aboutsummaryrefslogtreecommitdiff
path: root/id/ConfigWebTool/src
diff options
context:
space:
mode:
Diffstat (limited to 'id/ConfigWebTool/src')
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java56
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/AuthenticatedUser.java86
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/AttributeListBuilder.java72
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/Authenticate.java258
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/BuildMetadata.java328
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/MetaDataVerificationFilter.java82
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java406
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/FormularCustomization.java357
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java24
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java27
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/OAListElement.java22
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/StorkAttributes.java50
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/UserDatabaseFrom.java104
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java216
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAOAuth20Config.java109
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAPVP2Config.java24
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASAML1Config.java49
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASSOConfig.java22
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java22
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/pvp2/ContactForm.java22
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/exception/ConfigurationException.java26
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java39
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/AuthenticationHelper.java22
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/DateTimeHelper.java59
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/FormDataHelper.java75
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/LanguageHelper.java22
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/MailHelper.java275
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/StringHelper.java22
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java89
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java973
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java169
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java759
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java93
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/MainAction.java46
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/OpenAdminRequestsAction.java128
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java404
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/SAML2Utils.java99
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/UserRequestCleaner.java93
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/CompanyNumberValidator.java32
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/FormularCustomizationValitator.java154
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/IdentificationNumberValidator.java22
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/TargetValidator.java104
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/UserDatabaseFormValidator.java188
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/ValidationHelper.java167
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java24
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/PVP2ContactValidator.java23
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAGeneralConfigValidation.java304
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAOAUTH20ConfigValidation.java55
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java76
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASAML1ConfigValidation.java22
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASSOConfigValidation.java22
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java22
-rw-r--r--id/ConfigWebTool/src/main/resources/applicationResources.properties97
-rw-r--r--id/ConfigWebTool/src/main/resources/struts.xml66
-rw-r--r--id/ConfigWebTool/src/main/resources/templates/pvp_postbinding_template.html51
-rw-r--r--id/ConfigWebTool/src/main/webapp/WEB-INF/log4j.properties22
-rw-r--r--id/ConfigWebTool/src/main/webapp/WEB-INF/web.xml24
-rw-r--r--id/ConfigWebTool/src/main/webapp/css/colorpicker.css161
-rw-r--r--id/ConfigWebTool/src/main/webapp/css/index.css89
-rw-r--r--id/ConfigWebTool/src/main/webapp/error.jsp6
-rw-r--r--id/ConfigWebTool/src/main/webapp/images/blank.gifbin0 -> 49 bytes
-rw-r--r--id/ConfigWebTool/src/main/webapp/images/colorpicker_background.pngbin0 -> 1897 bytes
-rw-r--r--id/ConfigWebTool/src/main/webapp/images/colorpicker_hex.pngbin0 -> 532 bytes
-rw-r--r--id/ConfigWebTool/src/main/webapp/images/colorpicker_hsb_b.pngbin0 -> 970 bytes
-rw-r--r--id/ConfigWebTool/src/main/webapp/images/colorpicker_hsb_h.pngbin0 -> 1012 bytes
-rw-r--r--id/ConfigWebTool/src/main/webapp/images/colorpicker_hsb_s.pngbin0 -> 1171 bytes
-rw-r--r--id/ConfigWebTool/src/main/webapp/images/colorpicker_indic.gifbin0 -> 86 bytes
-rw-r--r--id/ConfigWebTool/src/main/webapp/images/colorpicker_overlay.pngbin0 -> 10355 bytes
-rw-r--r--id/ConfigWebTool/src/main/webapp/images/colorpicker_rgb_b.pngbin0 -> 970 bytes
-rw-r--r--id/ConfigWebTool/src/main/webapp/images/colorpicker_rgb_g.pngbin0 -> 1069 bytes
-rw-r--r--id/ConfigWebTool/src/main/webapp/images/colorpicker_rgb_r.pngbin0 -> 1066 bytes
-rw-r--r--id/ConfigWebTool/src/main/webapp/images/colorpicker_select.gifbin0 -> 78 bytes
-rw-r--r--id/ConfigWebTool/src/main/webapp/images/colorpicker_submit.pngbin0 -> 984 bytes
-rw-r--r--id/ConfigWebTool/src/main/webapp/images/custom_background.pngbin0 -> 1916 bytes
-rw-r--r--id/ConfigWebTool/src/main/webapp/images/custom_hex.pngbin0 -> 562 bytes
-rw-r--r--id/ConfigWebTool/src/main/webapp/images/custom_hsb_b.pngbin0 -> 1097 bytes
-rw-r--r--id/ConfigWebTool/src/main/webapp/images/custom_hsb_h.pngbin0 -> 970 bytes
-rw-r--r--id/ConfigWebTool/src/main/webapp/images/custom_hsb_s.pngbin0 -> 1168 bytes
-rw-r--r--id/ConfigWebTool/src/main/webapp/images/custom_indic.gifbin0 -> 86 bytes
-rw-r--r--id/ConfigWebTool/src/main/webapp/images/custom_rgb_b.pngbin0 -> 1008 bytes
-rw-r--r--id/ConfigWebTool/src/main/webapp/images/custom_rgb_g.pngbin0 -> 1069 bytes
-rw-r--r--id/ConfigWebTool/src/main/webapp/images/custom_rgb_r.pngbin0 -> 1018 bytes
-rw-r--r--id/ConfigWebTool/src/main/webapp/images/custom_submit.pngbin0 -> 997 bytes
-rw-r--r--id/ConfigWebTool/src/main/webapp/images/select.pngbin0 -> 506 bytes
-rw-r--r--id/ConfigWebTool/src/main/webapp/images/select2.pngbin0 -> 518 bytes
-rw-r--r--id/ConfigWebTool/src/main/webapp/images/slider.pngbin0 -> 315 bytes
-rw-r--r--id/ConfigWebTool/src/main/webapp/index.jsp32
-rw-r--r--id/ConfigWebTool/src/main/webapp/js/colorpicker.js506
-rw-r--r--id/ConfigWebTool/src/main/webapp/js/common.js131
-rw-r--r--id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp3
-rw-r--r--id/ConfigWebTool/src/main/webapp/jsp/editOAGeneral.jsp463
-rw-r--r--id/ConfigWebTool/src/main/webapp/jsp/edituser.jsp129
-rw-r--r--id/ConfigWebTool/src/main/webapp/jsp/importexport.jsp4
-rw-r--r--id/ConfigWebTool/src/main/webapp/jsp/mainpage.jsp8
-rw-r--r--id/ConfigWebTool/src/main/webapp/jsp/newUserRequest.jsp57
-rw-r--r--id/ConfigWebTool/src/main/webapp/jsp/openadminrequests.jsp51
-rw-r--r--id/ConfigWebTool/src/main/webapp/jsp/snippets/header_userinfos.jsp11
-rw-r--r--id/ConfigWebTool/src/main/webapp/jsp/snippets/main_menu.jsp10
-rw-r--r--id/ConfigWebTool/src/main/webapp/jsp/snippets/user_list.jsp23
-rw-r--r--id/ConfigWebTool/src/main/webapp/jsp/snippets/userfields.jsp144
-rw-r--r--id/ConfigWebTool/src/main/webapp/jsp/usermanagement.jsp3
101 files changed, 8161 insertions, 874 deletions
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java
index d088edf34..e309eaadd 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java
@@ -1,29 +1,81 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration;
public class Constants {
+ public static final String FILEPREFIX = "file:";
+
+ public static final String SERVLET_PVP2ASSERTION = "pvp2login.action";
+ public static final String SERVLET_ACCOUNTVERIFICATION = "mailAddressVerification.action";
+
public static final String STRUTS_SUCCESS = "success";
public static final String STRUTS_ERROR = "error";
public static final String STRUTS_ERROR_VALIDATION = "error_validation";
public static final String STRUTS_OA_EDIT = "editOA";
public static final String STRUTS_REAUTHENTICATE = "reauthentication";
public static final String STRUTS_NOTALLOWED = "notallowed";
+ public static final String STRUTS_NEWUSER = "newuser";
+ public static final String STRUTS_SSOLOGOUT = "ssologout";
public static final String SESSION_AUTH = "authsession";
public static final String SESSION_AUTH_ERROR = "authsessionerror";
public static final String SESSION_OAID = "oadbidentifier";
+ public static final String SESSION_FORMID = "formId";
+ public static final String SESSION_FORM = "form";
+ public static final String SESSION_PVP2REQUESTID = "pvp2requestid";
+ public static final String SESSION_RETURNAREA = "returnarea";
+ public static final String SESSION_BKUFORMPREVIEW = "bkuformpreview";
+ public static final String SESSION_OAUTH20SECRET = "oauth20secret";
+
+
+ public static enum STRUTS_RETURNAREA_VALUES {adminRequestsInit, main, usermanagementInit};
public static final String REQUEST_OAID = "oaid";
+ public static final String REQUEST_USERREQUESTTOKKEN = "tokken";
+
+ public static final String REQUEST_FORMCUSTOM_MODULE = "module";
+ public static final String REQUEST_FORMCUSTOM_VALUE = "value";
public static final String BKU_ONLINE = "bkuonline";
public static final String BKU_LOCAL = "bkulocal";
public static final String BKU_HANDY = "bkuhandy";
-
public static final String MOA_CONFIG_BUSINESSSERVICE = "businessService";
-
public static final String MOA_CONFIG_PROTOCOL_SAML1 = "id_saml1";
public static final String MOA_CONFIG_PROTOCOL_PVP2 = "id_pvp2x";
public static final String DEFAULT_LOCALBKU_URL = "https://127.0.0.1:3496/https-security-layer-request";
public static final String DEFAULT_HANDYBKU_URL = "https://www.handy-signatur.at/mobile/https-security-layer-request/default.aspx";
+
+ public static final String PUBLICSERVICE_URL_POSTFIX = ".gv.at";
+
+ public static final String IDENIFICATIONTYPE_FN = "FN";
+ public static final String IDENIFICATIONTYPE_ERSB = "ERSB";
+ public static final String IDENIFICATIONTYPE_ZVR = "ZVR";
+ public static final String IDENIFICATIONTYPE_BASEID = "urn:publicid:gv.at:baseid+";
+
+ public static final String IDENIFICATIONTYPE_BASEID_FN = IDENIFICATIONTYPE_BASEID + "X" + IDENIFICATIONTYPE_FN;
+ public static final String IDENIFICATIONTYPE_BASEID_ZVR = IDENIFICATIONTYPE_BASEID + "X" + IDENIFICATIONTYPE_ZVR;
+
+ public static final String PREFIX_WPBK = "urn:publicid:gv.at:wbpk+";
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/AuthenticatedUser.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/AuthenticatedUser.java
index 8f75a357c..b7da86db7 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/AuthenticatedUser.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/AuthenticatedUser.java
@@ -1,15 +1,42 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.auth;
import java.util.Date;
+import at.gv.egovernment.moa.id.configuration.helper.DateTimeHelper;
+
public class AuthenticatedUser {
private boolean isAuthenticated = false;
private boolean isAdmin = false;
+ private boolean isPVP2Login = false;
+ private boolean isMandateUser = false;
private long userID;
private String givenName;
private String familyName;
+ private String institute;
private String userName;
private Date lastLogin;
@@ -17,18 +44,26 @@ public class AuthenticatedUser {
}
- public AuthenticatedUser(long userID, String givenName, String familyName, String userName,
- boolean isAuthenticated, boolean isAdmin) {
+ public AuthenticatedUser(long userID, String givenName, String familyName, String institute,
+ String userName, boolean isAuthenticated, boolean isAdmin, boolean isMandateUser,
+ boolean isPVP2Login) {
this.familyName = familyName;
this.givenName = givenName;
this.userName = userName;
this.userID = userID;
+ this.institute = institute;
this.isAdmin = isAdmin;
this.isAuthenticated = isAuthenticated;
+ this.isMandateUser = isMandateUser;
+ this.isPVP2Login = isPVP2Login;
this.lastLogin = new Date();
}
+ public String getFormatedLastLogin() {
+ return DateTimeHelper.getDateTime(lastLogin);
+ }
+
/**
* @return the isAuthenticated
*/
@@ -105,7 +140,7 @@ public class AuthenticatedUser {
public Date getLastLogin() {
return lastLogin;
}
-
+
/**
* @param lastLogin the lastLogin to set
*/
@@ -126,8 +161,49 @@ public class AuthenticatedUser {
public void setUserName(String userName) {
this.userName = userName;
}
+
+ /**
+ * @return the institute
+ */
+ public String getInstitute() {
+ return institute;
+ }
+
+ /**
+ * @param institute the institute to set
+ */
+ public void setInstitute(String institute) {
+ this.institute = institute;
+ }
+
+ /**
+ * @return the isPVP2Login
+ */
+ public boolean isPVP2Login() {
+ return isPVP2Login;
+ }
+
+ /**
+ * @param isPVP2Login the isPVP2Login to set
+ */
+ public void setPVP2Login(boolean isPVP2Login) {
+ this.isPVP2Login = isPVP2Login;
+ }
+
+ /**
+ * @return the isMandateUser
+ */
+ public boolean isMandateUser() {
+ return isMandateUser;
+ }
+
+ /**
+ * @param isMandateUser the isMandateUser to set
+ */
+ public void setMandateUser(boolean isMandateUser) {
+ this.isMandateUser = isMandateUser;
+ }
-
-
+
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/AttributeListBuilder.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/AttributeListBuilder.java
new file mode 100644
index 000000000..f17ec82cb
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/AttributeListBuilder.java
@@ -0,0 +1,72 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
+package at.gv.egovernment.moa.id.configuration.auth.pvp2;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import org.opensaml.saml2.core.Attribute;
+import org.opensaml.saml2.metadata.RequestedAttribute;
+
+import at.gv.egovernment.moa.id.configuration.utils.SAML2Utils;
+import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
+
+public class AttributeListBuilder implements PVPConstants{
+
+ protected static RequestedAttribute buildReqAttribute(String name, String friendlyName, boolean required) {
+ RequestedAttribute attribute = SAML2Utils.createSAMLObject(RequestedAttribute.class);
+ attribute.setIsRequired(required);
+ attribute.setName(name);
+ attribute.setFriendlyName(friendlyName);
+ attribute.setNameFormat(Attribute.URI_REFERENCE);
+ return attribute;
+ }
+
+ public static List<RequestedAttribute> getRequestedAttributes() {
+ List<RequestedAttribute> requestedAttributes = new ArrayList<RequestedAttribute>();
+
+ requestedAttributes.add(buildReqAttribute(PVP_VERSION_NAME, PVP_VERSION_FRIENDLY_NAME, true));
+ requestedAttributes.add(buildReqAttribute(PRINCIPAL_NAME_NAME, PRINCIPAL_NAME_FRIENDLY_NAME, true));
+ requestedAttributes.add(buildReqAttribute(GIVEN_NAME_NAME, GIVEN_NAME_FRIENDLY_NAME, true));
+ requestedAttributes.add(buildReqAttribute(BIRTHDATE_NAME, BIRTHDATE_FRIENDLY_NAME, false));
+ requestedAttributes.add(buildReqAttribute(BPK_NAME, BPK_FRIENDLY_NAME, true));
+ requestedAttributes.add(buildReqAttribute(EID_CITIZEN_QAA_LEVEL_NAME, EID_CITIZEN_QAA_LEVEL_FRIENDLY_NAME, true));
+ requestedAttributes.add(buildReqAttribute(EID_ISSUING_NATION_NAME, EID_ISSUING_NATION_FRIENDLY_NAME, true));
+ requestedAttributes.add(buildReqAttribute(EID_SECTOR_FOR_IDENTIFIER_NAME, EID_SECTOR_FOR_IDENTIFIER_FRIENDLY_NAME, true));
+
+ requestedAttributes.add(buildReqAttribute(MANDATE_TYPE_NAME, MANDATE_TYPE_FRIENDLY_NAME, false));
+ requestedAttributes.add(buildReqAttribute(MANDATE_LEG_PER_FULL_NAME_NAME, MANDATE_LEG_PER_FULL_NAME_FRIENDLY_NAME, false));
+ requestedAttributes.add(buildReqAttribute(MANDATE_LEG_PER_SOURCE_PIN_NAME, MANDATE_LEG_PER_SOURCE_PIN_FRIENDLY_NAME, false));
+ requestedAttributes.add(buildReqAttribute(MANDATE_LEG_PER_SOURCE_PIN_TYPE_NAME, MANDATE_LEG_PER_SOURCE_PIN_TYPE_FRIENDLY_NAME, false));
+
+ requestedAttributes.add(buildReqAttribute(MANDATE_NAT_PER_BIRTHDATE_NAME, MANDATE_NAT_PER_BIRTHDATE_FRIENDLY_NAME, false));
+ requestedAttributes.add(buildReqAttribute(MANDATE_NAT_PER_BPK_NAME, MANDATE_NAT_PER_BPK_FRIENDLY_NAME, false));
+ requestedAttributes.add(buildReqAttribute(MANDATE_NAT_PER_FAMILY_NAME_NAME, MANDATE_NAT_PER_FAMILY_NAME_FRIENDLY_NAME, false));
+ requestedAttributes.add(buildReqAttribute(MANDATE_NAT_PER_GIVEN_NAME_NAME, MANDATE_NAT_PER_GIVEN_NAME_FRIENDLY_NAME, false));
+
+ requestedAttributes.add(buildReqAttribute(MANDATE_REFERENCE_VALUE_NAME, MANDATE_REFERENCE_VALUE_FRIENDLY_NAME, false));
+ requestedAttributes.add(buildReqAttribute(MANDATE_PROF_REP_OID_NAME, MANDATE_PROF_REP_OID_FRIENDLY_NAME, false));
+ requestedAttributes.add(buildReqAttribute(MANDATE_PROF_REP_DESC_NAME, MANDATE_PROF_REP_DESC_FRIENDLY_NAME, false));
+ return requestedAttributes;
+ }
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/Authenticate.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/Authenticate.java
new file mode 100644
index 000000000..5fa6f3531
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/Authenticate.java
@@ -0,0 +1,258 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
+package at.gv.egovernment.moa.id.configuration.auth.pvp2;
+
+import java.io.IOException;
+import java.security.KeyStore;
+import java.util.Map;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+import javax.xml.parsers.DocumentBuilder;
+import javax.xml.parsers.DocumentBuilderFactory;
+import javax.xml.parsers.ParserConfigurationException;
+import javax.xml.transform.TransformerException;
+
+import org.apache.velocity.app.VelocityEngine;
+import org.apache.velocity.runtime.RuntimeConstants;
+import org.joda.time.DateTime;
+import org.opensaml.Configuration;
+import org.opensaml.common.SAMLObject;
+import org.opensaml.common.binding.BasicSAMLMessageContext;
+import org.opensaml.common.impl.SecureRandomIdentifierGenerator;
+import org.opensaml.common.xml.SAMLConstants;
+import org.opensaml.saml2.binding.encoding.HTTPPostEncoder;
+import org.opensaml.saml2.core.AuthnContextClassRef;
+import org.opensaml.saml2.core.AuthnContextComparisonTypeEnumeration;
+import org.opensaml.saml2.core.AuthnRequest;
+import org.opensaml.saml2.core.Issuer;
+import org.opensaml.saml2.core.NameID;
+import org.opensaml.saml2.core.NameIDPolicy;
+import org.opensaml.saml2.core.NameIDType;
+import org.opensaml.saml2.core.RequestedAuthnContext;
+import org.opensaml.saml2.core.Subject;
+import org.opensaml.saml2.metadata.EntityDescriptor;
+import org.opensaml.saml2.metadata.SingleSignOnService;
+import org.opensaml.saml2.metadata.impl.SingleSignOnServiceBuilder;
+import org.opensaml.saml2.metadata.provider.HTTPMetadataProvider;
+import org.opensaml.ws.transport.http.HttpServletResponseAdapter;
+import org.opensaml.xml.XMLObject;
+import org.opensaml.xml.io.Marshaller;
+import org.opensaml.xml.io.MarshallingException;
+import org.opensaml.xml.security.x509.KeyStoreX509CredentialAdapter;
+import org.opensaml.xml.security.x509.X509Credential;
+import org.opensaml.xml.signature.Signature;
+import org.opensaml.xml.signature.SignatureConstants;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.w3c.dom.Document;
+
+import at.gv.egovernment.moa.id.configuration.Constants;
+import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider;
+import at.gv.egovernment.moa.id.configuration.exception.ConfigurationException;
+import at.gv.egovernment.moa.id.configuration.utils.SAML2Utils;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+
+/**
+ * Servlet implementation class Authenticate
+ */
+public class Authenticate extends HttpServlet {
+ private static final long serialVersionUID = 1L;
+
+ private static final Logger log = LoggerFactory
+ .getLogger(Authenticate.class);
+ /**
+ * @see HttpServlet#HttpServlet()
+ */
+ public Authenticate() {
+ super();
+ DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
+ factory.setNamespaceAware(true);
+ try {
+ builder = factory.newDocumentBuilder();
+ } catch (ParserConfigurationException e) {
+ log.warn("PVP2 AuthenticationServlet can not be initialized.", e);
+
+ }
+ }
+
+ DocumentBuilder builder;
+
+ public Document asDOMDocument(XMLObject object) throws IOException,
+ MarshallingException, TransformerException {
+ Document document = builder.newDocument();
+ Marshaller out = Configuration.getMarshallerFactory().getMarshaller(
+ object);
+ out.marshall(object, document);
+ return document;
+ }
+
+ protected void process(HttpServletRequest request,
+ HttpServletResponse response, Map<String,String> legacyParameter) throws ServletException, IOException {
+ try {
+
+ ConfigurationProvider config = ConfigurationProvider.getInstance();
+ config.initializePVP2Login();
+
+ AuthnRequest authReq = SAML2Utils
+ .createSAMLObject(AuthnRequest.class);
+ SecureRandomIdentifierGenerator gen = new SecureRandomIdentifierGenerator();
+ authReq.setID(gen.generateIdentifier());
+
+ HttpSession session = request.getSession();
+ if (session != null) {
+ session.setAttribute(Constants.SESSION_PVP2REQUESTID, authReq.getID());
+ }
+
+ authReq.setAssertionConsumerServiceIndex(0);
+ authReq.setAttributeConsumingServiceIndex(0);
+ authReq.setIssueInstant(new DateTime());
+ Subject subject = SAML2Utils.createSAMLObject(Subject.class);
+ NameID name = SAML2Utils.createSAMLObject(NameID.class);
+ Issuer issuer = SAML2Utils.createSAMLObject(Issuer.class);
+
+ String serviceURL = config.getPublicUrlPreFix(request);
+ if (!serviceURL.endsWith("/"))
+ serviceURL = serviceURL + "/";
+ name.setValue(serviceURL);
+ issuer.setValue(serviceURL);
+
+ subject.setNameID(name);
+ authReq.setSubject(subject);
+ issuer.setFormat(NameIDType.ENTITY);
+ authReq.setIssuer(issuer);
+ NameIDPolicy policy = SAML2Utils
+ .createSAMLObject(NameIDPolicy.class);
+ policy.setAllowCreate(true);
+ policy.setFormat(NameID.PERSISTENT);
+ authReq.setNameIDPolicy(policy);
+
+ String entityname = config.getPVP2IDPMetadataEntityName();
+ if (MiscUtil.isEmpty(entityname)) {
+ log.info("No IDP EntityName configurated");
+ throw new ConfigurationException("No IDP EntityName configurated");
+ }
+
+ HTTPMetadataProvider idpmetadata = config.getMetaDataProvier();
+ EntityDescriptor idpEntity = idpmetadata.getEntityDescriptor(entityname);
+ if (idpEntity == null) {
+ log.info("IDP EntityName is not found in IDP Metadata");
+ throw new ConfigurationException("IDP EntityName is not found in IDP Metadata");
+ }
+
+ SingleSignOnService redirectEndpoint = null;
+ for (SingleSignOnService sss :
+ idpEntity.getIDPSSODescriptor(SAMLConstants.SAML20P_NS).getSingleSignOnServices()) {
+
+ //Get the service address for the binding you wish to use
+ if (sss.getBinding().equals(SAMLConstants.SAML2_POST_BINDING_URI)) {
+ redirectEndpoint = sss;
+ }
+ }
+
+ authReq.setDestination(redirectEndpoint.getLocation());
+
+ RequestedAuthnContext reqAuthContext =
+ SAML2Utils.createSAMLObject(RequestedAuthnContext.class);
+
+ AuthnContextClassRef authnClassRef =
+ SAML2Utils.createSAMLObject(AuthnContextClassRef.class);
+
+ authnClassRef.setAuthnContextClassRef("http://www.stork.gov.eu/1.0/citizenQAALevel/4");
+
+ reqAuthContext.setComparison(AuthnContextComparisonTypeEnumeration.MINIMUM);
+
+ reqAuthContext.getAuthnContextClassRefs().add(authnClassRef);
+
+ authReq.setRequestedAuthnContext(reqAuthContext);
+
+ KeyStore keyStore = config.getPVP2KeyStore();
+
+ X509Credential authcredential = new KeyStoreX509CredentialAdapter(
+ keyStore,
+ config.getPVP2KeystoreAuthRequestKeyAlias(),
+ config.getPVP2KeystoreAuthRequestKeyPassword().toCharArray());
+
+ Signature signer = SAML2Utils.createSAMLObject(Signature.class);
+ signer.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA1);
+ signer.setCanonicalizationAlgorithm(SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
+ signer.setSigningCredential(authcredential);
+
+ authReq.setSignature(signer);
+
+ VelocityEngine engine = new VelocityEngine();
+ engine.setProperty(RuntimeConstants.ENCODING_DEFAULT, "UTF-8");
+ engine.setProperty(RuntimeConstants.OUTPUT_ENCODING, "UTF-8");
+ engine.setProperty(RuntimeConstants.ENCODING_DEFAULT, "UTF-8");
+ engine.setProperty(RuntimeConstants.RESOURCE_LOADER, "classpath");
+ engine.setProperty("classpath.resource.loader.class",
+ "org.apache.velocity.runtime.resource.loader.ClasspathResourceLoader");
+ engine.init();
+
+ HTTPPostEncoder encoder = new HTTPPostEncoder(engine,
+ "templates/pvp_postbinding_template.html");
+ HttpServletResponseAdapter responseAdapter = new HttpServletResponseAdapter(
+ response, true);
+ BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject> context = new BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject>();
+ SingleSignOnService service = new SingleSignOnServiceBuilder()
+ .buildObject();
+ service.setBinding("urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST");
+ service.setLocation(redirectEndpoint.getLocation());;
+
+ context.setOutboundSAMLMessageSigningCredential(authcredential);
+ context.setPeerEntityEndpoint(service);
+ context.setOutboundSAMLMessage(authReq);
+ context.setOutboundMessageTransport(responseAdapter);
+
+ encoder.encode(context);
+
+ } catch (Exception e) {
+ log.warn("Authentication Request can not be generated", e);
+ throw new ServletException("Authentication Request can not be generated.", e);
+ }
+ }
+
+ /**
+ * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse
+ * response)
+ */
+ protected void doGet(HttpServletRequest request,
+ HttpServletResponse response) throws ServletException, IOException {
+
+ process(request, response, null);
+ }
+
+ /**
+ * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse
+ * response)
+ */
+ protected void doPost(HttpServletRequest request,
+ HttpServletResponse response) throws ServletException, IOException {
+ process(request, response, null);
+ }
+
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/BuildMetadata.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/BuildMetadata.java
new file mode 100644
index 000000000..56f593ce7
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/BuildMetadata.java
@@ -0,0 +1,328 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
+package at.gv.egovernment.moa.id.configuration.auth.pvp2;
+
+import java.io.IOException;
+import java.io.StringWriter;
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.security.cert.CertificateException;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.xml.parsers.DocumentBuilder;
+import javax.xml.parsers.DocumentBuilderFactory;
+import javax.xml.parsers.ParserConfigurationException;
+import javax.xml.transform.Transformer;
+import javax.xml.transform.TransformerConfigurationException;
+import javax.xml.transform.TransformerException;
+import javax.xml.transform.TransformerFactory;
+import javax.xml.transform.TransformerFactoryConfigurationError;
+import javax.xml.transform.dom.DOMSource;
+import javax.xml.transform.stream.StreamResult;
+
+import org.apache.log4j.Logger;
+import org.opensaml.Configuration;
+import org.opensaml.common.impl.SecureRandomIdentifierGenerator;
+import org.opensaml.common.xml.SAMLConstants;
+import org.opensaml.saml2.core.NameIDType;
+import org.opensaml.saml2.metadata.AssertionConsumerService;
+import org.opensaml.saml2.metadata.AttributeConsumingService;
+import org.opensaml.saml2.metadata.EntitiesDescriptor;
+import org.opensaml.saml2.metadata.EntityDescriptor;
+import org.opensaml.saml2.metadata.KeyDescriptor;
+import org.opensaml.saml2.metadata.LocalizedString;
+import org.opensaml.saml2.metadata.NameIDFormat;
+import org.opensaml.saml2.metadata.SPSSODescriptor;
+import org.opensaml.saml2.metadata.ServiceName;
+import org.opensaml.xml.io.Marshaller;
+import org.opensaml.xml.io.MarshallingException;
+import org.opensaml.xml.security.SecurityException;
+import org.opensaml.xml.security.credential.Credential;
+import org.opensaml.xml.security.credential.UsageType;
+import org.opensaml.xml.security.keyinfo.KeyInfoGenerator;
+import org.opensaml.xml.security.x509.KeyStoreX509CredentialAdapter;
+import org.opensaml.xml.security.x509.X509Credential;
+import org.opensaml.xml.security.x509.X509KeyInfoGeneratorFactory;
+import org.opensaml.xml.signature.Signature;
+import org.opensaml.xml.signature.SignatureConstants;
+import org.opensaml.xml.signature.SignatureException;
+import org.opensaml.xml.signature.Signer;
+import org.w3c.dom.Document;
+
+import at.gv.egovernment.moa.id.configuration.Constants;
+import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider;
+import at.gv.egovernment.moa.id.configuration.exception.ConfigurationException;
+import at.gv.egovernment.moa.id.configuration.utils.SAML2Utils;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+/**
+ * Servlet implementation class BuildMetadata
+ */
+public class BuildMetadata extends HttpServlet {
+ private static final long serialVersionUID = 1L;
+
+ private static final Logger log = Logger.getLogger(BuildMetadata.class);
+
+ /**
+ * @see HttpServlet#HttpServlet()
+ */
+ public BuildMetadata() {
+ super();
+ }
+
+ protected static Signature getSignature(Credential credentials) {
+ Signature signer = SAML2Utils.createSAMLObject(Signature.class);
+ signer.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256);
+ signer.setCanonicalizationAlgorithm(SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
+ signer.setSigningCredential(credentials);
+ return signer;
+ }
+
+ /**
+ * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse
+ * response)
+ */
+ protected void doGet(HttpServletRequest request,
+ HttpServletResponse response) throws ServletException, IOException {
+ try {
+ ConfigurationProvider config = ConfigurationProvider.getInstance();
+
+ //config.initializePVP2Login();
+
+ SecureRandomIdentifierGenerator idGen = new SecureRandomIdentifierGenerator();
+
+ EntitiesDescriptor spEntitiesDescriptor = SAML2Utils.
+ createSAMLObject(EntitiesDescriptor.class);
+
+ String name = config.getPVP2MetadataEntitiesName();
+ if (MiscUtil.isEmpty(name)) {
+ log.info("NO Metadata EntitiesName configurated");
+ throw new ConfigurationException("NO Metadata EntitiesName configurated");
+ }
+
+ spEntitiesDescriptor.setName(name);
+ spEntitiesDescriptor.setID(idGen.generateIdentifier());
+
+ EntityDescriptor spEntityDescriptor = SAML2Utils
+ .createSAMLObject(EntityDescriptor.class);
+
+ spEntitiesDescriptor.getEntityDescriptors().add(spEntityDescriptor);
+
+ String serviceURL = config.getPublicUrlPreFix(request);
+ if (!serviceURL.endsWith("/"))
+ serviceURL = serviceURL + "/";
+
+ log.debug("Set OnlineApplicationURL to " + serviceURL);
+ spEntityDescriptor.setEntityID(serviceURL);
+
+ SPSSODescriptor spSSODescriptor = SAML2Utils
+ .createSAMLObject(SPSSODescriptor.class);
+
+ spSSODescriptor.setAuthnRequestsSigned(true);
+ spSSODescriptor.setWantAssertionsSigned(true);
+
+ X509KeyInfoGeneratorFactory keyInfoFactory = new X509KeyInfoGeneratorFactory();
+ keyInfoFactory.setEmitEntityCertificate(true);
+ KeyInfoGenerator keyInfoGenerator = keyInfoFactory.newInstance();
+
+ KeyStore keyStore = config.getPVP2KeyStore();
+
+ X509Credential signingcredential = new KeyStoreX509CredentialAdapter(
+ keyStore,
+ config.getPVP2KeystoreMetadataKeyAlias(),
+ config.getPVP2KeystoreMetadataKeyPassword().toCharArray());
+
+
+ log.debug("Set Metadata key information");
+ //Set MetaData Signing key
+ KeyDescriptor entitiesSignKeyDescriptor = SAML2Utils
+ .createSAMLObject(KeyDescriptor.class);
+ entitiesSignKeyDescriptor.setUse(UsageType.SIGNING);
+ entitiesSignKeyDescriptor.setKeyInfo(keyInfoGenerator.generate(signingcredential));
+ Signature entitiesSignature = getSignature(signingcredential);
+ spEntitiesDescriptor.setSignature(entitiesSignature);
+
+ //Set AuthRequest Signing certificate
+ X509Credential authcredential = new KeyStoreX509CredentialAdapter(
+ keyStore,
+ config.getPVP2KeystoreAuthRequestKeyAlias(),
+ config.getPVP2KeystoreAuthRequestKeyPassword().toCharArray());
+ KeyDescriptor signKeyDescriptor = SAML2Utils
+ .createSAMLObject(KeyDescriptor.class);
+ signKeyDescriptor.setUse(UsageType.SIGNING);
+ signKeyDescriptor.setKeyInfo(keyInfoGenerator.generate(authcredential));
+ spSSODescriptor.getKeyDescriptors().add(signKeyDescriptor);
+
+
+ //set AuthRequest encryption certificate
+ if (MiscUtil.isNotEmpty(config.getPVP2KeystoreAuthRequestEncryptionKeyAlias())) {
+ X509Credential authEncCredential = new KeyStoreX509CredentialAdapter(
+ keyStore,
+ config.getPVP2KeystoreAuthRequestEncryptionKeyAlias(),
+ config.getPVP2KeystoreAuthRequestEncryptionKeyPassword().toCharArray());
+ KeyDescriptor encryKeyDescriptor = SAML2Utils
+ .createSAMLObject(KeyDescriptor.class);
+ encryKeyDescriptor.setUse(UsageType.ENCRYPTION);
+ encryKeyDescriptor.setKeyInfo(keyInfoGenerator.generate(authEncCredential));
+ spSSODescriptor.getKeyDescriptors().add(encryKeyDescriptor);
+
+ } else {
+ log.warn("No Assertion Encryption-Key defined. This setting is not recommended!");
+
+ }
+
+
+ NameIDFormat persistentnameIDFormat = SAML2Utils.createSAMLObject(NameIDFormat.class);
+ persistentnameIDFormat.setFormat(NameIDType.PERSISTENT);
+
+ spSSODescriptor.getNameIDFormats().add(persistentnameIDFormat);
+
+ NameIDFormat transientnameIDFormat = SAML2Utils.createSAMLObject(NameIDFormat.class);
+ transientnameIDFormat.setFormat(NameIDType.TRANSIENT);
+
+ spSSODescriptor.getNameIDFormats().add(transientnameIDFormat);
+
+ NameIDFormat unspecifiednameIDFormat = SAML2Utils.createSAMLObject(NameIDFormat.class);
+ unspecifiednameIDFormat.setFormat(NameIDType.UNSPECIFIED);
+
+ spSSODescriptor.getNameIDFormats().add(unspecifiednameIDFormat);
+
+ AssertionConsumerService postassertionConsumerService =
+ SAML2Utils.createSAMLObject(AssertionConsumerService.class);
+
+ postassertionConsumerService.setIndex(0);
+ postassertionConsumerService.setBinding(SAMLConstants.SAML2_POST_BINDING_URI);
+ postassertionConsumerService.setLocation(serviceURL + Constants.SERVLET_PVP2ASSERTION);
+
+ spSSODescriptor.getAssertionConsumerServices().add(postassertionConsumerService);
+
+ spSSODescriptor.addSupportedProtocol(SAMLConstants.SAML20P_NS);
+
+ spEntityDescriptor.getRoleDescriptors().add(spSSODescriptor);
+
+ spSSODescriptor.setWantAssertionsSigned(true);
+ spSSODescriptor.setAuthnRequestsSigned(true);
+
+ AttributeConsumingService attributeService =
+ SAML2Utils.createSAMLObject(AttributeConsumingService.class);
+
+ attributeService.setIndex(0);
+ attributeService.setIsDefault(true);
+ ServiceName serviceName = SAML2Utils.createSAMLObject(ServiceName.class);
+ serviceName.setName(new LocalizedString("Default Service", "de"));
+ attributeService.getNames().add(serviceName);
+
+ attributeService.getRequestAttributes().addAll(AttributeListBuilder.getRequestedAttributes());
+
+ spSSODescriptor.getAttributeConsumingServices().add(attributeService);
+
+ DocumentBuilder builder;
+ DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
+
+ builder = factory.newDocumentBuilder();
+ Document document = builder.newDocument();
+ Marshaller out = Configuration.getMarshallerFactory().getMarshaller(spEntitiesDescriptor);
+ out.marshall(spEntitiesDescriptor, document);
+
+ Signer.signObject(entitiesSignature);
+
+ Transformer transformer = TransformerFactory.newInstance().newTransformer();
+
+ StringWriter sw = new StringWriter();
+ StreamResult sr = new StreamResult(sw);
+ DOMSource source = new DOMSource(document);
+ transformer.transform(source, sr);
+ sw.close();
+
+ String metadataXML = sw.toString();
+
+ response.setContentType("text/xml");
+ response.getOutputStream().write(metadataXML.getBytes());
+
+ response.getOutputStream().close();
+
+ } catch (ConfigurationException e) {
+ log.warn("Configuration can not be loaded.", e);
+ throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
+
+ } catch (NoSuchAlgorithmException e) {
+ log.warn("Requested Algorithm could not found.", e);
+ throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
+
+ } catch (KeyStoreException e) {
+ log.warn("Requested KeyStoreType is not implemented.", e);
+ throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
+
+ } catch (CertificateException e) {
+ log.warn("KeyStore can not be opend or userd.", e);
+ throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
+
+ } catch (SecurityException e) {
+ log.warn("KeyStore can not be opend or used", e);
+ throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
+
+ } catch (ParserConfigurationException e) {
+ log.warn("PVP2 Metadata createn error", e);
+ throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
+
+ } catch (MarshallingException e) {
+ log.warn("PVP2 Metadata createn error", e);
+ throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
+
+ } catch (SignatureException e) {
+ log.warn("PVP2 Metadata can not be signed", e);
+ throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
+
+ } catch (TransformerConfigurationException e) {
+ log.warn("PVP2 Metadata createn error", e);
+ throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
+
+ } catch (TransformerFactoryConfigurationError e) {
+ log.warn("PVP2 Metadata createn error", e);
+ throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
+
+ } catch (TransformerException e) {
+ log.warn("PVP2 Metadata createn error", e);
+ throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
+ }
+
+ catch (Exception e) {
+ log.warn("Unspecific PVP2 Metadata createn error", e);
+ throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
+ }
+
+ }
+
+ /**
+ * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse
+ * response)
+ */
+ protected void doPost(HttpServletRequest request,
+ HttpServletResponse response) throws ServletException, IOException {
+ }
+
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/MetaDataVerificationFilter.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/MetaDataVerificationFilter.java
new file mode 100644
index 000000000..3429f6c96
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/MetaDataVerificationFilter.java
@@ -0,0 +1,82 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
+package at.gv.egovernment.moa.id.configuration.auth.pvp2;
+
+import java.util.Iterator;
+
+import org.opensaml.saml2.metadata.EntitiesDescriptor;
+import org.opensaml.saml2.metadata.EntityDescriptor;
+import org.opensaml.saml2.metadata.provider.FilterException;
+import org.opensaml.saml2.metadata.provider.MetadataFilter;
+import org.opensaml.xml.XMLObject;
+import org.opensaml.xml.security.x509.BasicX509Credential;
+
+import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
+import at.gv.egovernment.moa.id.protocols.pvp2x.verification.EntityVerifier;
+
+public class MetaDataVerificationFilter implements MetadataFilter {
+
+ BasicX509Credential credential;
+
+ public MetaDataVerificationFilter(BasicX509Credential credential) {
+ this.credential = credential;
+ }
+
+
+ public void doFilter(XMLObject metadata) throws FilterException {
+ if (metadata instanceof EntitiesDescriptor) {
+ EntitiesDescriptor entitiesDescriptor = (EntitiesDescriptor) metadata;
+
+ if(entitiesDescriptor.getSignature() == null) {
+ throw new FilterException("Root element of metadata file has to be signed", null);
+ }
+ try {
+ processEntitiesDescriptor(entitiesDescriptor);
+
+ } catch (MOAIDException e) {
+ throw new FilterException("Invalid Metadata file Root element is no EntitiesDescriptor", null);
+ }
+ }
+ }
+
+ private void processEntitiesDescriptor(EntitiesDescriptor desc) throws MOAIDException {
+ Iterator<EntitiesDescriptor> entID = desc.getEntitiesDescriptors().iterator();
+
+ if(desc.getSignature() != null) {
+ EntityVerifier.verify(desc, this.credential);
+ }
+
+ while(entID.hasNext()) {
+ processEntitiesDescriptor(entID.next());
+ }
+
+ Iterator<EntityDescriptor> entIT = desc.getEntityDescriptors().iterator();
+
+ while(entIT.hasNext()) {
+ EntityDescriptor entity = entIT.next();
+ if (entity.getSignature() != null)
+ EntityVerifier.verify(entity);
+ }
+ }
+
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java
index aeadbd0bb..692990fa9 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java
@@ -1,24 +1,79 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.config;
+import iaik.x509.X509Certificate;
+
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
+import java.io.InputStream;
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.security.cert.CertificateException;
import java.util.Properties;
+import java.util.Timer;
+
+import javax.servlet.http.HttpServletRequest;
+
+import org.apache.commons.httpclient.HttpClient;
+import org.apache.log4j.Logger;
+import org.opensaml.DefaultBootstrap;
+import org.opensaml.saml2.metadata.provider.HTTPMetadataProvider;
+import org.opensaml.xml.parse.BasicParserPool;
+import org.opensaml.xml.security.x509.BasicX509Credential;
import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
+import at.gv.egovernment.moa.id.configuration.Constants;
+import at.gv.egovernment.moa.id.configuration.auth.pvp2.MetaDataVerificationFilter;
import at.gv.egovernment.moa.id.configuration.exception.ConfigurationException;
-import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.id.configuration.utils.UserRequestCleaner;
+import at.gv.egovernment.moa.util.MiscUtil;
public class ConfigurationProvider {
+ public static final String HTMLTEMPLATE_DIR = "/htmlTemplates";
+ public static final String HTMLTEMPLATE_FILE = "/loginFormFull.html";
+
+ private static final Logger log = Logger.getLogger(ConfigurationProvider.class);
+
private static final String SYSTEM_PROP_CONFIG = "moa.id.webconfig";
private static ConfigurationProvider instance;
private Properties props;
private String configFileName;
+ private String configRootDir;
+
+ private HTTPMetadataProvider idpMetadataProvider = null;
+ private KeyStore keyStore = null;
+
+ private String publicURLPreFix = null;
+
+ private boolean pvp2logininitialzied = false;
public static ConfigurationProvider getInstance() throws ConfigurationException {
if (instance == null) {
@@ -39,10 +94,14 @@ public class ConfigurationProvider {
if (configFileName == null) {
throw new ConfigurationException("config.01");
}
- Logger.info("Loading MOA-ID-AUTH configuration " + configFileName);
+
+ // determine the directory of the root config file
+ configRootDir = new File(configFileName).getParent();
+
+ log.info("Loading MOA-ID-AUTH configuration " + configFileName);
//Initial Hibernate Framework
- Logger.trace("Initializing Hibernate framework.");
+ log.trace("Initializing Hibernate framework.");
//Load MOAID-2.0 properties file
File propertiesFile = new File(configFileName);
@@ -54,32 +113,365 @@ public class ConfigurationProvider {
fis = new FileInputStream(propertiesFile);
props.load(fis);
+ fis.close();
+
// initialize hibernate
synchronized (ConfigurationProvider.class) {
//Initial config Database
ConfigurationDBUtils.initHibernate(props);
}
- Logger.trace("Hibernate initialization finished.");
+ log.trace("Hibernate initialization finished.");
+ DefaultBootstrap.bootstrap();
+ log.info("OPENSAML initialized");
+
+ UserRequestCleaner.start();
-
+
} catch (FileNotFoundException e) {
throw new ConfigurationException("config.01", e);
+
} catch (IOException e) {
throw new ConfigurationException("config.02", e);
+
} catch (MOADatabaseException e) {
throw new ConfigurationException("config.03", e);
+
+ } catch (org.opensaml.xml.ConfigurationException e) {
+ throw new ConfigurationException("config.04", e);
}
}
+ public String getPublicUrlPreFix(HttpServletRequest request) {
+ publicURLPreFix = props.getProperty("general.publicURLContext");
+
+ if (MiscUtil.isEmpty(publicURLPreFix) && request != null) {
+ String url = request.getRequestURL().toString();
+ String contextpath = request.getContextPath();
+ int index = url.indexOf(contextpath);
+ publicURLPreFix = url.substring(0, index + contextpath.length() + 1);
+ }
+
+ return publicURLPreFix;
+ }
+
+ public int getUserRequestCleanUpDelay() {
+ String delay = props.getProperty("general.userrequests.cleanup.delay");
+ return Integer.getInteger(delay, 12);
+ }
+
+// public String getContactMailAddress() {
+// return props.getProperty("general.contact.mail");
+// }
+
+ public String getSSOLogOutURL() {
+ return props.getProperty("general.login.pvp2.idp.sso.logout.url");
+ }
+
+ public KeyStore getPVP2KeyStore() throws ConfigurationException, IOException, NoSuchAlgorithmException, CertificateException, KeyStoreException {
+ if (keyStore == null) {
+ String keystoretype = getPVP2MetadataKeystoreType();
+ if (MiscUtil.isEmpty(keystoretype)) {
+ log.debug("No KeyStoreType defined. Using default KeyStoreType.");
+ keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
+
+ } else {
+ log.debug("Using " + keystoretype + " KeyStoreType.");
+ keyStore = KeyStore.getInstance(keystoretype);
+
+ }
+
+
+ String file = getPVP2MetadataKeystoreURL();
+ log.debug("Load KeyStore from URL " + file);
+ if (MiscUtil.isEmpty(file)) {
+ log.info("Metadata KeyStoreURL is empty");
+ throw new ConfigurationException("Metadata KeyStoreURL is empty");
+ }
+
+ FileInputStream inputStream = new FileInputStream(file);
+ keyStore.load(inputStream, getPVP2MetadataKeystorePassword().toCharArray());
+ inputStream.close();
+ }
+
+ return keyStore;
+
+ }
+
+ public String getConfigFile() {
+ return configFileName;
+ }
+
+ public String getConfigRootDir() {
+ return configRootDir;
+ }
+
+ public String getMOAIDInstanceURL() {
+ return props.getProperty("general.moaid.instance.url");
+ }
+
public boolean isLoginDeaktivated() {
String result = props.getProperty("general.login.deaktivate", "false");
return Boolean.parseBoolean(result);
}
- public String getConfigFile() {
- return configFileName;
+ public boolean isOATargetVerificationDeaktivated() {
+ String result = props.getProperty("general.OATargetVerification.deaktivate", "false");
+ return Boolean.parseBoolean(result);
+ }
+
+ //PVP2 Login configuration
+
+ public void initializePVP2Login() throws ConfigurationException {
+ if (!pvp2logininitialzied)
+ initalPVP2Login();
+ }
+
+ public boolean isPVP2LoginActive() {
+
+ return Boolean.parseBoolean(props.getProperty("general.login.pvp2.isactive", "false"));
+ }
+
+ public boolean isPVP2LoginBusinessService() {
+ String result = props.getProperty("general.login.pvp2.isbusinessservice", "false");
+ return Boolean.parseBoolean(result);
+ }
+
+ public String getPVP2LoginTarget() {
+ return props.getProperty("general.login.pvp2.target");
+ }
+
+ public String getPVP2LoginIdenificationValue() {
+ return props.getProperty("general.login.pvp2.identificationvalue");
+ }
+
+ public String getPVP2MetadataEntitiesName() {
+ return props.getProperty("general.login.pvp2.metadata.entities.name");
+ }
+
+ public String getPVP2MetadataKeystoreURL() {
+ return props.getProperty("general.login.pvp2.keystore.url");
+ }
+
+ public String getPVP2MetadataKeystorePassword() {
+ return props.getProperty("general.login.pvp2.keystore.password");
+ }
+
+ public String getPVP2MetadataKeystoreType() {
+ return props.getProperty("general.login.pvp2.keystore.type");
+ }
+
+ public String getPVP2KeystoreMetadataKeyAlias() {
+ return props.getProperty("general.login.pvp2.keystore.metadata.key.alias");
+ }
+
+ public String getPVP2KeystoreMetadataKeyPassword() {
+ return props.getProperty("general.login.pvp2.keystore.metadata.key.password");
+ }
+
+ public String getPVP2KeystoreAuthRequestKeyAlias() {
+ return props.getProperty("general.login.pvp2.keystore.authrequest.key.alias");
+ }
+
+ public String getPVP2KeystoreAuthRequestKeyPassword() {
+ return props.getProperty("general.login.pvp2.keystore.authrequest.key.password");
+ }
+
+ public String getPVP2KeystoreAuthRequestEncryptionKeyAlias() {
+ return props.getProperty("general.login.pvp2.keystore.authrequest.encryption.key.alias");
+ }
+
+ public String getPVP2KeystoreAuthRequestEncryptionKeyPassword() {
+ return props.getProperty("general.login.pvp2.keystore.authrequest.encryption.key.password");
+ }
+
+ public String getPVP2IDPMetadataURL() {
+ return props.getProperty("general.login.pvp2.idp.metadata.url");
+ }
+
+ public String getPVP2IDPMetadataCertificate() {
+ return props.getProperty("general.login.pvp2.idp.metadata.certificate");
+ }
+
+ public String getPVP2IDPMetadataEntityName() {
+ return props.getProperty("general.login.pvp2.idp.metadata.entityID");
+ }
+
+ public HTTPMetadataProvider getMetaDataProvier() {
+ return idpMetadataProvider;
+ }
+
+
+ //SMTP Server
+ public String getSMTPMailHost() {
+ return props.getProperty("general.mail.host");
+ }
+
+ public String getSMTPMailPort() {
+ return props.getProperty("general.mail.host.port");
+ }
+
+ public String getSMTPMailUsername() {
+ return props.getProperty("general.mail.host.username");
+ }
+
+ public String getSMTPMailPassword() {
+ return props.getProperty("general.mail.host.password");
+ }
+
+ //Mail Configuration
+ public String getMailFromName() {
+ return props.getProperty("general.mail.from.name");
+ }
+
+ public String getMailFromAddress() {
+ return props.getProperty("general.mail.from.address");
+ }
+
+ public String getMailUserAcountVerificationSubject() {
+ return props.getProperty("general.mail.useraccountrequest.verification.subject");
+ }
+
+ public String getMailUserAcountVerificationTemplate() throws ConfigurationException {
+ String url = props.getProperty("general.mail.useraccountrequest.verification.template");
+
+ if (MiscUtil.isNotEmpty(url)) {
+ if (url.startsWith(Constants.FILEPREFIX))
+ return url;
+
+ else
+ return configRootDir + "/" + url;
+
+ } else {
+ log.warn("MailUserAcountVerificationTemplate is empty");
+ throw new ConfigurationException("MailUserAcountVerificationTemplate is empty");
+
+ }
+ }
+
+ public String getMailUserAcountActivationSubject() {
+ return props.getProperty("general.mail.useraccountrequest.isactive.subject");
+ }
+
+ public String getMailUserAcountActivationTemplate() throws ConfigurationException {
+ String url = props.getProperty("general.mail.useraccountrequest.isactive.template");
+
+ if (MiscUtil.isNotEmpty(url)) {
+ if (url.startsWith(Constants.FILEPREFIX))
+ return url;
+
+ else
+ return configRootDir + "/" + url;
+
+ } else {
+ log.warn("MailUserAcountVerificationTemplate is empty");
+ throw new ConfigurationException("MailUserAcountActivationTemplate is empty");
+
+ }
+ }
+
+ public String getMailOAActivationSubject() {
+ return props.getProperty("general.mail.createOArequest.isactive.subject");
+ }
+
+ public String getMailOAActivationTemplate() throws ConfigurationException {
+ String url = props.getProperty("general.mail.createOArequest.isactive.template");
+
+ if (MiscUtil.isNotEmpty(url)) {
+ if (url.startsWith(Constants.FILEPREFIX))
+ return url;
+
+ else
+ return configRootDir + "/" + url;
+
+ } else {
+ log.warn("MailOAActivationTemplate is empty");
+ throw new ConfigurationException("MailOAActivationTemplate is empty");
+
+ }
+ }
+
+ public String getMailUserAcountRevocationTemplate() throws ConfigurationException {
+ String url = props.getProperty("general.mail.useraccountrequest.rejected.template");
+
+ if (MiscUtil.isNotEmpty(url)) {
+ if (url.startsWith(Constants.FILEPREFIX))
+ return url;
+
+ else
+ return configRootDir + "/" + url;
+
+ } else {
+ log.warn("MailUserAcountVerificationTemplate is empty");
+ throw new ConfigurationException("MailUserAcountRevocationTemplate is empty");
+
+ }
+ }
+
+ public String getMailAdminSubject() {
+ return props.getProperty("general.mail.admin.subject");
+ }
+
+ public String getMailAdminTemplate() throws ConfigurationException {
+ String url = props.getProperty("general.mail.admin.adresses.template");
+
+ if (MiscUtil.isNotEmpty(url)) {
+ if (url.startsWith(Constants.FILEPREFIX))
+ return url;
+
+ else
+ return configRootDir + "/" + url;
+
+ } else {
+ log.warn("MailUserAcountVerificationTemplate is empty");
+ throw new ConfigurationException("MailAdminTemplate is empty");
+
+ }
+ }
+
+ public String getMailAdminAddress() {
+ return props.getProperty("general.mail.admin.adress");
+ }
+
+
+ private void initalPVP2Login() throws ConfigurationException {
+ try {
+
+ String metadataCert = getPVP2IDPMetadataCertificate();
+ if (MiscUtil.isEmpty(metadataCert)) {
+ log.info("NO IDP Certificate to verify IDP Metadata");
+ throw new ConfigurationException("NO IDP Certificate to verify IDP Metadata");
+ }
+
+ InputStream certstream = new FileInputStream(metadataCert);
+ X509Certificate cert = new X509Certificate(certstream);
+ BasicX509Credential idpCredential = new BasicX509Credential();
+ idpCredential.setEntityCertificate(cert);
+
+ log.debug("IDP Certificate loading finished");
+
+ String metadataurl = getPVP2IDPMetadataURL();
+ if (MiscUtil.isEmpty(metadataurl)) {
+ log.info("NO IDP Metadata URL.");
+ throw new ConfigurationException("NO IDP Metadata URL.");
+ }
+
+ idpMetadataProvider = new HTTPMetadataProvider(new Timer(), new HttpClient(), metadataurl);
+ idpMetadataProvider.setRequireValidMetadata(true);
+ idpMetadataProvider.setParserPool(new BasicParserPool());
+ idpMetadataProvider.setMetadataFilter(new MetaDataVerificationFilter(idpCredential));
+ idpMetadataProvider.setMaxRefreshDelay(1000 * 3600 * 12 ); //refresh Metadata every 12h
+ idpMetadataProvider.initialize();
+
+ pvp2logininitialzied = true;
+
+ } catch (Exception e) {
+ log.warn("PVP2 authentification can not be initialized.");
+ throw new ConfigurationException("PVP2 authentification can not be initialized.", e);
+ }
+
+
}
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/FormularCustomization.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/FormularCustomization.java
new file mode 100644
index 000000000..49d556ba4
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/FormularCustomization.java
@@ -0,0 +1,357 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
+package at.gv.egovernment.moa.id.configuration.data;
+
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.List;
+import java.util.Map;
+
+import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA;
+import at.gv.egovernment.moa.id.commons.db.dao.config.BKUSelectionCustomizationType;
+import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
+import at.gv.egovernment.moa.id.commons.db.dao.config.TemplatesType;
+import at.gv.egovernment.moa.id.util.FormBuildUtils;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+public class FormularCustomization {
+
+ private boolean showMandateLoginButton = true;
+ private boolean onlyMandateAllowed = false;
+
+ private String fontType = null;
+
+ private String frontColor = null;
+ private String backGroundColor = null;
+ private String header_FrontColor = null;
+ private String header_BackGroundColor = null;
+ private String header_text = null;
+ private String button_BackGroundColor = null;
+ private String button_BackGroundColorFocus = null;
+ private String button_FrontColor = null;
+
+ private String appletRedirectTarget = null;
+ public static List<String> appletRedirectTargetList = null;
+
+ public static List<String> fontTypeList = null;
+ public String fontTypeListValue = null;
+
+ public FormularCustomization() {
+ appletRedirectTargetList = Arrays.asList("","_blank","_self","_parent","_top");
+ fontTypeList = Arrays.asList("","Verdana","Geneva","Arial","Helvetica","sans-serif","Times New Roman");
+ Collections.sort(fontTypeList);
+ }
+
+ public void parse(OnlineApplication dbOAConfig, Map<String, String> map) {
+ AuthComponentOA auth = dbOAConfig.getAuthComponentOA();
+
+ if (auth != null) {
+ TemplatesType templates = auth.getTemplates();
+ if (templates != null) {
+ BKUSelectionCustomizationType formcustom = templates.getBKUSelectionCustomization();
+ if (formcustom != null) {
+
+ if (formcustom.isMandateLoginButton() != null) {
+ showMandateLoginButton = formcustom.isMandateLoginButton();
+ }
+
+ if (formcustom.isOnlyMandateLoginAllowed() != null) {
+ onlyMandateAllowed = formcustom.isOnlyMandateLoginAllowed();
+ }
+
+ if (MiscUtil.isNotEmpty(formcustom.getAppletRedirectTarget()))
+ appletRedirectTarget = formcustom.getAppletRedirectTarget();
+
+ if (MiscUtil.isNotEmpty(formcustom.getBackGroundColor())) {
+ backGroundColor = formcustom.getBackGroundColor();
+ map.put(FormBuildUtils.MAIN_BACKGROUNDCOLOR, formcustom.getBackGroundColor());
+ }
+
+ if (MiscUtil.isNotEmpty(formcustom.getButtonBackGroundColor())) {
+ button_BackGroundColor = formcustom.getButtonBackGroundColor();
+ map.put(FormBuildUtils.BUTTON_BACKGROUNDCOLOR, formcustom.getButtonBackGroundColor());
+ }
+
+ if (MiscUtil.isNotEmpty(formcustom.getButtonBackGroundColorFocus())) {
+ button_BackGroundColorFocus = formcustom.getButtonBackGroundColorFocus();
+ map.put(FormBuildUtils.BUTTON_BACKGROUNDCOLOR_FOCUS, formcustom.getButtonBackGroundColorFocus());
+ }
+
+ if (MiscUtil.isNotEmpty(formcustom.getButtonFontColor())) {
+ button_FrontColor = formcustom.getButtonFontColor();
+ map.put(FormBuildUtils.BUTTON_COLOR, formcustom.getButtonFontColor());
+ }
+
+ if (MiscUtil.isNotEmpty(formcustom.getFontType())) {
+ fontType = formcustom.getFontType();
+ map.put(FormBuildUtils.FONTFAMILY, formcustom.getFontType());
+ }
+
+ if (MiscUtil.isNotEmpty(formcustom.getFrontColor())) {
+ frontColor = formcustom.getFrontColor();
+ map.put(FormBuildUtils.MAIN_COLOR, formcustom.getFrontColor());
+ }
+
+ if (MiscUtil.isNotEmpty(formcustom.getHeaderBackGroundColor())) {
+ header_BackGroundColor = formcustom.getHeaderBackGroundColor();
+ map.put(FormBuildUtils.HEADER_BACKGROUNDCOLOR, formcustom.getHeaderBackGroundColor());
+ }
+
+ if (MiscUtil.isNotEmpty(formcustom.getHeaderFrontColor())) {
+ header_FrontColor = formcustom.getHeaderFrontColor();
+ map.put(FormBuildUtils.HEADER_COLOR, formcustom.getHeaderFrontColor());
+ }
+
+ if (MiscUtil.isNotEmpty(formcustom.getHeaderText())) {
+ header_text = formcustom.getHeaderText();
+ map.put(FormBuildUtils.HEADER_TEXT, formcustom.getHeaderText());
+ }
+ }
+ }
+ }
+ }
+
+
+ /**
+ * @return the showMandateLoginButton
+ */
+ public boolean isShowMandateLoginButton() {
+ return showMandateLoginButton;
+ }
+
+
+ /**
+ * @param showMandateLoginButton the showMandateLoginButton to set
+ */
+ public void setShowMandateLoginButton(boolean showMandateLoginButton) {
+ this.showMandateLoginButton = showMandateLoginButton;
+ }
+
+
+ /**
+ * @return the onlyMandateAllowed
+ */
+ public boolean isOnlyMandateAllowed() {
+ return onlyMandateAllowed;
+ }
+
+
+ /**
+ * @param onlyMandateAllowed the onlyMandateAllowed to set
+ */
+ public void setOnlyMandateAllowed(boolean onlyMandateAllowed) {
+ this.onlyMandateAllowed = onlyMandateAllowed;
+ }
+
+
+ /**
+ * @return the fontType
+ */
+ public String getFontType() {
+ return fontType;
+ }
+
+
+ /**
+ * @param fontType the fontType to set
+ */
+ public void setFontType(String fontType) {
+ this.fontType = fontType;
+ }
+
+
+ /**
+ * @return the frontColor
+ */
+ public String getFrontColor() {
+ return frontColor;
+ }
+
+
+ /**
+ * @param frontColor the frontColor to set
+ */
+ public void setFrontColor(String frontColor) {
+ this.frontColor = frontColor;
+ }
+
+
+ /**
+ * @return the backGroundColor
+ */
+ public String getBackGroundColor() {
+ return backGroundColor;
+ }
+
+
+ /**
+ * @param backGroundColor the backGroundColor to set
+ */
+ public void setBackGroundColor(String backGroundColor) {
+ this.backGroundColor = backGroundColor;
+ }
+
+
+ /**
+ * @return the header_FrontColor
+ */
+ public String getHeader_FrontColor() {
+ return header_FrontColor;
+ }
+
+
+ /**
+ * @param header_FrontColor the header_FrontColor to set
+ */
+ public void setHeader_FrontColor(String header_FrontColor) {
+ this.header_FrontColor = header_FrontColor;
+ }
+
+
+ /**
+ * @return the header_BackGroundColor
+ */
+ public String getHeader_BackGroundColor() {
+ return header_BackGroundColor;
+ }
+
+
+ /**
+ * @param header_BackGroundColor the header_BackGroundColor to set
+ */
+ public void setHeader_BackGroundColor(String header_BackGroundColor) {
+ this.header_BackGroundColor = header_BackGroundColor;
+ }
+
+
+ /**
+ * @return the header_text
+ */
+ public String getHeader_text() {
+ return header_text;
+ }
+
+
+ /**
+ * @param header_text the header_text to set
+ */
+ public void setHeader_text(String header_text) {
+ this.header_text = header_text;
+ }
+
+
+ /**
+ * @return the button_BackGroundColor
+ */
+ public String getButton_BackGroundColor() {
+ return button_BackGroundColor;
+ }
+
+
+ /**
+ * @param button_BackGroundColor the button_BackGroundColor to set
+ */
+ public void setButton_BackGroundColor(String button_BackGroundColor) {
+ this.button_BackGroundColor = button_BackGroundColor;
+ }
+
+
+ /**
+ * @return the button_BackGroundColorFocus
+ */
+ public String getButton_BackGroundColorFocus() {
+ return button_BackGroundColorFocus;
+ }
+
+
+ /**
+ * @param button_BackGroundColorFocus the button_BackGroundColorFocus to set
+ */
+ public void setButton_BackGroundColorFocus(String button_BackGroundColorFocus) {
+ this.button_BackGroundColorFocus = button_BackGroundColorFocus;
+ }
+
+
+ /**
+ * @return the button_FrontColor
+ */
+ public String getButton_FrontColor() {
+ return button_FrontColor;
+ }
+
+
+ /**
+ * @param button_FrontColor the button_FrontColor to set
+ */
+ public void setButton_FrontColor(String button_FrontColor) {
+ this.button_FrontColor = button_FrontColor;
+ }
+
+
+ /**
+ * @return the appletRedirectTarget
+ */
+ public String getAppletRedirectTarget() {
+ return appletRedirectTarget;
+ }
+
+ /**
+ * @param appletRedirectTarget the appletRedirectTarget to set
+ */
+ public void setAppletRedirectTarget(String appletRedirectTarget) {
+ this.appletRedirectTarget = appletRedirectTarget;
+ }
+
+
+ /**
+ * @return the appletredirecttargetlist
+ */
+ public List<String> getAppletRedirectTargetList() {
+ return appletRedirectTargetList;
+ }
+
+ /**
+ * @return the fontTypeList
+ */
+ public List<String> getFontTypeList() {
+ return fontTypeList;
+ }
+
+ /**
+ * @return the fontTypeListValue
+ */
+ public String getFontTypeListValue() {
+ return fontTypeListValue;
+ }
+
+ /**
+ * @param fontTypeListValue the fontTypeListValue to set
+ */
+ public void setFontTypeListValue(String fontTypeListValue) {
+ this.fontTypeListValue = fontTypeListValue;
+ }
+
+
+
+
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java
index 59954df7f..4da4d3907 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java
@@ -1,3 +1,25 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.data;
import java.io.File;
@@ -15,8 +37,6 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.DefaultBKUs;
import at.gv.egovernment.moa.id.commons.db.dao.config.ForeignIdentities;
import at.gv.egovernment.moa.id.commons.db.dao.config.GeneralConfiguration;
import at.gv.egovernment.moa.id.commons.db.dao.config.IdentificationNumber;
-import at.gv.egovernment.moa.id.commons.db.dao.config.IdentityLinkSigners;
-import at.gv.egovernment.moa.id.commons.db.dao.config.IdentityLinkSignersX509SubjectNameItem;
import at.gv.egovernment.moa.id.commons.db.dao.config.LegacyAllowed;
import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration;
import at.gv.egovernment.moa.id.commons.db.dao.config.MOASP;
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java
new file mode 100644
index 000000000..f21be44ba
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java
@@ -0,0 +1,27 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
+package at.gv.egovernment.moa.id.configuration.data;
+
+public class GeneralStorkConfig {
+
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/OAListElement.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/OAListElement.java
index 0ea21617e..69bf5dc0c 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/OAListElement.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/OAListElement.java
@@ -1,3 +1,25 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.data;
public class OAListElement {
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/StorkAttributes.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/StorkAttributes.java
new file mode 100644
index 000000000..a1bcf4aa4
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/StorkAttributes.java
@@ -0,0 +1,50 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
+package at.gv.egovernment.moa.id.configuration.data;
+
+public class StorkAttributes {
+
+
+ public AttributValues eIdentifier;
+
+
+ public void parse() {
+ eIdentifier = AttributValues.MANDATORY;
+ }
+
+
+ public enum AttributValues {
+ MANDATORY, OPTIONAL, NOT;
+
+ public String getValue() {
+ if (this == MANDATORY)
+ return MANDATORY.name();
+ if (this == OPTIONAL)
+ return OPTIONAL.name();
+ else
+ return NOT.name();
+ }
+ }
+
+}
+
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/UserDatabaseFrom.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/UserDatabaseFrom.java
index 881cdf277..8f4746d69 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/UserDatabaseFrom.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/UserDatabaseFrom.java
@@ -1,8 +1,29 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.data;
import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase;
import at.gv.egovernment.moa.util.MiscUtil;
-import at.gv.util.data.BPK;
public class UserDatabaseFrom {
@@ -18,10 +39,14 @@ public class UserDatabaseFrom {
private boolean active = false;
private boolean admin = false;
private boolean passwordActive;
+ private boolean isusernamepasswordallowed = false;
+ private boolean isadminrequest = true;
+ private boolean ismandateuser = false;
+ private boolean isPVPGenerated;
private String userID = null;
public UserDatabaseFrom() {
-
+
}
public UserDatabaseFrom(UserDatabase db) {
@@ -41,6 +66,26 @@ public class UserDatabaseFrom {
active = db.isIsActive();
admin = db.isIsAdmin();
+ if (db.isIsUsernamePasswordAllowed() != null)
+ isusernamepasswordallowed = db.isIsUsernamePasswordAllowed();
+ else
+ isusernamepasswordallowed = true;
+
+ if (db.isIsAdminRequest() != null)
+ isadminrequest = db.isIsAdminRequest();
+ else
+ isadminrequest = false;
+
+ if (db.isIsMandateUser() != null)
+ ismandateuser = db.isIsMandateUser();
+ else
+ ismandateuser = false;
+
+ if (db.isIsPVP2Generated() != null)
+ isPVPGenerated = db.isIsPVP2Generated();
+ else
+ isPVPGenerated = false;
+
userID = String.valueOf(db.getHjid());
}
@@ -247,7 +292,62 @@ public class UserDatabaseFrom {
public void setPassword_second(String password_second) {
this.password_second = password_second;
}
+
+ /**
+ * @return the isusernamepasswordallowed
+ */
+ public boolean isIsusernamepasswordallowed() {
+ return isusernamepasswordallowed;
+ }
+
+ /**
+ * @param isusernamepasswordallowed the isusernamepasswordallowed to set
+ */
+ public void setIsusernamepasswordallowed(boolean isusernamepasswordallowed) {
+ this.isusernamepasswordallowed = isusernamepasswordallowed;
+ }
+
+ /**
+ * @return the ismandateuser
+ */
+ public boolean isIsmandateuser() {
+ return ismandateuser;
+ }
+ /**
+ * @param ismandateuser the ismandateuser to set
+ */
+ public void setIsmandateuser(boolean ismandateuser) {
+ this.ismandateuser = ismandateuser;
+ }
+
+ /**
+ * @return the isadminrequest
+ */
+ public boolean isIsadminrequest() {
+ return isadminrequest;
+ }
+
+ /**
+ * @param isadminrequest the isadminrequest to set
+ */
+ public void setIsadminrequest(boolean isadminrequest) {
+ this.isadminrequest = isadminrequest;
+ }
+
+ /**
+ * @return the isPVPGenerated
+ */
+ public boolean isPVPGenerated() {
+ return isPVPGenerated;
+ }
+
+ /**
+ * @param isPVPGenerated the isPVPGenerated to set
+ */
+ public void setPVPGenerated(boolean isPVPGenerated) {
+ this.isPVPGenerated = isPVPGenerated;
+ }
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java
index 57ae4863a..334124cfd 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java
@@ -1,6 +1,29 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.data.oa;
import java.util.ArrayList;
+import java.util.Arrays;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
@@ -18,6 +41,7 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.TemplateType;
import at.gv.egovernment.moa.id.commons.db.dao.config.TemplatesType;
import at.gv.egovernment.moa.id.commons.db.dao.config.TransformsInfoType;
import at.gv.egovernment.moa.id.configuration.Constants;
+import at.gv.egovernment.moa.id.configuration.validation.TargetValidator;
import at.gv.egovernment.moa.util.MiscUtil;
@@ -35,19 +59,22 @@ public class OAGeneralConfig {
private boolean businessService = false;
private String target = null;
+ private String target_subsector = null;
+ private String target_admin = null;
+ private static List<String> targetList = null;
private String targetFriendlyName = null;
+ private boolean isAdminTarget = false;
private String identificationNumber = null;
private String identificationType = null;
+ private static List<String> identificationTypeList = null;
private String aditionalAuthBlockText = null;
private String mandateProfiles = null;
+ private boolean useMandates = false;
private boolean isActive = false;
- private String slVersion = null;
- private boolean useIFrame = false;
- private boolean useUTC = false;
private boolean calculateHPI = false;
private String keyBoxIdentifier = null;
@@ -56,6 +83,8 @@ public class OAGeneralConfig {
private boolean legacy = false;
List<String> SLTemplates = null;
+ private boolean isHideBPKAuthBlock = false;
+
private Map<String, byte[]> transformations;
@@ -69,6 +98,14 @@ public class OAGeneralConfig {
bkuLocalURL = Constants.DEFAULT_LOCALBKU_URL;
bkuHandyURL = Constants.DEFAULT_HANDYBKU_URL;
+
+ targetList = TargetValidator.getListOfTargets();
+ target = "";
+
+ identificationTypeList = Arrays.asList(
+ Constants.IDENIFICATIONTYPE_FN,
+ Constants.IDENIFICATIONTYPE_ZVR,
+ Constants.IDENIFICATIONTYPE_ERSB);
}
@@ -81,8 +118,29 @@ public class OAGeneralConfig {
keyBoxIdentifier = dbOAConfig.getKeyBoxIdentifier().value();
identifier = dbOAConfig.getPublicURLPrefix();
- target = dbOAConfig.getTarget();
- targetFriendlyName = dbOAConfig.getTargetFriendlyName();
+
+ String target_full = dbOAConfig.getTarget();
+ if (MiscUtil.isNotEmpty(target_full)) {
+ if (TargetValidator.isValidTarget(target_full)) {
+ target = target_full;
+
+ } else {
+ String[] target_split = target_full.split("-");
+
+ if (TargetValidator.isValidTarget(target_split[0])) {
+ target = target_split[0];
+ if (target_split.length > 1)
+ target_subsector = target_split[1];
+
+ } else {
+ target = "";
+ target_subsector = null;
+ target_admin = target_full;
+ isAdminTarget = true;
+ }
+ }
+ targetFriendlyName = dbOAConfig.getTargetFriendlyName();
+ }
if (dbOAConfig.getType().equals(Constants.MOA_CONFIG_BUSINESSSERVICE))
businessService = true;
@@ -127,16 +185,32 @@ public class OAGeneralConfig {
IdentificationNumber idnumber = oaauth.getIdentificationNumber();
if (idnumber != null) {
- identificationNumber = idnumber.getValue();
+ String number = idnumber.getValue();
+ if (MiscUtil.isNotEmpty(number)) {
+ String[] split = number.split("\\+");
+
+ if (Constants.PREFIX_WPBK.startsWith(split[0]) && split.length >= 2) {
+ identificationType = split[1];
+ identificationNumber = split[2];
+ }
+ }
}
Mandates mandates = oaauth.getMandates();
if (mandates != null) {
- mandateProfiles = mandates.getProfiles();
+
+ if (MiscUtil.isNotEmpty(mandates.getProfiles())) {
+ mandateProfiles = mandates.getProfiles();
+ useMandates = true;
+
+ } else {
+ mandateProfiles = new String();
+ useMandates = false;
+ }
+
+
}
- slVersion = oaauth.getSlVersion();
-
TemplatesType templates = oaauth.getTemplates();
if (templates != null) {
aditionalAuthBlockText = templates.getAditionalAuthBlockText();
@@ -162,12 +236,9 @@ public class OAGeneralConfig {
transformations.put(el.getFilename(), el.getTransformation());
}
- useIFrame = oaauth.isUseIFrame();
- useUTC = oaauth.isUseUTC();
}
-
-
+ isHideBPKAuthBlock = dbOAConfig.isRemoveBPKFromAuthBlock();
}
@@ -243,30 +314,6 @@ public class OAGeneralConfig {
this.isActive = isActive;
}
- public String getSlVersion() {
- return slVersion;
- }
-
- public void setSlVersion(String slVersion) {
- this.slVersion = slVersion;
- }
-
- public boolean isUseIFrame() {
- return useIFrame;
- }
-
- public void setUseIFrame(boolean useIFrame) {
- this.useIFrame = useIFrame;
- }
-
- public boolean isUseUTC() {
- return useUTC;
- }
-
- public void setUseUTC(boolean useUTC) {
- this.useUTC = useUTC;
- }
-
public boolean isBusinessService() {
return businessService;
}
@@ -461,6 +508,101 @@ public class OAGeneralConfig {
SLTemplates.add(sLTemplateURL3);
}
+
+ /**
+ * @return the target_subsector
+ */
+ public String getTarget_subsector() {
+ return target_subsector;
+ }
+
+
+ /**
+ * @param target_subsector the target_subsector to set
+ */
+ public void setTarget_subsector(String target_subsector) {
+ this.target_subsector = target_subsector;
+ }
+
+
+ /**
+ * @return the target_admin
+ */
+ public String getTarget_admin() {
+ return target_admin;
+ }
+
+
+ /**
+ * @param target_admin the target_admin to set
+ */
+ public void setTarget_admin(String target_admin) {
+ this.target_admin = target_admin;
+ }
+
+
+ /**
+ * @return the targetList
+ */
+ public List<String> getTargetList() {
+ return targetList;
+ }
+
+
+ /**
+ * @return the identificationTypeList
+ */
+ public List<String> getIdentificationTypeList() {
+ return identificationTypeList;
+ }
+
+
+ /**
+ * @return the isAdminTarget
+ */
+ public boolean isAdminTarget() {
+ return isAdminTarget;
+ }
+
+
+ /**
+ * @param isAdminTarget the isAdminTarget to set
+ */
+ public void setAdminTarget(boolean isAdminTarget) {
+ this.isAdminTarget = isAdminTarget;
+ }
+
+
+ /**
+ * @return the isHideBPKAuthBlock
+ */
+ public boolean isHideBPKAuthBlock() {
+ return isHideBPKAuthBlock;
+ }
+
+
+ /**
+ * @param isHideBPKAuthBlock the isHideBPKAuthBlock to set
+ */
+ public void setHideBPKAuthBlock(boolean isHideBPKAuthBlock) {
+ this.isHideBPKAuthBlock = isHideBPKAuthBlock;
+ }
+
+
+ /**
+ * @return the useMandates
+ */
+ public boolean isUseMandates() {
+ return useMandates;
+ }
+
+
+ /**
+ * @param useMandates the useMandates to set
+ */
+ public void setUseMandates(boolean useMandates) {
+ this.useMandates = useMandates;
+ }
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAOAuth20Config.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAOAuth20Config.java
new file mode 100644
index 000000000..347628481
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAOAuth20Config.java
@@ -0,0 +1,109 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
+package at.gv.egovernment.moa.id.configuration.data.oa;
+
+import java.util.ArrayList;
+import java.util.List;
+import java.util.UUID;
+
+import org.apache.commons.lang.StringUtils;
+import org.apache.log4j.Logger;
+
+import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA;
+import at.gv.egovernment.moa.id.commons.db.dao.config.OAOAUTH20;
+import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
+import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
+import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Util;
+
+public class OAOAuth20Config {
+
+ private final Logger log = Logger.getLogger(OAOAuth20Config.class);
+
+ private String clientId = null;
+ private String clientSecret = null;
+ private String redirectUri = null;
+
+ public OAOAuth20Config() {
+ }
+
+ public List<String> parse(OnlineApplication dbOAConfig) {
+ List<String> errors = new ArrayList<String>();
+
+ AuthComponentOA authdata = dbOAConfig.getAuthComponentOA();
+ if (authdata != null) {
+ // set client id to public url prefix
+ this.clientId = dbOAConfig.getPublicURLPrefix();
+
+ OAOAUTH20 config = authdata.getOAOAUTH20();
+
+ if (config != null) {
+ // validate secret
+ if (StringUtils.isNotEmpty(config.getOAuthClientSecret())) {
+ this.clientSecret = config.getOAuthClientSecret();
+ } else {
+ this.generateClientSecret();
+ }
+
+ // validate redirectUri
+ if (StringUtils.isNotEmpty(config.getOAuthRedirectUri()) && OAuth20Util.isUrl(config.getOAuthRedirectUri())) {
+ this.redirectUri = config.getOAuthRedirectUri();
+ } else {
+ errors.add(LanguageHelper.getErrorString("error.oa.oauth.redirecturi"));
+ }
+ } else {
+ this.generateClientSecret();
+ }
+ }
+
+ return errors;
+ }
+
+ public String getClientId() {
+ return clientId;
+ }
+
+ public void setClientId(String clientId) {
+ this.clientId = clientId;
+ }
+
+ public String getClientSecret() {
+ return clientSecret;
+ }
+
+ public void setClientSecret(String clientSecret) {
+ this.clientSecret = clientSecret;
+ }
+
+ public String getRedirectUri() {
+ return redirectUri;
+ }
+
+ public void setRedirectUri(String redirectUri) {
+ this.redirectUri = redirectUri;
+ }
+
+ public void generateClientSecret() {
+ this.clientSecret = UUID.randomUUID().toString();
+ }
+
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAPVP2Config.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAPVP2Config.java
index fdce518a7..0a03ac77b 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAPVP2Config.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAPVP2Config.java
@@ -1,8 +1,29 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.data.oa;
import java.io.File;
import java.io.FileInputStream;
-import java.io.FileNotFoundException;
import java.io.IOException;
import java.security.cert.CertificateException;
import java.util.ArrayList;
@@ -15,7 +36,6 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA;
import at.gv.egovernment.moa.id.commons.db.dao.config.OAPVP2;
import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
-import at.gv.egovernment.moa.id.configuration.struts.action.EditOAAction;
import at.gv.egovernment.moa.util.MiscUtil;
public class OAPVP2Config {
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASAML1Config.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASAML1Config.java
index 687a06b9e..cdfb20294 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASAML1Config.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASAML1Config.java
@@ -1,3 +1,25 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.data.oa;
import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA;
@@ -6,6 +28,7 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
public class OASAML1Config {
+ private boolean isActive = false;
private boolean provideStammZahl = false;
private boolean provideAuthBlock = false;
private boolean provideIdentityLink = false;
@@ -28,8 +51,15 @@ public class OASAML1Config {
provideFullMandateData = saml1.isProvideFullMandatorData();
provideIdentityLink = saml1.isProvideIdentityLink();
provideStammZahl = saml1.isProvideStammzahl();
- useCondition = saml1.isUseCondition();
- conditionLength = saml1.getConditionLength().intValue();
+
+ if (saml1.isUseCondition() != null)
+ useCondition = saml1.isUseCondition();
+
+ if (saml1.getConditionLength() != null)
+ conditionLength = saml1.getConditionLength().intValue();
+
+ if (saml1.isIsActive() != null)
+ isActive = saml1.isIsActive();
}
}
}
@@ -76,6 +106,21 @@ public class OASAML1Config {
public void setConditionLength(int conditionLength) {
this.conditionLength = conditionLength;
}
+
+ /**
+ * @return the isActive
+ */
+ public boolean isActive() {
+ return isActive;
+ }
+
+ /**
+ * @param isActive the isActive to set
+ */
+ public void setActive(boolean isActive) {
+ this.isActive = isActive;
+ }
+
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASSOConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASSOConfig.java
index 0241b6a04..593c2291f 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASSOConfig.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASSOConfig.java
@@ -1,3 +1,25 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.data.oa;
import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA;
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java
index 74edde653..d7c71105d 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java
@@ -1,3 +1,25 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.data.oa;
public class OASTORKConfig {
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/pvp2/ContactForm.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/pvp2/ContactForm.java
index fe685e6d0..a2d6d8775 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/pvp2/ContactForm.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/pvp2/ContactForm.java
@@ -1,3 +1,25 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.data.pvp2;
import java.util.ArrayList;
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/exception/ConfigurationException.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/exception/ConfigurationException.java
index e83bf6997..358151d23 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/exception/ConfigurationException.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/exception/ConfigurationException.java
@@ -1,3 +1,25 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.exception;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
@@ -14,4 +36,8 @@ public class ConfigurationException extends Exception {
super(LanguageHelper.getErrorString(errorname), e);
}
+ public ConfigurationException(Throwable e) {
+ super(e);
+ }
+
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java
index 7dac458ca..0d52234bc 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java
@@ -1,7 +1,28 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.filter;
import java.io.IOException;
-import java.io.PrintWriter;
import java.util.ArrayList;
import java.util.StringTokenizer;
import java.util.regex.Pattern;
@@ -129,7 +150,7 @@ public class AuthenticationFilter implements Filter{
if (authuser == null) {
- authuser = new AuthenticatedUser(0, "Max", "TestUser", "maxtestuser", true, true);
+ authuser = new AuthenticatedUser(0, "Max", "TestUser", null, "maxtestuser", true, true, false, false);
//authuser = new AuthenticatedUser(1, "Max", "TestUser", true, false);
httpServletRequest.getSession().setAttribute(Constants.SESSION_AUTH, authuser);
}
@@ -147,24 +168,14 @@ public class AuthenticationFilter implements Filter{
}
} else {
- //check login Daten
-
- //loginPageForward = true;
-
-
if (MiscUtil.isNotEmpty(getAuthenticatedPage())) {
log.debug("Unable to find authentication data. Authenticated page is given so there is no need to save original request url. " + (loginPageForward ? "Forwarding" : "Redirecting") + " to login page \"" + loginPage + "\".");
-
-
}
else {
log.debug("Unable to find authentication data. Storing request url and " + (loginPageForward ? "forwarding" : "redirecting") + " to login page \"" + loginPage + "\".");
- // TODO: save HttpServletRequest
- // log.debug("new CustomHttpServletRequest(request).toString() =
- // {}", new
- // CustomHttpServletRequest(httpServletRequest).toString());
session.setAttribute(STORED_REQUEST_URL_ID, requestURL);
+
}
if (loginPageForward) {
@@ -184,7 +195,7 @@ public class AuthenticationFilter implements Filter{
filterchain.doFilter(req, resp);
} catch (Exception e) {
-
+
// String redirectURL = "./index.action";
// HttpServletResponse httpResp = (HttpServletResponse) resp;
// redirectURL = httpResp.encodeRedirectURL(redirectURL);
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/AuthenticationHelper.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/AuthenticationHelper.java
index b2f1b106f..4d47d8d96 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/AuthenticationHelper.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/AuthenticationHelper.java
@@ -1,3 +1,25 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.helper;
import java.security.spec.KeySpec;
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/DateTimeHelper.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/DateTimeHelper.java
new file mode 100644
index 000000000..eed4aa32f
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/DateTimeHelper.java
@@ -0,0 +1,59 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
+package at.gv.egovernment.moa.id.configuration.helper;
+
+import java.text.ParseException;
+import java.text.SimpleDateFormat;
+import java.util.Date;
+
+import org.apache.log4j.Logger;
+
+import at.gv.egovernment.moa.util.MiscUtil;
+
+public class DateTimeHelper {
+
+ private static final Logger log = Logger.getLogger(DateTimeHelper.class);
+
+ private static final String DATETIMEPATTERN = "dd.MM.yyy HH:mm";
+
+ public static String getDateTime(Date date) {
+ SimpleDateFormat f = new SimpleDateFormat(DATETIMEPATTERN);
+ return f.format(date);
+ }
+
+ public static Date parseDateTime(String date) {
+ SimpleDateFormat f = new SimpleDateFormat(DATETIMEPATTERN);
+
+ if (MiscUtil.isNotEmpty(date)) {
+
+ try {
+ return f.parse(date);
+
+ } catch (ParseException e) {
+ log.warn("Parse DATETIME String " + date + " failed", e);
+
+ }
+ }
+ return null;
+ }
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/FormDataHelper.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/FormDataHelper.java
new file mode 100644
index 000000000..d3a9ffcd4
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/FormDataHelper.java
@@ -0,0 +1,75 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
+package at.gv.egovernment.moa.id.configuration.helper;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
+import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase;
+import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
+import at.gv.egovernment.moa.id.configuration.data.OAListElement;
+
+public class FormDataHelper {
+
+ public static ArrayList<OAListElement> addFormOAs(List<OnlineApplication> dbOAs) {
+
+ ArrayList<OAListElement> formOAs = new ArrayList<OAListElement>();
+
+ for (OnlineApplication dboa : dbOAs) {
+ OAListElement listoa = new OAListElement();
+ listoa.setActive(dboa.isIsActive());
+ listoa.setDataBaseID(dboa.getHjid());
+ listoa.setOaFriendlyName(dboa.getFriendlyName());
+ listoa.setOaIdentifier(dboa.getPublicURLPrefix());
+ listoa.setOaType(dboa.getType());
+ formOAs.add(listoa);
+ }
+
+ return formOAs;
+ }
+
+ public static ArrayList<AuthenticatedUser> addFormUsers(List<UserDatabase> dbuserlist) {
+ ArrayList<AuthenticatedUser> userlist = new ArrayList<AuthenticatedUser>();
+
+ for (UserDatabase dbuser : dbuserlist) {
+
+ boolean ismandate = false;
+ if (dbuser.isIsMandateUser() != null)
+ ismandate = dbuser.isIsMandateUser();
+
+
+ userlist.add(new AuthenticatedUser(
+ dbuser.getHjid(),
+ dbuser.getGivenname(),
+ dbuser.getFamilyname(),
+ dbuser.getInstitut(),
+ dbuser.getUsername(),
+ dbuser.isIsActive(),
+ dbuser.isIsAdmin(),
+ ismandate,
+ false));
+ }
+ return userlist;
+ }
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/LanguageHelper.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/LanguageHelper.java
index 08f200c50..a2f0628eb 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/LanguageHelper.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/LanguageHelper.java
@@ -1,3 +1,25 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.helper;
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/MailHelper.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/MailHelper.java
new file mode 100644
index 000000000..6f1112e2e
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/MailHelper.java
@@ -0,0 +1,275 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
+package at.gv.egovernment.moa.id.configuration.helper;
+
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.InputStream;
+import java.io.StringWriter;
+import java.io.UnsupportedEncodingException;
+import java.text.SimpleDateFormat;
+import java.util.Date;
+import java.util.Properties;
+
+import javax.mail.BodyPart;
+import javax.mail.Message;
+import javax.mail.MessagingException;
+import javax.mail.Session;
+import javax.mail.Transport;
+import javax.mail.internet.InternetAddress;
+import javax.mail.internet.MimeBodyPart;
+import javax.mail.internet.MimeMessage;
+import javax.mail.internet.MimeMultipart;
+
+import org.apache.commons.io.IOUtils;
+import org.apache.log4j.Logger;
+
+import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase;
+import at.gv.egovernment.moa.id.configuration.Constants;
+import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider;
+import at.gv.egovernment.moa.id.configuration.exception.ConfigurationException;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+public class MailHelper {
+
+ private static final Logger log = Logger.getLogger(MailHelper.class);
+
+ private static final String PATTERN_GIVENNAME = "#GIVENNAME#";
+ private static final String PATTERN_FAMILYNAME = "#FAMILYNAME#";
+ private static final String PATTERN_URL = "#MANDATE_SERVICE_LINK#";
+ private static final String PATTERN_DATE = "#TODAY_DATE#";
+ private static final String PATTERN_OPENOAS = "#NUMBER_OAS#";
+ private static final String PATTERN_OPENUSERS = "#NUMBER_USERSS#";
+ private static final String PATTERN_OANAME = "#OANAME#";
+
+ public static void sendUserMailAddressVerification(UserDatabase userdb) throws ConfigurationException {
+
+ ConfigurationProvider config = ConfigurationProvider.getInstance();
+ String templateurl = config.getMailUserAcountVerificationTemplate();
+
+ String template = readTemplateFromURL(templateurl);
+
+ if (userdb.isIsMandateUser()) {
+ template = template.replace(PATTERN_GIVENNAME, userdb.getInstitut());
+ template = template.replace(PATTERN_FAMILYNAME, "");
+
+ } else {
+ template = template.replace(PATTERN_GIVENNAME, userdb.getGivenname());
+ template = template.replace(PATTERN_FAMILYNAME, userdb.getFamilyname());
+ }
+
+ SimpleDateFormat dateformat = new SimpleDateFormat("dd.MM.yyyy");
+ template = template.replace(PATTERN_DATE, dateformat.format(new Date()));
+
+ String verificationURL = config.getPublicUrlPreFix(null);
+
+ if (!verificationURL.endsWith("/"))
+ verificationURL = verificationURL + "/";
+
+ verificationURL = verificationURL + Constants.SERVLET_ACCOUNTVERIFICATION +
+ "?" + Constants.REQUEST_USERREQUESTTOKKEN +
+ "=" + userdb.getUserRequestTokken();
+ template = template.replace(PATTERN_URL, verificationURL);
+
+ sendMail(config, config.getMailUserAcountVerificationSubject(),
+ userdb.getMail(), template);
+
+ }
+
+ public static void sendAdminMail(int numOpenOAs, int numOpenUsers) throws ConfigurationException {
+ ConfigurationProvider config = ConfigurationProvider.getInstance();
+ String templateurl = config.getMailAdminTemplate();
+
+ String template = readTemplateFromURL(templateurl);
+ template = template.replace(PATTERN_OPENOAS, String.valueOf(numOpenOAs));
+ template = template.replace(PATTERN_OPENUSERS, String.valueOf(numOpenUsers));
+
+ SimpleDateFormat dateformat = new SimpleDateFormat("dd.MM.yyyy");
+ template = template.replace(PATTERN_DATE, dateformat.format(new Date()));
+
+ sendMail(config, config.getMailAdminSubject(), config.getMailAdminAddress(), template);
+
+ }
+
+ public static void sendUserAccountActivationMail(String givenname, String familyname, String institut, String mailurl) throws ConfigurationException {
+ ConfigurationProvider config = ConfigurationProvider.getInstance();
+ String templateurl = config.getMailUserAcountActivationTemplate();
+
+ String template = readTemplateFromURL(templateurl);
+ if (MiscUtil.isNotEmpty(institut)) {
+ template = template.replace(PATTERN_GIVENNAME, institut);
+ template = template.replace(PATTERN_FAMILYNAME, "");
+
+ } else {
+ template = template.replace(PATTERN_GIVENNAME, givenname);
+ template = template.replace(PATTERN_FAMILYNAME, familyname);
+ }
+
+
+ SimpleDateFormat dateformat = new SimpleDateFormat("dd.MM.yyyy");
+ template = template.replace(PATTERN_DATE, dateformat.format(new Date()));
+
+ String verificationURL = config.getPublicUrlPreFix(null);
+ if (!verificationURL.endsWith("/"))
+ verificationURL = verificationURL + "/";
+
+ template = template.replace(PATTERN_URL, verificationURL);
+
+ sendMail(config, config.getMailUserAcountActivationSubject(),
+ mailurl, template);
+ }
+
+ public static void sendUserOnlineApplicationActivationMail(String givenname, String familyname, String institut, String oaname, String mailurl) throws ConfigurationException {
+ ConfigurationProvider config = ConfigurationProvider.getInstance();
+ String templateurl = config.getMailOAActivationTemplate();
+
+ String template = readTemplateFromURL(templateurl);
+ if (MiscUtil.isNotEmpty(institut)) {
+ template = template.replace(PATTERN_GIVENNAME, institut);
+ template = template.replace(PATTERN_FAMILYNAME, "");
+
+ } else {
+ template = template.replace(PATTERN_GIVENNAME, givenname);
+ template = template.replace(PATTERN_FAMILYNAME, familyname);
+ }
+
+ template = template.replace(PATTERN_OANAME, oaname);
+
+ SimpleDateFormat dateformat = new SimpleDateFormat("dd.MM.yyyy");
+ template = template.replace(PATTERN_DATE, dateformat.format(new Date()));
+
+ String verificationURL = config.getPublicUrlPreFix(null);
+ if (!verificationURL.endsWith("/"))
+ verificationURL = verificationURL + "/";
+
+ template = template.replace(PATTERN_URL, verificationURL);
+
+ sendMail(config, config.getMailOAActivationSubject(),
+ mailurl, template);
+ }
+
+ public static void sendUserAccountRevocationMail(UserDatabase userdb) throws ConfigurationException {
+ ConfigurationProvider config = ConfigurationProvider.getInstance();
+ String templateurl = config.getMailUserAcountRevocationTemplate();
+
+ String template = readTemplateFromURL(templateurl);
+
+ if (userdb.isIsMandateUser()) {
+ template = template.replace(PATTERN_GIVENNAME, userdb.getInstitut());
+ template = template.replace(PATTERN_FAMILYNAME, "");
+
+ } else {
+ template = template.replace(PATTERN_GIVENNAME, userdb.getGivenname());
+ template = template.replace(PATTERN_FAMILYNAME, userdb.getFamilyname());
+ }
+
+ SimpleDateFormat dateformat = new SimpleDateFormat("dd.MM.yyyy");
+ template = template.replace(PATTERN_DATE, dateformat.format(new Date()));
+
+ sendMail(config, config.getMailUserAcountActivationSubject(),
+ userdb.getMail(), template);
+ }
+
+ private static String readTemplateFromURL(String templateurl) throws ConfigurationException {
+ InputStream input;
+ try {
+ File file = new File(templateurl);
+ input = new FileInputStream(file);
+ StringWriter writer = new StringWriter();
+ IOUtils.copy(input, writer);
+ input.close();
+ return writer.toString();
+
+ } catch (Exception e) {
+ log.warn("Mailtemplate can not be read from source" + templateurl);
+ throw new ConfigurationException("Mailtemplate can not be read from source" + templateurl);
+
+ }
+ }
+
+ private static void sendMail(ConfigurationProvider config, String subject, String recipient, String content) throws ConfigurationException {
+ try {
+ log.debug("Sending mail.");
+ MiscUtil.assertNotNull(subject, "subject");
+ MiscUtil.assertNotNull(recipient, "recipient");
+ MiscUtil.assertNotNull(content, "content");
+
+ Properties props = new Properties();
+ props.setProperty("mail.transport.protocol", "smtp");
+ props.setProperty("mail.host", config.getSMTPMailHost());
+ log.trace("Mail host: " + config.getSMTPMailHost());
+ if (config.getSMTPMailPort() != null) {
+ log.trace("Mail port: " + config.getSMTPMailPort());
+ props.setProperty("mail.port", config.getSMTPMailPort());
+ }
+ if (config.getSMTPMailUsername() != null) {
+ log.trace("Mail user: " + config.getSMTPMailUsername());
+ props.setProperty("mail.user", config.getSMTPMailUsername());
+ }
+ if (config.getSMTPMailPassword() != null) {
+ log.trace("Mail password: " + config.getSMTPMailPassword());
+ props.setProperty("mail.password", config.getSMTPMailPassword());
+ }
+
+ Session mailSession = Session.getDefaultInstance(props, null);
+ Transport transport = mailSession.getTransport();
+
+ MimeMessage message = new MimeMessage(mailSession);
+ message.setSubject(subject);
+ log.trace("Mail from: " + config.getMailFromName() + "/" + config.getMailFromAddress());
+ message.setFrom(new InternetAddress(config.getMailFromAddress(), config.getMailFromName()));
+ log.trace("Recipient: " + recipient);
+ message.addRecipient(Message.RecipientType.TO, new InternetAddress(recipient));
+
+ log.trace("Creating multipart content of mail.");
+ MimeMultipart multipart = new MimeMultipart("related");
+
+ log.trace("Adding first part (html)");
+ BodyPart messageBodyPart = new MimeBodyPart();
+ messageBodyPart.setContent(content, "text/html; charset=ISO-8859-15");
+ multipart.addBodyPart(messageBodyPart);
+
+// log.trace("Adding mail images");
+// messageBodyPart = new MimeBodyPart();
+// for (Image image : images) {
+// messageBodyPart.setDataHandler(new DataHandler(image));
+// messageBodyPart.setHeader("Content-ID", "<" + image.getContentId() + ">");
+// multipart.addBodyPart(messageBodyPart);
+// }
+
+ message.setContent(multipart);
+ transport.connect();
+ log.trace("Sending mail message.");
+ transport.sendMessage(message, message.getRecipients(Message.RecipientType.TO));
+ log.trace("Successfully sent.");
+ transport.close();
+
+ } catch(MessagingException e) {
+ throw new ConfigurationException(e);
+
+ } catch (UnsupportedEncodingException e) {
+ throw new ConfigurationException(e);
+
+ }
+ }
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/StringHelper.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/StringHelper.java
index 8abb0be86..43fc78821 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/StringHelper.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/StringHelper.java
@@ -1,3 +1,25 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.helper;
public class StringHelper {
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java
index da87a197f..f1a8c8694 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java
@@ -1,14 +1,38 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.struts.action;
import java.math.BigInteger;
import java.util.ArrayList;
import java.util.Arrays;
+import java.util.Date;
import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
import org.apache.log4j.Logger;
import org.apache.struts2.interceptor.ServletRequestAware;
@@ -26,9 +50,7 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.ForeignIdentities;
import at.gv.egovernment.moa.id.commons.db.dao.config.GeneralConfiguration;
import at.gv.egovernment.moa.id.commons.db.dao.config.IdentificationNumber;
import at.gv.egovernment.moa.id.commons.db.dao.config.IdentityLinkSigners;
-import at.gv.egovernment.moa.id.commons.db.dao.config.IdentityLinkSignersX509SubjectNameItem;
import at.gv.egovernment.moa.id.commons.db.dao.config.LegacyAllowed;
-import at.gv.egovernment.moa.id.commons.db.dao.config.LegacyAllowedProtocolNameItem;
import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration;
import at.gv.egovernment.moa.id.commons.db.dao.config.MOASP;
import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineMandates;
@@ -43,7 +65,6 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.TimeOuts;
import at.gv.egovernment.moa.id.commons.db.dao.config.TransformsInfoType;
import at.gv.egovernment.moa.id.commons.db.dao.config.TrustAnchor;
import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyAuthBlock;
-import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyAuthBlockVerifyTransformsInfoProfileIDItem;
import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyIdentityLink;
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
import at.gv.egovernment.moa.id.configuration.Constants;
@@ -51,7 +72,7 @@ import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
import at.gv.egovernment.moa.id.configuration.data.GeneralMOAIDConfig;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
import at.gv.egovernment.moa.id.configuration.validation.moaconfig.MOAConfigValidator;
-import at.gv.egovernment.moa.id.configuration.validation.moaconfig.PVP2ContactValidator;
+import at.gv.egovernment.moa.id.util.Random;
import at.gv.egovernment.moa.util.MiscUtil;
import com.opensymphony.xwork2.ActionSupport;
@@ -63,15 +84,20 @@ public class EditGeneralConfigAction extends ActionSupport
private static final long serialVersionUID = 1L;
private HttpServletRequest request;
- private HttpServletResponse response;
private AuthenticatedUser authUser;
-
private GeneralMOAIDConfig moaconfig;
+ private String formID;
+
public String loadConfig() {
+ HttpSession session = request.getSession();
+ if (session == null) {
+ log.info("No http Session found.");
+ return Constants.STRUTS_ERROR;
+ }
- Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+ Object authUserObj = session.getAttribute(Constants.SESSION_AUTH);
authUser = (AuthenticatedUser) authUserObj;
if (authUser.isAdmin()) {
@@ -83,6 +109,9 @@ public class EditGeneralConfigAction extends ActionSupport
ConfigurationDBUtils.closeSession();
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+
return Constants.STRUTS_SUCCESS;
} else {
@@ -92,11 +121,30 @@ public class EditGeneralConfigAction extends ActionSupport
}
public String saveConfig() {
+ HttpSession session = request.getSession();
+ if (session == null) {
+ log.info("No http Session found.");
+ return Constants.STRUTS_ERROR;
+ }
- Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
-
+ Object authUserObj = session.getAttribute(Constants.SESSION_AUTH);
authUser = (AuthenticatedUser) authUserObj;
+ Object formidobj = session.getAttribute(Constants.SESSION_FORMID);
+ if (formidobj != null && formidobj instanceof String) {
+ String formid = (String) formidobj;
+ if (!formid.equals(formID)) {
+ log.warn("FormIDs does not match. Some suspect Form is received from user "
+ + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID());
+ return Constants.STRUTS_ERROR;
+ }
+ } else {
+ log.warn("FormIDs does not match. Some suspect Form is received from user "
+ + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID());
+ return Constants.STRUTS_ERROR;
+ }
+ session.setAttribute(Constants.SESSION_FORMID, null);
+
if (authUser.isAdmin()) {
MOAConfigValidator validator = new MOAConfigValidator();
@@ -108,6 +156,8 @@ public class EditGeneralConfigAction extends ActionSupport
for (String el : errors)
addActionError(el);
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
return Constants.STRUTS_ERROR_VALIDATION;
}
@@ -456,7 +506,9 @@ public class EditGeneralConfigAction extends ActionSupport
dbconfig.setTrustedCACertificates(moaconfig.getTrustedCACerts());
//save config
- try {
+ try {
+ dbconfig.setTimestampItem(new Date());
+
ConfigurationDBUtils.save(dbconfig);
if (oldconfig != null)
@@ -473,8 +525,7 @@ public class EditGeneralConfigAction extends ActionSupport
}
public void setServletResponse(HttpServletResponse response) {
- this.response = response;
-
+// this.response = response;
}
public void setServletRequest(HttpServletRequest request) {
@@ -502,6 +553,20 @@ public class EditGeneralConfigAction extends ActionSupport
public void setMoaconfig(GeneralMOAIDConfig moaconfig) {
this.moaconfig = moaconfig;
}
+
+ /**
+ * @return the formID
+ */
+ public String getFormID() {
+ return formID;
+ }
+
+ /**
+ * @param formID the formID to set
+ */
+ public void setFormID(String formID) {
+ this.formID = formID;
+ }
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java
index 297d80726..5366aff23 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java
@@ -1,25 +1,62 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.struts.action;
+import iaik.utils.URLDecoder;
+
+import java.io.ByteArrayInputStream;
+import java.io.File;
+import java.io.FileInputStream;
import java.io.IOException;
+import java.io.InputStream;
import java.math.BigInteger;
import java.security.cert.CertificateException;
import java.util.ArrayList;
+import java.util.Date;
+import java.util.HashMap;
import java.util.List;
+import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
import org.apache.log4j.Logger;
import org.apache.struts2.interceptor.ServletRequestAware;
import org.apache.struts2.interceptor.ServletResponseAware;
+import at.gv.egovernment.moa.id.auth.builder.LoginFormBuilder;
import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead;
import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA;
+import at.gv.egovernment.moa.id.commons.db.dao.config.BKUSelectionCustomizationType;
import at.gv.egovernment.moa.id.commons.db.dao.config.BKUURLS;
+import at.gv.egovernment.moa.id.commons.db.dao.config.DefaultBKUs;
import at.gv.egovernment.moa.id.commons.db.dao.config.IdentificationNumber;
+import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration;
import at.gv.egovernment.moa.id.commons.db.dao.config.MOAKeyBoxSelector;
import at.gv.egovernment.moa.id.commons.db.dao.config.Mandates;
+import at.gv.egovernment.moa.id.commons.db.dao.config.OAOAUTH20;
import at.gv.egovernment.moa.id.commons.db.dao.config.OAPVP2;
import at.gv.egovernment.moa.id.commons.db.dao.config.OASAML1;
import at.gv.egovernment.moa.id.commons.db.dao.config.OASSO;
@@ -33,50 +70,76 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase;
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
import at.gv.egovernment.moa.id.configuration.Constants;
import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
+import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider;
+import at.gv.egovernment.moa.id.configuration.data.FormularCustomization;
import at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig;
+import at.gv.egovernment.moa.id.configuration.data.oa.OAOAuth20Config;
import at.gv.egovernment.moa.id.configuration.data.oa.OAPVP2Config;
import at.gv.egovernment.moa.id.configuration.data.oa.OASAML1Config;
import at.gv.egovernment.moa.id.configuration.data.oa.OASSOConfig;
import at.gv.egovernment.moa.id.configuration.data.oa.OASTORKConfig;
+import at.gv.egovernment.moa.id.configuration.exception.ConfigurationException;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
+import at.gv.egovernment.moa.id.configuration.helper.MailHelper;
+import at.gv.egovernment.moa.id.configuration.validation.FormularCustomizationValitator;
+import at.gv.egovernment.moa.id.configuration.validation.TargetValidator;
import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper;
import at.gv.egovernment.moa.id.configuration.validation.oa.OAGeneralConfigValidation;
+import at.gv.egovernment.moa.id.configuration.validation.oa.OAOAUTH20ConfigValidation;
import at.gv.egovernment.moa.id.configuration.validation.oa.OAPVP2ConfigValidation;
import at.gv.egovernment.moa.id.configuration.validation.oa.OASAML1ConfigValidation;
import at.gv.egovernment.moa.id.configuration.validation.oa.OASSOConfigValidation;
import at.gv.egovernment.moa.id.configuration.validation.oa.OASTORKConfigValidation;
+import at.gv.egovernment.moa.id.util.FormBuildUtils;
+import at.gv.egovernment.moa.id.util.Random;
import at.gv.egovernment.moa.util.MiscUtil;
import com.opensymphony.xwork2.ActionSupport;
-public class EditOAAction extends ActionSupport implements ServletRequestAware,
-ServletResponseAware {
-
+public class EditOAAction extends ActionSupport implements ServletRequestAware, ServletResponseAware {
+
private final Logger log = Logger.getLogger(EditOAAction.class);
private static final long serialVersionUID = 1L;
-
+
private HttpServletRequest request;
private HttpServletResponse response;
- private AuthenticatedUser authUser;
+ private AuthenticatedUser authUser;
private String oaidobj;
private boolean newOA;
+ private String formID;
+
+ private boolean onlyBusinessService = false;
+ private boolean subTargetSet = false;
+ private boolean deaktivededBusinessService = false;
+ private boolean isMetaDataRefreshRequired = false;
+
+ private String nextPage;
private OAGeneralConfig generalOA = new OAGeneralConfig();
private OAPVP2Config pvp2OA = new OAPVP2Config();
private OASAML1Config saml1OA = new OASAML1Config();
private OASSOConfig ssoOA = new OASSOConfig();
+ private OAOAuth20Config oauth20OA = new OAOAuth20Config();
private OASTORKConfig storkOA;
+ private FormularCustomization formOA = new FormularCustomization();
- //STRUTS actions
+ private InputStream stream;
+
+ // STRUTS actions
public String inital() {
+ HttpSession session = request.getSession();
+ if (session == null) {
+ log.info("No http Session found.");
+ return Constants.STRUTS_ERROR;
+ }
- Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+ Object authUserObj = session.getAttribute(Constants.SESSION_AUTH);
authUser = (AuthenticatedUser) authUserObj;
-
+
long oaid = -1;
if (!ValidationHelper.validateOAID(oaidobj)) {
@@ -84,38 +147,65 @@ ServletResponseAware {
return Constants.STRUTS_ERROR;
}
oaid = Long.valueOf(oaidobj);
-
- OnlineApplication onlineapplication = null;;
+
+ UserDatabase userdb = null;
+ OnlineApplication onlineapplication = null;
+
if (authUser.isAdmin())
onlineapplication = ConfigurationDBRead.getOnlineApplication(oaid);
+
else {
- UserDatabase userdb = ConfigurationDBRead.getUserWithID(authUser.getUserID());
+ userdb = ConfigurationDBRead.getUserWithID(authUser.getUserID());
+
+ if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null && !userdb.isIsMailAddressVerified()) {
+ log.info("Online-Applikation managemant disabled. Mail address is not verified.");
+ addActionError(LanguageHelper.getErrorString("error.editoa.mailverification"));
+ return Constants.STRUTS_SUCCESS;
+ }
+
+ // TODO: change to direct Database operation
List<OnlineApplication> oas = userdb.getOnlineApplication();
for (OnlineApplication oa : oas) {
if (oa.getHjid() == oaid) {
onlineapplication = oa;
break;
}
- }
+ }
if (onlineapplication == null) {
addActionError(LanguageHelper.getErrorString("errors.edit.oa.oaid", request));
return Constants.STRUTS_ERROR;
}
}
-
+
generalOA.parse(onlineapplication);
ssoOA.parse(onlineapplication);
saml1OA.parse(onlineapplication);
+ oauth20OA.parse(onlineapplication);
+ session.setAttribute(Constants.SESSION_OAUTH20SECRET, this.oauth20OA.getClientSecret());
+
+ Map<String, String> map = new HashMap<String, String>();
+ map.putAll(FormBuildUtils.getDefaultMap());
+ formOA.parse(onlineapplication, map);
+
+ session.setAttribute(Constants.SESSION_BKUFORMPREVIEW, map);
+
List<String> errors = pvp2OA.parse(onlineapplication);
if (errors.size() > 0) {
for (String el : errors)
- addActionError(el);
+ addActionError(el);
}
+ subTargetSet = MiscUtil.isNotEmpty(generalOA.getTarget_subsector());
+
+ // set UserSpezific OA Parameters
+ if (!authUser.isAdmin()) generateUserSpecificConfigurationOptions(userdb);
+
ConfigurationDBUtils.closeSession();
-
- request.getSession().setAttribute(Constants.SESSION_OAID, oaid);
+ session.setAttribute(Constants.SESSION_OAID, oaid);
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
newOA = false;
@@ -125,44 +215,108 @@ ServletResponseAware {
public String newOA() {
log.debug("insert new Online-Application");
- request.getSession().setAttribute(Constants.SESSION_OAID, null);
+ HttpSession session = request.getSession();
+ if (session == null) {
+ log.info("No http Session found.");
+ return Constants.STRUTS_ERROR;
+ }
+
+ session.setAttribute(Constants.SESSION_OAID, null);
+ nextPage = Constants.STRUTS_RETURNAREA_VALUES.main.name();
- Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+ Object authUserObj = session.getAttribute(Constants.SESSION_AUTH);
authUser = (AuthenticatedUser) authUserObj;
-
+
+ UserDatabase userdb = ConfigurationDBRead.getUserWithID(authUser.getUserID());
+
+ if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null && !userdb.isIsMailAddressVerified()) {
+ log.info("Online-Applikation managemant disabled. Mail address is not verified.");
+ addActionError(LanguageHelper.getErrorString("error.editoa.mailverification"));
+ return Constants.STRUTS_SUCCESS;
+ }
+
+ MOAIDConfiguration moaidconfig = ConfigurationDBRead.getMOAIDConfiguration();
+ if (moaidconfig != null) {
+ DefaultBKUs defaultbkus = moaidconfig.getDefaultBKUs();
+ if (defaultbkus != null) {
+ generalOA.setBkuHandyURL(defaultbkus.getHandyBKU());
+ generalOA.setBkuLocalURL(defaultbkus.getLocalBKU());
+ generalOA.setBkuOnlineURL(defaultbkus.getOnlineBKU());
+ }
+ }
+
+ // set UserSpezific OA Parameters
+ if (!authUser.isAdmin()) generateUserSpecificConfigurationOptions(userdb);
+
+ ConfigurationDBUtils.closeSession();
+
newOA = true;
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+
+ session.setAttribute(Constants.SESSION_BKUFORMPREVIEW, null);
+
+ this.oauth20OA.generateClientSecret();
+ session.setAttribute(Constants.SESSION_OAUTH20SECRET, this.oauth20OA.getClientSecret());
return Constants.STRUTS_OA_EDIT;
}
public String saveOA() {
-
- Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+ HttpSession session = request.getSession();
+ if (session == null) {
+ log.info("No http Session found.");
+ return Constants.STRUTS_ERROR;
+ }
+ Object authUserObj = session.getAttribute(Constants.SESSION_AUTH);
authUser = (AuthenticatedUser) authUserObj;
-
+
+ Object formidobj = session.getAttribute(Constants.SESSION_FORMID);
+ if (formidobj != null && formidobj instanceof String) {
+ String formid = (String) formidobj;
+ if (!formid.equals(formID)) {
+ log.warn("FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName()
+ + authUser.getGivenName() + authUser.getUserID());
+ return Constants.STRUTS_ERROR;
+ }
+ } else {
+ log.warn("FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName()
+ + authUser.getGivenName() + authUser.getUserID());
+ return Constants.STRUTS_ERROR;
+ }
+ session.setAttribute(Constants.SESSION_FORMID, null);
+
+ UserDatabase userdb = ConfigurationDBRead.getUserWithID(authUser.getUserID());
+ if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null && !userdb.isIsMailAddressVerified()) {
+ log.info("Online-Applikation managemant disabled. Mail address is not verified.");
+ addActionError(LanguageHelper.getErrorString("error.editoa.mailverification"));
+ return Constants.STRUTS_SUCCESS;
+ }
+
OnlineApplication onlineapplication = null;
List<String> errors = new ArrayList<String>();
Object oadbid = request.getSession().getAttribute(Constants.SESSION_OAID);
Long oaid = (long) -1;
- if (oadbid != null ) {
+ if (oadbid != null) {
try {
- oaid = (Long) oadbid;
+ oaid = (Long) oadbid;
if (oaid < 0 || oaid > Long.MAX_VALUE) {
addActionError(LanguageHelper.getErrorString("errors.edit.oa.oaid", request));
- return Constants.STRUTS_ERROR;
+ return Constants.STRUTS_ERROR;
}
- } catch (Throwable t) {
+ }
+ catch (Throwable t) {
addActionError(LanguageHelper.getErrorString("errors.edit.oa.oaid", request));
- return Constants.STRUTS_ERROR;
+ return Constants.STRUTS_ERROR;
}
}
- //valid DBID and check entry
+ // valid DBID and check entry
String oaidentifier = generalOA.getIdentifier();
if (MiscUtil.isEmpty(oaidentifier)) {
log.info("Empty OA identifier");
@@ -170,16 +324,16 @@ ServletResponseAware {
} else {
- //TODO: oaidentifier has to be a URL according to PVP2.1 specification
- if (ValidationHelper.isValidOAIdentifier(oaidentifier)) {
- log.warn("IdentificationNumber contains potentail XSS characters: " + oaidentifier);
- errors.add(LanguageHelper.getErrorString("validation.general.oaidentifier.valid",
- new Object[] {ValidationHelper.getNotValidOAIdentifierCharacters()} ));
+ if (!ValidationHelper.validateURL(oaidentifier)) {
+ log.warn("OnlineapplikationIdentifier is not a valid URL: " + oaidentifier);
+ errors.add(LanguageHelper.getErrorString("validation.general.oaidentifier.valid",
+ new Object[] { ValidationHelper.getNotValidOAIdentifierCharacters() }));
} else {
-
+
if (oaid == -1) {
onlineapplication = ConfigurationDBRead.getOnlineApplication(oaidentifier);
- if (onlineapplication != null) {
+ newOA = true;
+ if (onlineapplication != null) {
log.info("The OAIdentifier is not unique");
errors.add(LanguageHelper.getErrorString("validation.general.oaidentifier.notunique"));
}
@@ -188,7 +342,7 @@ ServletResponseAware {
onlineapplication = ConfigurationDBRead.getOnlineApplication(oaid);
if (!oaidentifier.equals(onlineapplication.getPublicURLPrefix())) {
- if (ConfigurationDBRead.getOnlineApplication(oaidentifier) != null) {
+ if (ConfigurationDBRead.getOnlineApplication(oaidentifier) != null) {
log.info("The OAIdentifier is not unique");
errors.add(LanguageHelper.getErrorString("validation.general.oaidentifier.notunique"));
}
@@ -196,42 +350,149 @@ ServletResponseAware {
}
}
}
-
- //check form
+
+ // set UserSpezific OA Parameters
+ if (!authUser.isAdmin()) generateUserSpecificConfigurationOptions(userdb);
+
+ // check form
OAGeneralConfigValidation validatior_general = new OAGeneralConfigValidation();
OAPVP2ConfigValidation validatior_pvp2 = new OAPVP2ConfigValidation();
OASAML1ConfigValidation validatior_saml1 = new OASAML1ConfigValidation();
OASSOConfigValidation validatior_sso = new OASSOConfigValidation();
OASTORKConfigValidation validator_stork = new OASTORKConfigValidation();
+ FormularCustomizationValitator validator_form = new FormularCustomizationValitator();
+ OAOAUTH20ConfigValidation validatior_oauth20 = new OAOAUTH20ConfigValidation();
- errors.addAll(validatior_general.validate(generalOA, authUser.isAdmin()));
+ errors.addAll(validatior_general.validate(generalOA, authUser.isAdmin()));
errors.addAll(validatior_pvp2.validate(pvp2OA));
errors.addAll(validatior_saml1.validate(saml1OA, generalOA));
errors.addAll(validatior_sso.validate(ssoOA, authUser.isAdmin()));
- errors.addAll(validator_stork.validate(storkOA));
+ errors.addAll(validator_stork.validate(storkOA));
+ errors.addAll(validator_form.validate(formOA));
+ errors.addAll(validatior_oauth20.validate(oauth20OA));
+
+ // Do not allow SSO in combination with special BKUSelection features
+ if (ssoOA.isUseSSO() && (formOA.isOnlyMandateAllowed() || !formOA.isShowMandateLoginButton())) {
+ log.warn("Special BKUSelection features can not be used in combination with SSO");
+ errors.add(LanguageHelper.getErrorString("validation.general.bkuselection.specialfeatures.valid"));
+ }
if (errors.size() > 0) {
log.info("OAConfiguration with ID " + generalOA.getIdentifier() + " has some errors.");
for (String el : errors)
- addActionError(el);
+ addActionError(el);
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
return Constants.STRUTS_ERROR_VALIDATION;
} else {
- String error = saveOAConfigToDatabase(onlineapplication);
+ boolean newentry = false;
+
+ if (onlineapplication == null) {
+ onlineapplication = new OnlineApplication();
+ newentry = true;
+ onlineapplication.setIsActive(false);
+
+ if (!authUser.isAdmin()) {
+ onlineapplication.setIsAdminRequired(true);
+
+ } else
+ isMetaDataRefreshRequired = true;
+
+ } else {
+ if (!authUser.isAdmin() && !onlineapplication.getPublicURLPrefix().equals(generalOA.getIdentifier())) {
+
+ onlineapplication.setIsAdminRequired(true);
+ onlineapplication.setIsActive(false);
+ log.info("User with ID " + authUser.getUserID() + " change OA-PublicURLPrefix. Reaktivation is required.");
+ }
+
+ }
+
+ if ((onlineapplication.isIsAdminRequired() == null)
+ || (authUser.isAdmin() && generalOA.isActive() && onlineapplication.isIsAdminRequired())) {
+
+ onlineapplication.setIsAdminRequired(false);
+ isMetaDataRefreshRequired = true;
+
+ if (onlineapplication.getHjid() != null) userdb = ConfigurationDBRead.getUsersWithOADBID(onlineapplication.getHjid());
+
+ if (userdb != null && !userdb.isIsAdmin()) {
+ try {
+ MailHelper.sendUserOnlineApplicationActivationMail(userdb.getGivenname(), userdb.getFamilyname(),
+ userdb.getInstitut(), onlineapplication.getPublicURLPrefix(), userdb.getMail());
+ }
+ catch (ConfigurationException e) {
+ log.warn("Sending Mail to User " + userdb.getMail() + " failed", e);
+ }
+ }
+ }
+
+ if (pvp2OA.getMetaDataURL() != null) {
+
+ try {
+ if (isMetaDataRefreshRequired
+ || !pvp2OA.getMetaDataURL().equals(onlineapplication.getAuthComponentOA().getOAPVP2().getMetadataURL())) {
+
+ log.debug("Set PVP2 Metadata refresh flag.");
+ MOAIDConfiguration moaconfig = ConfigurationDBRead.getMOAIDConfiguration();
+ moaconfig.setPvp2RefreshItem(new Date());
+ ConfigurationDBUtils.saveOrUpdate(moaconfig);
+
+ }
+ }
+ catch (Throwable e) {
+ log.info("Found no MetadataURL in OA-Databaseconfig!", e);
+ }
+
+ }
+
+ String error = saveOAConfigToDatabase(onlineapplication, newentry);
if (MiscUtil.isNotEmpty(error)) {
log.warn("OA configuration can not be stored!");
- addActionError(error);
+ addActionError(error);
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
return Constants.STRUTS_ERROR_VALIDATION;
}
}
-
+ Object nextPageAttr = session.getAttribute(Constants.SESSION_RETURNAREA);
+ if (nextPageAttr != null && nextPageAttr instanceof String) {
+ nextPage = (String) nextPageAttr;
+ session.setAttribute(Constants.SESSION_RETURNAREA, null);
+
+ } else {
+ nextPage = Constants.STRUTS_RETURNAREA_VALUES.main.name();
+ }
- request.getSession().setAttribute(Constants.SESSION_OAID, null);
- addActionMessage(LanguageHelper.getGUIString("webpages.oaconfig.success", generalOA.getIdentifier(), request));
+ if (onlineapplication.isIsAdminRequired()) {
+ int numoas = 0;
+ int numusers = 0;
+
+ List<OnlineApplication> openOAs = ConfigurationDBRead.getAllNewOnlineApplications();
+ if (openOAs != null) numoas = openOAs.size();
+
+ List<UserDatabase> openUsers = ConfigurationDBRead.getAllNewUsers();
+ if (openUsers != null) numusers = openUsers.size();
+ try {
+
+ addActionMessage(LanguageHelper.getGUIString("webpages.oaconfig.success.admin", generalOA.getIdentifier(), request));
+
+ if (numusers > 0 || numoas > 0) MailHelper.sendAdminMail(numoas, numusers);
+
+ }
+ catch (ConfigurationException e) {
+ log.warn("Sending Mail to Admin failed.", e);
+ }
+
+ } else
+ addActionMessage(LanguageHelper.getGUIString("webpages.oaconfig.success", generalOA.getIdentifier(), request));
+ request.getSession().setAttribute(Constants.SESSION_OAID, null);
ConfigurationDBUtils.closeSession();
return Constants.STRUTS_SUCCESS;
@@ -239,7 +500,22 @@ ServletResponseAware {
public String cancleAndBackOA() {
- request.getSession().setAttribute(Constants.SESSION_OAID, null);
+ HttpSession session = request.getSession();
+ if (session == null) {
+ log.info("No http Session found.");
+ return Constants.STRUTS_ERROR;
+ }
+
+ Object nextPageAttr = session.getAttribute(Constants.SESSION_RETURNAREA);
+ if (nextPageAttr != null && nextPageAttr instanceof String) {
+ nextPage = (String) nextPageAttr;
+ session.setAttribute(Constants.SESSION_RETURNAREA, null);
+
+ } else {
+ nextPage = Constants.STRUTS_RETURNAREA_VALUES.main.name();
+ }
+
+ session.setAttribute(Constants.SESSION_OAID, null);
addActionMessage(LanguageHelper.getGUIString("webpages.oaconfig.cancle", generalOA.getIdentifier(), request));
@@ -249,29 +525,82 @@ ServletResponseAware {
}
public String deleteOA() {
+ HttpSession session = request.getSession();
+ if (session == null) {
+ log.info("No http Session found.");
+ return Constants.STRUTS_ERROR;
+ }
- Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
-
+ Object authUserObj = session.getAttribute(Constants.SESSION_AUTH);
authUser = (AuthenticatedUser) authUserObj;
+ Object formidobj = session.getAttribute(Constants.SESSION_FORMID);
+ if (formidobj != null && formidobj instanceof String) {
+ String formid = (String) formidobj;
+ if (!formid.equals(formID)) {
+ log.warn("FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName()
+ + authUser.getGivenName() + authUser.getUserID());
+ return Constants.STRUTS_ERROR;
+ }
+ } else {
+ log.warn("FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName()
+ + authUser.getGivenName() + authUser.getUserID());
+ return Constants.STRUTS_ERROR;
+ }
+ session.setAttribute(Constants.SESSION_FORMID, null);
+
+ Object nextPageAttr = session.getAttribute(Constants.SESSION_RETURNAREA);
+ if (nextPageAttr != null && nextPageAttr instanceof String) {
+ nextPage = (String) nextPageAttr;
+
+ } else {
+ nextPage = Constants.STRUTS_RETURNAREA_VALUES.main.name();
+ }
+
+ UserDatabase userdb = ConfigurationDBRead.getUserWithID(authUser.getUserID());
+ if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null && !userdb.isIsMailAddressVerified()) {
+ log.info("Online-Applikation managemant disabled. Mail address is not verified.");
+ addActionError(LanguageHelper.getErrorString("error.editoa.mailverification"));
+ return Constants.STRUTS_SUCCESS;
+ }
+
String oaidentifier = generalOA.getIdentifier();
if (MiscUtil.isEmpty(oaidentifier)) {
log.info("Empty OA identifier");
addActionError(LanguageHelper.getErrorString("validation.general.oaidentifier.empty"));
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
return Constants.STRUTS_ERROR_VALIDATION;
} else {
if (ValidationHelper.isValidOAIdentifier(oaidentifier)) {
log.warn("IdentificationNumber contains potentail XSS characters: " + oaidentifier);
- addActionError(LanguageHelper.getErrorString("validation.general.oaidentifier.valid",
- new Object[] {ValidationHelper.getNotValidOAIdentifierCharacters()} ));
+ addActionError(LanguageHelper.getErrorString("validation.general.oaidentifier.valid",
+ new Object[] { ValidationHelper.getNotValidOAIdentifierCharacters() }));
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
return Constants.STRUTS_ERROR_VALIDATION;
}
}
-
+
OnlineApplication onlineapplication = ConfigurationDBRead.getOnlineApplication(oaidentifier);
-
request.getSession().setAttribute(Constants.SESSION_OAID, null);
+
+ try {
+ if (MiscUtil.isNotEmpty(onlineapplication.getAuthComponentOA().getOAPVP2().getMetadataURL())) {
+
+ MOAIDConfiguration moaconfig = ConfigurationDBRead.getMOAIDConfiguration();
+ moaconfig.setPvp2RefreshItem(new Date());
+ ConfigurationDBUtils.saveOrUpdate(moaconfig);
+
+ }
+ }
+ catch (Throwable e) {
+ log.info("Found no MetadataURL in OA-Databaseconfig!", e);
+ }
+
if (ConfigurationDBUtils.delete(onlineapplication)) {
if (!authUser.isAdmin()) {
@@ -287,7 +616,8 @@ ServletResponseAware {
try {
ConfigurationDBUtils.saveOrUpdate(user);
- } catch (MOADatabaseException e) {
+ }
+ catch (MOADatabaseException e) {
log.warn("User information can not be updated in database", e);
addActionError(LanguageHelper.getGUIString("error.db.oa.store", request));
return Constants.STRUTS_ERROR;
@@ -303,107 +633,263 @@ ServletResponseAware {
} else {
ConfigurationDBUtils.closeSession();
addActionError(LanguageHelper.getGUIString("webpages.oaconfig.delete.error", generalOA.getIdentifier(), request));
- return Constants.STRUTS_SUCCESS;
+ return Constants.STRUTS_SUCCESS;
}
-
-
}
- private String saveOAConfigToDatabase(OnlineApplication dboa) {
+ public String bkuFramePreview() {
- boolean newentry = false;
+ String preview = null;
- if (dboa == null) {
- dboa = new OnlineApplication();
- newentry = true;
- dboa.setIsActive(false);
+ HttpSession session = request.getSession();
+ if (session == null) {
+ log.info("No http Session found.");
+ preview = LanguageHelper.getErrorString("error.bkuformpreview.notpossible");
+
+ } else {
+ InputStream input = null;
+
+ try {
+ Object mapobj = session.getAttribute(Constants.SESSION_BKUFORMPREVIEW);
+ if (mapobj != null && mapobj instanceof Map<?, ?>) {
+
+ ConfigurationProvider config = ConfigurationProvider.getInstance();
+ String templateURL = config.getConfigRootDir() + ConfigurationProvider.HTMLTEMPLATE_DIR
+ + ConfigurationProvider.HTMLTEMPLATE_FILE;
+
+ File file = new File(templateURL);
+ input = new FileInputStream(file);
+
+ String contextpath = config.getMOAIDInstanceURL();
+ if (MiscUtil.isEmpty(contextpath)) {
+ log.info("NO MOA-ID instance URL configurated.");
+ throw new ConfigurationException("No MOA-ID instance configurated");
+ }
+
+ preview = LoginFormBuilder.getTemplate(input);
+ preview = preview.replace(LoginFormBuilder.CONTEXTPATH, contextpath);
+
+ Map<String, String> map = (Map<String, String>) mapobj;
+
+ request.setCharacterEncoding("UTF-8");
+
+ String module = request.getParameter(Constants.REQUEST_FORMCUSTOM_MODULE);
+ String value = request.getParameter(Constants.REQUEST_FORMCUSTOM_VALUE);
+
+ if (value != null) {
+ String[] query = URLDecoder.decode(request.getQueryString()).split("&");
+ value = query[1].substring("value=".length());
+ }
+
+ synchronized (map) {
+
+ if (MiscUtil.isNotEmpty(module)) {
+ if (map.containsKey("#" + module + "#")) {
+ if (MiscUtil.isNotEmpty(value)) {
+ if (FormBuildUtils.FONTFAMILY.contains(module) || FormBuildUtils.HEADER_TEXT.contains(module)
+ || value.startsWith("#"))
+ map.put("#" + module + "#", value);
+ else
+ map.put("#" + module + "#", "#" + value);
+
+ } else {
+ map.put("#" + module + "#", FormBuildUtils.getDefaultMap().get("#" + module + "#"));
+ }
+ }
+ }
+ preview = FormBuildUtils.customiceLayoutBKUSelection(preview, true, false, map);
+ }
+
+ } else {
+ preview = LanguageHelper.getErrorString("error.bkuformpreview.notpossible");
+
+ }
+
+ }
+ catch (Exception e) {
+ log.warn("BKUSelection Preview can not be generated.", e);
+ preview = LanguageHelper.getErrorString("error.bkuformpreview.notpossible");
+
+ }
}
-
+
+ stream = new ByteArrayInputStream(preview.getBytes());
+
+ return Constants.STRUTS_SUCCESS;
+ }
+
+ private String saveOAConfigToDatabase(OnlineApplication dboa, boolean newentry) {
+
AuthComponentOA authoa = dboa.getAuthComponentOA();
- if (authoa == null) {
+ if (authoa == null) {
authoa = new AuthComponentOA();
dboa.setAuthComponentOA(authoa);
}
-
- if (authUser.isAdmin())
- dboa.setIsActive(generalOA.isActive());
+
+ if (authUser.isAdmin()) dboa.setIsActive(generalOA.isActive());
dboa.setFriendlyName(generalOA.getFriendlyName());
dboa.setCalculateHPI(generalOA.isCalculateHPI());
- dboa.setKeyBoxIdentifier(MOAKeyBoxSelector.fromValue(generalOA.getKeyBoxIdentifier()));
+ dboa.setRemoveBPKFromAuthBlock(generalOA.isHideBPKAuthBlock());
+
+ if (authUser.isAdmin())
+ dboa.setKeyBoxIdentifier(MOAKeyBoxSelector.fromValue(generalOA.getKeyBoxIdentifier()));
+ else {
+ if (newentry) dboa.setKeyBoxIdentifier(MOAKeyBoxSelector.SECURE_SIGNATURE_KEYPAIR);
+ }
+
dboa.setPublicURLPrefix(generalOA.getIdentifier());
- if (generalOA.isBusinessService()) {
+ if (generalOA.isBusinessService() || onlyBusinessService) {
+
dboa.setType(Constants.MOA_CONFIG_BUSINESSSERVICE);
+ String num = generalOA.getIdentificationNumber().replaceAll(" ", "");
+ if (num.startsWith(Constants.IDENIFICATIONTYPE_FN)) {
+ num = num.substring(Constants.IDENIFICATIONTYPE_FN.length());
+
+ num = at.gv.egovernment.moa.util.StringUtils.deleteLeadingZeros(num);
+
+ // num = StringUtils.leftPad(num, 7, '0');
+ }
+
+ if (num.startsWith(Constants.IDENIFICATIONTYPE_ZVR)) num = num.substring(Constants.IDENIFICATIONTYPE_ZVR.length());
+
+ if (num.startsWith(Constants.IDENIFICATIONTYPE_ERSB)) num = num.substring(Constants.IDENIFICATIONTYPE_ERSB.length());
+
IdentificationNumber idnumber = new IdentificationNumber();
- idnumber.setValue(generalOA.getIdentificationNumber());
+ idnumber.setValue(Constants.PREFIX_WPBK + generalOA.getIdentificationType() + "+" + num);
+
authoa.setIdentificationNumber(idnumber);
- }
- else {
+ } else {
dboa.setType(null);
- dboa.setTarget(generalOA.getTarget());
- dboa.setTargetFriendlyName(generalOA.getTargetFriendlyName());
+ if (authUser.isAdmin()) {
+ if (MiscUtil.isNotEmpty(generalOA.getTarget_admin()) && generalOA.isAdminTarget()) {
+ dboa.setTarget(generalOA.getTarget_admin());
+ dboa.setTargetFriendlyName(generalOA.getTargetFriendlyName());
+
+ } else {
+
+ String target = generalOA.getTarget();
+
+ if (MiscUtil.isNotEmpty(generalOA.getTarget_subsector()) && subTargetSet)
+ dboa.setTarget(target + "-" + generalOA.getTarget_subsector());
+ else
+ dboa.setTarget(target);
+
+ String targetname = TargetValidator.getTargetFriendlyName(target);
+ if (MiscUtil.isNotEmpty(targetname)) dboa.setTargetFriendlyName(targetname);
+
+ }
+
+ } else {
+
+ if (MiscUtil.isNotEmpty(generalOA.getTarget())) {
+
+ String target = generalOA.getTarget();
+
+ if (MiscUtil.isNotEmpty(generalOA.getTarget_subsector()) && subTargetSet)
+ dboa.setTarget(target + "-" + generalOA.getTarget_subsector());
+
+ else
+ dboa.setTarget(target);
+
+ String targetname = TargetValidator.getTargetFriendlyName(target);
+ if (MiscUtil.isNotEmpty(targetname)) dboa.setTargetFriendlyName(targetname);
+
+ }
+ }
}
BKUURLS bkuruls = new BKUURLS();
authoa.setBKUURLS(bkuruls);
- bkuruls.setHandyBKU(generalOA.getBkuHandyURL());
- bkuruls.setLocalBKU(generalOA.getBkuLocalURL());
- bkuruls.setOnlineBKU(generalOA.getBkuOnlineURL());
-
- Mandates mandates = new Mandates();
- mandates.setProfiles(generalOA.getMandateProfiles());
- authoa.setMandates(mandates);
-
- authoa.setSlVersion(generalOA.getSlVersion());
- authoa.setUseIFrame(generalOA.isUseIFrame());
- authoa.setUseUTC(generalOA.isUseUTC());
+ if (authUser.isAdmin()) {
+ bkuruls.setHandyBKU(generalOA.getBkuHandyURL());
+ bkuruls.setLocalBKU(generalOA.getBkuLocalURL());
+ bkuruls.setOnlineBKU(generalOA.getBkuOnlineURL());
+ }
TemplatesType templates = authoa.getTemplates();
if (templates == null) {
templates = new TemplatesType();
authoa.setTemplates(templates);
}
- templates.setAditionalAuthBlockText(generalOA.getAditionalAuthBlockText());
- List<TemplateType> template = templates.getTemplate();
- if (generalOA.isLegacy()) {
+ BKUSelectionCustomizationType bkuselectioncustom = templates.getBKUSelectionCustomization();
+ if (bkuselectioncustom == null) {
+ bkuselectioncustom = new BKUSelectionCustomizationType();
+ templates.setBKUSelectionCustomization(bkuselectioncustom);
+ }
+
+ Mandates mandates = new Mandates();
+ if (generalOA.isUseMandates()) {
+ mandates.setProfiles(generalOA.getMandateProfiles());
- if (template == null)
- template = new ArrayList<TemplateType>();
- else
- template.clear();
+ } else {
+ mandates.setProfiles(new String());
+ }
+
+ authoa.setMandates(mandates);
+ bkuselectioncustom.setMandateLoginButton(MiscUtil.isNotEmpty(generalOA.getMandateProfiles()));
+ bkuselectioncustom.setOnlyMandateLoginAllowed(formOA.isOnlyMandateAllowed());
+
+ if (authUser.isAdmin()) {
+ templates.setAditionalAuthBlockText(generalOA.getAditionalAuthBlockText());
- if (MiscUtil.isNotEmpty(generalOA.getSLTemplateURL1())) {
- TemplateType el = new TemplateType();
- el.setURL(generalOA.getSLTemplateURL1());
- template.add(el);
- }
- if (MiscUtil.isNotEmpty(generalOA.getSLTemplateURL2())) {
- TemplateType el = new TemplateType();
- el.setURL(generalOA.getSLTemplateURL2());
- template.add(el);
- }
- if (MiscUtil.isNotEmpty(generalOA.getSLTemplateURL3())) {
- TemplateType el = new TemplateType();
- el.setURL(generalOA.getSLTemplateURL3());
- template.add(el);
+ List<TemplateType> template = templates.getTemplate();
+ if (generalOA.isLegacy()) {
+
+ if (template == null)
+ template = new ArrayList<TemplateType>();
+ else
+ template.clear();
+
+ if (MiscUtil.isNotEmpty(generalOA.getSLTemplateURL1())) {
+ TemplateType el = new TemplateType();
+ el.setURL(generalOA.getSLTemplateURL1());
+ template.add(el);
+ }
+ if (MiscUtil.isNotEmpty(generalOA.getSLTemplateURL2())) {
+ TemplateType el = new TemplateType();
+ el.setURL(generalOA.getSLTemplateURL2());
+ template.add(el);
+ }
+ if (MiscUtil.isNotEmpty(generalOA.getSLTemplateURL3())) {
+ TemplateType el = new TemplateType();
+ el.setURL(generalOA.getSLTemplateURL3());
+ template.add(el);
+ }
+
+ } else {
+ if (template != null && template.size() > 0) template.clear();
}
- } else {
- if (template != null && template.size() > 0)
- template.clear();
+ bkuselectioncustom.setBackGroundColor(parseColor(formOA.getBackGroundColor()));
+ bkuselectioncustom.setFrontColor(parseColor(formOA.getFrontColor()));
+
+ bkuselectioncustom.setHeaderBackGroundColor(parseColor(formOA.getHeader_BackGroundColor()));
+ bkuselectioncustom.setHeaderFrontColor(parseColor(formOA.getHeader_FrontColor()));
+ bkuselectioncustom.setHeaderText(formOA.getHeader_text());
+
+ bkuselectioncustom.setButtonBackGroundColor(parseColor(formOA.getButton_BackGroundColor()));
+ bkuselectioncustom.setButtonBackGroundColorFocus(parseColor(formOA.getButton_BackGroundColorFocus()));
+ bkuselectioncustom.setButtonFontColor(parseColor(formOA.getButton_FrontColor()));
+
+ if (MiscUtil.isNotEmpty(formOA.getAppletRedirectTarget()))
+ bkuselectioncustom.setAppletRedirectTarget(formOA.getAppletRedirectTarget());
+
+ bkuselectioncustom.setFontType(formOA.getFontType());
+
}
-
- //set default transformation if it is empty
+
+ // set default transformation if it is empty
List<TransformsInfoType> transformsInfo = authoa.getTransformsInfo();
if (transformsInfo == null) {
- //TODO: set OA specific transformation if it is required
-
+ // TODO: set OA specific transformation if it is required
+
}
OAPVP2 pvp2 = authoa.getOAPVP2();
@@ -415,13 +901,14 @@ ServletResponseAware {
pvp2.setMetadataURL(pvp2OA.getMetaDataURL());
try {
- if (pvp2OA.getFileUpload() != null)
- pvp2.setCertificate(pvp2OA.getCertificate());
+ if (pvp2OA.getFileUpload() != null) pvp2.setCertificate(pvp2OA.getCertificate());
- } catch (CertificateException e) {
+ }
+ catch (CertificateException e) {
log.info("Uploaded Certificate can not be found", e);
return LanguageHelper.getErrorString("validation.pvp2.certificate.notfound");
- } catch (IOException e) {
+ }
+ catch (IOException e) {
log.info("Uploaded Certificate can not be parsed", e);
return LanguageHelper.getErrorString("validation.pvp2.certificate.format");
}
@@ -430,16 +917,24 @@ ServletResponseAware {
if (saml1 == null) {
saml1 = new OASAML1();
authoa.setOASAML1(saml1);
+ saml1.setIsActive(false);
+ }
+
+ if (authUser.isAdmin()) {
+ saml1.setIsActive(saml1OA.isActive());
+ }
+
+ if (saml1.isIsActive() != null && saml1.isIsActive()) {
+ saml1.setProvideAUTHBlock(saml1OA.isProvideAuthBlock());
+ saml1.setProvideCertificate(saml1OA.isProvideCertificate());
+ saml1.setProvideFullMandatorData(saml1OA.isProvideFullMandateData());
+ saml1.setProvideIdentityLink(saml1OA.isProvideIdentityLink());
+ saml1.setProvideStammzahl(saml1OA.isProvideStammZahl());
+ saml1.setUseCondition(saml1OA.isUseCondition());
+ saml1.setConditionLength(BigInteger.valueOf(saml1OA.getConditionLength()));
+ // TODO: set sourceID
+ // saml1.setSourceID("");
}
- saml1.setProvideAUTHBlock(saml1OA.isProvideAuthBlock());
- saml1.setProvideCertificate(saml1OA.isProvideCertificate());
- saml1.setProvideFullMandatorData(saml1OA.isProvideFullMandateData());
- saml1.setProvideIdentityLink(saml1OA.isProvideIdentityLink());
- saml1.setProvideStammzahl(saml1OA.isProvideStammZahl());
- saml1.setUseCondition(saml1OA.isUseCondition());
- saml1.setConditionLength(BigInteger.valueOf(saml1OA.getConditionLength()));
- //TODO: set sourceID
- //saml1.setSourceID("");
OASSO sso = authoa.getOASSO();
if (sso == null) {
@@ -449,45 +944,99 @@ ServletResponseAware {
}
sso.setUseSSO(ssoOA.isUseSSO());
- if (authUser.isAdmin())
- sso.setAuthDataFrame(ssoOA.isShowAuthDataFrame());
+ if (authUser.isAdmin()) sso.setAuthDataFrame(ssoOA.isShowAuthDataFrame());
sso.setSingleLogOutURL(ssoOA.getSingleLogOutURL());
-
STORK stork = authoa.getSTORK();
if (stork == null) {
- //TODO: make stork configurable
+ // TODO: make stork configurable
}
-
+
+ if (oauth20OA != null) {
+ log.debug("Saving OAuth 2.0 configuration:");
+ OAOAUTH20 oaOAuth20 = authoa.getOAOAUTH20();
+ if (oaOAuth20 == null) {
+ oaOAuth20 = new OAOAUTH20();
+ authoa.setOAOAUTH20(oaOAuth20);
+ }
+
+ oaOAuth20.setOAuthClientId(generalOA.getIdentifier());
+ // oaOAuth20.setOAuthClientSecret(oauth20OA.getClientSecret());
+ oaOAuth20.setOAuthRedirectUri(oauth20OA.getRedirectUri());
+ log.debug("client id: " + oauth20OA.getClientId());
+ log.debug("client secret: " + oauth20OA.getClientSecret());
+ log.debug("redirect uri:" + oauth20OA.getRedirectUri());
+
+ oaOAuth20.setOAuthClientSecret((String) request.getSession().getAttribute(Constants.SESSION_OAUTH20SECRET));
+ request.getSession().setAttribute(Constants.SESSION_OAUTH20SECRET, null);
+
+ }
+
try {
if (newentry) {
ConfigurationDBUtils.save(dboa);
-
+
if (!authUser.isAdmin()) {
UserDatabase user = ConfigurationDBRead.getUserWithID(authUser.getUserID());
-
+
List<OnlineApplication> useroas = user.getOnlineApplication();
- if (useroas == null)
- useroas = new ArrayList<OnlineApplication>();
+ if (useroas == null) useroas = new ArrayList<OnlineApplication>();
useroas.add(dboa);
- ConfigurationDBUtils.saveOrUpdate(user);
+ ConfigurationDBUtils.saveOrUpdate(user);
}
}
else
ConfigurationDBUtils.saveOrUpdate(dboa);
- } catch (MOADatabaseException e) {
+ }
+ catch (MOADatabaseException e) {
log.warn("Online-Application can not be stored.", e);
return LanguageHelper.getErrorString("error.db.oa.store");
}
-
+
return null;
}
+ private String parseColor(String color) {
+ String value = "";
+
+ if (MiscUtil.isNotEmpty(color)) {
+ if (!color.startsWith("#"))
+ value = "#" + color;
+ else
+ value = color;
+ }
+ return value;
+ }
+
+ private void generateUserSpecificConfigurationOptions(UserDatabase userdb) {
+
+ if (userdb.isIsMandateUser() != null && userdb.isIsMandateUser()) {
+ String bpk = userdb.getBpk();
+ if (bpk.startsWith(Constants.IDENIFICATIONTYPE_BASEID_FN) || bpk.startsWith(Constants.IDENIFICATIONTYPE_BASEID_ZVR)) {
+
+ onlyBusinessService = true;
+ generalOA.setBusinessService(true);
+
+ }
+
+ deaktivededBusinessService = true;
+ String[] split = bpk.split("\\+");
+ generalOA.setIdentificationType(split[1].substring(1));
+
+ if (bpk.startsWith(Constants.IDENIFICATIONTYPE_BASEID_FN))
+ generalOA.setIdentificationNumber(at.gv.egovernment.moa.util.StringUtils.deleteLeadingZeros(split[2]));
+ else
+ generalOA.setIdentificationNumber(split[2]);
+
+ }
+
+ }
+
public String setGeneralOAConfig() {
return Constants.STRUTS_SUCCESS;
@@ -513,100 +1062,198 @@ ServletResponseAware {
return Constants.STRUTS_SUCCESS;
}
-
- //Getter and Setter
+ // Getter and Setter
public void setServletResponse(HttpServletResponse arg0) {
this.response = arg0;
}
-
+
public void setServletRequest(HttpServletRequest arg0) {
this.request = arg0;
}
-
+
public HttpServletRequest getRequest() {
return request;
}
-
+
public void setRequest(HttpServletRequest request) {
this.request = request;
}
-
+
public HttpServletResponse getResponse() {
return response;
}
-
+
public void setResponse(HttpServletResponse response) {
this.response = response;
}
-
+
public OAGeneralConfig getGeneralOA() {
return generalOA;
}
-
+
public void setGeneralOA(OAGeneralConfig generalOA) {
this.generalOA = generalOA;
}
-
+
public OAPVP2Config getPvp2OA() {
return pvp2OA;
}
-
+
public void setPvp2OA(OAPVP2Config pvp2oa) {
pvp2OA = pvp2oa;
}
-
+
public OASAML1Config getSaml1OA() {
return saml1OA;
}
-
+
public void setSaml1OA(OASAML1Config saml1oa) {
saml1OA = saml1oa;
}
-
+
public OASSOConfig getSsoOA() {
return ssoOA;
}
-
+
public void setSsoOA(OASSOConfig ssoOA) {
this.ssoOA = ssoOA;
}
-
+
public OASTORKConfig getStorkOA() {
return storkOA;
}
-
+
public void setStorkOA(OASTORKConfig storkOA) {
this.storkOA = storkOA;
}
-
+
/**
- * @param oaidobj the oaidobj to set
+ * @param oaidobj
+ * the oaidobj to set
*/
public void setOaidobj(String oaidobj) {
this.oaidobj = oaidobj;
}
-
+
/**
* @return the authUser
*/
public AuthenticatedUser getAuthUser() {
return authUser;
}
-
+
/**
* @return the newOA
*/
public boolean isNewOA() {
return newOA;
}
-
+
/**
- * @param newOA the newOA to set
+ * @param newOA
+ * the newOA to set
*/
public void setNewOA(boolean newOA) {
this.newOA = newOA;
}
-
+
+ /**
+ * @return the nextPage
+ */
+ public String getNextPage() {
+ return nextPage;
+ }
+
+ /**
+ * @return the formID
+ */
+ public String getFormID() {
+ return formID;
+ }
+
+ /**
+ * @param formID
+ * the formID to set
+ */
+ public void setFormID(String formID) {
+ this.formID = formID;
+ }
+
+ /**
+ * @return the onlyBusinessService
+ */
+ public boolean isOnlyBusinessService() {
+ return onlyBusinessService;
+ }
+
+ /**
+ * @param onlyBusinessService
+ * the onlyBusinessService to set
+ */
+ public void setOnlyBusinessService(boolean onlyBusinessService) {
+ this.onlyBusinessService = onlyBusinessService;
+ }
+
+ /**
+ * @return the subTargetSet
+ */
+ public boolean isSubTargetSet() {
+ return subTargetSet;
+ }
+
+ /**
+ * @param subTargetSet
+ * the subTargetSet to set
+ */
+ public void setSubTargetSet(boolean subTargetSet) {
+ this.subTargetSet = subTargetSet;
+ }
+
+ /**
+ * @return the deaktivededBusinessService
+ */
+ public boolean isDeaktivededBusinessService() {
+ return deaktivededBusinessService;
+ }
+
+ /**
+ * @param deaktivededBusinessService
+ * the deaktivededBusinessService to set
+ */
+ public void setDeaktivededBusinessService(boolean deaktivededBusinessService) {
+ this.deaktivededBusinessService = deaktivededBusinessService;
+ }
+
+ /**
+ * @return the formOA
+ */
+ public FormularCustomization getFormOA() {
+ return formOA;
+ }
+
+ /**
+ * @param formOA
+ * the formOA to set
+ */
+ public void setFormOA(FormularCustomization formOA) {
+ this.formOA = formOA;
+ }
+
+ /**
+ * @return the stream
+ */
+ public InputStream getStream() {
+ return stream;
+ }
+
+ public OAOAuth20Config getOauth20OA() {
+ return oauth20OA;
+ }
+
+ public void setOauth20OA(OAOAuth20Config oauth20OA) {
+ this.oauth20OA = oauth20OA;
+ }
+
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java
index 1cb4fa802..9fa58ca1e 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java
@@ -1,28 +1,45 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.struts.action;
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
-import java.io.OutputStream;
-import java.io.StringReader;
import java.io.StringWriter;
-import java.net.MalformedURLException;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
import javax.xml.bind.JAXBContext;
import javax.xml.bind.JAXBException;
import javax.xml.bind.Marshaller;
import javax.xml.bind.Unmarshaller;
-import javax.xml.transform.Result;
import org.apache.commons.io.IOUtils;
import org.apache.log4j.Logger;
import org.apache.struts2.interceptor.ServletRequestAware;
import org.apache.struts2.interceptor.ServletResponseAware;
-import org.hibernate.lob.ReaderInputStream;
-import org.w3c.dom.Node;
import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead;
import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
@@ -35,7 +52,7 @@ import at.gv.egovernment.moa.id.configuration.Constants;
import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
-import at.iaik.commons.util.IOUtil;
+import at.gv.egovernment.moa.id.util.Random;
import com.opensymphony.xwork2.ActionSupport;
@@ -48,9 +65,10 @@ implements ServletRequestAware, ServletResponseAware {
private static final long serialVersionUID = 1L;
private HttpServletRequest request;
- private HttpServletResponse response;
+// private HttpServletResponse response;
private AuthenticatedUser authUser;
+ private String formID;
private File fileUpload = null;
private String fileUploadContentType = null;
@@ -59,13 +77,20 @@ implements ServletRequestAware, ServletResponseAware {
private InputStream fileInputStream;
public String init() {
+ HttpSession session = request.getSession();
+ if (session == null) {
+ log.info("No http Session found.");
+ return Constants.STRUTS_ERROR;
+ }
- Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
-
+ Object authUserObj = session.getAttribute(Constants.SESSION_AUTH);
authUser = (AuthenticatedUser) authUserObj;
if (authUser.isAdmin()) {
-
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+
return Constants.STRUTS_SUCCESS;
} else {
@@ -76,16 +101,39 @@ implements ServletRequestAware, ServletResponseAware {
}
public String importLegacyConfig() {
- Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+ HttpSession session = request.getSession();
+ if (session == null) {
+ log.info("No http Session found.");
+ return Constants.STRUTS_ERROR;
+ }
+ Object authUserObj = session.getAttribute(Constants.SESSION_AUTH);
authUser = (AuthenticatedUser) authUserObj;
+ Object formidobj = session.getAttribute(Constants.SESSION_FORMID);
+ if (formidobj != null && formidobj instanceof String) {
+ String formid = (String) formidobj;
+ if (!formid.equals(formID)) {
+ log.warn("FormIDs does not match. Some suspect Form is received from user "
+ + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID());
+ return Constants.STRUTS_ERROR;
+ }
+ } else {
+ log.warn("FormIDs does not match. Some suspect Form is received from user "
+ + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID());
+ return Constants.STRUTS_ERROR;
+ }
+ session.setAttribute(Constants.SESSION_FORMID, null);
+
if (authUser.isAdmin()) {
//load legacy config if it is configured
if (fileUpload == null) {
addActionError(LanguageHelper.getErrorString("errors.importexport.nofile"));
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
return Constants.STRUTS_ERROR_VALIDATION;
}
@@ -97,6 +145,9 @@ implements ServletRequestAware, ServletResponseAware {
} catch (org.opensaml.xml.ConfigurationException e1) {
log.info("Legacy configuration has an Import Error", e1);
addActionError(LanguageHelper.getErrorString("errors.importexport.legacyimport", new Object[] {e1.getMessage()}));
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
return Constants.STRUTS_ERROR_VALIDATION;
}
log.debug("OpenSAML successfully initialized");
@@ -108,26 +159,24 @@ implements ServletRequestAware, ServletResponseAware {
try {
log.warn("WARNING! The legacy import deletes the hole old config");
- String rootConfigFileDir = new File(ConfigurationProvider.getInstance().getConfigFile()).getParent();
-
- try {
- rootConfigFileDir = new File(rootConfigFileDir).toURL().toString();
-
- } catch (MalformedURLException t) {
- log.warn("RootConfiguration Directory is not found");
- rootConfigFileDir = "";
- }
-
+ String rootConfigFileDir = ConfigurationProvider.getInstance().getConfigRootDir();
+
moaconfig = BuildFromLegacyConfig.build(fileUpload, rootConfigFileDir, moaidconfig);
} catch (ConfigurationException e) {
log.info("Legacy configuration has an Import Error", e);
addActionError(LanguageHelper.getErrorString("errors.importexport.legacyimport", new Object[] {e.getMessage()}));
ConfigurationDBUtils.closeSession();
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
return Constants.STRUTS_ERROR_VALIDATION;
} catch (at.gv.egovernment.moa.id.configuration.exception.ConfigurationException e) {
ConfigurationDBUtils.closeSession();
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
return Constants.STRUTS_ERROR_VALIDATION;
}
@@ -155,6 +204,9 @@ implements ServletRequestAware, ServletResponseAware {
} catch (MOADatabaseException e) {
log.warn("General MOA-ID config can not be stored in Database");
addActionError(e.getMessage());
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
return Constants.STRUTS_ERROR_VALIDATION;
}
@@ -174,10 +226,30 @@ implements ServletRequestAware, ServletResponseAware {
}
public String downloadXMLConfig() {
- Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+ HttpSession session = request.getSession();
+ if (session == null) {
+ log.info("No http Session found.");
+ return Constants.STRUTS_ERROR;
+ }
+ Object authUserObj = session.getAttribute(Constants.SESSION_AUTH);
authUser = (AuthenticatedUser) authUserObj;
+ Object formidobj = session.getAttribute(Constants.SESSION_FORMID);
+ if (formidobj != null && formidobj instanceof String) {
+ String formid = (String) formidobj;
+ if (!formid.equals(formID)) {
+ log.warn("FormIDs does not match. Some suspect Form is received from user "
+ + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID());
+ return Constants.STRUTS_ERROR;
+ }
+ } else {
+ log.warn("FormIDs does not match. Some suspect Form is received from user "
+ + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID());
+ return Constants.STRUTS_ERROR;
+ }
+ session.setAttribute(Constants.SESSION_FORMID, null);
+
if (authUser.isAdmin()) {
log.info("Write MOA-ID 2.x xml config");
@@ -194,6 +266,9 @@ implements ServletRequestAware, ServletResponseAware {
if (moaidconfig == null) {
log.info("No MOA-ID 2.x configruation available");
addActionError(LanguageHelper.getErrorString("errors.importexport.export.noconfig"));
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
return Constants.STRUTS_ERROR_VALIDATION;
}
@@ -208,11 +283,17 @@ implements ServletRequestAware, ServletResponseAware {
log.info("MOA-ID 2.x configruation could not be exported into a XML file.", e);
addActionError(LanguageHelper.getErrorString("errors.importexport.export",
new Object[]{e.getMessage()}));
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
return Constants.STRUTS_ERROR_VALIDATION;
} catch (IOException e) {
log.info("MOA-ID 2.x configruation could not be exported into a XML file.", e);
addActionError(LanguageHelper.getErrorString("errors.importexport.export",
new Object[]{e.getMessage()}));
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
return Constants.STRUTS_ERROR_VALIDATION;
}
@@ -230,10 +311,30 @@ implements ServletRequestAware, ServletResponseAware {
public String importXMLConfig() {
- Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+ HttpSession session = request.getSession();
+ if (session == null) {
+ log.info("No http Session found.");
+ return Constants.STRUTS_ERROR;
+ }
+ Object authUserObj = session.getAttribute(Constants.SESSION_AUTH);
authUser = (AuthenticatedUser) authUserObj;
+ Object formidobj = session.getAttribute(Constants.SESSION_FORMID);
+ if (formidobj != null && formidobj instanceof String) {
+ String formid = (String) formidobj;
+ if (!formid.equals(formID)) {
+ log.warn("FormIDs does not match. Some suspect Form is received from user "
+ + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID());
+ return Constants.STRUTS_ERROR;
+ }
+ } else {
+ log.warn("FormIDs does not match. Some suspect Form is received from user "
+ + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID());
+ return Constants.STRUTS_ERROR;
+ }
+ session.setAttribute(Constants.SESSION_FORMID, null);
+
if (authUser.isAdmin()) {
if (fileUpload == null) {
@@ -271,6 +372,9 @@ implements ServletRequestAware, ServletResponseAware {
log.warn("MOA-ID XML configuration can not be loaded from File.", e);
addActionError(LanguageHelper.getErrorString("errors.importexport.import",
new Object[]{e.getMessage()}));
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
return Constants.STRUTS_ERROR_VALIDATION;
}
@@ -351,7 +455,7 @@ implements ServletRequestAware, ServletResponseAware {
}
public void setServletResponse(HttpServletResponse response) {
- this.response = response;
+// this.response = response;
}
public void setServletRequest(HttpServletRequest request) {
this.request = request;
@@ -360,4 +464,19 @@ implements ServletRequestAware, ServletResponseAware {
public InputStream getFileInputStream() {
return fileInputStream;
}
+
+ /**
+ * @return the formID
+ */
+ public String getFormID() {
+ return formID;
+ }
+
+ /**
+ * @param formID the formID to set
+ */
+ public void setFormID(String formID) {
+ this.formID = formID;
+ }
+
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java
index 6078caa87..a488d919d 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java
@@ -1,45 +1,139 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.struts.action;
+import java.security.KeyStore;
+import java.util.ArrayList;
import java.util.Date;
+import java.util.Enumeration;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map.Entry;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
+import org.apache.commons.lang.StringEscapeUtils;
import org.apache.log4j.Logger;
import org.apache.struts2.interceptor.ServletRequestAware;
import org.apache.struts2.interceptor.ServletResponseAware;
+import org.joda.time.DateTime;
+import org.opensaml.common.SAMLObject;
+import org.opensaml.common.binding.BasicSAMLMessageContext;
+import org.opensaml.common.xml.SAMLConstants;
+import org.opensaml.saml2.binding.decoding.HTTPPostDecoder;
+import org.opensaml.saml2.core.Attribute;
+import org.opensaml.saml2.core.AttributeStatement;
+import org.opensaml.saml2.core.Conditions;
+import org.opensaml.saml2.core.EncryptedAssertion;
+import org.opensaml.saml2.core.NameID;
+import org.opensaml.saml2.core.Response;
+import org.opensaml.saml2.core.StatusCode;
+import org.opensaml.saml2.core.Subject;
+import org.opensaml.saml2.core.SubjectConfirmation;
+import org.opensaml.saml2.core.SubjectConfirmationData;
+import org.opensaml.saml2.encryption.Decrypter;
+import org.opensaml.saml2.encryption.EncryptedElementTypeEncryptedKeyResolver;
+import org.opensaml.saml2.metadata.IDPSSODescriptor;
+import org.opensaml.security.MetadataCredentialResolver;
+import org.opensaml.security.MetadataCredentialResolverFactory;
+import org.opensaml.security.MetadataCriteria;
+import org.opensaml.security.SAMLSignatureProfileValidator;
+import org.opensaml.ws.transport.http.HttpServletRequestAdapter;
+import org.opensaml.xml.encryption.ChainingEncryptedKeyResolver;
+import org.opensaml.xml.encryption.InlineEncryptedKeyResolver;
+import org.opensaml.xml.encryption.SimpleRetrievalMethodEncryptedKeyResolver;
+import org.opensaml.xml.parse.BasicParserPool;
+import org.opensaml.xml.security.CriteriaSet;
+import org.opensaml.xml.security.credential.UsageType;
+import org.opensaml.xml.security.criteria.EntityIDCriteria;
+import org.opensaml.xml.security.criteria.UsageCriteria;
+import org.opensaml.xml.security.keyinfo.BasicProviderKeyInfoCredentialResolver;
+import org.opensaml.xml.security.keyinfo.KeyInfoCredentialResolver;
+import org.opensaml.xml.security.keyinfo.KeyInfoProvider;
+import org.opensaml.xml.security.keyinfo.StaticKeyInfoCredentialResolver;
+import org.opensaml.xml.security.keyinfo.provider.DSAKeyValueProvider;
+import org.opensaml.xml.security.keyinfo.provider.InlineX509DataProvider;
+import org.opensaml.xml.security.keyinfo.provider.RSAKeyValueProvider;
+import org.opensaml.xml.security.x509.KeyStoreX509CredentialAdapter;
+import org.opensaml.xml.security.x509.X509Credential;
+import org.opensaml.xml.signature.Signature;
+import org.opensaml.xml.signature.impl.ExplicitKeySignatureTrustEngine;
import com.opensymphony.xwork2.ActionSupport;
import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead;
import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
+import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase;
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
import at.gv.egovernment.moa.id.configuration.Constants;
import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider;
+import at.gv.egovernment.moa.id.configuration.data.UserDatabaseFrom;
import at.gv.egovernment.moa.id.configuration.exception.ConfigurationException;
import at.gv.egovernment.moa.id.configuration.helper.AuthenticationHelper;
+import at.gv.egovernment.moa.id.configuration.helper.DateTimeHelper;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
-import at.gv.egovernment.moa.id.configuration.validation.UserDatabaseFormValidator;
+import at.gv.egovernment.moa.id.configuration.helper.MailHelper;
import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper;
+import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
+import at.gv.egovernment.moa.id.util.Random;
import at.gv.egovernment.moa.util.MiscUtil;
public class IndexAction extends ActionSupport implements ServletRequestAware,
ServletResponseAware {
+ private static final long serialVersionUID = -2781497863862504896L;
+
private static final Logger log = Logger.getLogger(IndexAction.class);
private HttpServletRequest request;
- private HttpServletResponse response;
+// private HttpServletResponse response;
private String password;
private String username;
+ private UserDatabaseFrom user = null;
+ private AuthenticatedUser authUser = null;
+ private String formID;
+
+ private String ssologouturl;
+
+ private boolean pvp2LoginActiv = false;
public String start() {
-
- return Constants.STRUTS_SUCCESS;
+
+ try {
+ ConfigurationProvider config = ConfigurationProvider.getInstance();
+ pvp2LoginActiv = config.isPVP2LoginActive();
+ return Constants.STRUTS_SUCCESS;
+
+ } catch (ConfigurationException e) {
+ log.warn("An internal error occurs.", e);
+ addActionError(LanguageHelper.getErrorString("error.login.internal"));
+ return Constants.STRUTS_ERROR;
+ }
}
public String authenticate() {
@@ -80,29 +174,43 @@ public class IndexAction extends ActionSupport implements ServletRequestAware,
return Constants.STRUTS_ERROR;
} else {
- if (!dbuser.isIsActive()) {
- log.warn("Username " + dbuser.getUsername() + " is not active");
+ //TODO: maybe remove this default value in a later version
+ if (dbuser.isIsUsernamePasswordAllowed() == null)
+ dbuser.setIsUsernamePasswordAllowed(true);
+
+ if (!dbuser.isIsActive() || !dbuser.isIsUsernamePasswordAllowed()) {
+ log.warn("Username " + dbuser.getUsername() + " is not active or Username/Password login is not allowed");
addActionError(LanguageHelper.getErrorString("webpages.index.login.notallowed"));
return Constants.STRUTS_ERROR;
}
-
+
if (!dbuser.getPassword().equals(key)) {
log.warn("Username " + dbuser.getUsername() + " use a false password");
addActionError(LanguageHelper.getErrorString("webpages.index.login.notallowed"));
return Constants.STRUTS_ERROR;
}
+ //TODO: maybe remove this default value in a later version
+ boolean ismandateuser = false;
+ if (dbuser.isIsMandateUser() != null)
+ ismandateuser = dbuser.isIsMandateUser();
+
AuthenticatedUser authuser = new AuthenticatedUser(
dbuser.getHjid(),
dbuser.getGivenname(),
dbuser.getFamilyname(),
+ dbuser.getInstitut(),
dbuser.getUsername(),
true,
- dbuser.isIsAdmin());
+ dbuser.isIsAdmin(),
+ ismandateuser,
+ false);
- authuser.setLastLogin(dbuser.getLastLoginItem());
+ Date date = DateTimeHelper.parseDateTime(dbuser.getLastLogin());
+ if (date != null)
+ authuser.setLastLogin(date);;
- dbuser.setLastLoginItem(new Date());
+ dbuser.setLastLogin(DateTimeHelper.getDateTime(new Date()));
try {
ConfigurationDBUtils.saveOrUpdate(dbuser);
@@ -115,23 +223,600 @@ public class IndexAction extends ActionSupport implements ServletRequestAware,
finally {
ConfigurationDBUtils.closeSession();
}
- request.getSession().setAttribute(Constants.SESSION_AUTH, authuser);
+
+ HttpSession session = generateNewJSession(request);
+ session.setAttribute(Constants.SESSION_AUTH, authuser);
+
return Constants.STRUTS_SUCCESS;
}
}
+ public String pvp2login() {
+
+ String method = request.getMethod();
+ HttpSession session = request.getSession();
+ if (session == null) {
+ log.info("NO HTTP Session");
+ return Constants.STRUTS_ERROR;
+ }
+
+ String authID = (String) session.getAttribute(Constants.SESSION_PVP2REQUESTID);
+ session.setAttribute(Constants.SESSION_PVP2REQUESTID, null);
+
+ if (method.equals("POST")) {
+
+ try {
+ ConfigurationProvider config = ConfigurationProvider.getInstance();
+
+ //Decode with HttpPost Binding
+ HTTPPostDecoder decode = new HTTPPostDecoder(new BasicParserPool());
+ BasicSAMLMessageContext<Response, ?, ?> messageContext = new BasicSAMLMessageContext<Response, SAMLObject, SAMLObject>();
+ messageContext
+ .setInboundMessageTransport(new HttpServletRequestAdapter(
+ request));
+ decode.decode(messageContext);
+
+ Response samlResponse = (Response) messageContext.getInboundMessage();
+
+ Signature sign = samlResponse.getSignature();
+ if (sign == null) {
+ log.info("Only http POST Requests can be used");
+ addActionError(LanguageHelper.getErrorString("error.login"));
+ return Constants.STRUTS_ERROR;
+ }
+
+ //Validate Signature
+ SAMLSignatureProfileValidator profileValidator = new SAMLSignatureProfileValidator();
+ profileValidator.validate(sign);
+
+ //Verify Signature
+ List<KeyInfoProvider> keyInfoProvider = new ArrayList<KeyInfoProvider>();
+ keyInfoProvider.add(new DSAKeyValueProvider());
+ keyInfoProvider.add(new RSAKeyValueProvider());
+ keyInfoProvider.add(new InlineX509DataProvider());
+
+ KeyInfoCredentialResolver keyInfoResolver = new BasicProviderKeyInfoCredentialResolver(
+ keyInfoProvider);
+
+ MetadataCredentialResolverFactory credentialResolverFactory = MetadataCredentialResolverFactory.getFactory();
+ MetadataCredentialResolver credentialResolver = credentialResolverFactory.getInstance(config.getMetaDataProvier());
+
+ CriteriaSet criteriaSet = new CriteriaSet();
+ criteriaSet.add(new MetadataCriteria(IDPSSODescriptor.DEFAULT_ELEMENT_NAME, SAMLConstants.SAML20P_NS));
+ criteriaSet.add(new EntityIDCriteria(config.getPVP2IDPMetadataEntityName()));
+ criteriaSet.add(new UsageCriteria(UsageType.SIGNING));
+
+ ExplicitKeySignatureTrustEngine trustEngine = new ExplicitKeySignatureTrustEngine(credentialResolver, keyInfoResolver);
+ trustEngine.validate(sign, criteriaSet);
+
+ log.info("PVP2 Assertion is valid");
+
+ if (samlResponse.getStatus().getStatusCode().getValue().equals(StatusCode.SUCCESS_URI)) {
+
+ List<org.opensaml.saml2.core.Assertion> saml2assertions = new ArrayList<org.opensaml.saml2.core.Assertion>();
+
+ //check encrypted Assertion
+ List<EncryptedAssertion> encryAssertionList = samlResponse.getEncryptedAssertions();
+ if (encryAssertionList != null && encryAssertionList.size() > 0) {
+ //decrypt assertions
+
+ log.debug("Found encryped assertion. Start decryption ...");
+
+ KeyStore keyStore = config.getPVP2KeyStore();
+
+ X509Credential authDecCredential = new KeyStoreX509CredentialAdapter(
+ keyStore,
+ config.getPVP2KeystoreAuthRequestEncryptionKeyAlias(),
+ config.getPVP2KeystoreAuthRequestEncryptionKeyPassword().toCharArray());
+
+
+ StaticKeyInfoCredentialResolver skicr =
+ new StaticKeyInfoCredentialResolver(authDecCredential);
+
+ ChainingEncryptedKeyResolver encryptedKeyResolver = new ChainingEncryptedKeyResolver();
+ encryptedKeyResolver.getResolverChain().add( new InlineEncryptedKeyResolver() );
+ encryptedKeyResolver.getResolverChain().add( new EncryptedElementTypeEncryptedKeyResolver() );
+ encryptedKeyResolver.getResolverChain().add( new SimpleRetrievalMethodEncryptedKeyResolver() );
+
+ Decrypter samlDecrypter =
+ new Decrypter(null, skicr, encryptedKeyResolver);
+
+ for (EncryptedAssertion encAssertion : encryAssertionList) {
+ saml2assertions.add(samlDecrypter.decrypt(encAssertion));
+
+ }
+
+ log.debug("Assertion decryption finished. ");
+
+ } else {
+ saml2assertions = samlResponse.getAssertions();
+
+ }
+
+
+ if (MiscUtil.isEmpty(authID)) {
+ log.info("NO AuthRequestID");
+ return Constants.STRUTS_ERROR;
+ }
+
+ for (org.opensaml.saml2.core.Assertion saml2assertion : saml2assertions) {
+
+ Subject subject = saml2assertion.getSubject();
+ List<SubjectConfirmation> subjectconformlist = subject.getSubjectConfirmations();
+ for (SubjectConfirmation el : subjectconformlist) {
+ if (el.getMethod().equals(SubjectConfirmation.METHOD_BEARER)) {
+ SubjectConfirmationData date = el.getSubjectConfirmationData();
+
+ if (!authID.equals(date.getInResponseTo())) {
+ log.warn("PVPRequestID does not match PVP2 Assertion ID!");
+ return Constants.STRUTS_ERROR;
+
+ }
+ }
+ }
+
+ Conditions conditions = saml2assertion.getConditions();
+ DateTime notbefore = conditions.getNotBefore();
+ DateTime notafter = conditions.getNotOnOrAfter();
+ if ( notbefore.isAfterNow() || notafter.isBeforeNow() ) {
+ log.warn("PVP2 Assertion is out of Date");
+ return Constants.STRUTS_ERROR;
+
+ }
+
+ NameID nameID = subject.getNameID();
+ if (nameID == null) {
+ log.warn("No NameID element in PVP2 assertion!");
+ return Constants.STRUTS_ERROR;
+ }
+
+ String bpkwbpk = nameID.getNameQualifier() + "+" + nameID.getValue();
+
+ //search user
+ UserDatabase dbuser = ConfigurationDBRead.getUserWithUserBPKWBPK(bpkwbpk);
+ if (dbuser == null) {
+ log.info("No user found with bpk/wbpk " + bpkwbpk);
+
+ //read PVP2 assertion attributes;
+ user = new UserDatabaseFrom();
+ user.setActive(false);
+ user.setAdmin(false);
+ user.setBpk(bpkwbpk);
+ user.setIsusernamepasswordallowed(false);
+ user.setIsmandateuser(false);
+ user.setPVPGenerated(true);
+
+ authUser = new AuthenticatedUser();
+ authUser.setAdmin(false);
+ authUser.setAuthenticated(false);
+ authUser.setLastLogin(null);
+ authUser.setUserID(-1);
+ authUser.setUserName(null);
+ authUser.setPVP2Login(true);
+ authUser.setMandateUser(false);
+
+ //loop through the nodes to get what we want
+ List<AttributeStatement> attributeStatements = saml2assertion.getAttributeStatements();
+ for (int i = 0; i < attributeStatements.size(); i++)
+ {
+ List<Attribute> attributes = attributeStatements.get(i).getAttributes();
+ for (int x = 0; x < attributes.size(); x++)
+ {
+ String strAttributeName = attributes.get(x).getDOM().getAttribute("Name");
+
+ if (strAttributeName.equals(PVPConstants.PRINCIPAL_NAME_NAME)) {
+ user.setFamilyName(attributes.get(x).getAttributeValues().get(0).getDOM().getTextContent());
+ authUser.setFamilyName(user.getFamilyName());
+ }
+
+ if (strAttributeName.equals(PVPConstants.GIVEN_NAME_NAME)) {
+ user.setGivenName(attributes.get(x).getAttributeValues().get(0).getDOM().getTextContent());
+ authUser.setGivenName(user.getGivenName());
+ }
+
+ if (strAttributeName.equals(PVPConstants.MANDATE_TYPE_NAME)) {
+ authUser.setMandateUser(true);
+ user.setIsmandateuser(true);
+ }
+
+ if (strAttributeName.equals(PVPConstants.MANDATE_LEG_PER_FULL_NAME_NAME)) {
+ user.setInstitut(attributes.get(x).getAttributeValues().get(0).getDOM().getTextContent());
+ authUser.setInstitute(user.getInstitut());
+ }
+ }
+ }
+
+ //set Random value
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+ session.setAttribute(Constants.SESSION_FORM, user);
+ session.setAttribute(Constants.SESSION_AUTH, authUser);
+
+ ConfigurationDBUtils.closeSession();
+
+ return Constants.STRUTS_NEWUSER;
+
+ } else {
+ if (!dbuser.isIsActive()) {
+
+ if (!dbuser.isIsMailAddressVerified()) {
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+
+ user = new UserDatabaseFrom(dbuser);
+ authUser = new AuthenticatedUser(
+ dbuser.getHjid(),
+ dbuser.getGivenname(),
+ dbuser.getFamilyname(),
+ dbuser.getInstitut(),
+ dbuser.getUsername(),
+ false,
+ false,
+ dbuser.isIsMandateUser(),
+ true);
+ session.setAttribute(Constants.SESSION_FORM, user);
+ session.setAttribute(Constants.SESSION_AUTH, authUser);
+
+ return Constants.STRUTS_NEWUSER;
+
+ }
+
+ log.info("User with bpk/wbpk " + bpkwbpk + " is not active");
+ addActionError(LanguageHelper.getErrorString("webpages.index.username.notactive"));
+ return Constants.STRUTS_ERROR;
+ }
+
+ //TODO: maybe remove this default value in a later version
+ boolean ismandateuser = false;
+ if (dbuser.isIsMandateUser() != null)
+ ismandateuser = dbuser.isIsMandateUser();
+
+ authUser = new AuthenticatedUser(
+ dbuser.getHjid(),
+ dbuser.getGivenname(),
+ dbuser.getFamilyname(),
+ dbuser.getInstitut(),
+ dbuser.getUsername(),
+ true,
+ dbuser.isIsAdmin(),
+ ismandateuser,
+ true);
+
+ Date date = DateTimeHelper.parseDateTime(dbuser.getLastLogin());
+ if (date != null)
+ authUser.setLastLogin(date);;
+
+ dbuser.setLastLogin(DateTimeHelper.getDateTime(new Date()));
+
+ try {
+ ConfigurationDBUtils.saveOrUpdate(dbuser);
+
+ } catch (MOADatabaseException e) {
+ log.warn("UserDatabase communicaton error", e);
+ addActionError(LanguageHelper.getErrorString("error.login"));
+ return Constants.STRUTS_ERROR;
+ }
+ finally {
+ ConfigurationDBUtils.closeSession();
+ }
+
+ HttpSession newsession = generateNewJSession(request);
+ newsession.setAttribute(Constants.SESSION_AUTH, authUser);
+ return Constants.STRUTS_SUCCESS;
+
+ }
+ }
+
+ log.info("PVP2 Assertion was maybe not well formed, because no Assertion element could be found.");
+ addActionError(LanguageHelper.getErrorString("error.login.internal"));
+ return Constants.STRUTS_ERROR;
+
+ } else {
+ log.info("Receive Error Assertion.");
+ addActionError(LanguageHelper.getErrorString("error.login"));
+ return Constants.STRUTS_ERROR;
+ }
+
+ } catch (Exception e) {
+ log.warn("An internal error occurs.", e);
+ addActionError(LanguageHelper.getErrorString("error.login.internal"));
+ return Constants.STRUTS_ERROR;
+ }
+
+ } else {
+ log.info("Only http POST Requests can be used");
+ addActionError(LanguageHelper.getErrorString("error.login.internal"));
+ return Constants.STRUTS_ERROR;
+ }
+ }
+
+ public String requestNewUser() {
+
+ HttpSession session = request.getSession();
+ if (session == null) {
+ log.warn("No active Session found");
+ return Constants.STRUTS_ERROR;
+ }
+
+ Object formidobj = session.getAttribute(Constants.SESSION_FORMID);
+ if (formidobj != null && formidobj instanceof String) {
+ String formid = (String) formidobj;
+ if (!formid.equals(formID)) {
+ log.warn("FormIDs does not match. Some suspect Form is received from user "
+ + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID());
+ return Constants.STRUTS_ERROR;
+ }
+ } else {
+ log.warn("FormIDs does not match. Some suspect Form is received from user "
+ + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID());
+ return Constants.STRUTS_ERROR;
+ }
+ session.setAttribute(Constants.SESSION_FORMID, null);
+
+ Object sessionformobj = session.getAttribute(Constants.SESSION_FORM);
+ if (sessionformobj != null && sessionformobj instanceof UserDatabaseFrom) {
+ UserDatabaseFrom sessionform = (UserDatabaseFrom) sessionformobj;
+
+ Object authUserObj = session.getAttribute(Constants.SESSION_AUTH);
+ authUser = (AuthenticatedUser) authUserObj;
+
+ if (user == null) {
+ log.warn("No form transmited");
+ return Constants.STRUTS_ERROR;
+ }
+
+ //get UserID
+ String useridobj = user.getUserID();
+ long userID = -1;
+ if (MiscUtil.isEmpty(useridobj)) {
+ userID = -1;
+
+ } else {
+ if (!ValidationHelper.validateOAID(useridobj)){
+ log.warn("User with ID " + authUser.getUserID()
+ + " would access UserDatabase ID " + useridobj);
+ addActionError(LanguageHelper.getErrorString("errors.edit.user.notallowed", request));
+ return Constants.STRUTS_ERROR;
+ }
+ userID = Long.valueOf(useridobj);
+ }
+
+ String check;
+ if (!sessionform.isIsmandateuser()) {
+ check = user.getInstitut();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ log.warn("Organisation contains potentail XSS characters: " + check);
+ addActionError(LanguageHelper.getErrorString("validation.edituser.institut.valid",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+ }
+ } else {
+ log.warn("Organisation is empty");
+ addActionError(LanguageHelper.getErrorString("validation.edituser.institut.empty"));
+ }
+ }
+
+ check = user.getMail();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!ValidationHelper.isEmailAddressFormat(check)) {
+ log.warn("Mailaddress is not valid: " + check);
+ addActionError(LanguageHelper.getErrorString("validation.edituser.mail.valid",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+ }
+ } else {
+ log.warn("Mailaddress is empty");
+ addActionError(LanguageHelper.getErrorString("validation.edituser.mail.empty"));
+ }
+
+ check = user.getPhone();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ log.warn("Phonenumber contains potentail XSS characters: " + check);
+ addActionError(LanguageHelper.getErrorString("validation.edituser.phone.valid",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+ }
+ } else {
+ log.warn("Phonenumber is empty");
+ addActionError(LanguageHelper.getErrorString("validation.edituser.phone.empty"));
+ }
+
+ if (hasActionErrors()) {
+ log.info("Some form errors found. Send user back to form");
+
+ user.setPVPGenerated(true);
+ user.setFamilyName(sessionform.getFamilyName());
+ user.setGivenName(sessionform.getGivenName());
+ user.setIsmandateuser(sessionform.isIsmandateuser());
+ user.setBpk(sessionform.getBpk());
+
+ if (sessionform.isIsmandateuser())
+ user.setInstitut(sessionform.getInstitut());
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+
+ return Constants.STRUTS_NEWUSER;
+ }
+
+ UserDatabase dbuser;
+
+ if (userID < 0) {
+ dbuser = new UserDatabase();
+ dbuser.setBpk(sessionform.getBpk());
+ dbuser.setFamilyname(sessionform.getFamilyName());
+ dbuser.setGivenname(sessionform.getGivenName());
+
+ if (sessionform.isIsmandateuser())
+ dbuser.setInstitut(sessionform.getInstitut());
+ else
+ dbuser.setInstitut(user.getInstitut());
+
+ dbuser.setIsPVP2Generated(true);
+ dbuser.setLastLogin(DateTimeHelper.getDateTime(new Date()));
+ dbuser.setIsActive(false);
+ dbuser.setIsAdmin(false);
+ dbuser.setIsMandateUser(sessionform.isIsmandateuser());
+ dbuser.setIsUsernamePasswordAllowed(false);
+
+ } else
+ dbuser = ConfigurationDBRead.getUserWithID(userID);
+
+ dbuser.setMail(user.getMail());
+ dbuser.setPhone(user.getPhone());
+ dbuser.setIsAdminRequest(true);
+ dbuser.setIsMailAddressVerified(false);
+ dbuser.setUserRequestTokken(Random.nextRandom());
+
+ try {
+ ConfigurationDBUtils.saveOrUpdate(dbuser);
+
+ MailHelper.sendUserMailAddressVerification(dbuser);
+
+ } catch (MOADatabaseException e) {
+ log.warn("New UserRequest can not be stored in database", e);
+ return Constants.STRUTS_ERROR;
+
+ } catch (ConfigurationException e) {
+ log.warn("Sending of mailaddress verification mail failed.", e);
+ addActionError(LanguageHelper.getErrorString("error.mail.send"));
+ return Constants.STRUTS_NEWUSER;
+ }
+
+ finally {
+ session.setAttribute(Constants.SESSION_FORM, null);
+ session.setAttribute(Constants.SESSION_AUTH, null);
+ ConfigurationDBUtils.closeSession();
+ }
+
+ addActionMessage(LanguageHelper.getGUIString("webpages.edituser.changemailaddress.verify"));
+
+ session.invalidate();
+
+ return Constants.STRUTS_SUCCESS;
+
+ } else {
+ log.warn("No SessionForm found");
+ return Constants.STRUTS_ERROR;
+ }
+
+ }
+
+ public String mailAddressVerification() {
+
+ String userrequesttokken = request.getParameter(Constants.REQUEST_USERREQUESTTOKKEN);
+ if (MiscUtil.isNotEmpty(userrequesttokken)) {
+
+ userrequesttokken = StringEscapeUtils.escapeHtml(userrequesttokken);
+
+ try {
+ Long.parseLong(userrequesttokken);
+
+ } catch (NumberFormatException e) {
+ log.warn("Verificationtokken has no number format.");
+ return Constants.STRUTS_ERROR;
+ }
+
+ UserDatabase dbuser = ConfigurationDBRead.getNewUserWithTokken(userrequesttokken);
+ if (dbuser != null) {
+ dbuser.setUserRequestTokken(null);
+ dbuser.setIsMailAddressVerified(true);
+
+ if (dbuser.isIsActive())
+ dbuser.setIsAdminRequest(false);
+
+ try {
+ ConfigurationDBUtils.saveOrUpdate(dbuser);
+
+ int numoas = 0;
+ int numusers = 0;
+
+ List<OnlineApplication> openOAs = ConfigurationDBRead.getAllNewOnlineApplications();
+ if (openOAs != null)
+ numoas = openOAs.size();
+
+ List<UserDatabase> openUsers = ConfigurationDBRead.getAllNewUsers();
+ if (openUsers != null)
+ numusers = openUsers.size();
+
+ if (numusers > 0 || numoas > 0)
+ MailHelper.sendAdminMail(numoas, numusers);
+
+ } catch (MOADatabaseException e) {
+ log.warn("Userinformation can not be stored in Database.", e);
+ addActionError(LanguageHelper.getErrorString("error.mail.verification"));
+
+ } catch (ConfigurationException e) {
+ log.warn("Send mail to admin failed.", e);
+ }
+
+ finally {
+ ConfigurationDBUtils.closeSession();
+ }
+
+ addActionMessage(LanguageHelper.getGUIString("validation.newuser.mailaddress"));
+ return Constants.STRUTS_SUCCESS;
+ }
+ }
+
+ return Constants.STRUTS_ERROR;
+ }
+
public String logout() {
HttpSession session = request.getSession();
+
+ Object authUserObj = session.getAttribute(Constants.SESSION_AUTH);
+ authUser = (AuthenticatedUser) authUserObj;
if (session != null)
session.invalidate();
+ try {
+ ConfigurationProvider config = ConfigurationProvider.getInstance();
+ String ssologout = config.getSSOLogOutURL();
+
+ if (MiscUtil.isNotEmpty(ssologout) && authUser != null && authUser.isPVP2Login()) {
+ ssologouturl = ssologout + config.getPublicUrlPreFix(request);
+ return Constants.STRUTS_SSOLOGOUT;
+
+ }
+
+ } catch (ConfigurationException e) {
+ log.warn("Configuration can not be loaded.", e);
+
+ }
+
return Constants.STRUTS_SUCCESS;
}
+ private HttpSession generateNewJSession(HttpServletRequest request) {
+ HttpSession session = request.getSession(false);
+
+ if (session != null) {
+
+ HashMap<String, Object> attributes = new HashMap<String,Object>();
+
+ Enumeration<String> enames = session.getAttributeNames();
+ while (enames.hasMoreElements()) {
+ String name = enames.nextElement();
+ if (!name.equals("JSESSIONID"))
+ attributes.put(name, session.getAttribute( name));
+ }
+ session.invalidate();
+
+ session = request.getSession(true);
+ for (Entry<String,Object> et : attributes.entrySet())
+ session.setAttribute( et.getKey(), et.getValue());
+
+ } else
+ session = request.getSession(true);
+
+ return session;
+ }
+
public void setServletResponse(HttpServletResponse arg0) {
- this.response = arg0;
+// this.response = arg0;
}
public void setServletRequest(HttpServletRequest arg0) {
this.request = arg0;
@@ -164,7 +849,55 @@ public class IndexAction extends ActionSupport implements ServletRequestAware,
public void setUsername(String username) {
this.username = username;
}
+
+ /**
+ * @return the authUser
+ */
+ public AuthenticatedUser getAuthUser() {
+ return authUser;
+ }
+
+ /**
+ * @return the user
+ */
+ public UserDatabaseFrom getUser() {
+ return user;
+ }
+
+ /**
+ * @param user the user to set
+ */
+ public void setUser(UserDatabaseFrom user) {
+ this.user = user;
+ }
+
+ /**
+ * @return the ssologouturl
+ */
+ public String getSsologouturl() {
+ return ssologouturl;
+ }
+
+ /**
+ * @return the formID
+ */
+ public String getFormID() {
+ return formID;
+ }
+
+ /**
+ * @param formID the formID to set
+ */
+ public void setFormID(String formID) {
+ this.formID = formID;
+ }
+
+ /**
+ * @return the pvp2LoginActiv
+ */
+ public boolean isPvp2LoginActiv() {
+ return pvp2LoginActiv;
+ }
-
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java
index f5f265ea6..5e6c10f0c 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java
@@ -1,3 +1,25 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.struts.action;
import java.util.ArrayList;
@@ -5,6 +27,7 @@ import java.util.List;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
import org.apache.log4j.Logger;
import org.apache.struts2.interceptor.ServletRequestAware;
@@ -15,13 +38,12 @@ import com.opensymphony.xwork2.ActionSupport;
import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead;
import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
-import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplicationType;
import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase;
import at.gv.egovernment.moa.id.configuration.Constants;
import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
-import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider;
import at.gv.egovernment.moa.id.configuration.data.OAListElement;
import at.gv.egovernment.moa.id.configuration.exception.ConfigurationException;
+import at.gv.egovernment.moa.id.configuration.helper.FormDataHelper;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper;
import at.gv.egovernment.moa.util.MiscUtil;
@@ -34,22 +56,27 @@ public class ListOAsAction extends ActionSupport implements ServletRequestAware,
private static final long serialVersionUID = 1L;
private HttpServletRequest request;
- private HttpServletResponse response;
- private ConfigurationProvider configuration;
+// private HttpServletResponse response;
+// private ConfigurationProvider configuration;
private List<OAListElement> formOAs;
private AuthenticatedUser authUser;
private String friendlyname;
public ListOAsAction() throws ConfigurationException {
- configuration = ConfigurationProvider.getInstance();
+// configuration = ConfigurationProvider.getInstance();
}
public String listAllOnlineAppliactions() {
+ HttpSession session = request.getSession();
+ if (session == null) {
+ log.info("No http Session found.");
+ return Constants.STRUTS_ERROR;
+ }
- Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+ Object authUserObj = session.getAttribute(Constants.SESSION_AUTH);
authUser = (AuthenticatedUser) authUserObj;
@@ -65,8 +92,16 @@ public class ListOAsAction extends ActionSupport implements ServletRequestAware,
dbOAs = authUserDB.getOnlineApplication();
}
- addFormOAs(dbOAs);
-
+ if (dbOAs == null || dbOAs.size() == 0) {
+ addActionError(LanguageHelper.getErrorString("errors.listOAs.noOA"));
+
+ } else {
+ formOAs = FormDataHelper.addFormOAs(dbOAs);
+ }
+
+ session.setAttribute(Constants.SESSION_RETURNAREA,
+ Constants.STRUTS_RETURNAREA_VALUES.main.name());
+
ConfigurationDBUtils.closeSession();
return Constants.STRUTS_SUCCESS;
@@ -86,8 +121,13 @@ public class ListOAsAction extends ActionSupport implements ServletRequestAware,
}
public String searchOA() {
+ HttpSession session = request.getSession();
+ if (session == null) {
+ log.info("No http Session found.");
+ return Constants.STRUTS_ERROR;
+ }
- Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+ Object authUserObj = session.getAttribute(Constants.SESSION_AUTH);
authUser = (AuthenticatedUser) authUserObj;
@@ -125,34 +165,25 @@ public class ListOAsAction extends ActionSupport implements ServletRequestAware,
}
}
- addFormOAs(dbOAs);
-
- ConfigurationDBUtils.closeSession();
-
- return Constants.STRUTS_SUCCESS;
- }
-
- private void addFormOAs(List<OnlineApplication> dbOAs) {
-
- formOAs = new ArrayList<OAListElement>();
if (dbOAs == null || dbOAs.size() == 0) {
- addActionError(LanguageHelper.getErrorString("errors.listOAs.noOA", request));
+ log.debug("No OAs found with Identifier " + friendlyname);
+ addActionError(LanguageHelper.getErrorString("errors.listOAs.noOA"));
} else {
- for (OnlineApplication dboa : dbOAs) {
- OAListElement listoa = new OAListElement();
- listoa.setActive(dboa.isIsActive());
- listoa.setDataBaseID(dboa.getHjid());
- listoa.setOaFriendlyName(dboa.getFriendlyName());
- listoa.setOaIdentifier(dboa.getPublicURLPrefix());
- listoa.setOaType(dboa.getType());
- formOAs.add(listoa);
- }
+
+ formOAs = FormDataHelper.addFormOAs(dbOAs);
+ session.setAttribute(Constants.SESSION_RETURNAREA,
+ Constants.STRUTS_RETURNAREA_VALUES.main.name());
+
}
- }
+
+ ConfigurationDBUtils.closeSession();
+ return Constants.STRUTS_SUCCESS;
+ }
+
public void setServletResponse(HttpServletResponse arg0) {
- this.response = arg0;
+// this.response = arg0;
}
public void setServletRequest(HttpServletRequest arg0) {
this.request = arg0;
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/MainAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/MainAction.java
index aeafe9548..007d22110 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/MainAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/MainAction.java
@@ -1,43 +1,77 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.struts.action;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+import org.apache.log4j.Logger;
import org.apache.struts2.interceptor.ServletRequestAware;
import org.apache.struts2.interceptor.ServletResponseAware;
import at.gv.egovernment.moa.id.configuration.Constants;
import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
-import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider;
import at.gv.egovernment.moa.id.configuration.exception.ConfigurationException;
public class MainAction implements ServletRequestAware,
ServletResponseAware {
+ private static final Logger log = Logger.getLogger(MainAction.class);
+
private HttpServletRequest request;
- private HttpServletResponse response;
- private ConfigurationProvider configuration;
+// private HttpServletResponse response;
+// private ConfigurationProvider configuration;
private AuthenticatedUser authUser;
public MainAction() throws ConfigurationException {
- configuration = ConfigurationProvider.getInstance();
+// configuration = ConfigurationProvider.getInstance();
}
public String generateMainFrame() {
- Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+ HttpSession session = request.getSession();
+ if (session == null) {
+ log.info("No http Session found.");
+ return Constants.STRUTS_ERROR;
+ }
+
+ Object authUserObj = session.getAttribute(Constants.SESSION_AUTH);
authUser = (AuthenticatedUser) authUserObj;
+
+ session.setAttribute(Constants.SESSION_RETURNAREA, null);
+
return Constants.STRUTS_SUCCESS;
}
public void setServletResponse(HttpServletResponse arg0) {
- this.response = arg0;
+// this.response = arg0;
}
public void setServletRequest(HttpServletRequest arg0) {
this.request = arg0;
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/OpenAdminRequestsAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/OpenAdminRequestsAction.java
new file mode 100644
index 000000000..f064795ec
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/OpenAdminRequestsAction.java
@@ -0,0 +1,128 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
+package at.gv.egovernment.moa.id.configuration.struts.action;
+
+import java.util.List;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+
+import org.apache.log4j.Logger;
+import org.apache.struts2.interceptor.ServletRequestAware;
+import org.apache.struts2.interceptor.ServletResponseAware;
+
+import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead;
+import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
+import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase;
+import at.gv.egovernment.moa.id.configuration.Constants;
+import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
+import at.gv.egovernment.moa.id.configuration.data.OAListElement;
+import at.gv.egovernment.moa.id.configuration.helper.FormDataHelper;
+
+import com.opensymphony.xwork2.ActionSupport;
+
+public class OpenAdminRequestsAction extends ActionSupport
+ implements ServletRequestAware, ServletResponseAware {
+
+ private static final Logger log = Logger.getLogger(OpenAdminRequestsAction.class);
+
+ private static final long serialVersionUID = 1L;
+
+ private HttpServletRequest request;
+// private HttpServletResponse response;
+
+ private AuthenticatedUser authUser = null;
+ private List<OAListElement> formOAs = null;
+ private List<AuthenticatedUser> userlist = null;
+
+
+ public String init() {
+
+ HttpSession session = request.getSession();
+ if (session == null) {
+ log.info("No http Session found.");
+ return Constants.STRUTS_ERROR;
+ }
+
+ Object authUserObj = session.getAttribute(Constants.SESSION_AUTH);
+
+ authUser = (AuthenticatedUser) authUserObj;
+
+ if (authUser.isAdmin()) {
+
+ List<OnlineApplication> dbOAs = ConfigurationDBRead.getAllNewOnlineApplications();
+ if (dbOAs != null) {
+ formOAs = FormDataHelper.addFormOAs(dbOAs);
+ }
+
+ List<UserDatabase> dbUsers = ConfigurationDBRead.getAllNewUsers();
+ if (dbUsers != null){
+ userlist = FormDataHelper.addFormUsers(dbUsers);
+ }
+
+ session.setAttribute(Constants.SESSION_RETURNAREA,
+ Constants.STRUTS_RETURNAREA_VALUES.adminRequestsInit.name());
+
+ return Constants.STRUTS_SUCCESS;
+ } else {
+ log.info("Access to OpenAdminRequest area is not allowed for user with ID" + authUser.getUserID());
+ return Constants.STRUTS_NOTALLOWED;
+ }
+
+ }
+
+
+ public void setServletResponse(HttpServletResponse response) {
+// this.response = response;
+ }
+
+ public void setServletRequest(HttpServletRequest request) {
+ this.request = request;
+ }
+
+
+ /**
+ * @return the authUser
+ */
+ public AuthenticatedUser getAuthUser() {
+ return authUser;
+ }
+
+
+ /**
+ * @return the formOAs
+ */
+ public List<OAListElement> getFormOAs() {
+ return formOAs;
+ }
+
+
+ /**
+ * @return the userlist
+ */
+ public List<AuthenticatedUser> getUserlist() {
+ return userlist;
+ }
+
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java
index 2a9ec038f..ac3fb9938 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java
@@ -1,11 +1,34 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.struts.action;
-import java.util.ArrayList;
-import java.util.Date;
+import java.io.ByteArrayInputStream;
+import java.io.InputStream;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
import org.apache.log4j.Logger;
import org.apache.struts2.interceptor.ServletRequestAware;
@@ -18,10 +41,14 @@ import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
import at.gv.egovernment.moa.id.configuration.Constants;
import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
import at.gv.egovernment.moa.id.configuration.data.UserDatabaseFrom;
+import at.gv.egovernment.moa.id.configuration.exception.ConfigurationException;
import at.gv.egovernment.moa.id.configuration.helper.AuthenticationHelper;
+import at.gv.egovernment.moa.id.configuration.helper.FormDataHelper;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
+import at.gv.egovernment.moa.id.configuration.helper.MailHelper;
import at.gv.egovernment.moa.id.configuration.validation.UserDatabaseFormValidator;
import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper;
+import at.gv.egovernment.moa.id.util.Random;
import at.gv.egovernment.moa.util.MiscUtil;
import com.opensymphony.xwork2.ActionSupport;
@@ -34,7 +61,7 @@ public class UserManagementAction extends ActionSupport
private static final long serialVersionUID = 1L;
private HttpServletRequest request;
- private HttpServletResponse response;
+// private HttpServletResponse response;
private AuthenticatedUser authUser = null;
@@ -43,30 +70,34 @@ public class UserManagementAction extends ActionSupport
private String useridobj = null;
private static boolean newUser = false;
+ private InputStream stream;
+ private String nextPage;
+ private String formID;
public String init() {
- Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+ HttpSession session = request.getSession();
+ if (session == null) {
+ log.info("No http Session found.");
+ return Constants.STRUTS_ERROR;
+ }
+ Object authUserObj = session.getAttribute(Constants.SESSION_AUTH);
authUser = (AuthenticatedUser) authUserObj;
-
+
if (authUser.isAdmin()) {
+ log.info("Show NewserRequests");
+
log.info("Show UserList");
List<UserDatabase> dbuserlist = ConfigurationDBRead.getAllUsers();
+
if (dbuserlist != null) {
- userlist = new ArrayList<AuthenticatedUser>();
-
- for (UserDatabase dbuser : dbuserlist) {
- userlist.add(new AuthenticatedUser(
- dbuser.getHjid(),
- dbuser.getGivenname(),
- dbuser.getFamilyname(),
- dbuser.getUsername(),
- dbuser.isIsActive(),
- dbuser.isIsAdmin()));
- }
+ userlist = FormDataHelper.addFormUsers(dbuserlist);
}
+
+ session.setAttribute(Constants.SESSION_RETURNAREA,
+ Constants.STRUTS_RETURNAREA_VALUES.usermanagementInit.name());
ConfigurationDBUtils.closeSession();
return Constants.STRUTS_SUCCESS;
@@ -79,20 +110,37 @@ public class UserManagementAction extends ActionSupport
}
user = new UserDatabaseFrom(dbuser);
ConfigurationDBUtils.closeSession();
+
+ session.setAttribute(Constants.SESSION_RETURNAREA,
+ Constants.STRUTS_RETURNAREA_VALUES.main.name());
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+
return Constants.STRUTS_NOTALLOWED;
}
}
public String createuser() {
- Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+ HttpSession session = request.getSession();
+ if (session == null) {
+ log.info("No http Session found.");
+ return Constants.STRUTS_ERROR;
+ }
+
+ Object authUserObj = session.getAttribute(Constants.SESSION_AUTH);
authUser = (AuthenticatedUser) authUserObj;
+ nextPage = Constants.STRUTS_RETURNAREA_VALUES.usermanagementInit.name();
if (authUser.isAdmin()) {
user = new UserDatabaseFrom();
newUser = true;
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
return Constants.STRUTS_SUCCESS;
} else {
@@ -101,10 +149,27 @@ public class UserManagementAction extends ActionSupport
}
public String edituser() {
- Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+ HttpSession session = request.getSession();
+ if (session == null) {
+ log.info("No http Session found.");
+ return Constants.STRUTS_ERROR;
+ }
+ Object authUserObj = session.getAttribute(Constants.SESSION_AUTH);
authUser = (AuthenticatedUser) authUserObj;
+ Object nextPageAttr = session.getAttribute(Constants.SESSION_RETURNAREA);
+ if (nextPageAttr != null && nextPageAttr instanceof String
+ && MiscUtil.isNotEmpty((String)nextPageAttr) ) {
+ nextPage = (String) nextPageAttr;
+
+ } else {
+ nextPage = Constants.STRUTS_RETURNAREA_VALUES.usermanagementInit.name();
+ }
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+
if (authUser.isAdmin()) {
long userid = -1;
@@ -136,11 +201,31 @@ public class UserManagementAction extends ActionSupport
}
}
- public String saveuser() {
- Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+ public String saveuser() {
+ HttpSession session = request.getSession();
+ if (session == null) {
+ log.info("No http Session found.");
+ return Constants.STRUTS_ERROR;
+ }
+ Object authUserObj = session.getAttribute(Constants.SESSION_AUTH);
authUser = (AuthenticatedUser) authUserObj;
+ Object formidobj = session.getAttribute(Constants.SESSION_FORMID);
+ if (formidobj != null && formidobj instanceof String) {
+ String formid = (String) formidobj;
+ if (!formid.equals(formID)) {
+ log.warn("FormIDs does not match. Some suspect Form is received from user "
+ + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID());
+ return Constants.STRUTS_ERROR;
+ }
+ } else {
+ log.warn("FormIDs does not match. Some suspect Form is received from user "
+ + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID());
+ return Constants.STRUTS_ERROR;
+ }
+ session.setAttribute(Constants.SESSION_FORMID, null);
+
String useridobj = user.getUserID();
long userID = -1;
if (MiscUtil.isEmpty(useridobj)) {
@@ -156,9 +241,30 @@ public class UserManagementAction extends ActionSupport
userID = Long.valueOf(useridobj);
}
+ UserDatabase dbuser = ConfigurationDBRead.getUserWithID(userID);
+
+ if( dbuser == null) {
+ dbuser = new UserDatabase();
+ dbuser.setIsMandateUser(false);
+ dbuser.setIsAdminRequest(false);
+ dbuser.setIsPVP2Generated(false);
+ dbuser.setUserRequestTokken(null);
+ dbuser.setIsMailAddressVerified(false);
+ dbuser.setUsername(user.getUsername());
+ }
+
List<String> errors;
UserDatabaseFormValidator validator = new UserDatabaseFormValidator();
- errors = validator.validate(user, userID);
+
+ boolean ispvp2 = false;
+ boolean ismandate = false;
+ if (dbuser.isIsPVP2Generated() != null)
+ ispvp2 = dbuser.isIsPVP2Generated();
+
+ if (dbuser.isIsMandateUser() != null)
+ ismandate = dbuser.isIsMandateUser();
+
+ errors = validator.validate(user, userID, ispvp2, ismandate);
if (errors.size() > 0) {
log.info("UserDataForm has some erros.");
@@ -169,6 +275,14 @@ public class UserManagementAction extends ActionSupport
if (MiscUtil.isEmpty(user.getUsername()))
newUser = true;
+ user.setIsmandateuser(ismandate);
+ user.setPVPGenerated(ispvp2);
+ if (dbuser.isIsUsernamePasswordAllowed() != null)
+ user.setIsusernamepasswordallowed(dbuser.isIsUsernamePasswordAllowed());
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+
return Constants.STRUTS_ERROR_VALIDATION;
}
@@ -181,8 +295,49 @@ public class UserManagementAction extends ActionSupport
}
}
-
- String error = saveFormToDB();
+
+ if (!user.getMail().equals(dbuser.getMail()) && !authUser.isAdmin()) {
+ dbuser.setIsMailAddressVerified(false);
+ dbuser.setUserRequestTokken(Random.nextRandom());
+
+ try {
+ MailHelper.sendUserMailAddressVerification(dbuser);
+ addActionMessage(LanguageHelper.getGUIString("webpages.edituser.changemailaddress.verify"));
+
+ } catch (ConfigurationException e) {
+ log.warn("Sending of mailaddress verification mail failed.", e);
+ addActionError(LanguageHelper.getErrorString("error.mail.send"));
+ }
+ }
+
+ Object nextPageAttr = session.getAttribute(Constants.SESSION_RETURNAREA);
+ if (nextPageAttr != null && nextPageAttr instanceof String
+ && MiscUtil.isNotEmpty((String)nextPageAttr) ) {
+ nextPage = (String) nextPageAttr;
+
+ if (nextPage.equals(Constants.STRUTS_RETURNAREA_VALUES.adminRequestsInit.name()) &&
+ user.isActive()) {
+ dbuser.setIsAdminRequest(false);
+ try {
+ if (dbuser.isIsMandateUser())
+ MailHelper.sendUserAccountActivationMail(dbuser.getGivenname(), dbuser.getFamilyname(),
+ dbuser.getInstitut(), user.getMail());
+ else
+ MailHelper.sendUserAccountActivationMail(dbuser.getGivenname(), dbuser.getFamilyname(),
+ null, user.getMail());
+
+ } catch (ConfigurationException e) {
+ log.warn("Send UserAccountActivation mail failed", e);
+ }
+ }
+ session.setAttribute(Constants.SESSION_RETURNAREA, null);
+
+ } else {
+ nextPage = Constants.STRUTS_RETURNAREA_VALUES.usermanagementInit.name();
+ }
+
+ String error = saveFormToDB(dbuser);
+
if (error != null) {
log.warn("UserData can not be stored in Database");
addActionError(error);
@@ -194,10 +349,30 @@ public class UserManagementAction extends ActionSupport
}
public String deleteuser() {
- Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+ HttpSession session = request.getSession();
+ if (session == null) {
+ log.info("No http Session found.");
+ return Constants.STRUTS_ERROR;
+ }
+ Object authUserObj = session.getAttribute(Constants.SESSION_AUTH);
authUser = (AuthenticatedUser) authUserObj;
-
+
+ Object formidobj = session.getAttribute(Constants.SESSION_FORMID);
+ if (formidobj != null && formidobj instanceof String) {
+ String formid = (String) formidobj;
+ if (!formid.equals(formID)) {
+ log.warn("FormIDs does not match. Some suspect Form is received from user "
+ + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID());
+ return Constants.STRUTS_ERROR;
+ }
+ } else {
+ log.warn("FormIDs does not match. Some suspect Form is received from user "
+ + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID());
+ return Constants.STRUTS_ERROR;
+ }
+ session.setAttribute(Constants.SESSION_FORMID, null);
+
String useridobj = user.getUserID();
long userID = -1;
if (MiscUtil.isEmpty(useridobj)) {
@@ -222,6 +397,16 @@ public class UserManagementAction extends ActionSupport
}
}
+ Object nextPageAttr = session.getAttribute(Constants.SESSION_RETURNAREA);
+ if (nextPageAttr != null && nextPageAttr instanceof String
+ && MiscUtil.isNotEmpty((String)nextPageAttr) ) {
+ nextPage = (String) nextPageAttr;
+ session.setAttribute(Constants.SESSION_RETURNAREA, null);
+
+ } else {
+ nextPage = Constants.STRUTS_RETURNAREA_VALUES.usermanagementInit.name();
+ }
+
UserDatabase dbuser = ConfigurationDBRead.getUserWithID(userID);
if (dbuser != null) {
dbuser.setOnlineApplication(null);
@@ -230,8 +415,22 @@ public class UserManagementAction extends ActionSupport
ConfigurationDBUtils.saveOrUpdate(dbuser);
ConfigurationDBUtils.delete(dbuser);
+ if (authUser.isAdmin()) {
+ MailHelper.sendUserAccountRevocationMail(dbuser);
+ }
+
+ if (dbuser.getHjid() == authUser.getUserID()) {
+ ConfigurationDBUtils.closeSession();
+ return Constants.STRUTS_REAUTHENTICATE;
+ }
+
} catch (MOADatabaseException e) {
- log.warn("UserData can not be deleted from Database");
+ log.warn("UserData can not be deleted from Database", e);
+ addActionError(e.getMessage());
+ return Constants.STRUTS_SUCCESS;
+
+ } catch (ConfigurationException e) {
+ log.warn("Information mail sending failed.", e);
addActionError(e.getMessage());
return Constants.STRUTS_SUCCESS;
}
@@ -242,39 +441,102 @@ public class UserManagementAction extends ActionSupport
}
ConfigurationDBUtils.closeSession();
+
return Constants.STRUTS_SUCCESS;
}
- private String saveFormToDB() {
+ public String sendVerificationMail () {
+ HttpSession session = request.getSession();
+ if (session == null) {
+ log.info("No http Session found.");
+ return Constants.STRUTS_ERROR;
+ }
- UserDatabase dbuser = ConfigurationDBRead.getUserWithUserName(user.getUsername());
+ String message = LanguageHelper.getErrorString("error.mail.verification");
- if( dbuser == null) {
- dbuser = new UserDatabase();
+ Object authUserObj = session.getAttribute(Constants.SESSION_AUTH);
+ authUser = (AuthenticatedUser) authUserObj;
+
+ if (authUser != null) {
+ UserDatabase dbuser = ConfigurationDBRead.getUserWithID(authUser.getUserID());
+
+ if (dbuser != null) {
+ dbuser.setIsMailAddressVerified(false);
+ dbuser.setUserRequestTokken(Random.nextRandom());
+
+ try {
+ ConfigurationDBUtils.saveOrUpdate(dbuser);
+
+ MailHelper.sendUserMailAddressVerification(dbuser);
+
+ message = LanguageHelper.getErrorString("webpages.edituser.verify.mail.message");
+
+ } catch (ConfigurationException e) {
+ log.warn("Sending of mailaddress verification mail failed.", e);
+ message = LanguageHelper.getErrorString("error.mail.send");
+
+ } catch (MOADatabaseException e) {
+ log.warn("Access UserInformationDatabase failed.", e);
+ }
+ }
}
- dbuser.setBpk(user.getBpk());
- dbuser.setFamilyname(user.getFamilyName());
- dbuser.setGivenname(user.getGivenName());
- dbuser.setInstitut(user.getInstitut());
+ stream = new ByteArrayInputStream(message.getBytes());
+
+ return SUCCESS;
+ }
+
+ private String saveFormToDB(UserDatabase dbuser) {
+
dbuser.setMail(user.getMail());
dbuser.setPhone(user.getPhone());
- dbuser.setUsername(user.getUsername());
- if (authUser.isAdmin()) {
- dbuser.setIsActive(user.isActive());
- dbuser.setIsAdmin(user.isAdmin());
+ if (authUser.isAdmin() || dbuser.isIsUsernamePasswordAllowed()) {
+ dbuser.setIsUsernamePasswordAllowed(user.isIsusernamepasswordallowed());
+
+ if (authUser.isAdmin()) {
+ dbuser.setIsActive(user.isActive());
+ dbuser.setIsAdmin(user.isAdmin());
+
+ }
+ }
+
+ if (dbuser.isIsPVP2Generated() == null || !dbuser.isIsPVP2Generated()) {
+ dbuser.setFamilyname(user.getFamilyName());
+ dbuser.setGivenname(user.getGivenName());
+ dbuser.setInstitut(user.getInstitut());
+
+ if (authUser.isAdmin()) {
+ dbuser.setBpk(user.getBpk());
+ if ( user.getBpk().startsWith(Constants.IDENIFICATIONTYPE_BASEID
+ + "X" + Constants.IDENIFICATIONTYPE_FN) ||
+ user.getBpk().startsWith(Constants.IDENIFICATIONTYPE_BASEID
+ + "X" + Constants.IDENIFICATIONTYPE_ZVR) ||
+ user.getBpk().startsWith(Constants.IDENIFICATIONTYPE_BASEID
+ + "X" + Constants.IDENIFICATIONTYPE_ERSB)) {
+ dbuser.setIsMandateUser(true);
+ }
+ }
+
+ } else {
+ if (!dbuser.isIsMandateUser())
+ dbuser.setInstitut(user.getInstitut());
}
- if (MiscUtil.isNotEmpty(user.getPassword())) {
- String key = AuthenticationHelper.generateKeyFormPassword(user.getPassword());
- if (key == null) {
- return LanguageHelper.getErrorString("errors.edit.user.save");
+ if (dbuser.isIsUsernamePasswordAllowed()) {
+
+ if (MiscUtil.isNotEmpty(user.getUsername()) && MiscUtil.isEmpty(dbuser.getUsername()))
+ dbuser.setUsername(user.getUsername());
+
+ if (MiscUtil.isNotEmpty(user.getPassword())) {
+ String key = AuthenticationHelper.generateKeyFormPassword(user.getPassword());
+ if (key == null) {
+ return LanguageHelper.getErrorString("errors.edit.user.save");
+ }
+ dbuser.setPassword(key);
}
- dbuser.setPassword(key);
}
-
try {
ConfigurationDBUtils.saveOrUpdate(dbuser);
} catch (MOADatabaseException e) {
@@ -284,29 +546,9 @@ public class UserManagementAction extends ActionSupport
return null;
}
-
-// public String createTestUser() throws MOADatabaseException {
-//
-// UserDatabase user = new UserDatabase();
-// user.setBpk("");
-// user.setFamilyname("Max");
-// user.setGivenname("Mustermann");
-// user.setIsActive(true);
-// user.setIsAdmin(false);
-// user.setInstitut("EGIZ");
-// user.setLastLoginItem(new Date());
-// user.setMail("masdf@amfasdf.com");
-// user.setPhone("00660011542");
-// user.setUsername("testuser");
-//
-// ConfigurationDBUtils.save(user);
-//
-// return Constants.STRUTS_SUCCESS;
-// }
-
-
+
public void setServletResponse(HttpServletResponse response) {
- this.response = response;
+// this.response = response;
}
@@ -370,7 +612,33 @@ public class UserManagementAction extends ActionSupport
public boolean isNewUser() {
return newUser;
}
-
-
+
+ /**
+ * @return the nextPage
+ */
+ public String getNextPage() {
+ return nextPage;
+ }
+
+ /**
+ * @return the stream
+ */
+ public InputStream getStream() {
+ return stream;
+ }
+
+ /**
+ * @return the formID
+ */
+ public String getFormID() {
+ return formID;
+ }
+
+ /**
+ * @param formID the formID to set
+ */
+ public void setFormID(String formID) {
+ this.formID = formID;
+ }
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/SAML2Utils.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/SAML2Utils.java
new file mode 100644
index 000000000..fc310900e
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/SAML2Utils.java
@@ -0,0 +1,99 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
+package at.gv.egovernment.moa.id.configuration.utils;
+
+import java.io.IOException;
+import java.util.Iterator;
+import java.util.Map;
+
+import javax.xml.namespace.QName;
+import javax.xml.parsers.DocumentBuilder;
+import javax.xml.parsers.DocumentBuilderFactory;
+import javax.xml.parsers.ParserConfigurationException;
+import javax.xml.transform.TransformerException;
+
+import org.opensaml.Configuration;
+import org.opensaml.xml.XMLObject;
+import org.opensaml.xml.XMLObjectBuilder;
+import org.opensaml.xml.XMLObjectBuilderFactory;
+import org.opensaml.xml.io.Marshaller;
+import org.opensaml.xml.io.MarshallingException;
+
+public class SAML2Utils {
+
+ static {
+ DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
+ factory.setNamespaceAware(true);
+ factory.setValidating(false);
+ try {
+ builder = factory.newDocumentBuilder();
+ } catch (ParserConfigurationException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+ }
+
+ private static DocumentBuilder builder;
+
+ public static <T> T createSAMLObject(final Class<T> clazz) {
+ try {
+
+ XMLObjectBuilderFactory builderFactory = Configuration
+ .getBuilderFactory();
+
+ QName defaultElementName = (QName) clazz.getDeclaredField(
+ "DEFAULT_ELEMENT_NAME").get(null);
+ Map<QName, XMLObjectBuilder> builder = builderFactory.getBuilders();
+ Iterator<QName> it = builder.keySet().iterator();
+
+ while (it.hasNext()) {
+ QName qname = it.next();
+ if (qname.equals(defaultElementName)) {
+ System.out.printf("Builder for: %s\n", qname.toString());
+ }
+ }
+ XMLObjectBuilder xmlBuilder = builderFactory
+ .getBuilder(defaultElementName);
+
+ T object = (T) xmlBuilder.buildObject(defaultElementName);
+ return object;
+ } catch (Throwable e) {
+ System.out.printf("Failed to create object for: %s\n",
+ clazz.toString());
+ e.printStackTrace();
+ return null;
+ }
+ }
+
+ public static org.w3c.dom.Document asDOMDocument(XMLObject object) throws IOException,
+ MarshallingException, TransformerException {
+ org.w3c.dom.Document document = builder.newDocument();
+ Marshaller out = Configuration.getMarshallerFactory().getMarshaller(
+ object);
+ out.marshall(object, document);
+ return document;
+ }
+
+
+
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/UserRequestCleaner.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/UserRequestCleaner.java
new file mode 100644
index 000000000..9ec8db858
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/UserRequestCleaner.java
@@ -0,0 +1,93 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
+package at.gv.egovernment.moa.id.configuration.utils;
+
+import java.util.Calendar;
+import java.util.Date;
+import java.util.List;
+
+import org.apache.log4j.Logger;
+
+import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead;
+import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
+import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase;
+import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider;
+import at.gv.egovernment.moa.id.configuration.exception.ConfigurationException;
+import at.gv.egovernment.moa.id.configuration.helper.DateTimeHelper;
+
+
+public class UserRequestCleaner implements Runnable {
+
+ private static final Logger log = Logger.getLogger(UserRequestCleaner.class);
+
+ private static final long SESSION_CLEANUP_INTERVAL = 60 * 60; // 60 min
+
+ public void run() {
+ while (true) {
+ try {
+ ConfigurationProvider config = ConfigurationProvider.getInstance();
+
+ List<UserDatabase> userrequests = ConfigurationDBRead.getAllOpenUsersRequests();
+ if (userrequests != null) {
+ Calendar cal = Calendar.getInstance();
+ cal.add(Calendar.HOUR, config.getUserRequestCleanUpDelay()*-1);
+ Date cleanupdate = cal.getTime();
+
+ for(UserDatabase dbuser : userrequests) {
+ Date requestdate = DateTimeHelper.parseDateTime(dbuser.getLastLogin());
+
+ if (requestdate != null && requestdate.after(cleanupdate)) {
+ log.info("Remove UserRequest from Database");
+ ConfigurationDBUtils.delete(dbuser);
+ }
+
+ }
+ }
+
+ Thread.sleep(SESSION_CLEANUP_INTERVAL * 1000);
+
+ } catch (ConfigurationException e) {
+ log.info("UserRequestCleaner can not load configuration", e);
+
+ } catch (InterruptedException e) {
+
+ } finally {
+ ConfigurationDBUtils.closeSession();
+
+ }
+ }
+ }
+
+ /**
+ * start the sessionCleaner
+ */
+ public static void start() {
+ // start the session cleanup thread
+ Thread sessionCleaner = new Thread(new UserRequestCleaner());
+ sessionCleaner.setName("UserRequestCleaner");
+ sessionCleaner.setDaemon(true);
+ sessionCleaner.setPriority(Thread.MIN_PRIORITY);
+ sessionCleaner.start();
+ }
+
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/CompanyNumberValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/CompanyNumberValidator.java
index 820aa7c57..b96b1e4b0 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/CompanyNumberValidator.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/CompanyNumberValidator.java
@@ -1,18 +1,40 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.validation;
import org.apache.commons.lang.StringUtils;
+import at.gv.egovernment.moa.id.configuration.Constants;
+
public class CompanyNumberValidator implements IdentificationNumberValidator {
public boolean validate(String commercialRegisterNumber) {
String normalizedNumber = commercialRegisterNumber.replaceAll(" ", "");
- if(normalizedNumber.startsWith("FN")) {
+ if(normalizedNumber.startsWith(Constants.IDENIFICATIONTYPE_FN))
normalizedNumber = normalizedNumber.substring(2);
- return checkCommercialRegisterNumber(normalizedNumber);
-
- } else
- return true;
+
+ return checkCommercialRegisterNumber(normalizedNumber);
}
private boolean checkCommercialRegisterNumber(String commercialRegisterNumber) {
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/FormularCustomizationValitator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/FormularCustomizationValitator.java
new file mode 100644
index 000000000..6a1eddb14
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/FormularCustomizationValitator.java
@@ -0,0 +1,154 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
+package at.gv.egovernment.moa.id.configuration.validation;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import org.apache.log4j.Logger;
+
+import at.gv.egovernment.moa.id.configuration.data.FormularCustomization;
+import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+public class FormularCustomizationValitator {
+
+ private static final Logger log = Logger.getLogger(FormularCustomizationValitator.class);
+
+ public List<String> validate(FormularCustomization form) {
+
+ List<String> errors = new ArrayList<String>();
+ String check;
+
+ if (form.isOnlyMandateAllowed() && !form.isShowMandateLoginButton()) {
+ log.warn("OnlyMandateAllowed in combination with hidden MandateLoginCheckbox is not possible.");
+ errors.add(LanguageHelper.getErrorString("validation.general.bkuselection.specialfeatures.combination"));
+ }
+
+ check = form.getBackGroundColor();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!check.startsWith("#"))
+ check = "#" + check;
+
+ if (!ValidationHelper.isValidHexValue(check)) {
+ log.warn("BKUSelectionBackGroundColor is not a valid hex value " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.form.color.background"));
+ }
+ }
+
+ check = form.getFrontColor();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!check.startsWith("#"))
+ check = "#" + check;
+
+ if (!ValidationHelper.isValidHexValue(check)) {
+ log.warn("BKUSelectionFrontColor is not a valid hex value " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.form.color.front"));
+ }
+ }
+
+ check = form.getHeader_BackGroundColor();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!check.startsWith("#"))
+ check = "#" + check;
+
+ if (!ValidationHelper.isValidHexValue(check)) {
+ log.warn("HeaderBackGroundColor is not a valid hex value " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.form.header.color.back"));
+ }
+ }
+
+ check = form.getHeader_FrontColor();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!check.startsWith("#"))
+ check = "#" + check;
+
+ if (!ValidationHelper.isValidHexValue(check)) {
+ log.warn("HeaderFrontColor is not a valid hex value " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.form.header.color.front"));
+ }
+ }
+
+ check = form.getHeader_text();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ log.warn("HeaderText contains potentail XSS characters: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.form.header.text",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+ }
+ }
+
+ check = form.getButton_BackGroundColor();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!check.startsWith("#"))
+ check = "#" + check;
+
+ if (!ValidationHelper.isValidHexValue(check)) {
+ log.warn("ButtonBackGroundColor is not a valid hex value " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.form.button.color.back"));
+ }
+ }
+
+ check = form.getButton_BackGroundColorFocus();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!check.startsWith("#"))
+ check = "#" + check;
+
+ if (!ValidationHelper.isValidHexValue(check)) {
+ log.warn("ButtonBackGroundColorFocus is not a valid hex value " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.form.button.color.back.focus"));
+ }
+ }
+
+ check = form.getButton_FrontColor();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!check.startsWith("#"))
+ check = "#" + check;
+
+ if (!ValidationHelper.isValidHexValue(check)) {
+ log.warn("ButtonFrontColor is not a valid hex value " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.form.button.color.front"));
+ }
+ }
+
+ check = form.getAppletRedirectTarget();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!FormularCustomization.appletRedirectTargetList.contains(check)) {
+ log.warn("AppletRedirectTarget has not valid value " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.form.appletredirecttarget"));
+ }
+ }
+
+ check = form.getFontType();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, true)) {
+ log.warn("FontType contains potentail XSS characters: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.form.fonttype",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(true)} ));
+ }
+ }
+
+ return errors;
+
+ }
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/IdentificationNumberValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/IdentificationNumberValidator.java
index 19a5bb805..d66c0da3a 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/IdentificationNumberValidator.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/IdentificationNumberValidator.java
@@ -1,3 +1,25 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.validation;
public interface IdentificationNumberValidator {
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/TargetValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/TargetValidator.java
new file mode 100644
index 000000000..6d7032f9d
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/TargetValidator.java
@@ -0,0 +1,104 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
+package at.gv.egovernment.moa.id.configuration.validation;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+import at.gv.egovernment.moa.util.MiscUtil;
+
+
+public class TargetValidator {
+
+ private static Map<String, String> targetList = null;
+
+ static {
+ targetList = new HashMap<String, String>();
+ targetList.put("AR", "Arbeit");
+ targetList.put("AS", "Amtliche Statistik");
+ targetList.put("BF", "Bildung und Forschung");
+ targetList.put("BW", "Bauen und Wohnen");
+ targetList.put("EA", "EU und Auswärtige Angelegenheiten");
+ targetList.put("EF", "Ein- und Ausfuhr");
+ targetList.put("GH", "Gesundheit");
+ targetList.put("GS", "Gesellschaft und Soziales");
+// targetList.put("GS-RE", "Restitution");
+ targetList.put("JR", "Justiz/Zivilrechtswesen");
+ targetList.put("KL", "Kultus");
+ targetList.put("KU", "Kunst und Kultur");
+ targetList.put("LF", "Land- und Forstwirtschaft");
+ targetList.put("LV", "Landesverteidigung");
+ targetList.put("RT", "Rundfunk und sonstige Medien sowie Telekommunikation");
+ targetList.put("SA", "Steuern und Abgaben");
+ targetList.put("SA", "Sport und Freizeit");
+ targetList.put("SO", "Sicherheit und Ordnung");
+// targetList.put("SO-VR", "Vereinsregister");
+// targetList.put("SR-RG", "Strafregister");
+ targetList.put("SV", "Sozialversicherung");
+ targetList.put("UW", "Umwelt");
+ targetList.put("VT", "Verkehr und Technik");
+ targetList.put("VV", "Vermögensverwaltung");
+ targetList.put("WT", "Wirtschaft");
+ targetList.put("ZP", "Personenidentität und Bürgerrechte(zur Person)");
+ targetList.put("BR", "Bereichsübergreifender Rechtsschutz");
+ targetList.put("HR", "Zentrales Rechnungswesen");
+ targetList.put("KI", "Auftraggeberinterne allgemeine Kanzleiindizes");
+ targetList.put("OI", "Öffentlichkeitsarbeit");
+ targetList.put("PV", "Personalverwaltung");
+ targetList.put("RD", "Zentraler Rechtsdienst");
+ targetList.put("VS", "Zentrale Durchführung von Verwaltungsstrafverfahren");
+// targetList.put("VS-RG", "Zentrales Verwaltungsstrafregister");
+ targetList.put("ZU", "Zustellungen");
+ }
+
+ public static List<String> getListOfTargets() {
+ Map<String, String> list = new HashMap<String, String>();
+ list.put("", "");
+ list.putAll(targetList);
+
+ List<String> sortedList = new ArrayList<String>();
+ sortedList.addAll(list.keySet());
+ Collections.sort(sortedList);
+
+ return sortedList;
+
+ }
+
+ public static String getTargetFriendlyName(String target) {
+ String name = targetList.get(target);
+
+ if (MiscUtil.isNotEmpty(name))
+ return name;
+ else
+ return null;
+ }
+
+ public static boolean isValidTarget(String target) {
+ return targetList.containsKey(target);
+ }
+
+
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/UserDatabaseFormValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/UserDatabaseFormValidator.java
index 276b0b4c8..a837ee855 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/UserDatabaseFormValidator.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/UserDatabaseFormValidator.java
@@ -1,3 +1,25 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.validation;
import java.util.ArrayList;
@@ -16,44 +38,50 @@ public class UserDatabaseFormValidator {
private static final Logger log = Logger.getLogger(UserDatabaseFormValidator.class);
- public List<String> validate(UserDatabaseFrom form, long userID) {
+ public List<String> validate(UserDatabaseFrom form, long userID, boolean isPVP2Generated, boolean isMandateUser) {
List<String> errors = new ArrayList<String>();
-
- String check = form.getGivenName();
- if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
- log.warn("GivenName contains potentail XSS characters: " + check);
- errors.add(LanguageHelper.getErrorString("validation.edituser.givenname.valid",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
- }
- } else {
- log.warn("GivenName is empty");
- errors.add(LanguageHelper.getErrorString("validation.edituser.givenname.empty"));
- }
+ String check = null;
- check = form.getFamilyName();
- if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
- log.warn("FamilyName contains potentail XSS characters: " + check);
- errors.add(LanguageHelper.getErrorString("validation.edituser.familyname.valid",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+ if (!isPVP2Generated) {
+ check = form.getGivenName();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ log.warn("GivenName contains potentail XSS characters: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.edituser.givenname.valid",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+ }
+ } else {
+ log.warn("GivenName is empty");
+ errors.add(LanguageHelper.getErrorString("validation.edituser.givenname.empty"));
+ }
+
+
+ check = form.getFamilyName();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ log.warn("FamilyName contains potentail XSS characters: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.edituser.familyname.valid",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+ }
+ } else {
+ log.warn("FamilyName is empty");
+ errors.add(LanguageHelper.getErrorString("validation.edituser.familyname.empty"));
}
- } else {
- log.warn("FamilyName is empty");
- errors.add(LanguageHelper.getErrorString("validation.edituser.familyname.empty"));
}
-
- check = form.getInstitut();
- if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
- log.warn("Organisation contains potentail XSS characters: " + check);
- errors.add(LanguageHelper.getErrorString("validation.edituser.institut.valid",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+
+ if (!isMandateUser) {
+ check = form.getInstitut();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ log.warn("Organisation contains potentail XSS characters: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.edituser.institut.valid",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+ }
+ } else {
+ log.warn("Organisation is empty");
+ errors.add(LanguageHelper.getErrorString("validation.edituser.institut.empty"));
}
- } else {
- log.warn("Organisation is empty");
- errors.add(LanguageHelper.getErrorString("validation.edituser.institut.empty"));
}
check = form.getMail();
@@ -80,67 +108,67 @@ public class UserDatabaseFormValidator {
errors.add(LanguageHelper.getErrorString("validation.edituser.phone.empty"));
}
- check = form.getUsername();
- if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
- log.warn("Username contains potentail XSS characters: " + check);
- errors.add(LanguageHelper.getErrorString("validation.edituser.username.valid",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
-
- } else {
- UserDatabase dbuser = ConfigurationDBRead.getUserWithUserName(check);
- if (dbuser != null && userID != dbuser.getHjid()) {
- log.warn("Username " + check + " exists in UserDatabase");
- errors.add(LanguageHelper.getErrorString("validation.edituser.username.duplicate"));
- form.setUsername("");
- }
- }
- } else {
- if (userID == -1) {
- log.warn("Username is empty");
- errors.add(LanguageHelper.getErrorString("validation.edituser.username.empty"));
+ if (form.isIsusernamepasswordallowed()) {
+ check = form.getUsername();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ log.warn("Username contains potentail XSS characters: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.edituser.username.valid",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+
+ } else {
+ UserDatabase dbuser = ConfigurationDBRead.getUserWithUserName(check);
+ if (dbuser != null && userID != dbuser.getHjid()) {
+ log.warn("Username " + check + " exists in UserDatabase");
+ errors.add(LanguageHelper.getErrorString("validation.edituser.username.duplicate"));
+ form.setUsername("");
+ }
+ }
} else {
- UserDatabase dbuser = ConfigurationDBRead.getUserWithID(userID);
- if (dbuser == null) {
+ if (userID == -1) {
log.warn("Username is empty");
errors.add(LanguageHelper.getErrorString("validation.edituser.username.empty"));
} else {
- form.setUsername(dbuser.getUsername());
+ UserDatabase dbuser = ConfigurationDBRead.getUserWithID(userID);
+ if (dbuser == null) {
+ log.warn("Username is empty");
+ errors.add(LanguageHelper.getErrorString("validation.edituser.username.empty"));
+ } else {
+ form.setUsername(dbuser.getUsername());
+ }
}
}
- }
-
- check = form.getPassword();
- if (MiscUtil.isEmpty(check)) {
- if (userID == -1) {
- log.warn("Password is empty");
- errors.add(LanguageHelper.getErrorString("validation.edituser.password.empty"));
- } else {
- UserDatabase dbuser = ConfigurationDBRead.getUserWithID(userID);
- if (dbuser == null || MiscUtil.isEmpty(dbuser.getPassword())) {
+ check = form.getPassword();
+
+ if (MiscUtil.isEmpty(check)) {
+ if (userID == -1) {
log.warn("Password is empty");
errors.add(LanguageHelper.getErrorString("validation.edituser.password.empty"));
- }
- }
-
- } else {
-
- if (check.equals(form.getPassword_second())) {
-
- String key = AuthenticationHelper.generateKeyFormPassword(check);
- if (key == null) {
- errors.add(LanguageHelper.getErrorString("validation.edituser.password.valid"));
+ } else {
+ UserDatabase dbuser = ConfigurationDBRead.getUserWithID(userID);
+ if (dbuser == null || MiscUtil.isEmpty(dbuser.getPassword())) {
+ log.warn("Password is empty");
+ errors.add(LanguageHelper.getErrorString("validation.edituser.password.empty"));
+ }
}
- }
- else {
- errors.add(LanguageHelper.getErrorString("validation.edituser.password.equal"));
+ } else {
+
+ if (check.equals(form.getPassword_second())) {
+
+ String key = AuthenticationHelper.generateKeyFormPassword(check);
+ if (key == null) {
+ errors.add(LanguageHelper.getErrorString("validation.edituser.password.valid"));
+ }
+
+ }
+ else {
+ errors.add(LanguageHelper.getErrorString("validation.edituser.password.equal"));
+ }
}
}
-
-
-
+
check = form.getBpk();
if (MiscUtil.isNotEmpty(check)) {
if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/ValidationHelper.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/ValidationHelper.java
index aeac75e44..46d9f4db8 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/ValidationHelper.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/ValidationHelper.java
@@ -1,18 +1,140 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.validation;
+import iaik.asn1.ObjectID;
+import iaik.utils.Util;
+import iaik.x509.X509Certificate;
+import iaik.x509.X509ExtensionInitException;
+
+import java.io.IOException;
import java.net.MalformedURLException;
import java.net.URL;
+import java.net.UnknownHostException;
+import java.security.cert.Certificate;
+import java.security.cert.CertificateEncodingException;
+import java.security.cert.CertificateException;
import java.text.ParseException;
import java.text.SimpleDateFormat;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
+import javax.net.ssl.HttpsURLConnection;
+import javax.net.ssl.SSLSession;
+import javax.net.ssl.SSLSocket;
+import javax.net.ssl.SSLSocketFactory;
+
import org.apache.log4j.Logger;
public class ValidationHelper {
private static final Logger log = Logger.getLogger(ValidationHelper.class);
+ private static final String TEMPLATE_DATEFORMAT = "dd.MM.yyyy";
+
+
+ public static boolean isPublicServiceAllowed(String identifier) {
+
+ SSLSocket socket = null;
+
+ try {
+ URL url = new URL(identifier);
+ String host = url.getHost();
+
+ if (host.endsWith("/"))
+ host = host.substring(0, host.length()-1);
+
+ if (url.getHost().endsWith(at.gv.egovernment.moa.id.configuration.Constants.PUBLICSERVICE_URL_POSTFIX)) {
+ log.debug("PublicURLPrefix with .gv.at Domain found.");
+ return true;
+
+ } else {
+ SSLSocketFactory factory = HttpsURLConnection.getDefaultSSLSocketFactory();
+ socket = (SSLSocket) factory.createSocket(url.getHost(), url.getPort());
+ socket.startHandshake();
+
+ SSLSession session = socket.getSession();
+ Certificate[] servercerts = session.getPeerCertificates();
+ X509Certificate[] iaikChain = new X509Certificate[servercerts.length];
+ for (int i=0; i<servercerts.length; i++) {
+ iaikChain[i] = new X509Certificate(servercerts[i].getEncoded());
+ }
+
+
+ X509Certificate cert = Util.arrangeCertificateChain(iaikChain, false)[0];
+
+ if (cert != null) {
+ ObjectID vwOID = new ObjectID("1.2.40.0.10.1.1.1"); // Verwaltungseigenschaft
+ ObjectID dOID = new ObjectID("1.2.40.0.10.1.1.2"); // Dienstleistereigenschaft
+
+
+ if ((cert.getExtension(vwOID) == null) && (cert.getExtension(dOID) == null)) {
+ return false;
+
+ } else {
+ log.info("Found correct X509 Extension in server certificate. PublicService is allowed");
+ return true;
+ }
+ }
+
+ return false;
+ }
+
+ } catch (MalformedURLException e) {
+ log.warn("PublicURLPrefix can not parsed to URL", e);
+ return false;
+
+ } catch (UnknownHostException e) {
+ log.warn("Can not connect to PublicURLPrefix Server", e);
+ return false;
+
+ } catch (IOException e) {
+ log.warn("Can not connect to PublicURLPrefix Server", e);
+ return false;
+
+ } catch (CertificateEncodingException e) {
+ log.warn("Can not parse X509 server certificate", e);
+ return false;
+
+ } catch (CertificateException e) {
+ log.warn("Can not read X509 server certificate", e);
+ return false;
+
+ } catch (X509ExtensionInitException e) {
+ log.warn("Can not read X509 server certificate extension", e);
+ return false;
+ }
+
+ finally {
+ if (socket != null)
+ try {
+ socket.close();
+ } catch (IOException e) {
+ log.warn("SSL Socket can not be closed.", e);
+ }
+ }
+ }
+
public static boolean validateOAID(String oaIDObj) {
if (oaIDObj != null) {
try {
@@ -34,7 +156,7 @@ public class ValidationHelper {
log.debug("Validate Number " + value);
try {
- float num = Float.valueOf(value);
+ Float.valueOf(value);
return true;
@@ -52,7 +174,7 @@ public class ValidationHelper {
if (urlString.startsWith("http") || urlString.startsWith("https")) {
try {
- URL url =new URL(urlString);
+ new URL(urlString);
return true;
} catch (MalformedURLException e) {
@@ -62,7 +184,7 @@ public class ValidationHelper {
return false;
}
- public static boolean isValidTarget(String target) {
+ public static boolean isValidAdminTarget(String target) {
log.debug("Ueberpruefe Parameter Target");
@@ -76,10 +198,24 @@ public class ValidationHelper {
else {
log.error("Fehler Ueberpruefung Parameter Target. Target entspricht nicht den Kriterien (nur Zeichen a-z, A-Z und -, sowie 1-5 Zeichen lang)");
return false;
- }
-
+ }
}
+ public static boolean isValidTarget(String target) {
+
+ log.debug("Ueberpruefe Parameter Target");
+
+ if (TargetValidator.isValidTarget(target)) {
+ log.debug("Parameter Target erfolgreich ueberprueft");
+ return true;
+ }
+ else {
+ log.error("Fehler Ueberpruefung Parameter Target. Target entspricht nicht den Kriterien (nur Zeichen a-z, A-Z und -, sowie 1-5 Zeichen lang)");
+ return false;
+ }
+
+ }
+
public static boolean isValidSourceID(String sourceID) {
log.debug("Ueberpruefe Parameter sourceID");
@@ -98,7 +234,10 @@ public class ValidationHelper {
}
public static boolean isDateFormat(String dateString) {
- SimpleDateFormat sdf = new SimpleDateFormat("dd.MM.yyyy");
+ if (dateString.length() > TEMPLATE_DATEFORMAT.length())
+ return false;
+
+ SimpleDateFormat sdf = new SimpleDateFormat(TEMPLATE_DATEFORMAT);
try {
sdf.parse(dateString);
return true;
@@ -182,4 +321,20 @@ public class ValidationHelper {
return "; % \" ' ` < >";
}
+
+ public static boolean isValidHexValue(String param) {
+
+ try {
+ if (param.startsWith("#") && param.length() <= 7) {
+ Long.decode(param);
+ return true;
+ }
+
+ } catch (Exception e) {
+
+ }
+ return false;
+
+ }
+
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java
index f51095cac..1ea51652a 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java
@@ -1,3 +1,25 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.validation.moaconfig;
import java.io.File;
@@ -292,7 +314,7 @@ public class MOAConfigValidator {
errors.add(LanguageHelper.getErrorString("validation.general.sso.target.empty"));
} else {
- if (!ValidationHelper.isValidTarget(check)) {
+ if (!ValidationHelper.isValidAdminTarget(check)) {
log.info("Not valid SSO Target");
errors.add(LanguageHelper.getErrorString("validation.general.sso.target.valid"));
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/PVP2ContactValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/PVP2ContactValidator.java
index 6ab4f5292..f8ccebc09 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/PVP2ContactValidator.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/PVP2ContactValidator.java
@@ -1,3 +1,25 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.validation.moaconfig;
import java.util.ArrayList;
@@ -6,7 +28,6 @@ import java.util.List;
import org.apache.log4j.Logger;
-import at.gv.egovernment.moa.id.commons.db.dao.config.Contact;
import at.gv.egovernment.moa.id.configuration.data.pvp2.ContactForm;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper;
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAGeneralConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAGeneralConfigValidation.java
index fa992674e..9c950fb66 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAGeneralConfigValidation.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAGeneralConfigValidation.java
@@ -1,3 +1,25 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.validation.oa;
import java.util.ArrayList;
@@ -6,7 +28,7 @@ import java.util.Map;
import org.apache.log4j.Logger;
-import at.gv.egovernment.moa.id.commons.db.dao.config.MOAKeyBoxSelector;
+import at.gv.egovernment.moa.id.configuration.Constants;
import at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
import at.gv.egovernment.moa.id.configuration.validation.CompanyNumberValidator;
@@ -20,51 +42,56 @@ public class OAGeneralConfigValidation {
public List<String> validate(OAGeneralConfig form, boolean isAdmin) {
List<String> errors = new ArrayList<String>();
+ String check;
- //validate aditionalAuthBlockText
- String check = form.getAditionalAuthBlockText();
- if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
- log.warn("AditionalAuthBlockText contains potentail XSS characters: " + check);
- errors.add(LanguageHelper.getErrorString("validation.general.aditionalauthblocktext",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+ if (isAdmin) {
+ //validate aditionalAuthBlockText
+ check = form.getAditionalAuthBlockText();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ log.warn("AditionalAuthBlockText contains potentail XSS characters: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.aditionalauthblocktext",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+ }
}
}
//Check BKU URLs
- check =form.getBkuHandyURL();
- if (MiscUtil.isEmpty(check)) {
- log.info("Empty Handy-BKU URL");
- errors.add(LanguageHelper.getErrorString("validation.general.bku.handy.empty"));
-
- } else {
- if (!ValidationHelper.validateURL(check)) {
- log.info("Not valid Handy-BKU URL");
- errors.add(LanguageHelper.getErrorString("validation.general.bku.handy.valid"));
+ if (isAdmin) {
+ check =form.getBkuHandyURL();
+ if (MiscUtil.isNotEmpty(check)) {
+// log.info("Empty Handy-BKU URL");
+// errors.add(LanguageHelper.getErrorString("validation.general.bku.handy.empty"));
+//
+// } else {
+ if (!ValidationHelper.validateURL(check)) {
+ log.info("Not valid Handy-BKU URL");
+ errors.add(LanguageHelper.getErrorString("validation.general.bku.handy.valid"));
+ }
}
- }
-
- check =form.getBkuLocalURL();
- if (MiscUtil.isEmpty(check)) {
- log.info("Empty Local-BKU URL");
- errors.add(LanguageHelper.getErrorString("validation.general.bku.local.empty"));
- } else {
- if (!ValidationHelper.validateURL(check)) {
- log.info("Not valid Online-BKU URL");
- errors.add(LanguageHelper.getErrorString("validation.general.bku.local.valid"));
+ check =form.getBkuLocalURL();
+ if (MiscUtil.isNotEmpty(check)) {
+// log.info("Empty Local-BKU URL");
+// errors.add(LanguageHelper.getErrorString("validation.general.bku.local.empty"));
+//
+// } else {
+ if (!ValidationHelper.validateURL(check)) {
+ log.info("Not valid Online-BKU URL");
+ errors.add(LanguageHelper.getErrorString("validation.general.bku.local.valid"));
+ }
}
- }
-
- check =form.getBkuOnlineURL();
- if (MiscUtil.isEmpty(check)) {
- log.info("Empty Online-BKU URL");
- errors.add(LanguageHelper.getErrorString("validation.general.bku.online.empty"));
- } else {
- if (!ValidationHelper.validateURL(check)) {
- log.info("Not valid Online-BKU URL");
- errors.add(LanguageHelper.getErrorString("validation.general.bku.online.valid"));
+ check =form.getBkuOnlineURL();
+ if (MiscUtil.isNotEmpty(check)) {
+// log.info("Empty Online-BKU URL");
+// errors.add(LanguageHelper.getErrorString("validation.general.bku.online.empty"));
+//
+// } else {
+ if (!ValidationHelper.validateURL(check)) {
+ log.info("Not valid Online-BKU URL");
+ errors.add(LanguageHelper.getErrorString("validation.general.bku.online.valid"));
+ }
}
}
@@ -78,52 +105,60 @@ public class OAGeneralConfigValidation {
}
}
- //check KeyBoxIdentifier
- check = form.getKeyBoxIdentifier();
- if (MiscUtil.isEmpty(check)) {
- log.info("Empty KeyBoxIdentifier");
- errors.add(LanguageHelper.getErrorString("validation.general.keyboxidentifier.empty"));
- } else {
- Map<String, String> list = form.getKeyBoxIdentifierList();
- if (!list.containsKey(check)) {
- log.info("Not valid KeyBoxIdentifier " + check);
- errors.add(LanguageHelper.getErrorString("validation.general.keyboxidentifier.valid"));
- }
- }
-
- //check LegacyMode SLTemplates
- if (form.isLegacy()) {
- if (MiscUtil.isEmpty(form.getSLTemplateURL1()) &&
- MiscUtil.isEmpty(form.getSLTemplateURL2()) &&
- MiscUtil.isEmpty(form.getSLTemplateURL3()) ) {
- log.info("Empty OA-specific SecurityLayer Templates");
- errors.add(LanguageHelper.getErrorString("validation.general.sltemplates.empty"));
-
+ if (isAdmin) {
+ //check KeyBoxIdentifier
+ check = form.getKeyBoxIdentifier();
+ if (MiscUtil.isEmpty(check)) {
+ log.info("Empty KeyBoxIdentifier");
+ errors.add(LanguageHelper.getErrorString("validation.general.keyboxidentifier.empty"));
} else {
- check = form.getSLTemplateURL1();
- if (MiscUtil.isNotEmpty(check) &&
- !ValidationHelper.validateURL(check) ) {
- log.info("First OA-specific SecurityLayer Templates is not valid");
- errors.add(LanguageHelper.getErrorString("validation.general.sltemplate1.valid"));
- }
- check = form.getSLTemplateURL2();
- if (MiscUtil.isNotEmpty(check) &&
- !ValidationHelper.validateURL(check) ) {
- log.info("Second OA-specific SecurityLayer Templates is not valid");
- errors.add(LanguageHelper.getErrorString("validation.general.sltemplate2.valid"));
+ Map<String, String> list = form.getKeyBoxIdentifierList();
+ if (!list.containsKey(check)) {
+ log.info("Not valid KeyBoxIdentifier " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.keyboxidentifier.valid"));
}
- check = form.getSLTemplateURL3();
- if (MiscUtil.isNotEmpty(check) &&
- !ValidationHelper.validateURL(check) ) {
- log.info("Third OA-specific SecurityLayer Templates is not valid");
- errors.add(LanguageHelper.getErrorString("validation.general.sltemplate3.valid"));
- }
- }
+ }
+
+ //check LegacyMode SLTemplates
+ if (form.isLegacy()) {
+ if (MiscUtil.isEmpty(form.getSLTemplateURL1()) &&
+ MiscUtil.isEmpty(form.getSLTemplateURL2()) &&
+ MiscUtil.isEmpty(form.getSLTemplateURL3()) ) {
+ log.info("Empty OA-specific SecurityLayer Templates");
+ errors.add(LanguageHelper.getErrorString("validation.general.sltemplates.empty"));
+
+ } else {
+ check = form.getSLTemplateURL1();
+ if (MiscUtil.isNotEmpty(check) &&
+ !ValidationHelper.validateURL(check) ) {
+ log.info("First OA-specific SecurityLayer Templates is not valid");
+ errors.add(LanguageHelper.getErrorString("validation.general.sltemplate1.valid"));
+ }
+ check = form.getSLTemplateURL2();
+ if (MiscUtil.isNotEmpty(check) &&
+ !ValidationHelper.validateURL(check) ) {
+ log.info("Second OA-specific SecurityLayer Templates is not valid");
+ errors.add(LanguageHelper.getErrorString("validation.general.sltemplate2.valid"));
+ }
+ check = form.getSLTemplateURL3();
+ if (MiscUtil.isNotEmpty(check) &&
+ !ValidationHelper.validateURL(check) ) {
+ log.info("Third OA-specific SecurityLayer Templates is not valid");
+ errors.add(LanguageHelper.getErrorString("validation.general.sltemplate3.valid"));
+ }
+ }
+ }
}
//check Mandate Profiles
check = form.getMandateProfiles();
if (MiscUtil.isNotEmpty(check)) {
+
+ if (!form.isUseMandates()) {
+ log.info("MandateProfiles configured but useMandates is false.");
+ errors.add(LanguageHelper.getErrorString("validation.general.mandate.usemandate"));
+ }
+
if (ValidationHelper.containsPotentialCSSCharacter(check, true)) {
log.warn("MandateProfiles contains potentail XSS characters: " + check);
errors.add(LanguageHelper.getErrorString("validation.general.mandate.profiles",
@@ -131,22 +166,19 @@ public class OAGeneralConfigValidation {
}
}
- //check SL Version
- check = form.getSlVersion();
- if (MiscUtil.isEmpty(check)) {
- log.info("Empty SLVersion. Set SLVersion to 1.2");
- form.setSlVersion("1.2");
-
- } else {
- if (!ValidationHelper.validateNumber(check)) {
- log.info("Not valid SLVersion");
- errors.add(LanguageHelper.getErrorString("validation.general.slversion"));
- }
- }
-
+
+
boolean businessservice = form.isBusinessService();
if (businessservice) {
+
+ //check identification type
+ check = form.getIdentificationType();
+ if (!form.getIdentificationTypeList().contains(check)) {
+ log.info("IdentificationType is not known.");
+ errors.add(LanguageHelper.getErrorString("validation.general.identificationtype.valid"));
+ }
+
//check identification number
check = form.getIdentificationNumber();
if (MiscUtil.isEmpty(check)) {
@@ -160,49 +192,85 @@ public class OAGeneralConfigValidation {
new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
}
- if (check.startsWith("FN")) {
+ if (form.getIdentificationType().equals(Constants.IDENIFICATIONTYPE_FN)) {
CompanyNumberValidator val = new CompanyNumberValidator();
- if (val.validate(check)) {
+ if (!val.validate(check)) {
log.info("Not valid CompanyNumber");
errors.add(LanguageHelper.getErrorString("validation.general.identificationnumber.fn.valid"));
}
}
}
-
- try {
- float slversion = Float.valueOf(form.getSlVersion());
- if (slversion < 1.2) {
- log.info("BusinessService Applications requires SLVersion >= 1.2");
- errors.add(LanguageHelper.getErrorString("validation.general.slversion.business"));
- form.setSlVersion("1.2");
- }
-
- } catch (NumberFormatException e) {
- }
-
+
} else {
- //check targetFrindlyName();
- check = form.getTargetFriendlyName();
+
+ check = form.getTarget_subsector();
if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
- log.warn("TargetFriendlyName contains potentail XSS characters: " + check);
- errors.add(LanguageHelper.getErrorString("validation.general.targetfriendlyname",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+ if (!ValidationHelper.isValidAdminTarget(check)) {
+ log.info("Not valid Target-Subsector");
+ errors.add(LanguageHelper.getErrorString("validation.general.target.subsector.valid"));
}
}
- //check Target
- check = form.getTarget();
- if (MiscUtil.isEmpty(check)) {
- log.info("Empty Target");
- errors.add(LanguageHelper.getErrorString("validation.general.target.empty"));
+
+ if (!isAdmin) {
+ //check PublicURL Prefix allows PublicService
+ if (!ValidationHelper.isPublicServiceAllowed(form.getIdentifier())) {
+ log.warn("PublicURLPrefix does not allow PublicService: " + form.getIdentifier());
+ errors.add(LanguageHelper.getErrorString("validation.general.target.publicserviceurl",
+ new Object[] {form.getIdentifier()} ));
+ form.setBusinessService(true);
+ return errors;
+
+ }
+
+ //check Target
+ check = form.getTarget();
+ if (MiscUtil.isEmpty(check)) {
+ log.info("Empty Target");
+ errors.add(LanguageHelper.getErrorString("validation.general.target.empty"));
+
+ } else {
+ if (!ValidationHelper.isValidTarget(check)) {
+ log.info("Not valid Target");
+ errors.add(LanguageHelper.getErrorString("validation.general.target.valid"));
+ }
+ }
} else {
- if (!ValidationHelper.isValidTarget(check)) {
- log.info("Not valid Target");
- errors.add(LanguageHelper.getErrorString("validation.general.target.valid"));
+
+ //check targetFrindlyName();
+ check = form.getTargetFriendlyName();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ log.warn("TargetFriendlyName contains potentail XSS characters: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.targetfriendlyname",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+ }
}
- }
+
+ if (MiscUtil.isEmpty(form.getTarget()) && MiscUtil.isEmpty(form.getTarget_admin())) {
+ log.info("Empty Target");
+ errors.add(LanguageHelper.getErrorString("validation.general.target.empty"));
+ }
+
+ //check Target
+ check = form.getTarget();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!ValidationHelper.isValidTarget(check)) {
+ log.info("Not valid Target");
+ errors.add(LanguageHelper.getErrorString("validation.general.target.valid"));
+ }
+ }
+
+ //check Admin Target
+ check = form.getTarget_admin();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!ValidationHelper.isValidAdminTarget(check)) {
+ log.info("Not valid Target");
+ errors.add(LanguageHelper.getErrorString("validation.general.target.admin.valid"));
+ }
+ }
+ }
}
return errors;
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAOAUTH20ConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAOAUTH20ConfigValidation.java
new file mode 100644
index 000000000..249df4dcd
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAOAUTH20ConfigValidation.java
@@ -0,0 +1,55 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
+package at.gv.egovernment.moa.id.configuration.validation.oa;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import org.apache.commons.lang.StringUtils;
+import org.apache.log4j.Logger;
+
+import at.gv.egovernment.moa.id.configuration.data.oa.OAOAuth20Config;
+import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
+import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Util;
+
+public class OAOAUTH20ConfigValidation {
+
+ private static final Logger log = Logger.getLogger(OAOAUTH20ConfigValidation.class);
+
+ public List<String> validate(OAOAuth20Config form) {
+
+ List<String> errors = new ArrayList<String>();
+
+ // validate secret
+// if (StringUtils.isEmpty(form.getClientSecret())) {
+// errors.add(LanguageHelper.getErrorString("error.oa.oauth.clientSecret"));
+// }
+
+ // validate redirectUri
+ if (StringUtils.isNotEmpty(form.getRedirectUri()) && !OAuth20Util.isUrl(form.getRedirectUri())) {
+ errors.add(LanguageHelper.getErrorString("error.oa.oauth.redirecturi"));
+ }
+
+ return errors;
+ }
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java
index 4a1ef9261..18b6a2d22 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java
@@ -1,3 +1,25 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.validation.oa;
import java.io.IOException;
@@ -10,6 +32,7 @@ import org.apache.log4j.Logger;
import at.gv.egovernment.moa.id.configuration.data.oa.OAPVP2Config;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper;
+import at.gv.egovernment.moa.util.FileUtils;
import at.gv.egovernment.moa.util.MiscUtil;
public class OAPVP2ConfigValidation {
@@ -19,24 +42,59 @@ public class OAPVP2ConfigValidation {
public List<String> validate(OAPVP2Config form) {
List<String> errors = new ArrayList<String>();
-
- String url = form.getMetaDataURL();
- if (MiscUtil.isNotEmpty(url) && !ValidationHelper.validateURL(url)) {
- log.info("MetaDataURL has no valid form.");
- errors.add(LanguageHelper.getErrorString("validation.pvp2.metadataurl.valid"));
- }
-
try {
+ byte[] metadata = null;
+// byte[] cert = null;
+
+ String check = form.getMetaDataURL();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!ValidationHelper.validateURL(check)) {
+ log.info("MetaDataURL has no valid form.");
+ errors.add(LanguageHelper.getErrorString("validation.pvp2.metadataurl.valid"));
+
+ } else {
+ metadata = FileUtils.readURL(check);
+ if (MiscUtil.isEmpty(metadata)) {
+ log.info("Filecontent can not be read form MetaDataURL.");
+ errors.add(LanguageHelper.getErrorString("validation.pvp2.metadataurl.read"));
+ }
+ }
+ }
+
if (form.getFileUpload() != null)
form.getCertificate();
+// else {
+// if (metadata != null) {
+// log.info("No certificate to verify the Metadata defined.");
+// errors.add(LanguageHelper.getErrorString("validation.pvp2.certificate.notfound"));
+// }
+// }
+
+// if (cert != null && metadata != null) {
+// HTTPMetadataProvider httpProvider = new HTTPMetadataProvider(
+// check, 20000);
+// httpProvider.setParserPool(new BasicParserPool());
+// httpProvider.setRequireValidMetadata(true);
+// MetadataFilter filter = new MetadataSignatureFilter(
+// check, cert);
+// httpProvider.setMetadataFilter(filter);
+// httpProvider.initialize();
+//
+// }
+
+
} catch (CertificateException e) {
log.info("Uploaded Certificate can not be found", e);
errors.add(LanguageHelper.getErrorString("validation.pvp2.certificate.notfound"));
} catch (IOException e) {
- log.info("Uploaded Certificate can not be parsed", e);
- errors.add(LanguageHelper.getErrorString("validation.pvp2.certificate.format"));
+ log.info("Metadata can not be loaded from URL", e);
+ errors.add(LanguageHelper.getErrorString("validation.pvp2.metadataurl.read"));
+
+// } catch (MetadataProviderException e) {
+// log.info("MetaDate verification failed");
+// errors.add(LanguageHelper.getErrorString("validation.pvp2.metadata.verify"));
}
return errors;
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASAML1ConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASAML1ConfigValidation.java
index 147ea45e9..73eba87ff 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASAML1ConfigValidation.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASAML1ConfigValidation.java
@@ -1,3 +1,25 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.validation.oa;
import java.util.ArrayList;
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASSOConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASSOConfigValidation.java
index 22e2406f2..dd305d144 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASSOConfigValidation.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASSOConfigValidation.java
@@ -1,3 +1,25 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.validation.oa;
import java.util.ArrayList;
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java
index 76183caad..def5aa5ed 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java
@@ -1,3 +1,25 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.configuration.validation.oa;
import java.util.ArrayList;
diff --git a/id/ConfigWebTool/src/main/resources/applicationResources.properties b/id/ConfigWebTool/src/main/resources/applicationResources.properties
index 0effc6961..456c37ff1 100644
--- a/id/ConfigWebTool/src/main/resources/applicationResources.properties
+++ b/id/ConfigWebTool/src/main/resources/applicationResources.properties
@@ -4,8 +4,10 @@ title=MOA-ID 2.x Configuration Tool
config.01=Configfile is not found.
config.02=Configfile is not readable.
config.03=Hibernate Database connector can not be initialized
+config.04=OpenSAML (PVP2 Login) can not be initialized
error.title=Fehler:
+error.general.text=W\u00E4hrend der Verarbeitung ist ein interner Fehler auftetreten. Bitte Versuchen Sie es nocheinmal oder kontaktieren Sie den Administrator.
errors.listOAs.noOA=Es wurden keine Online-Applikationen in der Datenbank gefunden.
errors.edit.oa.oaid=Es wurde keine g\u00FCtige Online-Applikations-ID \u00FCbergeben.
errors.edit.oa.oaid.allowed=Sie besitzen nicht die ben\u00F6tigen Rechte um auf diese Online-Applikation zuzugreifen.
@@ -20,7 +22,17 @@ errors.importexport.export.noconfig=Die Konfiguration kann nicht exportiert werd
errors.edit.user.userid=Es wurde keine g\u00FCtige User ID \u00FCbergeben.
errors.edit.user.save=Der Benutzer konnte nicht in die Datenbank eingetragen werden.
errors.edit.user.notallowed=Das Bearbeiten fremder Benutzereinstellungen ist nur dem Admin erlaubt.
-error.login=Der Anmeldevorgang durch einen internen Fehler unterbrochen. Bitte Versuchen sie es noch einmal.
+error.login=Der Anmeldevorgang wurde abgebrochen. Bitte Versuchen sie es noch einmal.
+error.mail.send=An die angegebene Mailadresse konnte keine Nachticht versendet werden.
+error.mail.verification=Der Verifikationsvorgang wurde durch einen internen Fehler unterbrochen. Bitte Versuchen sie es noch einmal.
+error.editoa.mailverification=Die Verwaltung von Online-Applikationen ist vor\u00FCbergehend deaktiviert, da die Mailadresse des Benutzeraccounts noch nicht verifiziert wurde.
+error.bkuformpreview.notpossible="Die Vorschau konnte nicht generiert werden da ein interner Fehler auftreten ist."
+error.oa.oauth.redirecturi=Redirect URL ist keine richtige URL
+error.oa.oauth.clientSecret=Client-Secret darf nicht leer sein
+error.oa.oauth.keyname=Key-Name darf nicht leer sein
+error.oa.oauth.keystore=Keystore darf nicht leer sein und muss eine richtige URL sein.
+
+mail.userrequest.subject=Accountanforderung MOA-ID 2.x Konfigurationstool
webpages.error.header=Es ist ein Fehler aufgetreten
@@ -28,6 +40,7 @@ webpages.index.header=Willkommen bei der MOA-ID 2.x Konfigurationsapplikation
webpages.index.desciption.head=Um dieses Service nutzen zu k\u00F6nnen m\u00FCssen sie sich einloggen.
webpages.index.login=Anmelden
webpages.index.logout=Abmelden
+webpages.index.login.pvp2=Anmeldung mit B\u00FCrgerkarte oder Handy-Signature
webpages.index.login.notallowed=Entweder sind Benutzername oder Passwort sind nicht korrekt oder der Account wurde noch nicht aktiviert.
webpages.index.username.unkown=Der Benutzer ist nicht bekannt.
webpages.index.username.notactive=Der Benutzer wurde durch den Administrator noch nicht freigeschalten.
@@ -47,8 +60,8 @@ webpages.inportexport.descripten=ACHTUNG\: Die importierte Konfiguration ersetzt
webpages.usermanagement.newuser=Neuen Benutzer erstellen
webpages.usermanagement.header=Benutzerverwaltung
webpages.listUsers.list.header=Liste aller vorhandenen Benutzer
-webpages.listUsers.list.first=Vorname
-webpages.listUsers.list.second=Familienname
+webpages.listUsers.list.first=Familien-/Firmenname
+webpages.listUsers.list.second=Vorname
webpages.listUsers.list.third=Benutzername
webpages.edituser.header=Benutzerdaten
webpages.edituser.givenname=Vorname
@@ -65,6 +78,11 @@ webpages.edituser.role.header=Rechte und Role
webpages.edituser.active=Benutzer ist aktiviert
webpages.edituser.admin=Benutzer ist Admin
webpages.edit.delete.user=Benutzer l\u00F6schen
+webpages.edit.newUser=Neuen Benutzer anfordern
+webpages.edituser.isusernamepasswordallowed=Benutzername/Passwort erlauben
+webpages.edituser.changemailaddress.verify=Bevor Sie Online-Applikationen verwalten k\u00F6nnen muss Ihre Mailadresse verifzieren werden. Eine entsprechende Mail wurde bereits an Ihr angegebenes Postfach versendet.
+webpages.edituser.verify.mail.button=Mailadresse pr\u00FCfen
+webpages.edituser.verify.mail.message=Es wurde eine Verifikationsmail an Ihr Postfach versendet
webpages.mainpage.menu.oa.insert=Neue Applikation anlegen
webpages.mainpage.menu.oa.display=Meine Applikationen
@@ -73,6 +91,7 @@ webpages.mainpage.menu.general.user=Meine Daten
webpages.mainpage.menu.general.importexport=Importieren/Exportieren
webpages.mainpage.menu.general.config.moaid=Allgemeine Konfiguration
webpages.mainpage.menu.general.usermanagement=Benutzerverwaltung
+webpages.mainpage.menu.general.adminrequests=Offene Anfragen
webpages.moaconfig.save.success=Die MOA-ID Konfiguration wurde erfolgreich gespeichert.
webpages.moaconfig.header=Allgemeine Konfiguration
@@ -141,41 +160,70 @@ webpages.oaconfig.general.bku.online=Online BKU
webpages.oaconfig.general.bku.handy=Handy BKU
webpages.oaconfig.general.bku.slversion=SecurityLayer Version
webpages.oaconfig.general.bku.keyboxidentifier=KeyBoxIdentifier
-webpages.oaconfig.general.bku.legacy=Legacy Modus
+webpages.oaconfig.general.bku.legacy=SecurityLayerTemplates (Legacy Request)
webpages.oaconfig.general.bku.sltemplate.first=1. SecurityLayer Template
webpages.oaconfig.general.bku.sltemplate.second=2. SecurityLayer Template
webpages.oaconfig.general.bku.sltemplate.third=3. SecurityLayer Template
webpages.oaconfig.general.identification=Eindeutiger Identifikatior (PublicURLPrefix)
webpages.oaconfig.general.mandate.header=Vollmachten
webpages.oaconfig.general.mandate.profiles=Profile
+webpages.oaconfig.general.mandate.usemandate=Vollmachten (ja/nein)
webpages.oaconfig.general.friendlyname=Name der Online-Applikation
webpages.oaconfig.general.isbusinessservice=Privatwirtschaftliche Applikation
webpages.oaconfig.general.public.header=&Ouml;ffentlicher Bereich
-webpages.oaconfig.general.target.friendlyname=Bezeichnung des Bereichs
+webpages.oaconfig.general.target.friendlyname=Bezeichnung des Bereichs (Frei w\u00E4hlbar)
+webpages.oaconfig.general.target.admin.checkbox=Anderen Bereich frei definieren
+webpages.oaconfig.general.target.admin=Bereich (Frei w\u00E4hlbar)
+webpages.oaconfig.general.target.friendlyname.disabled=Bezeichnung des Bereichs (vom Administrator eingestellt)
+webpages.oaconfig.general.target.admin.disabled=Bereich (vom Administrator eingestellt)
webpages.oaconfig.general.target=Bereich (Target)
+webpages.oaconfig.general.target.subsector=Sub-Bereich
+webpages.oaconfig.general.target.subsector.checkbox=Target verfeinern
webpages.oaconfig.general.business.header=Privatwirtschaftlicher Bereich
-webpages.oaconfig.general.business.value=Identificationsnummer
+webpages.oaconfig.general.business.value=Identifikationsnummer
+webpages.oaconfig.general.business.type=Type der Identifikationsnummer
webpages.oaconfig.general.aditional.header=Zus&auml;tzliche allgemeine Einstellungen
webpages.oaconfig.general.aditional.authblocktext=AuthblockText
webpages.oaconfig.general.aditional.iframe=B\u00FCrgerkartenauswahl im IFrame
webpages.oaconfig.general.aditional.useUTC=UTC Zeit verwenden
webpages.oaconfig.general.aditional.calculateHPI="TODO!"
+webpages.oaconfig.general.isHideBPKAuthBlock=bPK/wbPK im AuthBlock ausblenden
webpages.oaconfig.menu.saml1.show=SAML1 Konfiguration einblenden
webpages.oaconfig.menu.saml1.hidden=SAML1 Konfiguration ausblenden
webpages.oaconfig.menu.pvp2.show=PVP2 Konfiguration einblenden
webpages.oaconfig.menu.pvp2.hidden=PVP2 Konfiguration ausblenden
+webpages.oaconfig.menu.oauth20.show=OAuth 2.0 Konfiguration einblenden
+webpages.oaconfig.menu.oauth20.hidden=OAuth 2.0 Konfiguration ausblenden
+
webpages.oaconfig.menu.stork=STORK Konfiguration
webpages.oaconfig.protocols.header=Authentifizierungsprotokolle
+webpages.oaconfig.general.BKUSelection.button.show=Login-Fenster Konfiguration einblenden
+webpages.oaconfig.general.BKUSelection.button.hidden=Login-Fenster Konfiguration ausblenden
+webpages.oaconfig.general.BKUSelection.header=Formularkonfiguration
+webpages.oaconfig.general.BKUSelection.isOnlyMandateLoginAllowed=Nur Vollmachtenanmeldung erlauben
+webpages.oaconfig.general.BKUSelection.backgroundcolor=Hintergrundfarbe der BKU-Auswahl
+webpages.oaconfig.general.BKUSelection.frontcolor=Vordergrundfarbe der BKU-Auswahl
+webpages.oaconfig.general.BKUSelection.header.backgroundcolor=Hintergrundfarbe der \u00DCberschrift
+webpages.oaconfig.general.BKUSelection.header.frontcolor=Vordergrundfarbe der \u00DCberschrift
+webpages.oaconfig.general.BKUSelection.header.text=\u00DCberschriftstext
+webpages.oaconfig.general.BKUSelection.header.button.background=Hintergrundfarbe der Schaltfl\u00E4chen
+webpages.oaconfig.general.BKUSelection.header.button.background.focus=Hintergrundfarbe der Schaltfl\u00E4chen (Focus)
+webpages.oaconfig.general.BKUSelection.header.button.front=Vordergrundfarbe der Schaltfl\u00E4chen
+webpages.oaconfig.general.BKUSelection.redirectTarget=Targetparameter
+webpages.oaconfig.general.BKUSelection.fonttype=Formularschrifttyp
+webpages.oaconfig.general.BKUSelection.fonttype.list=Formularschrifttypen
+
webpages.oaconfig.sso.header=Single Sign-On
webpages.oaconfig.sso.singlelogouturl=Single Log-Out URL
webpages.oaconfig.sso.useauthdataframe=Zus\u00E4tzliche Userabfrage
webpages.oaconfig.sso.usesso=Single Sign-On verwenden
webpages.oaconfig.protocols.saml1.header=SAML1 Konfiguration
+webpages.oaconfig.saml1.isActice=SAML1 aktivieren
webpages.oaconfig.saml1.provideStammZahl=Stammzahl \u00FCbertragen
webpages.oaconfig.saml1.provideAuthBlock=Authentifizierungsblock \u00FCbertragen
webpages.oaconfig.saml1.provideIdentityLink=Personenbindung \u00FCbertragen
@@ -189,8 +237,15 @@ webpages.oaconfig.pvp2.metaDataURL=URL zu den Metadaten
webpages.oaconfig.pvp2.certifcate=Zertifikat hochladen
webpages.oaconfig.pvp2.certifcate.info=Infos zum Zertifikat
+webpages.oaconfig.protocols.oauth20.header=OAuth 2.0 Konfiguration
+webpages.oaconfig.oauth20.clientId=Client ID
+webpages.oaconfig.oauth20.clientSecret=Client Passwort
+webpages.oaconfig.oauth20.redirectUri=Redirect Uri
+
+
message.title=Meldung:
webpages.oaconfig.success=Die Online-Applikation {0} konnte erfolgreich gespeichert werden.
+webpages.oaconfig.success.admin=Die Online-Applikation {0} konnte erfolgreich gespeichert werden. Es ist jedoch eine Aktivierung durch den Administrator erforderlich.
webpages.oaconfig.cancle=Die Bearbeitung der Online-Applikation {0} wurde abgebrochen.
webpages.oaconfig.delete.message=Die Online-Applikation {0} wurde erfolgreich gel\u00F6scht.
@@ -203,6 +258,13 @@ webpages.edit.delete=Online-Applikation l\u00F6schen
webpages.header.info=Sie sind angemeldet als:
webpages.header.lastlogin=Letzte Anmeldung am:
+webpages.openadminrequests.header=Offene Antr\u00E4ge
+webpages.openadminrequests.users.header=Benutzeraccounts
+webpages.openadminrequests.oas.header=Online-Applikationen
+
+
+validation.newuser.mailaddress=Die Validierung der Mailadresse konnte erfolgreich durchgef\u00FChrt werden.
+
validation.edituser.familyname.empty=Der Familienname ist leer.
validation.edituser.familyname.valid=Der Familienname enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
validation.edituser.givenname.empty=Der Vorname ist leer.
@@ -285,20 +347,27 @@ validation.general.sltemplate1.valid=Die erste SecurityLayer Template URL hat ke
validation.general.sltemplate2.valid=Die zweite SecurityLayer Template URL hat kein g\u00FCltiges Format.
validation.general.sltemplate3.valid=Die dritte SecurityLayer Template URL hat kein g\u00FCltiges Format.
validation.general.mandate.profiles=Die Liste von Vollmachtsprofilen enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.mandate.usemandate=Die Konfiguration von Vollmachtsprofile ist nur mit aktivierten Vollmachten m\u00F6glich.
validation.general.target.empty=Der Target f\u00FCr die Online-Applikation ist leer.
validation.general.target.valid=Der Target f\u00FCr die Online-Applikation hat kein g\u00FCltiges Format.
+validation.general.target.subsector.valid=Der Target-Subsektor hat kein g\u00FCltiges Format.
+validation.general.target.admin.valid=Der Admin-Target f\u00FCr die Online-Applikation hat kein g\u00FCltiges Format.
+validation.general.target.publicserviceurl=Die Domain des eindeutigen Identifiers f\u00FCr die Online-Applikation erlaubt nur Applikationen aus dem privatwirtschaftlichen Bereich.
validation.general.slversion=Die SecurtiyLayer Version ist kein Zahlenformat.
validation.general.slversion.business=Im privatwirtschaftlichen Bereich muss die SecurityLayerversion mindestes 1.2 betragen. Die SLVersion wurde auf 1.2 ge\u00E4ndert.
validation.general.targetfriendlyname=Der Name des Bereichs (Target) enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.identificationtype.valid=Der Identifikationstype wird nicht unterst\u00FCtzt.
validation.general.identificationnumber.empty=Im privatwirtschaftlichen Bereich ist eine Identifikationsnummer erforderlich.
validation.general.identificationnumber.valid=Die Identifikationsnummer f\u00FCr den privatwirtschaftlichen Bereich enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
-validation.general.identificationnumber.fa.valid=Die Firmenbuchnummer hat kein g\u00FCltiges Format.
+validation.general.identificationnumber.fn.valid=Die Firmenbuchnummer hat kein g\u00FCltiges Format.
validation.general.oaidentifier.empty=Es wurde kein eindeutiger Identifier f\u00FCr die Online-Applikation angegeben.
-validation.general.oaidentifier.valid=Der eindeutige Identifier f\u00FCr die Online-Applikation enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.oaidentifier.valid=Der eindeutige Identifier f\u00FCr die Online-Applikation ist keine g\u00FCltige URL.
validation.general.oaidentifier.notunique=Der gew\u00E4hlte eindeutige Identifier ist bereits vorhanden. Eine Eintragung der Online-Applikation ist nicht m\u00F6glich.
validation.pvp2.metadataurl.empty=Keine Metadaten URL angegeben.
validation.pvp2.metadataurl.valid=Die Metadaten URL wei\u00DFt kein g\u00FCltiges URL Format auf.
+validation.pvp2.metadataurl.read=Unter der angegebenen Metadaten URL konnten keine Informationen abgerufen werden.
+validation.pvp2.metadata.verify=Die Metadaten konnten nicht mit dem angegebenen Zertifikat verifziert werden.
validation.pvp2.certificate.format=Das angegebene PVP2 Zertifikat wei\u00DFt kein g\u00FCltiges Format auf.
validation.pvp2.certificate.notfound=Kein PVP2 Zertifikat eingef\u00FCgt.
@@ -307,3 +376,15 @@ validation.sso.logouturl.valid=Die URL zum Single Log-Out Service wei\u00DFt kei
validation.saml1.providestammzahl=ProvideStammZahl kann nicht mit Applikationen aus dem privatwirtschaftlichen Bereich kombiniert werden.
+validation.general.bkuselection.specialfeatures.valid=Die speziellen Einstellungen f\u00FCr die BKU Auswahl (Vollmachtsanmeldung ausblenden / zwingend voraussetzen) k\u00F6nnen nicht in Kombination mit SSO verwendet werden.
+validation.general.bkuselection.specialfeatures.combination=Eine zwingend erforderliche Vollmachtenanmeldung in Kombination mit einer ausgeblendeten Vollmachtenauswahlcheckbox ist nicht m\u00F6glich.
+validation.general.form.color.background=Die Hintergrundfarbe f\\u00FCr die BKU Auswahl enth\\u00E4lt keinen g\\u00FCltigen Hexadezimalwert. (z.B. \\\#FFFFFF)
+validation.general.form.color.front=Die Vordergrundfarbe f\\u00FCr die BKU Auswahl enth\\u00E4lt keinen g\\u00FCltigen Hexadezimalwert. (z.B. \\\#FFFFFF)
+validation.general.form.header.color.back=Die Hintergrundfarbe der BKU-Auswahl\\u00FCberschrift enth\\u00E4lt keinen g\\u00FCltigen Hexadezimalwert. (z.B. \\\#FFFFFF)
+validation.general.form.header.color.front=Die Vordergrundfarbe der BKU-Auswahl\\u00FCberschrift enth\\u00E4lt keinen g\\u00FCltigen Hexadezimalwert. (z.B. \\\#FFFFFF)
+validation.general.form.header.text=Die BKU-Auswahl\\u00FCberschrift enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.form.button.color.back.focus=Die Hintergrundfarbe f\\u00FCr Focus der BKU-Auswahlbuttons enth\\u00E4lt keinen g\\u00FCltigen Hexadezimalwert. (z.B. \\\#FFFFFF)
+validation.general.form.button.color.back=Die Hintergrundfarbe der BKU-Auswahlbuttons enth\\u00E4lt keinen g\\u00FCltigen Hexadezimalwert. (z.B. \\\#FFFFFF)
+validation.general.form.button.color.front=Die Vordergrundfarbe der BKU-Auswahlbuttons enth\\u00E4lt keinen g\\u00FCltigen Hexadezimalwert. (z.B. \\\#FFFFFF)
+validation.general.form.appletredirecttarget=Der RedirectTarget beinhaltet einen ung\\u00FCltiten Wert.
+validation.general.form.fonttype=Der BKU-Auswahl Schrifttyp enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0} \ No newline at end of file
diff --git a/id/ConfigWebTool/src/main/resources/struts.xml b/id/ConfigWebTool/src/main/resources/struts.xml
index 3b33bffcb..ee5baf8d6 100644
--- a/id/ConfigWebTool/src/main/resources/struts.xml
+++ b/id/ConfigWebTool/src/main/resources/struts.xml
@@ -25,11 +25,35 @@
<interceptor-ref name="defaultStack"/>
</action>
+ <action name="pvp2login" method="pvp2login" class="at.gv.egovernment.moa.id.configuration.struts.action.IndexAction">
+ <result name="success" type="redirectAction">
+ <param name="actionName">main</param>
+ <param name="namespace">/secure</param>
+ </result>
+ <result name="newuser">/jsp/newUserRequest.jsp</result>
+ <result name="error">/index.jsp</result>
+ <interceptor-ref name="defaultStack"/>
+ </action>
+
+ <action name="requestNewUser" method="requestNewUser" class="at.gv.egovernment.moa.id.configuration.struts.action.IndexAction">
+ <result name="newuser">/jsp/newUserRequest.jsp</result>
+ <result name="success">/index.jsp</result>
+ <result name="error">/index.jsp</result>
+ <interceptor-ref name="defaultStack"/>
+ </action>
+
+ <action name="mailAddressVerification" method="mailAddressVerification" class="at.gv.egovernment.moa.id.configuration.struts.action.IndexAction">
+ <result name="error">/index.jsp</result>
+ <result name="success">/index.jsp</result>
+ <interceptor-ref name="defaultStack"/>
+ </action>
+
<action name="logout" method="logout" class="at.gv.egovernment.moa.id.configuration.struts.action.IndexAction">
<result name="success" type="redirectAction">
<param name="actionName">index</param>
<param name="namespace">/</param>
</result>
+ <result name="ssologout" type="redirect">${ssologouturl}</result>
<interceptor-ref name="defaultStack"/>
</action>
@@ -91,6 +115,7 @@
<action name="newOA" method="newOA" class="at.gv.egovernment.moa.id.configuration.struts.action.EditOAAction">
<result name="editOA">/jsp/editOAGeneral.jsp</result>
+ <result name="success" type="chain">main</result>
<result name="error">/error.jsp</result>
<result name="reauthentication" type="redirectAction">
<param name="actionName">logout</param>
@@ -101,6 +126,7 @@
<action name="loadOA" method="inital" class="at.gv.egovernment.moa.id.configuration.struts.action.EditOAAction">
<result name="editOA">/jsp/editOAGeneral.jsp</result>
+ <result name="success" type="chain">main</result>
<result name="error">/error.jsp</result>
<result name="reauthentication" type="redirectAction">
<param name="actionName">logout</param>
@@ -109,8 +135,16 @@
<interceptor-ref name="defaultStack"/>
</action>
+ <action name="bkuFramePreview" method="bkuFramePreview" class="at.gv.egovernment.moa.id.configuration.struts.action.EditOAAction">
+ <result type="stream">
+ <param name="contentType">text/html</param>
+ <param name="inputName">stream</param>
+ </result>
+ <interceptor-ref name="defaultStack"/>
+ </action>
+
<action name="saveOA" method="saveOA" class="at.gv.egovernment.moa.id.configuration.struts.action.EditOAAction">
- <result name="success" type="chain">main</result>
+ <result name="success" type="chain">${nextPage}</result>
<result name="error_validation">/jsp/editOAGeneral.jsp</result>
<result name="error">/error.jsp</result>
<result name="reauthentication" type="redirectAction">
@@ -121,7 +155,7 @@
</action>
<action name="cancleandbackOA" method="cancleAndBackOA" class="at.gv.egovernment.moa.id.configuration.struts.action.EditOAAction">
- <result type="chain">main</result>
+ <result type="chain">${nextPage}</result>
<result name="reauthentication" type="redirectAction">
<param name="actionName">logout</param>
<param name="namespace">/</param>
@@ -130,7 +164,7 @@
</action>
<action name="deleteOA" method="deleteOA" class="at.gv.egovernment.moa.id.configuration.struts.action.EditOAAction">
- <result type="chain">main</result>
+ <result name="success" type="chain">${nextPage}</result>
<result name="error_validation">/jsp/editOAGeneral.jsp</result>
<result name="reauthentication" type="redirectAction">
<param name="actionName">logout</param>
@@ -190,6 +224,7 @@
<param name="namespace">/</param>
</result>
<result name="notallowed">/jsp/mainpage.jsp</result>
+ <result name="error">/error.jsp</result>
<interceptor-ref name="defaultStack"/>
</action>
@@ -201,6 +236,7 @@
<param name="namespace">/</param>
</result>
<result name="notallowed">/jsp/mainpage.jsp</result>
+ <result name="error">/error.jsp</result>
<interceptor-ref name="defaultStack"/>
</action>
@@ -217,6 +253,7 @@
</result>
<result name="error_validation">/jsp/importexport.jsp</result>
<result name="notallowed">/jsp/mainpage.jsp</result>
+ <result name="error">/error.jsp</result>
<interceptor-ref name="defaultStack"/>
</action>
@@ -253,7 +290,7 @@
</action>
<action name="deleteUser" method="deleteuser" class="at.gv.egovernment.moa.id.configuration.struts.action.UserManagementAction">
- <result name="success" type="chain">usermanagementInit</result>
+ <result name="success" type="chain">${nextPage}</result>
<result name="notallowed" type="chain">main</result>
<result name="error">/error.jsp</result>
<result name="reauthentication" type="redirectAction">
@@ -264,7 +301,7 @@
</action>
<action name="saveUser" method="saveuser" class="at.gv.egovernment.moa.id.configuration.struts.action.UserManagementAction">
- <result name="success" type="chain">usermanagementInit</result>
+ <result name="success" type="chain">${nextPage}</result>
<result name="error_validation">/jsp/edituser.jsp</result>
<result name="notallowed" type="chain">main</result>
<result name="error">/error.jsp</result>
@@ -275,6 +312,25 @@
<interceptor-ref name="defaultStack"/>
</action>
+ <action name="sendVerificationMail" method="sendVerificationMail" class="at.gv.egovernment.moa.id.configuration.struts.action.UserManagementAction">
+ <result type="stream">
+ <param name="contentType">text/html</param>
+ <param name="inputName">stream</param>
+ </result>
+ <interceptor-ref name="defaultStack"/>
+ </action>
+
+ <action name="adminRequestsInit" method="init" class="at.gv.egovernment.moa.id.configuration.struts.action.OpenAdminRequestsAction">
+ <result name="success">/jsp/openadminrequests.jsp</result>
+ <result name="notallowed" type="chain">main</result>
+ <result name="error">/error.jsp</result>
+ <result name="reauthentication" type="redirectAction">
+ <param name="actionName">logout</param>
+ <param name="namespace">/</param>
+ </result>
+ <interceptor-ref name="defaultStack"/>
+ </action>
+
</package>
</struts> \ No newline at end of file
diff --git a/id/ConfigWebTool/src/main/resources/templates/pvp_postbinding_template.html b/id/ConfigWebTool/src/main/resources/templates/pvp_postbinding_template.html
new file mode 100644
index 000000000..1215c2b58
--- /dev/null
+++ b/id/ConfigWebTool/src/main/resources/templates/pvp_postbinding_template.html
@@ -0,0 +1,51 @@
+##
+## Velocity Template for SAML 2 HTTP-POST binding
+##
+## Velocity context may contain the following properties
+## action - String - the action URL for the form
+## RelayState - String - the relay state for the message
+## SAMLRequest - String - the Base64 encoded SAML Request
+## SAMLResponse - String - the Base64 encoded SAML Response
+
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
+
+ <body onload="document.forms[0].submit()">
+ <noscript>
+ <p>
+ <strong>Note:</strong> Since your browser does not support JavaScript,
+ you must press the Continue button once to proceed.
+ </p>
+ </noscript>
+
+
+ <div id="alert">Your login is being processed. Thank you for waiting.</div>
+
+ <style type="text/css">
+ <!--
+ #alert {
+ margin:100px 250px;
+ font-family: Verdana, Arial, Helvetica, sans-serif;
+ font-size:14px;
+ font-weight:normal;
+ }
+ -->
+ </style>
+
+ <form action="${action}" method="post">
+ <div>
+ #if($RelayState)<input type="hidden" name="RelayState" value="${RelayState}"/>#end
+
+ #if($SAMLRequest)<input type="hidden" name="SAMLRequest" value="${SAMLRequest}"/>#end
+
+ #if($SAMLResponse)<input type="hidden" name="SAMLResponse" value="${SAMLResponse}"/>#end
+
+ </div>
+ <noscript>
+ <div>
+ <input type="submit" value="Continue"/>
+ </div>
+ </noscript>
+ </form>
+
+ </body>
+</html> \ No newline at end of file
diff --git a/id/ConfigWebTool/src/main/webapp/WEB-INF/log4j.properties b/id/ConfigWebTool/src/main/webapp/WEB-INF/log4j.properties
index 3ca86f404..1c5b79e8f 100644
--- a/id/ConfigWebTool/src/main/webapp/WEB-INF/log4j.properties
+++ b/id/ConfigWebTool/src/main/webapp/WEB-INF/log4j.properties
@@ -1,3 +1,25 @@
+###############################################################################
+# Copyright 2014 Federal Chancellery Austria
+# MOA-ID has been developed in a cooperation between BRZ, the Federal
+# Chancellery Austria - ICT staff unit, and Graz University of Technology.
+#
+# Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+# the European Commission - subsequent versions of the EUPL (the "Licence");
+# You may not use this work except in compliance with the Licence.
+# You may obtain a copy of the Licence at:
+# http://www.osor.eu/eupl/
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the Licence is distributed on an "AS IS" basis,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the Licence for the specific language governing permissions and
+# limitations under the Licence.
+#
+# This product combines work with different licenses. See the "NOTICE" text
+# file for details on the various modules and licenses.
+# The "NOTICE" text file is part of the distribution. Any derivative works
+# that you distribute must include a readable copy of the "NOTICE" text file.
+###############################################################################
# Set root category priority to INFO and its only appender to CONSOLE.
log4j.rootCategory=INFO, CONSOLE
#log4j.rootCategory=INFO, CONSOLE, LOGFILE
diff --git a/id/ConfigWebTool/src/main/webapp/WEB-INF/web.xml b/id/ConfigWebTool/src/main/webapp/WEB-INF/web.xml
index 7b27b0c4d..a44cf8ce5 100644
--- a/id/ConfigWebTool/src/main/webapp/WEB-INF/web.xml
+++ b/id/ConfigWebTool/src/main/webapp/WEB-INF/web.xml
@@ -24,7 +24,7 @@
</init-param>
<init-param>
<param-name>allowed</param-name>
- <param-value>^.*((/index.action)|(/error.action)|(/authenticate.action)|(/logout.action)|(/jsp/.*)|(/css/.*)|(/images/.*)|(/js/.*))$</param-value>
+ <param-value>^.*((/index.action)|(/error.action)|(/authenticate.action)|(/pvp2login.action.*)|(/mailAddressVerification.action.*)|(/logout.action)|(/jsp/.*)|(/css/.*)|(/servlet/.*)|(/images/.*)|(/js/.*))$</param-value>
</init-param>
</filter>
<filter-mapping>
@@ -61,6 +61,28 @@
</init-param>
</filter>
+ <servlet>
+ <servlet-name>pvp2login</servlet-name>
+ <display-name>pvp2login</display-name>
+ <servlet-class>at.gv.egovernment.moa.id.configuration.auth.pvp2.Authenticate</servlet-class>
+ </servlet>
+
+ <servlet>
+ <servlet-name>buildmetadata</servlet-name>
+ <display-name>buildmetadata</display-name>
+ <servlet-class>at.gv.egovernment.moa.id.configuration.auth.pvp2.BuildMetadata</servlet-class>
+ </servlet>
+
+ <servlet-mapping>
+ <servlet-name>buildmetadata</servlet-name>
+ <url-pattern>/servlet/metadata</url-pattern>
+ </servlet-mapping>
+
+ <servlet-mapping>
+ <servlet-name>pvp2login</servlet-name>
+ <url-pattern>/servlet/pvp2login</url-pattern>
+ </servlet-mapping>
+
<!-- <filter-mapping>
<filter-name>sitemash</filter-name>
<url-pattern>/*</url-pattern>
diff --git a/id/ConfigWebTool/src/main/webapp/css/colorpicker.css b/id/ConfigWebTool/src/main/webapp/css/colorpicker.css
new file mode 100644
index 000000000..0b3d5d936
--- /dev/null
+++ b/id/ConfigWebTool/src/main/webapp/css/colorpicker.css
@@ -0,0 +1,161 @@
+.colorpicker {
+ width: 356px;
+ height: 176px;
+ overflow: hidden;
+ position: absolute;
+ background: url(../images/colorpicker_background.png);
+ font-family: Arial, Helvetica, sans-serif;
+ display: none;
+}
+.colorpicker_color {
+ width: 150px;
+ height: 150px;
+ left: 14px;
+ top: 13px;
+ position: absolute;
+ background: #f00;
+ overflow: hidden;
+ cursor: crosshair;
+}
+.colorpicker_color div {
+ position: absolute;
+ top: 0;
+ left: 0;
+ width: 150px;
+ height: 150px;
+ background: url(../images/colorpicker_overlay.png);
+}
+.colorpicker_color div div {
+ position: absolute;
+ top: 0;
+ left: 0;
+ width: 11px;
+ height: 11px;
+ overflow: hidden;
+ background: url(../images/colorpicker_select.gif);
+ margin: -5px 0 0 -5px;
+}
+.colorpicker_hue {
+ position: absolute;
+ top: 13px;
+ left: 171px;
+ width: 35px;
+ height: 150px;
+ cursor: n-resize;
+}
+.colorpicker_hue div {
+ position: absolute;
+ width: 35px;
+ height: 9px;
+ overflow: hidden;
+ background: url(../images/colorpicker_indic.gif) left top;
+ margin: -4px 0 0 0;
+ left: 0px;
+}
+.colorpicker_new_color {
+ position: absolute;
+ width: 60px;
+ height: 30px;
+ left: 213px;
+ top: 13px;
+ background: #f00;
+}
+.colorpicker_current_color {
+ position: absolute;
+ width: 60px;
+ height: 30px;
+ left: 283px;
+ top: 13px;
+ background: #f00;
+}
+.colorpicker input {
+ background-color: transparent;
+ border: 1px solid transparent;
+ position: absolute;
+ font-size: 10px;
+ font-family: Arial, Helvetica, sans-serif;
+ color: #898989;
+ top: 4px;
+ right: 11px;
+ text-align: right;
+ margin: 0;
+ padding: 0;
+ height: 11px;
+}
+.colorpicker_hex {
+ position: absolute;
+ width: 72px;
+ height: 22px;
+ background: url(../images/colorpicker_hex.png) top;
+ left: 212px;
+ top: 142px;
+}
+.colorpicker_hex input {
+ right: 6px;
+}
+.colorpicker_field {
+ height: 22px;
+ width: 62px;
+ background-position: top;
+ position: absolute;
+}
+.colorpicker_field span {
+ position: absolute;
+ width: 12px;
+ height: 22px;
+ overflow: hidden;
+ top: 0;
+ right: 0;
+ cursor: n-resize;
+}
+.colorpicker_rgb_r {
+ background-image: url(../images/colorpicker_rgb_r.png);
+ top: 52px;
+ left: 212px;
+}
+.colorpicker_rgb_g {
+ background-image: url(../images/colorpicker_rgb_g.png);
+ top: 82px;
+ left: 212px;
+}
+.colorpicker_rgb_b {
+ background-image: url(../images/colorpicker_rgb_b.png);
+ top: 112px;
+ left: 212px;
+}
+.colorpicker_hsb_h {
+ background-image: url(../images/colorpicker_hsb_h.png);
+ top: 52px;
+ left: 282px;
+}
+.colorpicker_hsb_s {
+ background-image: url(../images/colorpicker_hsb_s.png);
+ top: 82px;
+ left: 282px;
+}
+.colorpicker_hsb_b {
+ background-image: url(../images/colorpicker_hsb_b.png);
+ top: 112px;
+ left: 282px;
+}
+.colorpicker_submit {
+ position: absolute;
+ width: 22px;
+ height: 22px;
+ background: url(../images/colorpicker_submit.png) top;
+ left: 322px;
+ top: 142px;
+ overflow: hidden;
+}
+.colorpicker_focus {
+ background-position: center;
+}
+.colorpicker_hex.colorpicker_focus {
+ background-position: bottom;
+}
+.colorpicker_submit.colorpicker_focus {
+ background-position: bottom;
+}
+.colorpicker_slider {
+ background-position: bottom;
+}
diff --git a/id/ConfigWebTool/src/main/webapp/css/index.css b/id/ConfigWebTool/src/main/webapp/css/index.css
index 6eeb6a4ee..14591f1dc 100644
--- a/id/ConfigWebTool/src/main/webapp/css/index.css
+++ b/id/ConfigWebTool/src/main/webapp/css/index.css
@@ -22,6 +22,34 @@
padding-right: 25px;
}
+#passwordlogin {
+ float: left;
+}
+
+#bkulogin {
+ float: left;
+ margin-left: 50px;
+}
+
+#bkuloginbutton {
+ background:-moz-linear-gradient(bottom,#b3b3b3,#f1f1f1); /* Firefox */
+ background:-webkit-gradient(linear,left top,left bottom,from(#b3b3b3),to(#f1f1f1)); /* Chrome, Safari */
+ filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#b3b3b3',endColorstr='#f1f1f1');
+
+ display: block;
+ padding-top: 10px;
+ padding-bottom: 10px;
+ text-align: center;
+ width: 200px;
+ /* background-color: gold; */
+ border-radius: 10px;
+ box-shadow: 8px 8px 8px #666;
+ border-style: solid;
+ border-color: black;
+ border-width: 2px;
+
+}
+
#menu_area {
margin-top: 25px;
border-color: black;
@@ -106,6 +134,33 @@
display: none;
}
+#formcustom_button_hidden {
+ display: none;
+}
+
+#formcustom_button_show {
+ margin-bottom: 50px;
+ clear: both;
+}
+
+#formcustom_area {
+ margin-bottom: 50px;
+}
+
+#formCustomValues {
+ float: left;
+}
+
+#formCustomPreview {
+ float: left;
+ margin-bottom: 25px;
+ margin-left: 25px;
+}
+
+#mail_area input {
+ float: right;
+}
+
.oa_protocol_area {
clear: both;
margin-left: 25px;
@@ -147,6 +202,7 @@
margin-top: 6px;
}
+
.oa_config_block h3 {
padding-top: 25px;
}
@@ -184,7 +240,7 @@
}
.wwgrp {
- clear:both;
+ clear:left;
}
#oa_saml1_area .wwgrp {
@@ -193,6 +249,10 @@
margin-right: 50px;
}
+#oa_config_businessservice .wwgrp {
+ clear: none;
+}
+
div .wwgrp br {
display: none;
}
@@ -202,6 +262,15 @@ div .wwgrp br {
}
+.textfield_middle {
+ width: 100px;
+
+}
+
+.textfield_mail {
+ width: 300px;
+}
+
.textfield_long {
width: 600px;
@@ -212,7 +281,13 @@ div .wwgrp br {
height: 200px;
text-align: left;
}
-
+
+.selectfield {
+ width: 80px;
+ float: left;
+ margin-right: 5px;
+}
+
.checkbox{
margin-top: 7px;
}
@@ -271,13 +346,19 @@ div .wwgrp br {
width: 200px;
}
-.userListThird {
+.userListFirstSecond {
position: relative;
+ width: 400px;
float: left;
}
-.disabled {
+.userListThird {
+ position: relative;
+ float: left;
+}
+#usernamepassword_area {
+ display: none;
}
#footer_area {
diff --git a/id/ConfigWebTool/src/main/webapp/error.jsp b/id/ConfigWebTool/src/main/webapp/error.jsp
index 97dc218e7..8993c1102 100644
--- a/id/ConfigWebTool/src/main/webapp/error.jsp
+++ b/id/ConfigWebTool/src/main/webapp/error.jsp
@@ -1,3 +1,4 @@
+<%@page import="at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider"%>
<%@page import="at.gv.egovernment.moa.id.configuration.helper.LanguageHelper"%>
<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%>
@@ -11,10 +12,11 @@
<title><%=LanguageHelper.getGUIString("title", request) %></title>
</head>
- <body>
- <h1><%=LanguageHelper.getGUIString("webpages.error.header", request) %></h1>
+ <body style="text-align: center;">
+ <h1 style="color: red;"><%=LanguageHelper.getGUIString("webpages.error.header", request) %></h1>
<div id="information_area">
+ <p><%=LanguageHelper.getGUIString("error.general.text", request) %></p>
<s:if test="hasActionErrors()">
<div id="error_area">
<label><%=LanguageHelper.getGUIString("error.title", request) %></label>
diff --git a/id/ConfigWebTool/src/main/webapp/images/blank.gif b/id/ConfigWebTool/src/main/webapp/images/blank.gif
new file mode 100644
index 000000000..75b945d25
--- /dev/null
+++ b/id/ConfigWebTool/src/main/webapp/images/blank.gif
Binary files differ
diff --git a/id/ConfigWebTool/src/main/webapp/images/colorpicker_background.png b/id/ConfigWebTool/src/main/webapp/images/colorpicker_background.png
new file mode 100644
index 000000000..8401572f1
--- /dev/null
+++ b/id/ConfigWebTool/src/main/webapp/images/colorpicker_background.png
Binary files differ
diff --git a/id/ConfigWebTool/src/main/webapp/images/colorpicker_hex.png b/id/ConfigWebTool/src/main/webapp/images/colorpicker_hex.png
new file mode 100644
index 000000000..4e532d7c6
--- /dev/null
+++ b/id/ConfigWebTool/src/main/webapp/images/colorpicker_hex.png
Binary files differ
diff --git a/id/ConfigWebTool/src/main/webapp/images/colorpicker_hsb_b.png b/id/ConfigWebTool/src/main/webapp/images/colorpicker_hsb_b.png
new file mode 100644
index 000000000..dfac595d0
--- /dev/null
+++ b/id/ConfigWebTool/src/main/webapp/images/colorpicker_hsb_b.png
Binary files differ
diff --git a/id/ConfigWebTool/src/main/webapp/images/colorpicker_hsb_h.png b/id/ConfigWebTool/src/main/webapp/images/colorpicker_hsb_h.png
new file mode 100644
index 000000000..3977ed9f2
--- /dev/null
+++ b/id/ConfigWebTool/src/main/webapp/images/colorpicker_hsb_h.png
Binary files differ
diff --git a/id/ConfigWebTool/src/main/webapp/images/colorpicker_hsb_s.png b/id/ConfigWebTool/src/main/webapp/images/colorpicker_hsb_s.png
new file mode 100644
index 000000000..a2a699736
--- /dev/null
+++ b/id/ConfigWebTool/src/main/webapp/images/colorpicker_hsb_s.png
Binary files differ
diff --git a/id/ConfigWebTool/src/main/webapp/images/colorpicker_indic.gif b/id/ConfigWebTool/src/main/webapp/images/colorpicker_indic.gif
new file mode 100644
index 000000000..f9fa95e28
--- /dev/null
+++ b/id/ConfigWebTool/src/main/webapp/images/colorpicker_indic.gif
Binary files differ
diff --git a/id/ConfigWebTool/src/main/webapp/images/colorpicker_overlay.png b/id/ConfigWebTool/src/main/webapp/images/colorpicker_overlay.png
new file mode 100644
index 000000000..561cdd9c5
--- /dev/null
+++ b/id/ConfigWebTool/src/main/webapp/images/colorpicker_overlay.png
Binary files differ
diff --git a/id/ConfigWebTool/src/main/webapp/images/colorpicker_rgb_b.png b/id/ConfigWebTool/src/main/webapp/images/colorpicker_rgb_b.png
new file mode 100644
index 000000000..dfac595d0
--- /dev/null
+++ b/id/ConfigWebTool/src/main/webapp/images/colorpicker_rgb_b.png
Binary files differ
diff --git a/id/ConfigWebTool/src/main/webapp/images/colorpicker_rgb_g.png b/id/ConfigWebTool/src/main/webapp/images/colorpicker_rgb_g.png
new file mode 100644
index 000000000..72b32760a
--- /dev/null
+++ b/id/ConfigWebTool/src/main/webapp/images/colorpicker_rgb_g.png
Binary files differ
diff --git a/id/ConfigWebTool/src/main/webapp/images/colorpicker_rgb_r.png b/id/ConfigWebTool/src/main/webapp/images/colorpicker_rgb_r.png
new file mode 100644
index 000000000..4855fe03f
--- /dev/null
+++ b/id/ConfigWebTool/src/main/webapp/images/colorpicker_rgb_r.png
Binary files differ
diff --git a/id/ConfigWebTool/src/main/webapp/images/colorpicker_select.gif b/id/ConfigWebTool/src/main/webapp/images/colorpicker_select.gif
new file mode 100644
index 000000000..599f7f13a
--- /dev/null
+++ b/id/ConfigWebTool/src/main/webapp/images/colorpicker_select.gif
Binary files differ
diff --git a/id/ConfigWebTool/src/main/webapp/images/colorpicker_submit.png b/id/ConfigWebTool/src/main/webapp/images/colorpicker_submit.png
new file mode 100644
index 000000000..7f4c0825f
--- /dev/null
+++ b/id/ConfigWebTool/src/main/webapp/images/colorpicker_submit.png
Binary files differ
diff --git a/id/ConfigWebTool/src/main/webapp/images/custom_background.png b/id/ConfigWebTool/src/main/webapp/images/custom_background.png
new file mode 100644
index 000000000..cf55ffdd6
--- /dev/null
+++ b/id/ConfigWebTool/src/main/webapp/images/custom_background.png
Binary files differ
diff --git a/id/ConfigWebTool/src/main/webapp/images/custom_hex.png b/id/ConfigWebTool/src/main/webapp/images/custom_hex.png
new file mode 100644
index 000000000..888f44449
--- /dev/null
+++ b/id/ConfigWebTool/src/main/webapp/images/custom_hex.png
Binary files differ
diff --git a/id/ConfigWebTool/src/main/webapp/images/custom_hsb_b.png b/id/ConfigWebTool/src/main/webapp/images/custom_hsb_b.png
new file mode 100644
index 000000000..2f99dae8e
--- /dev/null
+++ b/id/ConfigWebTool/src/main/webapp/images/custom_hsb_b.png
Binary files differ
diff --git a/id/ConfigWebTool/src/main/webapp/images/custom_hsb_h.png b/id/ConfigWebTool/src/main/webapp/images/custom_hsb_h.png
new file mode 100644
index 000000000..a217e9218
--- /dev/null
+++ b/id/ConfigWebTool/src/main/webapp/images/custom_hsb_h.png
Binary files differ
diff --git a/id/ConfigWebTool/src/main/webapp/images/custom_hsb_s.png b/id/ConfigWebTool/src/main/webapp/images/custom_hsb_s.png
new file mode 100644
index 000000000..7826b4150
--- /dev/null
+++ b/id/ConfigWebTool/src/main/webapp/images/custom_hsb_s.png
Binary files differ
diff --git a/id/ConfigWebTool/src/main/webapp/images/custom_indic.gif b/id/ConfigWebTool/src/main/webapp/images/custom_indic.gif
new file mode 100644
index 000000000..222fb94cf
--- /dev/null
+++ b/id/ConfigWebTool/src/main/webapp/images/custom_indic.gif
Binary files differ
diff --git a/id/ConfigWebTool/src/main/webapp/images/custom_rgb_b.png b/id/ConfigWebTool/src/main/webapp/images/custom_rgb_b.png
new file mode 100644
index 000000000..80764e5d6
--- /dev/null
+++ b/id/ConfigWebTool/src/main/webapp/images/custom_rgb_b.png
Binary files differ
diff --git a/id/ConfigWebTool/src/main/webapp/images/custom_rgb_g.png b/id/ConfigWebTool/src/main/webapp/images/custom_rgb_g.png
new file mode 100644
index 000000000..fc9778be1
--- /dev/null
+++ b/id/ConfigWebTool/src/main/webapp/images/custom_rgb_g.png
Binary files differ
diff --git a/id/ConfigWebTool/src/main/webapp/images/custom_rgb_r.png b/id/ConfigWebTool/src/main/webapp/images/custom_rgb_r.png
new file mode 100644
index 000000000..91b0cd4c5
--- /dev/null
+++ b/id/ConfigWebTool/src/main/webapp/images/custom_rgb_r.png
Binary files differ
diff --git a/id/ConfigWebTool/src/main/webapp/images/custom_submit.png b/id/ConfigWebTool/src/main/webapp/images/custom_submit.png
new file mode 100644
index 000000000..cd202cd93
--- /dev/null
+++ b/id/ConfigWebTool/src/main/webapp/images/custom_submit.png
Binary files differ
diff --git a/id/ConfigWebTool/src/main/webapp/images/select.png b/id/ConfigWebTool/src/main/webapp/images/select.png
new file mode 100644
index 000000000..21213bfd5
--- /dev/null
+++ b/id/ConfigWebTool/src/main/webapp/images/select.png
Binary files differ
diff --git a/id/ConfigWebTool/src/main/webapp/images/select2.png b/id/ConfigWebTool/src/main/webapp/images/select2.png
new file mode 100644
index 000000000..2cd2cabeb
--- /dev/null
+++ b/id/ConfigWebTool/src/main/webapp/images/select2.png
Binary files differ
diff --git a/id/ConfigWebTool/src/main/webapp/images/slider.png b/id/ConfigWebTool/src/main/webapp/images/slider.png
new file mode 100644
index 000000000..8b03da96e
--- /dev/null
+++ b/id/ConfigWebTool/src/main/webapp/images/slider.png
Binary files differ
diff --git a/id/ConfigWebTool/src/main/webapp/index.jsp b/id/ConfigWebTool/src/main/webapp/index.jsp
index 4e49eac75..4c78699fc 100644
--- a/id/ConfigWebTool/src/main/webapp/index.jsp
+++ b/id/ConfigWebTool/src/main/webapp/index.jsp
@@ -13,42 +13,56 @@
<body>
<h1><%=LanguageHelper.getGUIString("webpages.index.header", request) %></h1>
-
+
<div id="information_area">
+
+ <s:if test="hasActionMessages()">
+ <div id="message_area">
+ <label><%=LanguageHelper.getGUIString("message.title", request) %></label>
+ <s:actionmessage/>
+ </div>
+ </s:if>
+
<s:if test="hasActionErrors()">
<div id="error_area">
- <label><%=LanguageHelper.getGUIString("error.title", request) %></label>
- <s:actionerror/>
- </div>
- </s:if>
+ <label><%=LanguageHelper.getGUIString("error.title", request) %></label>
+ <s:actionerror/>
+ </div>
+ </s:if>
<div id="information_area">
<p><%=LanguageHelper.getGUIString("webpages.index.desciption.head", request) %></p>
<div class="oa_config_block">
- <s:form namespace="/" method="POST" enctype="multipart/form-data">
+ <s:form id="passwordlogin" namespace="/" method="POST" enctype="multipart/form-data">
<s:textfield name="username"
value="%{username}"
labelposition="left"
key="webpages.edituser.username"
- cssClass="textfield_long"
+ cssClass="textfield_mail"
maxlength="16">
</s:textfield>
<s:password name="password"
labelposition="left"
key="webpages.edituser.password"
- cssClass="textfield_long"
+ cssClass="textfield_mail"
maxlength="16">
</s:password>
<s:submit key="webpages.index.login" action="authenticate"/>
</s:form>
+
+ <s:if test="isPvp2LoginActiv()">
+ <div id="bkulogin">
+ <a id="bkuloginbutton" href="servlet/pvp2login"><%=LanguageHelper.getGUIString("webpages.index.login.pvp2", request) %></a>
+ </div>
+ </s:if>
</div>
-
+
</div>
</body>
diff --git a/id/ConfigWebTool/src/main/webapp/js/colorpicker.js b/id/ConfigWebTool/src/main/webapp/js/colorpicker.js
new file mode 100644
index 000000000..d54c0d271
--- /dev/null
+++ b/id/ConfigWebTool/src/main/webapp/js/colorpicker.js
@@ -0,0 +1,506 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
+/**
+ *
+ * Color picker
+ * Author: Stefan Petre www.eyecon.ro
+ *
+ * Dual licensed under the MIT and GPL licenses
+ *
+ */
+(function ($) {
+ var ColorPicker = function () {
+ var
+ ids = {},
+ inAction,
+ charMin = 65,
+ visible,
+ tpl = '<div class="colorpicker"><div class="colorpicker_color"><div><div></div></div></div><div class="colorpicker_hue"><div></div></div><div class="colorpicker_new_color"></div><div class="colorpicker_current_color"></div><div class="colorpicker_hex"><input type="text" maxlength="6" size="6" /></div><div class="colorpicker_rgb_r colorpicker_field"><input type="text" maxlength="3" size="3" /><span></span></div><div class="colorpicker_rgb_g colorpicker_field"><input type="text" maxlength="3" size="3" /><span></span></div><div class="colorpicker_rgb_b colorpicker_field"><input type="text" maxlength="3" size="3" /><span></span></div><div class="colorpicker_hsb_h colorpicker_field"><input type="text" maxlength="3" size="3" /><span></span></div><div class="colorpicker_hsb_s colorpicker_field"><input type="text" maxlength="3" size="3" /><span></span></div><div class="colorpicker_hsb_b colorpicker_field"><input type="text" maxlength="3" size="3" /><span></span></div><div class="colorpicker_submit"></div></div>',
+ defaults = {
+ eventName: 'click',
+ onShow: function () {},
+ onBeforeShow: function(){},
+ onHide: function () {},
+ onChange: function () {},
+ onSubmit: function () {},
+ color: 'ff0000',
+ livePreview: true,
+ flat: false
+ },
+ fillRGBFields = function (hsb, cal) {
+ var rgb = HSBToRGB(hsb);
+ $(cal).data('colorpicker').fields
+ .eq(1).val(rgb.r).end()
+ .eq(2).val(rgb.g).end()
+ .eq(3).val(rgb.b).end();
+ },
+ fillHSBFields = function (hsb, cal) {
+ $(cal).data('colorpicker').fields
+ .eq(4).val(hsb.h).end()
+ .eq(5).val(hsb.s).end()
+ .eq(6).val(hsb.b).end();
+ },
+ fillHexFields = function (hsb, cal) {
+ $(cal).data('colorpicker').fields
+ .eq(0).val(HSBToHex(hsb)).end();
+ },
+ setSelector = function (hsb, cal) {
+ $(cal).data('colorpicker').selector.css('backgroundColor', '#' + HSBToHex({h: hsb.h, s: 100, b: 100}));
+ $(cal).data('colorpicker').selectorIndic.css({
+ left: parseInt(150 * hsb.s/100, 10),
+ top: parseInt(150 * (100-hsb.b)/100, 10)
+ });
+ },
+ setHue = function (hsb, cal) {
+ $(cal).data('colorpicker').hue.css('top', parseInt(150 - 150 * hsb.h/360, 10));
+ },
+ setCurrentColor = function (hsb, cal) {
+ $(cal).data('colorpicker').currentColor.css('backgroundColor', '#' + HSBToHex(hsb));
+ },
+ setNewColor = function (hsb, cal) {
+ $(cal).data('colorpicker').newColor.css('backgroundColor', '#' + HSBToHex(hsb));
+ },
+ keyDown = function (ev) {
+ var pressedKey = ev.charCode || ev.keyCode || -1;
+ if ((pressedKey > charMin && pressedKey <= 90) || pressedKey == 32) {
+ return false;
+ }
+ var cal = $(this).parent().parent();
+ if (cal.data('colorpicker').livePreview === true) {
+ change.apply(this);
+ }
+ },
+ change = function (ev) {
+ var cal = $(this).parent().parent(), col;
+ if (this.parentNode.className.indexOf('_hex') > 0) {
+ cal.data('colorpicker').color = col = HexToHSB(fixHex(this.value));
+ } else if (this.parentNode.className.indexOf('_hsb') > 0) {
+ cal.data('colorpicker').color = col = fixHSB({
+ h: parseInt(cal.data('colorpicker').fields.eq(4).val(), 10),
+ s: parseInt(cal.data('colorpicker').fields.eq(5).val(), 10),
+ b: parseInt(cal.data('colorpicker').fields.eq(6).val(), 10)
+ });
+ } else {
+ cal.data('colorpicker').color = col = RGBToHSB(fixRGB({
+ r: parseInt(cal.data('colorpicker').fields.eq(1).val(), 10),
+ g: parseInt(cal.data('colorpicker').fields.eq(2).val(), 10),
+ b: parseInt(cal.data('colorpicker').fields.eq(3).val(), 10)
+ }));
+ }
+ if (ev) {
+ fillRGBFields(col, cal.get(0));
+ fillHexFields(col, cal.get(0));
+ fillHSBFields(col, cal.get(0));
+ }
+ setSelector(col, cal.get(0));
+ setHue(col, cal.get(0));
+ setNewColor(col, cal.get(0));
+ cal.data('colorpicker').onChange.apply(cal, [col, HSBToHex(col), HSBToRGB(col)]);
+ },
+ blur = function (ev) {
+ var cal = $(this).parent().parent();
+ cal.data('colorpicker').fields.parent().removeClass('colorpicker_focus');
+ },
+ focus = function () {
+ charMin = this.parentNode.className.indexOf('_hex') > 0 ? 70 : 65;
+ $(this).parent().parent().data('colorpicker').fields.parent().removeClass('colorpicker_focus');
+ $(this).parent().addClass('colorpicker_focus');
+ },
+ downIncrement = function (ev) {
+ var field = $(this).parent().find('input').focus();
+ var current = {
+ el: $(this).parent().addClass('colorpicker_slider'),
+ max: this.parentNode.className.indexOf('_hsb_h') > 0 ? 360 : (this.parentNode.className.indexOf('_hsb') > 0 ? 100 : 255),
+ y: ev.pageY,
+ field: field,
+ val: parseInt(field.val(), 10),
+ preview: $(this).parent().parent().data('colorpicker').livePreview
+ };
+ $(document).bind('mouseup', current, upIncrement);
+ $(document).bind('mousemove', current, moveIncrement);
+ },
+ moveIncrement = function (ev) {
+ ev.data.field.val(Math.max(0, Math.min(ev.data.max, parseInt(ev.data.val + ev.pageY - ev.data.y, 10))));
+ if (ev.data.preview) {
+ change.apply(ev.data.field.get(0), [true]);
+ }
+ return false;
+ },
+ upIncrement = function (ev) {
+ change.apply(ev.data.field.get(0), [true]);
+ ev.data.el.removeClass('colorpicker_slider').find('input').focus();
+ $(document).unbind('mouseup', upIncrement);
+ $(document).unbind('mousemove', moveIncrement);
+ return false;
+ },
+ downHue = function (ev) {
+ var current = {
+ cal: $(this).parent(),
+ y: $(this).offset().top
+ };
+ current.preview = current.cal.data('colorpicker').livePreview;
+ $(document).bind('mouseup', current, upHue);
+ $(document).bind('mousemove', current, moveHue);
+ },
+ moveHue = function (ev) {
+ change.apply(
+ ev.data.cal.data('colorpicker')
+ .fields
+ .eq(4)
+ .val(parseInt(360*(150 - Math.max(0,Math.min(150,(ev.pageY - ev.data.y))))/150, 10))
+ .get(0),
+ [ev.data.preview]
+ );
+ return false;
+ },
+ upHue = function (ev) {
+ fillRGBFields(ev.data.cal.data('colorpicker').color, ev.data.cal.get(0));
+ fillHexFields(ev.data.cal.data('colorpicker').color, ev.data.cal.get(0));
+ $(document).unbind('mouseup', upHue);
+ $(document).unbind('mousemove', moveHue);
+ return false;
+ },
+ downSelector = function (ev) {
+ var current = {
+ cal: $(this).parent(),
+ pos: $(this).offset()
+ };
+ current.preview = current.cal.data('colorpicker').livePreview;
+ $(document).bind('mouseup', current, upSelector);
+ $(document).bind('mousemove', current, moveSelector);
+ },
+ moveSelector = function (ev) {
+ change.apply(
+ ev.data.cal.data('colorpicker')
+ .fields
+ .eq(6)
+ .val(parseInt(100*(150 - Math.max(0,Math.min(150,(ev.pageY - ev.data.pos.top))))/150, 10))
+ .end()
+ .eq(5)
+ .val(parseInt(100*(Math.max(0,Math.min(150,(ev.pageX - ev.data.pos.left))))/150, 10))
+ .get(0),
+ [ev.data.preview]
+ );
+ return false;
+ },
+ upSelector = function (ev) {
+ fillRGBFields(ev.data.cal.data('colorpicker').color, ev.data.cal.get(0));
+ fillHexFields(ev.data.cal.data('colorpicker').color, ev.data.cal.get(0));
+ $(document).unbind('mouseup', upSelector);
+ $(document).unbind('mousemove', moveSelector);
+ return false;
+ },
+ enterSubmit = function (ev) {
+ $(this).addClass('colorpicker_focus');
+ },
+ leaveSubmit = function (ev) {
+ $(this).removeClass('colorpicker_focus');
+ },
+ clickSubmit = function (ev) {
+ var cal = $(this).parent();
+ var col = cal.data('colorpicker').color;
+ cal.data('colorpicker').origColor = col;
+ setCurrentColor(col, cal.get(0));
+ cal.data('colorpicker').onSubmit(col, HSBToHex(col), HSBToRGB(col), cal.data('colorpicker').el);
+ },
+ show = function (ev) {
+ var cal = $('#' + $(this).data('colorpickerId'));
+ cal.data('colorpicker').onBeforeShow.apply(this, [cal.get(0)]);
+ var pos = $(this).offset();
+ var viewPort = getViewport();
+ var top = pos.top + this.offsetHeight;
+ var left = pos.left;
+ if (top + 176 > viewPort.t + viewPort.h) {
+ top -= this.offsetHeight + 176;
+ }
+ if (left + 356 > viewPort.l + viewPort.w) {
+ left -= 356;
+ }
+ cal.css({left: left + 'px', top: top + 'px'});
+ if (cal.data('colorpicker').onShow.apply(this, [cal.get(0)]) != false) {
+ cal.show();
+ }
+ $(document).bind('mousedown', {cal: cal}, hide);
+ return false;
+ },
+ hide = function (ev) {
+ if (!isChildOf(ev.data.cal.get(0), ev.target, ev.data.cal.get(0))) {
+ if (ev.data.cal.data('colorpicker').onHide.apply(this, [ev.data.cal.get(0)]) != false) {
+ ev.data.cal.hide();
+ }
+ $(document).unbind('mousedown', hide);
+ }
+ },
+ isChildOf = function(parentEl, el, container) {
+ if (parentEl == el) {
+ return true;
+ }
+ if (parentEl.contains) {
+ return parentEl.contains(el);
+ }
+ if ( parentEl.compareDocumentPosition ) {
+ return !!(parentEl.compareDocumentPosition(el) & 16);
+ }
+ var prEl = el.parentNode;
+ while(prEl && prEl != container) {
+ if (prEl == parentEl)
+ return true;
+ prEl = prEl.parentNode;
+ }
+ return false;
+ },
+ getViewport = function () {
+ var m = document.compatMode == 'CSS1Compat';
+ return {
+ l : window.pageXOffset || (m ? document.documentElement.scrollLeft : document.body.scrollLeft),
+ t : window.pageYOffset || (m ? document.documentElement.scrollTop : document.body.scrollTop),
+ w : window.innerWidth || (m ? document.documentElement.clientWidth : document.body.clientWidth),
+ h : window.innerHeight || (m ? document.documentElement.clientHeight : document.body.clientHeight)
+ };
+ },
+ fixHSB = function (hsb) {
+ return {
+ h: Math.min(360, Math.max(0, hsb.h)),
+ s: Math.min(100, Math.max(0, hsb.s)),
+ b: Math.min(100, Math.max(0, hsb.b))
+ };
+ },
+ fixRGB = function (rgb) {
+ return {
+ r: Math.min(255, Math.max(0, rgb.r)),
+ g: Math.min(255, Math.max(0, rgb.g)),
+ b: Math.min(255, Math.max(0, rgb.b))
+ };
+ },
+ fixHex = function (hex) {
+ var len = 6 - hex.length;
+ if (len > 0) {
+ var o = [];
+ for (var i=0; i<len; i++) {
+ o.push('0');
+ }
+ o.push(hex);
+ hex = o.join('');
+ }
+ return hex;
+ },
+ HexToRGB = function (hex) {
+ var hex = parseInt(((hex.indexOf('#') > -1) ? hex.substring(1) : hex), 16);
+ return {r: hex >> 16, g: (hex & 0x00FF00) >> 8, b: (hex & 0x0000FF)};
+ },
+ HexToHSB = function (hex) {
+ return RGBToHSB(HexToRGB(hex));
+ },
+ RGBToHSB = function (rgb) {
+ var hsb = {
+ h: 0,
+ s: 0,
+ b: 0
+ };
+ var min = Math.min(rgb.r, rgb.g, rgb.b);
+ var max = Math.max(rgb.r, rgb.g, rgb.b);
+ var delta = max - min;
+ hsb.b = max;
+ if (max != 0) {
+
+ }
+ hsb.s = max != 0 ? 255 * delta / max : 0;
+ if (hsb.s != 0) {
+ if (rgb.r == max) {
+ hsb.h = (rgb.g - rgb.b) / delta;
+ } else if (rgb.g == max) {
+ hsb.h = 2 + (rgb.b - rgb.r) / delta;
+ } else {
+ hsb.h = 4 + (rgb.r - rgb.g) / delta;
+ }
+ } else {
+ hsb.h = -1;
+ }
+ hsb.h *= 60;
+ if (hsb.h < 0) {
+ hsb.h += 360;
+ }
+ hsb.s *= 100/255;
+ hsb.b *= 100/255;
+ return hsb;
+ },
+ HSBToRGB = function (hsb) {
+ var rgb = {};
+ var h = Math.round(hsb.h);
+ var s = Math.round(hsb.s*255/100);
+ var v = Math.round(hsb.b*255/100);
+ if(s == 0) {
+ rgb.r = rgb.g = rgb.b = v;
+ } else {
+ var t1 = v;
+ var t2 = (255-s)*v/255;
+ var t3 = (t1-t2)*(h%60)/60;
+ if(h==360) h = 0;
+ if(h<60) {rgb.r=t1; rgb.b=t2; rgb.g=t2+t3}
+ else if(h<120) {rgb.g=t1; rgb.b=t2; rgb.r=t1-t3}
+ else if(h<180) {rgb.g=t1; rgb.r=t2; rgb.b=t2+t3}
+ else if(h<240) {rgb.b=t1; rgb.r=t2; rgb.g=t1-t3}
+ else if(h<300) {rgb.b=t1; rgb.g=t2; rgb.r=t2+t3}
+ else if(h<360) {rgb.r=t1; rgb.g=t2; rgb.b=t1-t3}
+ else {rgb.r=0; rgb.g=0; rgb.b=0}
+ }
+ return {r:Math.round(rgb.r), g:Math.round(rgb.g), b:Math.round(rgb.b)};
+ },
+ RGBToHex = function (rgb) {
+ var hex = [
+ rgb.r.toString(16),
+ rgb.g.toString(16),
+ rgb.b.toString(16)
+ ];
+ $.each(hex, function (nr, val) {
+ if (val.length == 1) {
+ hex[nr] = '0' + val;
+ }
+ });
+ return hex.join('');
+ },
+ HSBToHex = function (hsb) {
+ return RGBToHex(HSBToRGB(hsb));
+ },
+ restoreOriginal = function () {
+ var cal = $(this).parent();
+ var col = cal.data('colorpicker').origColor;
+ cal.data('colorpicker').color = col;
+ fillRGBFields(col, cal.get(0));
+ fillHexFields(col, cal.get(0));
+ fillHSBFields(col, cal.get(0));
+ setSelector(col, cal.get(0));
+ setHue(col, cal.get(0));
+ setNewColor(col, cal.get(0));
+ };
+ return {
+ init: function (opt) {
+ opt = $.extend({}, defaults, opt||{});
+ if (typeof opt.color == 'string') {
+ opt.color = HexToHSB(opt.color);
+ } else if (opt.color.r != undefined && opt.color.g != undefined && opt.color.b != undefined) {
+ opt.color = RGBToHSB(opt.color);
+ } else if (opt.color.h != undefined && opt.color.s != undefined && opt.color.b != undefined) {
+ opt.color = fixHSB(opt.color);
+ } else {
+ return this;
+ }
+ return this.each(function () {
+ if (!$(this).data('colorpickerId')) {
+ var options = $.extend({}, opt);
+ options.origColor = opt.color;
+ var id = 'collorpicker_' + parseInt(Math.random() * 1000);
+ $(this).data('colorpickerId', id);
+ var cal = $(tpl).attr('id', id);
+ if (options.flat) {
+ cal.appendTo(this).show();
+ } else {
+ cal.appendTo(document.body);
+ }
+ options.fields = cal
+ .find('input')
+ .bind('keyup', keyDown)
+ .bind('change', change)
+ .bind('blur', blur)
+ .bind('focus', focus);
+ cal
+ .find('span').bind('mousedown', downIncrement).end()
+ .find('>div.colorpicker_current_color').bind('click', restoreOriginal);
+ options.selector = cal.find('div.colorpicker_color').bind('mousedown', downSelector);
+ options.selectorIndic = options.selector.find('div div');
+ options.el = this;
+ options.hue = cal.find('div.colorpicker_hue div');
+ cal.find('div.colorpicker_hue').bind('mousedown', downHue);
+ options.newColor = cal.find('div.colorpicker_new_color');
+ options.currentColor = cal.find('div.colorpicker_current_color');
+ cal.data('colorpicker', options);
+ cal.find('div.colorpicker_submit')
+ .bind('mouseenter', enterSubmit)
+ .bind('mouseleave', leaveSubmit)
+ .bind('click', clickSubmit);
+ fillRGBFields(options.color, cal.get(0));
+ fillHSBFields(options.color, cal.get(0));
+ fillHexFields(options.color, cal.get(0));
+ setHue(options.color, cal.get(0));
+ setSelector(options.color, cal.get(0));
+ setCurrentColor(options.color, cal.get(0));
+ setNewColor(options.color, cal.get(0));
+ if (options.flat) {
+ cal.css({
+ position: 'relative',
+ display: 'block'
+ });
+ } else {
+ $(this).bind(options.eventName, show);
+ }
+ }
+ });
+ },
+ showPicker: function() {
+ return this.each( function () {
+ if ($(this).data('colorpickerId')) {
+ show.apply(this);
+ }
+ });
+ },
+ hidePicker: function() {
+ return this.each( function () {
+ if ($(this).data('colorpickerId')) {
+ $('#' + $(this).data('colorpickerId')).hide();
+ }
+ });
+ },
+ setColor: function(col) {
+ if (typeof col == 'string') {
+ col = HexToHSB(col);
+ } else if (col.r != undefined && col.g != undefined && col.b != undefined) {
+ col = RGBToHSB(col);
+ } else if (col.h != undefined && col.s != undefined && col.b != undefined) {
+ col = fixHSB(col);
+ } else {
+ return this;
+ }
+ return this.each(function(){
+ if ($(this).data('colorpickerId')) {
+ var cal = $('#' + $(this).data('colorpickerId'));
+ cal.data('colorpicker').color = col;
+ cal.data('colorpicker').origColor = col;
+ fillRGBFields(col, cal.get(0));
+ fillHSBFields(col, cal.get(0));
+ fillHexFields(col, cal.get(0));
+ setHue(col, cal.get(0));
+ setSelector(col, cal.get(0));
+ setCurrentColor(col, cal.get(0));
+ setNewColor(col, cal.get(0));
+ }
+ });
+ }
+ };
+ }();
+ $.fn.extend({
+ ColorPicker: ColorPicker.init,
+ ColorPickerHide: ColorPicker.hidePicker,
+ ColorPickerShow: ColorPicker.showPicker,
+ ColorPickerSetColor: ColorPicker.setColor
+ });
+})(jQuery) \ No newline at end of file
diff --git a/id/ConfigWebTool/src/main/webapp/js/common.js b/id/ConfigWebTool/src/main/webapp/js/common.js
index 249cb37fa..11fc0b2be 100644
--- a/id/ConfigWebTool/src/main/webapp/js/common.js
+++ b/id/ConfigWebTool/src/main/webapp/js/common.js
@@ -1,3 +1,25 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
function oaBusinessService() {
if ($('#OAisbusinessservice').attr('checked') == 'checked') {
@@ -44,6 +66,29 @@ function oaPVP2(){
$('#button_pvp2_hidden').css('display', "block");
}
}
+function oaOAuth20(){
+ if ($('#oa_oauth20_area').css('display') == "block") {
+ $('#oa_oauth20_area').css('display', "none");
+ $('#button_oauth20_show').css('display', "block");
+ $('#button_oauth20_hidden').css('display', "none");
+ } else {
+ $('#oa_oauth20_area').css('display', "block");
+ $('#button_oauth20_show').css('display', "none");
+ $('#button_oauth20_hidden').css('display', "block");
+ }
+}
+function oaFormCustom() {
+ if ($('#formcustom_area').css('display') == "block") {
+ $('#formcustom_area').css('display', "none");
+ $('#formcustom_button_show').css('display', "block");
+ $('#formcustom_button_hidden').css('display', "none");
+ } else {
+ $('#formcustom_area').css('display', "block");
+ $('#formcustom_button_show').css('display', "none");
+ $('#formcustom_button_hidden').css('display', "block");
+ $("#formCustomPreview>iframe").attr("src", "./bkuFramePreview.action");
+ }
+}
function editOA(oaid){
$('#selectOAForm_OAID').val(oaid);
$('#selectOAForm').submit();
@@ -63,9 +108,95 @@ function oaLegacyService() {
}
}
+function AdminTarget() {
+ if ($('#adminTarget').attr('checked') == 'checked') {
+
+ $('#admin_target_area').css('display', "block");
+
+ } else {
+
+ $('#admin_target_area').css('display', "none");
+
+ }
+}
+function HideAdminTarget() {
+ $('#adminTarget').removeAttr("checked");
+ $('#admin_target_area').css('display', "none");
+}
+function oaTargetSubSector() {
+ if ($('#OAisTargetSubSector').attr('checked') == 'checked') {
+
+ $('#wwgrp_OAtarget_subsector').css('display', "block");
+
+ } else {
+
+ $('#wwgrp_OAtarget_subsector').css('display', "none");
+
+ }
+}
+function UseUserNamePassword() {
+ if ($('#isusernamepasswordallowed').size() == 0) {
+ $('#usernamepassword_area').css('display', "none");
+ return;
+ }
+
+ if ($('#isusernamepasswordallowed').attr('checked') == 'checked') {
+ if ($('#editUser_user_username').val() == "") {
+ $('#editUser_user_username').removeAttr("disabled");
+ }
+ $('#usernamepassword_area').css('display', "block");
+
+ } else {
+ $('#editUser_user_username').prop("disabled", "disabled");
+ $('#usernamepassword_area').css('display', "none");
+
+ }
+}
+function sendVerificationMail() {
+ $.ajax({
+ xhr: function() {
+ var xhr = new window.XMLHttpRequest();
+ return xhr;
+ },
+ type: "GET",
+ url: "servlet/sendVerificationMail.action",
+ data: "",
+ success: function (msg) {
+ alert(msg);
+ },
+ error: function () {
+ alert('Anfrage konnte nicht gesendet werden!');
+ },
+ });
+}
+function updateBKUFormPreview(module) {
+ var value = $("#"+module).val();
+
+ $("#formCustomPreview>iframe").attr("src", "./bkuFramePreview.action?module="+module+"&value="+encodeURIComponent(value.replace("#","")));
+}
+
+function userOnLoad() {
+ UseUserNamePassword();
+ return true;
+}
function oaOnLoad() {
oaBusinessService();
oaSSOService();
oaLegacyService();
+ AdminTarget();
+ oaTargetSubSector();
+
+ $(".colorfield").each(
+ function() {
+ $(this).ColorPicker({
+ color : $(this).val(),
+ onSubmit : function(hsb, hex, rgb, el) {
+ $(el).val(hex);
+ updateBKUFormPreview($(el).attr("id"));
+ }
+ });
+ }
+ );
+
return true;
} \ No newline at end of file
diff --git a/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp b/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp
index 2b24f0b89..05f4a1106 100644
--- a/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp
+++ b/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp
@@ -341,6 +341,9 @@
<br>
<br>
+
+ <s:hidden name="formID"
+ value="%{formID}"></s:hidden>
<div id="button_area">
<s:submit key="webpages.edit.back" action="backGeneralConfig"/>
diff --git a/id/ConfigWebTool/src/main/webapp/jsp/editOAGeneral.jsp b/id/ConfigWebTool/src/main/webapp/jsp/editOAGeneral.jsp
index 60f253222..97f0d01c2 100644
--- a/id/ConfigWebTool/src/main/webapp/jsp/editOAGeneral.jsp
+++ b/id/ConfigWebTool/src/main/webapp/jsp/editOAGeneral.jsp
@@ -1,16 +1,18 @@
<%@ page contentType="text/html;charset=UTF-8" %>
<%@page import="at.gv.egovernment.moa.id.configuration.helper.LanguageHelper"%>
<%@ taglib prefix="s" uri="/struts-tags" %>
-
+
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
<link rel="stylesheet" type="text/css" href="../css/index.css">
+ <link rel="stylesheet" media="screen" type="text/css" href="../css/colorpicker.css" />
+
<title><%=LanguageHelper.getGUIString("title", request) %></title>
<script type="text/javascript" src="../js/common.js"></script>
<script src="../js/jquery.js"></script>
-
+ <script type="text/javascript" src="../js/colorpicker.js"></script>
</head>
<body onload="oaOnLoad()">
@@ -64,123 +66,212 @@
key="webpages.oaconfig.general.isbusinessservice"
cssClass="checkbox"
onclick="oaBusinessService();"
- id="OAisbusinessservice">
+ id="OAisbusinessservice"
+ disabled="%{isOnlyBusinessService()}">
</s:checkbox>
</div>
<div id="oa_config_businessservice" class="oa_config_block">
<h3><%=LanguageHelper.getGUIString("webpages.oaconfig.general.business.header", request) %></h3>
+ <s:select list="generalOA.identificationTypeList"
+ key="webpages.oaconfig.general.business.value"
+ labelposition="left"
+ cssClass="selectfield"
+ value="%{generalOA.identificationType}"
+ name="generalOA.identificationType"
+ disabled="%{isDeaktivededBusinessService()}">
+ </s:select>
+
<s:textfield name="generalOA.identificationNumber"
value="%{generalOA.identificationNumber}"
- labelposition="left"
- key="webpages.oaconfig.general.business.value"
- cssClass="textfield_long">
+ cssClass="textfield_middle"
+ disabled="%{isDeaktivededBusinessService()}">
</s:textfield>
</div>
- <div id="oa_config_publicservice" class="oa_config_block">
- <h3><%=LanguageHelper.getGUIString("webpages.oaconfig.general.public.header", request) %></h3>
-
- <s:textfield name="generalOA.target"
- value="%{generalOA.target}"
- labelposition="left"
- key="webpages.oaconfig.general.target"
- cssClass="textfield_short">
- </s:textfield>
-
- <s:textfield name="generalOA.targetFriendlyName"
- value="%{generalOA.targetFriendlyName}"
- labelposition="left"
- key="webpages.oaconfig.general.target.friendlyname"
- cssClass="textfield_long">
- </s:textfield>
- </div>
-
- <div class="oa_config_block">
- <h3><%=LanguageHelper.getGUIString("webpages.oaconfig.general.bku.header", request) %></h3>
-
- <s:textfield name="generalOA.bkuOnlineURL"
- value="%{generalOA.bkuOnlineURL}"
- labelposition="left"
- key="webpages.oaconfig.general.bku.online"
- cssClass="textfield_long">
- </s:textfield>
-
- <s:textfield name="generalOA.bkuHandyURL"
- value="%{generalOA.bkuHandyURL}"
- labelposition="left"
- key="webpages.oaconfig.general.bku.handy"
- cssClass="textfield_long">
- </s:textfield>
-
- <s:textfield name="generalOA.bkuLocalURL"
- value="%{generalOA.bkuLocalURL}"
- labelposition="left"
- key="webpages.oaconfig.general.bku.local"
- cssClass="textfield_long">
- </s:textfield>
-
- <s:if test="authUser.isAdmin()">
- <s:textfield name="generalOA.slVersion"
- value="%{generalOA.slVersion}"
+ <s:if test="!isOnlyBusinessService()">
+ <div id="oa_config_publicservice" class="oa_config_block">
+ <h3><%=LanguageHelper.getGUIString("webpages.oaconfig.general.public.header", request) %></h3>
+
+ <s:if test="authUser.isAdmin()">
+ <s:select list="generalOA.targetList"
+ key="webpages.oaconfig.general.target"
+ labelposition="left"
+ cssClass="selectfield"
+ value="%{generalOA.target}"
+ name="generalOA.target"
+ onchange="HideAdminTarget();">
+ </s:select>
+ </s:if>
+ <s:else>
+ <s:select list="generalOA.targetList"
+ key="webpages.oaconfig.general.target"
+ labelposition="left"
+ cssClass="selectfield"
+ value="%{generalOA.target}"
+ name="generalOA.target">
+ </s:select>
+ </s:else>
+
+ <s:checkbox name="subTargetSet"
+ value="%{subTargetSet}"
labelposition="left"
- key="webpages.oaconfig.general.bku.slversion"
- cssClass="textfield_long">
+ key="webpages.oaconfig.general.target.subsector.checkbox"
+ cssClass="checkbox"
+ onclick="oaTargetSubSector();"
+ id="OAisTargetSubSector">
+ </s:checkbox>
+
+ <s:textfield name="generalOA.target_subsector"
+ value="%{generalOA.target_subsector}"
+ labelposition="left"
+ key="webpages.oaconfig.general.target.subsector"
+ cssClass="selectfield"
+ id="OAtarget_subsector">
</s:textfield>
- </s:if>
- <s:radio list="generalOA.keyBoxIdentifierList"
- name="generalOA.keyBoxIdentifier"
- value="%{generalOA.keyBoxIdentifier}"
- labelposition="left"
- key="webpages.oaconfig.general.bku.keyboxidentifier"
- cssClass="radio">
- </s:radio>
- <s:checkbox name="generalOA.legacy"
- value="%{generalOA.legacy}"
- labelposition="left"
- key="webpages.oaconfig.general.bku.legacy"
- cssClass="checkbox"
- onclick="oaLegacyService();"
- id="OAislegacy">
- </s:checkbox>
- <div id="oa_config_sltemplates">
- <s:textfield name="generalOA.SLTemplateURL1"
- value="%{generalOA.SLTemplateURL1}"
+
+
+ <s:if test="authUser.isAdmin()">
+ <s:checkbox
+ name="generalOA.AdminTarget"
+ value="%{generalOA.AdminTarget}"
+ cssClass="checkbox"
+ onclick="AdminTarget();"
+ labelposition="left"
+ key="webpages.oaconfig.general.target.admin.checkbox"
+ id="adminTarget">
+ </s:checkbox>
+
+ <div id="admin_target_area">
+ <s:textfield name="generalOA.target_admin"
+ value="%{generalOA.target_admin}"
+ labelposition="left"
+ key="webpages.oaconfig.general.target.admin"
+ cssClass="textfield_short">
+ </s:textfield>
+ <s:textfield name="generalOA.targetFriendlyName"
+ value="%{generalOA.targetFriendlyName}"
+ labelposition="left"
+ key="webpages.oaconfig.general.target.friendlyname"
+ cssClass="textfield_long">
+ </s:textfield>
+ </div>
+ </s:if>
+ <s:else>
+ <s:if test="generalOA.target_admin neq null">
+ <s:textfield name="generalOA.target_admin"
+ value="%{generalOA.target_admin}"
+ labelposition="left"
+ key="webpages.oaconfig.general.target.admin.disabled"
+ cssClass="textfield_short"
+ disabled="true">
+ </s:textfield>
+ </s:if>
+ <%-- <s:if test="generalOA.targetFriendlyName neq null">
+ <s:textfield name="generalOA.targetFriendlyName"
+ value="%{generalOA.targetFriendlyName}"
+ labelposition="left"
+ key="webpages.oaconfig.general.target.friendlyname.disabled"
+ cssClass="textfield_long">
+ </s:textfield>
+ </s:if> --%>
+ </s:else>
+ </div>
+ </s:if>
+
+ <s:if test="authUser.isAdmin()">
+ <div class="oa_config_block">
+ <h3><%=LanguageHelper.getGUIString("webpages.oaconfig.general.bku.header", request) %></h3>
+
+ <s:textfield name="generalOA.bkuOnlineURL"
+ value="%{generalOA.bkuOnlineURL}"
labelposition="left"
- key="webpages.oaconfig.general.bku.sltemplate.first"
+ key="webpages.oaconfig.general.bku.online"
cssClass="textfield_long">
</s:textfield>
- <s:textfield name="generalOA.SLTemplateURL2"
- value="%{generalOA.SLTemplateURL2}"
+
+ <s:textfield name="generalOA.bkuHandyURL"
+ value="%{generalOA.bkuHandyURL}"
labelposition="left"
- key="webpages.oaconfig.general.bku.sltemplate.second"
+ key="webpages.oaconfig.general.bku.handy"
cssClass="textfield_long">
</s:textfield>
- <s:textfield name="generalOA.SLTemplateURL3"
- value="%{generalOA.SLTemplateURL3}"
+
+ <s:textfield name="generalOA.bkuLocalURL"
+ value="%{generalOA.bkuLocalURL}"
labelposition="left"
- key="webpages.oaconfig.general.bku.sltemplate.third"
+ key="webpages.oaconfig.general.bku.local"
cssClass="textfield_long">
</s:textfield>
+
+ <s:radio list="generalOA.keyBoxIdentifierList"
+ name="generalOA.keyBoxIdentifier"
+ value="%{generalOA.keyBoxIdentifier}"
+ labelposition="left"
+ key="webpages.oaconfig.general.bku.keyboxidentifier"
+ cssClass="radio">
+ </s:radio>
+ <s:checkbox name="generalOA.legacy"
+ value="%{generalOA.legacy}"
+ labelposition="left"
+ key="webpages.oaconfig.general.bku.legacy"
+ cssClass="checkbox"
+ onclick="oaLegacyService();"
+ id="OAislegacy">
+ </s:checkbox>
+ <div id="oa_config_sltemplates">
+ <s:textfield name="generalOA.SLTemplateURL1"
+ value="%{generalOA.SLTemplateURL1}"
+ labelposition="left"
+ key="webpages.oaconfig.general.bku.sltemplate.first"
+ cssClass="textfield_long">
+ </s:textfield>
+ <s:textfield name="generalOA.SLTemplateURL2"
+ value="%{generalOA.SLTemplateURL2}"
+ labelposition="left"
+ key="webpages.oaconfig.general.bku.sltemplate.second"
+ cssClass="textfield_long">
+ </s:textfield>
+ <s:textfield name="generalOA.SLTemplateURL3"
+ value="%{generalOA.SLTemplateURL3}"
+ labelposition="left"
+ key="webpages.oaconfig.general.bku.sltemplate.third"
+ cssClass="textfield_long">
+ </s:textfield>
+ </div>
</div>
-
-
- </div>
+ </s:if>
<div class="oa_config_block">
<h3><%=LanguageHelper.getGUIString("webpages.oaconfig.general.mandate.header", request) %></h3>
+
+ <s:checkbox name="generalOA.useMandates"
+ value="%{generalOA.useMandates}"
+ labelposition="left"
+ key="webpages.oaconfig.general.mandate.usemandate"
+ cssClass="checkbox">
+ </s:checkbox>
+
<s:textfield name="generalOA.mandateProfiles"
value="%{generalOA.mandateProfiles}"
labelposition="left"
key="webpages.oaconfig.general.mandate.profiles"
cssClass="textfield_long">
</s:textfield>
+
+ <s:checkbox name="formOA.onlyMandateAllowed"
+ value="%{formOA.onlyMandateAllowed}"
+ labelposition="left"
+ key="webpages.oaconfig.general.BKUSelection.isOnlyMandateLoginAllowed"
+ cssClass="checkbox">
+ </s:checkbox>
+
</div>
<div class="oa_config_block">
- <h3><%=LanguageHelper.getGUIString("webpages.oaconfig.sso.header", request) %></h3>
+ <p><strong><%=LanguageHelper.getGUIString("webpages.oaconfig.sso.header", request) %></strong></p>
<s:checkbox name="ssoOA.useSSO"
value="%{ssoOA.useSSO}"
@@ -213,12 +304,15 @@
<div class="oa_config_block">
<h3><%=LanguageHelper.getGUIString("webpages.oaconfig.protocols.header", request) %></h3>
- <button type="button" class="oa_buttons" onclick="oaSAML1();" id="button_smal1_show">
- <%=LanguageHelper.getGUIString("webpages.oaconfig.menu.saml1.show", request) %>
- </button>
- <button type="button" class="oa_buttons" onclick="oaSAML1();" id="button_saml1_hidden">
- <%=LanguageHelper.getGUIString("webpages.oaconfig.menu.saml1.hidden", request) %>
- </button>
+
+ <s:if test="authUser.isAdmin() || saml1OA.isActive()">
+ <button type="button" class="oa_buttons" onclick="oaSAML1();" id="button_smal1_show">
+ <%=LanguageHelper.getGUIString("webpages.oaconfig.menu.saml1.show", request) %>
+ </button>
+ <button type="button" class="oa_buttons" onclick="oaSAML1();" id="button_saml1_hidden">
+ <%=LanguageHelper.getGUIString("webpages.oaconfig.menu.saml1.hidden", request) %>
+ </button>
+ </s:if>
<button type="button" class="oa_buttons" onclick="oaPVP2();" id="button_pvp2_show">
<%=LanguageHelper.getGUIString("webpages.oaconfig.menu.pvp2.show", request) %>
@@ -226,9 +320,25 @@
<button type="button" class="oa_buttons" onclick="oaPVP2();" id="button_pvp2_hidden">
<%=LanguageHelper.getGUIString("webpages.oaconfig.menu.pvp2.hidden", request) %>
</button>
+
+ <button type="button" class="oa_buttons" onclick="oaOAuth20();" id="button_oauth20_show">
+ <%=LanguageHelper.getGUIString("webpages.oaconfig.menu.oauth20.show", request) %>
+ </button>
+ <button type="button" style="display:none" class="oa_buttons" onclick="oaOAuth20();" id="button_oauth20_hidden">
+ <%=LanguageHelper.getGUIString("webpages.oaconfig.menu.oauth20.hidden", request) %>
+ </button>
<div id="oa_saml1_area" class="oa_protocol_area">
<h4><%=LanguageHelper.getGUIString("webpages.oaconfig.protocols.saml1.header", request) %></h4>
+
+ <s:if test="authUser.isAdmin()">
+ <s:checkbox name="saml1OA.Active"
+ value="%{saml1OA.Active}"
+ labelposition="left"
+ key="webpages.oaconfig.saml1.isActice"
+ cssClass="checkbox">
+ </s:checkbox>
+ </s:if>
<s:checkbox name="saml1OA.provideStammZahl"
value="%{saml1OA.provideStammZahl}"
labelposition="left"
@@ -241,13 +351,13 @@
key="webpages.oaconfig.saml1.provideAuthBlock"
cssClass="checkbox">
</s:checkbox>
+ <br>
<s:checkbox name="saml1OA.provideIdentityLink"
value="%{saml1OA.provideIdentityLink}"
labelposition="left"
key="webpages.oaconfig.saml1.provideIdentityLink"
cssClass="checkbox">
- </s:checkbox>
- <br>
+ </s:checkbox>
<s:checkbox name="saml1OA.provideCertificate"
value="%{saml1OA.provideCertificate}"
labelposition="left"
@@ -294,44 +404,171 @@
<s:file name="pvp2OA.fileUpload" key="webpages.oaconfig.pvp2.certifcate" cssClass="textfield_long"></s:file>
</div>
</div>
+
+ <div id="oa_oauth20_area" class="oa_protocol_area">
+ <h4><%=LanguageHelper.getGUIString("webpages.oaconfig.protocols.oauth20.header", request) %></h4>
+
+ <s:label key="webpages.oaconfig.oauth20.clientId" value="%{oauth20OA.clientId}"/>
+
+ <s:label key="webpages.oaconfig.oauth20.clientSecret" value="%{oauth20OA.clientSecret}"/>
+
+ <s:textfield name="oauth20OA.redirectUri"
+ value="%{oauth20OA.redirectUri}"
+ labelposition="left"
+ key="webpages.oaconfig.oauth20.redirectUri"
+ cssClass="textfield_long">
+ </s:textfield>
+ </div>
</div>
<div class="oa_config_block">
<h3><%=LanguageHelper.getGUIString("webpages.oaconfig.general.aditional.header", request) %></h3>
- <s:checkbox name="generalOA.useIFrame"
- value="%{generalOA.useIFrame}"
- labelposition="left"
- key="webpages.oaconfig.general.aditional.iframe"
- cssClass="checkbox">
- </s:checkbox>
-
- <s:checkbox name="generalOA.useUTC"
- value="%{generalOA.useUTC}"
- labelposition="left"
- key="webpages.oaconfig.general.aditional.useUTC"
- cssClass="checkbox">
- </s:checkbox>
-
<%-- <s:checkbox name="generalOA.calculateHPI"
value="%{generalOA.calculateHPI}"
labelposition="left"
key="webpages.oaconfig.general.aditional.calculateHPI"
cssClass="textfield_long">
</s:checkbox> --%>
-
- <s:textarea name="generalOA.aditionalAuthBlockText"
- value="%{generalOA.aditionalAuthBlockText}"
+
+ <s:checkbox name="generalOA.HideBPKAuthBlock"
+ value="%{generalOA.HideBPKAuthBlock}"
labelposition="left"
- key="webpages.oaconfig.general.aditional.authblocktext"
- cssClass="textfield_large">
- </s:textarea>
+ key="webpages.oaconfig.general.isHideBPKAuthBlock"
+ cssClass="checkbox">
+ </s:checkbox>
+ <s:if test="authUser.isAdmin()">
+ <s:textarea name="generalOA.aditionalAuthBlockText"
+ value="%{generalOA.aditionalAuthBlockText}"
+ labelposition="left"
+ key="webpages.oaconfig.general.aditional.authblocktext"
+ cssClass="textfield_large">
+ </s:textarea>
+
+
+ <button type="button" class="oa_buttons" onclick="oaFormCustom();" id="formcustom_button_show">
+ <%=LanguageHelper.getGUIString("webpages.oaconfig.general.BKUSelection.button.show", request) %>
+ </button>
+ <button type="button" class="oa_buttons" onclick="oaFormCustom();" id="formcustom_button_hidden">
+ <%=LanguageHelper.getGUIString("webpages.oaconfig.general.BKUSelection.button.hidden", request) %>
+ </button>
+
+ <div id="formcustom_area" class="oa_protocol_area">
+ <h4><%=LanguageHelper.getGUIString("webpages.oaconfig.general.BKUSelection.header", request) %></h4>
+
+ <div id="formCustomValues">
+ <s:textfield name="formOA.backGroundColor"
+ value="%{formOA.backGroundColor}"
+ labelposition="left"
+ key="webpages.oaconfig.general.BKUSelection.backgroundcolor"
+ cssClass="textfield_middle colorfield"
+ onchange='updateBKUFormPreview("MAIN_BACKGOUNDCOLOR")'
+ id="MAIN_BACKGOUNDCOLOR">
+ </s:textfield>
+ <s:textfield name="formOA.frontColor"
+ value="%{formOA.frontColor}"
+ labelposition="left"
+ key="webpages.oaconfig.general.BKUSelection.frontcolor"
+ cssClass="textfield_middle colorfield"
+ onchange='updateBKUFormPreview("MAIN_COLOR")'
+ id="MAIN_COLOR">
+ </s:textfield>
+
+ <s:textfield name="formOA.header_BackGroundColor"
+ value="%{formOA.header_BackGroundColor}"
+ labelposition="left"
+ key="webpages.oaconfig.general.BKUSelection.header.backgroundcolor"
+ cssClass="textfield_middle colorfield"
+ onchange='updateBKUFormPreview("HEADER_BACKGROUNDCOLOR")'
+ id="HEADER_BACKGROUNDCOLOR">
+ </s:textfield>
+ <s:textfield name="formOA.header_FrontColor"
+ value="%{formOA.header_FrontColor}"
+ labelposition="left"
+ key="webpages.oaconfig.general.BKUSelection.header.frontcolor"
+ cssClass="textfield_middle colorfield"
+ onchange='updateBKUFormPreview("HEADER_COLOR")'
+ id="HEADER_COLOR">
+ </s:textfield>
+ <s:textfield name="formOA.header_text"
+ value="%{formOA.header_text}"
+ labelposition="left"
+ key="webpages.oaconfig.general.BKUSelection.header.text"
+ cssClass="textfield_middle"
+ onchange='updateBKUFormPreview("HEADER_TEXT")'
+ id="HEADER_TEXT">
+ </s:textfield>
+
+ <%-- <s:textfield name="formOA.button_BackGroundColor"
+ value="%{formOA.button_BackGroundColor}"
+ labelposition="left"
+ key="webpages.oaconfig.general.BKUSelection.header.button.background"
+ cssClass="textfield_middle colorfield"
+ onchange='updateBKUFormPreview("BUTTON_BACKGROUNDCOLOR")'
+ id="BUTTON_BACKGROUNDCOLOR">
+ </s:textfield>
+ <s:textfield name="formOA.button_BackGroundColorFocus"
+ value="%{formOA.button_BackGroundColorFocus}"
+ labelposition="left"
+ key="webpages.oaconfig.general.BKUSelection.header.button.background.focus"
+ cssClass="textfield_middle colorfield"
+ onchange='updateBKUFormPreview("BUTTON_BACKGROUNDCOLOR_FOCUS")'
+ id="BUTTON_BACKGROUNDCOLOR_FOCUS">
+ </s:textfield>
+ <s:textfield name="formOA.button_FrontColor"
+ value="%{formOA.button_FrontColor}"
+ labelposition="left"
+ key="webpages.oaconfig.general.BKUSelection.header.button.front"
+ cssClass="textfield_middle colorfield"
+ onchange='updateBKUFormPreview("BUTTON_COLOR")'
+ id="BUTTON_COLOR">
+ </s:textfield> --%>
+
+ <s:select list="formOA.appletRedirectTargetList"
+ key="webpages.oaconfig.general.BKUSelection.redirectTarget"
+ labelposition="left"
+ cssClass="selectfield"
+ value="%{formOA.appletRedirectTarget}"
+ name="formOA.appletRedirectTarget">
+ </s:select>
+
+ <s:select list="formOA.fontTypeList"
+ key="webpages.oaconfig.general.BKUSelection.fonttype.list"
+ labelposition="left"
+ cssClass="selectfield"
+ value="%{formOA.fontType}"
+ name="formOA.fontTypeListValue"
+ id="fontTypeList"
+ onchange='$("#FONTTYPE").val($("#fontTypeList").val());updateBKUFormPreview("FONTTYPE");'>
+ </s:select>
+
+ <s:textfield name="formOA.fontType"
+ value="%{formOA.fontType}"
+ labelposition="left"
+ key="webpages.oaconfig.general.BKUSelection.fonttype"
+ cssClass="textfield_mail"
+ onchange='updateBKUFormPreview("FONTTYPE")'
+ id="FONTTYPE">
+ </s:textfield>
+ </div>
+
+ <div id="formCustomPreview">
+ <iframe scrolling="none"
+ title="BKUForm Preview"
+ height="220"
+ width="250">
+ </iframe>
+ </div>
+
+ </div>
+ </s:if>
+
</div>
-<%-- <s:hidden name="generalOA.dbID"
- value="%{generalOA.dbID}"></s:hidden> --%>
+ <s:hidden name="formID"
+ value="%{formID}"></s:hidden>
<div id="button_area">
diff --git a/id/ConfigWebTool/src/main/webapp/jsp/edituser.jsp b/id/ConfigWebTool/src/main/webapp/jsp/edituser.jsp
index 067bcd57d..994389de3 100644
--- a/id/ConfigWebTool/src/main/webapp/jsp/edituser.jsp
+++ b/id/ConfigWebTool/src/main/webapp/jsp/edituser.jsp
@@ -6,20 +6,29 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
+ <title><%=LanguageHelper.getGUIString("title", request) %></title>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
+
<link rel="stylesheet" type="text/css" href="../css/index.css">
- <title><%=LanguageHelper.getGUIString("title", request) %></title>
<script type="text/javascript" src="../js/common.js"></script>
<script src="../js/jquery.js"></script>
</head>
- <body>
+ <body onload="userOnLoad();">
<jsp:include page="snippets/header_userinfos.jsp"></jsp:include>
-
+
<jsp:include page="snippets/main_menu.jsp"></jsp:include>
<div id="information_area">
+
+ <s:if test="hasActionMessages()">
+ <div id="error_area">
+ <label><%=LanguageHelper.getGUIString("error.title", request) %></label>
+ <s:actionmessage/>
+ </div>
+ </s:if>
+
<s:if test="hasActionErrors()">
<div id="error_area">
<label><%=LanguageHelper.getGUIString("error.title", request) %></label>
@@ -28,118 +37,26 @@
</s:if>
<div id="list_area">
-
+
<s:form namespace="/secure" method="POST" enctype="multipart/form-data">
-
- <div class="oa_config_block">
- <h3><%=LanguageHelper.getGUIString("webpages.edituser.header", request) %></h3>
- <s:textfield name="user.givenName"
- value="%{user.givenName}"
- labelposition="left"
- key="webpages.edituser.givenname"
- cssClass="textfield_long">
- </s:textfield>
- <s:textfield name="user.familyName"
- value="%{user.familyName}"
- labelposition="left"
- key="webpages.edituser.familyName"
- cssClass="textfield_long">
- </s:textfield>
- <s:textfield name="user.institut"
- value="%{user.institut}"
- labelposition="left"
- key="webpages.edituser.institut"
- cssClass="textfield_long">
- </s:textfield>
- <s:textfield name="user.mail"
- value="%{user.mail}"
- labelposition="left"
- key="webpages.edituser.mail"
- cssClass="textfield_long">
- </s:textfield>
- <s:textfield name="user.phone"
- value="%{user.phone}"
- labelposition="left"
- key="webpages.edituser.phone"
- cssClass="textfield_long">
- </s:textfield>
- </div>
+ <jsp:include page="snippets/userfields.jsp"></jsp:include>
- <div class="oa_config_block">
- <h3><%=LanguageHelper.getGUIString("webpages.edituser.access.header", request) %></h3>
- <s:if test="isNewUser()">
- <s:textfield name="user.username"
- value="%{user.username}"
- labelposition="left"
- key="webpages.edituser.username"
- cssClass="textfield_long"
- maxlength="16">
- </s:textfield>
- </s:if>
- <s:else>
- <s:textfield name="user.username"
- value="%{user.username}"
- labelposition="left"
- key="webpages.edituser.username"
- cssClass="textfield_long"
- disabled="true"
- maxlength="16">
- </s:textfield>
- </s:else>
-
- <s:password name="user.password"
- labelposition="left"
- key="webpages.edituser.password"
- cssClass="textfield_long"
- maxlength="16">
- </s:password>
-
- <s:password name="user.password_second"
- labelposition="left"
- key="webpages.edituser.password_second"
- cssClass="textfield_long"
- maxlength="16">
- </s:password>
-
- <s:textfield name="user.bpk"
- value="%{user.bpk}"
- labelposition="left"
- key="webpages.edituser.bpk"
- cssClass="textfield_long">
- </s:textfield>
- </div>
-
- <s:if test="authUser.isAdmin()">
- <div class="oa_config_block">
- <h3><%=LanguageHelper.getGUIString("webpages.edituser.role.header", request) %></h3>
- <s:checkbox name="user.active"
- value="%{user.active}"
- labelposition="left"
- key="webpages.edituser.active"
- cssClass="checkbox">
- </s:checkbox>
- <s:checkbox name="user.admin"
- value="%{user.admin}"
- labelposition="left"
- key="webpages.edituser.admin"
- cssClass="checkbox">
- </s:checkbox>
- </div>
- </s:if>
-
- <s:hidden name="user.userID" value="%{user.userID}"></s:hidden>
+ <s:hidden name="formID" value="%{formID}"></s:hidden>
<div id="button_area">
<s:if test="authUser.isAdmin()">
- <s:submit key="webpages.edit.back" action="usermanagementInit"/>
- </s:if>
+ <s:submit key="webpages.edit.back" action="%{nextPage}"/>
+ </s:if>
+
<s:submit key="webpages.edit.save" action="saveUser"/>
- <s:if test="!isNewUser()">
- <s:submit key="webpages.edit.delete.user" action="deleteUser"/>
+ <s:if test="!isNewUser()">
+ <s:submit key="webpages.edit.delete.user" action="deleteUser"/>
</s:if>
- </div>
+ </div>
+
</s:form>
+
</div>
</div>
diff --git a/id/ConfigWebTool/src/main/webapp/jsp/importexport.jsp b/id/ConfigWebTool/src/main/webapp/jsp/importexport.jsp
index b28bc5f57..c619e64b1 100644
--- a/id/ConfigWebTool/src/main/webapp/jsp/importexport.jsp
+++ b/id/ConfigWebTool/src/main/webapp/jsp/importexport.jsp
@@ -42,6 +42,8 @@
<h3><%=LanguageHelper.getGUIString("webpages.inportexport.legacyimport.header", request) %></h3>
<s:file name="fileUpload" key="webpages.inportexport.legacyimport.upload" cssClass="textfield_long"></s:file>
+ <s:hidden name="formID" value="%{formID}"></s:hidden>
+
<div id="button_area">
<%-- <s:submit key="webpages.edit.back" action="main"/> --%>
<s:submit key="webpages.edit.import" action="importlegacy"/>
@@ -57,6 +59,8 @@
<h3><%=LanguageHelper.getGUIString("webpages.inportexport.import.header", request) %></h3>
<s:file name="fileUpload" key="webpages.inportexport.import.upload" cssClass="textfield_long"></s:file>
+ <s:hidden name="formID" value="%{formID}"></s:hidden>
+
<div id="button_area">
<s:submit key="webpages.edit.import" action="importConfig"/>
<s:submit key="webpages.edit.export" action="exportConfig"/>
diff --git a/id/ConfigWebTool/src/main/webapp/jsp/mainpage.jsp b/id/ConfigWebTool/src/main/webapp/jsp/mainpage.jsp
index b700970cc..c9f1e00f6 100644
--- a/id/ConfigWebTool/src/main/webapp/jsp/mainpage.jsp
+++ b/id/ConfigWebTool/src/main/webapp/jsp/mainpage.jsp
@@ -25,6 +25,14 @@
<s:actionmessage/>
</div>
</s:if>
+
+ <s:if test="hasActionErrors()">
+ <div id="error_area">
+ <label><%=LanguageHelper.getGUIString("error.title", request) %></label>
+ <s:actionerror/>
+ </div>
+ </s:if>
+
<p>Im Menü auf der rechten Seite können Sie die einzelnen Operationen wählen.</p>
</div>
diff --git a/id/ConfigWebTool/src/main/webapp/jsp/newUserRequest.jsp b/id/ConfigWebTool/src/main/webapp/jsp/newUserRequest.jsp
new file mode 100644
index 000000000..9995f9f31
--- /dev/null
+++ b/id/ConfigWebTool/src/main/webapp/jsp/newUserRequest.jsp
@@ -0,0 +1,57 @@
+<%@page import="at.gv.egovernment.moa.id.configuration.helper.LanguageHelper"%>
+
+<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%>
+<%@ taglib prefix="s" uri="/struts-tags" %>
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<html>
+ <head>
+ <title><%=LanguageHelper.getGUIString("title", request) %></title>
+ <meta content="text/html; charset=utf-8" http-equiv="Content-Type">
+
+ <link rel="stylesheet" type="text/css" href="./css/index.css">
+ <script type="text/javascript" src="./js/common.js"></script>
+ <script src="./js/jquery.js"></script>
+ </head>
+
+ <body>
+
+ <jsp:include page="snippets/header_userinfos.jsp"></jsp:include>
+
+ <div id="information_area">
+
+ <s:if test="!authUser.isAuthenticated()">
+ <p>Füllen sie die nachstehenden Felder aus um einen neuen Benutzer zu beantraten.</p>
+ <p>Danach erhalten sie eine Mail zur Verifzierung Ihrer Mailadresse.
+ Nach Bestätiung dieser Verifikationsmail wird der Administrator über Ihre Anfrage informiert.
+ Die Freischaltung kann somit eine gewisse Zeit in Anspruch nehmen. </p>
+
+ </s:if>
+
+ <s:if test="hasActionErrors()">
+ <div id="error_area">
+ <label><%=LanguageHelper.getGUIString("error.title", request) %></label>
+ <s:actionerror/>
+ </div>
+ </s:if>
+
+ <div id="list_area">
+
+ <s:form namespace="/" method="POST" enctype="multipart/form-data">
+ <jsp:include page="snippets/userfields.jsp"></jsp:include>
+
+ <s:hidden name="formID" value="%{formID}"></s:hidden>
+
+ <div id="button_area">
+ <s:submit key="webpages.edit.newUser" action="requestNewUser"/>
+ </div>
+
+ </s:form>
+
+ </div>
+ </div>
+
+ <jsp:include page="snippets/footer.jsp"></jsp:include>
+
+ </body>
+</html> \ No newline at end of file
diff --git a/id/ConfigWebTool/src/main/webapp/jsp/openadminrequests.jsp b/id/ConfigWebTool/src/main/webapp/jsp/openadminrequests.jsp
new file mode 100644
index 000000000..954bf9b8b
--- /dev/null
+++ b/id/ConfigWebTool/src/main/webapp/jsp/openadminrequests.jsp
@@ -0,0 +1,51 @@
+<%@page import="at.gv.egovernment.moa.id.configuration.helper.LanguageHelper"%>
+
+<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%>
+<%@ taglib prefix="s" uri="/struts-tags" %>
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<html>
+ <head>
+ <meta content="text/html; charset=utf-8" http-equiv="Content-Type">
+ <link rel="stylesheet" type="text/css" href="../css/index.css">
+ <title><%=LanguageHelper.getGUIString("title", request) %></title>
+ <script type="text/javascript" src="../js/common.js"></script>
+ <script src="../js/jquery.js"></script>
+ </head>
+
+ <body>
+
+ <jsp:include page="snippets/header_userinfos.jsp"></jsp:include>
+
+ <jsp:include page="snippets/main_menu.jsp"></jsp:include>
+
+ <div id="information_area">
+ <s:if test="hasActionErrors()">
+ <div id="error_area">
+ <label><%=LanguageHelper.getGUIString("error.title", request) %></label>
+ <s:actionerror/>
+ </div>
+ </s:if>
+
+ <h2><%=LanguageHelper.getGUIString("webpages.openadminrequests.header", request) %></h2>
+
+ <s:if test="authUser.isAdmin()">
+
+ <div class="oa_config_block">
+ <h3><%=LanguageHelper.getGUIString("webpages.openadminrequests.users.header", request) %></h3>
+ <jsp:include page="snippets/user_list.jsp"></jsp:include>
+ </div>
+
+ <div class="oa_config_block">
+ <h3><%=LanguageHelper.getGUIString("webpages.openadminrequests.oas.header", request) %></h3>
+ <jsp:include page="snippets/oas_list.jsp"></jsp:include>
+ </div>
+
+ </s:if>
+
+ </div>
+
+ <jsp:include page="snippets/footer.jsp"></jsp:include>
+
+ </body>
+</html> \ No newline at end of file
diff --git a/id/ConfigWebTool/src/main/webapp/jsp/snippets/header_userinfos.jsp b/id/ConfigWebTool/src/main/webapp/jsp/snippets/header_userinfos.jsp
index 72affde79..e9192b46e 100644
--- a/id/ConfigWebTool/src/main/webapp/jsp/snippets/header_userinfos.jsp
+++ b/id/ConfigWebTool/src/main/webapp/jsp/snippets/header_userinfos.jsp
@@ -5,9 +5,14 @@
<html>
<div id="header_area">
<!-- <div> -->
- <%=LanguageHelper.getGUIString("webpages.header.info", request) %>
- <s:property value="authUser.givenName"/> <s:property value="authUser.familyName"/>,&nbsp;&nbsp;&nbsp;
- <%=LanguageHelper.getGUIString("webpages.header.lastlogin", request) %> <s:property value="authUser.lastLogin"/>
+ <%=LanguageHelper.getGUIString("webpages.header.info", request) %>
+ <s:if test="authUser.isMandateUser()">
+ <s:property value="authUser.institute"/>
+ </s:if>
+ <s:else>
+ <s:property value="authUser.givenName"/> <s:property value="authUser.familyName"/>,&nbsp;&nbsp;&nbsp;
+ </s:else>
+ <%=LanguageHelper.getGUIString("webpages.header.lastlogin", request) %> <s:property value="authUser.getFormatedLastLogin()"/>
<s:url action="logout" var="logoutURL" namespace="/"/>
<a id="logoutbutton" href="<s:property value="#logoutURL" />"><%=LanguageHelper.getGUIString("webpages.index.logout", request) %></a>
diff --git a/id/ConfigWebTool/src/main/webapp/jsp/snippets/main_menu.jsp b/id/ConfigWebTool/src/main/webapp/jsp/snippets/main_menu.jsp
index 26b12cdcb..4d02f4bda 100644
--- a/id/ConfigWebTool/src/main/webapp/jsp/snippets/main_menu.jsp
+++ b/id/ConfigWebTool/src/main/webapp/jsp/snippets/main_menu.jsp
@@ -32,11 +32,13 @@
<s:url action="usermanagementInit" var="userManagementUrl" namespace="/secure"/>
<a href="<s:property value="#userManagementUrl" />"><%=LanguageHelper.getGUIString("webpages.mainpage.menu.general.usermanagement", request) %></a>
</div>
-
-<%-- <div class="menu_element">
- <a href=""><%=LanguageHelper.getGUIString("webpages.mainpage.menu.general.user", request) %></a>
- </div> --%>
+ <s:if test="authUser.isAdmin()">
+ <div class="menu_element">
+ <s:url action="adminRequestsInit" var="adminRequestsUrl" namespace="/secure"/>
+ <a href="<s:property value="#adminRequestsUrl" />"><%=LanguageHelper.getGUIString("webpages.mainpage.menu.general.adminrequests", request) %></a>
+ </div>
+ </s:if>
</div>
</html> \ No newline at end of file
diff --git a/id/ConfigWebTool/src/main/webapp/jsp/snippets/user_list.jsp b/id/ConfigWebTool/src/main/webapp/jsp/snippets/user_list.jsp
index c5b67cbac..a1e8530af 100644
--- a/id/ConfigWebTool/src/main/webapp/jsp/snippets/user_list.jsp
+++ b/id/ConfigWebTool/src/main/webapp/jsp/snippets/user_list.jsp
@@ -4,7 +4,6 @@
<html>
<s:if test="userlist && userlist.size > 0">
- <h3><%=LanguageHelper.getGUIString("webpages.listUsers.list.header", request) %></h3>
<div id="list_area">
<div id="listHeader" class="listElement">
<div class="userListFirst">
@@ -21,12 +20,22 @@
<s:iterator var="UserElement" value="userlist">
<div class="listElement" onclick="userOA(<s:property value='userID'/>);">
- <div class="userListFirst">
- <s:property value="givenName"/>
- </div>
- <div class="userListSecond">
- <s:property value="familyName"/>
- </div>
+ <s:if test="isMandateUser()">
+ <div class="userListFirstSecond">
+ <s:property value="institute"/>
+ </div>
+<!-- <div class="userListSecond">
+
+ </div>
+ --> </s:if>
+ <s:else>
+ <div class="userListFirst">
+ <s:property value="familyName"/>
+ </div>
+ <div class="userListSecond">
+ <s:property value="givenName"/>
+ </div>
+ </s:else>
<div class="userListThird">
<s:property value="userName"/>
</div>
diff --git a/id/ConfigWebTool/src/main/webapp/jsp/snippets/userfields.jsp b/id/ConfigWebTool/src/main/webapp/jsp/snippets/userfields.jsp
new file mode 100644
index 000000000..7d28a9236
--- /dev/null
+++ b/id/ConfigWebTool/src/main/webapp/jsp/snippets/userfields.jsp
@@ -0,0 +1,144 @@
+<%@page import="at.gv.egovernment.moa.id.configuration.helper.LanguageHelper"%>
+<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%>
+<%@ taglib prefix="s" uri="/struts-tags" %>
+
+<html>
+ <div class="oa_config_block">
+ <h3><%=LanguageHelper.getGUIString("webpages.edituser.header", request) %></h3>
+
+ <s:if test="!user.isIsmandateuser()">
+ <s:textfield name="user.givenName"
+ value="%{user.givenName}"
+ labelposition="left"
+ key="webpages.edituser.givenname"
+ cssClass="textfield_long"
+ disabled="%{user.isPVPGenerated()}">
+ </s:textfield>
+ <s:textfield name="user.familyName"
+ value="%{user.familyName}"
+ labelposition="left"
+ key="webpages.edituser.familyName"
+ cssClass="textfield_long"
+ disabled="%{user.isPVPGenerated()}">
+ </s:textfield>
+ </s:if>
+ <s:textfield name="user.institut"
+ value="%{user.institut}"
+ labelposition="left"
+ key="webpages.edituser.institut"
+ cssClass="textfield_long"
+ disabled="%{user.isPVPGenerated() && user.isIsmandateuser()}">
+ </s:textfield>
+
+ <s:if test="authUser.isAuthenticated()">
+ <div id="mail_area">
+ <s:textfield name="user.mail"
+ value="%{user.mail}"
+ labelposition="left"
+ key="webpages.edituser.mail"
+ cssClass="textfield_mail">
+ </s:textfield>
+ <input type="button"
+ onclick="sendVerificationMail();"
+ value='<%=LanguageHelper.getGUIString("webpages.edituser.verify.mail.button", request) %>'
+ />
+ </div>
+ </s:if>
+ <s:else>
+ <s:textfield name="user.mail"
+ value="%{user.mail}"
+ labelposition="left"
+ key="webpages.edituser.mail"
+ cssClass="textfield_long">
+ </s:textfield>
+ </s:else>
+
+
+ <s:textfield name="user.phone"
+ value="%{user.phone}"
+ labelposition="left"
+ key="webpages.edituser.phone"
+ cssClass="textfield_long">
+ </s:textfield>
+ </div>
+
+ <div class="oa_config_block">
+ <h3><%=LanguageHelper.getGUIString("webpages.edituser.access.header", request) %></h3>
+
+ <div id="usernamepassword_area">
+<%-- <s:if test="user.isIsusernamepasswordallowed()"> --%>
+ <s:if test="isNewUser()">
+ <s:textfield name="user.username"
+ value="%{user.username}"
+ labelposition="left"
+ key="webpages.edituser.username"
+ cssClass="textfield_long"
+ maxlength="16">
+ </s:textfield>
+ </s:if>
+ <s:else>
+ <s:textfield name="user.username"
+ value="%{user.username}"
+ labelposition="left"
+ key="webpages.edituser.username"
+ cssClass="textfield_long"
+ disabled="true"
+ maxlength="16">
+ </s:textfield>
+ </s:else>
+
+ <s:password name="user.password"
+ labelposition="left"
+ key="webpages.edituser.password"
+ cssClass="textfield_long"
+ maxlength="16">
+ </s:password>
+
+ <s:password name="user.password_second"
+ labelposition="left"
+ key="webpages.edituser.password_second"
+ cssClass="textfield_long"
+ maxlength="16">
+ </s:password>
+ <%-- </s:if> --%>
+ </div>
+
+ <s:textfield name="user.bpk"
+ value="%{user.bpk}"
+ labelposition="left"
+ key="webpages.edituser.bpk"
+ cssClass="textfield_long"
+ disabled="%{user.isPVPGenerated()}">
+ </s:textfield>
+ </div>
+
+ <s:if test="authUser.isAdmin() || user.isIsusernamepasswordallowed()">
+ <div class="oa_config_block">
+ <h3><%=LanguageHelper.getGUIString("webpages.edituser.role.header", request) %></h3>
+ <s:if test="authUser.isAdmin()">
+ <s:checkbox name="user.active"
+ value="%{user.active}"
+ labelposition="left"
+ key="webpages.edituser.active"
+ cssClass="checkbox">
+ </s:checkbox>
+ <s:checkbox name="user.admin"
+ value="%{user.admin}"
+ labelposition="left"
+ key="webpages.edituser.admin"
+ cssClass="checkbox">
+ </s:checkbox>
+ </s:if>
+ <s:checkbox name="user.isusernamepasswordallowed"
+ value="%{user.isusernamepasswordallowed}"
+ labelposition="left"
+ key="webpages.edituser.isusernamepasswordallowed"
+ cssClass="checkbox"
+ id="isusernamepasswordallowed"
+ onclick="UseUserNamePassword();">
+ </s:checkbox>
+ </div>
+ </s:if>
+
+ <s:hidden name="user.userID" value="%{user.userID}"></s:hidden>
+</html> \ No newline at end of file
diff --git a/id/ConfigWebTool/src/main/webapp/jsp/usermanagement.jsp b/id/ConfigWebTool/src/main/webapp/jsp/usermanagement.jsp
index a29780cff..1d5d4ac12 100644
--- a/id/ConfigWebTool/src/main/webapp/jsp/usermanagement.jsp
+++ b/id/ConfigWebTool/src/main/webapp/jsp/usermanagement.jsp
@@ -30,7 +30,8 @@
<h2><%=LanguageHelper.getGUIString("webpages.usermanagement.header", request) %></h2>
<s:if test="authUser.isAdmin()">
-
+
+ <h3><%=LanguageHelper.getGUIString("webpages.listUsers.list.header", request) %></h3>
<jsp:include page="snippets/user_list.jsp"></jsp:include>
<div id="list_area">