aboutsummaryrefslogtreecommitdiff
path: root/id/ConfigWebTool
diff options
context:
space:
mode:
Diffstat (limited to 'id/ConfigWebTool')
-rw-r--r--id/ConfigWebTool/pom.xml6
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/PVPSOAPRequestSecurityPolicy.java92
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOBackChannelServlet.java64
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOBasicServlet.java4
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOFrontChannelServlet.java10
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java5
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java69
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAAuthenticationData.java4
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OARevisionsLogData.java2
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicOAAction.java6
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java44
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java4
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/InterfederationIDPAction.java2
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/SAML2Utils.java20
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java39
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java18
-rw-r--r--id/ConfigWebTool/src/main/resources/applicationResources_de.properties7
-rw-r--r--id/ConfigWebTool/src/main/resources/applicationResources_en.properties8
-rw-r--r--id/ConfigWebTool/src/main/webapp/css/index.css5
-rw-r--r--id/ConfigWebTool/src/main/webapp/js/common.js23
-rw-r--r--id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp39
21 files changed, 389 insertions, 82 deletions
diff --git a/id/ConfigWebTool/pom.xml b/id/ConfigWebTool/pom.xml
index e0321dece..71893fca2 100644
--- a/id/ConfigWebTool/pom.xml
+++ b/id/ConfigWebTool/pom.xml
@@ -97,6 +97,12 @@
<artifactId>moa-id-module-stork</artifactId>
</dependency> -->
+ <dependency>
+ <groupId>org.apache.commons</groupId>
+ <artifactId>commons-collections4</artifactId>
+ <version>${org.apache.commons.collections4.version}</version>
+ </dependency>
+
<dependency>
<groupId>at.gv.util</groupId>
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/PVPSOAPRequestSecurityPolicy.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/PVPSOAPRequestSecurityPolicy.java
new file mode 100644
index 000000000..a25cc44ef
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/PVPSOAPRequestSecurityPolicy.java
@@ -0,0 +1,92 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.configuration.auth.pvp2;
+
+import java.util.List;
+
+import javax.xml.namespace.QName;
+
+import org.opensaml.common.SignableSAMLObject;
+import org.opensaml.saml2.metadata.provider.HTTPMetadataProvider;
+import org.opensaml.ws.soap.soap11.Envelope;
+import org.opensaml.xml.XMLObject;
+import org.opensaml.xml.signature.SignatureTrustEngine;
+
+import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider;
+import at.gv.egovernment.moa.id.protocols.pvp2x.validation.AbstractRequestSignedSecurityPolicyRule;
+
+/**
+ * @author tlenz
+ *
+ */
+public class PVPSOAPRequestSecurityPolicy extends
+ AbstractRequestSignedSecurityPolicyRule {
+
+ /**
+ * @param trustEngine
+ * @param peerEntityRole
+ */
+ public PVPSOAPRequestSecurityPolicy(SignatureTrustEngine trustEngine,
+ QName peerEntityRole) {
+ super(trustEngine, peerEntityRole);
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.protocols.pvp2x.validation.AbstractRequestSignedSecurityPolicyRule#refreshMetadataProvider(java.lang.String)
+ */
+ @Override
+ protected boolean refreshMetadataProvider(String entityID) {
+ try {
+ HTTPMetadataProvider metadataProvider = ConfigurationProvider.getInstance().getMetaDataProvier();
+ metadataProvider.setRequireValidMetadata(true);
+ metadataProvider.refresh();
+
+ return true;
+
+ } catch (Exception e) {
+
+
+ }
+
+ return false;
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.protocols.pvp2x.validation.AbstractRequestSignedSecurityPolicyRule#getSignedSAMLObject(org.opensaml.xml.XMLObject)
+ */
+ @Override
+ protected SignableSAMLObject getSignedSAMLObject(XMLObject inboundData) {
+ if (inboundData instanceof Envelope) {
+ Envelope envelope = (Envelope) inboundData;
+ if (envelope.getBody() != null) {
+ List<XMLObject> xmlElemList = envelope.getBody().getUnknownXMLObjects();
+ if (!xmlElemList.isEmpty() && xmlElemList.get(0) instanceof SignableSAMLObject)
+ return (SignableSAMLObject) xmlElemList.get(0);
+
+ }
+ }
+
+ return null;
+ }
+
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOBackChannelServlet.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOBackChannelServlet.java
index cff08740b..17d3d9e50 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOBackChannelServlet.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOBackChannelServlet.java
@@ -40,6 +40,7 @@ import org.opensaml.saml2.core.LogoutRequest;
import org.opensaml.saml2.core.LogoutResponse;
import org.opensaml.ws.message.decoder.MessageDecodingException;
import org.opensaml.ws.message.encoder.MessageEncodingException;
+import org.opensaml.ws.soap.client.BasicSOAPMessageContext;
import org.opensaml.ws.soap.soap11.Envelope;
import org.opensaml.ws.soap.soap11.decoder.http.HTTPSOAP11Decoder;
import org.opensaml.ws.transport.http.HttpServletRequestAdapter;
@@ -49,10 +50,12 @@ import org.opensaml.xml.parse.BasicParserPool;
import org.opensaml.xml.security.SecurityException;
import org.opensaml.xml.security.x509.KeyStoreX509CredentialAdapter;
import org.opensaml.xml.security.x509.X509Credential;
+import org.opensaml.xml.validation.ValidationException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationException;
+import at.gv.egovernment.moa.id.configuration.auth.pvp2.PVP2Utils;
/**
* @author tlenz
@@ -77,25 +80,44 @@ public class SLOBackChannelServlet extends SLOBasicServlet {
try {
HTTPSOAP11Decoder soapDecoder = new HTTPSOAP11Decoder(new BasicParserPool());
- BasicSAMLMessageContext<SAMLObject, ?, ?> messageContext =
- new BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject>();
- messageContext
- .setInboundMessageTransport(new HttpServletRequestAdapter(
- request));
+
+ BasicSOAPMessageContext messageContext = new BasicSOAPMessageContext();
+
+// BasicSAMLMessageContext<SAMLObject, ?, ?> messageContext =
+// new BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject>();
+
+ messageContext.setInboundMessageTransport(new HttpServletRequestAdapter(request));
+
+ //messageContext.setMetadataProvider(getConfig().getMetaDataProvier());
+
+ //set trustPolicy
+// BasicSecurityPolicy policy = new BasicSecurityPolicy();
+// policy.getPolicyRules().add(
+// new PVPSOAPRequestSecurityPolicy(
+// PVP2Utils.getTrustEngine(getConfig()),
+// IDPSSODescriptor.DEFAULT_ELEMENT_NAME));
+// SecurityPolicyResolver resolver = new StaticSecurityPolicyResolver(
+// policy);
+// messageContext.setSecurityPolicyResolver(resolver);
soapDecoder.decode(messageContext);
-
+
Envelope inboundMessage = (Envelope) messageContext
.getInboundMessage();
+ LogoutResponse sloResp = null;
+
if (inboundMessage.getBody() != null) {
List<XMLObject> xmlElemList = inboundMessage.getBody().getUnknownXMLObjects();
-
- LogoutResponse sloResp;
+
if (!xmlElemList.isEmpty() && xmlElemList.get(0) instanceof LogoutRequest) {
LogoutRequest sloReq = (LogoutRequest) xmlElemList.get(0);
- sloResp = processLogOutRequest(sloReq, request);
+ //validate request signature
+ PVP2Utils.validateSignature(sloReq, getConfig());
+
+ sloResp = processLogOutRequest(sloReq, request);
+
KeyStore keyStore = getConfig().getPVP2KeyStore();
X509Credential authcredential = new KeyStoreX509CredentialAdapter(
keyStore,
@@ -111,24 +133,17 @@ public class SLOBackChannelServlet extends SLOBasicServlet {
context.setOutboundMessageTransport(responseAdapter);
encoder.encode(context);
-
+
} else {
log.warn("Received request ist not of type LogOutRequest");
response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
+ return;
}
}
- } catch (MessageDecodingException e) {
- log.error("SLO message processing FAILED." , e);
- response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e.getMessage());
-
- } catch (SecurityException e) {
- log.error("SLO message processing FAILED." , e);
- response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e.getMessage());
-
- } catch (NoSuchAlgorithmException e) {
- log.error("SLO message processing FAILED." , e);
+ } catch (MessageDecodingException | SecurityException | NoSuchAlgorithmException | ConfigurationException | ValidationException e) {
+ log.error("SLO message processing FAILED." , e);
response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e.getMessage());
} catch (CertificateException e) {
@@ -139,15 +154,14 @@ public class SLOBackChannelServlet extends SLOBasicServlet {
log.error("SLO message processing FAILED." , e);
response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e.getMessage());
- } catch (ConfigurationException e) {
- log.error("SLO message processing FAILED." , e);
- response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e.getMessage());
-
} catch (MessageEncodingException e) {
log.error("SLO message processing FAILED." , e);
response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e.getMessage());
- }
+ }
+
+
+
}
protected void doGet(HttpServletRequest request,
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOBasicServlet.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOBasicServlet.java
index 2a35e50b1..c70d34d7e 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOBasicServlet.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOBasicServlet.java
@@ -131,13 +131,13 @@ public class SLOBasicServlet extends HttpServlet {
} else {
log.debug("Single LogOut not possible! User with nameID:" + sloReq.getNameID().getValue() + " is not found.");
- return createSLOResponse(sloReq, StatusCode.PARTIAL_LOGOUT_URI, request);
+ return createSLOResponse(sloReq, StatusCode.SUCCESS_URI, request);
}
}
- private LogoutResponse createSLOResponse(LogoutRequest sloReq, String statusCodeURI, HttpServletRequest request) throws NoSuchAlgorithmException {
+ protected LogoutResponse createSLOResponse(LogoutRequest sloReq, String statusCodeURI, HttpServletRequest request) throws NoSuchAlgorithmException {
LogoutResponse sloResp = SAML2Utils.createSAMLObject(LogoutResponse.class);
SecureRandomIdentifierGenerator gen = new SecureRandomIdentifierGenerator();
sloResp.setID(gen.generateIdentifier());
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOFrontChannelServlet.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOFrontChannelServlet.java
index 8df7f9d5a..274aa21bf 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOFrontChannelServlet.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOFrontChannelServlet.java
@@ -69,7 +69,6 @@ import at.gv.egovernment.moa.id.configuration.auth.pvp2.PVP2Utils;
import at.gv.egovernment.moa.id.configuration.exception.PVP2Exception;
import at.gv.egovernment.moa.id.configuration.exception.SLOException;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
-import at.gv.egovernment.moa.id.protocols.pvp2x.verification.TrustEngineFactory;
import at.gv.egovernment.moa.util.MiscUtil;
/**
@@ -99,8 +98,15 @@ public class SLOFrontChannelServlet extends SLOBasicServlet {
if (MiscUtil.isNotEmpty(request.getParameter(Constants.REQUEST_USERSLO))) {
//process user initiated single logout process
Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+
+ if (authUserObj == null) {
+ log.warn("No user information found. Single Log-Out not possible");
+ buildErrorMessage(request, response);
+
+ }
+
AuthenticatedUser authUser = (AuthenticatedUser) authUserObj;
-
+
String nameIDFormat = authUser.getNameIDFormat();
String nameID = authUser.getNameID();
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java
index e2a55db60..ab6c22858 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java
@@ -54,6 +54,7 @@ import org.springframework.beans.factory.config.AutowireCapableBeanFactory;
import org.springframework.context.ApplicationContext;
import org.springframework.context.support.ClassPathXmlApplicationContext;
+import at.gv.egovernment.moa.id.commons.db.NewConfigurationDBRead;
import at.gv.egovernment.moa.id.commons.ex.MOAHttpProtocolSocketFactoryException;
import at.gv.egovernment.moa.id.commons.utils.MOAHttpProtocolSocketFactory;
import at.gv.egovernment.moa.id.config.webgui.MOAIDConfigurationModul;
@@ -65,8 +66,6 @@ import at.gv.egovernment.moa.id.configuration.utils.UserRequestCleaner;
import at.gv.egovernment.moa.util.FileUtils;
import at.gv.egovernment.moa.util.MiscUtil;
-import at.gv.egovernment.moa.id.commons.db.NewConfigurationDBRead;
-
public class ConfigurationProvider {
@@ -602,7 +601,7 @@ public class ConfigurationProvider {
} catch (Exception e) {
log.warn("PVP2 authentification can not be initialized.");
- throw new ConfigurationException("PVP2 authentification can not be initialized.", e);
+ throw new ConfigurationException("error.initialization.pvplogin", e);
}
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java
index 83795567c..95af93af3 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java
@@ -54,7 +54,9 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.TransformsInfoT
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.TrustAnchor;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.VerifyAuthBlock;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.VerifyIdentityLink;
+import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils;
import at.gv.egovernment.moa.id.configuration.Constants;
+import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider;
import at.gv.egovernment.moa.id.configuration.data.pvp2.ContactForm;
import at.gv.egovernment.moa.util.MiscUtil;
@@ -126,6 +128,7 @@ public class GeneralMOAIDConfig {
private String SLRequestTemplateHandy = "SLTemplates/template_handyBKU.html";
private String publicURLPrefix = null;
+ private boolean virtualPublicURLPrefixEnabled = false;
public GeneralMOAIDConfig() {
chainigmodelist = new HashMap<String, String>();
@@ -133,6 +136,26 @@ public class GeneralMOAIDConfig {
for (int i=0; i<values.length; i++) {
chainigmodelist.put(values[i].value(), values[i].value());
}
+
+ try {
+ ConfigurationProvider config = ConfigurationProvider.getInstance();
+ if (config != null) {
+ MOAIDConfiguration dbconfig = config.getDbRead().getMOAIDConfiguration();
+ List<TransformsInfoType> authBlockTrans = dbconfig.getAuthComponentGeneral().getSecurityLayer().getTransformsInfo();
+
+ if (authBlockTrans != null && !authBlockTrans.isEmpty()) {
+ if (secLayerTransformation == null)
+ secLayerTransformation = new HashMap<String, byte[]>();
+ for (TransformsInfoType el : authBlockTrans)
+ secLayerTransformation.put(el.getFilename(), el.getTransformation());
+
+ }
+ }
+
+ } catch (Exception e) {
+
+ }
+
}
public void parse(MOAIDConfiguration config) {
@@ -163,7 +186,26 @@ public class GeneralMOAIDConfig {
if (authgen.isTrustManagerRevocationChecking() != null)
trustmanagerrevocationcheck = authgen.isTrustManagerRevocationChecking();
- publicURLPrefix = authgen.getPublicURLPreFix();
+ virtualPublicURLPrefixEnabled =
+ KeyValueUtils.isCSVValueString(authgen.getPublicURLPreFix());
+
+ if (virtualPublicURLPrefixEnabled) {
+ //format CSV values with newlines
+ publicURLPrefix = KeyValueUtils.normalizeCSVValueString(
+ authgen.getPublicURLPreFix());
+
+ } else {
+ String tmp = authgen.getPublicURLPreFix();
+ if (tmp.contains(KeyValueUtils.CSV_DELIMITER)) {
+ //remove trailing comma if exist
+ publicURLPrefix = tmp.substring(0,
+ tmp.indexOf(KeyValueUtils.CSV_DELIMITER));
+
+ } else
+ publicURLPrefix = tmp;
+ }
+
+
TimeOuts timeouts = authgen.getTimeOuts();
if (timeouts != null) {
@@ -819,6 +861,7 @@ public class GeneralMOAIDConfig {
* @return the secLayerTransformation
*/
public Map<String, byte[]> getSecLayerTransformation() {
+
return secLayerTransformation;
}
@@ -931,7 +974,12 @@ public class GeneralMOAIDConfig {
* @param publicURLPrefix the publicURLPrefix to set
*/
public void setPublicURLPrefix(String publicURLPrefix) {
- this.publicURLPrefix = publicURLPrefix;
+ if (MiscUtil.isNotEmpty(publicURLPrefix))
+ this.publicURLPrefix =
+ KeyValueUtils.removeAllNewlineFromString(publicURLPrefix);
+ else
+ this.publicURLPrefix = publicURLPrefix;
+
}
/**
@@ -961,6 +1009,23 @@ public class GeneralMOAIDConfig {
public void setMoaspssAuthTrustProfileTest(String moaspssAuthTrustProfileTest) {
this.moaspssAuthTrustProfileTest = moaspssAuthTrustProfileTest;
}
+
+ /**
+ * @return the virtualPublicURLPrefixEnabled
+ */
+ public boolean isVirtualPublicURLPrefixEnabled() {
+ return virtualPublicURLPrefixEnabled;
+ }
+
+ /**
+ * @param virtualPublicURLPrefixEnabled the virtualPublicURLPrefixEnabled to set
+ */
+ public void setVirtualPublicURLPrefixEnabled(
+ boolean virtualPublicURLPrefixEnabled) {
+ this.virtualPublicURLPrefixEnabled = virtualPublicURLPrefixEnabled;
+ }
+
+
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAAuthenticationData.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAAuthenticationData.java
index 9b0172a24..d0232e86a 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAAuthenticationData.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAAuthenticationData.java
@@ -31,17 +31,13 @@ import javax.servlet.http.HttpServletRequest;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.AuthComponentOA;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.BKUURLS;
-import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.DefaultBKUs;
-import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.MOAIDConfiguration;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.MOAKeyBoxSelector;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.Mandates;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OnlineApplication;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.TemplateType;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.TemplatesType;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.TestCredentials;
-import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.TestCredentialsCredentialOIDItem;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.TransformsInfoType;
-import at.gv.egovernment.moa.id.configuration.Constants;
import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
import at.gv.egovernment.moa.id.configuration.validation.oa.OAAuthenticationDataValidation;
import at.gv.egovernment.moa.util.MiscUtil;
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OARevisionsLogData.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OARevisionsLogData.java
index 441c879be..bb98d2e64 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OARevisionsLogData.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OARevisionsLogData.java
@@ -27,10 +27,8 @@ import java.util.List;
import javax.servlet.http.HttpServletRequest;
-import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OnlineApplication;
import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils;
-import at.gv.egovernment.moa.id.config.webgui.exception.ValidationObjectIdentifier;
import at.gv.egovernment.moa.id.config.webgui.helper.LanguageHelper;
import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
import at.gv.egovernment.moa.util.MiscUtil;
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicOAAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicOAAction.java
index e092d9e13..9ddb41d83 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicOAAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicOAAction.java
@@ -29,23 +29,21 @@ import java.io.File;
import java.io.FileInputStream;
import java.io.InputStream;
import java.util.ArrayList;
-import java.util.Date;
+import java.util.Arrays;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import org.apache.log4j.Logger;
-import edu.emory.mathcs.backport.java.util.Arrays;
-
import at.gv.egiz.components.configuration.meta.api.ConfigurationStorageException;
import at.gv.egovernment.moa.id.auth.builder.LoginFormBuilder;
import at.gv.egovernment.moa.id.commons.config.ConfigurationMigrationUtils;
import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
+import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.MOAIDConfiguration;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OnlineApplication;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.STORK;
-import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase;
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils;
import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java
index a658c3f34..504b598c0 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java
@@ -23,9 +23,13 @@
package at.gv.egovernment.moa.id.configuration.struts.action;
import java.math.BigInteger;
-import java.util.*;
-
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+import org.apache.commons.lang3.StringUtils;
import org.apache.log4j.Logger;
import at.gv.egiz.components.configuration.meta.api.ConfigurationStorageException;
@@ -58,6 +62,7 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.TimeOuts;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.TransformsInfoType;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.VerifyAuthBlock;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.VerifyIdentityLink;
+import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils;
import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
import at.gv.egovernment.moa.id.configuration.Constants;
import at.gv.egovernment.moa.id.configuration.data.GeneralMOAIDConfig;
@@ -179,7 +184,12 @@ public class EditGeneralConfigAction extends BasicAction {
String error = saveFormToDatabase();
if (error != null) {
log.warn("General MOA-ID config can not be stored in Database");
- addActionError(error);
+
+ //set new formID
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+
+ addActionError(error);
return Constants.STRUTS_ERROR_VALIDATION;
}
@@ -248,13 +258,27 @@ public class EditGeneralConfigAction extends BasicAction {
// if (oldauth != null)
// oldauthgeneral = oldauth.getGeneralConfiguration();
- //set Public URL Prefix
- String pubURLPrefix = moaconfig.getPublicURLPrefix();
- if(pubURLPrefix.endsWith("/")) {
- int length = pubURLPrefix.length();
- pubURLPrefix = pubURLPrefix.substring(0, length-1);
- }
- dbauthgeneral.setPublicURLPreFix(pubURLPrefix);
+ //set Public URL Prefix
+ String pubURLPrefix = moaconfig.getPublicURLPrefix();
+ if (moaconfig.isVirtualPublicURLPrefixEnabled()) {
+ dbauthgeneral.setPublicURLPreFix(
+ KeyValueUtils.normalizeCSVValueString(pubURLPrefix));
+
+ } else {
+ if (pubURLPrefix.contains(KeyValueUtils.CSV_DELIMITER)) {
+ dbauthgeneral.setPublicURLPreFix(
+ pubURLPrefix.trim().substring(0,
+ pubURLPrefix.indexOf(KeyValueUtils.CSV_DELIMITER)));
+
+ } else
+ dbauthgeneral.setPublicURLPreFix(
+ StringUtils.chomp(pubURLPrefix.trim()));
+
+ }
+
+ dbauthgeneral.setVirtualPublicURLPrefixEnabled(
+ moaconfig.isVirtualPublicURLPrefixEnabled());
+
// if (MiscUtil.isNotEmpty(moaconfig.getAlternativeSourceID()))
// dbauthgeneral.setAlternativeSourceID(moaconfig.getAlternativeSourceID());
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java
index a2c5da247..a9889da9c 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java
@@ -53,8 +53,6 @@ import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
import at.gv.egovernment.moa.id.util.Random;
import at.gv.egovernment.moa.util.MiscUtil;
-import com.fasterxml.jackson.core.JsonProcessingException;
-
public class ImportExportAction extends BasicAction {
private static final Logger log = Logger.getLogger(ImportExportAction.class);
@@ -150,7 +148,7 @@ public class ImportExportAction extends BasicAction {
}
- } catch (JsonProcessingException | JAXBException | FileNotFoundException e) {
+ } catch (JAXBException | FileNotFoundException e) {
log.info("Legacy configuration has an Import Error", e);
addActionError(LanguageHelper.getErrorString("errors.importexport.legacyimport", new Object[] {e.getMessage()}, request));
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/InterfederationIDPAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/InterfederationIDPAction.java
index 8be24edb4..384f0662f 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/InterfederationIDPAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/InterfederationIDPAction.java
@@ -271,7 +271,7 @@ public class InterfederationIDPAction extends BasicOAAction {
businessID = new IdentificationNumber();
onlineapplication.getAuthComponentOA().setIdentificationNumber(businessID);
}
- businessID.setValue(Constants.PREFIX_WPBK + "MOA-IDP");
+ businessID.setValue(Constants.PREFIX_WPBK + "MOA-IDP+MOA-IDP");
} else
onlineapplication.setTarget("MOA-IDP");
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/SAML2Utils.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/SAML2Utils.java
index fc310900e..eca4c05ef 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/SAML2Utils.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/SAML2Utils.java
@@ -94,6 +94,26 @@ public class SAML2Utils {
return document;
}
+// public static SignatureTrustEngine getSignatureKnownKeysTrustEngine() throws ConfigurationException {
+// MetadataCredentialResolver resolver;
+//
+// resolver = new MetadataCredentialResolver(ConfigurationProvider.getInstance().getMetaDataProvier());
+//
+// List<KeyInfoProvider> keyInfoProvider = new ArrayList<KeyInfoProvider>();
+// keyInfoProvider.add(new DSAKeyValueProvider());
+// keyInfoProvider.add(new RSAKeyValueProvider());
+// keyInfoProvider.add(new InlineX509DataProvider());
+//
+// KeyInfoCredentialResolver keyInfoResolver = new BasicProviderKeyInfoCredentialResolver(
+// keyInfoProvider);
+//
+// ExplicitKeySignatureTrustEngine engine = new ExplicitKeySignatureTrustEngine(
+// resolver, keyInfoResolver);
+//
+// return engine;
+//
+// }
+
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java
index 95502cedb..d4e8e957d 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java
@@ -28,10 +28,10 @@ import java.io.IOException;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
-import java.util.Map;
import javax.servlet.http.HttpServletRequest;
+import org.apache.commons.lang3.StringUtils;
import org.apache.log4j.Logger;
import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
@@ -39,8 +39,6 @@ import at.gv.egovernment.moa.id.configuration.Constants;
import at.gv.egovernment.moa.id.configuration.data.GeneralMOAIDConfig;
import at.gv.egovernment.moa.id.configuration.data.pvp2.ContactForm;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
-import at.gv.egovernment.moa.id.configuration.helper.StringHelper;
-import at.gv.egovernment.moa.id.configuration.validation.CompanyNumberValidator;
import at.gv.egovernment.moa.util.Base64Utils;
import at.gv.egovernment.moa.util.MiscUtil;
@@ -66,14 +64,29 @@ public class MOAConfigValidator {
check = form.getPublicURLPrefix();
if (MiscUtil.isNotEmpty(check)) {
- if (!ValidationHelper.validateURL(check)) {
- log.info("Public URL Prefix is not valid");
- errors.add(LanguageHelper.getErrorString("validation.general.publicURLprefix.valid", request));
- }
+ String[] publicURLPreFix = check.split(",");
+ if (form.isVirtualPublicURLPrefixEnabled()) {
+ for (String el : publicURLPreFix) {
+ if (!ValidationHelper.validateURL(
+ StringUtils.chomp(el.trim()))) {
+ log.info("Public URL Prefix " + el + " is not valid");
+ errors.add(LanguageHelper.getErrorString("validation.general.publicURLprefix.valid", new Object[]{el}, request));
+ }
+ }
+
+ } else {
+ if (!ValidationHelper.validateURL(
+ StringUtils.chomp(publicURLPreFix[0].trim()))) {
+ log.info("Public URL Prefix " + publicURLPreFix[0] + " is not valid");
+ errors.add(LanguageHelper.getErrorString("validation.general.publicURLprefix.valid", new Object[]{publicURLPreFix[0]}, request));
+
+ }
+
+ }
} else {
log.info("PublicURL Prefix is empty.");
errors.add(LanguageHelper.getErrorString("validation.general.publicURLprefix.empty", request));
- }
+ }
check = form.getTimeoutAssertion();
if (MiscUtil.isNotEmpty(check)) {
@@ -401,7 +414,7 @@ public class MOAConfigValidator {
- if (form.getFileUploadFileName() != null) {
+ if (form.getFileUploadFileName() != null && !form.getFileUploadFileName().isEmpty()) {
HashMap<String, byte[]> map = new HashMap<String, byte[]>();
for (int i=0; i<form.getFileUploadFileName().size(); i++) {
String filename = form.getFileUploadFileName().get(i);
@@ -426,7 +439,15 @@ public class MOAConfigValidator {
}
}
}
+
form.setSecLayerTransformation(map);
+
+ } else {
+ if (form.getSecLayerTransformation() == null) {
+ log.info("AuthBlock Transformation file is empty");
+ errors.add(LanguageHelper.getErrorString("validation.general.slrequest.file.empty", request));
+
+ }
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java
index 35b69274f..6476ea1f1 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java
@@ -43,6 +43,7 @@ import org.opensaml.saml2.metadata.provider.MetadataProviderException;
import org.opensaml.xml.parse.BasicParserPool;
import org.opensaml.xml.security.x509.BasicX509Credential;
+import at.gv.egovernment.moa.id.commons.MOAIDConstants;
import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
import at.gv.egovernment.moa.id.commons.ex.MOAHttpProtocolSocketFactoryException;
import at.gv.egovernment.moa.id.commons.utils.MOAHttpProtocolSocketFactory;
@@ -76,9 +77,20 @@ public class OAPVP2ConfigValidation {
else {
try {
- //OracleDB does not allow the selection of a lob in SQL where expression
- String dbDriver = ConfigurationProvider.getInstance().getConfigurationProperties().getProperty("hibernate.connection.driver_class");
- boolean backupVersion = MiscUtil.isNotEmpty(dbDriver) && dbDriver.startsWith("oracle.jdbc.");
+ //Some databases does not allow the selection of a lob in SQL where expression
+ String dbDriver = ConfigurationProvider.getInstance().getConfigurationProperties().getProperty("hibernate.connection.driver_class");
+ boolean backupVersion = false;
+ if (MiscUtil.isNotEmpty(dbDriver)) {
+ for (String el:MOAIDConstants.JDBC_DRIVER_NEEDS_WORKAROUND) {
+ if (dbDriver.startsWith(el)) {
+ backupVersion = true;
+ log.debug("JDBC driver '" + dbDriver
+ + "' is blacklisted --> Switch to alternative DB access methode implementation.");
+
+ }
+
+ }
+ }
Map<String, String> oa = ConfigurationProvider.getInstance().getDbRead().getOnlineApplicationKeyValueWithId(oaID, backupVersion);
if (oa != null &&
diff --git a/id/ConfigWebTool/src/main/resources/applicationResources_de.properties b/id/ConfigWebTool/src/main/resources/applicationResources_de.properties
index 36c952ad0..ab404f65b 100644
--- a/id/ConfigWebTool/src/main/resources/applicationResources_de.properties
+++ b/id/ConfigWebTool/src/main/resources/applicationResources_de.properties
@@ -7,6 +7,8 @@ config.03=Hibernate Database connector can not be initialized
config.04=OpenSAML (PVP2 Login) can not be initialized
config.05=Configuration file not defined
+error.initialization.pvplogin=PVP2 authentication can not be initialized.
+
error.title=Fehler:
error.login.internal=W\u00E4hrend der Verarbeitung ist ein interner Fehler aufgetreten. Bitte Versuchen Sie es nocheinmal oder kontaktieren Sie den Administrator.
error.general.text=W\u00E4hrend der Verarbeitung ist ein interner Fehler aufgetreten. Bitte Versuchen Sie es nocheinmal oder kontaktieren Sie den Administrator.
@@ -125,6 +127,7 @@ webpages.inderfederation.gateway.entityID=EntityID des PVP Portals
webpages.moaconfig.save.success=Die MOA-ID Konfiguration wurde erfolgreich gespeichert.
webpages.moaconfig.header=Allgemeine Konfiguration
webpages.oaconfig.general.publicURLPreFix=Public URL Prefix
+webpages.moaconfig.general.virtualPublicURLPrefixEnabled=Virtuelle IDP aktivieren
webpages.moaconfig.defaultbkus.header=Default BKUs
webpages.moaconfig.slrequesttemplates.header=SecurityLayer Request Templates
webpages.moaconfig.slrequesttemplates.local=Locale BKU
@@ -438,8 +441,8 @@ validation.general.szrgw.url.valid=Die URL des SZR Gateways hat kein g\u00F6ltig
validation.general.trustedcacerts.empty=Das Feld TrustedCACertificates ist leer.
validation.general.trustedcacerts.valid=Das Feld TrustedCACertificates enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
validation.general.slrequest.filename.valid=Der Dateiname der angegebenen SecurtityLayer Transformation enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
-validation.general.slrequest.file.valid=Die angegebenen SecurtityLayer Transformation konnte nicht geladen werden.
-validation.general.slrequest.file.empty=Die SecurtityLayer Transformation fehlt.
+validation.general.slrequest.file.valid=Die angegebenen AuthBlock Transformation konnte nicht geladen werden.
+validation.general.slrequest.file.empty=Die AuthBlock Transformation fehlt.
validation.general.aditionalauthblocktext=Der Zusatztext f\u00FCr den AuthBlock enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
validation.general.bku.handy.empty=Die URL f\u00FCr die Handy-BKU ist leer.
diff --git a/id/ConfigWebTool/src/main/resources/applicationResources_en.properties b/id/ConfigWebTool/src/main/resources/applicationResources_en.properties
index 439b1111e..29db35a0e 100644
--- a/id/ConfigWebTool/src/main/resources/applicationResources_en.properties
+++ b/id/ConfigWebTool/src/main/resources/applicationResources_en.properties
@@ -7,6 +7,8 @@ config.03=Hibernate Database connector can not be initialized
config.04=OpenSAML (PVP2 Login) can not be initialized
config.05=Configuration file is not defined
+error.initialization.pvplogin=PVP2 authentication can not be initialized.
+
error.title=Error:
error.login.internal=The error occurred during the processing. Please try again or contact Administrator.
error.general.text=During the processing the error condition occured. Please try again or contact the administrator.
@@ -124,6 +126,7 @@ webpages.inderfederation.gateway.entityID=PVP portal EntityID
webpages.moaconfig.save.success=MOA-ID has been successfully saved.
webpages.moaconfig.header=General configuration
webpages.oaconfig.general.publicURLPreFix=Public URL Prefix
+webpages.moaconfig.general.virtualPublicURLPrefixEnabled=Enable virtual IDPs
webpages.moaconfig.defaultbkus.header=Default CCE
webpages.moaconfig.slrequesttemplates.header=SecurityLayer Request Templates
webpages.moaconfig.slrequesttemplates.local=Local CCE
@@ -384,7 +387,7 @@ validation.edituser.bpk.valid=BPK contains forbidden characters. The following c
validation.general.SAML1SourceID=SAML1SourceID contains forbidden characters. The following characters are not allowed\: {0}
validation.general.publicURLprefix.empty=Public URL Prefix is blank.
-validation.general.publicURLprefix.valid=Public URL Prefix has invalid format.
+validation.general.publicURLprefix.valid=Public URL Prefix {0} has invalid format.
validation.general.certStoreDirectory.empty=CertStoreDirectory is blank.
validation.general.certStoreDirectory.valid=CertStoreDirectory Feld contains forbidden characters. The following characters are not allowed\: {0}
validation.general.Defaultchainigmode.empty=There is no DefaultChainingMode selected.
@@ -436,7 +439,8 @@ validation.general.szrgw.url.valid=URL for SZR Gateway has invalid format.
validation.general.trustedcacerts.empty=Field TrustedCACertificates is blank.
validation.general.trustedcacerts.valid=Das Feld TrustedCACertificates contains forbidden characters. The following characters are not allowed\: {0}
validation.general.slrequest.filename.valid=File name of provided SecurityLayer Transformation contains forbidden characters. The following characters are not allowed\: {0}
-validation.general.slrequest.file.valid=The provided SecurityLayer Transformation could not be loaded.
+validation.general.slrequest.file.valid=The provided AuthBlock-Transformation is not loadable.
+validation.general.slrequest.file.empty=No AuthBlock-Transformation found.
validation.general.aditionalauthblocktext=The additional text for AuthBlock contains forbidden characters. The following characters are not allowed\: {0}
validation.general.bku.handy.empty=URL for Mobile-CCE is blank.
diff --git a/id/ConfigWebTool/src/main/webapp/css/index.css b/id/ConfigWebTool/src/main/webapp/css/index.css
index 4cbfba19b..00a2fa851 100644
--- a/id/ConfigWebTool/src/main/webapp/css/index.css
+++ b/id/ConfigWebTool/src/main/webapp/css/index.css
@@ -664,3 +664,8 @@ div .wwgrp br {
#stork_attributelist .wwctrl input[type="checkbox"]{
margin-left:20px;
}
+
+#loadGeneralConfig_moaconfig_publicURLPrefix {
+ resize: none;
+
+}
diff --git a/id/ConfigWebTool/src/main/webapp/js/common.js b/id/ConfigWebTool/src/main/webapp/js/common.js
index fb71854c2..f17ee3623 100644
--- a/id/ConfigWebTool/src/main/webapp/js/common.js
+++ b/id/ConfigWebTool/src/main/webapp/js/common.js
@@ -272,4 +272,25 @@ function newAp() {
clone.innerHTML = clone.innerHTML.replace(/name="storkOA.attributeProviderPlugins\[\d/g, 'name="storkOA.attributeProviderPlugins[' + nextindex);
clone.innerHTML = clone.innerHTML.replace(/(.*" value=").*?(".*)/g, '$1$2');
target.parentNode.appendChild(clone);
-} \ No newline at end of file
+}
+
+function setPublicURLPrefixTestBox(checkbox) {
+ if (checkbox.checked) {
+ var textarea = $("#loadGeneralConfig_moaconfig_publicURLPrefix");
+ textarea.attr("rows", 6);
+ textarea.height(120);
+
+ } else {
+ var textarea = $("#loadGeneralConfig_moaconfig_publicURLPrefix");
+ textarea.attr("rows", 1);
+ textarea.height(25);
+
+ }
+ return true;
+}
+
+function generalConfigLoadEvent() {
+ var value = $("#loadGeneralConfig_moaconfig_publicURLPrefix").val();
+ $("#loadGeneralConfig_moaconfig_publicURLPrefix").val(value.replace(/,/g,",\n"));
+ return true;
+}
diff --git a/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp b/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp
index bc8c57ec2..ac2c8de5a 100644
--- a/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp
+++ b/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp
@@ -16,7 +16,7 @@
</head>
- <body>
+ <body onload="generalConfigLoadEvent();">
<jsp:include page="snippets/header_userinfos.jsp"></jsp:include>
@@ -37,13 +37,38 @@
<s:form namespace="/secure" method="POST" enctype="multipart/form-data">
- <s:textfield name="moaconfig.publicURLPrefix"
- value="%{moaconfig.publicURLPrefix}"
- labelposition="left"
- key="webpages.oaconfig.general.publicURLPreFix"
- cssClass="textfield_long">
- </s:textfield>
+ <s:if test="moaconfig.isVirtualPublicURLPrefixEnabled()">
+ <s:textarea name="moaconfig.publicURLPrefix"
+ value="%{moaconfig.publicURLPrefix}"
+ labelposition="left"
+ key="webpages.oaconfig.general.publicURLPreFix"
+ cssClass="textfield_long"
+ rows="6"
+ requiredLabel="true"
+ style="height:120px;">
+ </s:textarea>
+ </s:if>
+ <s:else>
+ <s:textarea name="moaconfig.publicURLPrefix"
+ value="%{moaconfig.publicURLPrefix}"
+ labelposition="left"
+ key="webpages.oaconfig.general.publicURLPreFix"
+ cssClass="textfield_long"
+ rows="1"
+ requiredLabel="true"
+ style="height:25px;">
+ </s:textarea>
+ </s:else>
+ <s:checkbox name="moaconfig.virtualPublicURLPrefixEnabled"
+ value="%{moaconfig.virtualPublicURLPrefixEnabled}"
+ labelposition="left"
+ key="webpages.moaconfig.general.virtualPublicURLPrefixEnabled"
+ cssClass="checkbox"
+ onchange="setPublicURLPrefixTestBox(this);">
+ </s:checkbox>
+
+
<div class="oa_config_block">
<h3><%=LanguageHelper.getGUIString("webpages.moaconfig.defaultbkus.header", request) %></h3>