenerator();
+ authReq.setID(gen.generateIdentifier());
+
+ HttpSession session = request.getSession();
+ if (session != null) {
+ session.setAttribute(Constants.SESSION_PVP2REQUESTID, authReq.getID());
+ }
+
+ authReq.setAssertionConsumerServiceIndex(0);
+ authReq.setAttributeConsumingServiceIndex(0);
+ authReq.setIssueInstant(new DateTime());
+ Subject subject = SAML2Utils.createSAMLObject(Subject.class);
+ NameID name = SAML2Utils.createSAMLObject(NameID.class);
+ Issuer issuer = SAML2Utils.createSAMLObject(Issuer.class);
+
+ String serviceURL = config.getPublicUrlPreFix(request);
+ if (!serviceURL.endsWith("/"))
+ serviceURL = serviceURL + "/";
+ name.setValue(serviceURL);
+ issuer.setValue(serviceURL);
+
+ subject.setNameID(name);
+ authReq.setSubject(subject);
+ issuer.setFormat(NameIDType.ENTITY);
+ authReq.setIssuer(issuer);
+ NameIDPolicy policy = SAML2Utils
+ .createSAMLObject(NameIDPolicy.class);
+ policy.setAllowCreate(true);
+ policy.setFormat(NameID.PERSISTENT);
+ authReq.setNameIDPolicy(policy);
+
+ String entityname = config.getPVP2IDPMetadataEntityName();
+ if (MiscUtil.isEmpty(entityname)) {
+ log.info("No IDP EntityName configurated");
+ throw new ConfigurationException("No IDP EntityName configurated");
+ }
+
+ HTTPMetadataProvider idpmetadata = config.getMetaDataProvier();
+ EntityDescriptor idpEntity = idpmetadata.getEntityDescriptor(entityname);
+ if (idpEntity == null) {
+ log.info("IDP EntityName is not found in IDP Metadata");
+ throw new ConfigurationException("IDP EntityName is not found in IDP Metadata");
+ }
+
+ SingleSignOnService redirectEndpoint = null;
+ for (SingleSignOnService sss :
+ idpEntity.getIDPSSODescriptor(SAMLConstants.SAML20P_NS).getSingleSignOnServices()) {
+
+ //Get the service address for the binding you wish to use
+ if (sss.getBinding().equals(SAMLConstants.SAML2_POST_BINDING_URI)) {
+ redirectEndpoint = sss;
+ }
+ }
+
+ authReq.setDestination(redirectEndpoint.getLocation());
+
+ RequestedAuthnContext reqAuthContext =
+ SAML2Utils.createSAMLObject(RequestedAuthnContext.class);
+
+ AuthnContextClassRef authnClassRef =
+ SAML2Utils.createSAMLObject(AuthnContextClassRef.class);
+
+ authnClassRef.setAuthnContextClassRef("http://www.stork.gov.eu/1.0/citizenQAALevel/4");
+
+ reqAuthContext.setComparison(AuthnContextComparisonTypeEnumeration.MINIMUM);
+
+ reqAuthContext.getAuthnContextClassRefs().add(authnClassRef);
+
+ authReq.setRequestedAuthnContext(reqAuthContext);
+
+ KeyStore keyStore = config.getPVP2KeyStore();
+
+ X509Credential authcredential = new KeyStoreX509CredentialAdapter(
+ keyStore,
+ config.getPVP2KeystoreAuthRequestKeyAlias(),
+ config.getPVP2KeystoreAuthRequestKeyPassword().toCharArray());
+
+ Signature signer = SAML2Utils.createSAMLObject(Signature.class);
+ signer.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA1);
+ signer.setCanonicalizationAlgorithm(SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
+ signer.setSigningCredential(authcredential);
+
+ authReq.setSignature(signer);
+
+ VelocityEngine engine = new VelocityEngine();
+ engine.setProperty(RuntimeConstants.ENCODING_DEFAULT, "UTF-8");
+ engine.setProperty(RuntimeConstants.OUTPUT_ENCODING, "UTF-8");
+ engine.setProperty(RuntimeConstants.ENCODING_DEFAULT, "UTF-8");
+ engine.setProperty(RuntimeConstants.RESOURCE_LOADER, "classpath");
+ engine.setProperty("classpath.resource.loader.class",
+ "org.apache.velocity.runtime.resource.loader.ClasspathResourceLoader");
+ engine.init();
+
+ HTTPPostEncoder encoder = new HTTPPostEncoder(engine,
+ "templates/pvp_postbinding_template.html");
+ HttpServletResponseAdapter responseAdapter = new HttpServletResponseAdapter(
+ response, true);
+ BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject> context = new BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject>();
+ SingleSignOnService service = new SingleSignOnServiceBuilder()
+ .buildObject();
+ service.setBinding("urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST");
+ service.setLocation(redirectEndpoint.getLocation());;
+
+ context.setOutboundSAMLMessageSigningCredential(authcredential);
+ context.setPeerEntityEndpoint(service);
+ context.setOutboundSAMLMessage(authReq);
+ context.setOutboundMessageTransport(responseAdapter);
+
+ encoder.encode(context);
+
+ } catch (Exception e) {
+ log.warn("Authentication Request can not be generated", e);
+ throw new ServletException("Authentication Request can not be generated.", e);
+ }
+ }
+
+ /**
+ * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse
+ * response)
+ */
+ protected void doGet(HttpServletRequest request,
+ HttpServletResponse response) throws ServletException, IOException {
+
+ process(request, response, null);
+ }
+
+ /**
+ * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse
+ * response)
+ */
+ protected void doPost(HttpServletRequest request,
+ HttpServletResponse response) throws ServletException, IOException {
+ process(request, response, null);
+ }
+
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/BuildMetadata.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/BuildMetadata.java
new file mode 100644
index 000000000..56f593ce7
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/BuildMetadata.java
@@ -0,0 +1,328 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
+package at.gv.egovernment.moa.id.configuration.auth.pvp2;
+
+import java.io.IOException;
+import java.io.StringWriter;
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.security.cert.CertificateException;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.xml.parsers.DocumentBuilder;
+import javax.xml.parsers.DocumentBuilderFactory;
+import javax.xml.parsers.ParserConfigurationException;
+import javax.xml.transform.Transformer;
+import javax.xml.transform.TransformerConfigurationException;
+import javax.xml.transform.TransformerException;
+import javax.xml.transform.TransformerFactory;
+import javax.xml.transform.TransformerFactoryConfigurationError;
+import javax.xml.transform.dom.DOMSource;
+import javax.xml.transform.stream.StreamResult;
+
+import org.apache.log4j.Logger;
+import org.opensaml.Configuration;
+import org.opensaml.common.impl.SecureRandomIdentifierGenerator;
+import org.opensaml.common.xml.SAMLConstants;
+import org.opensaml.saml2.core.NameIDType;
+import org.opensaml.saml2.metadata.AssertionConsumerService;
+import org.opensaml.saml2.metadata.AttributeConsumingService;
+import org.opensaml.saml2.metadata.EntitiesDescriptor;
+import org.opensaml.saml2.metadata.EntityDescriptor;
+import org.opensaml.saml2.metadata.KeyDescriptor;
+import org.opensaml.saml2.metadata.LocalizedString;
+import org.opensaml.saml2.metadata.NameIDFormat;
+import org.opensaml.saml2.metadata.SPSSODescriptor;
+import org.opensaml.saml2.metadata.ServiceName;
+import org.opensaml.xml.io.Marshaller;
+import org.opensaml.xml.io.MarshallingException;
+import org.opensaml.xml.security.SecurityException;
+import org.opensaml.xml.security.credential.Credential;
+import org.opensaml.xml.security.credential.UsageType;
+import org.opensaml.xml.security.keyinfo.KeyInfoGenerator;
+import org.opensaml.xml.security.x509.KeyStoreX509CredentialAdapter;
+import org.opensaml.xml.security.x509.X509Credential;
+import org.opensaml.xml.security.x509.X509KeyInfoGeneratorFactory;
+import org.opensaml.xml.signature.Signature;
+import org.opensaml.xml.signature.SignatureConstants;
+import org.opensaml.xml.signature.SignatureException;
+import org.opensaml.xml.signature.Signer;
+import org.w3c.dom.Document;
+
+import at.gv.egovernment.moa.id.configuration.Constants;
+import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider;
+import at.gv.egovernment.moa.id.configuration.exception.ConfigurationException;
+import at.gv.egovernment.moa.id.configuration.utils.SAML2Utils;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+/**
+ * Servlet implementation class BuildMetadata
+ */
+public class BuildMetadata extends HttpServlet {
+ private static final long serialVersionUID = 1L;
+
+ private static final Logger log = Logger.getLogger(BuildMetadata.class);
+
+ /**
+ * @see HttpServlet#HttpServlet()
+ */
+ public BuildMetadata() {
+ super();
+ }
+
+ protected static Signature getSignature(Credential credentials) {
+ Signature signer = SAML2Utils.createSAMLObject(Signature.class);
+ signer.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256);
+ signer.setCanonicalizationAlgorithm(SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
+ signer.setSigningCredential(credentials);
+ return signer;
+ }
+
+ /**
+ * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse
+ * response)
+ */
+ protected void doGet(HttpServletRequest request,
+ HttpServletResponse response) throws ServletException, IOException {
+ try {
+ ConfigurationProvider config = ConfigurationProvider.getInstance();
+
+ //config.initializePVP2Login();
+
+ SecureRandomIdentifierGenerator idGen = new SecureRandomIdentifierGenerator();
+
+ EntitiesDescriptor spEntitiesDescriptor = SAML2Utils.
+ createSAMLObject(EntitiesDescriptor.class);
+
+ String name = config.getPVP2MetadataEntitiesName();
+ if (MiscUtil.isEmpty(name)) {
+ log.info("NO Metadata EntitiesName configurated");
+ throw new ConfigurationException("NO Metadata EntitiesName configurated");
+ }
+
+ spEntitiesDescriptor.setName(name);
+ spEntitiesDescriptor.setID(idGen.generateIdentifier());
+
+ EntityDescriptor spEntityDescriptor = SAML2Utils
+ .createSAMLObject(EntityDescriptor.class);
+
+ spEntitiesDescriptor.getEntityDescriptors().add(spEntityDescriptor);
+
+ String serviceURL = config.getPublicUrlPreFix(request);
+ if (!serviceURL.endsWith("/"))
+ serviceURL = serviceURL + "/";
+
+ log.debug("Set OnlineApplicationURL to " + serviceURL);
+ spEntityDescriptor.setEntityID(serviceURL);
+
+ SPSSODescriptor spSSODescriptor = SAML2Utils
+ .createSAMLObject(SPSSODescriptor.class);
+
+ spSSODescriptor.setAuthnRequestsSigned(true);
+ spSSODescriptor.setWantAssertionsSigned(true);
+
+ X509KeyInfoGeneratorFactory keyInfoFactory = new X509KeyInfoGeneratorFactory();
+ keyInfoFactory.setEmitEntityCertificate(true);
+ KeyInfoGenerator keyInfoGenerator = keyInfoFactory.newInstance();
+
+ KeyStore keyStore = config.getPVP2KeyStore();
+
+ X509Credential signingcredential = new KeyStoreX509CredentialAdapter(
+ keyStore,
+ config.getPVP2KeystoreMetadataKeyAlias(),
+ config.getPVP2KeystoreMetadataKeyPassword().toCharArray());
+
+
+ log.debug("Set Metadata key information");
+ //Set MetaData Signing key
+ KeyDescriptor entitiesSignKeyDescriptor = SAML2Utils
+ .createSAMLObject(KeyDescriptor.class);
+ entitiesSignKeyDescriptor.setUse(UsageType.SIGNING);
+ entitiesSignKeyDescriptor.setKeyInfo(keyInfoGenerator.generate(signingcredential));
+ Signature entitiesSignature = getSignature(signingcredential);
+ spEntitiesDescriptor.setSignature(entitiesSignature);
+
+ //Set AuthRequest Signing certificate
+ X509Credential authcredential = new KeyStoreX509CredentialAdapter(
+ keyStore,
+ config.getPVP2KeystoreAuthRequestKeyAlias(),
+ config.getPVP2KeystoreAuthRequestKeyPassword().toCharArray());
+ KeyDescriptor signKeyDescriptor = SAML2Utils
+ .createSAMLObject(KeyDescriptor.class);
+ signKeyDescriptor.setUse(UsageType.SIGNING);
+ signKeyDescriptor.setKeyInfo(keyInfoGenerator.generate(authcredential));
+ spSSODescriptor.getKeyDescriptors().add(signKeyDescriptor);
+
+
+ //set AuthRequest encryption certificate
+ if (MiscUtil.isNotEmpty(config.getPVP2KeystoreAuthRequestEncryptionKeyAlias())) {
+ X509Credential authEncCredential = new KeyStoreX509CredentialAdapter(
+ keyStore,
+ config.getPVP2KeystoreAuthRequestEncryptionKeyAlias(),
+ config.getPVP2KeystoreAuthRequestEncryptionKeyPassword().toCharArray());
+ KeyDescriptor encryKeyDescriptor = SAML2Utils
+ .createSAMLObject(KeyDescriptor.class);
+ encryKeyDescriptor.setUse(UsageType.ENCRYPTION);
+ encryKeyDescriptor.setKeyInfo(keyInfoGenerator.generate(authEncCredential));
+ spSSODescriptor.getKeyDescriptors().add(encryKeyDescriptor);
+
+ } else {
+ log.warn("No Assertion Encryption-Key defined. This setting is not recommended!");
+
+ }
+
+
+ NameIDFormat persistentnameIDFormat = SAML2Utils.createSAMLObject(NameIDFormat.class);
+ persistentnameIDFormat.setFormat(NameIDType.PERSISTENT);
+
+ spSSODescriptor.getNameIDFormats().add(persistentnameIDFormat);
+
+ NameIDFormat transientnameIDFormat = SAML2Utils.createSAMLObject(NameIDFormat.class);
+ transientnameIDFormat.setFormat(NameIDType.TRANSIENT);
+
+ spSSODescriptor.getNameIDFormats().add(transientnameIDFormat);
+
+ NameIDFormat unspecifiednameIDFormat = SAML2Utils.createSAMLObject(NameIDFormat.class);
+ unspecifiednameIDFormat.setFormat(NameIDType.UNSPECIFIED);
+
+ spSSODescriptor.getNameIDFormats().add(unspecifiednameIDFormat);
+
+ AssertionConsumerService postassertionConsumerService =
+ SAML2Utils.createSAMLObject(AssertionConsumerService.class);
+
+ postassertionConsumerService.setIndex(0);
+ postassertionConsumerService.setBinding(SAMLConstants.SAML2_POST_BINDING_URI);
+ postassertionConsumerService.setLocation(serviceURL + Constants.SERVLET_PVP2ASSERTION);
+
+ spSSODescriptor.getAssertionConsumerServices().add(postassertionConsumerService);
+
+ spSSODescriptor.addSupportedProtocol(SAMLConstants.SAML20P_NS);
+
+ spEntityDescriptor.getRoleDescriptors().add(spSSODescriptor);
+
+ spSSODescriptor.setWantAssertionsSigned(true);
+ spSSODescriptor.setAuthnRequestsSigned(true);
+
+ AttributeConsumingService attributeService =
+ SAML2Utils.createSAMLObject(AttributeConsumingService.class);
+
+ attributeService.setIndex(0);
+ attributeService.setIsDefault(true);
+ ServiceName serviceName = SAML2Utils.createSAMLObject(ServiceName.class);
+ serviceName.setName(new LocalizedString("Default Service", "de"));
+ attributeService.getNames().add(serviceName);
+
+ attributeService.getRequestAttributes().addAll(AttributeListBuilder.getRequestedAttributes());
+
+ spSSODescriptor.getAttributeConsumingServices().add(attributeService);
+
+ DocumentBuilder builder;
+ DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
+
+ builder = factory.newDocumentBuilder();
+ Document document = builder.newDocument();
+ Marshaller out = Configuration.getMarshallerFactory().getMarshaller(spEntitiesDescriptor);
+ out.marshall(spEntitiesDescriptor, document);
+
+ Signer.signObject(entitiesSignature);
+
+ Transformer transformer = TransformerFactory.newInstance().newTransformer();
+
+ StringWriter sw = new StringWriter();
+ StreamResult sr = new StreamResult(sw);
+ DOMSource source = new DOMSource(document);
+ transformer.transform(source, sr);
+ sw.close();
+
+ String metadataXML = sw.toString();
+
+ response.setContentType("text/xml");
+ response.getOutputStream().write(metadataXML.getBytes());
+
+ response.getOutputStream().close();
+
+ } catch (ConfigurationException e) {
+ log.warn("Configuration can not be loaded.", e);
+ throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
+
+ } catch (NoSuchAlgorithmException e) {
+ log.warn("Requested Algorithm could not found.", e);
+ throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
+
+ } catch (KeyStoreException e) {
+ log.warn("Requested KeyStoreType is not implemented.", e);
+ throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
+
+ } catch (CertificateException e) {
+ log.warn("KeyStore can not be opend or userd.", e);
+ throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
+
+ } catch (SecurityException e) {
+ log.warn("KeyStore can not be opend or used", e);
+ throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
+
+ } catch (ParserConfigurationException e) {
+ log.warn("PVP2 Metadata createn error", e);
+ throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
+
+ } catch (MarshallingException e) {
+ log.warn("PVP2 Metadata createn error", e);
+ throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
+
+ } catch (SignatureException e) {
+ log.warn("PVP2 Metadata can not be signed", e);
+ throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
+
+ } catch (TransformerConfigurationException e) {
+ log.warn("PVP2 Metadata createn error", e);
+ throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
+
+ } catch (TransformerFactoryConfigurationError e) {
+ log.warn("PVP2 Metadata createn error", e);
+ throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
+
+ } catch (TransformerException e) {
+ log.warn("PVP2 Metadata createn error", e);
+ throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
+ }
+
+ catch (Exception e) {
+ log.warn("Unspecific PVP2 Metadata createn error", e);
+ throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
+ }
+
+ }
+
+ /**
+ * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse
+ * response)
+ */
+ protected void doPost(HttpServletRequest request,
+ HttpServletResponse response) throws ServletException, IOException {
+ }
+
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/MetaDataVerificationFilter.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/MetaDataVerificationFilter.java
new file mode 100644
index 000000000..3429f6c96
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/MetaDataVerificationFilter.java
@@ -0,0 +1,82 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
+package at.gv.egovernment.moa.id.configuration.auth.pvp2;
+
+import java.util.Iterator;
+
+import org.opensaml.saml2.metadata.EntitiesDescriptor;
+import org.opensaml.saml2.metadata.EntityDescriptor;
+import org.opensaml.saml2.metadata.provider.FilterException;
+import org.opensaml.saml2.metadata.provider.MetadataFilter;
+import org.opensaml.xml.XMLObject;
+import org.opensaml.xml.security.x509.BasicX509Credential;
+
+import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
+import at.gv.egovernment.moa.id.protocols.pvp2x.verification.EntityVerifier;
+
+public class MetaDataVerificationFilter implements MetadataFilter {
+
+ BasicX509Credential credential;
+
+ public MetaDataVerificationFilter(BasicX509Credential credential) {
+ this.credential = credential;
+ }
+
+
+ public void doFilter(XMLObject metadata) throws FilterException {
+ if (metadata instanceof EntitiesDescriptor) {
+ EntitiesDescriptor entitiesDescriptor = (EntitiesDescriptor) metadata;
+
+ if(entitiesDescriptor.getSignature() == null) {
+ throw new FilterException("Root element of metadata file has to be signed", null);
+ }
+ try {
+ processEntitiesDescriptor(entitiesDescriptor);
+
+ } catch (MOAIDException e) {
+ throw new FilterException("Invalid Metadata file Root element is no EntitiesDescriptor", null);
+ }
+ }
+ }
+
+ private void processEntitiesDescriptor(EntitiesDescriptor desc) throws MOAIDException {
+ Iterator<EntitiesDescriptor> entID = desc.getEntitiesDescriptors().iterator();
+
+ if(desc.getSignature() != null) {
+ EntityVerifier.verify(desc, this.credential);
+ }
+
+ while(entID.hasNext()) {
+ processEntitiesDescriptor(entID.next());
+ }
+
+ Iterator<EntityDescriptor> entIT = desc.getEntityDescriptors().iterator();
+
+ while(entIT.hasNext()) {
+ EntityDescriptor entity = entIT.next();
+ if (entity.getSignature() != null)
+ EntityVerifier.verify(entity);
+ }
+ }
+
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java
index aeadbd0bb..692990fa9 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java
@@ -1,24 +1,79 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.config;
+import iaik.x509.X509Certificate;
+
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
+import java.io.InputStream;
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.security.cert.CertificateException;
import java.util.Properties;
+import java.util.Timer;
+
+import javax.servlet.http.HttpServletRequest;
+
+import org.apache.commons.httpclient.HttpClient;
+import org.apache.log4j.Logger;
+import org.opensaml.DefaultBootstrap;
+import org.opensaml.saml2.metadata.provider.HTTPMetadataProvider;
+import org.opensaml.xml.parse.BasicParserPool;
+import org.opensaml.xml.security.x509.BasicX509Credential;
import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
+import at.gv.egovernment.moa.id.configuration.Constants;
+import at.gv.egovernment.moa.id.configuration.auth.pvp2.MetaDataVerificationFilter;
import at.gv.egovernment.moa.id.configuration.exception.ConfigurationException;
-import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.id.configuration.utils.UserRequestCleaner;
+import at.gv.egovernment.moa.util.MiscUtil;
public class ConfigurationProvider {
+ public static final String HTMLTEMPLATE_DIR = "/htmlTemplates";
+ public static final String HTMLTEMPLATE_FILE = "/loginFormFull.html";
+
+ private static final Logger log = Logger.getLogger(ConfigurationProvider.class);
+
private static final String SYSTEM_PROP_CONFIG = "moa.id.webconfig";
private static ConfigurationProvider instance;
private Properties props;
private String configFileName;
+ private String configRootDir;
+
+ private HTTPMetadataProvider idpMetadataProvider = null;
+ private KeyStore keyStore = null;
+
+ private String publicURLPreFix = null;
+
+ private boolean pvp2logininitialzied = false;
public static ConfigurationProvider getInstance() throws ConfigurationException {
if (instance == null) {
@@ -39,10 +94,14 @@ public class ConfigurationProvider {
if (configFileName == null) {
throw new ConfigurationException("config.01");
}
- Logger.info("Loading MOA-ID-AUTH configuration " + configFileName);
+
+ // determine the directory of the root config file
+ configRootDir = new File(configFileName).getParent();
+
+ log.info("Loading MOA-ID-AUTH configuration " + configFileName);
//Initial Hibernate Framework
- Logger.trace("Initializing Hibernate framework.");
+ log.trace("Initializing Hibernate framework.");
//Load MOAID-2.0 properties file
File propertiesFile = new File(configFileName);
@@ -54,32 +113,365 @@ public class ConfigurationProvider {
fis = new FileInputStream(propertiesFile);
props.load(fis);
+ fis.close();
+
// initialize hibernate
synchronized (ConfigurationProvider.class) {
//Initial config Database
ConfigurationDBUtils.initHibernate(props);
}
- Logger.trace("Hibernate initialization finished.");
+ log.trace("Hibernate initialization finished.");
+ DefaultBootstrap.bootstrap();
+ log.info("OPENSAML initialized");
+
+ UserRequestCleaner.start();
-
+
} catch (FileNotFoundException e) {
throw new ConfigurationException("config.01", e);
+
} catch (IOException e) {
throw new ConfigurationException("config.02", e);
+
} catch (MOADatabaseException e) {
throw new ConfigurationException("config.03", e);
+
+ } catch (org.opensaml.xml.ConfigurationException e) {
+ throw new ConfigurationException("config.04", e);
}
}
+ public String getPublicUrlPreFix(HttpServletRequest request) {
+ publicURLPreFix = props.getProperty("general.publicURLContext");
+
+ if (MiscUtil.isEmpty(publicURLPreFix) && request != null) {
+ String url = request.getRequestURL().toString();
+ String contextpath = request.getContextPath();
+ int index = url.indexOf(contextpath);
+ publicURLPreFix = url.substring(0, index + contextpath.length() + 1);
+ }
+
+ return publicURLPreFix;
+ }
+
+ public int getUserRequestCleanUpDelay() {
+ String delay = props.getProperty("general.userrequests.cleanup.delay");
+ return Integer.getInteger(delay, 12);
+ }
+
+// public String getContactMailAddress() {
+// return props.getProperty("general.contact.mail");
+// }
+
+ public String getSSOLogOutURL() {
+ return props.getProperty("general.login.pvp2.idp.sso.logout.url");
+ }
+
+ public KeyStore getPVP2KeyStore() throws ConfigurationException, IOException, NoSuchAlgorithmException, CertificateException, KeyStoreException {
+ if (keyStore == null) {
+ String keystoretype = getPVP2MetadataKeystoreType();
+ if (MiscUtil.isEmpty(keystoretype)) {
+ log.debug("No KeyStoreType defined. Using default KeyStoreType.");
+ keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
+
+ } else {
+ log.debug("Using " + keystoretype + " KeyStoreType.");
+ keyStore = KeyStore.getInstance(keystoretype);
+
+ }
+
+
+ String file = getPVP2MetadataKeystoreURL();
+ log.debug("Load KeyStore from URL " + file);
+ if (MiscUtil.isEmpty(file)) {
+ log.info("Metadata KeyStoreURL is empty");
+ throw new ConfigurationException("Metadata KeyStoreURL is empty");
+ }
+
+ FileInputStream inputStream = new FileInputStream(file);
+ keyStore.load(inputStream, getPVP2MetadataKeystorePassword().toCharArray());
+ inputStream.close();
+ }
+
+ return keyStore;
+
+ }
+
+ public String getConfigFile() {
+ return configFileName;
+ }
+
+ public String getConfigRootDir() {
+ return configRootDir;
+ }
+
+ public String getMOAIDInstanceURL() {
+ return props.getProperty("general.moaid.instance.url");
+ }
+
public boolean isLoginDeaktivated() {
String result = props.getProperty("general.login.deaktivate", "false");
return Boolean.parseBoolean(result);
}
- public String getConfigFile() {
- return configFileName;
+ public boolean isOATargetVerificationDeaktivated() {
+ String result = props.getProperty("general.OATargetVerification.deaktivate", "false");
+ return Boolean.parseBoolean(result);
+ }
+
+ //PVP2 Login configuration
+
+ public void initializePVP2Login() throws ConfigurationException {
+ if (!pvp2logininitialzied)
+ initalPVP2Login();
+ }
+
+ public boolean isPVP2LoginActive() {
+
+ return Boolean.parseBoolean(props.getProperty("general.login.pvp2.isactive", "false"));
+ }
+
+ public boolean isPVP2LoginBusinessService() {
+ String result = props.getProperty("general.login.pvp2.isbusinessservice", "false");
+ return Boolean.parseBoolean(result);
+ }
+
+ public String getPVP2LoginTarget() {
+ return props.getProperty("general.login.pvp2.target");
+ }
+
+ public String getPVP2LoginIdenificationValue() {
+ return props.getProperty("general.login.pvp2.identificationvalue");
+ }
+
+ public String getPVP2MetadataEntitiesName() {
+ return props.getProperty("general.login.pvp2.metadata.entities.name");
+ }
+
+ public String getPVP2MetadataKeystoreURL() {
+ return props.getProperty("general.login.pvp2.keystore.url");
+ }
+
+ public String getPVP2MetadataKeystorePassword() {
+ return props.getProperty("general.login.pvp2.keystore.password");
+ }
+
+ public String getPVP2MetadataKeystoreType() {
+ return props.getProperty("general.login.pvp2.keystore.type");
+ }
+
+ public String getPVP2KeystoreMetadataKeyAlias() {
+ return props.getProperty("general.login.pvp2.keystore.metadata.key.alias");
+ }
+
+ public String getPVP2KeystoreMetadataKeyPassword() {
+ return props.getProperty("general.login.pvp2.keystore.metadata.key.password");
+ }
+
+ public String getPVP2KeystoreAuthRequestKeyAlias() {
+ return props.getProperty("general.login.pvp2.keystore.authrequest.key.alias");
+ }
+
+ public String getPVP2KeystoreAuthRequestKeyPassword() {
+ return props.getProperty("general.login.pvp2.keystore.authrequest.key.password");
+ }
+
+ public String getPVP2KeystoreAuthRequestEncryptionKeyAlias() {
+ return props.getProperty("general.login.pvp2.keystore.authrequest.encryption.key.alias");
+ }
+
+ public String getPVP2KeystoreAuthRequestEncryptionKeyPassword() {
+ return props.getProperty("general.login.pvp2.keystore.authrequest.encryption.key.password");
+ }
+
+ public String getPVP2IDPMetadataURL() {
+ return props.getProperty("general.login.pvp2.idp.metadata.url");
+ }
+
+ public String getPVP2IDPMetadataCertificate() {
+ return props.getProperty("general.login.pvp2.idp.metadata.certificate");
+ }
+
+ public String getPVP2IDPMetadataEntityName() {
+ return props.getProperty("general.login.pvp2.idp.metadata.entityID");
+ }
+
+ public HTTPMetadataProvider getMetaDataProvier() {
+ return idpMetadataProvider;
+ }
+
+
+ //SMTP Server
+ public String getSMTPMailHost() {
+ return props.getProperty("general.mail.host");
+ }
+
+ public String getSMTPMailPort() {
+ return props.getProperty("general.mail.host.port");
+ }
+
+ public String getSMTPMailUsername() {
+ return props.getProperty("general.mail.host.username");
+ }
+
+ public String getSMTPMailPassword() {
+ return props.getProperty("general.mail.host.password");
+ }
+
+ //Mail Configuration
+ public String getMailFromName() {
+ return props.getProperty("general.mail.from.name");
+ }
+
+ public String getMailFromAddress() {
+ return props.getProperty("general.mail.from.address");
+ }
+
+ public String getMailUserAcountVerificationSubject() {
+ return props.getProperty("general.mail.useraccountrequest.verification.subject");
+ }
+
+ public String getMailUserAcountVerificationTemplate() throws ConfigurationException {
+ String url = props.getProperty("general.mail.useraccountrequest.verification.template");
+
+ if (MiscUtil.isNotEmpty(url)) {
+ if (url.startsWith(Constants.FILEPREFIX))
+ return url;
+
+ else
+ return configRootDir + "/" + url;
+
+ } else {
+ log.warn("MailUserAcountVerificationTemplate is empty");
+ throw new ConfigurationException("MailUserAcountVerificationTemplate is empty");
+
+ }
+ }
+
+ public String getMailUserAcountActivationSubject() {
+ return props.getProperty("general.mail.useraccountrequest.isactive.subject");
+ }
+
+ public String getMailUserAcountActivationTemplate() throws ConfigurationException {
+ String url = props.getProperty("general.mail.useraccountrequest.isactive.template");
+
+ if (MiscUtil.isNotEmpty(url)) {
+ if (url.startsWith(Constants.FILEPREFIX))
+ return url;
+
+ else
+ return configRootDir + "/" + url;
+
+ } else {
+ log.warn("MailUserAcountVerificationTemplate is empty");
+ throw new ConfigurationException("MailUserAcountActivationTemplate is empty");
+
+ }
+ }
+
+ public String getMailOAActivationSubject() {
+ return props.getProperty("general.mail.createOArequest.isactive.subject");
+ }
+
+ public String getMailOAActivationTemplate() throws ConfigurationException {
+ String url = props.getProperty("general.mail.createOArequest.isactive.template");
+
+ if (MiscUtil.isNotEmpty(url)) {
+ if (url.startsWith(Constants.FILEPREFIX))
+ return url;
+
+ else
+ return configRootDir + "/" + url;
+
+ } else {
+ log.warn("MailOAActivationTemplate is empty");
+ throw new ConfigurationException("MailOAActivationTemplate is empty");
+
+ }
+ }
+
+ public String getMailUserAcountRevocationTemplate() throws ConfigurationException {
+ String url = props.getProperty("general.mail.useraccountrequest.rejected.template");
+
+ if (MiscUtil.isNotEmpty(url)) {
+ if (url.startsWith(Constants.FILEPREFIX))
+ return url;
+
+ else
+ return configRootDir + "/" + url;
+
+ } else {
+ log.warn("MailUserAcountVerificationTemplate is empty");
+ throw new ConfigurationException("MailUserAcountRevocationTemplate is empty");
+
+ }
+ }
+
+ public String getMailAdminSubject() {
+ return props.getProperty("general.mail.admin.subject");
+ }
+
+ public String getMailAdminTemplate() throws ConfigurationException {
+ String url = props.getProperty("general.mail.admin.adresses.template");
+
+ if (MiscUtil.isNotEmpty(url)) {
+ if (url.startsWith(Constants.FILEPREFIX))
+ return url;
+
+ else
+ return configRootDir + "/" + url;
+
+ } else {
+ log.warn("MailUserAcountVerificationTemplate is empty");
+ throw new ConfigurationException("MailAdminTemplate is empty");
+
+ }
+ }
+
+ public String getMailAdminAddress() {
+ return props.getProperty("general.mail.admin.adress");
+ }
+
+
+ private void initalPVP2Login() throws ConfigurationException {
+ try {
+
+ String metadataCert = getPVP2IDPMetadataCertificate();
+ if (MiscUtil.isEmpty(metadataCert)) {
+ log.info("NO IDP Certificate to verify IDP Metadata");
+ throw new ConfigurationException("NO IDP Certificate to verify IDP Metadata");
+ }
+
+ InputStream certstream = new FileInputStream(metadataCert);
+ X509Certificate cert = new X509Certificate(certstream);
+ BasicX509Credential idpCredential = new BasicX509Credential();
+ idpCredential.setEntityCertificate(cert);
+
+ log.debug("IDP Certificate loading finished");
+
+ String metadataurl = getPVP2IDPMetadataURL();
+ if (MiscUtil.isEmpty(metadataurl)) {
+ log.info("NO IDP Metadata URL.");
+ throw new ConfigurationException("NO IDP Metadata URL.");
+ }
+
+ idpMetadataProvider = new HTTPMetadataProvider(new Timer(), new HttpClient(), metadataurl);
+ idpMetadataProvider.setRequireValidMetadata(true);
+ idpMetadataProvider.setParserPool(new BasicParserPool());
+ idpMetadataProvider.setMetadataFilter(new MetaDataVerificationFilter(idpCredential));
+ idpMetadataProvider.setMaxRefreshDelay(1000 * 3600 * 12 ); //refresh Metadata every 12h
+ idpMetadataProvider.initialize();
+
+ pvp2logininitialzied = true;
+
+ } catch (Exception e) {
+ log.warn("PVP2 authentification can not be initialized.");
+ throw new ConfigurationException("PVP2 authentification can not be initialized.", e);
+ }
+
+
}
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/FormularCustomization.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/FormularCustomization.java
new file mode 100644
index 000000000..49d556ba4
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/FormularCustomization.java
@@ -0,0 +1,357 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
+package at.gv.egovernment.moa.id.configuration.data;
+
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.List;
+import java.util.Map;
+
+import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA;
+import at.gv.egovernment.moa.id.commons.db.dao.config.BKUSelectionCustomizationType;
+import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
+import at.gv.egovernment.moa.id.commons.db.dao.config.TemplatesType;
+import at.gv.egovernment.moa.id.util.FormBuildUtils;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+public class FormularCustomization {
+
+ private boolean showMandateLoginButton = true;
+ private boolean onlyMandateAllowed = false;
+
+ private String fontType = null;
+
+ private String frontColor = null;
+ private String backGroundColor = null;
+ private String header_FrontColor = null;
+ private String header_BackGroundColor = null;
+ private String header_text = null;
+ private String button_BackGroundColor = null;
+ private String button_BackGroundColorFocus = null;
+ private String button_FrontColor = null;
+
+ private String appletRedirectTarget = null;
+ public static List<String> appletRedirectTargetList = null;
+
+ public static List<String> fontTypeList = null;
+ public String fontTypeListValue = null;
+
+ public FormularCustomization() {
+ appletRedirectTargetList = Arrays.asList("","_blank","_self","_parent","_top");
+ fontTypeList = Arrays.asList("","Verdana","Geneva","Arial","Helvetica","sans-serif","Times New Roman");
+ Collections.sort(fontTypeList);
+ }
+
+ public void parse(OnlineApplication dbOAConfig, Map<String, String> map) {
+ AuthComponentOA auth = dbOAConfig.getAuthComponentOA();
+
+ if (auth != null) {
+ TemplatesType templates = auth.getTemplates();
+ if (templates != null) {
+ BKUSelectionCustomizationType formcustom = templates.getBKUSelectionCustomization();
+ if (formcustom != null) {
+
+ if (formcustom.isMandateLoginButton() != null) {
+ showMandateLoginButton = formcustom.isMandateLoginButton();
+ }
+
+ if (formcustom.isOnlyMandateLoginAllowed() != null) {
+ onlyMandateAllowed = formcustom.isOnlyMandateLoginAllowed();
+ }
+
+ if (MiscUtil.isNotEmpty(formcustom.getAppletRedirectTarget()))
+ appletRedirectTarget = formcustom.getAppletRedirectTarget();
+
+ if (MiscUtil.isNotEmpty(formcustom.getBackGroundColor())) {
+ backGroundColor = formcustom.getBackGroundColor();
+ map.put(FormBuildUtils.MAIN_BACKGROUNDCOLOR, formcustom.getBackGroundColor());
+ }
+
+ if (MiscUtil.isNotEmpty(formcustom.getButtonBackGroundColor())) {
+ button_BackGroundColor = formcustom.getButtonBackGroundColor();
+ map.put(FormBuildUtils.BUTTON_BACKGROUNDCOLOR, formcustom.getButtonBackGroundColor());
+ }
+
+ if (MiscUtil.isNotEmpty(formcustom.getButtonBackGroundColorFocus())) {
+ button_BackGroundColorFocus = formcustom.getButtonBackGroundColorFocus();
+ map.put(FormBuildUtils.BUTTON_BACKGROUNDCOLOR_FOCUS, formcustom.getButtonBackGroundColorFocus());
+ }
+
+ if (MiscUtil.isNotEmpty(formcustom.getButtonFontColor())) {
+ button_FrontColor = formcustom.getButtonFontColor();
+ map.put(FormBuildUtils.BUTTON_COLOR, formcustom.getButtonFontColor());
+ }
+
+ if (MiscUtil.isNotEmpty(formcustom.getFontType())) {
+ fontType = formcustom.getFontType();
+ map.put(FormBuildUtils.FONTFAMILY, formcustom.getFontType());
+ }
+
+ if (MiscUtil.isNotEmpty(formcustom.getFrontColor())) {
+ frontColor = formcustom.getFrontColor();
+ map.put(FormBuildUtils.MAIN_COLOR, formcustom.getFrontColor());
+ }
+
+ if (MiscUtil.isNotEmpty(formcustom.getHeaderBackGroundColor())) {
+ header_BackGroundColor = formcustom.getHeaderBackGroundColor();
+ map.put(FormBuildUtils.HEADER_BACKGROUNDCOLOR, formcustom.getHeaderBackGroundColor());
+ }
+
+ if (MiscUtil.isNotEmpty(formcustom.getHeaderFrontColor())) {
+ header_FrontColor = formcustom.getHeaderFrontColor();
+ map.put(FormBuildUtils.HEADER_COLOR, formcustom.getHeaderFrontColor());
+ }
+
+ if (MiscUtil.isNotEmpty(formcustom.getHeaderText())) {
+ header_text = formcustom.getHeaderText();
+ map.put(FormBuildUtils.HEADER_TEXT, formcustom.getHeaderText());
+ }
+ }
+ }
+ }
+ }
+
+
+ /**
+ * @return the showMandateLoginButton
+ */
+ public boolean isShowMandateLoginButton() {
+ return showMandateLoginButton;
+ }
+
+
+ /**
+ * @param showMandateLoginButton the showMandateLoginButton to set
+ */
+ public void setShowMandateLoginButton(boolean showMandateLoginButton) {
+ this.showMandateLoginButton = showMandateLoginButton;
+ }
+
+
+ /**
+ * @return the onlyMandateAllowed
+ */
+ public boolean isOnlyMandateAllowed() {
+ return onlyMandateAllowed;
+ }
+
+
+ /**
+ * @param onlyMandateAllowed the onlyMandateAllowed to set
+ */
+ public void setOnlyMandateAllowed(boolean onlyMandateAllowed) {
+ this.onlyMandateAllowed = onlyMandateAllowed;
+ }
+
+
+ /**
+ * @return the fontType
+ */
+ public String getFontType() {
+ return fontType;
+ }
+
+
+ /**
+ * @param fontType the fontType to set
+ */
+ public void setFontType(String fontType) {
+ this.fontType = fontType;
+ }
+
+
+ /**
+ * @return the frontColor
+ */
+ public String getFrontColor() {
+ return frontColor;
+ }
+
+
+ /**
+ * @param frontColor the frontColor to set
+ */
+ public void setFrontColor(String frontColor) {
+ this.frontColor = frontColor;
+ }
+
+
+ /**
+ * @return the backGroundColor
+ */
+ public String getBackGroundColor() {
+ return backGroundColor;
+ }
+
+
+ /**
+ * @param backGroundColor the backGroundColor to set
+ */
+ public void setBackGroundColor(String backGroundColor) {
+ this.backGroundColor = backGroundColor;
+ }
+
+
+ /**
+ * @return the header_FrontColor
+ */
+ public String getHeader_FrontColor() {
+ return header_FrontColor;
+ }
+
+
+ /**
+ * @param header_FrontColor the header_FrontColor to set
+ */
+ public void setHeader_FrontColor(String header_FrontColor) {
+ this.header_FrontColor = header_FrontColor;
+ }
+
+
+ /**
+ * @return the header_BackGroundColor
+ */
+ public String getHeader_BackGroundColor() {
+ return header_BackGroundColor;
+ }
+
+
+ /**
+ * @param header_BackGroundColor the header_BackGroundColor to set
+ */
+ public void setHeader_BackGroundColor(String header_BackGroundColor) {
+ this.header_BackGroundColor = header_BackGroundColor;
+ }
+
+
+ /**
+ * @return the header_text
+ */
+ public String getHeader_text() {
+ return header_text;
+ }
+
+
+ /**
+ * @param header_text the header_text to set
+ */
+ public void setHeader_text(String header_text) {
+ this.header_text = header_text;
+ }
+
+
+ /**
+ * @return the button_BackGroundColor
+ */
+ public String getButton_BackGroundColor() {
+ return button_BackGroundColor;
+ }
+
+
+ /**
+ * @param button_BackGroundColor the button_BackGroundColor to set
+ */
+ public void setButton_BackGroundColor(String button_BackGroundColor) {
+ this.button_BackGroundColor = button_BackGroundColor;
+ }
+
+
+ /**
+ * @return the button_BackGroundColorFocus
+ */
+ public String getButton_BackGroundColorFocus() {
+ return button_BackGroundColorFocus;
+ }
+
+
+ /**
+ * @param button_BackGroundColorFocus the button_BackGroundColorFocus to set
+ */
+ public void setButton_BackGroundColorFocus(String button_BackGroundColorFocus) {
+ this.button_BackGroundColorFocus = button_BackGroundColorFocus;
+ }
+
+
+ /**
+ * @return the button_FrontColor
+ */
+ public String getButton_FrontColor() {
+ return button_FrontColor;
+ }
+
+
+ /**
+ * @param button_FrontColor the button_FrontColor to set
+ */
+ public void setButton_FrontColor(String button_FrontColor) {
+ this.button_FrontColor = button_FrontColor;
+ }
+
+
+ /**
+ * @return the appletRedirectTarget
+ */
+ public String getAppletRedirectTarget() {
+ return appletRedirectTarget;
+ }
+
+ /**
+ * @param appletRedirectTarget the appletRedirectTarget to set
+ */
+ public void setAppletRedirectTarget(String appletRedirectTarget) {
+ this.appletRedirectTarget = appletRedirectTarget;
+ }
+
+
+ /**
+ * @return the appletredirecttargetlist
+ */
+ public List<String> getAppletRedirectTargetList() {
+ return appletRedirectTargetList;
+ }
+
+ /**
+ * @return the fontTypeList
+ */
+ public List<String> getFontTypeList() {
+ return fontTypeList;
+ }
+
+ /**
+ * @return the fontTypeListValue
+ */
+ public String getFontTypeListValue() {
+ return fontTypeListValue;
+ }
+
+ /**
+ * @param fontTypeListValue the fontTypeListValue to set
+ */
+ public void setFontTypeListValue(String fontTypeListValue) {
+ this.fontTypeListValue = fontTypeListValue;
+ }
+
+
+
+
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java
index 59954df7f..4da4d3907 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java
@@ -1,3 +1,25 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.data;
import java.io.File;
@@ -15,8 +37,6 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.DefaultBKUs;
import at.gv.egovernment.moa.id.commons.db.dao.config.ForeignIdentities;
import at.gv.egovernment.moa.id.commons.db.dao.config.GeneralConfiguration;
import at.gv.egovernment.moa.id.commons.db.dao.config.IdentificationNumber;
-import at.gv.egovernment.moa.id.commons.db.dao.config.IdentityLinkSigners;
-import at.gv.egovernment.moa.id.commons.db.dao.config.IdentityLinkSignersX509SubjectNameItem;
import at.gv.egovernment.moa.id.commons.db.dao.config.LegacyAllowed;
import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration;
import at.gv.egovernment.moa.id.commons.db.dao.config.MOASP;
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java
new file mode 100644
index 000000000..f21be44ba
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java
@@ -0,0 +1,27 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
+package at.gv.egovernment.moa.id.configuration.data;
+
+public class GeneralStorkConfig {
+
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/OAListElement.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/OAListElement.java
index 0ea21617e..69bf5dc0c 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/OAListElement.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/OAListElement.java
@@ -1,3 +1,25 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.data;
public class OAListElement {
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/StorkAttributes.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/StorkAttributes.java
new file mode 100644
index 000000000..a1bcf4aa4
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/StorkAttributes.java
@@ -0,0 +1,50 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
+package at.gv.egovernment.moa.id.configuration.data;
+
+public class StorkAttributes {
+
+
+ public AttributValues eIdentifier;
+
+
+ public void parse() {
+ eIdentifier = AttributValues.MANDATORY;
+ }
+
+
+ public enum AttributValues {
+ MANDATORY, OPTIONAL, NOT;
+
+ public String getValue() {
+ if (this == MANDATORY)
+ return MANDATORY.name();
+ if (this == OPTIONAL)
+ return OPTIONAL.name();
+ else
+ return NOT.name();
+ }
+ }
+
+}
+
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/UserDatabaseFrom.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/UserDatabaseFrom.java
index 881cdf277..8f4746d69 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/UserDatabaseFrom.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/UserDatabaseFrom.java
@@ -1,8 +1,29 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.data;
import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase;
import at.gv.egovernment.moa.util.MiscUtil;
-import at.gv.util.data.BPK;
public class UserDatabaseFrom {
@@ -18,10 +39,14 @@ public class UserDatabaseFrom {
private boolean active = false;
private boolean admin = false;
private boolean passwordActive;
+ private boolean isusernamepasswordallowed = false;
+ private boolean isadminrequest = true;
+ private boolean ismandateuser = false;
+ private boolean isPVPGenerated;
private String userID = null;
public UserDatabaseFrom() {
-
+
}
public UserDatabaseFrom(UserDatabase db) {
@@ -41,6 +66,26 @@ public class UserDatabaseFrom {
active = db.isIsActive();
admin = db.isIsAdmin();
+ if (db.isIsUsernamePasswordAllowed() != null)
+ isusernamepasswordallowed = db.isIsUsernamePasswordAllowed();
+ else
+ isusernamepasswordallowed = true;
+
+ if (db.isIsAdminRequest() != null)
+ isadminrequest = db.isIsAdminRequest();
+ else
+ isadminrequest = false;
+
+ if (db.isIsMandateUser() != null)
+ ismandateuser = db.isIsMandateUser();
+ else
+ ismandateuser = false;
+
+ if (db.isIsPVP2Generated() != null)
+ isPVPGenerated = db.isIsPVP2Generated();
+ else
+ isPVPGenerated = false;
+
userID = String.valueOf(db.getHjid());
}
@@ -247,7 +292,62 @@ public class UserDatabaseFrom {
public void setPassword_second(String password_second) {
this.password_second = password_second;
}
+
+ /**
+ * @return the isusernamepasswordallowed
+ */
+ public boolean isIsusernamepasswordallowed() {
+ return isusernamepasswordallowed;
+ }
+
+ /**
+ * @param isusernamepasswordallowed the isusernamepasswordallowed to set
+ */
+ public void setIsusernamepasswordallowed(boolean isusernamepasswordallowed) {
+ this.isusernamepasswordallowed = isusernamepasswordallowed;
+ }
+
+ /**
+ * @return the ismandateuser
+ */
+ public boolean isIsmandateuser() {
+ return ismandateuser;
+ }
+ /**
+ * @param ismandateuser the ismandateuser to set
+ */
+ public void setIsmandateuser(boolean ismandateuser) {
+ this.ismandateuser = ismandateuser;
+ }
+
+ /**
+ * @return the isadminrequest
+ */
+ public boolean isIsadminrequest() {
+ return isadminrequest;
+ }
+
+ /**
+ * @param isadminrequest the isadminrequest to set
+ */
+ public void setIsadminrequest(boolean isadminrequest) {
+ this.isadminrequest = isadminrequest;
+ }
+
+ /**
+ * @return the isPVPGenerated
+ */
+ public boolean isPVPGenerated() {
+ return isPVPGenerated;
+ }
+
+ /**
+ * @param isPVPGenerated the isPVPGenerated to set
+ */
+ public void setPVPGenerated(boolean isPVPGenerated) {
+ this.isPVPGenerated = isPVPGenerated;
+ }
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java
index 57ae4863a..334124cfd 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java
@@ -1,6 +1,29 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.data.oa;
import java.util.ArrayList;
+import java.util.Arrays;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
@@ -18,6 +41,7 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.TemplateType;
import at.gv.egovernment.moa.id.commons.db.dao.config.TemplatesType;
import at.gv.egovernment.moa.id.commons.db.dao.config.TransformsInfoType;
import at.gv.egovernment.moa.id.configuration.Constants;
+import at.gv.egovernment.moa.id.configuration.validation.TargetValidator;
import at.gv.egovernment.moa.util.MiscUtil;
@@ -35,19 +59,22 @@ public class OAGeneralConfig {
private boolean businessService = false;
private String target = null;
+ private String target_subsector = null;
+ private String target_admin = null;
+ private static List<String> targetList = null;
private String targetFriendlyName = null;
+ private boolean isAdminTarget = false;
private String identificationNumber = null;
private String identificationType = null;
+ private static List<String> identificationTypeList = null;
private String aditionalAuthBlockText = null;
private String mandateProfiles = null;
+ private boolean useMandates = false;
private boolean isActive = false;
- private String slVersion = null;
- private boolean useIFrame = false;
- private boolean useUTC = false;
private boolean calculateHPI = false;
private String keyBoxIdentifier = null;
@@ -56,6 +83,8 @@ public class OAGeneralConfig {
private boolean legacy = false;
List<String> SLTemplates = null;
+ private boolean isHideBPKAuthBlock = false;
+
private Map<String, byte[]> transformations;
@@ -69,6 +98,14 @@ public class OAGeneralConfig {
bkuLocalURL = Constants.DEFAULT_LOCALBKU_URL;
bkuHandyURL = Constants.DEFAULT_HANDYBKU_URL;
+
+ targetList = TargetValidator.getListOfTargets();
+ target = "";
+
+ identificationTypeList = Arrays.asList(
+ Constants.IDENIFICATIONTYPE_FN,
+ Constants.IDENIFICATIONTYPE_ZVR,
+ Constants.IDENIFICATIONTYPE_ERSB);
}
@@ -81,8 +118,29 @@ public class OAGeneralConfig {
keyBoxIdentifier = dbOAConfig.getKeyBoxIdentifier().value();
identifier = dbOAConfig.getPublicURLPrefix();
- target = dbOAConfig.getTarget();
- targetFriendlyName = dbOAConfig.getTargetFriendlyName();
+
+ String target_full = dbOAConfig.getTarget();
+ if (MiscUtil.isNotEmpty(target_full)) {
+ if (TargetValidator.isValidTarget(target_full)) {
+ target = target_full;
+
+ } else {
+ String[] target_split = target_full.split("-");
+
+ if (TargetValidator.isValidTarget(target_split[0])) {
+ target = target_split[0];
+ if (target_split.length > 1)
+ target_subsector = target_split[1];
+
+ } else {
+ target = "";
+ target_subsector = null;
+ target_admin = target_full;
+ isAdminTarget = true;
+ }
+ }
+ targetFriendlyName = dbOAConfig.getTargetFriendlyName();
+ }
if (dbOAConfig.getType().equals(Constants.MOA_CONFIG_BUSINESSSERVICE))
businessService = true;
@@ -127,16 +185,32 @@ public class OAGeneralConfig {
IdentificationNumber idnumber = oaauth.getIdentificationNumber();
if (idnumber != null) {
- identificationNumber = idnumber.getValue();
+ String number = idnumber.getValue();
+ if (MiscUtil.isNotEmpty(number)) {
+ String[] split = number.split("\\+");
+
+ if (Constants.PREFIX_WPBK.startsWith(split[0]) && split.length >= 2) {
+ identificationType = split[1];
+ identificationNumber = split[2];
+ }
+ }
}
Mandates mandates = oaauth.getMandates();
if (mandates != null) {
- mandateProfiles = mandates.getProfiles();
+
+ if (MiscUtil.isNotEmpty(mandates.getProfiles())) {
+ mandateProfiles = mandates.getProfiles();
+ useMandates = true;
+
+ } else {
+ mandateProfiles = new String();
+ useMandates = false;
+ }
+
+
}
- slVersion = oaauth.getSlVersion();
-
TemplatesType templates = oaauth.getTemplates();
if (templates != null) {
aditionalAuthBlockText = templates.getAditionalAuthBlockText();
@@ -162,12 +236,9 @@ public class OAGeneralConfig {
transformations.put(el.getFilename(), el.getTransformation());
}
- useIFrame = oaauth.isUseIFrame();
- useUTC = oaauth.isUseUTC();
}
-
-
+ isHideBPKAuthBlock = dbOAConfig.isRemoveBPKFromAuthBlock();
}
@@ -243,30 +314,6 @@ public class OAGeneralConfig {
this.isActive = isActive;
}
- public String getSlVersion() {
- return slVersion;
- }
-
- public void setSlVersion(String slVersion) {
- this.slVersion = slVersion;
- }
-
- public boolean isUseIFrame() {
- return useIFrame;
- }
-
- public void setUseIFrame(boolean useIFrame) {
- this.useIFrame = useIFrame;
- }
-
- public boolean isUseUTC() {
- return useUTC;
- }
-
- public void setUseUTC(boolean useUTC) {
- this.useUTC = useUTC;
- }
-
public boolean isBusinessService() {
return businessService;
}
@@ -461,6 +508,101 @@ public class OAGeneralConfig {
SLTemplates.add(sLTemplateURL3);
}
+
+ /**
+ * @return the target_subsector
+ */
+ public String getTarget_subsector() {
+ return target_subsector;
+ }
+
+
+ /**
+ * @param target_subsector the target_subsector to set
+ */
+ public void setTarget_subsector(String target_subsector) {
+ this.target_subsector = target_subsector;
+ }
+
+
+ /**
+ * @return the target_admin
+ */
+ public String getTarget_admin() {
+ return target_admin;
+ }
+
+
+ /**
+ * @param target_admin the target_admin to set
+ */
+ public void setTarget_admin(String target_admin) {
+ this.target_admin = target_admin;
+ }
+
+
+ /**
+ * @return the targetList
+ */
+ public List<String> getTargetList() {
+ return targetList;
+ }
+
+
+ /**
+ * @return the identificationTypeList
+ */
+ public List<String> getIdentificationTypeList() {
+ return identificationTypeList;
+ }
+
+
+ /**
+ * @return the isAdminTarget
+ */
+ public boolean isAdminTarget() {
+ return isAdminTarget;
+ }
+
+
+ /**
+ * @param isAdminTarget the isAdminTarget to set
+ */
+ public void setAdminTarget(boolean isAdminTarget) {
+ this.isAdminTarget = isAdminTarget;
+ }
+
+
+ /**
+ * @return the isHideBPKAuthBlock
+ */
+ public boolean isHideBPKAuthBlock() {
+ return isHideBPKAuthBlock;
+ }
+
+
+ /**
+ * @param isHideBPKAuthBlock the isHideBPKAuthBlock to set
+ */
+ public void setHideBPKAuthBlock(boolean isHideBPKAuthBlock) {
+ this.isHideBPKAuthBlock = isHideBPKAuthBlock;
+ }
+
+
+ /**
+ * @return the useMandates
+ */
+ public boolean isUseMandates() {
+ return useMandates;
+ }
+
+
+ /**
+ * @param useMandates the useMandates to set
+ */
+ public void setUseMandates(boolean useMandates) {
+ this.useMandates = useMandates;
+ }
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAOAuth20Config.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAOAuth20Config.java
new file mode 100644
index 000000000..347628481
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAOAuth20Config.java
@@ -0,0 +1,109 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
+package at.gv.egovernment.moa.id.configuration.data.oa;
+
+import java.util.ArrayList;
+import java.util.List;
+import java.util.UUID;
+
+import org.apache.commons.lang.StringUtils;
+import org.apache.log4j.Logger;
+
+import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA;
+import at.gv.egovernment.moa.id.commons.db.dao.config.OAOAUTH20;
+import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
+import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
+import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Util;
+
+public class OAOAuth20Config {
+
+ private final Logger log = Logger.getLogger(OAOAuth20Config.class);
+
+ private String clientId = null;
+ private String clientSecret = null;
+ private String redirectUri = null;
+
+ public OAOAuth20Config() {
+ }
+
+ public List<String> parse(OnlineApplication dbOAConfig) {
+ List<String> errors = new ArrayList<String>();
+
+ AuthComponentOA authdata = dbOAConfig.getAuthComponentOA();
+ if (authdata != null) {
+ // set client id to public url prefix
+ this.clientId = dbOAConfig.getPublicURLPrefix();
+
+ OAOAUTH20 config = authdata.getOAOAUTH20();
+
+ if (config != null) {
+ // validate secret
+ if (StringUtils.isNotEmpty(config.getOAuthClientSecret())) {
+ this.clientSecret = config.getOAuthClientSecret();
+ } else {
+ this.generateClientSecret();
+ }
+
+ // validate redirectUri
+ if (StringUtils.isNotEmpty(config.getOAuthRedirectUri()) && OAuth20Util.isUrl(config.getOAuthRedirectUri())) {
+ this.redirectUri = config.getOAuthRedirectUri();
+ } else {
+ errors.add(LanguageHelper.getErrorString("error.oa.oauth.redirecturi"));
+ }
+ } else {
+ this.generateClientSecret();
+ }
+ }
+
+ return errors;
+ }
+
+ public String getClientId() {
+ return clientId;
+ }
+
+ public void setClientId(String clientId) {
+ this.clientId = clientId;
+ }
+
+ public String getClientSecret() {
+ return clientSecret;
+ }
+
+ public void setClientSecret(String clientSecret) {
+ this.clientSecret = clientSecret;
+ }
+
+ public String getRedirectUri() {
+ return redirectUri;
+ }
+
+ public void setRedirectUri(String redirectUri) {
+ this.redirectUri = redirectUri;
+ }
+
+ public void generateClientSecret() {
+ this.clientSecret = UUID.randomUUID().toString();
+ }
+
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAPVP2Config.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAPVP2Config.java
index fdce518a7..0a03ac77b 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAPVP2Config.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAPVP2Config.java
@@ -1,8 +1,29 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.data.oa;
import java.io.File;
import java.io.FileInputStream;
-import java.io.FileNotFoundException;
import java.io.IOException;
import java.security.cert.CertificateException;
import java.util.ArrayList;
@@ -15,7 +36,6 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA;
import at.gv.egovernment.moa.id.commons.db.dao.config.OAPVP2;
import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
-import at.gv.egovernment.moa.id.configuration.struts.action.EditOAAction;
import at.gv.egovernment.moa.util.MiscUtil;
public class OAPVP2Config {
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASAML1Config.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASAML1Config.java
index 687a06b9e..cdfb20294 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASAML1Config.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASAML1Config.java
@@ -1,3 +1,25 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.data.oa;
import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA;
@@ -6,6 +28,7 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
public class OASAML1Config {
+ private boolean isActive = false;
private boolean provideStammZahl = false;
private boolean provideAuthBlock = false;
private boolean provideIdentityLink = false;
@@ -28,8 +51,15 @@ public class OASAML1Config {
provideFullMandateData = saml1.isProvideFullMandatorData();
provideIdentityLink = saml1.isProvideIdentityLink();
provideStammZahl = saml1.isProvideStammzahl();
- useCondition = saml1.isUseCondition();
- conditionLength = saml1.getConditionLength().intValue();
+
+ if (saml1.isUseCondition() != null)
+ useCondition = saml1.isUseCondition();
+
+ if (saml1.getConditionLength() != null)
+ conditionLength = saml1.getConditionLength().intValue();
+
+ if (saml1.isIsActive() != null)
+ isActive = saml1.isIsActive();
}
}
}
@@ -76,6 +106,21 @@ public class OASAML1Config {
public void setConditionLength(int conditionLength) {
this.conditionLength = conditionLength;
}
+
+ /**
+ * @return the isActive
+ */
+ public boolean isActive() {
+ return isActive;
+ }
+
+ /**
+ * @param isActive the isActive to set
+ */
+ public void setActive(boolean isActive) {
+ this.isActive = isActive;
+ }
+
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASSOConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASSOConfig.java
index 0241b6a04..593c2291f 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASSOConfig.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASSOConfig.java
@@ -1,3 +1,25 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.data.oa;
import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA;
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java
index 74edde653..d7c71105d 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java
@@ -1,3 +1,25 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.data.oa;
public class OASTORKConfig {
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/pvp2/ContactForm.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/pvp2/ContactForm.java
index fe685e6d0..a2d6d8775 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/pvp2/ContactForm.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/pvp2/ContactForm.java
@@ -1,3 +1,25 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.data.pvp2;
import java.util.ArrayList;
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/exception/ConfigurationException.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/exception/ConfigurationException.java
index e83bf6997..358151d23 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/exception/ConfigurationException.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/exception/ConfigurationException.java
@@ -1,3 +1,25 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.exception;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
@@ -14,4 +36,8 @@ public class ConfigurationException extends Exception {
super(LanguageHelper.getErrorString(errorname), e);
}
+ public ConfigurationException(Throwable e) {
+ super(e);
+ }
+
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java
index 7dac458ca..0d52234bc 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java
@@ -1,7 +1,28 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.filter;
import java.io.IOException;
-import java.io.PrintWriter;
import java.util.ArrayList;
import java.util.StringTokenizer;
import java.util.regex.Pattern;
@@ -129,7 +150,7 @@ public class AuthenticationFilter implements Filter{
if (authuser == null) {
- authuser = new AuthenticatedUser(0, "Max", "TestUser", "maxtestuser", true, true);
+ authuser = new AuthenticatedUser(0, "Max", "TestUser", null, "maxtestuser", true, true, false, false);
//authuser = new AuthenticatedUser(1, "Max", "TestUser", true, false);
httpServletRequest.getSession().setAttribute(Constants.SESSION_AUTH, authuser);
}
@@ -147,24 +168,14 @@ public class AuthenticationFilter implements Filter{
}
} else {
- //check login Daten
-
- //loginPageForward = true;
-
-
if (MiscUtil.isNotEmpty(getAuthenticatedPage())) {
log.debug("Unable to find authentication data. Authenticated page is given so there is no need to save original request url. " + (loginPageForward ? "Forwarding" : "Redirecting") + " to login page \"" + loginPage + "\".");
-
-
}
else {
log.debug("Unable to find authentication data. Storing request url and " + (loginPageForward ? "forwarding" : "redirecting") + " to login page \"" + loginPage + "\".");
- // TODO: save HttpServletRequest
- // log.debug("new CustomHttpServletRequest(request).toString() =
- // {}", new
- // CustomHttpServletRequest(httpServletRequest).toString());
session.setAttribute(STORED_REQUEST_URL_ID, requestURL);
+
}
if (loginPageForward) {
@@ -184,7 +195,7 @@ public class AuthenticationFilter implements Filter{
filterchain.doFilter(req, resp);
} catch (Exception e) {
-
+
// String redirectURL = "./index.action";
// HttpServletResponse httpResp = (HttpServletResponse) resp;
// redirectURL = httpResp.encodeRedirectURL(redirectURL);
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/AuthenticationHelper.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/AuthenticationHelper.java
index b2f1b106f..4d47d8d96 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/AuthenticationHelper.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/AuthenticationHelper.java
@@ -1,3 +1,25 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.helper;
import java.security.spec.KeySpec;
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/DateTimeHelper.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/DateTimeHelper.java
new file mode 100644
index 000000000..eed4aa32f
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/DateTimeHelper.java
@@ -0,0 +1,59 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
+package at.gv.egovernment.moa.id.configuration.helper;
+
+import java.text.ParseException;
+import java.text.SimpleDateFormat;
+import java.util.Date;
+
+import org.apache.log4j.Logger;
+
+import at.gv.egovernment.moa.util.MiscUtil;
+
+public class DateTimeHelper {
+
+ private static final Logger log = Logger.getLogger(DateTimeHelper.class);
+
+ private static final String DATETIMEPATTERN = "dd.MM.yyy HH:mm";
+
+ public static String getDateTime(Date date) {
+ SimpleDateFormat f = new SimpleDateFormat(DATETIMEPATTERN);
+ return f.format(date);
+ }
+
+ public static Date parseDateTime(String date) {
+ SimpleDateFormat f = new SimpleDateFormat(DATETIMEPATTERN);
+
+ if (MiscUtil.isNotEmpty(date)) {
+
+ try {
+ return f.parse(date);
+
+ } catch (ParseException e) {
+ log.warn("Parse DATETIME String " + date + " failed", e);
+
+ }
+ }
+ return null;
+ }
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/FormDataHelper.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/FormDataHelper.java
new file mode 100644
index 000000000..d3a9ffcd4
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/FormDataHelper.java
@@ -0,0 +1,75 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
+package at.gv.egovernment.moa.id.configuration.helper;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
+import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase;
+import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
+import at.gv.egovernment.moa.id.configuration.data.OAListElement;
+
+public class FormDataHelper {
+
+ public static ArrayList<OAListElement> addFormOAs(List<OnlineApplication> dbOAs) {
+
+ ArrayList<OAListElement> formOAs = new ArrayList<OAListElement>();
+
+ for (OnlineApplication dboa : dbOAs) {
+ OAListElement listoa = new OAListElement();
+ listoa.setActive(dboa.isIsActive());
+ listoa.setDataBaseID(dboa.getHjid());
+ listoa.setOaFriendlyName(dboa.getFriendlyName());
+ listoa.setOaIdentifier(dboa.getPublicURLPrefix());
+ listoa.setOaType(dboa.getType());
+ formOAs.add(listoa);
+ }
+
+ return formOAs;
+ }
+
+ public static ArrayList<AuthenticatedUser> addFormUsers(List<UserDatabase> dbuserlist) {
+ ArrayList<AuthenticatedUser> userlist = new ArrayList<AuthenticatedUser>();
+
+ for (UserDatabase dbuser : dbuserlist) {
+
+ boolean ismandate = false;
+ if (dbuser.isIsMandateUser() != null)
+ ismandate = dbuser.isIsMandateUser();
+
+
+ userlist.add(new AuthenticatedUser(
+ dbuser.getHjid(),
+ dbuser.getGivenname(),
+ dbuser.getFamilyname(),
+ dbuser.getInstitut(),
+ dbuser.getUsername(),
+ dbuser.isIsActive(),
+ dbuser.isIsAdmin(),
+ ismandate,
+ false));
+ }
+ return userlist;
+ }
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/LanguageHelper.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/LanguageHelper.java
index 08f200c50..a2f0628eb 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/LanguageHelper.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/LanguageHelper.java
@@ -1,3 +1,25 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.helper;
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/MailHelper.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/MailHelper.java
new file mode 100644
index 000000000..6f1112e2e
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/MailHelper.java
@@ -0,0 +1,275 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
+package at.gv.egovernment.moa.id.configuration.helper;
+
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.InputStream;
+import java.io.StringWriter;
+import java.io.UnsupportedEncodingException;
+import java.text.SimpleDateFormat;
+import java.util.Date;
+import java.util.Properties;
+
+import javax.mail.BodyPart;
+import javax.mail.Message;
+import javax.mail.MessagingException;
+import javax.mail.Session;
+import javax.mail.Transport;
+import javax.mail.internet.InternetAddress;
+import javax.mail.internet.MimeBodyPart;
+import javax.mail.internet.MimeMessage;
+import javax.mail.internet.MimeMultipart;
+
+import org.apache.commons.io.IOUtils;
+import org.apache.log4j.Logger;
+
+import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase;
+import at.gv.egovernment.moa.id.configuration.Constants;
+import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider;
+import at.gv.egovernment.moa.id.configuration.exception.ConfigurationException;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+public class MailHelper {
+
+ private static final Logger log = Logger.getLogger(MailHelper.class);
+
+ private static final String PATTERN_GIVENNAME = "#GIVENNAME#";
+ private static final String PATTERN_FAMILYNAME = "#FAMILYNAME#";
+ private static final String PATTERN_URL = "#MANDATE_SERVICE_LINK#";
+ private static final String PATTERN_DATE = "#TODAY_DATE#";
+ private static final String PATTERN_OPENOAS = "#NUMBER_OAS#";
+ private static final String PATTERN_OPENUSERS = "#NUMBER_USERSS#";
+ private static final String PATTERN_OANAME = "#OANAME#";
+
+ public static void sendUserMailAddressVerification(UserDatabase userdb) throws ConfigurationException {
+
+ ConfigurationProvider config = ConfigurationProvider.getInstance();
+ String templateurl = config.getMailUserAcountVerificationTemplate();
+
+ String template = readTemplateFromURL(templateurl);
+
+ if (userdb.isIsMandateUser()) {
+ template = template.replace(PATTERN_GIVENNAME, userdb.getInstitut());
+ template = template.replace(PATTERN_FAMILYNAME, "");
+
+ } else {
+ template = template.replace(PATTERN_GIVENNAME, userdb.getGivenname());
+ template = template.replace(PATTERN_FAMILYNAME, userdb.getFamilyname());
+ }
+
+ SimpleDateFormat dateformat = new SimpleDateFormat("dd.MM.yyyy");
+ template = template.replace(PATTERN_DATE, dateformat.format(new Date()));
+
+ String verificationURL = config.getPublicUrlPreFix(null);
+
+ if (!verificationURL.endsWith("/"))
+ verificationURL = verificationURL + "/";
+
+ verificationURL = verificationURL + Constants.SERVLET_ACCOUNTVERIFICATION +
+ "?" + Constants.REQUEST_USERREQUESTTOKKEN +
+ "=" + userdb.getUserRequestTokken();
+ template = template.replace(PATTERN_URL, verificationURL);
+
+ sendMail(config, config.getMailUserAcountVerificationSubject(),
+ userdb.getMail(), template);
+
+ }
+
+ public static void sendAdminMail(int numOpenOAs, int numOpenUsers) throws ConfigurationException {
+ ConfigurationProvider config = ConfigurationProvider.getInstance();
+ String templateurl = config.getMailAdminTemplate();
+
+ String template = readTemplateFromURL(templateurl);
+ template = template.replace(PATTERN_OPENOAS, String.valueOf(numOpenOAs));
+ template = template.replace(PATTERN_OPENUSERS, String.valueOf(numOpenUsers));
+
+ SimpleDateFormat dateformat = new SimpleDateFormat("dd.MM.yyyy");
+ template = template.replace(PATTERN_DATE, dateformat.format(new Date()));
+
+ sendMail(config, config.getMailAdminSubject(), config.getMailAdminAddress(), template);
+
+ }
+
+ public static void sendUserAccountActivationMail(String givenname, String familyname, String institut, String mailurl) throws ConfigurationException {
+ ConfigurationProvider config = ConfigurationProvider.getInstance();
+ String templateurl = config.getMailUserAcountActivationTemplate();
+
+ String template = readTemplateFromURL(templateurl);
+ if (MiscUtil.isNotEmpty(institut)) {
+ template = template.replace(PATTERN_GIVENNAME, institut);
+ template = template.replace(PATTERN_FAMILYNAME, "");
+
+ } else {
+ template = template.replace(PATTERN_GIVENNAME, givenname);
+ template = template.replace(PATTERN_FAMILYNAME, familyname);
+ }
+
+
+ SimpleDateFormat dateformat = new SimpleDateFormat("dd.MM.yyyy");
+ template = template.replace(PATTERN_DATE, dateformat.format(new Date()));
+
+ String verificationURL = config.getPublicUrlPreFix(null);
+ if (!verificationURL.endsWith("/"))
+ verificationURL = verificationURL + "/";
+
+ template = template.replace(PATTERN_URL, verificationURL);
+
+ sendMail(config, config.getMailUserAcountActivationSubject(),
+ mailurl, template);
+ }
+
+ public static void sendUserOnlineApplicationActivationMail(String givenname, String familyname, String institut, String oaname, String mailurl) throws ConfigurationException {
+ ConfigurationProvider config = ConfigurationProvider.getInstance();
+ String templateurl = config.getMailOAActivationTemplate();
+
+ String template = readTemplateFromURL(templateurl);
+ if (MiscUtil.isNotEmpty(institut)) {
+ template = template.replace(PATTERN_GIVENNAME, institut);
+ template = template.replace(PATTERN_FAMILYNAME, "");
+
+ } else {
+ template = template.replace(PATTERN_GIVENNAME, givenname);
+ template = template.replace(PATTERN_FAMILYNAME, familyname);
+ }
+
+ template = template.replace(PATTERN_OANAME, oaname);
+
+ SimpleDateFormat dateformat = new SimpleDateFormat("dd.MM.yyyy");
+ template = template.replace(PATTERN_DATE, dateformat.format(new Date()));
+
+ String verificationURL = config.getPublicUrlPreFix(null);
+ if (!verificationURL.endsWith("/"))
+ verificationURL = verificationURL + "/";
+
+ template = template.replace(PATTERN_URL, verificationURL);
+
+ sendMail(config, config.getMailOAActivationSubject(),
+ mailurl, template);
+ }
+
+ public static void sendUserAccountRevocationMail(UserDatabase userdb) throws ConfigurationException {
+ ConfigurationProvider config = ConfigurationProvider.getInstance();
+ String templateurl = config.getMailUserAcountRevocationTemplate();
+
+ String template = readTemplateFromURL(templateurl);
+
+ if (userdb.isIsMandateUser()) {
+ template = template.replace(PATTERN_GIVENNAME, userdb.getInstitut());
+ template = template.replace(PATTERN_FAMILYNAME, "");
+
+ } else {
+ template = template.replace(PATTERN_GIVENNAME, userdb.getGivenname());
+ template = template.replace(PATTERN_FAMILYNAME, userdb.getFamilyname());
+ }
+
+ SimpleDateFormat dateformat = new SimpleDateFormat("dd.MM.yyyy");
+ template = template.replace(PATTERN_DATE, dateformat.format(new Date()));
+
+ sendMail(config, config.getMailUserAcountActivationSubject(),
+ userdb.getMail(), template);
+ }
+
+ private static String readTemplateFromURL(String templateurl) throws ConfigurationException {
+ InputStream input;
+ try {
+ File file = new File(templateurl);
+ input = new FileInputStream(file);
+ StringWriter writer = new StringWriter();
+ IOUtils.copy(input, writer);
+ input.close();
+ return writer.toString();
+
+ } catch (Exception e) {
+ log.warn("Mailtemplate can not be read from source" + templateurl);
+ throw new ConfigurationException("Mailtemplate can not be read from source" + templateurl);
+
+ }
+ }
+
+ private static void sendMail(ConfigurationProvider config, String subject, String recipient, String content) throws ConfigurationException {
+ try {
+ log.debug("Sending mail.");
+ MiscUtil.assertNotNull(subject, "subject");
+ MiscUtil.assertNotNull(recipient, "recipient");
+ MiscUtil.assertNotNull(content, "content");
+
+ Properties props = new Properties();
+ props.setProperty("mail.transport.protocol", "smtp");
+ props.setProperty("mail.host", config.getSMTPMailHost());
+ log.trace("Mail host: " + config.getSMTPMailHost());
+ if (config.getSMTPMailPort() != null) {
+ log.trace("Mail port: " + config.getSMTPMailPort());
+ props.setProperty("mail.port", config.getSMTPMailPort());
+ }
+ if (config.getSMTPMailUsername() != null) {
+ log.trace("Mail user: " + config.getSMTPMailUsername());
+ props.setProperty("mail.user", config.getSMTPMailUsername());
+ }
+ if (config.getSMTPMailPassword() != null) {
+ log.trace("Mail password: " + config.getSMTPMailPassword());
+ props.setProperty("mail.password", config.getSMTPMailPassword());
+ }
+
+ Session mailSession = Session.getDefaultInstance(props, null);
+ Transport transport = mailSession.getTransport();
+
+ MimeMessage message = new MimeMessage(mailSession);
+ message.setSubject(subject);
+ log.trace("Mail from: " + config.getMailFromName() + "/" + config.getMailFromAddress());
+ message.setFrom(new InternetAddress(config.getMailFromAddress(), config.getMailFromName()));
+ log.trace("Recipient: " + recipient);
+ message.addRecipient(Message.RecipientType.TO, new InternetAddress(recipient));
+
+ log.trace("Creating multipart content of mail.");
+ MimeMultipart multipart = new MimeMultipart("related");
+
+ log.trace("Adding first part (html)");
+ BodyPart messageBodyPart = new MimeBodyPart();
+ messageBodyPart.setContent(content, "text/html; charset=ISO-8859-15");
+ multipart.addBodyPart(messageBodyPart);
+
+// log.trace("Adding mail images");
+// messageBodyPart = new MimeBodyPart();
+// for (Image image : images) {
+// messageBodyPart.setDataHandler(new DataHandler(image));
+// messageBodyPart.setHeader("Content-ID", "<" + image.getContentId() + ">");
+// multipart.addBodyPart(messageBodyPart);
+// }
+
+ message.setContent(multipart);
+ transport.connect();
+ log.trace("Sending mail message.");
+ transport.sendMessage(message, message.getRecipients(Message.RecipientType.TO));
+ log.trace("Successfully sent.");
+ transport.close();
+
+ } catch(MessagingException e) {
+ throw new ConfigurationException(e);
+
+ } catch (UnsupportedEncodingException e) {
+ throw new ConfigurationException(e);
+
+ }
+ }
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/StringHelper.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/StringHelper.java
index 8abb0be86..43fc78821 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/StringHelper.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/StringHelper.java
@@ -1,3 +1,25 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.helper;
public class StringHelper {
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java
index da87a197f..f1a8c8694 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java
@@ -1,14 +1,38 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.struts.action;
import java.math.BigInteger;
import java.util.ArrayList;
import java.util.Arrays;
+import java.util.Date;
import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
import org.apache.log4j.Logger;
import org.apache.struts2.interceptor.ServletRequestAware;
@@ -26,9 +50,7 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.ForeignIdentities;
import at.gv.egovernment.moa.id.commons.db.dao.config.GeneralConfiguration;
import at.gv.egovernment.moa.id.commons.db.dao.config.IdentificationNumber;
import at.gv.egovernment.moa.id.commons.db.dao.config.IdentityLinkSigners;
-import at.gv.egovernment.moa.id.commons.db.dao.config.IdentityLinkSignersX509SubjectNameItem;
import at.gv.egovernment.moa.id.commons.db.dao.config.LegacyAllowed;
-import at.gv.egovernment.moa.id.commons.db.dao.config.LegacyAllowedProtocolNameItem;
import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration;
import at.gv.egovernment.moa.id.commons.db.dao.config.MOASP;
import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineMandates;
@@ -43,7 +65,6 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.TimeOuts;
import at.gv.egovernment.moa.id.commons.db.dao.config.TransformsInfoType;
import at.gv.egovernment.moa.id.commons.db.dao.config.TrustAnchor;
import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyAuthBlock;
-import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyAuthBlockVerifyTransformsInfoProfileIDItem;
import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyIdentityLink;
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
import at.gv.egovernment.moa.id.configuration.Constants;
@@ -51,7 +72,7 @@ import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
import at.gv.egovernment.moa.id.configuration.data.GeneralMOAIDConfig;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
import at.gv.egovernment.moa.id.configuration.validation.moaconfig.MOAConfigValidator;
-import at.gv.egovernment.moa.id.configuration.validation.moaconfig.PVP2ContactValidator;
+import at.gv.egovernment.moa.id.util.Random;
import at.gv.egovernment.moa.util.MiscUtil;
import com.opensymphony.xwork2.ActionSupport;
@@ -63,15 +84,20 @@ public class EditGeneralConfigAction extends ActionSupport
private static final long serialVersionUID = 1L;
private HttpServletRequest request;
- private HttpServletResponse response;
private AuthenticatedUser authUser;
-
private GeneralMOAIDConfig moaconfig;
+ private String formID;
+
public String loadConfig() {
+ HttpSession session = request.getSession();
+ if (session == null) {
+ log.info("No http Session found.");
+ return Constants.STRUTS_ERROR;
+ }
- Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+ Object authUserObj = session.getAttribute(Constants.SESSION_AUTH);
authUser = (AuthenticatedUser) authUserObj;
if (authUser.isAdmin()) {
@@ -83,6 +109,9 @@ public class EditGeneralConfigAction extends ActionSupport
ConfigurationDBUtils.closeSession();
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+
return Constants.STRUTS_SUCCESS;
} else {
@@ -92,11 +121,30 @@ public class EditGeneralConfigAction extends ActionSupport
}
public String saveConfig() {
+ HttpSession session = request.getSession();
+ if (session == null) {
+ log.info("No http Session found.");
+ return Constants.STRUTS_ERROR;
+ }
- Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
-
+ Object authUserObj = session.getAttribute(Constants.SESSION_AUTH);
authUser = (AuthenticatedUser) authUserObj;
+ Object formidobj = session.getAttribute(Constants.SESSION_FORMID);
+ if (formidobj != null && formidobj instanceof String) {
+ String formid = (String) formidobj;
+ if (!formid.equals(formID)) {
+ log.warn("FormIDs does not match. Some suspect Form is received from user "
+ + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID());
+ return Constants.STRUTS_ERROR;
+ }
+ } else {
+ log.warn("FormIDs does not match. Some suspect Form is received from user "
+ + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID());
+ return Constants.STRUTS_ERROR;
+ }
+ session.setAttribute(Constants.SESSION_FORMID, null);
+
if (authUser.isAdmin()) {
MOAConfigValidator validator = new MOAConfigValidator();
@@ -108,6 +156,8 @@ public class EditGeneralConfigAction extends ActionSupport
for (String el : errors)
addActionError(el);
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
return Constants.STRUTS_ERROR_VALIDATION;
}
@@ -456,7 +506,9 @@ public class EditGeneralConfigAction extends ActionSupport
dbconfig.setTrustedCACertificates(moaconfig.getTrustedCACerts());
//save config
- try {
+ try {
+ dbconfig.setTimestampItem(new Date());
+
ConfigurationDBUtils.save(dbconfig);
if (oldconfig != null)
@@ -473,8 +525,7 @@ public class EditGeneralConfigAction extends ActionSupport
}
public void setServletResponse(HttpServletResponse response) {
- this.response = response;
-
+// this.response = response;
}
public void setServletRequest(HttpServletRequest request) {
@@ -502,6 +553,20 @@ public class EditGeneralConfigAction extends ActionSupport
public void setMoaconfig(GeneralMOAIDConfig moaconfig) {
this.moaconfig = moaconfig;
}
+
+ /**
+ * @return the formID
+ */
+ public String getFormID() {
+ return formID;
+ }
+
+ /**
+ * @param formID the formID to set
+ */
+ public void setFormID(String formID) {
+ this.formID = formID;
+ }
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java
index 297d80726..5366aff23 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java
@@ -1,25 +1,62 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.struts.action;
+import iaik.utils.URLDecoder;
+
+import java.io.ByteArrayInputStream;
+import java.io.File;
+import java.io.FileInputStream;
import java.io.IOException;
+import java.io.InputStream;
import java.math.BigInteger;
import java.security.cert.CertificateException;
import java.util.ArrayList;
+import java.util.Date;
+import java.util.HashMap;
import java.util.List;
+import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
import org.apache.log4j.Logger;
import org.apache.struts2.interceptor.ServletRequestAware;
import org.apache.struts2.interceptor.ServletResponseAware;
+import at.gv.egovernment.moa.id.auth.builder.LoginFormBuilder;
import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead;
import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA;
+import at.gv.egovernment.moa.id.commons.db.dao.config.BKUSelectionCustomizationType;
import at.gv.egovernment.moa.id.commons.db.dao.config.BKUURLS;
+import at.gv.egovernment.moa.id.commons.db.dao.config.DefaultBKUs;
import at.gv.egovernment.moa.id.commons.db.dao.config.IdentificationNumber;
+import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration;
import at.gv.egovernment.moa.id.commons.db.dao.config.MOAKeyBoxSelector;
import at.gv.egovernment.moa.id.commons.db.dao.config.Mandates;
+import at.gv.egovernment.moa.id.commons.db.dao.config.OAOAUTH20;
import at.gv.egovernment.moa.id.commons.db.dao.config.OAPVP2;
import at.gv.egovernment.moa.id.commons.db.dao.config.OASAML1;
import at.gv.egovernment.moa.id.commons.db.dao.config.OASSO;
@@ -33,50 +70,76 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase;
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
import at.gv.egovernment.moa.id.configuration.Constants;
import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
+import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider;
+import at.gv.egovernment.moa.id.configuration.data.FormularCustomization;
import at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig;
+import at.gv.egovernment.moa.id.configuration.data.oa.OAOAuth20Config;
import at.gv.egovernment.moa.id.configuration.data.oa.OAPVP2Config;
import at.gv.egovernment.moa.id.configuration.data.oa.OASAML1Config;
import at.gv.egovernment.moa.id.configuration.data.oa.OASSOConfig;
import at.gv.egovernment.moa.id.configuration.data.oa.OASTORKConfig;
+import at.gv.egovernment.moa.id.configuration.exception.ConfigurationException;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
+import at.gv.egovernment.moa.id.configuration.helper.MailHelper;
+import at.gv.egovernment.moa.id.configuration.validation.FormularCustomizationValitator;
+import at.gv.egovernment.moa.id.configuration.validation.TargetValidator;
import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper;
import at.gv.egovernment.moa.id.configuration.validation.oa.OAGeneralConfigValidation;
+import at.gv.egovernment.moa.id.configuration.validation.oa.OAOAUTH20ConfigValidation;
import at.gv.egovernment.moa.id.configuration.validation.oa.OAPVP2ConfigValidation;
import at.gv.egovernment.moa.id.configuration.validation.oa.OASAML1ConfigValidation;
import at.gv.egovernment.moa.id.configuration.validation.oa.OASSOConfigValidation;
import at.gv.egovernment.moa.id.configuration.validation.oa.OASTORKConfigValidation;
+import at.gv.egovernment.moa.id.util.FormBuildUtils;
+import at.gv.egovernment.moa.id.util.Random;
import at.gv.egovernment.moa.util.MiscUtil;
import com.opensymphony.xwork2.ActionSupport;
-public class EditOAAction extends ActionSupport implements ServletRequestAware,
-ServletResponseAware {
-
+public class EditOAAction extends ActionSupport implements ServletRequestAware, ServletResponseAware {
+
private final Logger log = Logger.getLogger(EditOAAction.class);
private static final long serialVersionUID = 1L;
-
+
private HttpServletRequest request;
private HttpServletResponse response;
- private AuthenticatedUser authUser;
+ private AuthenticatedUser authUser;
private String oaidobj;
private boolean newOA;
+ private String formID;
+
+ private boolean onlyBusinessService = false;
+ private boolean subTargetSet = false;
+ private boolean deaktivededBusinessService = false;
+ private boolean isMetaDataRefreshRequired = false;
+
+ private String nextPage;
private OAGeneralConfig generalOA = new OAGeneralConfig();
private OAPVP2Config pvp2OA = new OAPVP2Config();
private OASAML1Config saml1OA = new OASAML1Config();
private OASSOConfig ssoOA = new OASSOConfig();
+ private OAOAuth20Config oauth20OA = new OAOAuth20Config();
private OASTORKConfig storkOA;
+ private FormularCustomization formOA = new FormularCustomization();
- //STRUTS actions
+ private InputStream stream;
+
+ // STRUTS actions
public String inital() {
+ HttpSession session = request.getSession();
+ if (session == null) {
+ log.info("No http Session found.");
+ return Constants.STRUTS_ERROR;
+ }
- Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+ Object authUserObj = session.getAttribute(Constants.SESSION_AUTH);
authUser = (AuthenticatedUser) authUserObj;
-
+
long oaid = -1;
if (!ValidationHelper.validateOAID(oaidobj)) {
@@ -84,38 +147,65 @@ ServletResponseAware {
return Constants.STRUTS_ERROR;
}
oaid = Long.valueOf(oaidobj);
-
- OnlineApplication onlineapplication = null;;
+
+ UserDatabase userdb = null;
+ OnlineApplication onlineapplication = null;
+
if (authUser.isAdmin())
onlineapplication = ConfigurationDBRead.getOnlineApplication(oaid);
+
else {
- UserDatabase userdb = ConfigurationDBRead.getUserWithID(authUser.getUserID());
+ userdb = ConfigurationDBRead.getUserWithID(authUser.getUserID());
+
+ if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null && !userdb.isIsMailAddressVerified()) {
+ log.info("Online-Applikation managemant disabled. Mail address is not verified.");
+ addActionError(LanguageHelper.getErrorString("error.editoa.mailverification"));
+ return Constants.STRUTS_SUCCESS;
+ }
+
+ // TODO: change to direct Database operation
List<OnlineApplication> oas = userdb.getOnlineApplication();
for (OnlineApplication oa : oas) {
if (oa.getHjid() == oaid) {
onlineapplication = oa;
break;
}
- }
+ }
if (onlineapplication == null) {
addActionError(LanguageHelper.getErrorString("errors.edit.oa.oaid", request));
return Constants.STRUTS_ERROR;
}
}
-
+
generalOA.parse(onlineapplication);
ssoOA.parse(onlineapplication);
saml1OA.parse(onlineapplication);
+ oauth20OA.parse(onlineapplication);
+ session.setAttribute(Constants.SESSION_OAUTH20SECRET, this.oauth20OA.getClientSecret());
+
+ Map<String, String> map = new HashMap<String, String>();
+ map.putAll(FormBuildUtils.getDefaultMap());
+ formOA.parse(onlineapplication, map);
+
+ session.setAttribute(Constants.SESSION_BKUFORMPREVIEW, map);
+
List<String> errors = pvp2OA.parse(onlineapplication);
if (errors.size() > 0) {
for (String el : errors)
- addActionError(el);
+ addActionError(el);
}
+ subTargetSet = MiscUtil.isNotEmpty(generalOA.getTarget_subsector());
+
+ // set UserSpezific OA Parameters
+ if (!authUser.isAdmin()) generateUserSpecificConfigurationOptions(userdb);
+
ConfigurationDBUtils.closeSession();
-
- request.getSession().setAttribute(Constants.SESSION_OAID, oaid);
+ session.setAttribute(Constants.SESSION_OAID, oaid);
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
newOA = false;
@@ -125,44 +215,108 @@ ServletResponseAware {
public String newOA() {
log.debug("insert new Online-Application");
- request.getSession().setAttribute(Constants.SESSION_OAID, null);
+ HttpSession session = request.getSession();
+ if (session == null) {
+ log.info("No http Session found.");
+ return Constants.STRUTS_ERROR;
+ }
+
+ session.setAttribute(Constants.SESSION_OAID, null);
+ nextPage = Constants.STRUTS_RETURNAREA_VALUES.main.name();
- Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+ Object authUserObj = session.getAttribute(Constants.SESSION_AUTH);
authUser = (AuthenticatedUser) authUserObj;
-
+
+ UserDatabase userdb = ConfigurationDBRead.getUserWithID(authUser.getUserID());
+
+ if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null && !userdb.isIsMailAddressVerified()) {
+ log.info("Online-Applikation managemant disabled. Mail address is not verified.");
+ addActionError(LanguageHelper.getErrorString("error.editoa.mailverification"));
+ return Constants.STRUTS_SUCCESS;
+ }
+
+ MOAIDConfiguration moaidconfig = ConfigurationDBRead.getMOAIDConfiguration();
+ if (moaidconfig != null) {
+ DefaultBKUs defaultbkus = moaidconfig.getDefaultBKUs();
+ if (defaultbkus != null) {
+ generalOA.setBkuHandyURL(defaultbkus.getHandyBKU());
+ generalOA.setBkuLocalURL(defaultbkus.getLocalBKU());
+ generalOA.setBkuOnlineURL(defaultbkus.getOnlineBKU());
+ }
+ }
+
+ // set UserSpezific OA Parameters
+ if (!authUser.isAdmin()) generateUserSpecificConfigurationOptions(userdb);
+
+ ConfigurationDBUtils.closeSession();
+
newOA = true;
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+
+ session.setAttribute(Constants.SESSION_BKUFORMPREVIEW, null);
+
+ this.oauth20OA.generateClientSecret();
+ session.setAttribute(Constants.SESSION_OAUTH20SECRET, this.oauth20OA.getClientSecret());
return Constants.STRUTS_OA_EDIT;
}
public String saveOA() {
-
- Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+ HttpSession session = request.getSession();
+ if (session == null) {
+ log.info("No http Session found.");
+ return Constants.STRUTS_ERROR;
+ }
+ Object authUserObj = session.getAttribute(Constants.SESSION_AUTH);
authUser = (AuthenticatedUser) authUserObj;
-
+
+ Object formidobj = session.getAttribute(Constants.SESSION_FORMID);
+ if (formidobj != null && formidobj instanceof String) {
+ String formid = (String) formidobj;
+ if (!formid.equals(formID)) {
+ log.warn("FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName()
+ + authUser.getGivenName() + authUser.getUserID());
+ return Constants.STRUTS_ERROR;
+ }
+ } else {
+ log.warn("FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName()
+ + authUser.getGivenName() + authUser.getUserID());
+ return Constants.STRUTS_ERROR;
+ }
+ session.setAttribute(Constants.SESSION_FORMID, null);
+
+ UserDatabase userdb = ConfigurationDBRead.getUserWithID(authUser.getUserID());
+ if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null && !userdb.isIsMailAddressVerified()) {
+ log.info("Online-Applikation managemant disabled. Mail address is not verified.");
+ addActionError(LanguageHelper.getErrorString("error.editoa.mailverification"));
+ return Constants.STRUTS_SUCCESS;
+ }
+
OnlineApplication onlineapplication = null;
List<String> errors = new ArrayList<String>();
Object oadbid = request.getSession().getAttribute(Constants.SESSION_OAID);
Long oaid = (long) -1;
- if (oadbid != null ) {
+ if (oadbid != null) {
try {
- oaid = (Long) oadbid;
+ oaid = (Long) oadbid;
if (oaid < 0 || oaid > Long.MAX_VALUE) {
addActionError(LanguageHelper.getErrorString("errors.edit.oa.oaid", request));
- return Constants.STRUTS_ERROR;
+ return Constants.STRUTS_ERROR;
}
- } catch (Throwable t) {
+ }
+ catch (Throwable t) {
addActionError(LanguageHelper.getErrorString("errors.edit.oa.oaid", request));
- return Constants.STRUTS_ERROR;
+ return Constants.STRUTS_ERROR;
}
}
- //valid DBID and check entry
+ // valid DBID and check entry
String oaidentifier = generalOA.getIdentifier();
if (MiscUtil.isEmpty(oaidentifier)) {
log.info("Empty OA identifier");
@@ -170,16 +324,16 @@ ServletResponseAware {
} else {
- //TODO: oaidentifier has to be a URL according to PVP2.1 specification
- if (ValidationHelper.isValidOAIdentifier(oaidentifier)) {
- log.warn("IdentificationNumber contains potentail XSS characters: " + oaidentifier);
- errors.add(LanguageHelper.getErrorString("validation.general.oaidentifier.valid",
- new Object[] {ValidationHelper.getNotValidOAIdentifierCharacters()} ));
+ if (!ValidationHelper.validateURL(oaidentifier)) {
+ log.warn("OnlineapplikationIdentifier is not a valid URL: " + oaidentifier);
+ errors.add(LanguageHelper.getErrorString("validation.general.oaidentifier.valid",
+ new Object[] { ValidationHelper.getNotValidOAIdentifierCharacters() }));
} else {
-
+
if (oaid == -1) {
onlineapplication = ConfigurationDBRead.getOnlineApplication(oaidentifier);
- if (onlineapplication != null) {
+ newOA = true;
+ if (onlineapplication != null) {
log.info("The OAIdentifier is not unique");
errors.add(LanguageHelper.getErrorString("validation.general.oaidentifier.notunique"));
}
@@ -188,7 +342,7 @@ ServletResponseAware {
onlineapplication = ConfigurationDBRead.getOnlineApplication(oaid);
if (!oaidentifier.equals(onlineapplication.getPublicURLPrefix())) {
- if (ConfigurationDBRead.getOnlineApplication(oaidentifier) != null) {
+ if (ConfigurationDBRead.getOnlineApplication(oaidentifier) != null) {
log.info("The OAIdentifier is not unique");
errors.add(LanguageHelper.getErrorString("validation.general.oaidentifier.notunique"));
}
@@ -196,42 +350,149 @@ ServletResponseAware {
}
}
}
-
- //check form
+
+ // set UserSpezific OA Parameters
+ if (!authUser.isAdmin()) generateUserSpecificConfigurationOptions(userdb);
+
+ // check form
OAGeneralConfigValidation validatior_general = new OAGeneralConfigValidation();
OAPVP2ConfigValidation validatior_pvp2 = new OAPVP2ConfigValidation();
OASAML1ConfigValidation validatior_saml1 = new OASAML1ConfigValidation();
OASSOConfigValidation validatior_sso = new OASSOConfigValidation();
OASTORKConfigValidation validator_stork = new OASTORKConfigValidation();
+ FormularCustomizationValitator validator_form = new FormularCustomizationValitator();
+ OAOAUTH20ConfigValidation validatior_oauth20 = new OAOAUTH20ConfigValidation();
- errors.addAll(validatior_general.validate(generalOA, authUser.isAdmin()));
+ errors.addAll(validatior_general.validate(generalOA, authUser.isAdmin()));
errors.addAll(validatior_pvp2.validate(pvp2OA));
errors.addAll(validatior_saml1.validate(saml1OA, generalOA));
errors.addAll(validatior_sso.validate(ssoOA, authUser.isAdmin()));
- errors.addAll(validator_stork.validate(storkOA));
+ errors.addAll(validator_stork.validate(storkOA));
+ errors.addAll(validator_form.validate(formOA));
+ errors.addAll(validatior_oauth20.validate(oauth20OA));
+
+ // Do not allow SSO in combination with special BKUSelection features
+ if (ssoOA.isUseSSO() && (formOA.isOnlyMandateAllowed() || !formOA.isShowMandateLoginButton())) {
+ log.warn("Special BKUSelection features can not be used in combination with SSO");
+ errors.add(LanguageHelper.getErrorString("validation.general.bkuselection.specialfeatures.valid"));
+ }
if (errors.size() > 0) {
log.info("OAConfiguration with ID " + generalOA.getIdentifier() + " has some errors.");
for (String el : errors)
- addActionError(el);
+ addActionError(el);
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
return Constants.STRUTS_ERROR_VALIDATION;
} else {
- String error = saveOAConfigToDatabase(onlineapplication);
+ boolean newentry = false;
+
+ if (onlineapplication == null) {
+ onlineapplication = new OnlineApplication();
+ newentry = true;
+ onlineapplication.setIsActive(false);
+
+ if (!authUser.isAdmin()) {
+ onlineapplication.setIsAdminRequired(true);
+
+ } else
+ isMetaDataRefreshRequired = true;
+
+ } else {
+ if (!authUser.isAdmin() && !onlineapplication.getPublicURLPrefix().equals(generalOA.getIdentifier())) {
+
+ onlineapplication.setIsAdminRequired(true);
+ onlineapplication.setIsActive(false);
+ log.info("User with ID " + authUser.getUserID() + " change OA-PublicURLPrefix. Reaktivation is required.");
+ }
+
+ }
+
+ if ((onlineapplication.isIsAdminRequired() == null)
+ || (authUser.isAdmin() && generalOA.isActive() && onlineapplication.isIsAdminRequired())) {
+
+ onlineapplication.setIsAdminRequired(false);
+ isMetaDataRefreshRequired = true;
+
+ if (onlineapplication.getHjid() != null) userdb = ConfigurationDBRead.getUsersWithOADBID(onlineapplication.getHjid());
+
+ if (userdb != null && !userdb.isIsAdmin()) {
+ try {
+ MailHelper.sendUserOnlineApplicationActivationMail(userdb.getGivenname(), userdb.getFamilyname(),
+ userdb.getInstitut(), onlineapplication.getPublicURLPrefix(), userdb.getMail());
+ }
+ catch (ConfigurationException e) {
+ log.warn("Sending Mail to User " + userdb.getMail() + " failed", e);
+ }
+ }
+ }
+
+ if (pvp2OA.getMetaDataURL() != null) {
+
+ try {
+ if (isMetaDataRefreshRequired
+ || !pvp2OA.getMetaDataURL().equals(onlineapplication.getAuthComponentOA().getOAPVP2().getMetadataURL())) {
+
+ log.debug("Set PVP2 Metadata refresh flag.");
+ MOAIDConfiguration moaconfig = ConfigurationDBRead.getMOAIDConfiguration();
+ moaconfig.setPvp2RefreshItem(new Date());
+ ConfigurationDBUtils.saveOrUpdate(moaconfig);
+
+ }
+ }
+ catch (Throwable e) {
+ log.info("Found no MetadataURL in OA-Databaseconfig!", e);
+ }
+
+ }
+
+ String error = saveOAConfigToDatabase(onlineapplication, newentry);
if (MiscUtil.isNotEmpty(error)) {
log.warn("OA configuration can not be stored!");
- addActionError(error);
+ addActionError(error);
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
return Constants.STRUTS_ERROR_VALIDATION;
}
}
-
+ Object nextPageAttr = session.getAttribute(Constants.SESSION_RETURNAREA);
+ if (nextPageAttr != null && nextPageAttr instanceof String) {
+ nextPage = (String) nextPageAttr;
+ session.setAttribute(Constants.SESSION_RETURNAREA, null);
+
+ } else {
+ nextPage = Constants.STRUTS_RETURNAREA_VALUES.main.name();
+ }
- request.getSession().setAttribute(Constants.SESSION_OAID, null);
- addActionMessage(LanguageHelper.getGUIString("webpages.oaconfig.success", generalOA.getIdentifier(), request));
+ if (onlineapplication.isIsAdminRequired()) {
+ int numoas = 0;
+ int numusers = 0;
+
+ List<OnlineApplication> openOAs = ConfigurationDBRead.getAllNewOnlineApplications();
+ if (openOAs != null) numoas = openOAs.size();
+
+ List<UserDatabase> openUsers = ConfigurationDBRead.getAllNewUsers();
+ if (openUsers != null) numusers = openUsers.size();
+ try {
+
+ addActionMessage(LanguageHelper.getGUIString("webpages.oaconfig.success.admin", generalOA.getIdentifier(), request));
+
+ if (numusers > 0 || numoas > 0) MailHelper.sendAdminMail(numoas, numusers);
+
+ }
+ catch (ConfigurationException e) {
+ log.warn("Sending Mail to Admin failed.", e);
+ }
+
+ } else
+ addActionMessage(LanguageHelper.getGUIString("webpages.oaconfig.success", generalOA.getIdentifier(), request));
+ request.getSession().setAttribute(Constants.SESSION_OAID, null);
ConfigurationDBUtils.closeSession();
return Constants.STRUTS_SUCCESS;
@@ -239,7 +500,22 @@ ServletResponseAware {
public String cancleAndBackOA() {
- request.getSession().setAttribute(Constants.SESSION_OAID, null);
+ HttpSession session = request.getSession();
+ if (session == null) {
+ log.info("No http Session found.");
+ return Constants.STRUTS_ERROR;
+ }
+
+ Object nextPageAttr = session.getAttribute(Constants.SESSION_RETURNAREA);
+ if (nextPageAttr != null && nextPageAttr instanceof String) {
+ nextPage = (String) nextPageAttr;
+ session.setAttribute(Constants.SESSION_RETURNAREA, null);
+
+ } else {
+ nextPage = Constants.STRUTS_RETURNAREA_VALUES.main.name();
+ }
+
+ session.setAttribute(Constants.SESSION_OAID, null);
addActionMessage(LanguageHelper.getGUIString("webpages.oaconfig.cancle", generalOA.getIdentifier(), request));
@@ -249,29 +525,82 @@ ServletResponseAware {
}
public String deleteOA() {
+ HttpSession session = request.getSession();
+ if (session == null) {
+ log.info("No http Session found.");
+ return Constants.STRUTS_ERROR;
+ }
- Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
-
+ Object authUserObj = session.getAttribute(Constants.SESSION_AUTH);
authUser = (AuthenticatedUser) authUserObj;
+ Object formidobj = session.getAttribute(Constants.SESSION_FORMID);
+ if (formidobj != null && formidobj instanceof String) {
+ String formid = (String) formidobj;
+ if (!formid.equals(formID)) {
+ log.warn("FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName()
+ + authUser.getGivenName() + authUser.getUserID());
+ return Constants.STRUTS_ERROR;
+ }
+ } else {
+ log.warn("FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName()
+ + authUser.getGivenName() + authUser.getUserID());
+ return Constants.STRUTS_ERROR;
+ }
+ session.setAttribute(Constants.SESSION_FORMID, null);
+
+ Object nextPageAttr = session.getAttribute(Constants.SESSION_RETURNAREA);
+ if (nextPageAttr != null && nextPageAttr instanceof String) {
+ nextPage = (String) nextPageAttr;
+
+ } else {
+ nextPage = Constants.STRUTS_RETURNAREA_VALUES.main.name();
+ }
+
+ UserDatabase userdb = ConfigurationDBRead.getUserWithID(authUser.getUserID());
+ if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null && !userdb.isIsMailAddressVerified()) {
+ log.info("Online-Applikation managemant disabled. Mail address is not verified.");
+ addActionError(LanguageHelper.getErrorString("error.editoa.mailverification"));
+ return Constants.STRUTS_SUCCESS;
+ }
+
String oaidentifier = generalOA.getIdentifier();
if (MiscUtil.isEmpty(oaidentifier)) {
log.info("Empty OA identifier");
addActionError(LanguageHelper.getErrorString("validation.general.oaidentifier.empty"));
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
return Constants.STRUTS_ERROR_VALIDATION;
} else {
if (ValidationHelper.isValidOAIdentifier(oaidentifier)) {
log.warn("IdentificationNumber contains potentail XSS characters: " + oaidentifier);
- addActionError(LanguageHelper.getErrorString("validation.general.oaidentifier.valid",
- new Object[] {ValidationHelper.getNotValidOAIdentifierCharacters()} ));
+ addActionError(LanguageHelper.getErrorString("validation.general.oaidentifier.valid",
+ new Object[] { ValidationHelper.getNotValidOAIdentifierCharacters() }));
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
return Constants.STRUTS_ERROR_VALIDATION;
}
}
-
+
OnlineApplication onlineapplication = ConfigurationDBRead.getOnlineApplication(oaidentifier);
-
request.getSession().setAttribute(Constants.SESSION_OAID, null);
+
+ try {
+ if (MiscUtil.isNotEmpty(onlineapplication.getAuthComponentOA().getOAPVP2().getMetadataURL())) {
+
+ MOAIDConfiguration moaconfig = ConfigurationDBRead.getMOAIDConfiguration();
+ moaconfig.setPvp2RefreshItem(new Date());
+ ConfigurationDBUtils.saveOrUpdate(moaconfig);
+
+ }
+ }
+ catch (Throwable e) {
+ log.info("Found no MetadataURL in OA-Databaseconfig!", e);
+ }
+
if (ConfigurationDBUtils.delete(onlineapplication)) {
if (!authUser.isAdmin()) {
@@ -287,7 +616,8 @@ ServletResponseAware {
try {
ConfigurationDBUtils.saveOrUpdate(user);
- } catch (MOADatabaseException e) {
+ }
+ catch (MOADatabaseException e) {
log.warn("User information can not be updated in database", e);
addActionError(LanguageHelper.getGUIString("error.db.oa.store", request));
return Constants.STRUTS_ERROR;
@@ -303,107 +633,263 @@ ServletResponseAware {
} else {
ConfigurationDBUtils.closeSession();
addActionError(LanguageHelper.getGUIString("webpages.oaconfig.delete.error", generalOA.getIdentifier(), request));
- return Constants.STRUTS_SUCCESS;
+ return Constants.STRUTS_SUCCESS;
}
-
-
}
- private String saveOAConfigToDatabase(OnlineApplication dboa) {
+ public String bkuFramePreview() {
- boolean newentry = false;
+ String preview = null;
- if (dboa == null) {
- dboa = new OnlineApplication();
- newentry = true;
- dboa.setIsActive(false);
+ HttpSession session = request.getSession();
+ if (session == null) {
+ log.info("No http Session found.");
+ preview = LanguageHelper.getErrorString("error.bkuformpreview.notpossible");
+
+ } else {
+ InputStream input = null;
+
+ try {
+ Object mapobj = session.getAttribute(Constants.SESSION_BKUFORMPREVIEW);
+ if (mapobj != null && mapobj instanceof Map<?, ?>) {
+
+ ConfigurationProvider config = ConfigurationProvider.getInstance();
+ String templateURL = config.getConfigRootDir() + ConfigurationProvider.HTMLTEMPLATE_DIR
+ + ConfigurationProvider.HTMLTEMPLATE_FILE;
+
+ File file = new File(templateURL);
+ input = new FileInputStream(file);
+
+ String contextpath = config.getMOAIDInstanceURL();
+ if (MiscUtil.isEmpty(contextpath)) {
+ log.info("NO MOA-ID instance URL configurated.");
+ throw new ConfigurationException("No MOA-ID instance configurated");
+ }
+
+ preview = LoginFormBuilder.getTemplate(input);
+ preview = preview.replace(LoginFormBuilder.CONTEXTPATH, contextpath);
+
+ Map<String, String> map = (Map<String, String>) mapobj;
+
+ request.setCharacterEncoding("UTF-8");
+
+ String module = request.getParameter(Constants.REQUEST_FORMCUSTOM_MODULE);
+ String value = request.getParameter(Constants.REQUEST_FORMCUSTOM_VALUE);
+
+ if (value != null) {
+ String[] query = URLDecoder.decode(request.getQueryString()).split("&");
+ value = query[1].substring("value=".length());
+ }
+
+ synchronized (map) {
+
+ if (MiscUtil.isNotEmpty(module)) {
+ if (map.containsKey("#" + module + "#")) {
+ if (MiscUtil.isNotEmpty(value)) {
+ if (FormBuildUtils.FONTFAMILY.contains(module) || FormBuildUtils.HEADER_TEXT.contains(module)
+ || value.startsWith("#"))
+ map.put("#" + module + "#", value);
+ else
+ map.put("#" + module + "#", "#" + value);
+
+ } else {
+ map.put("#" + module + "#", FormBuildUtils.getDefaultMap().get("#" + module + "#"));
+ }
+ }
+ }
+ preview = FormBuildUtils.customiceLayoutBKUSelection(preview, true, false, map);
+ }
+
+ } else {
+ preview = LanguageHelper.getErrorString("error.bkuformpreview.notpossible");
+
+ }
+
+ }
+ catch (Exception e) {
+ log.warn("BKUSelection Preview can not be generated.", e);
+ preview = LanguageHelper.getErrorString("error.bkuformpreview.notpossible");
+
+ }
}
-
+
+ stream = new ByteArrayInputStream(preview.getBytes());
+
+ return Constants.STRUTS_SUCCESS;
+ }
+
+ private String saveOAConfigToDatabase(OnlineApplication dboa, boolean newentry) {
+
AuthComponentOA authoa = dboa.getAuthComponentOA();
- if (authoa == null) {
+ if (authoa == null) {
authoa = new AuthComponentOA();
dboa.setAuthComponentOA(authoa);
}
-
- if (authUser.isAdmin())
- dboa.setIsActive(generalOA.isActive());
+
+ if (authUser.isAdmin()) dboa.setIsActive(generalOA.isActive());
dboa.setFriendlyName(generalOA.getFriendlyName());
dboa.setCalculateHPI(generalOA.isCalculateHPI());
- dboa.setKeyBoxIdentifier(MOAKeyBoxSelector.fromValue(generalOA.getKeyBoxIdentifier()));
+ dboa.setRemoveBPKFromAuthBlock(generalOA.isHideBPKAuthBlock());
+
+ if (authUser.isAdmin())
+ dboa.setKeyBoxIdentifier(MOAKeyBoxSelector.fromValue(generalOA.getKeyBoxIdentifier()));
+ else {
+ if (newentry) dboa.setKeyBoxIdentifier(MOAKeyBoxSelector.SECURE_SIGNATURE_KEYPAIR);
+ }
+
dboa.setPublicURLPrefix(generalOA.getIdentifier());
- if (generalOA.isBusinessService()) {
+ if (generalOA.isBusinessService() || onlyBusinessService) {
+
dboa.setType(Constants.MOA_CONFIG_BUSINESSSERVICE);
+ String num = generalOA.getIdentificationNumber().replaceAll(" ", "");
+ if (num.startsWith(Constants.IDENIFICATIONTYPE_FN)) {
+ num = num.substring(Constants.IDENIFICATIONTYPE_FN.length());
+
+ num = at.gv.egovernment.moa.util.StringUtils.deleteLeadingZeros(num);
+
+ // num = StringUtils.leftPad(num, 7, '0');
+ }
+
+ if (num.startsWith(Constants.IDENIFICATIONTYPE_ZVR)) num = num.substring(Constants.IDENIFICATIONTYPE_ZVR.length());
+
+ if (num.startsWith(Constants.IDENIFICATIONTYPE_ERSB)) num = num.substring(Constants.IDENIFICATIONTYPE_ERSB.length());
+
IdentificationNumber idnumber = new IdentificationNumber();
- idnumber.setValue(generalOA.getIdentificationNumber());
+ idnumber.setValue(Constants.PREFIX_WPBK + generalOA.getIdentificationType() + "+" + num);
+
authoa.setIdentificationNumber(idnumber);
- }
- else {
+ } else {
dboa.setType(null);
- dboa.setTarget(generalOA.getTarget());
- dboa.setTargetFriendlyName(generalOA.getTargetFriendlyName());
+ if (authUser.isAdmin()) {
+ if (MiscUtil.isNotEmpty(generalOA.getTarget_admin()) && generalOA.isAdminTarget()) {
+ dboa.setTarget(generalOA.getTarget_admin());
+ dboa.setTargetFriendlyName(generalOA.getTargetFriendlyName());
+
+ } else {
+
+ String target = generalOA.getTarget();
+
+ if (MiscUtil.isNotEmpty(generalOA.getTarget_subsector()) && subTargetSet)
+ dboa.setTarget(target + "-" + generalOA.getTarget_subsector());
+ else
+ dboa.setTarget(target);
+
+ String targetname = TargetValidator.getTargetFriendlyName(target);
+ if (MiscUtil.isNotEmpty(targetname)) dboa.setTargetFriendlyName(targetname);
+
+ }
+
+ } else {
+
+ if (MiscUtil.isNotEmpty(generalOA.getTarget())) {
+
+ String target = generalOA.getTarget();
+
+ if (MiscUtil.isNotEmpty(generalOA.getTarget_subsector()) && subTargetSet)
+ dboa.setTarget(target + "-" + generalOA.getTarget_subsector());
+
+ else
+ dboa.setTarget(target);
+
+ String targetname = TargetValidator.getTargetFriendlyName(target);
+ if (MiscUtil.isNotEmpty(targetname)) dboa.setTargetFriendlyName(targetname);
+
+ }
+ }
}
BKUURLS bkuruls = new BKUURLS();
authoa.setBKUURLS(bkuruls);
- bkuruls.setHandyBKU(generalOA.getBkuHandyURL());
- bkuruls.setLocalBKU(generalOA.getBkuLocalURL());
- bkuruls.setOnlineBKU(generalOA.getBkuOnlineURL());
-
- Mandates mandates = new Mandates();
- mandates.setProfiles(generalOA.getMandateProfiles());
- authoa.setMandates(mandates);
-
- authoa.setSlVersion(generalOA.getSlVersion());
- authoa.setUseIFrame(generalOA.isUseIFrame());
- authoa.setUseUTC(generalOA.isUseUTC());
+ if (authUser.isAdmin()) {
+ bkuruls.setHandyBKU(generalOA.getBkuHandyURL());
+ bkuruls.setLocalBKU(generalOA.getBkuLocalURL());
+ bkuruls.setOnlineBKU(generalOA.getBkuOnlineURL());
+ }
TemplatesType templates = authoa.getTemplates();
if (templates == null) {
templates = new TemplatesType();
authoa.setTemplates(templates);
}
- templates.setAditionalAuthBlockText(generalOA.getAditionalAuthBlockText());
- List<TemplateType> template = templates.getTemplate();
- if (generalOA.isLegacy()) {
+ BKUSelectionCustomizationType bkuselectioncustom = templates.getBKUSelectionCustomization();
+ if (bkuselectioncustom == null) {
+ bkuselectioncustom = new BKUSelectionCustomizationType();
+ templates.setBKUSelectionCustomization(bkuselectioncustom);
+ }
+
+ Mandates mandates = new Mandates();
+ if (generalOA.isUseMandates()) {
+ mandates.setProfiles(generalOA.getMandateProfiles());
- if (template == null)
- template = new ArrayList<TemplateType>();
- else
- template.clear();
+ } else {
+ mandates.setProfiles(new String());
+ }
+
+ authoa.setMandates(mandates);
+ bkuselectioncustom.setMandateLoginButton(MiscUtil.isNotEmpty(generalOA.getMandateProfiles()));
+ bkuselectioncustom.setOnlyMandateLoginAllowed(formOA.isOnlyMandateAllowed());
+
+ if (authUser.isAdmin()) {
+ templates.setAditionalAuthBlockText(generalOA.getAditionalAuthBlockText());
- if (MiscUtil.isNotEmpty(generalOA.getSLTemplateURL1())) {
- TemplateType el = new TemplateType();
- el.setURL(generalOA.getSLTemplateURL1());
- template.add(el);
- }
- if (MiscUtil.isNotEmpty(generalOA.getSLTemplateURL2())) {
- TemplateType el = new TemplateType();
- el.setURL(generalOA.getSLTemplateURL2());
- template.add(el);
- }
- if (MiscUtil.isNotEmpty(generalOA.getSLTemplateURL3())) {
- TemplateType el = new TemplateType();
- el.setURL(generalOA.getSLTemplateURL3());
- template.add(el);
+ List<TemplateType> template = templates.getTemplate();
+ if (generalOA.isLegacy()) {
+
+ if (template == null)
+ template = new ArrayList<TemplateType>();
+ else
+ template.clear();
+
+ if (MiscUtil.isNotEmpty(generalOA.getSLTemplateURL1())) {
+ TemplateType el = new TemplateType();
+ el.setURL(generalOA.getSLTemplateURL1());
+ template.add(el);
+ }
+ if (MiscUtil.isNotEmpty(generalOA.getSLTemplateURL2())) {
+ TemplateType el = new TemplateType();
+ el.setURL(generalOA.getSLTemplateURL2());
+ template.add(el);
+ }
+ if (MiscUtil.isNotEmpty(generalOA.getSLTemplateURL3())) {
+ TemplateType el = new TemplateType();
+ el.setURL(generalOA.getSLTemplateURL3());
+ template.add(el);
+ }
+
+ } else {
+ if (template != null && template.size() > 0) template.clear();
}
- } else {
- if (template != null && template.size() > 0)
- template.clear();
+ bkuselectioncustom.setBackGroundColor(parseColor(formOA.getBackGroundColor()));
+ bkuselectioncustom.setFrontColor(parseColor(formOA.getFrontColor()));
+
+ bkuselectioncustom.setHeaderBackGroundColor(parseColor(formOA.getHeader_BackGroundColor()));
+ bkuselectioncustom.setHeaderFrontColor(parseColor(formOA.getHeader_FrontColor()));
+ bkuselectioncustom.setHeaderText(formOA.getHeader_text());
+
+ bkuselectioncustom.setButtonBackGroundColor(parseColor(formOA.getButton_BackGroundColor()));
+ bkuselectioncustom.setButtonBackGroundColorFocus(parseColor(formOA.getButton_BackGroundColorFocus()));
+ bkuselectioncustom.setButtonFontColor(parseColor(formOA.getButton_FrontColor()));
+
+ if (MiscUtil.isNotEmpty(formOA.getAppletRedirectTarget()))
+ bkuselectioncustom.setAppletRedirectTarget(formOA.getAppletRedirectTarget());
+
+ bkuselectioncustom.setFontType(formOA.getFontType());
+
}
-
- //set default transformation if it is empty
+
+ // set default transformation if it is empty
List<TransformsInfoType> transformsInfo = authoa.getTransformsInfo();
if (transformsInfo == null) {
- //TODO: set OA specific transformation if it is required
-
+ // TODO: set OA specific transformation if it is required
+
}
OAPVP2 pvp2 = authoa.getOAPVP2();
@@ -415,13 +901,14 @@ ServletResponseAware {
pvp2.setMetadataURL(pvp2OA.getMetaDataURL());
try {
- if (pvp2OA.getFileUpload() != null)
- pvp2.setCertificate(pvp2OA.getCertificate());
+ if (pvp2OA.getFileUpload() != null) pvp2.setCertificate(pvp2OA.getCertificate());
- } catch (CertificateException e) {
+ }
+ catch (CertificateException e) {
log.info("Uploaded Certificate can not be found", e);
return LanguageHelper.getErrorString("validation.pvp2.certificate.notfound");
- } catch (IOException e) {
+ }
+ catch (IOException e) {
log.info("Uploaded Certificate can not be parsed", e);
return LanguageHelper.getErrorString("validation.pvp2.certificate.format");
}
@@ -430,16 +917,24 @@ ServletResponseAware {
if (saml1 == null) {
saml1 = new OASAML1();
authoa.setOASAML1(saml1);
+ saml1.setIsActive(false);
+ }
+
+ if (authUser.isAdmin()) {
+ saml1.setIsActive(saml1OA.isActive());
+ }
+
+ if (saml1.isIsActive() != null && saml1.isIsActive()) {
+ saml1.setProvideAUTHBlock(saml1OA.isProvideAuthBlock());
+ saml1.setProvideCertificate(saml1OA.isProvideCertificate());
+ saml1.setProvideFullMandatorData(saml1OA.isProvideFullMandateData());
+ saml1.setProvideIdentityLink(saml1OA.isProvideIdentityLink());
+ saml1.setProvideStammzahl(saml1OA.isProvideStammZahl());
+ saml1.setUseCondition(saml1OA.isUseCondition());
+ saml1.setConditionLength(BigInteger.valueOf(saml1OA.getConditionLength()));
+ // TODO: set sourceID
+ // saml1.setSourceID("");
}
- saml1.setProvideAUTHBlock(saml1OA.isProvideAuthBlock());
- saml1.setProvideCertificate(saml1OA.isProvideCertificate());
- saml1.setProvideFullMandatorData(saml1OA.isProvideFullMandateData());
- saml1.setProvideIdentityLink(saml1OA.isProvideIdentityLink());
- saml1.setProvideStammzahl(saml1OA.isProvideStammZahl());
- saml1.setUseCondition(saml1OA.isUseCondition());
- saml1.setConditionLength(BigInteger.valueOf(saml1OA.getConditionLength()));
- //TODO: set sourceID
- //saml1.setSourceID("");
OASSO sso = authoa.getOASSO();
if (sso == null) {
@@ -449,45 +944,99 @@ ServletResponseAware {
}
sso.setUseSSO(ssoOA.isUseSSO());
- if (authUser.isAdmin())
- sso.setAuthDataFrame(ssoOA.isShowAuthDataFrame());
+ if (authUser.isAdmin()) sso.setAuthDataFrame(ssoOA.isShowAuthDataFrame());
sso.setSingleLogOutURL(ssoOA.getSingleLogOutURL());
-
STORK stork = authoa.getSTORK();
if (stork == null) {
- //TODO: make stork configurable
+ // TODO: make stork configurable
}
-
+
+ if (oauth20OA != null) {
+ log.debug("Saving OAuth 2.0 configuration:");
+ OAOAUTH20 oaOAuth20 = authoa.getOAOAUTH20();
+ if (oaOAuth20 == null) {
+ oaOAuth20 = new OAOAUTH20();
+ authoa.setOAOAUTH20(oaOAuth20);
+ }
+
+ oaOAuth20.setOAuthClientId(generalOA.getIdentifier());
+ // oaOAuth20.setOAuthClientSecret(oauth20OA.getClientSecret());
+ oaOAuth20.setOAuthRedirectUri(oauth20OA.getRedirectUri());
+ log.debug("client id: " + oauth20OA.getClientId());
+ log.debug("client secret: " + oauth20OA.getClientSecret());
+ log.debug("redirect uri:" + oauth20OA.getRedirectUri());
+
+ oaOAuth20.setOAuthClientSecret((String) request.getSession().getAttribute(Constants.SESSION_OAUTH20SECRET));
+ request.getSession().setAttribute(Constants.SESSION_OAUTH20SECRET, null);
+
+ }
+
try {
if (newentry) {
ConfigurationDBUtils.save(dboa);
-
+
if (!authUser.isAdmin()) {
UserDatabase user = ConfigurationDBRead.getUserWithID(authUser.getUserID());
-
+
List<OnlineApplication> useroas = user.getOnlineApplication();
- if (useroas == null)
- useroas = new ArrayList<OnlineApplication>();
+ if (useroas == null) useroas = new ArrayList<OnlineApplication>();
useroas.add(dboa);
- ConfigurationDBUtils.saveOrUpdate(user);
+ ConfigurationDBUtils.saveOrUpdate(user);
}
}
else
ConfigurationDBUtils.saveOrUpdate(dboa);
- } catch (MOADatabaseException e) {
+ }
+ catch (MOADatabaseException e) {
log.warn("Online-Application can not be stored.", e);
return LanguageHelper.getErrorString("error.db.oa.store");
}
-
+
return null;
}
+ private String parseColor(String color) {
+ String value = "";
+
+ if (MiscUtil.isNotEmpty(color)) {
+ if (!color.startsWith("#"))
+ value = "#" + color;
+ else
+ value = color;
+ }
+ return value;
+ }
+
+ private void generateUserSpecificConfigurationOptions(UserDatabase userdb) {
+
+ if (userdb.isIsMandateUser() != null && userdb.isIsMandateUser()) {
+ String bpk = userdb.getBpk();
+ if (bpk.startsWith(Constants.IDENIFICATIONTYPE_BASEID_FN) || bpk.startsWith(Constants.IDENIFICATIONTYPE_BASEID_ZVR)) {
+
+ onlyBusinessService = true;
+ generalOA.setBusinessService(true);
+
+ }
+
+ deaktivededBusinessService = true;
+ String[] split = bpk.split("\\+");
+ generalOA.setIdentificationType(split[1].substring(1));
+
+ if (bpk.startsWith(Constants.IDENIFICATIONTYPE_BASEID_FN))
+ generalOA.setIdentificationNumber(at.gv.egovernment.moa.util.StringUtils.deleteLeadingZeros(split[2]));
+ else
+ generalOA.setIdentificationNumber(split[2]);
+
+ }
+
+ }
+
public String setGeneralOAConfig() {
return Constants.STRUTS_SUCCESS;
@@ -513,100 +1062,198 @@ ServletResponseAware {
return Constants.STRUTS_SUCCESS;
}
-
- //Getter and Setter
+ // Getter and Setter
public void setServletResponse(HttpServletResponse arg0) {
this.response = arg0;
}
-
+
public void setServletRequest(HttpServletRequest arg0) {
this.request = arg0;
}
-
+
public HttpServletRequest getRequest() {
return request;
}
-
+
public void setRequest(HttpServletRequest request) {
this.request = request;
}
-
+
public HttpServletResponse getResponse() {
return response;
}
-
+
public void setResponse(HttpServletResponse response) {
this.response = response;
}
-
+
public OAGeneralConfig getGeneralOA() {
return generalOA;
}
-
+
public void setGeneralOA(OAGeneralConfig generalOA) {
this.generalOA = generalOA;
}
-
+
public OAPVP2Config getPvp2OA() {
return pvp2OA;
}
-
+
public void setPvp2OA(OAPVP2Config pvp2oa) {
pvp2OA = pvp2oa;
}
-
+
public OASAML1Config getSaml1OA() {
return saml1OA;
}
-
+
public void setSaml1OA(OASAML1Config saml1oa) {
saml1OA = saml1oa;
}
-
+
public OASSOConfig getSsoOA() {
return ssoOA;
}
-
+
public void setSsoOA(OASSOConfig ssoOA) {
this.ssoOA = ssoOA;
}
-
+
public OASTORKConfig getStorkOA() {
return storkOA;
}
-
+
public void setStorkOA(OASTORKConfig storkOA) {
this.storkOA = storkOA;
}
-
+
/**
- * @param oaidobj the oaidobj to set
+ * @param oaidobj
+ * the oaidobj to set
*/
public void setOaidobj(String oaidobj) {
this.oaidobj = oaidobj;
}
-
+
/**
* @return the authUser
*/
public AuthenticatedUser getAuthUser() {
return authUser;
}
-
+
/**
* @return the newOA
*/
public boolean isNewOA() {
return newOA;
}
-
+
/**
- * @param newOA the newOA to set
+ * @param newOA
+ * the newOA to set
*/
public void setNewOA(boolean newOA) {
this.newOA = newOA;
}
-
+
+ /**
+ * @return the nextPage
+ */
+ public String getNextPage() {
+ return nextPage;
+ }
+
+ /**
+ * @return the formID
+ */
+ public String getFormID() {
+ return formID;
+ }
+
+ /**
+ * @param formID
+ * the formID to set
+ */
+ public void setFormID(String formID) {
+ this.formID = formID;
+ }
+
+ /**
+ * @return the onlyBusinessService
+ */
+ public boolean isOnlyBusinessService() {
+ return onlyBusinessService;
+ }
+
+ /**
+ * @param onlyBusinessService
+ * the onlyBusinessService to set
+ */
+ public void setOnlyBusinessService(boolean onlyBusinessService) {
+ this.onlyBusinessService = onlyBusinessService;
+ }
+
+ /**
+ * @return the subTargetSet
+ */
+ public boolean isSubTargetSet() {
+ return subTargetSet;
+ }
+
+ /**
+ * @param subTargetSet
+ * the subTargetSet to set
+ */
+ public void setSubTargetSet(boolean subTargetSet) {
+ this.subTargetSet = subTargetSet;
+ }
+
+ /**
+ * @return the deaktivededBusinessService
+ */
+ public boolean isDeaktivededBusinessService() {
+ return deaktivededBusinessService;
+ }
+
+ /**
+ * @param deaktivededBusinessService
+ * the deaktivededBusinessService to set
+ */
+ public void setDeaktivededBusinessService(boolean deaktivededBusinessService) {
+ this.deaktivededBusinessService = deaktivededBusinessService;
+ }
+
+ /**
+ * @return the formOA
+ */
+ public FormularCustomization getFormOA() {
+ return formOA;
+ }
+
+ /**
+ * @param formOA
+ * the formOA to set
+ */
+ public void setFormOA(FormularCustomization formOA) {
+ this.formOA = formOA;
+ }
+
+ /**
+ * @return the stream
+ */
+ public InputStream getStream() {
+ return stream;
+ }
+
+ public OAOAuth20Config getOauth20OA() {
+ return oauth20OA;
+ }
+
+ public void setOauth20OA(OAOAuth20Config oauth20OA) {
+ this.oauth20OA = oauth20OA;
+ }
+
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java
index 1cb4fa802..9fa58ca1e 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java
@@ -1,28 +1,45 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.struts.action;
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
-import java.io.OutputStream;
-import java.io.StringReader;
import java.io.StringWriter;
-import java.net.MalformedURLException;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
import javax.xml.bind.JAXBContext;
import javax.xml.bind.JAXBException;
import javax.xml.bind.Marshaller;
import javax.xml.bind.Unmarshaller;
-import javax.xml.transform.Result;
import org.apache.commons.io.IOUtils;
import org.apache.log4j.Logger;
import org.apache.struts2.interceptor.ServletRequestAware;
import org.apache.struts2.interceptor.ServletResponseAware;
-import org.hibernate.lob.ReaderInputStream;
-import org.w3c.dom.Node;
import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead;
import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
@@ -35,7 +52,7 @@ import at.gv.egovernment.moa.id.configuration.Constants;
import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
-import at.iaik.commons.util.IOUtil;
+import at.gv.egovernment.moa.id.util.Random;
import com.opensymphony.xwork2.ActionSupport;
@@ -48,9 +65,10 @@ implements ServletRequestAware, ServletResponseAware {
private static final long serialVersionUID = 1L;
private HttpServletRequest request;
- private HttpServletResponse response;
+// private HttpServletResponse response;
private AuthenticatedUser authUser;
+ private String formID;
private File fileUpload = null;
private String fileUploadContentType = null;
@@ -59,13 +77,20 @@ implements ServletRequestAware, ServletResponseAware {
private InputStream fileInputStream;
public String init() {
+ HttpSession session = request.getSession();
+ if (session == null) {
+ log.info("No http Session found.");
+ return Constants.STRUTS_ERROR;
+ }
- Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
-
+ Object authUserObj = session.getAttribute(Constants.SESSION_AUTH);
authUser = (AuthenticatedUser) authUserObj;
if (authUser.isAdmin()) {
-
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+
return Constants.STRUTS_SUCCESS;
} else {
@@ -76,16 +101,39 @@ implements ServletRequestAware, ServletResponseAware {
}
public String importLegacyConfig() {
- Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+ HttpSession session = request.getSession();
+ if (session == null) {
+ log.info("No http Session found.");
+ return Constants.STRUTS_ERROR;
+ }
+ Object authUserObj = session.getAttribute(Constants.SESSION_AUTH);
authUser = (AuthenticatedUser) authUserObj;
+ Object formidobj = session.getAttribute(Constants.SESSION_FORMID);
+ if (formidobj != null && formidobj instanceof String) {
+ String formid = (String) formidobj;
+ if (!formid.equals(formID)) {
+ log.warn("FormIDs does not match. Some suspect Form is received from user "
+ + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID());
+ return Constants.STRUTS_ERROR;
+ }
+ } else {
+ log.warn("FormIDs does not match. Some suspect Form is received from user "
+ + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID());
+ return Constants.STRUTS_ERROR;
+ }
+ session.setAttribute(Constants.SESSION_FORMID, null);
+
if (authUser.isAdmin()) {
//load legacy config if it is configured
if (fileUpload == null) {
addActionError(LanguageHelper.getErrorString("errors.importexport.nofile"));
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
return Constants.STRUTS_ERROR_VALIDATION;
}
@@ -97,6 +145,9 @@ implements ServletRequestAware, ServletResponseAware {
} catch (org.opensaml.xml.ConfigurationException e1) {
log.info("Legacy configuration has an Import Error", e1);
addActionError(LanguageHelper.getErrorString("errors.importexport.legacyimport", new Object[] {e1.getMessage()}));
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
return Constants.STRUTS_ERROR_VALIDATION;
}
log.debug("OpenSAML successfully initialized");
@@ -108,26 +159,24 @@ implements ServletRequestAware, ServletResponseAware {
try {
log.warn("WARNING! The legacy import deletes the hole old config");
- String rootConfigFileDir = new File(ConfigurationProvider.getInstance().getConfigFile()).getParent();
-
- try {
- rootConfigFileDir = new File(rootConfigFileDir).toURL().toString();
-
- } catch (MalformedURLException t) {
- log.warn("RootConfiguration Directory is not found");
- rootConfigFileDir = "";
- }
-
+ String rootConfigFileDir = ConfigurationProvider.getInstance().getConfigRootDir();
+
moaconfig = BuildFromLegacyConfig.build(fileUpload, rootConfigFileDir, moaidconfig);
} catch (ConfigurationException e) {
log.info("Legacy configuration has an Import Error", e);
addActionError(LanguageHelper.getErrorString("errors.importexport.legacyimport", new Object[] {e.getMessage()}));
ConfigurationDBUtils.closeSession();
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
return Constants.STRUTS_ERROR_VALIDATION;
} catch (at.gv.egovernment.moa.id.configuration.exception.ConfigurationException e) {
ConfigurationDBUtils.closeSession();
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
return Constants.STRUTS_ERROR_VALIDATION;
}
@@ -155,6 +204,9 @@ implements ServletRequestAware, ServletResponseAware {
} catch (MOADatabaseException e) {
log.warn("General MOA-ID config can not be stored in Database");
addActionError(e.getMessage());
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
return Constants.STRUTS_ERROR_VALIDATION;
}
@@ -174,10 +226,30 @@ implements ServletRequestAware, ServletResponseAware {
}
public String downloadXMLConfig() {
- Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+ HttpSession session = request.getSession();
+ if (session == null) {
+ log.info("No http Session found.");
+ return Constants.STRUTS_ERROR;
+ }
+ Object authUserObj = session.getAttribute(Constants.SESSION_AUTH);
authUser = (AuthenticatedUser) authUserObj;
+ Object formidobj = session.getAttribute(Constants.SESSION_FORMID);
+ if (formidobj != null && formidobj instanceof String) {
+ String formid = (String) formidobj;
+ if (!formid.equals(formID)) {
+ log.warn("FormIDs does not match. Some suspect Form is received from user "
+ + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID());
+ return Constants.STRUTS_ERROR;
+ }
+ } else {
+ log.warn("FormIDs does not match. Some suspect Form is received from user "
+ + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID());
+ return Constants.STRUTS_ERROR;
+ }
+ session.setAttribute(Constants.SESSION_FORMID, null);
+
if (authUser.isAdmin()) {
log.info("Write MOA-ID 2.x xml config");
@@ -194,6 +266,9 @@ implements ServletRequestAware, ServletResponseAware {
if (moaidconfig == null) {
log.info("No MOA-ID 2.x configruation available");
addActionError(LanguageHelper.getErrorString("errors.importexport.export.noconfig"));
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
return Constants.STRUTS_ERROR_VALIDATION;
}
@@ -208,11 +283,17 @@ implements ServletRequestAware, ServletResponseAware {
log.info("MOA-ID 2.x configruation could not be exported into a XML file.", e);
addActionError(LanguageHelper.getErrorString("errors.importexport.export",
new Object[]{e.getMessage()}));
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
return Constants.STRUTS_ERROR_VALIDATION;
} catch (IOException e) {
log.info("MOA-ID 2.x configruation could not be exported into a XML file.", e);
addActionError(LanguageHelper.getErrorString("errors.importexport.export",
new Object[]{e.getMessage()}));
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
return Constants.STRUTS_ERROR_VALIDATION;
}
@@ -230,10 +311,30 @@ implements ServletRequestAware, ServletResponseAware {
public String importXMLConfig() {
- Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+ HttpSession session = request.getSession();
+ if (session == null) {
+ log.info("No http Session found.");
+ return Constants.STRUTS_ERROR;
+ }
+ Object authUserObj = session.getAttribute(Constants.SESSION_AUTH);
authUser = (AuthenticatedUser) authUserObj;
+ Object formidobj = session.getAttribute(Constants.SESSION_FORMID);
+ if (formidobj != null && formidobj instanceof String) {
+ String formid = (String) formidobj;
+ if (!formid.equals(formID)) {
+ log.warn("FormIDs does not match. Some suspect Form is received from user "
+ + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID());
+ return Constants.STRUTS_ERROR;
+ }
+ } else {
+ log.warn("FormIDs does not match. Some suspect Form is received from user "
+ + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID());
+ return Constants.STRUTS_ERROR;
+ }
+ session.setAttribute(Constants.SESSION_FORMID, null);
+
if (authUser.isAdmin()) {
if (fileUpload == null) {
@@ -271,6 +372,9 @@ implements ServletRequestAware, ServletResponseAware {
log.warn("MOA-ID XML configuration can not be loaded from File.", e);
addActionError(LanguageHelper.getErrorString("errors.importexport.import",
new Object[]{e.getMessage()}));
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
return Constants.STRUTS_ERROR_VALIDATION;
}
@@ -351,7 +455,7 @@ implements ServletRequestAware, ServletResponseAware {
}
public void setServletResponse(HttpServletResponse response) {
- this.response = response;
+// this.response = response;
}
public void setServletRequest(HttpServletRequest request) {
this.request = request;
@@ -360,4 +464,19 @@ implements ServletRequestAware, ServletResponseAware {
public InputStream getFileInputStream() {
return fileInputStream;
}
+
+ /**
+ * @return the formID
+ */
+ public String getFormID() {
+ return formID;
+ }
+
+ /**
+ * @param formID the formID to set
+ */
+ public void setFormID(String formID) {
+ this.formID = formID;
+ }
+
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java
index 6078caa87..a488d919d 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java
@@ -1,45 +1,139 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.struts.action;
+import java.security.KeyStore;
+import java.util.ArrayList;
import java.util.Date;
+import java.util.Enumeration;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map.Entry;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
+import org.apache.commons.lang.StringEscapeUtils;
import org.apache.log4j.Logger;
import org.apache.struts2.interceptor.ServletRequestAware;
import org.apache.struts2.interceptor.ServletResponseAware;
+import org.joda.time.DateTime;
+import org.opensaml.common.SAMLObject;
+import org.opensaml.common.binding.BasicSAMLMessageContext;
+import org.opensaml.common.xml.SAMLConstants;
+import org.opensaml.saml2.binding.decoding.HTTPPostDecoder;
+import org.opensaml.saml2.core.Attribute;
+import org.opensaml.saml2.core.AttributeStatement;
+import org.opensaml.saml2.core.Conditions;
+import org.opensaml.saml2.core.EncryptedAssertion;
+import org.opensaml.saml2.core.NameID;
+import org.opensaml.saml2.core.Response;
+import org.opensaml.saml2.core.StatusCode;
+import org.opensaml.saml2.core.Subject;
+import org.opensaml.saml2.core.SubjectConfirmation;
+import org.opensaml.saml2.core.SubjectConfirmationData;
+import org.opensaml.saml2.encryption.Decrypter;
+import org.opensaml.saml2.encryption.EncryptedElementTypeEncryptedKeyResolver;
+import org.opensaml.saml2.metadata.IDPSSODescriptor;
+import org.opensaml.security.MetadataCredentialResolver;
+import org.opensaml.security.MetadataCredentialResolverFactory;
+import org.opensaml.security.MetadataCriteria;
+import org.opensaml.security.SAMLSignatureProfileValidator;
+import org.opensaml.ws.transport.http.HttpServletRequestAdapter;
+import org.opensaml.xml.encryption.ChainingEncryptedKeyResolver;
+import org.opensaml.xml.encryption.InlineEncryptedKeyResolver;
+import org.opensaml.xml.encryption.SimpleRetrievalMethodEncryptedKeyResolver;
+import org.opensaml.xml.parse.BasicParserPool;
+import org.opensaml.xml.security.CriteriaSet;
+import org.opensaml.xml.security.credential.UsageType;
+import org.opensaml.xml.security.criteria.EntityIDCriteria;
+import org.opensaml.xml.security.criteria.UsageCriteria;
+import org.opensaml.xml.security.keyinfo.BasicProviderKeyInfoCredentialResolver;
+import org.opensaml.xml.security.keyinfo.KeyInfoCredentialResolver;
+import org.opensaml.xml.security.keyinfo.KeyInfoProvider;
+import org.opensaml.xml.security.keyinfo.StaticKeyInfoCredentialResolver;
+import org.opensaml.xml.security.keyinfo.provider.DSAKeyValueProvider;
+import org.opensaml.xml.security.keyinfo.provider.InlineX509DataProvider;
+import org.opensaml.xml.security.keyinfo.provider.RSAKeyValueProvider;
+import org.opensaml.xml.security.x509.KeyStoreX509CredentialAdapter;
+import org.opensaml.xml.security.x509.X509Credential;
+import org.opensaml.xml.signature.Signature;
+import org.opensaml.xml.signature.impl.ExplicitKeySignatureTrustEngine;
import com.opensymphony.xwork2.ActionSupport;
import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead;
import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
+import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase;
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
import at.gv.egovernment.moa.id.configuration.Constants;
import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider;
+import at.gv.egovernment.moa.id.configuration.data.UserDatabaseFrom;
import at.gv.egovernment.moa.id.configuration.exception.ConfigurationException;
import at.gv.egovernment.moa.id.configuration.helper.AuthenticationHelper;
+import at.gv.egovernment.moa.id.configuration.helper.DateTimeHelper;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
-import at.gv.egovernment.moa.id.configuration.validation.UserDatabaseFormValidator;
+import at.gv.egovernment.moa.id.configuration.helper.MailHelper;
import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper;
+import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
+import at.gv.egovernment.moa.id.util.Random;
import at.gv.egovernment.moa.util.MiscUtil;
public class IndexAction extends ActionSupport implements ServletRequestAware,
ServletResponseAware {
+ private static final long serialVersionUID = -2781497863862504896L;
+
private static final Logger log = Logger.getLogger(IndexAction.class);
private HttpServletRequest request;
- private HttpServletResponse response;
+// private HttpServletResponse response;
private String password;
private String username;
+ private UserDatabaseFrom user = null;
+ private AuthenticatedUser authUser = null;
+ private String formID;
+
+ private String ssologouturl;
+
+ private boolean pvp2LoginActiv = false;
public String start() {
-
- return Constants.STRUTS_SUCCESS;
+
+ try {
+ ConfigurationProvider config = ConfigurationProvider.getInstance();
+ pvp2LoginActiv = config.isPVP2LoginActive();
+ return Constants.STRUTS_SUCCESS;
+
+ } catch (ConfigurationException e) {
+ log.warn("An internal error occurs.", e);
+ addActionError(LanguageHelper.getErrorString("error.login.internal"));
+ return Constants.STRUTS_ERROR;
+ }
}
public String authenticate() {
@@ -80,29 +174,43 @@ public class IndexAction extends ActionSupport implements ServletRequestAware,
return Constants.STRUTS_ERROR;
} else {
- if (!dbuser.isIsActive()) {
- log.warn("Username " + dbuser.getUsername() + " is not active");
+ //TODO: maybe remove this default value in a later version
+ if (dbuser.isIsUsernamePasswordAllowed() == null)
+ dbuser.setIsUsernamePasswordAllowed(true);
+
+ if (!dbuser.isIsActive() || !dbuser.isIsUsernamePasswordAllowed()) {
+ log.warn("Username " + dbuser.getUsername() + " is not active or Username/Password login is not allowed");
addActionError(LanguageHelper.getErrorString("webpages.index.login.notallowed"));
return Constants.STRUTS_ERROR;
}
-
+
if (!dbuser.getPassword().equals(key)) {
log.warn("Username " + dbuser.getUsername() + " use a false password");
addActionError(LanguageHelper.getErrorString("webpages.index.login.notallowed"));
return Constants.STRUTS_ERROR;
}
+ //TODO: maybe remove this default value in a later version
+ boolean ismandateuser = false;
+ if (dbuser.isIsMandateUser() != null)
+ ismandateuser = dbuser.isIsMandateUser();
+
AuthenticatedUser authuser = new AuthenticatedUser(
dbuser.getHjid(),
dbuser.getGivenname(),
dbuser.getFamilyname(),
+ dbuser.getInstitut(),
dbuser.getUsername(),
true,
- dbuser.isIsAdmin());
+ dbuser.isIsAdmin(),
+ ismandateuser,
+ false);
- authuser.setLastLogin(dbuser.getLastLoginItem());
+ Date date = DateTimeHelper.parseDateTime(dbuser.getLastLogin());
+ if (date != null)
+ authuser.setLastLogin(date);;
- dbuser.setLastLoginItem(new Date());
+ dbuser.setLastLogin(DateTimeHelper.getDateTime(new Date()));
try {
ConfigurationDBUtils.saveOrUpdate(dbuser);
@@ -115,23 +223,600 @@ public class IndexAction extends ActionSupport implements ServletRequestAware,
finally {
ConfigurationDBUtils.closeSession();
}
- request.getSession().setAttribute(Constants.SESSION_AUTH, authuser);
+
+ HttpSession session = generateNewJSession(request);
+ session.setAttribute(Constants.SESSION_AUTH, authuser);
+
return Constants.STRUTS_SUCCESS;
}
}
+ public String pvp2login() {
+
+ String method = request.getMethod();
+ HttpSession session = request.getSession();
+ if (session == null) {
+ log.info("NO HTTP Session");
+ return Constants.STRUTS_ERROR;
+ }
+
+ String authID = (String) session.getAttribute(Constants.SESSION_PVP2REQUESTID);
+ session.setAttribute(Constants.SESSION_PVP2REQUESTID, null);
+
+ if (method.equals("POST")) {
+
+ try {
+ ConfigurationProvider config = ConfigurationProvider.getInstance();
+
+ //Decode with HttpPost Binding
+ HTTPPostDecoder decode = new HTTPPostDecoder(new BasicParserPool());
+ BasicSAMLMessageContext<Response, ?, ?> messageContext = new BasicSAMLMessageContext<Response, SAMLObject, SAMLObject>();
+ messageContext
+ .setInboundMessageTransport(new HttpServletRequestAdapter(
+ request));
+ decode.decode(messageContext);
+
+ Response samlResponse = (Response) messageContext.getInboundMessage();
+
+ Signature sign = samlResponse.getSignature();
+ if (sign == null) {
+ log.info("Only http POST Requests can be used");
+ addActionError(LanguageHelper.getErrorString("error.login"));
+ return Constants.STRUTS_ERROR;
+ }
+
+ //Validate Signature
+ SAMLSignatureProfileValidator profileValidator = new SAMLSignatureProfileValidator();
+ profileValidator.validate(sign);
+
+ //Verify Signature
+ List<KeyInfoProvider> keyInfoProvider = new ArrayList<KeyInfoProvider>();
+ keyInfoProvider.add(new DSAKeyValueProvider());
+ keyInfoProvider.add(new RSAKeyValueProvider());
+ keyInfoProvider.add(new InlineX509DataProvider());
+
+ KeyInfoCredentialResolver keyInfoResolver = new BasicProviderKeyInfoCredentialResolver(
+ keyInfoProvider);
+
+ MetadataCredentialResolverFactory credentialResolverFactory = MetadataCredentialResolverFactory.getFactory();
+ MetadataCredentialResolver credentialResolver = credentialResolverFactory.getInstance(config.getMetaDataProvier());
+
+ CriteriaSet criteriaSet = new CriteriaSet();
+ criteriaSet.add(new MetadataCriteria(IDPSSODescriptor.DEFAULT_ELEMENT_NAME, SAMLConstants.SAML20P_NS));
+ criteriaSet.add(new EntityIDCriteria(config.getPVP2IDPMetadataEntityName()));
+ criteriaSet.add(new UsageCriteria(UsageType.SIGNING));
+
+ ExplicitKeySignatureTrustEngine trustEngine = new ExplicitKeySignatureTrustEngine(credentialResolver, keyInfoResolver);
+ trustEngine.validate(sign, criteriaSet);
+
+ log.info("PVP2 Assertion is valid");
+
+ if (samlResponse.getStatus().getStatusCode().getValue().equals(StatusCode.SUCCESS_URI)) {
+
+ List<org.opensaml.saml2.core.Assertion> saml2assertions = new ArrayList<org.opensaml.saml2.core.Assertion>();
+
+ //check encrypted Assertion
+ List<EncryptedAssertion> encryAssertionList = samlResponse.getEncryptedAssertions();
+ if (encryAssertionList != null && encryAssertionList.size() > 0) {
+ //decrypt assertions
+
+ log.debug("Found encryped assertion. Start decryption ...");
+
+ KeyStore keyStore = config.getPVP2KeyStore();
+
+ X509Credential authDecCredential = new KeyStoreX509CredentialAdapter(
+ keyStore,
+ config.getPVP2KeystoreAuthRequestEncryptionKeyAlias(),
+ config.getPVP2KeystoreAuthRequestEncryptionKeyPassword().toCharArray());
+
+
+ StaticKeyInfoCredentialResolver skicr =
+ new StaticKeyInfoCredentialResolver(authDecCredential);
+
+ ChainingEncryptedKeyResolver encryptedKeyResolver = new ChainingEncryptedKeyResolver();
+ encryptedKeyResolver.getResolverChain().add( new InlineEncryptedKeyResolver() );
+ encryptedKeyResolver.getResolverChain().add( new EncryptedElementTypeEncryptedKeyResolver() );
+ encryptedKeyResolver.getResolverChain().add( new SimpleRetrievalMethodEncryptedKeyResolver() );
+
+ Decrypter samlDecrypter =
+ new Decrypter(null, skicr, encryptedKeyResolver);
+
+ for (EncryptedAssertion encAssertion : encryAssertionList) {
+ saml2assertions.add(samlDecrypter.decrypt(encAssertion));
+
+ }
+
+ log.debug("Assertion decryption finished. ");
+
+ } else {
+ saml2assertions = samlResponse.getAssertions();
+
+ }
+
+
+ if (MiscUtil.isEmpty(authID)) {
+ log.info("NO AuthRequestID");
+ return Constants.STRUTS_ERROR;
+ }
+
+ for (org.opensaml.saml2.core.Assertion saml2assertion : saml2assertions) {
+
+ Subject subject = saml2assertion.getSubject();
+ List<SubjectConfirmation> subjectconformlist = subject.getSubjectConfirmations();
+ for (SubjectConfirmation el : subjectconformlist) {
+ if (el.getMethod().equals(SubjectConfirmation.METHOD_BEARER)) {
+ SubjectConfirmationData date = el.getSubjectConfirmationData();
+
+ if (!authID.equals(date.getInResponseTo())) {
+ log.warn("PVPRequestID does not match PVP2 Assertion ID!");
+ return Constants.STRUTS_ERROR;
+
+ }
+ }
+ }
+
+ Conditions conditions = saml2assertion.getConditions();
+ DateTime notbefore = conditions.getNotBefore();
+ DateTime notafter = conditions.getNotOnOrAfter();
+ if ( notbefore.isAfterNow() || notafter.isBeforeNow() ) {
+ log.warn("PVP2 Assertion is out of Date");
+ return Constants.STRUTS_ERROR;
+
+ }
+
+ NameID nameID = subject.getNameID();
+ if (nameID == null) {
+ log.warn("No NameID element in PVP2 assertion!");
+ return Constants.STRUTS_ERROR;
+ }
+
+ String bpkwbpk = nameID.getNameQualifier() + "+" + nameID.getValue();
+
+ //search user
+ UserDatabase dbuser = ConfigurationDBRead.getUserWithUserBPKWBPK(bpkwbpk);
+ if (dbuser == null) {
+ log.info("No user found with bpk/wbpk " + bpkwbpk);
+
+ //read PVP2 assertion attributes;
+ user = new UserDatabaseFrom();
+ user.setActive(false);
+ user.setAdmin(false);
+ user.setBpk(bpkwbpk);
+ user.setIsusernamepasswordallowed(false);
+ user.setIsmandateuser(false);
+ user.setPVPGenerated(true);
+
+ authUser = new AuthenticatedUser();
+ authUser.setAdmin(false);
+ authUser.setAuthenticated(false);
+ authUser.setLastLogin(null);
+ authUser.setUserID(-1);
+ authUser.setUserName(null);
+ authUser.setPVP2Login(true);
+ authUser.setMandateUser(false);
+
+ //loop through the nodes to get what we want
+ List<AttributeStatement> attributeStatements = saml2assertion.getAttributeStatements();
+ for (int i = 0; i < attributeStatements.size(); i++)
+ {
+ List<Attribute> attributes = attributeStatements.get(i).getAttributes();
+ for (int x = 0; x < attributes.size(); x++)
+ {
+ String strAttributeName = attributes.get(x).getDOM().getAttribute("Name");
+
+ if (strAttributeName.equals(PVPConstants.PRINCIPAL_NAME_NAME)) {
+ user.setFamilyName(attributes.get(x).getAttributeValues().get(0).getDOM().getTextContent());
+ authUser.setFamilyName(user.getFamilyName());
+ }
+
+ if (strAttributeName.equals(PVPConstants.GIVEN_NAME_NAME)) {
+ user.setGivenName(attributes.get(x).getAttributeValues().get(0).getDOM().getTextContent());
+ authUser.setGivenName(user.getGivenName());
+ }
+
+ if (strAttributeName.equals(PVPConstants.MANDATE_TYPE_NAME)) {
+ authUser.setMandateUser(true);
+ user.setIsmandateuser(true);
+ }
+
+ if (strAttributeName.equals(PVPConstants.MANDATE_LEG_PER_FULL_NAME_NAME)) {
+ user.setInstitut(attributes.get(x).getAttributeValues().get(0).getDOM().getTextContent());
+ authUser.setInstitute(user.getInstitut());
+ }
+ }
+ }
+
+ //set Random value
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+ session.setAttribute(Constants.SESSION_FORM, user);
+ session.setAttribute(Constants.SESSION_AUTH, authUser);
+
+ ConfigurationDBUtils.closeSession();
+
+ return Constants.STRUTS_NEWUSER;
+
+ } else {
+ if (!dbuser.isIsActive()) {
+
+ if (!dbuser.isIsMailAddressVerified()) {
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+
+ user = new UserDatabaseFrom(dbuser);
+ authUser = new AuthenticatedUser(
+ dbuser.getHjid(),
+ dbuser.getGivenname(),
+ dbuser.getFamilyname(),
+ dbuser.getInstitut(),
+ dbuser.getUsername(),
+ false,
+ false,
+ dbuser.isIsMandateUser(),
+ true);
+ session.setAttribute(Constants.SESSION_FORM, user);
+ session.setAttribute(Constants.SESSION_AUTH, authUser);
+
+ return Constants.STRUTS_NEWUSER;
+
+ }
+
+ log.info("User with bpk/wbpk " + bpkwbpk + " is not active");
+ addActionError(LanguageHelper.getErrorString("webpages.index.username.notactive"));
+ return Constants.STRUTS_ERROR;
+ }
+
+ //TODO: maybe remove this default value in a later version
+ boolean ismandateuser = false;
+ if (dbuser.isIsMandateUser() != null)
+ ismandateuser = dbuser.isIsMandateUser();
+
+ authUser = new AuthenticatedUser(
+ dbuser.getHjid(),
+ dbuser.getGivenname(),
+ dbuser.getFamilyname(),
+ dbuser.getInstitut(),
+ dbuser.getUsername(),
+ true,
+ dbuser.isIsAdmin(),
+ ismandateuser,
+ true);
+
+ Date date = DateTimeHelper.parseDateTime(dbuser.getLastLogin());
+ if (date != null)
+ authUser.setLastLogin(date);;
+
+ dbuser.setLastLogin(DateTimeHelper.getDateTime(new Date()));
+
+ try {
+ ConfigurationDBUtils.saveOrUpdate(dbuser);
+
+ } catch (MOADatabaseException e) {
+ log.warn("UserDatabase communicaton error", e);
+ addActionError(LanguageHelper.getErrorString("error.login"));
+ return Constants.STRUTS_ERROR;
+ }
+ finally {
+ ConfigurationDBUtils.closeSession();
+ }
+
+ HttpSession newsession = generateNewJSession(request);
+ newsession.setAttribute(Constants.SESSION_AUTH, authUser);
+ return Constants.STRUTS_SUCCESS;
+
+ }
+ }
+
+ log.info("PVP2 Assertion was maybe not well formed, because no Assertion element could be found.");
+ addActionError(LanguageHelper.getErrorString("error.login.internal"));
+ return Constants.STRUTS_ERROR;
+
+ } else {
+ log.info("Receive Error Assertion.");
+ addActionError(LanguageHelper.getErrorString("error.login"));
+ return Constants.STRUTS_ERROR;
+ }
+
+ } catch (Exception e) {
+ log.warn("An internal error occurs.", e);
+ addActionError(LanguageHelper.getErrorString("error.login.internal"));
+ return Constants.STRUTS_ERROR;
+ }
+
+ } else {
+ log.info("Only http POST Requests can be used");
+ addActionError(LanguageHelper.getErrorString("error.login.internal"));
+ return Constants.STRUTS_ERROR;
+ }
+ }
+
+ public String requestNewUser() {
+
+ HttpSession session = request.getSession();
+ if (session == null) {
+ log.warn("No active Session found");
+ return Constants.STRUTS_ERROR;
+ }
+
+ Object formidobj = session.getAttribute(Constants.SESSION_FORMID);
+ if (formidobj != null && formidobj instanceof String) {
+ String formid = (String) formidobj;
+ if (!formid.equals(formID)) {
+ log.warn("FormIDs does not match. Some suspect Form is received from user "
+ + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID());
+ return Constants.STRUTS_ERROR;
+ }
+ } else {
+ log.warn("FormIDs does not match. Some suspect Form is received from user "
+ + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID());
+ return Constants.STRUTS_ERROR;
+ }
+ session.setAttribute(Constants.SESSION_FORMID, null);
+
+ Object sessionformobj = session.getAttribute(Constants.SESSION_FORM);
+ if (sessionformobj != null && sessionformobj instanceof UserDatabaseFrom) {
+ UserDatabaseFrom sessionform = (UserDatabaseFrom) sessionformobj;
+
+ Object authUserObj = session.getAttribute(Constants.SESSION_AUTH);
+ authUser = (AuthenticatedUser) authUserObj;
+
+ if (user == null) {
+ log.warn("No form transmited");
+ return Constants.STRUTS_ERROR;
+ }
+
+ //get UserID
+ String useridobj = user.getUserID();
+ long userID = -1;
+ if (MiscUtil.isEmpty(useridobj)) {
+ userID = -1;
+
+ } else {
+ if (!ValidationHelper.validateOAID(useridobj)){
+ log.warn("User with ID " + authUser.getUserID()
+ + " would access UserDatabase ID " + useridobj);
+ addActionError(LanguageHelper.getErrorString("errors.edit.user.notallowed", request));
+ return Constants.STRUTS_ERROR;
+ }
+ userID = Long.valueOf(useridobj);
+ }
+
+ String check;
+ if (!sessionform.isIsmandateuser()) {
+ check = user.getInstitut();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ log.warn("Organisation contains potentail XSS characters: " + check);
+ addActionError(LanguageHelper.getErrorString("validation.edituser.institut.valid",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+ }
+ } else {
+ log.warn("Organisation is empty");
+ addActionError(LanguageHelper.getErrorString("validation.edituser.institut.empty"));
+ }
+ }
+
+ check = user.getMail();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!ValidationHelper.isEmailAddressFormat(check)) {
+ log.warn("Mailaddress is not valid: " + check);
+ addActionError(LanguageHelper.getErrorString("validation.edituser.mail.valid",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+ }
+ } else {
+ log.warn("Mailaddress is empty");
+ addActionError(LanguageHelper.getErrorString("validation.edituser.mail.empty"));
+ }
+
+ check = user.getPhone();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ log.warn("Phonenumber contains potentail XSS characters: " + check);
+ addActionError(LanguageHelper.getErrorString("validation.edituser.phone.valid",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+ }
+ } else {
+ log.warn("Phonenumber is empty");
+ addActionError(LanguageHelper.getErrorString("validation.edituser.phone.empty"));
+ }
+
+ if (hasActionErrors()) {
+ log.info("Some form errors found. Send user back to form");
+
+ user.setPVPGenerated(true);
+ user.setFamilyName(sessionform.getFamilyName());
+ user.setGivenName(sessionform.getGivenName());
+ user.setIsmandateuser(sessionform.isIsmandateuser());
+ user.setBpk(sessionform.getBpk());
+
+ if (sessionform.isIsmandateuser())
+ user.setInstitut(sessionform.getInstitut());
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+
+ return Constants.STRUTS_NEWUSER;
+ }
+
+ UserDatabase dbuser;
+
+ if (userID < 0) {
+ dbuser = new UserDatabase();
+ dbuser.setBpk(sessionform.getBpk());
+ dbuser.setFamilyname(sessionform.getFamilyName());
+ dbuser.setGivenname(sessionform.getGivenName());
+
+ if (sessionform.isIsmandateuser())
+ dbuser.setInstitut(sessionform.getInstitut());
+ else
+ dbuser.setInstitut(user.getInstitut());
+
+ dbuser.setIsPVP2Generated(true);
+ dbuser.setLastLogin(DateTimeHelper.getDateTime(new Date()));
+ dbuser.setIsActive(false);
+ dbuser.setIsAdmin(false);
+ dbuser.setIsMandateUser(sessionform.isIsmandateuser());
+ dbuser.setIsUsernamePasswordAllowed(false);
+
+ } else
+ dbuser = ConfigurationDBRead.getUserWithID(userID);
+
+ dbuser.setMail(user.getMail());
+ dbuser.setPhone(user.getPhone());
+ dbuser.setIsAdminRequest(true);
+ dbuser.setIsMailAddressVerified(false);
+ dbuser.setUserRequestTokken(Random.nextRandom());
+
+ try {
+ ConfigurationDBUtils.saveOrUpdate(dbuser);
+
+ MailHelper.sendUserMailAddressVerification(dbuser);
+
+ } catch (MOADatabaseException e) {
+ log.warn("New UserRequest can not be stored in database", e);
+ return Constants.STRUTS_ERROR;
+
+ } catch (ConfigurationException e) {
+ log.warn("Sending of mailaddress verification mail failed.", e);
+ addActionError(LanguageHelper.getErrorString("error.mail.send"));
+ return Constants.STRUTS_NEWUSER;
+ }
+
+ finally {
+ session.setAttribute(Constants.SESSION_FORM, null);
+ session.setAttribute(Constants.SESSION_AUTH, null);
+ ConfigurationDBUtils.closeSession();
+ }
+
+ addActionMessage(LanguageHelper.getGUIString("webpages.edituser.changemailaddress.verify"));
+
+ session.invalidate();
+
+ return Constants.STRUTS_SUCCESS;
+
+ } else {
+ log.warn("No SessionForm found");
+ return Constants.STRUTS_ERROR;
+ }
+
+ }
+
+ public String mailAddressVerification() {
+
+ String userrequesttokken = request.getParameter(Constants.REQUEST_USERREQUESTTOKKEN);
+ if (MiscUtil.isNotEmpty(userrequesttokken)) {
+
+ userrequesttokken = StringEscapeUtils.escapeHtml(userrequesttokken);
+
+ try {
+ Long.parseLong(userrequesttokken);
+
+ } catch (NumberFormatException e) {
+ log.warn("Verificationtokken has no number format.");
+ return Constants.STRUTS_ERROR;
+ }
+
+ UserDatabase dbuser = ConfigurationDBRead.getNewUserWithTokken(userrequesttokken);
+ if (dbuser != null) {
+ dbuser.setUserRequestTokken(null);
+ dbuser.setIsMailAddressVerified(true);
+
+ if (dbuser.isIsActive())
+ dbuser.setIsAdminRequest(false);
+
+ try {
+ ConfigurationDBUtils.saveOrUpdate(dbuser);
+
+ int numoas = 0;
+ int numusers = 0;
+
+ List<OnlineApplication> openOAs = ConfigurationDBRead.getAllNewOnlineApplications();
+ if (openOAs != null)
+ numoas = openOAs.size();
+
+ List<UserDatabase> openUsers = ConfigurationDBRead.getAllNewUsers();
+ if (openUsers != null)
+ numusers = openUsers.size();
+
+ if (numusers > 0 || numoas > 0)
+ MailHelper.sendAdminMail(numoas, numusers);
+
+ } catch (MOADatabaseException e) {
+ log.warn("Userinformation can not be stored in Database.", e);
+ addActionError(LanguageHelper.getErrorString("error.mail.verification"));
+
+ } catch (ConfigurationException e) {
+ log.warn("Send mail to admin failed.", e);
+ }
+
+ finally {
+ ConfigurationDBUtils.closeSession();
+ }
+
+ addActionMessage(LanguageHelper.getGUIString("validation.newuser.mailaddress"));
+ return Constants.STRUTS_SUCCESS;
+ }
+ }
+
+ return Constants.STRUTS_ERROR;
+ }
+
public String logout() {
HttpSession session = request.getSession();
+
+ Object authUserObj = session.getAttribute(Constants.SESSION_AUTH);
+ authUser = (AuthenticatedUser) authUserObj;
if (session != null)
session.invalidate();
+ try {
+ ConfigurationProvider config = ConfigurationProvider.getInstance();
+ String ssologout = config.getSSOLogOutURL();
+
+ if (MiscUtil.isNotEmpty(ssologout) && authUser != null && authUser.isPVP2Login()) {
+ ssologouturl = ssologout + config.getPublicUrlPreFix(request);
+ return Constants.STRUTS_SSOLOGOUT;
+
+ }
+
+ } catch (ConfigurationException e) {
+ log.warn("Configuration can not be loaded.", e);
+
+ }
+
return Constants.STRUTS_SUCCESS;
}
+ private HttpSession generateNewJSession(HttpServletRequest request) {
+ HttpSession session = request.getSession(false);
+
+ if (session != null) {
+
+ HashMap<String, Object> attributes = new HashMap<String,Object>();
+
+ Enumeration<String> enames = session.getAttributeNames();
+ while (enames.hasMoreElements()) {
+ String name = enames.nextElement();
+ if (!name.equals("JSESSIONID"))
+ attributes.put(name, session.getAttribute( name));
+ }
+ session.invalidate();
+
+ session = request.getSession(true);
+ for (Entry<String,Object> et : attributes.entrySet())
+ session.setAttribute( et.getKey(), et.getValue());
+
+ } else
+ session = request.getSession(true);
+
+ return session;
+ }
+
public void setServletResponse(HttpServletResponse arg0) {
- this.response = arg0;
+// this.response = arg0;
}
public void setServletRequest(HttpServletRequest arg0) {
this.request = arg0;
@@ -164,7 +849,55 @@ public class IndexAction extends ActionSupport implements ServletRequestAware,
public void setUsername(String username) {
this.username = username;
}
+
+ /**
+ * @return the authUser
+ */
+ public AuthenticatedUser getAuthUser() {
+ return authUser;
+ }
+
+ /**
+ * @return the user
+ */
+ public UserDatabaseFrom getUser() {
+ return user;
+ }
+
+ /**
+ * @param user the user to set
+ */
+ public void setUser(UserDatabaseFrom user) {
+ this.user = user;
+ }
+
+ /**
+ * @return the ssologouturl
+ */
+ public String getSsologouturl() {
+ return ssologouturl;
+ }
+
+ /**
+ * @return the formID
+ */
+ public String getFormID() {
+ return formID;
+ }
+
+ /**
+ * @param formID the formID to set
+ */
+ public void setFormID(String formID) {
+ this.formID = formID;
+ }
+
+ /**
+ * @return the pvp2LoginActiv
+ */
+ public boolean isPvp2LoginActiv() {
+ return pvp2LoginActiv;
+ }
-
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java
index f5f265ea6..5e6c10f0c 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java
@@ -1,3 +1,25 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.struts.action;
import java.util.ArrayList;
@@ -5,6 +27,7 @@ import java.util.List;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
import org.apache.log4j.Logger;
import org.apache.struts2.interceptor.ServletRequestAware;
@@ -15,13 +38,12 @@ import com.opensymphony.xwork2.ActionSupport;
import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead;
import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
-import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplicationType;
import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase;
import at.gv.egovernment.moa.id.configuration.Constants;
import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
-import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider;
import at.gv.egovernment.moa.id.configuration.data.OAListElement;
import at.gv.egovernment.moa.id.configuration.exception.ConfigurationException;
+import at.gv.egovernment.moa.id.configuration.helper.FormDataHelper;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper;
import at.gv.egovernment.moa.util.MiscUtil;
@@ -34,22 +56,27 @@ public class ListOAsAction extends ActionSupport implements ServletRequestAware,
private static final long serialVersionUID = 1L;
private HttpServletRequest request;
- private HttpServletResponse response;
- private ConfigurationProvider configuration;
+// private HttpServletResponse response;
+// private ConfigurationProvider configuration;
private List<OAListElement> formOAs;
private AuthenticatedUser authUser;
private String friendlyname;
public ListOAsAction() throws ConfigurationException {
- configuration = ConfigurationProvider.getInstance();
+// configuration = ConfigurationProvider.getInstance();
}
public String listAllOnlineAppliactions() {
+ HttpSession session = request.getSession();
+ if (session == null) {
+ log.info("No http Session found.");
+ return Constants.STRUTS_ERROR;
+ }
- Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+ Object authUserObj = session.getAttribute(Constants.SESSION_AUTH);
authUser = (AuthenticatedUser) authUserObj;
@@ -65,8 +92,16 @@ public class ListOAsAction extends ActionSupport implements ServletRequestAware,
dbOAs = authUserDB.getOnlineApplication();
}
- addFormOAs(dbOAs);
-
+ if (dbOAs == null || dbOAs.size() == 0) {
+ addActionError(LanguageHelper.getErrorString("errors.listOAs.noOA"));
+
+ } else {
+ formOAs = FormDataHelper.addFormOAs(dbOAs);
+ }
+
+ session.setAttribute(Constants.SESSION_RETURNAREA,
+ Constants.STRUTS_RETURNAREA_VALUES.main.name());
+
ConfigurationDBUtils.closeSession();
return Constants.STRUTS_SUCCESS;
@@ -86,8 +121,13 @@ public class ListOAsAction extends ActionSupport implements ServletRequestAware,
}
public String searchOA() {
+ HttpSession session = request.getSession();
+ if (session == null) {
+ log.info("No http Session found.");
+ return Constants.STRUTS_ERROR;
+ }
- Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+ Object authUserObj = session.getAttribute(Constants.SESSION_AUTH);
authUser = (AuthenticatedUser) authUserObj;
@@ -125,34 +165,25 @@ public class ListOAsAction extends ActionSupport implements ServletRequestAware,
}
}
- addFormOAs(dbOAs);
-
- ConfigurationDBUtils.closeSession();
-
- return Constants.STRUTS_SUCCESS;
- }
-
- private void addFormOAs(List<OnlineApplication> dbOAs) {
-
- formOAs = new ArrayList<OAListElement>();
if (dbOAs == null || dbOAs.size() == 0) {
- addActionError(LanguageHelper.getErrorString("errors.listOAs.noOA", request));
+ log.debug("No OAs found with Identifier " + friendlyname);
+ addActionError(LanguageHelper.getErrorString("errors.listOAs.noOA"));
} else {
- for (OnlineApplication dboa : dbOAs) {
- OAListElement listoa = new OAListElement();
- listoa.setActive(dboa.isIsActive());
- listoa.setDataBaseID(dboa.getHjid());
- listoa.setOaFriendlyName(dboa.getFriendlyName());
- listoa.setOaIdentifier(dboa.getPublicURLPrefix());
- listoa.setOaType(dboa.getType());
- formOAs.add(listoa);
- }
+
+ formOAs = FormDataHelper.addFormOAs(dbOAs);
+ session.setAttribute(Constants.SESSION_RETURNAREA,
+ Constants.STRUTS_RETURNAREA_VALUES.main.name());
+
}
- }
+
+ ConfigurationDBUtils.closeSession();
+ return Constants.STRUTS_SUCCESS;
+ }
+
public void setServletResponse(HttpServletResponse arg0) {
- this.response = arg0;
+// this.response = arg0;
}
public void setServletRequest(HttpServletRequest arg0) {
this.request = arg0;
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/MainAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/MainAction.java
index aeafe9548..007d22110 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/MainAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/MainAction.java
@@ -1,43 +1,77 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.struts.action;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+import org.apache.log4j.Logger;
import org.apache.struts2.interceptor.ServletRequestAware;
import org.apache.struts2.interceptor.ServletResponseAware;
import at.gv.egovernment.moa.id.configuration.Constants;
import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
-import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider;
import at.gv.egovernment.moa.id.configuration.exception.ConfigurationException;
public class MainAction implements ServletRequestAware,
ServletResponseAware {
+ private static final Logger log = Logger.getLogger(MainAction.class);
+
private HttpServletRequest request;
- private HttpServletResponse response;
- private ConfigurationProvider configuration;
+// private HttpServletResponse response;
+// private ConfigurationProvider configuration;
private AuthenticatedUser authUser;
public MainAction() throws ConfigurationException {
- configuration = ConfigurationProvider.getInstance();
+// configuration = ConfigurationProvider.getInstance();
}
public String generateMainFrame() {
- Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+ HttpSession session = request.getSession();
+ if (session == null) {
+ log.info("No http Session found.");
+ return Constants.STRUTS_ERROR;
+ }
+
+ Object authUserObj = session.getAttribute(Constants.SESSION_AUTH);
authUser = (AuthenticatedUser) authUserObj;
+
+ session.setAttribute(Constants.SESSION_RETURNAREA, null);
+
return Constants.STRUTS_SUCCESS;
}
public void setServletResponse(HttpServletResponse arg0) {
- this.response = arg0;
+// this.response = arg0;
}
public void setServletRequest(HttpServletRequest arg0) {
this.request = arg0;
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/OpenAdminRequestsAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/OpenAdminRequestsAction.java
new file mode 100644
index 000000000..f064795ec
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/OpenAdminRequestsAction.java
@@ -0,0 +1,128 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
+package at.gv.egovernment.moa.id.configuration.struts.action;
+
+import java.util.List;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+
+import org.apache.log4j.Logger;
+import org.apache.struts2.interceptor.ServletRequestAware;
+import org.apache.struts2.interceptor.ServletResponseAware;
+
+import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead;
+import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
+import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase;
+import at.gv.egovernment.moa.id.configuration.Constants;
+import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
+import at.gv.egovernment.moa.id.configuration.data.OAListElement;
+import at.gv.egovernment.moa.id.configuration.helper.FormDataHelper;
+
+import com.opensymphony.xwork2.ActionSupport;
+
+public class OpenAdminRequestsAction extends ActionSupport
+ implements ServletRequestAware, ServletResponseAware {
+
+ private static final Logger log = Logger.getLogger(OpenAdminRequestsAction.class);
+
+ private static final long serialVersionUID = 1L;
+
+ private HttpServletRequest request;
+// private HttpServletResponse response;
+
+ private AuthenticatedUser authUser = null;
+ private List<OAListElement> formOAs = null;
+ private List<AuthenticatedUser> userlist = null;
+
+
+ public String init() {
+
+ HttpSession session = request.getSession();
+ if (session == null) {
+ log.info("No http Session found.");
+ return Constants.STRUTS_ERROR;
+ }
+
+ Object authUserObj = session.getAttribute(Constants.SESSION_AUTH);
+
+ authUser = (AuthenticatedUser) authUserObj;
+
+ if (authUser.isAdmin()) {
+
+ List<OnlineApplication> dbOAs = ConfigurationDBRead.getAllNewOnlineApplications();
+ if (dbOAs != null) {
+ formOAs = FormDataHelper.addFormOAs(dbOAs);
+ }
+
+ List<UserDatabase> dbUsers = ConfigurationDBRead.getAllNewUsers();
+ if (dbUsers != null){
+ userlist = FormDataHelper.addFormUsers(dbUsers);
+ }
+
+ session.setAttribute(Constants.SESSION_RETURNAREA,
+ Constants.STRUTS_RETURNAREA_VALUES.adminRequestsInit.name());
+
+ return Constants.STRUTS_SUCCESS;
+ } else {
+ log.info("Access to OpenAdminRequest area is not allowed for user with ID" + authUser.getUserID());
+ return Constants.STRUTS_NOTALLOWED;
+ }
+
+ }
+
+
+ public void setServletResponse(HttpServletResponse response) {
+// this.response = response;
+ }
+
+ public void setServletRequest(HttpServletRequest request) {
+ this.request = request;
+ }
+
+
+ /**
+ * @return the authUser
+ */
+ public AuthenticatedUser getAuthUser() {
+ return authUser;
+ }
+
+
+ /**
+ * @return the formOAs
+ */
+ public List<OAListElement> getFormOAs() {
+ return formOAs;
+ }
+
+
+ /**
+ * @return the userlist
+ */
+ public List<AuthenticatedUser> getUserlist() {
+ return userlist;
+ }
+
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java
index 2a9ec038f..ac3fb9938 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java
@@ -1,11 +1,34 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.struts.action;
-import java.util.ArrayList;
-import java.util.Date;
+import java.io.ByteArrayInputStream;
+import java.io.InputStream;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
import org.apache.log4j.Logger;
import org.apache.struts2.interceptor.ServletRequestAware;
@@ -18,10 +41,14 @@ import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
import at.gv.egovernment.moa.id.configuration.Constants;
import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
import at.gv.egovernment.moa.id.configuration.data.UserDatabaseFrom;
+import at.gv.egovernment.moa.id.configuration.exception.ConfigurationException;
import at.gv.egovernment.moa.id.configuration.helper.AuthenticationHelper;
+import at.gv.egovernment.moa.id.configuration.helper.FormDataHelper;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
+import at.gv.egovernment.moa.id.configuration.helper.MailHelper;
import at.gv.egovernment.moa.id.configuration.validation.UserDatabaseFormValidator;
import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper;
+import at.gv.egovernment.moa.id.util.Random;
import at.gv.egovernment.moa.util.MiscUtil;
import com.opensymphony.xwork2.ActionSupport;
@@ -34,7 +61,7 @@ public class UserManagementAction extends ActionSupport
private static final long serialVersionUID = 1L;
private HttpServletRequest request;
- private HttpServletResponse response;
+// private HttpServletResponse response;
private AuthenticatedUser authUser = null;
@@ -43,30 +70,34 @@ public class UserManagementAction extends ActionSupport
private String useridobj = null;
private static boolean newUser = false;
+ private InputStream stream;
+ private String nextPage;
+ private String formID;
public String init() {
- Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+ HttpSession session = request.getSession();
+ if (session == null) {
+ log.info("No http Session found.");
+ return Constants.STRUTS_ERROR;
+ }
+ Object authUserObj = session.getAttribute(Constants.SESSION_AUTH);
authUser = (AuthenticatedUser) authUserObj;
-
+
if (authUser.isAdmin()) {
+ log.info("Show NewserRequests");
+
log.info("Show UserList");
List<UserDatabase> dbuserlist = ConfigurationDBRead.getAllUsers();
+
if (dbuserlist != null) {
- userlist = new ArrayList<AuthenticatedUser>();
-
- for (UserDatabase dbuser : dbuserlist) {
- userlist.add(new AuthenticatedUser(
- dbuser.getHjid(),
- dbuser.getGivenname(),
- dbuser.getFamilyname(),
- dbuser.getUsername(),
- dbuser.isIsActive(),
- dbuser.isIsAdmin()));
- }
+ userlist = FormDataHelper.addFormUsers(dbuserlist);
}
+
+ session.setAttribute(Constants.SESSION_RETURNAREA,
+ Constants.STRUTS_RETURNAREA_VALUES.usermanagementInit.name());
ConfigurationDBUtils.closeSession();
return Constants.STRUTS_SUCCESS;
@@ -79,20 +110,37 @@ public class UserManagementAction extends ActionSupport
}
user = new UserDatabaseFrom(dbuser);
ConfigurationDBUtils.closeSession();
+
+ session.setAttribute(Constants.SESSION_RETURNAREA,
+ Constants.STRUTS_RETURNAREA_VALUES.main.name());
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+
return Constants.STRUTS_NOTALLOWED;
}
}
public String createuser() {
- Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+ HttpSession session = request.getSession();
+ if (session == null) {
+ log.info("No http Session found.");
+ return Constants.STRUTS_ERROR;
+ }
+
+ Object authUserObj = session.getAttribute(Constants.SESSION_AUTH);
authUser = (AuthenticatedUser) authUserObj;
+ nextPage = Constants.STRUTS_RETURNAREA_VALUES.usermanagementInit.name();
if (authUser.isAdmin()) {
user = new UserDatabaseFrom();
newUser = true;
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
return Constants.STRUTS_SUCCESS;
} else {
@@ -101,10 +149,27 @@ public class UserManagementAction extends ActionSupport
}
public String edituser() {
- Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+ HttpSession session = request.getSession();
+ if (session == null) {
+ log.info("No http Session found.");
+ return Constants.STRUTS_ERROR;
+ }
+ Object authUserObj = session.getAttribute(Constants.SESSION_AUTH);
authUser = (AuthenticatedUser) authUserObj;
+ Object nextPageAttr = session.getAttribute(Constants.SESSION_RETURNAREA);
+ if (nextPageAttr != null && nextPageAttr instanceof String
+ && MiscUtil.isNotEmpty((String)nextPageAttr) ) {
+ nextPage = (String) nextPageAttr;
+
+ } else {
+ nextPage = Constants.STRUTS_RETURNAREA_VALUES.usermanagementInit.name();
+ }
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+
if (authUser.isAdmin()) {
long userid = -1;
@@ -136,11 +201,31 @@ public class UserManagementAction extends ActionSupport
}
}
- public String saveuser() {
- Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+ public String saveuser() {
+ HttpSession session = request.getSession();
+ if (session == null) {
+ log.info("No http Session found.");
+ return Constants.STRUTS_ERROR;
+ }
+ Object authUserObj = session.getAttribute(Constants.SESSION_AUTH);
authUser = (AuthenticatedUser) authUserObj;
+ Object formidobj = session.getAttribute(Constants.SESSION_FORMID);
+ if (formidobj != null && formidobj instanceof String) {
+ String formid = (String) formidobj;
+ if (!formid.equals(formID)) {
+ log.warn("FormIDs does not match. Some suspect Form is received from user "
+ + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID());
+ return Constants.STRUTS_ERROR;
+ }
+ } else {
+ log.warn("FormIDs does not match. Some suspect Form is received from user "
+ + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID());
+ return Constants.STRUTS_ERROR;
+ }
+ session.setAttribute(Constants.SESSION_FORMID, null);
+
String useridobj = user.getUserID();
long userID = -1;
if (MiscUtil.isEmpty(useridobj)) {
@@ -156,9 +241,30 @@ public class UserManagementAction extends ActionSupport
userID = Long.valueOf(useridobj);
}
+ UserDatabase dbuser = ConfigurationDBRead.getUserWithID(userID);
+
+ if( dbuser == null) {
+ dbuser = new UserDatabase();
+ dbuser.setIsMandateUser(false);
+ dbuser.setIsAdminRequest(false);
+ dbuser.setIsPVP2Generated(false);
+ dbuser.setUserRequestTokken(null);
+ dbuser.setIsMailAddressVerified(false);
+ dbuser.setUsername(user.getUsername());
+ }
+
List<String> errors;
UserDatabaseFormValidator validator = new UserDatabaseFormValidator();
- errors = validator.validate(user, userID);
+
+ boolean ispvp2 = false;
+ boolean ismandate = false;
+ if (dbuser.isIsPVP2Generated() != null)
+ ispvp2 = dbuser.isIsPVP2Generated();
+
+ if (dbuser.isIsMandateUser() != null)
+ ismandate = dbuser.isIsMandateUser();
+
+ errors = validator.validate(user, userID, ispvp2, ismandate);
if (errors.size() > 0) {
log.info("UserDataForm has some erros.");
@@ -169,6 +275,14 @@ public class UserManagementAction extends ActionSupport
if (MiscUtil.isEmpty(user.getUsername()))
newUser = true;
+ user.setIsmandateuser(ismandate);
+ user.setPVPGenerated(ispvp2);
+ if (dbuser.isIsUsernamePasswordAllowed() != null)
+ user.setIsusernamepasswordallowed(dbuser.isIsUsernamePasswordAllowed());
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+
return Constants.STRUTS_ERROR_VALIDATION;
}
@@ -181,8 +295,49 @@ public class UserManagementAction extends ActionSupport
}
}
-
- String error = saveFormToDB();
+
+ if (!user.getMail().equals(dbuser.getMail()) && !authUser.isAdmin()) {
+ dbuser.setIsMailAddressVerified(false);
+ dbuser.setUserRequestTokken(Random.nextRandom());
+
+ try {
+ MailHelper.sendUserMailAddressVerification(dbuser);
+ addActionMessage(LanguageHelper.getGUIString("webpages.edituser.changemailaddress.verify"));
+
+ } catch (ConfigurationException e) {
+ log.warn("Sending of mailaddress verification mail failed.", e);
+ addActionError(LanguageHelper.getErrorString("error.mail.send"));
+ }
+ }
+
+ Object nextPageAttr = session.getAttribute(Constants.SESSION_RETURNAREA);
+ if (nextPageAttr != null && nextPageAttr instanceof String
+ && MiscUtil.isNotEmpty((String)nextPageAttr) ) {
+ nextPage = (String) nextPageAttr;
+
+ if (nextPage.equals(Constants.STRUTS_RETURNAREA_VALUES.adminRequestsInit.name()) &&
+ user.isActive()) {
+ dbuser.setIsAdminRequest(false);
+ try {
+ if (dbuser.isIsMandateUser())
+ MailHelper.sendUserAccountActivationMail(dbuser.getGivenname(), dbuser.getFamilyname(),
+ dbuser.getInstitut(), user.getMail());
+ else
+ MailHelper.sendUserAccountActivationMail(dbuser.getGivenname(), dbuser.getFamilyname(),
+ null, user.getMail());
+
+ } catch (ConfigurationException e) {
+ log.warn("Send UserAccountActivation mail failed", e);
+ }
+ }
+ session.setAttribute(Constants.SESSION_RETURNAREA, null);
+
+ } else {
+ nextPage = Constants.STRUTS_RETURNAREA_VALUES.usermanagementInit.name();
+ }
+
+ String error = saveFormToDB(dbuser);
+
if (error != null) {
log.warn("UserData can not be stored in Database");
addActionError(error);
@@ -194,10 +349,30 @@ public class UserManagementAction extends ActionSupport
}
public String deleteuser() {
- Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+ HttpSession session = request.getSession();
+ if (session == null) {
+ log.info("No http Session found.");
+ return Constants.STRUTS_ERROR;
+ }
+ Object authUserObj = session.getAttribute(Constants.SESSION_AUTH);
authUser = (AuthenticatedUser) authUserObj;
-
+
+ Object formidobj = session.getAttribute(Constants.SESSION_FORMID);
+ if (formidobj != null && formidobj instanceof String) {
+ String formid = (String) formidobj;
+ if (!formid.equals(formID)) {
+ log.warn("FormIDs does not match. Some suspect Form is received from user "
+ + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID());
+ return Constants.STRUTS_ERROR;
+ }
+ } else {
+ log.warn("FormIDs does not match. Some suspect Form is received from user "
+ + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID());
+ return Constants.STRUTS_ERROR;
+ }
+ session.setAttribute(Constants.SESSION_FORMID, null);
+
String useridobj = user.getUserID();
long userID = -1;
if (MiscUtil.isEmpty(useridobj)) {
@@ -222,6 +397,16 @@ public class UserManagementAction extends ActionSupport
}
}
+ Object nextPageAttr = session.getAttribute(Constants.SESSION_RETURNAREA);
+ if (nextPageAttr != null && nextPageAttr instanceof String
+ && MiscUtil.isNotEmpty((String)nextPageAttr) ) {
+ nextPage = (String) nextPageAttr;
+ session.setAttribute(Constants.SESSION_RETURNAREA, null);
+
+ } else {
+ nextPage = Constants.STRUTS_RETURNAREA_VALUES.usermanagementInit.name();
+ }
+
UserDatabase dbuser = ConfigurationDBRead.getUserWithID(userID);
if (dbuser != null) {
dbuser.setOnlineApplication(null);
@@ -230,8 +415,22 @@ public class UserManagementAction extends ActionSupport
ConfigurationDBUtils.saveOrUpdate(dbuser);
ConfigurationDBUtils.delete(dbuser);
+ if (authUser.isAdmin()) {
+ MailHelper.sendUserAccountRevocationMail(dbuser);
+ }
+
+ if (dbuser.getHjid() == authUser.getUserID()) {
+ ConfigurationDBUtils.closeSession();
+ return Constants.STRUTS_REAUTHENTICATE;
+ }
+
} catch (MOADatabaseException e) {
- log.warn("UserData can not be deleted from Database");
+ log.warn("UserData can not be deleted from Database", e);
+ addActionError(e.getMessage());
+ return Constants.STRUTS_SUCCESS;
+
+ } catch (ConfigurationException e) {
+ log.warn("Information mail sending failed.", e);
addActionError(e.getMessage());
return Constants.STRUTS_SUCCESS;
}
@@ -242,39 +441,102 @@ public class UserManagementAction extends ActionSupport
}
ConfigurationDBUtils.closeSession();
+
return Constants.STRUTS_SUCCESS;
}
- private String saveFormToDB() {
+ public String sendVerificationMail () {
+ HttpSession session = request.getSession();
+ if (session == null) {
+ log.info("No http Session found.");
+ return Constants.STRUTS_ERROR;
+ }
- UserDatabase dbuser = ConfigurationDBRead.getUserWithUserName(user.getUsername());
+ String message = LanguageHelper.getErrorString("error.mail.verification");
- if( dbuser == null) {
- dbuser = new UserDatabase();
+ Object authUserObj = session.getAttribute(Constants.SESSION_AUTH);
+ authUser = (AuthenticatedUser) authUserObj;
+
+ if (authUser != null) {
+ UserDatabase dbuser = ConfigurationDBRead.getUserWithID(authUser.getUserID());
+
+ if (dbuser != null) {
+ dbuser.setIsMailAddressVerified(false);
+ dbuser.setUserRequestTokken(Random.nextRandom());
+
+ try {
+ ConfigurationDBUtils.saveOrUpdate(dbuser);
+
+ MailHelper.sendUserMailAddressVerification(dbuser);
+
+ message = LanguageHelper.getErrorString("webpages.edituser.verify.mail.message");
+
+ } catch (ConfigurationException e) {
+ log.warn("Sending of mailaddress verification mail failed.", e);
+ message = LanguageHelper.getErrorString("error.mail.send");
+
+ } catch (MOADatabaseException e) {
+ log.warn("Access UserInformationDatabase failed.", e);
+ }
+ }
}
- dbuser.setBpk(user.getBpk());
- dbuser.setFamilyname(user.getFamilyName());
- dbuser.setGivenname(user.getGivenName());
- dbuser.setInstitut(user.getInstitut());
+ stream = new ByteArrayInputStream(message.getBytes());
+
+ return SUCCESS;
+ }
+
+ private String saveFormToDB(UserDatabase dbuser) {
+
dbuser.setMail(user.getMail());
dbuser.setPhone(user.getPhone());
- dbuser.setUsername(user.getUsername());
- if (authUser.isAdmin()) {
- dbuser.setIsActive(user.isActive());
- dbuser.setIsAdmin(user.isAdmin());
+ if (authUser.isAdmin() || dbuser.isIsUsernamePasswordAllowed()) {
+ dbuser.setIsUsernamePasswordAllowed(user.isIsusernamepasswordallowed());
+
+ if (authUser.isAdmin()) {
+ dbuser.setIsActive(user.isActive());
+ dbuser.setIsAdmin(user.isAdmin());
+
+ }
+ }
+
+ if (dbuser.isIsPVP2Generated() == null || !dbuser.isIsPVP2Generated()) {
+ dbuser.setFamilyname(user.getFamilyName());
+ dbuser.setGivenname(user.getGivenName());
+ dbuser.setInstitut(user.getInstitut());
+
+ if (authUser.isAdmin()) {
+ dbuser.setBpk(user.getBpk());
+ if ( user.getBpk().startsWith(Constants.IDENIFICATIONTYPE_BASEID
+ + "X" + Constants.IDENIFICATIONTYPE_FN) ||
+ user.getBpk().startsWith(Constants.IDENIFICATIONTYPE_BASEID
+ + "X" + Constants.IDENIFICATIONTYPE_ZVR) ||
+ user.getBpk().startsWith(Constants.IDENIFICATIONTYPE_BASEID
+ + "X" + Constants.IDENIFICATIONTYPE_ERSB)) {
+ dbuser.setIsMandateUser(true);
+ }
+ }
+
+ } else {
+ if (!dbuser.isIsMandateUser())
+ dbuser.setInstitut(user.getInstitut());
}
- if (MiscUtil.isNotEmpty(user.getPassword())) {
- String key = AuthenticationHelper.generateKeyFormPassword(user.getPassword());
- if (key == null) {
- return LanguageHelper.getErrorString("errors.edit.user.save");
+ if (dbuser.isIsUsernamePasswordAllowed()) {
+
+ if (MiscUtil.isNotEmpty(user.getUsername()) && MiscUtil.isEmpty(dbuser.getUsername()))
+ dbuser.setUsername(user.getUsername());
+
+ if (MiscUtil.isNotEmpty(user.getPassword())) {
+ String key = AuthenticationHelper.generateKeyFormPassword(user.getPassword());
+ if (key == null) {
+ return LanguageHelper.getErrorString("errors.edit.user.save");
+ }
+ dbuser.setPassword(key);
}
- dbuser.setPassword(key);
}
-
try {
ConfigurationDBUtils.saveOrUpdate(dbuser);
} catch (MOADatabaseException e) {
@@ -284,29 +546,9 @@ public class UserManagementAction extends ActionSupport
return null;
}
-
-// public String createTestUser() throws MOADatabaseException {
-//
-// UserDatabase user = new UserDatabase();
-// user.setBpk("");
-// user.setFamilyname("Max");
-// user.setGivenname("Mustermann");
-// user.setIsActive(true);
-// user.setIsAdmin(false);
-// user.setInstitut("EGIZ");
-// user.setLastLoginItem(new Date());
-// user.setMail("masdf@amfasdf.com");
-// user.setPhone("00660011542");
-// user.setUsername("testuser");
-//
-// ConfigurationDBUtils.save(user);
-//
-// return Constants.STRUTS_SUCCESS;
-// }
-
-
+
public void setServletResponse(HttpServletResponse response) {
- this.response = response;
+// this.response = response;
}
@@ -370,7 +612,33 @@ public class UserManagementAction extends ActionSupport
public boolean isNewUser() {
return newUser;
}
-
-
+
+ /**
+ * @return the nextPage
+ */
+ public String getNextPage() {
+ return nextPage;
+ }
+
+ /**
+ * @return the stream
+ */
+ public InputStream getStream() {
+ return stream;
+ }
+
+ /**
+ * @return the formID
+ */
+ public String getFormID() {
+ return formID;
+ }
+
+ /**
+ * @param formID the formID to set
+ */
+ public void setFormID(String formID) {
+ this.formID = formID;
+ }
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/SAML2Utils.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/SAML2Utils.java
new file mode 100644
index 000000000..fc310900e
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/SAML2Utils.java
@@ -0,0 +1,99 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
+package at.gv.egovernment.moa.id.configuration.utils;
+
+import java.io.IOException;
+import java.util.Iterator;
+import java.util.Map;
+
+import javax.xml.namespace.QName;
+import javax.xml.parsers.DocumentBuilder;
+import javax.xml.parsers.DocumentBuilderFactory;
+import javax.xml.parsers.ParserConfigurationException;
+import javax.xml.transform.TransformerException;
+
+import org.opensaml.Configuration;
+import org.opensaml.xml.XMLObject;
+import org.opensaml.xml.XMLObjectBuilder;
+import org.opensaml.xml.XMLObjectBuilderFactory;
+import org.opensaml.xml.io.Marshaller;
+import org.opensaml.xml.io.MarshallingException;
+
+public class SAML2Utils {
+
+ static {
+ DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
+ factory.setNamespaceAware(true);
+ factory.setValidating(false);
+ try {
+ builder = factory.newDocumentBuilder();
+ } catch (ParserConfigurationException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+ }
+
+ private static DocumentBuilder builder;
+
+ public static <T> T createSAMLObject(final Class<T> clazz) {
+ try {
+
+ XMLObjectBuilderFactory builderFactory = Configuration
+ .getBuilderFactory();
+
+ QName defaultElementName = (QName) clazz.getDeclaredField(
+ "DEFAULT_ELEMENT_NAME").get(null);
+ Map<QName, XMLObjectBuilder> builder = builderFactory.getBuilders();
+ Iterator<QName> it = builder.keySet().iterator();
+
+ while (it.hasNext()) {
+ QName qname = it.next();
+ if (qname.equals(defaultElementName)) {
+ System.out.printf("Builder for: %s\n", qname.toString());
+ }
+ }
+ XMLObjectBuilder xmlBuilder = builderFactory
+ .getBuilder(defaultElementName);
+
+ T object = (T) xmlBuilder.buildObject(defaultElementName);
+ return object;
+ } catch (Throwable e) {
+ System.out.printf("Failed to create object for: %s\n",
+ clazz.toString());
+ e.printStackTrace();
+ return null;
+ }
+ }
+
+ public static org.w3c.dom.Document asDOMDocument(XMLObject object) throws IOException,
+ MarshallingException, TransformerException {
+ org.w3c.dom.Document document = builder.newDocument();
+ Marshaller out = Configuration.getMarshallerFactory().getMarshaller(
+ object);
+ out.marshall(object, document);
+ return document;
+ }
+
+
+
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/UserRequestCleaner.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/UserRequestCleaner.java
new file mode 100644
index 000000000..9ec8db858
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/UserRequestCleaner.java
@@ -0,0 +1,93 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
+package at.gv.egovernment.moa.id.configuration.utils;
+
+import java.util.Calendar;
+import java.util.Date;
+import java.util.List;
+
+import org.apache.log4j.Logger;
+
+import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead;
+import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
+import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase;
+import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider;
+import at.gv.egovernment.moa.id.configuration.exception.ConfigurationException;
+import at.gv.egovernment.moa.id.configuration.helper.DateTimeHelper;
+
+
+public class UserRequestCleaner implements Runnable {
+
+ private static final Logger log = Logger.getLogger(UserRequestCleaner.class);
+
+ private static final long SESSION_CLEANUP_INTERVAL = 60 * 60; // 60 min
+
+ public void run() {
+ while (true) {
+ try {
+ ConfigurationProvider config = ConfigurationProvider.getInstance();
+
+ List<UserDatabase> userrequests = ConfigurationDBRead.getAllOpenUsersRequests();
+ if (userrequests != null) {
+ Calendar cal = Calendar.getInstance();
+ cal.add(Calendar.HOUR, config.getUserRequestCleanUpDelay()*-1);
+ Date cleanupdate = cal.getTime();
+
+ for(UserDatabase dbuser : userrequests) {
+ Date requestdate = DateTimeHelper.parseDateTime(dbuser.getLastLogin());
+
+ if (requestdate != null && requestdate.after(cleanupdate)) {
+ log.info("Remove UserRequest from Database");
+ ConfigurationDBUtils.delete(dbuser);
+ }
+
+ }
+ }
+
+ Thread.sleep(SESSION_CLEANUP_INTERVAL * 1000);
+
+ } catch (ConfigurationException e) {
+ log.info("UserRequestCleaner can not load configuration", e);
+
+ } catch (InterruptedException e) {
+
+ } finally {
+ ConfigurationDBUtils.closeSession();
+
+ }
+ }
+ }
+
+ /**
+ * start the sessionCleaner
+ */
+ public static void start() {
+ // start the session cleanup thread
+ Thread sessionCleaner = new Thread(new UserRequestCleaner());
+ sessionCleaner.setName("UserRequestCleaner");
+ sessionCleaner.setDaemon(true);
+ sessionCleaner.setPriority(Thread.MIN_PRIORITY);
+ sessionCleaner.start();
+ }
+
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/CompanyNumberValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/CompanyNumberValidator.java
index 820aa7c57..b96b1e4b0 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/CompanyNumberValidator.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/CompanyNumberValidator.java
@@ -1,18 +1,40 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.validation;
import org.apache.commons.lang.StringUtils;
+import at.gv.egovernment.moa.id.configuration.Constants;
+
public class CompanyNumberValidator implements IdentificationNumberValidator {
public boolean validate(String commercialRegisterNumber) {
String normalizedNumber = commercialRegisterNumber.replaceAll(" ", "");
- if(normalizedNumber.startsWith("FN")) {
+ if(normalizedNumber.startsWith(Constants.IDENIFICATIONTYPE_FN))
normalizedNumber = normalizedNumber.substring(2);
- return checkCommercialRegisterNumber(normalizedNumber);
-
- } else
- return true;
+
+ return checkCommercialRegisterNumber(normalizedNumber);
}
private boolean checkCommercialRegisterNumber(String commercialRegisterNumber) {
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/FormularCustomizationValitator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/FormularCustomizationValitator.java
new file mode 100644
index 000000000..6a1eddb14
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/FormularCustomizationValitator.java
@@ -0,0 +1,154 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
+package at.gv.egovernment.moa.id.configuration.validation;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import org.apache.log4j.Logger;
+
+import at.gv.egovernment.moa.id.configuration.data.FormularCustomization;
+import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+public class FormularCustomizationValitator {
+
+ private static final Logger log = Logger.getLogger(FormularCustomizationValitator.class);
+
+ public List<String> validate(FormularCustomization form) {
+
+ List<String> errors = new ArrayList<String>();
+ String check;
+
+ if (form.isOnlyMandateAllowed() && !form.isShowMandateLoginButton()) {
+ log.warn("OnlyMandateAllowed in combination with hidden MandateLoginCheckbox is not possible.");
+ errors.add(LanguageHelper.getErrorString("validation.general.bkuselection.specialfeatures.combination"));
+ }
+
+ check = form.getBackGroundColor();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!check.startsWith("#"))
+ check = "#" + check;
+
+ if (!ValidationHelper.isValidHexValue(check)) {
+ log.warn("BKUSelectionBackGroundColor is not a valid hex value " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.form.color.background"));
+ }
+ }
+
+ check = form.getFrontColor();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!check.startsWith("#"))
+ check = "#" + check;
+
+ if (!ValidationHelper.isValidHexValue(check)) {
+ log.warn("BKUSelectionFrontColor is not a valid hex value " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.form.color.front"));
+ }
+ }
+
+ check = form.getHeader_BackGroundColor();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!check.startsWith("#"))
+ check = "#" + check;
+
+ if (!ValidationHelper.isValidHexValue(check)) {
+ log.warn("HeaderBackGroundColor is not a valid hex value " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.form.header.color.back"));
+ }
+ }
+
+ check = form.getHeader_FrontColor();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!check.startsWith("#"))
+ check = "#" + check;
+
+ if (!ValidationHelper.isValidHexValue(check)) {
+ log.warn("HeaderFrontColor is not a valid hex value " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.form.header.color.front"));
+ }
+ }
+
+ check = form.getHeader_text();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ log.warn("HeaderText contains potentail XSS characters: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.form.header.text",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+ }
+ }
+
+ check = form.getButton_BackGroundColor();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!check.startsWith("#"))
+ check = "#" + check;
+
+ if (!ValidationHelper.isValidHexValue(check)) {
+ log.warn("ButtonBackGroundColor is not a valid hex value " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.form.button.color.back"));
+ }
+ }
+
+ check = form.getButton_BackGroundColorFocus();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!check.startsWith("#"))
+ check = "#" + check;
+
+ if (!ValidationHelper.isValidHexValue(check)) {
+ log.warn("ButtonBackGroundColorFocus is not a valid hex value " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.form.button.color.back.focus"));
+ }
+ }
+
+ check = form.getButton_FrontColor();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!check.startsWith("#"))
+ check = "#" + check;
+
+ if (!ValidationHelper.isValidHexValue(check)) {
+ log.warn("ButtonFrontColor is not a valid hex value " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.form.button.color.front"));
+ }
+ }
+
+ check = form.getAppletRedirectTarget();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!FormularCustomization.appletRedirectTargetList.contains(check)) {
+ log.warn("AppletRedirectTarget has not valid value " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.form.appletredirecttarget"));
+ }
+ }
+
+ check = form.getFontType();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, true)) {
+ log.warn("FontType contains potentail XSS characters: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.form.fonttype",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(true)} ));
+ }
+ }
+
+ return errors;
+
+ }
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/IdentificationNumberValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/IdentificationNumberValidator.java
index 19a5bb805..d66c0da3a 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/IdentificationNumberValidator.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/IdentificationNumberValidator.java
@@ -1,3 +1,25 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.validation;
public interface IdentificationNumberValidator {
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/TargetValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/TargetValidator.java
new file mode 100644
index 000000000..6d7032f9d
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/TargetValidator.java
@@ -0,0 +1,104 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
+package at.gv.egovernment.moa.id.configuration.validation;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+import at.gv.egovernment.moa.util.MiscUtil;
+
+
+public class TargetValidator {
+
+ private static Map<String, String> targetList = null;
+
+ static {
+ targetList = new HashMap<String, String>();
+ targetList.put("AR", "Arbeit");
+ targetList.put("AS", "Amtliche Statistik");
+ targetList.put("BF", "Bildung und Forschung");
+ targetList.put("BW", "Bauen und Wohnen");
+ targetList.put("EA", "EU und Auswärtige Angelegenheiten");
+ targetList.put("EF", "Ein- und Ausfuhr");
+ targetList.put("GH", "Gesundheit");
+ targetList.put("GS", "Gesellschaft und Soziales");
+// targetList.put("GS-RE", "Restitution");
+ targetList.put("JR", "Justiz/Zivilrechtswesen");
+ targetList.put("KL", "Kultus");
+ targetList.put("KU", "Kunst und Kultur");
+ targetList.put("LF", "Land- und Forstwirtschaft");
+ targetList.put("LV", "Landesverteidigung");
+ targetList.put("RT", "Rundfunk und sonstige Medien sowie Telekommunikation");
+ targetList.put("SA", "Steuern und Abgaben");
+ targetList.put("SA", "Sport und Freizeit");
+ targetList.put("SO", "Sicherheit und Ordnung");
+// targetList.put("SO-VR", "Vereinsregister");
+// targetList.put("SR-RG", "Strafregister");
+ targetList.put("SV", "Sozialversicherung");
+ targetList.put("UW", "Umwelt");
+ targetList.put("VT", "Verkehr und Technik");
+ targetList.put("VV", "Vermögensverwaltung");
+ targetList.put("WT", "Wirtschaft");
+ targetList.put("ZP", "Personenidentität und Bürgerrechte(zur Person)");
+ targetList.put("BR", "Bereichsübergreifender Rechtsschutz");
+ targetList.put("HR", "Zentrales Rechnungswesen");
+ targetList.put("KI", "Auftraggeberinterne allgemeine Kanzleiindizes");
+ targetList.put("OI", "Öffentlichkeitsarbeit");
+ targetList.put("PV", "Personalverwaltung");
+ targetList.put("RD", "Zentraler Rechtsdienst");
+ targetList.put("VS", "Zentrale Durchführung von Verwaltungsstrafverfahren");
+// targetList.put("VS-RG", "Zentrales Verwaltungsstrafregister");
+ targetList.put("ZU", "Zustellungen");
+ }
+
+ public static List<String> getListOfTargets() {
+ Map<String, String> list = new HashMap<String, String>();
+ list.put("", "");
+ list.putAll(targetList);
+
+ List<String> sortedList = new ArrayList<String>();
+ sortedList.addAll(list.keySet());
+ Collections.sort(sortedList);
+
+ return sortedList;
+
+ }
+
+ public static String getTargetFriendlyName(String target) {
+ String name = targetList.get(target);
+
+ if (MiscUtil.isNotEmpty(name))
+ return name;
+ else
+ return null;
+ }
+
+ public static boolean isValidTarget(String target) {
+ return targetList.containsKey(target);
+ }
+
+
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/UserDatabaseFormValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/UserDatabaseFormValidator.java
index 276b0b4c8..a837ee855 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/UserDatabaseFormValidator.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/UserDatabaseFormValidator.java
@@ -1,3 +1,25 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.validation;
import java.util.ArrayList;
@@ -16,44 +38,50 @@ public class UserDatabaseFormValidator {
private static final Logger log = Logger.getLogger(UserDatabaseFormValidator.class);
- public List<String> validate(UserDatabaseFrom form, long userID) {
+ public List<String> validate(UserDatabaseFrom form, long userID, boolean isPVP2Generated, boolean isMandateUser) {
List<String> errors = new ArrayList<String>();
-
- String check = form.getGivenName();
- if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
- log.warn("GivenName contains potentail XSS characters: " + check);
- errors.add(LanguageHelper.getErrorString("validation.edituser.givenname.valid",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
- }
- } else {
- log.warn("GivenName is empty");
- errors.add(LanguageHelper.getErrorString("validation.edituser.givenname.empty"));
- }
+ String check = null;
- check = form.getFamilyName();
- if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
- log.warn("FamilyName contains potentail XSS characters: " + check);
- errors.add(LanguageHelper.getErrorString("validation.edituser.familyname.valid",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+ if (!isPVP2Generated) {
+ check = form.getGivenName();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ log.warn("GivenName contains potentail XSS characters: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.edituser.givenname.valid",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+ }
+ } else {
+ log.warn("GivenName is empty");
+ errors.add(LanguageHelper.getErrorString("validation.edituser.givenname.empty"));
+ }
+
+
+ check = form.getFamilyName();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ log.warn("FamilyName contains potentail XSS characters: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.edituser.familyname.valid",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+ }
+ } else {
+ log.warn("FamilyName is empty");
+ errors.add(LanguageHelper.getErrorString("validation.edituser.familyname.empty"));
}
- } else {
- log.warn("FamilyName is empty");
- errors.add(LanguageHelper.getErrorString("validation.edituser.familyname.empty"));
}
-
- check = form.getInstitut();
- if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
- log.warn("Organisation contains potentail XSS characters: " + check);
- errors.add(LanguageHelper.getErrorString("validation.edituser.institut.valid",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+
+ if (!isMandateUser) {
+ check = form.getInstitut();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ log.warn("Organisation contains potentail XSS characters: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.edituser.institut.valid",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+ }
+ } else {
+ log.warn("Organisation is empty");
+ errors.add(LanguageHelper.getErrorString("validation.edituser.institut.empty"));
}
- } else {
- log.warn("Organisation is empty");
- errors.add(LanguageHelper.getErrorString("validation.edituser.institut.empty"));
}
check = form.getMail();
@@ -80,67 +108,67 @@ public class UserDatabaseFormValidator {
errors.add(LanguageHelper.getErrorString("validation.edituser.phone.empty"));
}
- check = form.getUsername();
- if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
- log.warn("Username contains potentail XSS characters: " + check);
- errors.add(LanguageHelper.getErrorString("validation.edituser.username.valid",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
-
- } else {
- UserDatabase dbuser = ConfigurationDBRead.getUserWithUserName(check);
- if (dbuser != null && userID != dbuser.getHjid()) {
- log.warn("Username " + check + " exists in UserDatabase");
- errors.add(LanguageHelper.getErrorString("validation.edituser.username.duplicate"));
- form.setUsername("");
- }
- }
- } else {
- if (userID == -1) {
- log.warn("Username is empty");
- errors.add(LanguageHelper.getErrorString("validation.edituser.username.empty"));
+ if (form.isIsusernamepasswordallowed()) {
+ check = form.getUsername();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ log.warn("Username contains potentail XSS characters: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.edituser.username.valid",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+
+ } else {
+ UserDatabase dbuser = ConfigurationDBRead.getUserWithUserName(check);
+ if (dbuser != null && userID != dbuser.getHjid()) {
+ log.warn("Username " + check + " exists in UserDatabase");
+ errors.add(LanguageHelper.getErrorString("validation.edituser.username.duplicate"));
+ form.setUsername("");
+ }
+ }
} else {
- UserDatabase dbuser = ConfigurationDBRead.getUserWithID(userID);
- if (dbuser == null) {
+ if (userID == -1) {
log.warn("Username is empty");
errors.add(LanguageHelper.getErrorString("validation.edituser.username.empty"));
} else {
- form.setUsername(dbuser.getUsername());
+ UserDatabase dbuser = ConfigurationDBRead.getUserWithID(userID);
+ if (dbuser == null) {
+ log.warn("Username is empty");
+ errors.add(LanguageHelper.getErrorString("validation.edituser.username.empty"));
+ } else {
+ form.setUsername(dbuser.getUsername());
+ }
}
}
- }
-
- check = form.getPassword();
- if (MiscUtil.isEmpty(check)) {
- if (userID == -1) {
- log.warn("Password is empty");
- errors.add(LanguageHelper.getErrorString("validation.edituser.password.empty"));
- } else {
- UserDatabase dbuser = ConfigurationDBRead.getUserWithID(userID);
- if (dbuser == null || MiscUtil.isEmpty(dbuser.getPassword())) {
+ check = form.getPassword();
+
+ if (MiscUtil.isEmpty(check)) {
+ if (userID == -1) {
log.warn("Password is empty");
errors.add(LanguageHelper.getErrorString("validation.edituser.password.empty"));
- }
- }
-
- } else {
-
- if (check.equals(form.getPassword_second())) {
-
- String key = AuthenticationHelper.generateKeyFormPassword(check);
- if (key == null) {
- errors.add(LanguageHelper.getErrorString("validation.edituser.password.valid"));
+ } else {
+ UserDatabase dbuser = ConfigurationDBRead.getUserWithID(userID);
+ if (dbuser == null || MiscUtil.isEmpty(dbuser.getPassword())) {
+ log.warn("Password is empty");
+ errors.add(LanguageHelper.getErrorString("validation.edituser.password.empty"));
+ }
}
- }
- else {
- errors.add(LanguageHelper.getErrorString("validation.edituser.password.equal"));
+ } else {
+
+ if (check.equals(form.getPassword_second())) {
+
+ String key = AuthenticationHelper.generateKeyFormPassword(check);
+ if (key == null) {
+ errors.add(LanguageHelper.getErrorString("validation.edituser.password.valid"));
+ }
+
+ }
+ else {
+ errors.add(LanguageHelper.getErrorString("validation.edituser.password.equal"));
+ }
}
}
-
-
-
+
check = form.getBpk();
if (MiscUtil.isNotEmpty(check)) {
if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/ValidationHelper.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/ValidationHelper.java
index aeac75e44..46d9f4db8 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/ValidationHelper.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/ValidationHelper.java
@@ -1,18 +1,140 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.validation;
+import iaik.asn1.ObjectID;
+import iaik.utils.Util;
+import iaik.x509.X509Certificate;
+import iaik.x509.X509ExtensionInitException;
+
+import java.io.IOException;
import java.net.MalformedURLException;
import java.net.URL;
+import java.net.UnknownHostException;
+import java.security.cert.Certificate;
+import java.security.cert.CertificateEncodingException;
+import java.security.cert.CertificateException;
import java.text.ParseException;
import java.text.SimpleDateFormat;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
+import javax.net.ssl.HttpsURLConnection;
+import javax.net.ssl.SSLSession;
+import javax.net.ssl.SSLSocket;
+import javax.net.ssl.SSLSocketFactory;
+
import org.apache.log4j.Logger;
public class ValidationHelper {
private static final Logger log = Logger.getLogger(ValidationHelper.class);
+ private static final String TEMPLATE_DATEFORMAT = "dd.MM.yyyy";
+
+
+ public static boolean isPublicServiceAllowed(String identifier) {
+
+ SSLSocket socket = null;
+
+ try {
+ URL url = new URL(identifier);
+ String host = url.getHost();
+
+ if (host.endsWith("/"))
+ host = host.substring(0, host.length()-1);
+
+ if (url.getHost().endsWith(at.gv.egovernment.moa.id.configuration.Constants.PUBLICSERVICE_URL_POSTFIX)) {
+ log.debug("PublicURLPrefix with .gv.at Domain found.");
+ return true;
+
+ } else {
+ SSLSocketFactory factory = HttpsURLConnection.getDefaultSSLSocketFactory();
+ socket = (SSLSocket) factory.createSocket(url.getHost(), url.getPort());
+ socket.startHandshake();
+
+ SSLSession session = socket.getSession();
+ Certificate[] servercerts = session.getPeerCertificates();
+ X509Certificate[] iaikChain = new X509Certificate[servercerts.length];
+ for (int i=0; i<servercerts.length; i++) {
+ iaikChain[i] = new X509Certificate(servercerts[i].getEncoded());
+ }
+
+
+ X509Certificate cert = Util.arrangeCertificateChain(iaikChain, false)[0];
+
+ if (cert != null) {
+ ObjectID vwOID = new ObjectID("1.2.40.0.10.1.1.1"); // Verwaltungseigenschaft
+ ObjectID dOID = new ObjectID("1.2.40.0.10.1.1.2"); // Dienstleistereigenschaft
+
+
+ if ((cert.getExtension(vwOID) == null) && (cert.getExtension(dOID) == null)) {
+ return false;
+
+ } else {
+ log.info("Found correct X509 Extension in server certificate. PublicService is allowed");
+ return true;
+ }
+ }
+
+ return false;
+ }
+
+ } catch (MalformedURLException e) {
+ log.warn("PublicURLPrefix can not parsed to URL", e);
+ return false;
+
+ } catch (UnknownHostException e) {
+ log.warn("Can not connect to PublicURLPrefix Server", e);
+ return false;
+
+ } catch (IOException e) {
+ log.warn("Can not connect to PublicURLPrefix Server", e);
+ return false;
+
+ } catch (CertificateEncodingException e) {
+ log.warn("Can not parse X509 server certificate", e);
+ return false;
+
+ } catch (CertificateException e) {
+ log.warn("Can not read X509 server certificate", e);
+ return false;
+
+ } catch (X509ExtensionInitException e) {
+ log.warn("Can not read X509 server certificate extension", e);
+ return false;
+ }
+
+ finally {
+ if (socket != null)
+ try {
+ socket.close();
+ } catch (IOException e) {
+ log.warn("SSL Socket can not be closed.", e);
+ }
+ }
+ }
+
public static boolean validateOAID(String oaIDObj) {
if (oaIDObj != null) {
try {
@@ -34,7 +156,7 @@ public class ValidationHelper {
log.debug("Validate Number " + value);
try {
- float num = Float.valueOf(value);
+ Float.valueOf(value);
return true;
@@ -52,7 +174,7 @@ public class ValidationHelper {
if (urlString.startsWith("http") || urlString.startsWith("https")) {
try {
- URL url =new URL(urlString);
+ new URL(urlString);
return true;
} catch (MalformedURLException e) {
@@ -62,7 +184,7 @@ public class ValidationHelper {
return false;
}
- public static boolean isValidTarget(String target) {
+ public static boolean isValidAdminTarget(String target) {
log.debug("Ueberpruefe Parameter Target");
@@ -76,10 +198,24 @@ public class ValidationHelper {
else {
log.error("Fehler Ueberpruefung Parameter Target. Target entspricht nicht den Kriterien (nur Zeichen a-z, A-Z und -, sowie 1-5 Zeichen lang)");
return false;
- }
-
+ }
}
+ public static boolean isValidTarget(String target) {
+
+ log.debug("Ueberpruefe Parameter Target");
+
+ if (TargetValidator.isValidTarget(target)) {
+ log.debug("Parameter Target erfolgreich ueberprueft");
+ return true;
+ }
+ else {
+ log.error("Fehler Ueberpruefung Parameter Target. Target entspricht nicht den Kriterien (nur Zeichen a-z, A-Z und -, sowie 1-5 Zeichen lang)");
+ return false;
+ }
+
+ }
+
public static boolean isValidSourceID(String sourceID) {
log.debug("Ueberpruefe Parameter sourceID");
@@ -98,7 +234,10 @@ public class ValidationHelper {
}
public static boolean isDateFormat(String dateString) {
- SimpleDateFormat sdf = new SimpleDateFormat("dd.MM.yyyy");
+ if (dateString.length() > TEMPLATE_DATEFORMAT.length())
+ return false;
+
+ SimpleDateFormat sdf = new SimpleDateFormat(TEMPLATE_DATEFORMAT);
try {
sdf.parse(dateString);
return true;
@@ -182,4 +321,20 @@ public class ValidationHelper {
return "; % \" ' ` < >";
}
+
+ public static boolean isValidHexValue(String param) {
+
+ try {
+ if (param.startsWith("#") && param.length() <= 7) {
+ Long.decode(param);
+ return true;
+ }
+
+ } catch (Exception e) {
+
+ }
+ return false;
+
+ }
+
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java
index f51095cac..1ea51652a 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java
@@ -1,3 +1,25 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.validation.moaconfig;
import java.io.File;
@@ -292,7 +314,7 @@ public class MOAConfigValidator {
errors.add(LanguageHelper.getErrorString("validation.general.sso.target.empty"));
} else {
- if (!ValidationHelper.isValidTarget(check)) {
+ if (!ValidationHelper.isValidAdminTarget(check)) {
log.info("Not valid SSO Target");
errors.add(LanguageHelper.getErrorString("validation.general.sso.target.valid"));
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/PVP2ContactValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/PVP2ContactValidator.java
index 6ab4f5292..f8ccebc09 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/PVP2ContactValidator.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/PVP2ContactValidator.java
@@ -1,3 +1,25 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.validation.moaconfig;
import java.util.ArrayList;
@@ -6,7 +28,6 @@ import java.util.List;
import org.apache.log4j.Logger;
-import at.gv.egovernment.moa.id.commons.db.dao.config.Contact;
import at.gv.egovernment.moa.id.configuration.data.pvp2.ContactForm;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper;
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAGeneralConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAGeneralConfigValidation.java
index fa992674e..9c950fb66 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAGeneralConfigValidation.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAGeneralConfigValidation.java
@@ -1,3 +1,25 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.validation.oa;
import java.util.ArrayList;
@@ -6,7 +28,7 @@ import java.util.Map;
import org.apache.log4j.Logger;
-import at.gv.egovernment.moa.id.commons.db.dao.config.MOAKeyBoxSelector;
+import at.gv.egovernment.moa.id.configuration.Constants;
import at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
import at.gv.egovernment.moa.id.configuration.validation.CompanyNumberValidator;
@@ -20,51 +42,56 @@ public class OAGeneralConfigValidation {
public List<String> validate(OAGeneralConfig form, boolean isAdmin) {
List<String> errors = new ArrayList<String>();
+ String check;
- //validate aditionalAuthBlockText
- String check = form.getAditionalAuthBlockText();
- if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
- log.warn("AditionalAuthBlockText contains potentail XSS characters: " + check);
- errors.add(LanguageHelper.getErrorString("validation.general.aditionalauthblocktext",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+ if (isAdmin) {
+ //validate aditionalAuthBlockText
+ check = form.getAditionalAuthBlockText();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ log.warn("AditionalAuthBlockText contains potentail XSS characters: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.aditionalauthblocktext",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+ }
}
}
//Check BKU URLs
- check =form.getBkuHandyURL();
- if (MiscUtil.isEmpty(check)) {
- log.info("Empty Handy-BKU URL");
- errors.add(LanguageHelper.getErrorString("validation.general.bku.handy.empty"));
-
- } else {
- if (!ValidationHelper.validateURL(check)) {
- log.info("Not valid Handy-BKU URL");
- errors.add(LanguageHelper.getErrorString("validation.general.bku.handy.valid"));
+ if (isAdmin) {
+ check =form.getBkuHandyURL();
+ if (MiscUtil.isNotEmpty(check)) {
+// log.info("Empty Handy-BKU URL");
+// errors.add(LanguageHelper.getErrorString("validation.general.bku.handy.empty"));
+//
+// } else {
+ if (!ValidationHelper.validateURL(check)) {
+ log.info("Not valid Handy-BKU URL");
+ errors.add(LanguageHelper.getErrorString("validation.general.bku.handy.valid"));
+ }
}
- }
-
- check =form.getBkuLocalURL();
- if (MiscUtil.isEmpty(check)) {
- log.info("Empty Local-BKU URL");
- errors.add(LanguageHelper.getErrorString("validation.general.bku.local.empty"));
- } else {
- if (!ValidationHelper.validateURL(check)) {
- log.info("Not valid Online-BKU URL");
- errors.add(LanguageHelper.getErrorString("validation.general.bku.local.valid"));
+ check =form.getBkuLocalURL();
+ if (MiscUtil.isNotEmpty(check)) {
+// log.info("Empty Local-BKU URL");
+// errors.add(LanguageHelper.getErrorString("validation.general.bku.local.empty"));
+//
+// } else {
+ if (!ValidationHelper.validateURL(check)) {
+ log.info("Not valid Online-BKU URL");
+ errors.add(LanguageHelper.getErrorString("validation.general.bku.local.valid"));
+ }
}
- }
-
- check =form.getBkuOnlineURL();
- if (MiscUtil.isEmpty(check)) {
- log.info("Empty Online-BKU URL");
- errors.add(LanguageHelper.getErrorString("validation.general.bku.online.empty"));
- } else {
- if (!ValidationHelper.validateURL(check)) {
- log.info("Not valid Online-BKU URL");
- errors.add(LanguageHelper.getErrorString("validation.general.bku.online.valid"));
+ check =form.getBkuOnlineURL();
+ if (MiscUtil.isNotEmpty(check)) {
+// log.info("Empty Online-BKU URL");
+// errors.add(LanguageHelper.getErrorString("validation.general.bku.online.empty"));
+//
+// } else {
+ if (!ValidationHelper.validateURL(check)) {
+ log.info("Not valid Online-BKU URL");
+ errors.add(LanguageHelper.getErrorString("validation.general.bku.online.valid"));
+ }
}
}
@@ -78,52 +105,60 @@ public class OAGeneralConfigValidation {
}
}
- //check KeyBoxIdentifier
- check = form.getKeyBoxIdentifier();
- if (MiscUtil.isEmpty(check)) {
- log.info("Empty KeyBoxIdentifier");
- errors.add(LanguageHelper.getErrorString("validation.general.keyboxidentifier.empty"));
- } else {
- Map<String, String> list = form.getKeyBoxIdentifierList();
- if (!list.containsKey(check)) {
- log.info("Not valid KeyBoxIdentifier " + check);
- errors.add(LanguageHelper.getErrorString("validation.general.keyboxidentifier.valid"));
- }
- }
-
- //check LegacyMode SLTemplates
- if (form.isLegacy()) {
- if (MiscUtil.isEmpty(form.getSLTemplateURL1()) &&
- MiscUtil.isEmpty(form.getSLTemplateURL2()) &&
- MiscUtil.isEmpty(form.getSLTemplateURL3()) ) {
- log.info("Empty OA-specific SecurityLayer Templates");
- errors.add(LanguageHelper.getErrorString("validation.general.sltemplates.empty"));
-
+ if (isAdmin) {
+ //check KeyBoxIdentifier
+ check = form.getKeyBoxIdentifier();
+ if (MiscUtil.isEmpty(check)) {
+ log.info("Empty KeyBoxIdentifier");
+ errors.add(LanguageHelper.getErrorString("validation.general.keyboxidentifier.empty"));
} else {
- check = form.getSLTemplateURL1();
- if (MiscUtil.isNotEmpty(check) &&
- !ValidationHelper.validateURL(check) ) {
- log.info("First OA-specific SecurityLayer Templates is not valid");
- errors.add(LanguageHelper.getErrorString("validation.general.sltemplate1.valid"));
- }
- check = form.getSLTemplateURL2();
- if (MiscUtil.isNotEmpty(check) &&
- !ValidationHelper.validateURL(check) ) {
- log.info("Second OA-specific SecurityLayer Templates is not valid");
- errors.add(LanguageHelper.getErrorString("validation.general.sltemplate2.valid"));
+ Map<String, String> list = form.getKeyBoxIdentifierList();
+ if (!list.containsKey(check)) {
+ log.info("Not valid KeyBoxIdentifier " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.keyboxidentifier.valid"));
}
- check = form.getSLTemplateURL3();
- if (MiscUtil.isNotEmpty(check) &&
- !ValidationHelper.validateURL(check) ) {
- log.info("Third OA-specific SecurityLayer Templates is not valid");
- errors.add(LanguageHelper.getErrorString("validation.general.sltemplate3.valid"));
- }
- }
+ }
+
+ //check LegacyMode SLTemplates
+ if (form.isLegacy()) {
+ if (MiscUtil.isEmpty(form.getSLTemplateURL1()) &&
+ MiscUtil.isEmpty(form.getSLTemplateURL2()) &&
+ MiscUtil.isEmpty(form.getSLTemplateURL3()) ) {
+ log.info("Empty OA-specific SecurityLayer Templates");
+ errors.add(LanguageHelper.getErrorString("validation.general.sltemplates.empty"));
+
+ } else {
+ check = form.getSLTemplateURL1();
+ if (MiscUtil.isNotEmpty(check) &&
+ !ValidationHelper.validateURL(check) ) {
+ log.info("First OA-specific SecurityLayer Templates is not valid");
+ errors.add(LanguageHelper.getErrorString("validation.general.sltemplate1.valid"));
+ }
+ check = form.getSLTemplateURL2();
+ if (MiscUtil.isNotEmpty(check) &&
+ !ValidationHelper.validateURL(check) ) {
+ log.info("Second OA-specific SecurityLayer Templates is not valid");
+ errors.add(LanguageHelper.getErrorString("validation.general.sltemplate2.valid"));
+ }
+ check = form.getSLTemplateURL3();
+ if (MiscUtil.isNotEmpty(check) &&
+ !ValidationHelper.validateURL(check) ) {
+ log.info("Third OA-specific SecurityLayer Templates is not valid");
+ errors.add(LanguageHelper.getErrorString("validation.general.sltemplate3.valid"));
+ }
+ }
+ }
}
//check Mandate Profiles
check = form.getMandateProfiles();
if (MiscUtil.isNotEmpty(check)) {
+
+ if (!form.isUseMandates()) {
+ log.info("MandateProfiles configured but useMandates is false.");
+ errors.add(LanguageHelper.getErrorString("validation.general.mandate.usemandate"));
+ }
+
if (ValidationHelper.containsPotentialCSSCharacter(check, true)) {
log.warn("MandateProfiles contains potentail XSS characters: " + check);
errors.add(LanguageHelper.getErrorString("validation.general.mandate.profiles",
@@ -131,22 +166,19 @@ public class OAGeneralConfigValidation {
}
}
- //check SL Version
- check = form.getSlVersion();
- if (MiscUtil.isEmpty(check)) {
- log.info("Empty SLVersion. Set SLVersion to 1.2");
- form.setSlVersion("1.2");
-
- } else {
- if (!ValidationHelper.validateNumber(check)) {
- log.info("Not valid SLVersion");
- errors.add(LanguageHelper.getErrorString("validation.general.slversion"));
- }
- }
-
+
+
boolean businessservice = form.isBusinessService();
if (businessservice) {
+
+ //check identification type
+ check = form.getIdentificationType();
+ if (!form.getIdentificationTypeList().contains(check)) {
+ log.info("IdentificationType is not known.");
+ errors.add(LanguageHelper.getErrorString("validation.general.identificationtype.valid"));
+ }
+
//check identification number
check = form.getIdentificationNumber();
if (MiscUtil.isEmpty(check)) {
@@ -160,49 +192,85 @@ public class OAGeneralConfigValidation {
new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
}
- if (check.startsWith("FN")) {
+ if (form.getIdentificationType().equals(Constants.IDENIFICATIONTYPE_FN)) {
CompanyNumberValidator val = new CompanyNumberValidator();
- if (val.validate(check)) {
+ if (!val.validate(check)) {
log.info("Not valid CompanyNumber");
errors.add(LanguageHelper.getErrorString("validation.general.identificationnumber.fn.valid"));
}
}
}
-
- try {
- float slversion = Float.valueOf(form.getSlVersion());
- if (slversion < 1.2) {
- log.info("BusinessService Applications requires SLVersion >= 1.2");
- errors.add(LanguageHelper.getErrorString("validation.general.slversion.business"));
- form.setSlVersion("1.2");
- }
-
- } catch (NumberFormatException e) {
- }
-
+
} else {
- //check targetFrindlyName();
- check = form.getTargetFriendlyName();
+
+ check = form.getTarget_subsector();
if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
- log.warn("TargetFriendlyName contains potentail XSS characters: " + check);
- errors.add(LanguageHelper.getErrorString("validation.general.targetfriendlyname",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+ if (!ValidationHelper.isValidAdminTarget(check)) {
+ log.info("Not valid Target-Subsector");
+ errors.add(LanguageHelper.getErrorString("validation.general.target.subsector.valid"));
}
}
- //check Target
- check = form.getTarget();
- if (MiscUtil.isEmpty(check)) {
- log.info("Empty Target");
- errors.add(LanguageHelper.getErrorString("validation.general.target.empty"));
+
+ if (!isAdmin) {
+ //check PublicURL Prefix allows PublicService
+ if (!ValidationHelper.isPublicServiceAllowed(form.getIdentifier())) {
+ log.warn("PublicURLPrefix does not allow PublicService: " + form.getIdentifier());
+ errors.add(LanguageHelper.getErrorString("validation.general.target.publicserviceurl",
+ new Object[] {form.getIdentifier()} ));
+ form.setBusinessService(true);
+ return errors;
+
+ }
+
+ //check Target
+ check = form.getTarget();
+ if (MiscUtil.isEmpty(check)) {
+ log.info("Empty Target");
+ errors.add(LanguageHelper.getErrorString("validation.general.target.empty"));
+
+ } else {
+ if (!ValidationHelper.isValidTarget(check)) {
+ log.info("Not valid Target");
+ errors.add(LanguageHelper.getErrorString("validation.general.target.valid"));
+ }
+ }
} else {
- if (!ValidationHelper.isValidTarget(check)) {
- log.info("Not valid Target");
- errors.add(LanguageHelper.getErrorString("validation.general.target.valid"));
+
+ //check targetFrindlyName();
+ check = form.getTargetFriendlyName();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ log.warn("TargetFriendlyName contains potentail XSS characters: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.targetfriendlyname",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+ }
}
- }
+
+ if (MiscUtil.isEmpty(form.getTarget()) && MiscUtil.isEmpty(form.getTarget_admin())) {
+ log.info("Empty Target");
+ errors.add(LanguageHelper.getErrorString("validation.general.target.empty"));
+ }
+
+ //check Target
+ check = form.getTarget();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!ValidationHelper.isValidTarget(check)) {
+ log.info("Not valid Target");
+ errors.add(LanguageHelper.getErrorString("validation.general.target.valid"));
+ }
+ }
+
+ //check Admin Target
+ check = form.getTarget_admin();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!ValidationHelper.isValidAdminTarget(check)) {
+ log.info("Not valid Target");
+ errors.add(LanguageHelper.getErrorString("validation.general.target.admin.valid"));
+ }
+ }
+ }
}
return errors;
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAOAUTH20ConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAOAUTH20ConfigValidation.java
new file mode 100644
index 000000000..249df4dcd
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAOAUTH20ConfigValidation.java
@@ -0,0 +1,55 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
+package at.gv.egovernment.moa.id.configuration.validation.oa;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import org.apache.commons.lang.StringUtils;
+import org.apache.log4j.Logger;
+
+import at.gv.egovernment.moa.id.configuration.data.oa.OAOAuth20Config;
+import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
+import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Util;
+
+public class OAOAUTH20ConfigValidation {
+
+ private static final Logger log = Logger.getLogger(OAOAUTH20ConfigValidation.class);
+
+ public List<String> validate(OAOAuth20Config form) {
+
+ List<String> errors = new ArrayList<String>();
+
+ // validate secret
+// if (StringUtils.isEmpty(form.getClientSecret())) {
+// errors.add(LanguageHelper.getErrorString("error.oa.oauth.clientSecret"));
+// }
+
+ // validate redirectUri
+ if (StringUtils.isNotEmpty(form.getRedirectUri()) && !OAuth20Util.isUrl(form.getRedirectUri())) {
+ errors.add(LanguageHelper.getErrorString("error.oa.oauth.redirecturi"));
+ }
+
+ return errors;
+ }
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java
index 4a1ef9261..18b6a2d22 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java
@@ -1,3 +1,25 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.validation.oa;
import java.io.IOException;
@@ -10,6 +32,7 @@ import org.apache.log4j.Logger;
import at.gv.egovernment.moa.id.configuration.data.oa.OAPVP2Config;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper;
+import at.gv.egovernment.moa.util.FileUtils;
import at.gv.egovernment.moa.util.MiscUtil;
public class OAPVP2ConfigValidation {
@@ -19,24 +42,59 @@ public class OAPVP2ConfigValidation {
public List<String> validate(OAPVP2Config form) {
List<String> errors = new ArrayList<String>();
-
- String url = form.getMetaDataURL();
- if (MiscUtil.isNotEmpty(url) && !ValidationHelper.validateURL(url)) {
- log.info("MetaDataURL has no valid form.");
- errors.add(LanguageHelper.getErrorString("validation.pvp2.metadataurl.valid"));
- }
-
try {
+ byte[] metadata = null;
+// byte[] cert = null;
+
+ String check = form.getMetaDataURL();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!ValidationHelper.validateURL(check)) {
+ log.info("MetaDataURL has no valid form.");
+ errors.add(LanguageHelper.getErrorString("validation.pvp2.metadataurl.valid"));
+
+ } else {
+ metadata = FileUtils.readURL(check);
+ if (MiscUtil.isEmpty(metadata)) {
+ log.info("Filecontent can not be read form MetaDataURL.");
+ errors.add(LanguageHelper.getErrorString("validation.pvp2.metadataurl.read"));
+ }
+ }
+ }
+
if (form.getFileUpload() != null)
form.getCertificate();
+// else {
+// if (metadata != null) {
+// log.info("No certificate to verify the Metadata defined.");
+// errors.add(LanguageHelper.getErrorString("validation.pvp2.certificate.notfound"));
+// }
+// }
+
+// if (cert != null && metadata != null) {
+// HTTPMetadataProvider httpProvider = new HTTPMetadataProvider(
+// check, 20000);
+// httpProvider.setParserPool(new BasicParserPool());
+// httpProvider.setRequireValidMetadata(true);
+// MetadataFilter filter = new MetadataSignatureFilter(
+// check, cert);
+// httpProvider.setMetadataFilter(filter);
+// httpProvider.initialize();
+//
+// }
+
+
} catch (CertificateException e) {
log.info("Uploaded Certificate can not be found", e);
errors.add(LanguageHelper.getErrorString("validation.pvp2.certificate.notfound"));
} catch (IOException e) {
- log.info("Uploaded Certificate can not be parsed", e);
- errors.add(LanguageHelper.getErrorString("validation.pvp2.certificate.format"));
+ log.info("Metadata can not be loaded from URL", e);
+ errors.add(LanguageHelper.getErrorString("validation.pvp2.metadataurl.read"));
+
+// } catch (MetadataProviderException e) {
+// log.info("MetaDate verification failed");
+// errors.add(LanguageHelper.getErrorString("validation.pvp2.metadata.verify"));
}
return errors;
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASAML1ConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASAML1ConfigValidation.java
index 147ea45e9..73eba87ff 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASAML1ConfigValidation.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASAML1ConfigValidation.java
@@ -1,3 +1,25 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.validation.oa;
import java.util.ArrayList;
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASSOConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASSOConfigValidation.java
index 22e2406f2..dd305d144 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASSOConfigValidation.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASSOConfigValidation.java
@@ -1,3 +1,25 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.validation.oa;
import java.util.ArrayList;
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java
index 76183caad..def5aa5ed 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java
@@ -1,3 +1,25 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.validation.oa;
import java.util.ArrayList;