aboutsummaryrefslogtreecommitdiff
path: root/id/ConfigWebTool/src/main/java
diff options
context:
space:
mode:
Diffstat (limited to 'id/ConfigWebTool/src/main/java')
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/MetaDataVerificationFilter.java2
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/PVPSOAPRequestSecurityPolicy.java92
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOBackChannelServlet.java64
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOBasicServlet.java4
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOFrontChannelServlet.java10
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java5
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/FormularCustomization.java20
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java69
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAAuthenticationData.java4
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OABPKEncryption.java2
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java30
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OARevisionsLogData.java2
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java29
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicOAAction.java115
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java44
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java59
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java4
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/InterfederationIDPAction.java2
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/VIDPAction.java2
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/SAML2Utils.java20
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java39
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAAuthenticationDataValidation.java2
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java18
23 files changed, 467 insertions, 171 deletions
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/MetaDataVerificationFilter.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/MetaDataVerificationFilter.java
index 12016a2bf..e3de84b0b 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/MetaDataVerificationFilter.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/MetaDataVerificationFilter.java
@@ -30,7 +30,7 @@ import org.opensaml.saml2.metadata.provider.MetadataFilter;
import org.opensaml.xml.XMLObject;
import org.opensaml.xml.security.x509.BasicX509Credential;
-import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
+import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.filter.SignatureValidationException;
import at.gv.egovernment.moa.id.protocols.pvp2x.verification.EntityVerifier;
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/PVPSOAPRequestSecurityPolicy.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/PVPSOAPRequestSecurityPolicy.java
new file mode 100644
index 000000000..a25cc44ef
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/PVPSOAPRequestSecurityPolicy.java
@@ -0,0 +1,92 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.configuration.auth.pvp2;
+
+import java.util.List;
+
+import javax.xml.namespace.QName;
+
+import org.opensaml.common.SignableSAMLObject;
+import org.opensaml.saml2.metadata.provider.HTTPMetadataProvider;
+import org.opensaml.ws.soap.soap11.Envelope;
+import org.opensaml.xml.XMLObject;
+import org.opensaml.xml.signature.SignatureTrustEngine;
+
+import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider;
+import at.gv.egovernment.moa.id.protocols.pvp2x.validation.AbstractRequestSignedSecurityPolicyRule;
+
+/**
+ * @author tlenz
+ *
+ */
+public class PVPSOAPRequestSecurityPolicy extends
+ AbstractRequestSignedSecurityPolicyRule {
+
+ /**
+ * @param trustEngine
+ * @param peerEntityRole
+ */
+ public PVPSOAPRequestSecurityPolicy(SignatureTrustEngine trustEngine,
+ QName peerEntityRole) {
+ super(trustEngine, peerEntityRole);
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.protocols.pvp2x.validation.AbstractRequestSignedSecurityPolicyRule#refreshMetadataProvider(java.lang.String)
+ */
+ @Override
+ protected boolean refreshMetadataProvider(String entityID) {
+ try {
+ HTTPMetadataProvider metadataProvider = ConfigurationProvider.getInstance().getMetaDataProvier();
+ metadataProvider.setRequireValidMetadata(true);
+ metadataProvider.refresh();
+
+ return true;
+
+ } catch (Exception e) {
+
+
+ }
+
+ return false;
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.protocols.pvp2x.validation.AbstractRequestSignedSecurityPolicyRule#getSignedSAMLObject(org.opensaml.xml.XMLObject)
+ */
+ @Override
+ protected SignableSAMLObject getSignedSAMLObject(XMLObject inboundData) {
+ if (inboundData instanceof Envelope) {
+ Envelope envelope = (Envelope) inboundData;
+ if (envelope.getBody() != null) {
+ List<XMLObject> xmlElemList = envelope.getBody().getUnknownXMLObjects();
+ if (!xmlElemList.isEmpty() && xmlElemList.get(0) instanceof SignableSAMLObject)
+ return (SignableSAMLObject) xmlElemList.get(0);
+
+ }
+ }
+
+ return null;
+ }
+
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOBackChannelServlet.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOBackChannelServlet.java
index cff08740b..17d3d9e50 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOBackChannelServlet.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOBackChannelServlet.java
@@ -40,6 +40,7 @@ import org.opensaml.saml2.core.LogoutRequest;
import org.opensaml.saml2.core.LogoutResponse;
import org.opensaml.ws.message.decoder.MessageDecodingException;
import org.opensaml.ws.message.encoder.MessageEncodingException;
+import org.opensaml.ws.soap.client.BasicSOAPMessageContext;
import org.opensaml.ws.soap.soap11.Envelope;
import org.opensaml.ws.soap.soap11.decoder.http.HTTPSOAP11Decoder;
import org.opensaml.ws.transport.http.HttpServletRequestAdapter;
@@ -49,10 +50,12 @@ import org.opensaml.xml.parse.BasicParserPool;
import org.opensaml.xml.security.SecurityException;
import org.opensaml.xml.security.x509.KeyStoreX509CredentialAdapter;
import org.opensaml.xml.security.x509.X509Credential;
+import org.opensaml.xml.validation.ValidationException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationException;
+import at.gv.egovernment.moa.id.configuration.auth.pvp2.PVP2Utils;
/**
* @author tlenz
@@ -77,25 +80,44 @@ public class SLOBackChannelServlet extends SLOBasicServlet {
try {
HTTPSOAP11Decoder soapDecoder = new HTTPSOAP11Decoder(new BasicParserPool());
- BasicSAMLMessageContext<SAMLObject, ?, ?> messageContext =
- new BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject>();
- messageContext
- .setInboundMessageTransport(new HttpServletRequestAdapter(
- request));
+
+ BasicSOAPMessageContext messageContext = new BasicSOAPMessageContext();
+
+// BasicSAMLMessageContext<SAMLObject, ?, ?> messageContext =
+// new BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject>();
+
+ messageContext.setInboundMessageTransport(new HttpServletRequestAdapter(request));
+
+ //messageContext.setMetadataProvider(getConfig().getMetaDataProvier());
+
+ //set trustPolicy
+// BasicSecurityPolicy policy = new BasicSecurityPolicy();
+// policy.getPolicyRules().add(
+// new PVPSOAPRequestSecurityPolicy(
+// PVP2Utils.getTrustEngine(getConfig()),
+// IDPSSODescriptor.DEFAULT_ELEMENT_NAME));
+// SecurityPolicyResolver resolver = new StaticSecurityPolicyResolver(
+// policy);
+// messageContext.setSecurityPolicyResolver(resolver);
soapDecoder.decode(messageContext);
-
+
Envelope inboundMessage = (Envelope) messageContext
.getInboundMessage();
+ LogoutResponse sloResp = null;
+
if (inboundMessage.getBody() != null) {
List<XMLObject> xmlElemList = inboundMessage.getBody().getUnknownXMLObjects();
-
- LogoutResponse sloResp;
+
if (!xmlElemList.isEmpty() && xmlElemList.get(0) instanceof LogoutRequest) {
LogoutRequest sloReq = (LogoutRequest) xmlElemList.get(0);
- sloResp = processLogOutRequest(sloReq, request);
+ //validate request signature
+ PVP2Utils.validateSignature(sloReq, getConfig());
+
+ sloResp = processLogOutRequest(sloReq, request);
+
KeyStore keyStore = getConfig().getPVP2KeyStore();
X509Credential authcredential = new KeyStoreX509CredentialAdapter(
keyStore,
@@ -111,24 +133,17 @@ public class SLOBackChannelServlet extends SLOBasicServlet {
context.setOutboundMessageTransport(responseAdapter);
encoder.encode(context);
-
+
} else {
log.warn("Received request ist not of type LogOutRequest");
response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
+ return;
}
}
- } catch (MessageDecodingException e) {
- log.error("SLO message processing FAILED." , e);
- response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e.getMessage());
-
- } catch (SecurityException e) {
- log.error("SLO message processing FAILED." , e);
- response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e.getMessage());
-
- } catch (NoSuchAlgorithmException e) {
- log.error("SLO message processing FAILED." , e);
+ } catch (MessageDecodingException | SecurityException | NoSuchAlgorithmException | ConfigurationException | ValidationException e) {
+ log.error("SLO message processing FAILED." , e);
response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e.getMessage());
} catch (CertificateException e) {
@@ -139,15 +154,14 @@ public class SLOBackChannelServlet extends SLOBasicServlet {
log.error("SLO message processing FAILED." , e);
response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e.getMessage());
- } catch (ConfigurationException e) {
- log.error("SLO message processing FAILED." , e);
- response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e.getMessage());
-
} catch (MessageEncodingException e) {
log.error("SLO message processing FAILED." , e);
response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e.getMessage());
- }
+ }
+
+
+
}
protected void doGet(HttpServletRequest request,
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOBasicServlet.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOBasicServlet.java
index 2a35e50b1..c70d34d7e 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOBasicServlet.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOBasicServlet.java
@@ -131,13 +131,13 @@ public class SLOBasicServlet extends HttpServlet {
} else {
log.debug("Single LogOut not possible! User with nameID:" + sloReq.getNameID().getValue() + " is not found.");
- return createSLOResponse(sloReq, StatusCode.PARTIAL_LOGOUT_URI, request);
+ return createSLOResponse(sloReq, StatusCode.SUCCESS_URI, request);
}
}
- private LogoutResponse createSLOResponse(LogoutRequest sloReq, String statusCodeURI, HttpServletRequest request) throws NoSuchAlgorithmException {
+ protected LogoutResponse createSLOResponse(LogoutRequest sloReq, String statusCodeURI, HttpServletRequest request) throws NoSuchAlgorithmException {
LogoutResponse sloResp = SAML2Utils.createSAMLObject(LogoutResponse.class);
SecureRandomIdentifierGenerator gen = new SecureRandomIdentifierGenerator();
sloResp.setID(gen.generateIdentifier());
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOFrontChannelServlet.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOFrontChannelServlet.java
index 8df7f9d5a..274aa21bf 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOFrontChannelServlet.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOFrontChannelServlet.java
@@ -69,7 +69,6 @@ import at.gv.egovernment.moa.id.configuration.auth.pvp2.PVP2Utils;
import at.gv.egovernment.moa.id.configuration.exception.PVP2Exception;
import at.gv.egovernment.moa.id.configuration.exception.SLOException;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
-import at.gv.egovernment.moa.id.protocols.pvp2x.verification.TrustEngineFactory;
import at.gv.egovernment.moa.util.MiscUtil;
/**
@@ -99,8 +98,15 @@ public class SLOFrontChannelServlet extends SLOBasicServlet {
if (MiscUtil.isNotEmpty(request.getParameter(Constants.REQUEST_USERSLO))) {
//process user initiated single logout process
Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+
+ if (authUserObj == null) {
+ log.warn("No user information found. Single Log-Out not possible");
+ buildErrorMessage(request, response);
+
+ }
+
AuthenticatedUser authUser = (AuthenticatedUser) authUserObj;
-
+
String nameIDFormat = authUser.getNameIDFormat();
String nameID = authUser.getNameID();
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java
index e2a55db60..ab6c22858 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java
@@ -54,6 +54,7 @@ import org.springframework.beans.factory.config.AutowireCapableBeanFactory;
import org.springframework.context.ApplicationContext;
import org.springframework.context.support.ClassPathXmlApplicationContext;
+import at.gv.egovernment.moa.id.commons.db.NewConfigurationDBRead;
import at.gv.egovernment.moa.id.commons.ex.MOAHttpProtocolSocketFactoryException;
import at.gv.egovernment.moa.id.commons.utils.MOAHttpProtocolSocketFactory;
import at.gv.egovernment.moa.id.config.webgui.MOAIDConfigurationModul;
@@ -65,8 +66,6 @@ import at.gv.egovernment.moa.id.configuration.utils.UserRequestCleaner;
import at.gv.egovernment.moa.util.FileUtils;
import at.gv.egovernment.moa.util.MiscUtil;
-import at.gv.egovernment.moa.id.commons.db.NewConfigurationDBRead;
-
public class ConfigurationProvider {
@@ -602,7 +601,7 @@ public class ConfigurationProvider {
} catch (Exception e) {
log.warn("PVP2 authentification can not be initialized.");
- throw new ConfigurationException("PVP2 authentification can not be initialized.", e);
+ throw new ConfigurationException("error.initialization.pvplogin", e);
}
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/FormularCustomization.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/FormularCustomization.java
index ecf0d19d7..80800543b 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/FormularCustomization.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/FormularCustomization.java
@@ -36,6 +36,7 @@ import javax.servlet.http.HttpSession;
import org.apache.log4j.Logger;
+import at.gv.egovernment.moa.id.auth.frontend.utils.FormBuildUtils;
import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.AuthComponentOA;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.BKUSelectionCustomizationType;
@@ -50,7 +51,6 @@ import at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
import at.gv.egovernment.moa.id.configuration.validation.FormularCustomizationValitator;
import at.gv.egovernment.moa.id.configuration.validation.oa.OAFileUploadValidation;
-import at.gv.egovernment.moa.id.util.FormBuildUtils;
import at.gv.egovernment.moa.util.MiscUtil;
public class FormularCustomization implements IOnlineApplicationData {
@@ -177,47 +177,47 @@ public class FormularCustomization implements IOnlineApplicationData {
if (MiscUtil.isNotEmpty(formcustom.getBackGroundColor())) {
backGroundColor = formcustom.getBackGroundColor();
- map.put(FormBuildUtils.MAIN_BACKGROUNDCOLOR, formcustom.getBackGroundColor());
+ map.put(FormBuildUtils.PARAM_MAIN_BACKGROUNDCOLOR, formcustom.getBackGroundColor());
}
if (MiscUtil.isNotEmpty(formcustom.getButtonBackGroundColor())) {
button_BackGroundColor = formcustom.getButtonBackGroundColor();
- map.put(FormBuildUtils.BUTTON_BACKGROUNDCOLOR, formcustom.getButtonBackGroundColor());
+ map.put(FormBuildUtils.PARAM_BUTTON_BACKGROUNDCOLOR, formcustom.getButtonBackGroundColor());
}
if (MiscUtil.isNotEmpty(formcustom.getButtonBackGroundColorFocus())) {
button_BackGroundColorFocus = formcustom.getButtonBackGroundColorFocus();
- map.put(FormBuildUtils.BUTTON_BACKGROUNDCOLOR_FOCUS, formcustom.getButtonBackGroundColorFocus());
+ map.put(FormBuildUtils.PARAM_BUTTON_BACKGROUNDCOLOR_FOCUS, formcustom.getButtonBackGroundColorFocus());
}
if (MiscUtil.isNotEmpty(formcustom.getButtonFontColor())) {
button_FrontColor = formcustom.getButtonFontColor();
- map.put(FormBuildUtils.BUTTON_COLOR, formcustom.getButtonFontColor());
+ map.put(FormBuildUtils.PARAM_BUTTON_COLOR, formcustom.getButtonFontColor());
}
if (MiscUtil.isNotEmpty(formcustom.getFontType())) {
fontType = formcustom.getFontType();
- map.put(FormBuildUtils.FONTFAMILY, formcustom.getFontType());
+ map.put(FormBuildUtils.PARAM_FONTFAMILY, formcustom.getFontType());
}
if (MiscUtil.isNotEmpty(formcustom.getFrontColor())) {
frontColor = formcustom.getFrontColor();
- map.put(FormBuildUtils.MAIN_COLOR, formcustom.getFrontColor());
+ map.put(FormBuildUtils.PARAM_MAIN_COLOR, formcustom.getFrontColor());
}
if (MiscUtil.isNotEmpty(formcustom.getHeaderBackGroundColor())) {
header_BackGroundColor = formcustom.getHeaderBackGroundColor();
- map.put(FormBuildUtils.HEADER_BACKGROUNDCOLOR, formcustom.getHeaderBackGroundColor());
+ map.put(FormBuildUtils.PARAM_HEADER_BACKGROUNDCOLOR, formcustom.getHeaderBackGroundColor());
}
if (MiscUtil.isNotEmpty(formcustom.getHeaderFrontColor())) {
header_FrontColor = formcustom.getHeaderFrontColor();
- map.put(FormBuildUtils.HEADER_COLOR, formcustom.getHeaderFrontColor());
+ map.put(FormBuildUtils.PARAM_HEADER_COLOR, formcustom.getHeaderFrontColor());
}
if (MiscUtil.isNotEmpty(formcustom.getHeaderText())) {
header_text = formcustom.getHeaderText();
- map.put(FormBuildUtils.HEADER_TEXT, formcustom.getHeaderText());
+ map.put(FormBuildUtils.PARAM_HEADER_TEXT, formcustom.getHeaderText());
}
}
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java
index 83795567c..95af93af3 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java
@@ -54,7 +54,9 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.TransformsInfoT
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.TrustAnchor;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.VerifyAuthBlock;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.VerifyIdentityLink;
+import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils;
import at.gv.egovernment.moa.id.configuration.Constants;
+import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider;
import at.gv.egovernment.moa.id.configuration.data.pvp2.ContactForm;
import at.gv.egovernment.moa.util.MiscUtil;
@@ -126,6 +128,7 @@ public class GeneralMOAIDConfig {
private String SLRequestTemplateHandy = "SLTemplates/template_handyBKU.html";
private String publicURLPrefix = null;
+ private boolean virtualPublicURLPrefixEnabled = false;
public GeneralMOAIDConfig() {
chainigmodelist = new HashMap<String, String>();
@@ -133,6 +136,26 @@ public class GeneralMOAIDConfig {
for (int i=0; i<values.length; i++) {
chainigmodelist.put(values[i].value(), values[i].value());
}
+
+ try {
+ ConfigurationProvider config = ConfigurationProvider.getInstance();
+ if (config != null) {
+ MOAIDConfiguration dbconfig = config.getDbRead().getMOAIDConfiguration();
+ List<TransformsInfoType> authBlockTrans = dbconfig.getAuthComponentGeneral().getSecurityLayer().getTransformsInfo();
+
+ if (authBlockTrans != null && !authBlockTrans.isEmpty()) {
+ if (secLayerTransformation == null)
+ secLayerTransformation = new HashMap<String, byte[]>();
+ for (TransformsInfoType el : authBlockTrans)
+ secLayerTransformation.put(el.getFilename(), el.getTransformation());
+
+ }
+ }
+
+ } catch (Exception e) {
+
+ }
+
}
public void parse(MOAIDConfiguration config) {
@@ -163,7 +186,26 @@ public class GeneralMOAIDConfig {
if (authgen.isTrustManagerRevocationChecking() != null)
trustmanagerrevocationcheck = authgen.isTrustManagerRevocationChecking();
- publicURLPrefix = authgen.getPublicURLPreFix();
+ virtualPublicURLPrefixEnabled =
+ KeyValueUtils.isCSVValueString(authgen.getPublicURLPreFix());
+
+ if (virtualPublicURLPrefixEnabled) {
+ //format CSV values with newlines
+ publicURLPrefix = KeyValueUtils.normalizeCSVValueString(
+ authgen.getPublicURLPreFix());
+
+ } else {
+ String tmp = authgen.getPublicURLPreFix();
+ if (tmp.contains(KeyValueUtils.CSV_DELIMITER)) {
+ //remove trailing comma if exist
+ publicURLPrefix = tmp.substring(0,
+ tmp.indexOf(KeyValueUtils.CSV_DELIMITER));
+
+ } else
+ publicURLPrefix = tmp;
+ }
+
+
TimeOuts timeouts = authgen.getTimeOuts();
if (timeouts != null) {
@@ -819,6 +861,7 @@ public class GeneralMOAIDConfig {
* @return the secLayerTransformation
*/
public Map<String, byte[]> getSecLayerTransformation() {
+
return secLayerTransformation;
}
@@ -931,7 +974,12 @@ public class GeneralMOAIDConfig {
* @param publicURLPrefix the publicURLPrefix to set
*/
public void setPublicURLPrefix(String publicURLPrefix) {
- this.publicURLPrefix = publicURLPrefix;
+ if (MiscUtil.isNotEmpty(publicURLPrefix))
+ this.publicURLPrefix =
+ KeyValueUtils.removeAllNewlineFromString(publicURLPrefix);
+ else
+ this.publicURLPrefix = publicURLPrefix;
+
}
/**
@@ -961,6 +1009,23 @@ public class GeneralMOAIDConfig {
public void setMoaspssAuthTrustProfileTest(String moaspssAuthTrustProfileTest) {
this.moaspssAuthTrustProfileTest = moaspssAuthTrustProfileTest;
}
+
+ /**
+ * @return the virtualPublicURLPrefixEnabled
+ */
+ public boolean isVirtualPublicURLPrefixEnabled() {
+ return virtualPublicURLPrefixEnabled;
+ }
+
+ /**
+ * @param virtualPublicURLPrefixEnabled the virtualPublicURLPrefixEnabled to set
+ */
+ public void setVirtualPublicURLPrefixEnabled(
+ boolean virtualPublicURLPrefixEnabled) {
+ this.virtualPublicURLPrefixEnabled = virtualPublicURLPrefixEnabled;
+ }
+
+
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAAuthenticationData.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAAuthenticationData.java
index 9b0172a24..d0232e86a 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAAuthenticationData.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAAuthenticationData.java
@@ -31,17 +31,13 @@ import javax.servlet.http.HttpServletRequest;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.AuthComponentOA;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.BKUURLS;
-import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.DefaultBKUs;
-import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.MOAIDConfiguration;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.MOAKeyBoxSelector;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.Mandates;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OnlineApplication;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.TemplateType;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.TemplatesType;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.TestCredentials;
-import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.TestCredentialsCredentialOIDItem;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.TransformsInfoType;
-import at.gv.egovernment.moa.id.configuration.Constants;
import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
import at.gv.egovernment.moa.id.configuration.validation.oa.OAAuthenticationDataValidation;
import at.gv.egovernment.moa.util.MiscUtil;
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OABPKEncryption.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OABPKEncryption.java
index 58b0b9d17..b2cd18c26 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OABPKEncryption.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OABPKEncryption.java
@@ -36,12 +36,12 @@ import org.apache.commons.lang.SerializationUtils;
import org.apache.log4j.Logger;
import at.gv.egovernment.moa.id.auth.exception.BuildException;
+import at.gv.egovernment.moa.id.commons.api.data.BPKDecryptionParameters;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.AuthComponentOA;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.BPKDecryption;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.EncBPKInformation;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OnlineApplication;
import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
-import at.gv.egovernment.moa.id.config.auth.data.BPKDecryptionParameters;
import at.gv.egovernment.moa.id.configuration.Constants;
import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java
index 22a978014..4cb7eba2d 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java
@@ -42,9 +42,7 @@ public class OAGeneralConfig implements IOnlineApplicationData{
private static final Logger log = Logger.getLogger(OAGeneralConfig.class);
private boolean isActive = false;
-
- private String dbID = null;
-
+
private String identifier = null;
private String friendlyName = null;
private boolean businessService = false;
@@ -67,7 +65,7 @@ public class OAGeneralConfig implements IOnlineApplicationData{
friendlyName = dbOAConfig.getFriendlyName();
identifier = dbOAConfig.getPublicURLPrefix();
-
+
if (dbOAConfig.getType().equals(Constants.MOA_CONFIG_BUSINESSSERVICE))
businessService = true;
else
@@ -163,27 +161,5 @@ public class OAGeneralConfig implements IOnlineApplicationData{
public void setActive(boolean isActive) {
this.isActive = isActive;
- }
-
- /**
- * @return the dbID
- */
- public String getDbID() {
- return dbID;
- }
-
-
- /**
- * @param dbID the dbID to set
- */
- public void setDbID(long dbID) {
- this.dbID = String.valueOf(dbID);
- }
-
- /**
- * @param dbID the dbID to set
- */
- public void setDbID(String dbID) {
- this.dbID = dbID;
- }
+ }
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OARevisionsLogData.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OARevisionsLogData.java
index 441c879be..bb98d2e64 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OARevisionsLogData.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OARevisionsLogData.java
@@ -27,10 +27,8 @@ import java.util.List;
import javax.servlet.http.HttpServletRequest;
-import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OnlineApplication;
import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils;
-import at.gv.egovernment.moa.id.config.webgui.exception.ValidationObjectIdentifier;
import at.gv.egovernment.moa.id.config.webgui.helper.LanguageHelper;
import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
import at.gv.egovernment.moa.util.MiscUtil;
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java
index 3fad65fe5..33277af07 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java
@@ -237,16 +237,27 @@ public class OASTORKConfig implements IOnlineApplicationData{
return result;
for(AttributeHelper current : getHelperAttributes()) {
- for(StorkAttribute currentAttribute : dbconfig.getAuthComponentGeneral().getForeignIdentities().getSTORK().getAttributes())
- if(currentAttribute.getName().equals(current.getName())) {
- if(current.isUsed() || currentAttribute.isMandatory()) {
- OAStorkAttribute tmp = new OAStorkAttribute();
- tmp.setName(current.getName());
- tmp.setMandatory(current.isMandatory());
- result.add(tmp);
+ List<StorkAttribute> generalConfStorkAttr = null;
+ try {
+ generalConfStorkAttr = dbconfig.getAuthComponentGeneral().getForeignIdentities().getSTORK().getAttributes();
+
+ } catch (NullPointerException e) {
+ log.trace("No STORK attributes in 'General Configuration'");
+
+ }
+
+ if (generalConfStorkAttr != null) {
+ for(StorkAttribute currentAttribute : generalConfStorkAttr)
+ if(currentAttribute.getName().equals(current.getName())) {
+ if(current.isUsed() || currentAttribute.isMandatory()) {
+ OAStorkAttribute tmp = new OAStorkAttribute();
+ tmp.setName(current.getName());
+ tmp.setMandatory(current.isMandatory());
+ result.add(tmp);
+ }
+ break;
}
- break;
- }
+ }
}
return result;
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicOAAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicOAAction.java
index e092d9e13..c80bc1925 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicOAAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicOAAction.java
@@ -22,30 +22,35 @@
*/
package at.gv.egovernment.moa.id.configuration.struts.action;
-import iaik.utils.URLDecoder;
-
+import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.InputStream;
+import java.io.InputStreamReader;
+import java.io.StringWriter;
import java.util.ArrayList;
-import java.util.Date;
+import java.util.Arrays;
+import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
+import java.util.Map.Entry;
import org.apache.log4j.Logger;
-
-import edu.emory.mathcs.backport.java.util.Arrays;
+import org.apache.velocity.VelocityContext;
+import org.apache.velocity.app.VelocityEngine;
import at.gv.egiz.components.configuration.meta.api.ConfigurationStorageException;
-import at.gv.egovernment.moa.id.auth.builder.LoginFormBuilder;
+import at.gv.egovernment.moa.id.auth.frontend.builder.ServiceProviderSpecificGUIFormBuilderConfiguration;
+import at.gv.egovernment.moa.id.auth.frontend.utils.FormBuildUtils;
+import at.gv.egovernment.moa.id.auth.frontend.velocity.VelocityProvider;
import at.gv.egovernment.moa.id.commons.config.ConfigurationMigrationUtils;
import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
+import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.MOAIDConfiguration;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OnlineApplication;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.STORK;
-import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase;
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils;
import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
@@ -59,9 +64,9 @@ import at.gv.egovernment.moa.id.configuration.exception.BasicActionException;
import at.gv.egovernment.moa.id.configuration.exception.BasicOAActionException;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
import at.gv.egovernment.moa.id.configuration.helper.MailHelper;
-import at.gv.egovernment.moa.id.util.FormBuildUtils;
import at.gv.egovernment.moa.id.util.Random;
import at.gv.egovernment.moa.util.MiscUtil;
+import iaik.utils.URLDecoder;
/**
* @author tlenz
@@ -257,25 +262,8 @@ public class BasicOAAction extends BasicAction {
OnlineApplication onlineapplication = null;
- Object oadbid = request.getSession().getAttribute(Constants.SESSION_OAID);
- Long oaid = (long) -1;
-
- if (oadbid != null) {
- try {
- oaid = (Long) oadbid;
- if (oaid < 0 || oaid > Long.MAX_VALUE) {
- throw new BasicOAActionException(
- LanguageHelper.getErrorString("errors.edit.oa.oaid", request),
- Constants.STRUTS_ERROR);
- }
-
- } catch (Throwable t) {
- throw new BasicOAActionException(
- LanguageHelper.getErrorString("errors.edit.oa.oaid", request),
- Constants.STRUTS_ERROR);
- }
- }
-
+ Long oaid = getOAIDFromSession();
+
// valid DBID and check entry
OAGeneralConfig oaGeneralForm = ((OAGeneralConfig)formList.get(new OAGeneralConfig().getName()));
String oaidentifier = oaGeneralForm.getIdentifier();
@@ -311,14 +299,15 @@ public class BasicOAAction extends BasicAction {
onlineapplication = configuration.getDbRead().getOnlineApplication(oaidentifier);
}
- setNewOA(true);
+
if (onlineapplication != null) {
log.info("The OAIdentifier is not unique");
throw new BasicOAActionException(
LanguageHelper.getErrorString("validation.general.oaidentifier.notunique", request),
Constants.STRUTS_ERROR_VALIDATION);
- }
+ } else
+ setNewOA(true);
} else {
onlineapplication = configuration.getDbRead().getOnlineApplication(oaid);
@@ -357,6 +346,29 @@ public class BasicOAAction extends BasicAction {
}
+ protected Long getOAIDFromSession() throws BasicOAActionException {
+ Object oadbid = request.getSession().getAttribute(Constants.SESSION_OAID);
+ Long oaid = (long) -1;
+
+ if (oadbid != null) {
+ try {
+ oaid = (Long) oadbid;
+ if (oaid < 0 || oaid > Long.MAX_VALUE) {
+ throw new BasicOAActionException(
+ LanguageHelper.getErrorString("errors.edit.oa.oaid", request),
+ Constants.STRUTS_ERROR);
+ }
+
+ } catch (Throwable t) {
+ throw new BasicOAActionException(
+ LanguageHelper.getErrorString("errors.edit.oa.oaid", request),
+ Constants.STRUTS_ERROR);
+ }
+ }
+
+ return oaid;
+ }
+
protected String preProcessDeleteOnlineApplication() throws BasicOAActionException {
try {
Object formidobj = session.getAttribute(Constants.SESSION_FORMID);
@@ -584,15 +596,16 @@ public class BasicOAAction extends BasicAction {
log.info("NO MOA-ID instance URL configurated.");
input.close();
throw new ConfigurationException("No MOA-ID instance configurated");
+
}
-
- preview = LoginFormBuilder.getTemplate(input);
- preview = preview.replace(LoginFormBuilder.CONTEXTPATH, contextpath);
-
- Map<String, String> map = (Map<String, String>) mapobj;
-
+
+ //set parameters
+ Map<String, Object> params = (Map<String, Object>) mapobj;
+ params.put(
+ ServiceProviderSpecificGUIFormBuilderConfiguration.PARAM_AUTHCONTEXT,
+ contextpath);
+
request.setCharacterEncoding("UTF-8");
-
String module = request.getParameter(Constants.REQUEST_FORMCUSTOM_MODULE);
String value = request.getParameter(Constants.REQUEST_FORMCUSTOM_VALUE);
@@ -601,24 +614,36 @@ public class BasicOAAction extends BasicAction {
value = query[1].substring("value=".length());
}
- synchronized (map) {
-
+ synchronized (params) {
if (MiscUtil.isNotEmpty(module)) {
- if (map.containsKey("#" + module + "#")) {
+ if (params.containsKey(module)) {
if (MiscUtil.isNotEmpty(value)) {
- if (FormBuildUtils.FONTFAMILY.contains(module) || FormBuildUtils.HEADER_TEXT.contains(module)
+ if (FormBuildUtils.PARAM_FONTFAMILY.contains(module) || FormBuildUtils.PARAM_HEADER_TEXT.contains(module)
|| value.startsWith("#"))
- map.put("#" + module + "#", value);
+ params.put(module, value);
else
- map.put("#" + module + "#", "#" + value);
+ params.put(module, "#" + value);
} else {
- map.put("#" + module + "#", FormBuildUtils.getDefaultMap().get("#" + module + "#"));
+ params.put(module, FormBuildUtils.getDefaultMap().get(module));
}
}
}
- preview = FormBuildUtils.customiceLayoutBKUSelection(preview, true, false, map, true);
}
+
+ //write preview
+ VelocityEngine engine = VelocityProvider.getClassPathVelocityEngine();
+ VelocityContext context = new VelocityContext();
+ Iterator<Entry<String, Object>> interator = params.entrySet().iterator();
+ while (interator.hasNext()) {
+ Entry<String, Object> el = interator.next();
+ context.put(el.getKey(), el.getValue());
+
+ }
+ StringWriter writer = new StringWriter();
+ engine.evaluate(context, writer, "BKUSelection_preview",
+ new BufferedReader(new InputStreamReader(input)));
+ stream = new ByteArrayInputStream(writer.toString().getBytes("UTF-8"));
} else {
preview = LanguageHelper.getErrorString("error.bkuformpreview.notpossible", request);
@@ -631,7 +656,7 @@ public class BasicOAAction extends BasicAction {
}
- stream = new ByteArrayInputStream(preview.getBytes());
+
return Constants.STRUTS_SUCCESS;
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java
index a658c3f34..504b598c0 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java
@@ -23,9 +23,13 @@
package at.gv.egovernment.moa.id.configuration.struts.action;
import java.math.BigInteger;
-import java.util.*;
-
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+import org.apache.commons.lang3.StringUtils;
import org.apache.log4j.Logger;
import at.gv.egiz.components.configuration.meta.api.ConfigurationStorageException;
@@ -58,6 +62,7 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.TimeOuts;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.TransformsInfoType;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.VerifyAuthBlock;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.VerifyIdentityLink;
+import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils;
import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
import at.gv.egovernment.moa.id.configuration.Constants;
import at.gv.egovernment.moa.id.configuration.data.GeneralMOAIDConfig;
@@ -179,7 +184,12 @@ public class EditGeneralConfigAction extends BasicAction {
String error = saveFormToDatabase();
if (error != null) {
log.warn("General MOA-ID config can not be stored in Database");
- addActionError(error);
+
+ //set new formID
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+
+ addActionError(error);
return Constants.STRUTS_ERROR_VALIDATION;
}
@@ -248,13 +258,27 @@ public class EditGeneralConfigAction extends BasicAction {
// if (oldauth != null)
// oldauthgeneral = oldauth.getGeneralConfiguration();
- //set Public URL Prefix
- String pubURLPrefix = moaconfig.getPublicURLPrefix();
- if(pubURLPrefix.endsWith("/")) {
- int length = pubURLPrefix.length();
- pubURLPrefix = pubURLPrefix.substring(0, length-1);
- }
- dbauthgeneral.setPublicURLPreFix(pubURLPrefix);
+ //set Public URL Prefix
+ String pubURLPrefix = moaconfig.getPublicURLPrefix();
+ if (moaconfig.isVirtualPublicURLPrefixEnabled()) {
+ dbauthgeneral.setPublicURLPreFix(
+ KeyValueUtils.normalizeCSVValueString(pubURLPrefix));
+
+ } else {
+ if (pubURLPrefix.contains(KeyValueUtils.CSV_DELIMITER)) {
+ dbauthgeneral.setPublicURLPreFix(
+ pubURLPrefix.trim().substring(0,
+ pubURLPrefix.indexOf(KeyValueUtils.CSV_DELIMITER)));
+
+ } else
+ dbauthgeneral.setPublicURLPreFix(
+ StringUtils.chomp(pubURLPrefix.trim()));
+
+ }
+
+ dbauthgeneral.setVirtualPublicURLPrefixEnabled(
+ moaconfig.isVirtualPublicURLPrefixEnabled());
+
// if (MiscUtil.isNotEmpty(moaconfig.getAlternativeSourceID()))
// dbauthgeneral.setAlternativeSourceID(moaconfig.getAlternativeSourceID());
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java
index 1079932b9..85b8a8ea0 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java
@@ -22,6 +22,14 @@
*******************************************************************************/
package at.gv.egovernment.moa.id.configuration.struts.action;
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+import org.apache.log4j.Logger;
+
+import at.gv.egovernment.moa.id.auth.frontend.utils.FormBuildUtils;
import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OnlineApplication;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.StorkAttribute;
@@ -29,17 +37,22 @@ import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationException;
import at.gv.egovernment.moa.id.configuration.Constants;
import at.gv.egovernment.moa.id.configuration.data.FormularCustomization;
-import at.gv.egovernment.moa.id.configuration.data.oa.*;
+import at.gv.egovernment.moa.id.configuration.data.oa.AttributeHelper;
+import at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData;
+import at.gv.egovernment.moa.id.configuration.data.oa.OAAuthenticationData;
+import at.gv.egovernment.moa.id.configuration.data.oa.OABPKEncryption;
+import at.gv.egovernment.moa.id.configuration.data.oa.OAOAuth20Config;
+import at.gv.egovernment.moa.id.configuration.data.oa.OAPVP2Config;
+import at.gv.egovernment.moa.id.configuration.data.oa.OARevisionsLogData;
+import at.gv.egovernment.moa.id.configuration.data.oa.OASAML1Config;
+import at.gv.egovernment.moa.id.configuration.data.oa.OASSOConfig;
+import at.gv.egovernment.moa.id.configuration.data.oa.OASTORKConfig;
+import at.gv.egovernment.moa.id.configuration.data.oa.OATargetConfiguration;
import at.gv.egovernment.moa.id.configuration.exception.BasicActionException;
import at.gv.egovernment.moa.id.configuration.exception.BasicOAActionException;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
import at.gv.egovernment.moa.id.configuration.helper.MailHelper;
-import at.gv.egovernment.moa.id.util.FormBuildUtils;
import at.gv.egovernment.moa.id.util.Random;
-import at.gv.egovernment.moa.util.MiscUtil;
-import org.apache.log4j.Logger;
-
-import java.util.*;
public class EditOAAction extends BasicOAAction {
@@ -74,7 +87,7 @@ public class EditOAAction extends BasicOAAction {
OASTORKConfig storkOA = new OASTORKConfig();
formList.put(storkOA.getName(), storkOA);
-
+
Map<String, String> map = new HashMap<String, String>();
map.putAll(FormBuildUtils.getDefaultMap());
FormularCustomization formOA = new FormularCustomization(map);
@@ -331,9 +344,35 @@ public class EditOAAction extends BasicOAAction {
}
oaidentifier = preProcessDeleteOnlineApplication();
- OnlineApplication onlineapplication = configuration.getDbRead()
- .getOnlineApplication(oaidentifier);
-
+ List<OnlineApplication> onlineapplications = configuration.getDbRead()
+ .getOnlineApplications(oaidentifier);
+
+ Long oaid = getOAIDFromSession();
+
+ OnlineApplication onlineapplication = null;
+
+ if (onlineapplications != null && onlineapplications.size() > 1) {
+ log.info("Found more then one OA with PublicURLPrefix in configuration. "
+ + "Select OA with DB Id ...");
+
+ for (OnlineApplication oa : onlineapplications) {
+ if (oa.getHjid().equals(oaid)) {
+ if (onlineapplication == null)
+ onlineapplication = oa;
+
+ else {
+ log.error("Found more then one OA with same PublicURLPrefix and same DBID.");
+ new BasicOAActionException(
+ "Found more then one OA with same PublicURLPrefix and same DBID.",
+ Constants.STRUTS_SUCCESS);
+
+ }
+ }
+ }
+
+ } else if (onlineapplications != null && onlineapplications.size() == 1)
+ onlineapplication = onlineapplications.get(0);
+
request.getSession().setAttribute(Constants.SESSION_OAID, null);
// try {
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java
index a2c5da247..a9889da9c 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java
@@ -53,8 +53,6 @@ import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
import at.gv.egovernment.moa.id.util.Random;
import at.gv.egovernment.moa.util.MiscUtil;
-import com.fasterxml.jackson.core.JsonProcessingException;
-
public class ImportExportAction extends BasicAction {
private static final Logger log = Logger.getLogger(ImportExportAction.class);
@@ -150,7 +148,7 @@ public class ImportExportAction extends BasicAction {
}
- } catch (JsonProcessingException | JAXBException | FileNotFoundException e) {
+ } catch (JAXBException | FileNotFoundException e) {
log.info("Legacy configuration has an Import Error", e);
addActionError(LanguageHelper.getErrorString("errors.importexport.legacyimport", new Object[] {e.getMessage()}, request));
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/InterfederationIDPAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/InterfederationIDPAction.java
index 8be24edb4..384f0662f 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/InterfederationIDPAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/InterfederationIDPAction.java
@@ -271,7 +271,7 @@ public class InterfederationIDPAction extends BasicOAAction {
businessID = new IdentificationNumber();
onlineapplication.getAuthComponentOA().setIdentificationNumber(businessID);
}
- businessID.setValue(Constants.PREFIX_WPBK + "MOA-IDP");
+ businessID.setValue(Constants.PREFIX_WPBK + "MOA-IDP+MOA-IDP");
} else
onlineapplication.setTarget("MOA-IDP");
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/VIDPAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/VIDPAction.java
index 8588dd286..c00eb46a5 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/VIDPAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/VIDPAction.java
@@ -26,12 +26,12 @@ import java.util.HashMap;
import java.util.LinkedHashMap;
import java.util.Map;
+import at.gv.egovernment.moa.id.auth.frontend.utils.FormBuildUtils;
import at.gv.egovernment.moa.id.configuration.data.FormularCustomization;
import at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData;
import at.gv.egovernment.moa.id.configuration.data.oa.OAAuthenticationData;
import at.gv.egovernment.moa.id.configuration.data.oa.OASTORKConfig;
import at.gv.egovernment.moa.id.configuration.data.oa.OATargetConfiguration;
-import at.gv.egovernment.moa.id.util.FormBuildUtils;
/**
* @author tlenz
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/SAML2Utils.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/SAML2Utils.java
index fc310900e..eca4c05ef 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/SAML2Utils.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/SAML2Utils.java
@@ -94,6 +94,26 @@ public class SAML2Utils {
return document;
}
+// public static SignatureTrustEngine getSignatureKnownKeysTrustEngine() throws ConfigurationException {
+// MetadataCredentialResolver resolver;
+//
+// resolver = new MetadataCredentialResolver(ConfigurationProvider.getInstance().getMetaDataProvier());
+//
+// List<KeyInfoProvider> keyInfoProvider = new ArrayList<KeyInfoProvider>();
+// keyInfoProvider.add(new DSAKeyValueProvider());
+// keyInfoProvider.add(new RSAKeyValueProvider());
+// keyInfoProvider.add(new InlineX509DataProvider());
+//
+// KeyInfoCredentialResolver keyInfoResolver = new BasicProviderKeyInfoCredentialResolver(
+// keyInfoProvider);
+//
+// ExplicitKeySignatureTrustEngine engine = new ExplicitKeySignatureTrustEngine(
+// resolver, keyInfoResolver);
+//
+// return engine;
+//
+// }
+
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java
index 95502cedb..d4e8e957d 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java
@@ -28,10 +28,10 @@ import java.io.IOException;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
-import java.util.Map;
import javax.servlet.http.HttpServletRequest;
+import org.apache.commons.lang3.StringUtils;
import org.apache.log4j.Logger;
import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
@@ -39,8 +39,6 @@ import at.gv.egovernment.moa.id.configuration.Constants;
import at.gv.egovernment.moa.id.configuration.data.GeneralMOAIDConfig;
import at.gv.egovernment.moa.id.configuration.data.pvp2.ContactForm;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
-import at.gv.egovernment.moa.id.configuration.helper.StringHelper;
-import at.gv.egovernment.moa.id.configuration.validation.CompanyNumberValidator;
import at.gv.egovernment.moa.util.Base64Utils;
import at.gv.egovernment.moa.util.MiscUtil;
@@ -66,14 +64,29 @@ public class MOAConfigValidator {
check = form.getPublicURLPrefix();
if (MiscUtil.isNotEmpty(check)) {
- if (!ValidationHelper.validateURL(check)) {
- log.info("Public URL Prefix is not valid");
- errors.add(LanguageHelper.getErrorString("validation.general.publicURLprefix.valid", request));
- }
+ String[] publicURLPreFix = check.split(",");
+ if (form.isVirtualPublicURLPrefixEnabled()) {
+ for (String el : publicURLPreFix) {
+ if (!ValidationHelper.validateURL(
+ StringUtils.chomp(el.trim()))) {
+ log.info("Public URL Prefix " + el + " is not valid");
+ errors.add(LanguageHelper.getErrorString("validation.general.publicURLprefix.valid", new Object[]{el}, request));
+ }
+ }
+
+ } else {
+ if (!ValidationHelper.validateURL(
+ StringUtils.chomp(publicURLPreFix[0].trim()))) {
+ log.info("Public URL Prefix " + publicURLPreFix[0] + " is not valid");
+ errors.add(LanguageHelper.getErrorString("validation.general.publicURLprefix.valid", new Object[]{publicURLPreFix[0]}, request));
+
+ }
+
+ }
} else {
log.info("PublicURL Prefix is empty.");
errors.add(LanguageHelper.getErrorString("validation.general.publicURLprefix.empty", request));
- }
+ }
check = form.getTimeoutAssertion();
if (MiscUtil.isNotEmpty(check)) {
@@ -401,7 +414,7 @@ public class MOAConfigValidator {
- if (form.getFileUploadFileName() != null) {
+ if (form.getFileUploadFileName() != null && !form.getFileUploadFileName().isEmpty()) {
HashMap<String, byte[]> map = new HashMap<String, byte[]>();
for (int i=0; i<form.getFileUploadFileName().size(); i++) {
String filename = form.getFileUploadFileName().get(i);
@@ -426,7 +439,15 @@ public class MOAConfigValidator {
}
}
}
+
form.setSecLayerTransformation(map);
+
+ } else {
+ if (form.getSecLayerTransformation() == null) {
+ log.info("AuthBlock Transformation file is empty");
+ errors.add(LanguageHelper.getErrorString("validation.general.slrequest.file.empty", request));
+
+ }
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAAuthenticationDataValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAAuthenticationDataValidation.java
index fd4226c5b..47c8f23b4 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAAuthenticationDataValidation.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAAuthenticationDataValidation.java
@@ -30,7 +30,7 @@ import javax.servlet.http.HttpServletRequest;
import org.apache.log4j.Logger;
-import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
+import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
import at.gv.egovernment.moa.id.configuration.data.oa.OAAuthenticationData;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java
index 35b69274f..6476ea1f1 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java
@@ -43,6 +43,7 @@ import org.opensaml.saml2.metadata.provider.MetadataProviderException;
import org.opensaml.xml.parse.BasicParserPool;
import org.opensaml.xml.security.x509.BasicX509Credential;
+import at.gv.egovernment.moa.id.commons.MOAIDConstants;
import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
import at.gv.egovernment.moa.id.commons.ex.MOAHttpProtocolSocketFactoryException;
import at.gv.egovernment.moa.id.commons.utils.MOAHttpProtocolSocketFactory;
@@ -76,9 +77,20 @@ public class OAPVP2ConfigValidation {
else {
try {
- //OracleDB does not allow the selection of a lob in SQL where expression
- String dbDriver = ConfigurationProvider.getInstance().getConfigurationProperties().getProperty("hibernate.connection.driver_class");
- boolean backupVersion = MiscUtil.isNotEmpty(dbDriver) && dbDriver.startsWith("oracle.jdbc.");
+ //Some databases does not allow the selection of a lob in SQL where expression
+ String dbDriver = ConfigurationProvider.getInstance().getConfigurationProperties().getProperty("hibernate.connection.driver_class");
+ boolean backupVersion = false;
+ if (MiscUtil.isNotEmpty(dbDriver)) {
+ for (String el:MOAIDConstants.JDBC_DRIVER_NEEDS_WORKAROUND) {
+ if (dbDriver.startsWith(el)) {
+ backupVersion = true;
+ log.debug("JDBC driver '" + dbDriver
+ + "' is blacklisted --> Switch to alternative DB access methode implementation.");
+
+ }
+
+ }
+ }
Map<String, String> oa = ConfigurationProvider.getInstance().getDbRead().getOnlineApplicationKeyValueWithId(oaID, backupVersion);
if (oa != null &&