diff options
Diffstat (limited to 'id/ConfigWebTool')
17 files changed, 233 insertions, 82 deletions
diff --git a/id/ConfigWebTool/pom.xml b/id/ConfigWebTool/pom.xml index 15228a30e..66be932c2 100644 --- a/id/ConfigWebTool/pom.xml +++ b/id/ConfigWebTool/pom.xml @@ -2,13 +2,13 @@ <parent> <groupId>MOA</groupId> <artifactId>id</artifactId> - <version>1.9.98-SNAPSHOT</version> + <version>2.0-RC2</version> </parent> <modelVersion>4.0.0</modelVersion> <groupId>MOA.id</groupId> <artifactId>moa-id-configuration</artifactId> - <version>0.9.8-SNAPSHOT</version> + <version>1.0-RC3</version> <packaging>war</packaging> <name>MOA-ID 2.0 Configuration Tool</name> <description>Web based Configuration Tool for MOA-ID 2.x</description> @@ -45,7 +45,7 @@ <dependency> <groupId>MOA.id.server</groupId> <artifactId>moa-id-commons</artifactId> - <version>1.9.98-SNAPSHOT</version> + <version>2.0-RC3</version> </dependency> <dependency> <groupId>MOA.id.server</groupId> @@ -68,9 +68,17 @@ <groupId>com.sun</groupId> <artifactId>*</artifactId> </exclusion> - </exclusions> - - </dependency> + <exclusion> + <groupId>org.slf4j</groupId> + <artifactId>*</artifactId> + </exclusion> + </exclusions> + </dependency> + <dependency> + <groupId>org.slf4j</groupId> + <artifactId>slf4j-simple</artifactId> + <version>1.7.5</version> + </dependency> <dependency> <groupId>org.opensaml</groupId> diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java index 08ea9f233..4c3486b46 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java @@ -55,6 +55,7 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.TransformsInfoType; import at.gv.egovernment.moa.id.commons.db.dao.config.TrustAnchor; import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyAuthBlock; import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyIdentityLink; +import at.gv.egovernment.moa.id.config.legacy.ConfigurationBuilder; import at.gv.egovernment.moa.id.configuration.Constants; import at.gv.egovernment.moa.id.configuration.data.pvp2.ContactForm; import at.gv.egovernment.moa.util.MiscUtil; @@ -186,8 +187,12 @@ public class GeneralMOAIDConfig { moaspssAuthTrustProfile = authblock.getTrustProfileID(); List<String> list = authblock.getVerifyTransformsInfoProfileID(); - for (String el : list) - moaspssAuthTransformations += el + LINE_DELIMITER + "\n"; + if (list.size() == 1) + moaspssAuthTransformations += list.get(0); + else { + for (String el : list) + moaspssAuthTransformations += el + LINE_DELIMITER + "\n"; + } } VerifyIdentityLink idl = moaspss.getVerifyIdentityLink(); @@ -302,6 +307,7 @@ public class GeneralMOAIDConfig { if (modes != null) { ChainingModeType defaultmode = modes.getSystemDefaultMode(); if (defaultmode != null) { + defaultchainigmode = defaultmode.value(); } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java index 8b78c62a3..3354fd708 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java @@ -52,22 +52,23 @@ public class GeneralStorkConfig { if (foreign != null) { STORK stork = foreign.getSTORK(); + cpepslist = new ArrayList<CPEPS>(); + attributes = new ArrayList<StorkAttribute>(); + if (stork != null) { // deep clone all the things // to foreclose lazyloading session timeouts - cpepslist = new ArrayList<CPEPS>(); + for(CPEPS current : stork.getCPEPS()) { cpepslist.add(current); } - + List<StorkAttribute> tmp = stork.getAttributes(); if(null != tmp) { - attributes = new ArrayList<StorkAttribute>(); + for(StorkAttribute current : tmp) attributes.add(current); } - if(attributes.isEmpty()) - attributes.add(new StorkAttribute()); try { qaa = stork.getQualityAuthenticationAssuranceLevel(); @@ -75,6 +76,12 @@ public class GeneralStorkConfig { qaa = 4; } } + + if (cpepslist.isEmpty()) + cpepslist.add(new CPEPS()); + + if(attributes.isEmpty()) + attributes.add(new StorkAttribute()); } } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java index c9f5fdde9..7510b8932 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java @@ -37,6 +37,7 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.IdentificationNumber; import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration; import at.gv.egovernment.moa.id.commons.db.dao.config.MOAKeyBoxSelector; import at.gv.egovernment.moa.id.commons.db.dao.config.Mandates; +import at.gv.egovernment.moa.id.commons.db.dao.config.MandatesProfileNameItem; import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; import at.gv.egovernment.moa.id.commons.db.dao.config.TemplateType; import at.gv.egovernment.moa.id.commons.db.dao.config.TemplatesType; @@ -227,15 +228,32 @@ public class OAGeneralConfig { Mandates mandates = oaauth.getMandates(); if (mandates != null) { - if (MiscUtil.isNotEmpty(mandates.getProfiles())) { - mandateProfiles = mandates.getProfiles(); - useMandates = true; + mandateProfiles = null; + + List<MandatesProfileNameItem> profileList = mandates.getProfileNameItems(); + for (MandatesProfileNameItem el : profileList) { + if (mandateProfiles == null) + mandateProfiles = el.getItem(); - } else { - mandateProfiles = new String(); - useMandates = false; + else + mandateProfiles += "," + el.getItem(); } + //TODO: only for RC1 + if (MiscUtil.isNotEmpty(mandates.getProfiles())) { + if (mandateProfiles == null) + mandateProfiles = mandates.getProfiles(); + + else + mandateProfiles += "," + mandates.getProfiles(); + + } + + if (mandateProfiles != null) + useMandates = true; + + else + useMandates = false; } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/pvp2/ContactForm.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/pvp2/ContactForm.java index a2d6d8775..01615a056 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/pvp2/ContactForm.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/pvp2/ContactForm.java @@ -43,8 +43,17 @@ public class ContactForm { public ContactForm(Contact dbcont) { this.surname = dbcont.getSurName(); this.givenname = dbcont.getGivenName(); - this.mail =dbcont.getMail(); - this.phone = dbcont.getPhone(); + + if (dbcont.getMail() != null) { + this.mail = new ArrayList<String>(); + this.mail.addAll(dbcont.getMail()); + } + + if (dbcont.getPhone() != null) { + this.phone = new ArrayList<String>(); + this.phone.addAll(dbcont.getPhone()); + } + this.company = dbcont.getCompany(); this.type = dbcont.getType(); } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/MailHelper.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/MailHelper.java index 6f1112e2e..0aeed8cb5 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/MailHelper.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/MailHelper.java @@ -69,7 +69,7 @@ public class MailHelper { String template = readTemplateFromURL(templateurl); - if (userdb.isIsMandateUser()) { + if (userdb.isIsMandateUser() != null && userdb.isIsMandateUser()) { template = template.replace(PATTERN_GIVENNAME, userdb.getInstitut()); template = template.replace(PATTERN_FAMILYNAME, ""); @@ -174,7 +174,7 @@ public class MailHelper { String template = readTemplateFromURL(templateurl); - if (userdb.isIsMandateUser()) { + if (userdb.isIsMandateUser() != null && userdb.isIsMandateUser()) { template = template.replace(PATTERN_GIVENNAME, userdb.getInstitut()); template = template.replace(PATTERN_FAMILYNAME, ""); diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/StringHelper.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/StringHelper.java index 43fc78821..53afa59a0 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/StringHelper.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/StringHelper.java @@ -22,6 +22,8 @@ *******************************************************************************/ package at.gv.egovernment.moa.id.configuration.helper; +import java.io.UnsupportedEncodingException; + public class StringHelper { public static String formatText(String strGivenText) @@ -47,4 +49,14 @@ public class StringHelper { } return sbFormattedText.toString(); } + + public static String getUTF8String(String input) { + try { + return new String(input.getBytes(), "UTF-8"); + + } catch (UnsupportedEncodingException e) { + e.printStackTrace(); + return input; + } + } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java index 989641f36..b77b47d15 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java @@ -36,6 +36,7 @@ import org.apache.struts2.interceptor.ServletResponseAware; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentGeneral; +import at.gv.egovernment.moa.id.commons.db.dao.config.CPEPS; import at.gv.egovernment.moa.id.commons.db.dao.config.ChainingModeType; import at.gv.egovernment.moa.id.commons.db.dao.config.ChainingModes; import at.gv.egovernment.moa.id.commons.db.dao.config.ConnectionParameterClientAuthType; @@ -57,6 +58,7 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.SLRequestTemplates; import at.gv.egovernment.moa.id.commons.db.dao.config.SSO; import at.gv.egovernment.moa.id.commons.db.dao.config.STORK; import at.gv.egovernment.moa.id.commons.db.dao.config.SecurityLayer; +import at.gv.egovernment.moa.id.commons.db.dao.config.StorkAttribute; import at.gv.egovernment.moa.id.commons.db.dao.config.TimeOuts; import at.gv.egovernment.moa.id.commons.db.dao.config.TransformsInfoType; import at.gv.egovernment.moa.id.commons.db.dao.config.TrustAnchor; @@ -68,6 +70,7 @@ import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser; import at.gv.egovernment.moa.id.configuration.data.GeneralMOAIDConfig; import at.gv.egovernment.moa.id.configuration.data.GeneralStorkConfig; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; +import at.gv.egovernment.moa.id.configuration.helper.StringHelper; import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper; import at.gv.egovernment.moa.id.configuration.validation.moaconfig.MOAConfigValidator; import at.gv.egovernment.moa.id.configuration.validation.moaconfig.StorkConfigValidator; @@ -352,9 +355,10 @@ public class EditGeneralConfigAction extends ActionSupport pvp2.setOrganization(pvp2org); } if (MiscUtil.isNotEmpty(moaconfig.getPvp2OrgDisplayName())) - pvp2org.setDisplayName(moaconfig.getPvp2OrgDisplayName()); + pvp2org.setDisplayName(StringHelper.getUTF8String( + moaconfig.getPvp2OrgDisplayName())); if (MiscUtil.isNotEmpty(moaconfig.getPvp2OrgName())) - pvp2org.setName(moaconfig.getPvp2OrgName()); + pvp2org.setName(StringHelper.getUTF8String(moaconfig.getPvp2OrgName())); if (MiscUtil.isNotEmpty(moaconfig.getPvp2OrgURL())) pvp2org.setURL(moaconfig.getPvp2OrgURL()); @@ -363,22 +367,30 @@ public class EditGeneralConfigAction extends ActionSupport pvp2cont = new ArrayList<Contact>(); pvp2.setContact(pvp2cont); } - Contact cont = new Contact(); - pvp2cont.add(cont); + + if (pvp2cont.size() == 0) { + Contact cont = new Contact(); + pvp2cont.add(cont); + } + + Contact cont = pvp2cont.get(0); if (MiscUtil.isNotEmpty(moaconfig.getPvp2Contact().getCompany())) - cont.setCompany(moaconfig.getPvp2Contact().getCompany()); + cont.setCompany(StringHelper.getUTF8String( + moaconfig.getPvp2Contact().getCompany())); if (MiscUtil.isNotEmpty(moaconfig.getPvp2Contact().getGivenname())) - cont.setGivenName(moaconfig.getPvp2Contact().getGivenname()); + cont.setGivenName(StringHelper.getUTF8String( + moaconfig.getPvp2Contact().getGivenname())); //TODO: change to list if required if (MiscUtil.isNotEmpty(moaconfig.getPvp2Contact().getMail())) cont.setMail(Arrays.asList(moaconfig.getPvp2Contact().getMail())); if (MiscUtil.isNotEmpty(moaconfig.getPvp2Contact().getPhone())) cont.setPhone(Arrays.asList(moaconfig.getPvp2Contact().getPhone())); - + if (MiscUtil.isNotEmpty(moaconfig.getPvp2Contact().getSurname())) - cont.setSurName(moaconfig.getPvp2Contact().getSurname()); + cont.setSurName(StringHelper.getUTF8String( + moaconfig.getPvp2Contact().getSurname())); if (MiscUtil.isNotEmpty(moaconfig.getPvp2Contact().getType())) cont.setType(moaconfig.getPvp2Contact().getType()); @@ -389,9 +401,11 @@ public class EditGeneralConfigAction extends ActionSupport } if (MiscUtil.isNotEmpty(moaconfig.getSsoFriendlyName())) - dbsso.setFriendlyName(moaconfig.getSsoFriendlyName()); + dbsso.setFriendlyName(StringHelper.getUTF8String( + moaconfig.getSsoFriendlyName())); if (MiscUtil.isNotEmpty(moaconfig.getSsoSpecialText())) - dbsso.setSpecialText(moaconfig.getSsoSpecialText()); + dbsso.setSpecialText(StringHelper.getUTF8String( + moaconfig.getSsoSpecialText())); // if (MiscUtil.isNotEmpty(moaconfig.getSsoPublicUrl())) // dbsso.setPublicURL(moaconfig.getSsoPublicUrl()); @@ -501,14 +515,25 @@ public class EditGeneralConfigAction extends ActionSupport ForeignIdentities oldforeign = oldauth.getForeignIdentities(); if (oldforeign != null) { STORK oldstork = oldforeign.getSTORK(); - if (oldstork == null) - oldstork = new STORK(); + if (oldstork == null) + oldstork = new STORK(); try { log.error("QAAAA " + storkconfig.getDefaultQaa()); oldstork.setQualityAuthenticationAssuranceLevel(storkconfig.getDefaultQaa()); - oldstork.setAttributes(storkconfig.getAttributes()); - oldstork.setCPEPS(storkconfig.getCpepslist()); + + if (storkconfig.getAttributes() != null) + oldstork.setAttributes(storkconfig.getAttributes()); + + else + oldstork.setAttributes((List<StorkAttribute>) (new ArrayList<StorkAttribute>())); + + if (storkconfig.getCpepslist() != null) + oldstork.setCPEPS(storkconfig.getCpepslist()); + + else + oldstork.setCPEPS((List<CPEPS>) (new ArrayList<CPEPS>())); + dbforeign.setSTORK(oldstork); } catch (Exception e) { e.printStackTrace(); diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java index f8a12e58b..e5d84d461 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java @@ -35,6 +35,7 @@ import at.gv.egovernment.moa.id.configuration.data.oa.*; import at.gv.egovernment.moa.id.configuration.exception.ConfigurationException; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; import at.gv.egovernment.moa.id.configuration.helper.MailHelper; +import at.gv.egovernment.moa.id.configuration.helper.StringHelper; import at.gv.egovernment.moa.id.configuration.validation.FormularCustomizationValitator; import at.gv.egovernment.moa.id.configuration.validation.TargetValidator; import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper; diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java index 3bc2d4ac5..655ce7a59 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java @@ -198,6 +198,10 @@ implements ServletRequestAware, ServletResponseAware { ConfigurationDBUtils.closeSession(); } + //set new formID + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + log.info("Legacy Configuration load is completed."); addActionMessage(LanguageHelper.getGUIString("webpages.inportexport.success")); return Constants.STRUTS_SUCCESS; @@ -285,6 +289,11 @@ implements ServletRequestAware, ServletResponseAware { ConfigurationDBUtils.closeSession(); } + + //set new formID + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + return Constants.STRUTS_SUCCESS; } else { log.info("No access to Import/Export for User with ID" + authUser.getUserID()); @@ -317,15 +326,20 @@ implements ServletRequestAware, ServletResponseAware { + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); return Constants.STRUTS_ERROR; } + session.setAttribute(Constants.SESSION_FORMID, null); if (authUser.isAdmin()) { if (fileUpload == null) { addActionError(LanguageHelper.getErrorString("errors.importexport.nofile")); + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + return Constants.STRUTS_ERROR_VALIDATION; } - + log.info("Load configuration from MOA-ID 2.x XML configuration"); try { @@ -367,6 +381,10 @@ implements ServletRequestAware, ServletResponseAware { ConfigurationDBUtils.closeSession(); } + //set new formID + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + log.info("XML Configuration load is completed."); addActionMessage(LanguageHelper.getGUIString("webpages.inportexport.success")); return Constants.STRUTS_SUCCESS; diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java index ee9b38f74..8004ab520 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java @@ -127,7 +127,14 @@ public class IndexAction extends ActionSupport implements ServletRequestAware, try { ConfigurationProvider config = ConfigurationProvider.getInstance(); pvp2LoginActiv = config.isPVP2LoginActive(); - return Constants.STRUTS_SUCCESS; + + if (config.isLoginDeaktivated()) { + return "loginWithOutAuth"; + + } else { + return Constants.STRUTS_SUCCESS; + + } } catch (ConfigurationException e) { log.warn("An internal error occurs.", e); @@ -271,6 +278,18 @@ public class IndexAction extends ActionSupport implements ServletRequestAware, Response samlResponse = (Response) messageContext.getInboundMessage(); + //ckeck InResponseTo matchs requestID + if (MiscUtil.isEmpty(authID)) { + log.info("NO AuthRequestID"); + return Constants.STRUTS_ERROR; + } + + if (!authID.equals(samlResponse.getInResponseTo())) { + log.warn("PVPRequestID does not match PVP2 Assertion ID!"); + return Constants.STRUTS_ERROR; + + } + Signature sign = samlResponse.getSignature(); if (sign == null) { log.info("Only http POST Requests can be used"); @@ -345,29 +364,9 @@ public class IndexAction extends ActionSupport implements ServletRequestAware, saml2assertions = samlResponse.getAssertions(); } - - - if (MiscUtil.isEmpty(authID)) { - log.info("NO AuthRequestID"); - return Constants.STRUTS_ERROR; - } - + for (org.opensaml.saml2.core.Assertion saml2assertion : saml2assertions) { - - Subject subject = saml2assertion.getSubject(); - List<SubjectConfirmation> subjectconformlist = subject.getSubjectConfirmations(); - for (SubjectConfirmation el : subjectconformlist) { - if (el.getMethod().equals(SubjectConfirmation.METHOD_BEARER)) { - SubjectConfirmationData date = el.getSubjectConfirmationData(); - - if (!authID.equals(date.getInResponseTo())) { - log.warn("PVPRequestID does not match PVP2 Assertion ID!"); - return Constants.STRUTS_ERROR; - - } - } - } - + Conditions conditions = saml2assertion.getConditions(); DateTime notbefore = conditions.getNotBefore(); DateTime notafter = conditions.getNotOnOrAfter(); @@ -376,6 +375,13 @@ public class IndexAction extends ActionSupport implements ServletRequestAware, return Constants.STRUTS_ERROR; } + + Subject subject = saml2assertion.getSubject(); + if (subject == null) { + log.warn("Assertion has no Subject element"); + return Constants.STRUTS_ERROR; + + } NameID nameID = subject.getNameID(); if (nameID == null) { @@ -624,8 +630,8 @@ public class IndexAction extends ActionSupport implements ServletRequestAware, check = user.getPhone(); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { - log.warn("Phonenumber contains potentail XSS characters: " + check); + if (!ValidationHelper.validatePhoneNumber(check)) { + log.warn("No valid Phone Number: " + check); addActionError(LanguageHelper.getErrorString("validation.edituser.phone.valid", new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/ValidationHelper.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/ValidationHelper.java index a95d967bb..c1feddfb8 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/ValidationHelper.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/ValidationHelper.java @@ -167,6 +167,34 @@ public class ValidationHelper { } + public static boolean validatePhoneNumber(String value) { + log.debug ("Validate PhoneNumber " + value); + + /* ************************************************************************************************ + * Legende: + * ======== AA = post/pre-Text + * BB = (+49) + * CC = Vorwahl + * DD = Durchwahl + * EE = Nebenstelle + * Pattern p = Pattern.compile("^ [a-zA-Z .,;:/\\-]* [ ]* [(]{0,1}[ ]*[+]{0,1}[ ]*[0-9]{0,2}[ ]*[)]{0,1} [ ]* [0-9]*[ ]* [0-9][ ]* [0-9]* [ ]* [a-zA-Z .,;:\\/-]* $"); + * ------- AA ------- --------------------- BB --------------------- --------- CC -------- - DD - - EE - ------- AA ------- + * ************************************************************************************************ */ + Pattern pattern = Pattern.compile("^[a-zA-Z .,;:/\\-]*[ ]*[(]{0,1}[ ]*[+]{0,1}[ ]*[0-9]{0,2}[ ]*[)]{0,1}[ ]*[0-9]*[ ]*[0-9]*[ ]*[0-9]*[ ]*[a-zA-Z .,;:\\/-]*$"); + Matcher matcher = pattern.matcher(value); + boolean b = matcher.matches(); + if (b) { + log.debug("Parameter PhoneNumber erfolgreich ueberprueft"); + return true; + } + else { + log.error("Fehler Ueberpruefung Parameter PhoneNumber. PhoneNumber entspricht nicht den Kriterien ^ [a-zA-Z .,;:/\\-]* [ ]* [(]{0,1}[ ]*[+]{0,1}[ ]*[0-9]{0,2}[ ]*[)]{0,1} [ ]* [0-9]*[ ]*[/\\-]{0,1} [ ]*[ ]* [0-9]* [ ]* [a-zA-Z .,;:\\/-]* $"); + return false; + } + + + } + public static boolean validateURL(String urlString) { log.debug("Validate URL " + urlString); diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java index fcf74a534..3723a09e9 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java @@ -160,21 +160,24 @@ public class MOAConfigValidator { log.info("Empty MoaspssAuthTransformation"); errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.transformation.empty")); } else { - check = StringHelper.formatText(check); - String[] list = check.split(GeneralMOAIDConfig.LINE_DELIMITER); - int i=1; - for(String el : list) { - if (ValidationHelper.containsPotentialCSSCharacter(el, false)) { - log.info("IdentityLinkSigners is not valid: " + el); - errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.transformation.valid", - new Object[] {i, ValidationHelper.getPotentialCSSCharacter(false)} )); - - } else { - if (MiscUtil.isNotEmpty(el.trim())) - authtranslist.add(el.trim()); - } - i++; - } + + //is only required if more then one transformation is in use +// check = StringHelper.formatText(check); +// String[] list = check.split(GeneralMOAIDConfig.LINE_DELIMITER); +// int i=1; +// for(String el : list) { +// if (ValidationHelper.containsPotentialCSSCharacter(el, false)) { +// log.info("IdentityLinkSigners is not valid: " + el); +// errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.transformation.valid", +// new Object[] {i, ValidationHelper.getPotentialCSSCharacter(false)} )); +// +// } else { +// if (MiscUtil.isNotEmpty(el.trim())) +// authtranslist.add(el.trim()); +// } +// i++; +// } + authtranslist.add(check.trim()); } form.setAuthTransformList(authtranslist); diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/PVP2ContactValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/PVP2ContactValidator.java index f8ccebc09..5286725df 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/PVP2ContactValidator.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/PVP2ContactValidator.java @@ -91,7 +91,7 @@ public class PVP2ContactValidator { check = contact.getPhone(); if (MiscUtil.isNotEmpty(check)) { - if (!ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (!ValidationHelper.validatePhoneNumber(check)) { errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.phone.valid")); } } diff --git a/id/ConfigWebTool/src/main/resources/applicationResources.properties b/id/ConfigWebTool/src/main/resources/applicationResources.properties index 1560db2f0..08cf922c5 100644 --- a/id/ConfigWebTool/src/main/resources/applicationResources.properties +++ b/id/ConfigWebTool/src/main/resources/applicationResources.properties @@ -108,7 +108,7 @@ webpages.moaconfig.certificates.trustmanagerrev=TrustManagerRevocationChecking webpages.moaconfig.certificates.trustCACerts=TrustedCACertificates webpages.moaconfig.certificates.chainingmode=ChainingMode webpages.moaconfig.timeout.header=Session TimeOuts -webpages.moaconfig.timeout.assertion=Assertion [sec] +webpages.moaconfig.timeout.assertion=Anmeldedaten [sec] webpages.moaconfig.timeout.MOASessionCreated=SSO Session authentifiziert [sec] webpages.moaconfig.timeout.MOASessionUpdated=SSO Session letzter Zugriff [sec] webpages.moaconfig.moasp.header=MOA-SP Konfiguration diff --git a/id/ConfigWebTool/src/main/resources/struts.xml b/id/ConfigWebTool/src/main/resources/struts.xml index ee5baf8d6..9a098da5a 100644 --- a/id/ConfigWebTool/src/main/resources/struts.xml +++ b/id/ConfigWebTool/src/main/resources/struts.xml @@ -13,6 +13,10 @@ <action name="index" method="start" class="at.gv.egovernment.moa.id.configuration.struts.action.IndexAction"> <result name="success">/index.jsp</result> + <result name="loginWithOutAuth" type="redirectAction"> + <param name="actionName">main</param> + <param name="namespace">/secure</param> + </result> <interceptor-ref name="defaultStack"/> </action> diff --git a/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp b/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp index bdafdd40a..945d4b0b5 100644 --- a/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp +++ b/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp @@ -174,12 +174,18 @@ cssClass="textfield_long"> </s:textfield> - <s:textarea name="moaconfig.moaspssAuthTransformations" +<%-- <s:textarea name="moaconfig.moaspssAuthTransformations" value="%{moaconfig.moaspssAuthTransformations}" labelposition="left" key="webpages.moaconfig.moasp.authblocktransform" cssClass="textfield_large"> - </s:textarea> + </s:textarea> --%> + <s:textfield name="moaconfig.moaspssAuthTransformations" + value="%{moaconfig.moaspssAuthTransformations}" + labelposition="left" + key="webpages.moaconfig.moasp.authblocktransform" + cssClass="textfield_long"> + </s:textfield> <s:textfield name="moaconfig.moaspssURL" value="%{moaconfig.moaspssURL}" |