aboutsummaryrefslogtreecommitdiff
path: root/id/moa-id-webgui/src/main
diff options
context:
space:
mode:
Diffstat (limited to 'id/moa-id-webgui/src/main')
-rw-r--r--id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/MOAIDConfigurationModul.java277
-rw-r--r--id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/MOAIDSpringResourceProvider.java86
-rw-r--r--id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/MOAIDWebGUIConfiguration.java160
-rw-r--r--id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/exception/ConfigurationException.java48
-rw-r--r--id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/exception/ConfigurationModulValidationException.java53
-rw-r--r--id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/exception/ConfigurationTaskValidationException.java54
-rw-r--r--id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/exception/ConfigurationValidationException.java74
-rw-r--r--id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/exception/SchemaValidationException.java43
-rw-r--r--id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/exception/SignatureValidationException.java58
-rw-r--r--id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/exception/ValidationObjectIdentifier.java66
-rw-r--r--id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/helper/GUIDataParser.java67
-rw-r--r--id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/helper/LanguageHelper.java81
-rw-r--r--id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/MOAIDConfigurationValidator.java311
-rw-r--r--id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/modul/AbstractModuleValidator.java148
-rw-r--r--id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/modul/IModuleValidator.java79
-rw-r--r--id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/modul/impl/GatewayValidator.java58
-rw-r--r--id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/modul/impl/GeneralConfigurationValidator.java62
-rw-r--r--id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/modul/impl/InterfederationIDPValidator.java57
-rw-r--r--id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/modul/impl/OnlineApplicationValidator.java71
-rw-r--r--id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/modul/impl/VIDPValidator.java61
-rw-r--r--id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/AbstractTaskValidator.java106
-rw-r--r--id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/IDynamicLoadableTaskValidator.java39
-rw-r--r--id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/ITaskValidator.java79
-rw-r--r--id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralMOAIDConfigurationTask.java615
-rw-r--r--id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralOpenIDConfigurationTask.java95
-rw-r--r--id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralPVP2XConfigurationTask.java236
-rw-r--r--id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralRevisionLogTask.java152
-rw-r--r--id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralSTORKConfigurationTask.java612
-rw-r--r--id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesAuthenticationInformationTask.java246
-rw-r--r--id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesAuthenticationSTORKTask.java301
-rw-r--r--id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesBKUSelectionTask.java426
-rw-r--r--id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesGeneralInformationTask.java215
-rw-r--r--id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesInterfederationIDPTask.java116
-rw-r--r--id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesPVPGatewayTask.java121
-rw-r--r--id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesProtocolOpenIDTask.java152
-rw-r--r--id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesProtocolPVP2XTask.java338
-rw-r--r--id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesProtocolSAML1Task.java114
-rw-r--r--id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesProtocolSTORKTask.java273
-rw-r--r--id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesReversionLogTask.java162
-rw-r--r--id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesSSOAuthenticationTask.java101
-rw-r--r--id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesTargetTask.java223
-rw-r--r--id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesbPKDecryptionTask.java137
-rw-r--r--id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/utils/CompanyNumberValidator.java78
-rw-r--r--id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/utils/IdentificationNumberValidator.java29
-rw-r--r--id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/utils/MetaDataVerificationFilter.java122
-rw-r--r--id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/utils/SchemaValidationFilter.java98
-rw-r--r--id/moa-id-webgui/src/main/resources/META-INF/services/at.gv.egiz.components.configuration.meta.api.ConfigurationModul1
-rw-r--r--id/moa-id-webgui/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider1
-rw-r--r--id/moa-id-webgui/src/main/resources/META-INF/services/at.gv.egovernment.moa.id.config.webgui.validation.modul.IModuleValidator5
-rw-r--r--id/moa-id-webgui/src/main/resources/META-INF/services/at.gv.egovernment.moa.id.config.webgui.validation.task.IDynamicLoadableTaskValidator5
-rw-r--r--id/moa-id-webgui/src/main/resources/applicationResources_de.properties525
-rw-r--r--id/moa-id-webgui/src/main/resources/applicationResources_en.properties522
-rw-r--r--id/moa-id-webgui/src/main/resources/gui/meta.properties76
-rw-r--r--id/moa-id-webgui/src/main/resources/gui/types/gateway.json50
-rw-r--r--id/moa-id-webgui/src/main/resources/gui/types/general.json480
-rw-r--r--id/moa-id-webgui/src/main/resources/gui/types/iidp.json124
-rw-r--r--id/moa-id-webgui/src/main/resources/gui/types/oa.json702
-rw-r--r--id/moa-id-webgui/src/main/resources/gui/types/vidp.json371
-rw-r--r--id/moa-id-webgui/src/main/resources/moaid.webgui.beans.xml24
59 files changed, 9986 insertions, 0 deletions
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/MOAIDConfigurationModul.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/MOAIDConfigurationModul.java
new file mode 100644
index 000000000..59f36f475
--- /dev/null
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/MOAIDConfigurationModul.java
@@ -0,0 +1,277 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.config.webgui;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.util.ArrayList;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+import java.util.Map.Entry;
+
+import org.apache.commons.io.IOUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
+
+import at.gv.egiz.components.configuration.api.Configuration;
+import at.gv.egiz.components.configuration.api.ConfigurationException;
+import at.gv.egiz.components.configuration.file.PropertiesBasedConfiguration;
+import at.gv.egiz.components.configuration.meta.api.ConfigurationModul;
+import at.gv.egiz.components.configuration.meta.api.ConfigurationStorageException;
+import at.gv.egiz.components.configuration.meta.api.MetadataConfiguration;
+import at.gv.egiz.components.configuration.meta.api.SchemaEntry;
+import at.gv.egiz.components.configuration.meta.api.impl.BaseMetadataConfiguration;
+import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
+import at.gv.egovernment.moa.id.commons.config.persistence.MOAIDConfiguration;
+import at.gv.egovernment.moa.id.commons.config.persistence.MOAIDConfigurationImpl;
+import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils;
+import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationValidationException;
+import at.gv.egovernment.moa.id.config.webgui.validation.MOAIDConfigurationValidator;
+
+/**
+ * @author tlenz
+ *
+ */
+@Service
+public class MOAIDConfigurationModul implements ConfigurationModul{
+
+ private static final String MODULE_NAME = "MOAIDConfigurationModul";
+
+ private static MOAIDConfiguration config;
+ private static Configuration meta;
+ private static MetadataConfiguration metadata = null;
+
+ private List<SchemaEntry> schemaList = new ArrayList<SchemaEntry>();
+ private static final Logger logger = LoggerFactory.getLogger(MOAIDConfigurationModul.class);
+
+ static {
+ logger.info("Loading class {}", MOAIDConfigurationModul.class.getName());
+ try {
+ meta = new PropertiesBasedConfiguration(MOAIDConfigurationModul.class.getResourceAsStream("/gui/meta.properties"));
+
+ } catch (IOException | ConfigurationException e) {
+ logger.error("Failed to build internal datasets in MOAIDConfiguration modul!");
+
+ }
+ }
+
+ @Autowired
+ public void setDatabaseConfiguration(MOAIDConfiguration dbconfig) {
+ config = dbconfig;
+ }
+
+ /**
+ * @throws Exception
+ *
+ */
+ public MOAIDConfigurationModul() throws Exception {
+ loadType("general", "/gui/types/general.json");
+ loadType("moaidoa", "/gui/types/oa.json");
+ loadType("moaidvidp", "/gui/types/vidp.json");
+ loadType("moaidiidp", "/gui/types/iidp.json");
+ loadType("moaidgateway", "/gui/types/gateway.json");
+
+ try {
+ MOAIDWebGUIConfiguration.getInstance();
+
+ } catch (at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationException e) {
+ logger.error("MOA-ID WebGUI initialization FAILED! (Reason: {})", e.getMessage());
+ throw new Exception(e);
+
+ }
+
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egiz.components.configuration.meta.api.ConfigurationModul#getSchemas()
+ */
+ @Override
+ public List<SchemaEntry> getSchemas() {
+ return schemaList;
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egiz.components.configuration.meta.api.ConfigurationModul#getName()
+ */
+ @Override
+ public String getName() {
+ return MODULE_NAME;
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egiz.components.configuration.meta.api.ConfigurationModul#getPrefix()
+ */
+ @Override
+ public String getPrefix() {
+ return MOAIDConfigurationConstants.PREFIX_MOAID;
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egiz.components.configuration.meta.api.ConfigurationModul#getConfigurationAccess()
+ */
+ @Override
+ public Configuration getConfigurationAccess() {
+ return config;
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egiz.components.configuration.meta.api.ConfigurationModul#getMetadataConfiguration()
+ */
+ @Override
+ public MetadataConfiguration getMetadataConfiguration() {
+ if (metadata == null) {
+ metadata = new BaseMetadataConfiguration(config, meta);
+
+ }
+ return metadata;
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egiz.components.configuration.meta.api.ConfigurationModul#buildArrayIdentifier(java.lang.String, int, java.util.Map)
+ */
+ @Override
+ public String buildArrayIdentifier(String arrayId, int refCounter,
+ Map<String, String> properties) throws ConfigurationException {
+ logger.trace("Search next free list index for key: " + arrayId);
+
+ if (arrayId.startsWith(MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES)) {
+ String[] allListKeys = config.findConfigurationId(arrayId + ".%." + MOAIDConfigurationConstants.SERVICE_UNIQUEIDENTIFIER);
+ int freeIndex = KeyValueUtils.findNextFreeListCounter(allListKeys, arrayId) + refCounter;
+ logger.debug("Found free listIndex: " + freeIndex + " for serviceKey: " + arrayId);
+ return String.valueOf(freeIndex);
+
+ } else {
+ logger.warn("Actually, only services are from type array and need an index.");
+ throw new ConfigurationException("Actually, only services are from type array and need an index.");
+
+ }
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egiz.components.configuration.meta.api.ConfigurationModul#storeChanges(java.util.Map, java.util.Map, java.util.List)
+ */
+ @Override
+ public void storeChanges(Map<String, String> changed,
+ Map<String, String> added, List<String> deleted)
+ throws ConfigurationStorageException {
+
+ logger.debug("Start configuration saving process ...");
+ MOAIDConfigurationValidator configValidator = new MOAIDConfigurationValidator();
+ if (deleted == null)
+ deleted = new ArrayList<String>();
+
+ int numOfGroups = configValidator.preProcess(changed, added, deleted);
+
+ if (configValidator.getPreProcessedConfigurationData() != null &&
+ numOfGroups > 0) {
+ logger.trace("Validate {} groups of key/value pairs", numOfGroups);
+ try {
+ configValidator.validate();
+
+ } catch (ConfigurationValidationException e) {
+ logger.warn("Validation of MOA-ID configuration FAILED.");
+
+ //TODO: update ConfigurationStorageException to add specific information of validation errors
+ throw new ConfigurationStorageException(e.getFormatedErrorMessage(),
+ e, false, false);
+ }
+
+ try {
+ logger.trace("PreProcess configuration before saving.");
+ Map<String, String> configToStore = configValidator.postProcessing(deleted);
+
+ //store all keys
+ logger.debug("Store {} key/value pairs to configuration", configToStore.size());
+ Iterator<Entry<String, String>> storageInterator = configToStore.entrySet().iterator();
+ while (storageInterator.hasNext()) {
+ Entry<String, String> el = storageInterator.next();
+ try {
+ config.setStringValue(el.getKey(), el.getValue());
+ logger.trace("Store key: " + el.getKey() + " with value: "
+ + el.getValue());
+
+ } catch (ConfigurationException e) {
+ logger.error("Store key: " + el.getKey() + " with value: "
+ + el.getValue() + " FAILED.", e);
+
+ }
+ }
+
+ //delete all unused keys
+ deleteEntries(deleted);
+
+ } catch (Exception e) {
+ logger.warn("Configuration post-processing FAILED.", e);
+ throw new ConfigurationStorageException("Configuration can not be stored.", e);
+
+ }
+
+
+ } else if (deleted != null && deleted.size() > 0) {
+ deleteEntries(deleted);
+
+
+ } else {
+ logger.info("Configuration saving process finished without operations: No key/value pairs found.");
+
+ }
+ }
+
+ private void deleteEntries(List<String> deleted) {
+ if (deleted != null) {
+ logger.debug("Delete {} keys pairs from configuration", deleted.size());
+ Iterator<String> deleteInterator = deleted.iterator();
+ while (deleteInterator.hasNext()) {
+ String el = deleteInterator.next();
+ try {
+ config.deleteIds(el);
+ logger.trace("Delete key {}", el);
+
+ } catch (ConfigurationException e) {
+ logger.error("Delete key: " + el + " FAILED.", e);
+
+ }
+ }
+ }
+
+ }
+
+ private void loadType(String name, String resource) {
+ InputStream is = null;
+ try {
+ SchemaEntry entry = new SchemaEntry();
+ is = MOAIDConfigurationModul.class.getResourceAsStream(resource);
+ entry.jsonSchema = IOUtils.toString(is);
+ entry.typeName = name;
+ schemaList.add(entry);
+ } catch (IOException e) {
+ logger.error("Failed to load Type OA!", e);
+ } finally {
+ IOUtils.closeQuietly(is);
+ }
+ }
+
+}
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/MOAIDSpringResourceProvider.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/MOAIDSpringResourceProvider.java
new file mode 100644
index 000000000..f9f8d1d2d
--- /dev/null
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/MOAIDSpringResourceProvider.java
@@ -0,0 +1,86 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.config.webgui;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.core.io.ClassPathResource;
+import org.springframework.core.io.Resource;
+
+import at.gv.egiz.components.spring.api.SpringResourceProvider;
+import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationException;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.impl.ServicesProtocolPVP2XTask;
+
+/**
+ * @author tlenz
+ *
+ */
+public class MOAIDSpringResourceProvider implements SpringResourceProvider {
+
+ private static final Logger log = LoggerFactory.getLogger(MOAIDSpringResourceProvider.class);
+
+ /* (non-Javadoc)
+ * @see at.gv.egiz.components.spring.api.SpringResourceProvider#getResourcesToLoad()
+ */
+ @Override
+ public Resource[] getResourcesToLoad() {
+// try {
+ //TODO: is not a nice solution -> fix in futher version
+ //MOAIDWebGUIConfiguration moaIdWebguiConfig = MOAIDWebGUIConfiguration.getInstance();
+ //JPAPropertiesWithJavaConfig.setLocalProperties(moaIdWebguiConfig.getDatabaseProperties());
+
+ ClassPathResource databasecontextconfig = new ClassPathResource("/configuration.beans.xml", MOAIDSpringResourceProvider.class);
+ ClassPathResource webguicontextconfig = new ClassPathResource("/moaid.webgui.beans.xml", MOAIDSpringResourceProvider.class);
+ ClassPathResource webguidatabasecontextconfig = new ClassPathResource("/moaid.migration.beans.xml", MOAIDSpringResourceProvider.class);
+
+
+
+ return new Resource[] {databasecontextconfig, webguidatabasecontextconfig, webguicontextconfig};
+
+// } catch (ConfigurationException e) {
+// log.error("Can not load MOA-ID WebGUI configuration.", e);
+// return null;
+//
+// }
+
+
+
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egiz.components.spring.api.SpringResourceProvider#getPackagesToScan()
+ */
+ @Override
+ public String[] getPackagesToScan() {
+ return null;
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egiz.components.spring.api.SpringResourceProvider#getName()
+ */
+ @Override
+ public String getName() {
+ return "MOAIDConfiguration_SpringResourceDefinition";
+ }
+
+}
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/MOAIDWebGUIConfiguration.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/MOAIDWebGUIConfiguration.java
new file mode 100644
index 000000000..0a3a9eef8
--- /dev/null
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/MOAIDWebGUIConfiguration.java
@@ -0,0 +1,160 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.config.webgui;
+
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.FileNotFoundException;
+import java.io.IOException;
+import java.net.URI;
+import java.net.URISyntaxException;
+import java.util.Properties;
+
+import org.opensaml.DefaultBootstrap;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.stereotype.Service;
+
+import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
+import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationException;
+import at.gv.egovernment.moa.util.FileUtils;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+/**
+ * @author tlenz
+ *
+ */
+@Service
+public class MOAIDWebGUIConfiguration {
+
+ private static final String SYSTEM_PROP_CONFIG = "moa.id.webconfig";
+
+ private static final Logger log = LoggerFactory.getLogger(MOAIDWebGUIConfiguration.class);
+
+
+
+ private Properties props;
+ private String configFileName;
+ private String configRootDir;
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.commons.config.persistence.LocalConfigurationBean#getLocalDatabaseProperties()
+ */
+
+ private static MOAIDWebGUIConfiguration instance = null;
+
+ public static MOAIDWebGUIConfiguration getInstance() throws ConfigurationException {
+ if (instance == null) {
+ instance = new MOAIDWebGUIConfiguration();
+
+ }
+ return instance;
+ }
+
+
+ MOAIDWebGUIConfiguration() throws ConfigurationException {
+ configFileName = System.getProperty(SYSTEM_PROP_CONFIG);
+
+ if (configFileName == null) {
+ throw new ConfigurationException("config.05");
+ }
+ try {
+ URI fileURI = new URI(configFileName);
+
+ // determine the directory of the root config file
+ configRootDir = new File(fileURI).getParent();
+
+ log.info("Loading MOA-ID WebGUI configuration from file " + fileURI);
+
+ //Load MOAID-2.0 properties file
+
+ File propertiesFile = new File(fileURI);
+ FileInputStream fis;
+ props = new Properties();
+
+ fis = new FileInputStream(propertiesFile);
+ props.load(fis);
+
+ fis.close();
+
+ log.debug("OpenSAML initialization started ...");
+ DefaultBootstrap.bootstrap();
+ log.info("OpenSAML initialization complete.");
+
+ log.info("Pre-Initialization step of MOA-ID WebGUI module finished ... ");
+
+
+ } catch (FileNotFoundException e) {
+ throw new ConfigurationException("config.01", new Object[]{configFileName}, e);
+
+ } catch (IOException e) {
+ throw new ConfigurationException("config.02", new Object[]{configFileName}, e);
+
+ } catch (org.opensaml.xml.ConfigurationException e) {
+ throw new ConfigurationException("config.04", e);
+
+ } catch (URISyntaxException e) {
+ throw new ConfigurationException("config.06", new Object[]{MOAIDConfigurationConstants.FILE_URI_PREFIX, configFileName}, e);
+
+ }
+ }
+
+// @Override
+// protected Properties getLocalDatabaseProperties() {
+// return this.props;
+// }
+
+ public String getConfigFile() {
+ return configFileName;
+ }
+
+ public String getConfigRootDir() {
+ return configRootDir;
+ }
+
+ public String getCertStoreDirectory() throws ConfigurationException {
+ String dir = props.getProperty("general.ssl.certstore");
+ if (MiscUtil.isNotEmpty(dir))
+ return FileUtils.makeAbsoluteURL(dir, configRootDir);
+
+ else
+ throw new ConfigurationException("No SSLCertStore configured use default JAVA TrustStore.");
+
+ }
+
+ public String getTrustStoreDirectory() throws ConfigurationException {
+ String dir = props.getProperty("general.ssl.truststore");
+ if (MiscUtil.isNotEmpty(dir))
+ return FileUtils.makeAbsoluteURL(dir, configRootDir);
+
+ else
+ throw new ConfigurationException("No SSLTrustStore configured use default JAVA TrustStore.");
+
+ }
+
+ public boolean isPVPMetadataSchemaValidationActive() {
+ return Boolean.parseBoolean(props.getProperty("general.pvp.schemavalidation", "true"));
+
+ }
+
+}
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/exception/ConfigurationException.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/exception/ConfigurationException.java
new file mode 100644
index 000000000..2f2decab9
--- /dev/null
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/exception/ConfigurationException.java
@@ -0,0 +1,48 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
+package at.gv.egovernment.moa.id.config.webgui.exception;
+
+import at.gv.egovernment.moa.id.config.webgui.helper.LanguageHelper;
+
+
+public class ConfigurationException extends Exception {
+
+ private static final long serialVersionUID = 1L;
+
+ public ConfigurationException(String errorname) {
+ super(LanguageHelper.getErrorString(errorname, null));
+ }
+
+ public ConfigurationException(String errorname, Throwable e) {
+ super(LanguageHelper.getErrorString(errorname, null), e);
+ }
+
+ public ConfigurationException(String errorname, Object[] params, Throwable e) {
+ super(LanguageHelper.getErrorString(errorname, params), e);
+ }
+
+ public ConfigurationException(Throwable e) {
+ super(e);
+ }
+
+}
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/exception/ConfigurationModulValidationException.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/exception/ConfigurationModulValidationException.java
new file mode 100644
index 000000000..b2103da54
--- /dev/null
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/exception/ConfigurationModulValidationException.java
@@ -0,0 +1,53 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.config.webgui.exception;
+
+import java.util.Arrays;
+import java.util.List;
+
+/**
+ * @author tlenz
+ *
+ */
+public class ConfigurationModulValidationException extends
+ ConfigurationValidationException {
+
+ /**
+ * @param errors
+ */
+ public ConfigurationModulValidationException(
+ List<ValidationObjectIdentifier> errors) {
+ super(errors);
+ }
+
+ /**
+ * @param validationObjectIdentifier
+ */
+ public ConfigurationModulValidationException(
+ ValidationObjectIdentifier validationObjectIdentifier) {
+ super(Arrays.asList(validationObjectIdentifier));
+ }
+
+ private static final long serialVersionUID = 2961444276927305856L;
+
+}
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/exception/ConfigurationTaskValidationException.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/exception/ConfigurationTaskValidationException.java
new file mode 100644
index 000000000..6ce2ccbb6
--- /dev/null
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/exception/ConfigurationTaskValidationException.java
@@ -0,0 +1,54 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.config.webgui.exception;
+
+import java.util.Arrays;
+import java.util.List;
+
+/**
+ * @author tlenz
+ *
+ */
+public class ConfigurationTaskValidationException extends
+ ConfigurationModulValidationException {
+
+ /**
+ * @param errors
+ */
+ public ConfigurationTaskValidationException(
+ List<ValidationObjectIdentifier> errors) {
+ super(errors);
+ }
+
+ /**
+ * @param validationObjectIdentifier
+ */
+ public ConfigurationTaskValidationException(
+ ValidationObjectIdentifier validationObjectIdentifier) {
+ super(Arrays.asList(validationObjectIdentifier));
+
+ }
+
+ private static final long serialVersionUID = -8983804572579884044L;
+
+}
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/exception/ConfigurationValidationException.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/exception/ConfigurationValidationException.java
new file mode 100644
index 000000000..1b5020eb3
--- /dev/null
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/exception/ConfigurationValidationException.java
@@ -0,0 +1,74 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.config.webgui.exception;
+
+import java.io.UnsupportedEncodingException;
+import java.nio.charset.Charset;
+import java.util.List;
+
+import com.fasterxml.jackson.databind.node.ArrayNode;
+import com.fasterxml.jackson.databind.node.JsonNodeFactory;
+
+/**
+ * @author tlenz
+ *
+ */
+public class ConfigurationValidationException extends Exception {
+
+ private static final long serialVersionUID = 1L;
+
+ List<ValidationObjectIdentifier> errors = null;
+
+ /**
+ *
+ */
+ public ConfigurationValidationException(List<ValidationObjectIdentifier> errors) {
+ this.errors = errors;
+ }
+
+ public List<ValidationObjectIdentifier> getValidationErrors() {
+ return this.errors;
+
+ }
+
+ /**
+ * @return
+ */
+ public String getFormatedErrorMessage() {
+
+ ArrayNode valuesArray = JsonNodeFactory.instance.arrayNode();
+ for (ValidationObjectIdentifier el : errors) {
+ valuesArray.add(el.getMessage());
+ }
+
+ try {
+ return new String(valuesArray.toString().getBytes(), "ISO-8859-1");
+
+ } catch (UnsupportedEncodingException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ return valuesArray.textValue();
+ }
+ }
+
+}
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/exception/SchemaValidationException.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/exception/SchemaValidationException.java
new file mode 100644
index 000000000..3c0827a62
--- /dev/null
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/exception/SchemaValidationException.java
@@ -0,0 +1,43 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.config.webgui.exception;
+
+import org.opensaml.saml2.metadata.provider.FilterException;
+
+/**
+ * @author tlenz
+ *
+ */
+public class SchemaValidationException extends FilterException {
+
+ /**
+ * @param string
+ */
+ public SchemaValidationException(String string) {
+ super(string);
+
+ }
+
+ private static final long serialVersionUID = 1L;
+
+}
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/exception/SignatureValidationException.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/exception/SignatureValidationException.java
new file mode 100644
index 000000000..7c4c48e6b
--- /dev/null
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/exception/SignatureValidationException.java
@@ -0,0 +1,58 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.config.webgui.exception;
+
+import org.opensaml.saml2.metadata.provider.FilterException;
+
+/**
+ * @author tlenz
+ *
+ */
+public class SignatureValidationException extends FilterException {
+
+ /**
+ * @param string
+ */
+ public SignatureValidationException(String string) {
+ super(string);
+
+ }
+
+ /**
+ * @param e
+ */
+ public SignatureValidationException(Exception e) {
+ super(e);
+ }
+
+ /**
+ * @param string
+ * @param object
+ */
+ public SignatureValidationException(String string, Exception e) {
+ super(string, e);
+ }
+
+ private static final long serialVersionUID = 1L;
+
+}
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/exception/ValidationObjectIdentifier.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/exception/ValidationObjectIdentifier.java
new file mode 100644
index 000000000..0a6112ebb
--- /dev/null
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/exception/ValidationObjectIdentifier.java
@@ -0,0 +1,66 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.config.webgui.exception;
+
+/**
+ * @author tlenz
+ *
+ */
+public class ValidationObjectIdentifier {
+ private String key;
+ private String friendlyName;
+ private String message;
+
+ /**
+ * Create a validation error object identifier
+ *
+ * @param key configuration key
+ * @param friendlyName friendly name in configuration GUI
+ * @param message error message
+ */
+ public ValidationObjectIdentifier(String key, String friendlyName, String message) {
+ this.key = key;
+ this.friendlyName = friendlyName;
+ this.message = message;
+ }
+
+
+ /**
+ * @return the configuration key
+ */
+ public String getKey() {
+ return key;
+ }
+ /**
+ * @return the friendly name, which is used in the GUI
+ */
+ public String getFriendlyName() {
+ return friendlyName;
+ }
+ /**
+ * @return the error message
+ */
+ public String getMessage() {
+ return message;
+ }
+}
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/helper/GUIDataParser.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/helper/GUIDataParser.java
new file mode 100644
index 000000000..6b6bf8427
--- /dev/null
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/helper/GUIDataParser.java
@@ -0,0 +1,67 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.config.webgui.helper;
+
+import java.io.IOException;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
+import at.gv.egovernment.moa.util.Base64Utils;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+/**
+ * @author tlenz
+ *
+ */
+public class GUIDataParser {
+ private static final Logger log = LoggerFactory.getLogger(GUIDataParser.class);
+ /**
+ * Extract the BASE64 content from GUI upload
+ *
+ * @param guiUpload {String}, which is committed by GUI
+ * @return Base64 encoded data or null if data is not parseable or empty
+ */
+ public static String getBase64ContentFromGUIUpload(String guiUpload) {
+ if (MiscUtil.isNotEmpty(guiUpload) &&
+ !guiUpload.equals(MOAIDConfigurationConstants.WEBGUI_EMPTY_ELEMENT) ) {
+ String[] bkuSelectTemplateSplitted = guiUpload.split(",");
+ String base64 = null;
+ if (bkuSelectTemplateSplitted.length > 1)
+ base64 = bkuSelectTemplateSplitted[1];
+ else
+ base64 = guiUpload;
+
+ try {
+ if (Base64Utils.decode(base64, false) != null)
+ return base64;
+
+ } catch (IOException e) {
+ log.debug("GUI upoad is not decodeable.", e);
+
+ }
+ }
+ return null;
+ }
+}
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/helper/LanguageHelper.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/helper/LanguageHelper.java
new file mode 100644
index 000000000..122626ae8
--- /dev/null
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/helper/LanguageHelper.java
@@ -0,0 +1,81 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
+package at.gv.egovernment.moa.id.config.webgui.helper;
+
+import java.text.MessageFormat;
+import java.util.Locale;
+import java.util.ResourceBundle;
+
+
+public class LanguageHelper {
+
+
+ private static String errorLanguage(String code, Locale locale) {
+ return ResourceBundle.getBundle("applicationResources", locale).getString(code);
+
+ }
+
+ private static String guiLanguage(String code, Locale locale) {
+ return ResourceBundle.getBundle("applicationResources", locale).getString(code);
+
+ }
+
+ public static String getGUIString(String code) {
+ return guiLanguage(code, getLangFromConfig());
+ }
+
+
+ public static String getErrorString(String code) {
+ return errorLanguage(code, getLangFromConfig());
+ }
+
+ public static String getGUIString(String code, String parameter) {
+ return MessageFormat.format(getGUIString(code), parameter);
+ }
+
+ public static String getErrorString(String code, Object[] parameter) {
+
+ return MessageFormat.format(getGUIString(code), parameter);
+ }
+
+
+ private static Locale getLangFromConfig() {
+
+ Locale defaultLanguage = Locale.forLanguageTag("de");
+
+// try {
+// ConfigurationProvider configurationProvider = ConfigurationProvider.getInstance();
+// defaultLanguage = Locale.forLanguageTag(configurationProvider.getDefaultLanguage());
+//
+// } catch (ConfigurationException e) {
+// log.error("Configuration exception while getting ConfigurationProvider instance", e);
+// }
+
+
+ return defaultLanguage;
+
+
+
+ }
+}
+
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/MOAIDConfigurationValidator.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/MOAIDConfigurationValidator.java
new file mode 100644
index 000000000..42ef0e1e6
--- /dev/null
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/MOAIDConfigurationValidator.java
@@ -0,0 +1,311 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.config.webgui.validation;
+
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+import java.util.ServiceLoader;
+import java.util.Map.Entry;
+import java.util.Set;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+
+import at.gv.egiz.components.configuration.api.Configuration;
+import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
+import at.gv.egovernment.moa.id.commons.config.persistence.MOAIDConfiguration;
+import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils;
+import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationModulValidationException;
+import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationValidationException;
+import at.gv.egovernment.moa.id.config.webgui.validation.modul.IModuleValidator;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.IDynamicLoadableTaskValidator;
+
+/**
+ * @author tlenz
+ *
+ */
+public class MOAIDConfigurationValidator {
+ private static final Logger logger = LoggerFactory.getLogger(MOAIDConfigurationValidator.class);
+ private static MOAIDConfiguration dbconfig;
+
+ private static ServiceLoader<IModuleValidator> moduleLoader =
+ ServiceLoader.load(IModuleValidator.class);
+ private static Map<String, IModuleValidator> moduleValidator = null;
+
+ private static ServiceLoader<IDynamicLoadableTaskValidator> taskLoader =
+ ServiceLoader.load(IDynamicLoadableTaskValidator.class);
+
+ private Map<String, Map<String,String>> data = null;
+ private boolean isDataValidated = false;
+
+ @Autowired
+ public void setDatabaseConfiguration(MOAIDConfiguration config) {
+ dbconfig = config;
+
+ }
+
+ /**
+ *
+ */
+ public MOAIDConfigurationValidator() {
+ //load modules
+ if (moduleValidator == null ) {
+ moduleValidator = new HashMap<String, IModuleValidator>();
+ Iterator<IModuleValidator> moduleLoaderInterator = moduleLoader.iterator();
+ while (moduleLoaderInterator.hasNext()) {
+ IModuleValidator modul = moduleLoaderInterator.next();
+ logger.info("Load validation module for key: {}", modul.getKeyPrefix());
+ moduleValidator.put(modul.getKeyPrefix(), modul);
+
+ }
+
+ //load dynamic tasks
+ Iterator<IDynamicLoadableTaskValidator> taskLoaderInterator = taskLoader.iterator();
+ while (taskLoaderInterator.hasNext()) {
+ IDynamicLoadableTaskValidator task = taskLoaderInterator.next();
+ List<String> modulesToInject = task.getModulValidatorPrefix();
+ for (String el : modulesToInject) {
+ if (moduleValidator.containsKey(el)) {
+ moduleValidator.get(el).addTaskValidator(task);
+ logger.info("Task " + task.getName()
+ + " is injected to module with prefix " + el);
+
+ } else {
+ logger.warn("Task " + task.getName()
+ + " could NOT injected: No module with prefix " + el);
+
+ }
+ }
+ }
+ }
+ }
+
+ /**
+ * Get the internal key/value configuration data set
+ *
+ * @return full configuration block of key/value pairs {Map<String, String>} sorted by MOA-ID configuration groups or null if preprocessing was done
+ */
+ public Map<String, Map<String,String>> getPreProcessedConfigurationData() {
+ return data;
+ }
+
+ /**
+ * PreProcess MOA-ID key/value configuration before validation and sort the keys into MOA-ID configuration groups
+ *
+ * @param changed all changed key/value pairs
+ * @param added all added key/value pairs
+ * @param deleted all deleted key/value pairs
+ * @return Number of MOA-ID configuration groups which was found
+ */
+ public int preProcess(Map<String, String> changed,
+ Map<String, String> added, List<String> deleted) {
+ data = new HashMap<String, Map<String, String>>();
+
+ //classify changed key/value pairs
+ if (changed != null)
+ keyValueClassification(changed.entrySet().iterator(), data);
+
+ //classify new key/value pairs
+ if (added != null)
+ keyValueClassification(added.entrySet().iterator(), data);
+
+ return data.size();
+ }
+
+ /**
+ * Validate MOA-ID key/value configuration before saving
+ *
+ * @throws ConfigurationValidationException
+ */
+
+ public void validate() throws ConfigurationValidationException {
+ logger.trace("Starting MOA-ID configuration validation process ...");
+
+ Iterator<Entry<String, Map<String, String>>> groupInterator = data.entrySet().iterator();
+ while (groupInterator.hasNext()) {
+ Entry<String, Map<String, String>> groupEl = groupInterator.next();
+
+ try {
+ if (groupEl.getKey().startsWith(MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES)) {
+ String moduleID = KeyValueUtils.getParentKey(groupEl.getKey());
+ if (moduleValidator.containsKey(moduleID)) {
+ logger.trace("Starting validation process of keyGroup: " + groupEl.getKey()
+ + " with module: " + moduleValidator.get(moduleID).getName());
+ Map<String, String> servicekeys = KeyValueUtils.removePrefixFromKeys(groupEl.getValue(), groupEl.getKey());
+
+ //put service prefix to validation Map to check if service already stored
+ servicekeys.put(MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES, groupEl.getKey());
+
+ moduleValidator.get(moduleID)
+ .validate(servicekeys);
+
+ } else
+ logger.info("No ModulValidator for keygroup {} found.", moduleID);
+
+ } else if (moduleValidator.containsKey(groupEl.getKey())) {
+ logger.trace("Starting validation process of keyGroup: " + groupEl.getKey()
+ + " with module: " + moduleValidator.get(groupEl.getKey()).getName());
+ moduleValidator.get(groupEl.getKey())
+ .validate(KeyValueUtils.removePrefixFromKeys(groupEl.getValue(), groupEl.getKey()));
+
+ } else {
+ logger.info("No ModulValidator for keygroup {} found.", groupEl.getKey());
+
+ }
+
+ } catch (ConfigurationModulValidationException e) {
+ logger.warn("Validation of keyGroup: " + groupEl.getKey()
+ + " FAILED with " + e.getValidationErrors().size() + " errors");
+ throw e;
+
+ }
+
+ }
+ isDataValidated = true;
+ }
+
+ /**
+ * Post-process the validated configuration to generate storeable key/value pairs
+ * @param deleted
+ *
+ * @return {Map<String, String>} of key/value pairs which could be stored into configuration
+ */
+
+ public Map<String, String> postProcessing(List<String> deleted) {
+ if (!isDataValidated)
+ logger.warn("Post-Processing non validated key/value pairs!");
+
+ Map<String, String> configToStore = new HashMap<String, String>();
+
+ Iterator<Entry<String, Map<String, String>>> groupInterator = data.entrySet().iterator();
+ while (groupInterator.hasNext()) {
+ Entry<String, Map<String, String>> groupEl = groupInterator.next();
+
+ try {
+ if (groupEl.getKey().startsWith(MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES)) {
+ String moduleID = KeyValueUtils.getParentKey(groupEl.getKey());
+ if (moduleValidator.containsKey(moduleID)) {
+ logger.trace("Start postProcessing of keyGroup: " + groupEl.getKey()
+ + " with module: " + moduleValidator.get(moduleID).getName());
+ postProcessing(groupEl, moduleValidator.get(moduleID), configToStore, deleted);
+
+ } else
+ logger.info("No Module for keygroup {} found.", moduleID);
+
+ } else if (moduleValidator.containsKey(groupEl.getKey())) {
+ logger.trace("Start postProcessing of keyGroup: " + groupEl.getKey()
+ + " with module: " + moduleValidator.get(groupEl.getKey()).getName());
+ postProcessing(groupEl, moduleValidator.get(groupEl.getKey()), configToStore, deleted);
+
+ } else {
+ logger.info("No ModulValidator for keygroup {} found.", groupEl.getKey());
+
+ }
+
+ } catch (Exception e) {
+ logger.error("Post-Processing for keygroup: " + groupEl.getKey() + " FAILED!", e);
+
+ }
+
+ }
+ return configToStore;
+ }
+
+ private void postProcessing(Entry<String, Map<String, String>> groupEl,
+ IModuleValidator module, Map<String, String> configToStore, List<String> deleted ) {
+
+ //add all key/value pairs from user configuration GUI
+ configToStore.putAll(KeyValueUtils.makeKeysAbsolut(
+ groupEl.getValue(),
+ groupEl.getKey(),
+ MOAIDConfigurationConstants.PREFIX_MOAID));
+
+ //add or update key/value pairs from users with module or task specific information
+ Map<String, String> toBeAdded = module.postProcessing(
+ KeyValueUtils.removePrefixFromKeys(groupEl.getValue(), groupEl.getKey()),
+ deleted,
+ dbconfig);
+ if (toBeAdded != null) {
+ toBeAdded = KeyValueUtils.makeKeysAbsolut(toBeAdded, groupEl.getKey(), MOAIDConfigurationConstants.PREFIX_MOAID);
+ for (Entry<String, String> el : toBeAdded.entrySet()) {
+ if (configToStore.containsKey(el.getKey())) {
+ logger.info("Overwrite key: " + el.getKey()
+ + " userValue:" + configToStore.get(el.getKey())
+ + " postProcessing: " + toBeAdded.get(el.getKey()));
+
+ }
+ configToStore.put(el.getKey(), el.getValue());
+ }
+ }
+
+ }
+
+ private void keyValueClassification(Iterator<Entry<String, String>> config, Map<String, Map<String,String>> result) {
+ Set<String> validationModuleKeys = moduleValidator.keySet();
+
+ while(config.hasNext()) {
+ Entry<String, String> el = config.next();
+ logger.trace("Preprocess configuration element with key: "
+ + el.getKey() + " value: " + el.getValue());
+
+ //search configuration module
+ IModuleValidator selectedModul = null;
+ for (String key : validationModuleKeys) {
+ if (el.getKey().startsWith(key)) {
+ selectedModul = moduleValidator.get(key);
+ break;
+ }
+ }
+
+ //group key/value pair to configuration modules
+ if (selectedModul != null) {
+ String groupkey = null;
+ if (selectedModul.getKeyPrefix().startsWith(MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES)) {
+ String oaIndex = KeyValueUtils.getFirstChildAfterPrefix(el.getKey(), selectedModul.getKeyPrefix());
+ groupkey = selectedModul.getKeyPrefix() + "." + oaIndex;
+
+ } else
+ groupkey = selectedModul.getKeyPrefix();
+
+ if (!result.containsKey(groupkey)) {
+ result.put(groupkey, new HashMap<String, String>());
+
+ }
+ Map<String, String> resultElement = result.get(groupkey);
+ logger.trace("Put key/value pair to keyGroup: "
+ + groupkey + "with friendlyName: " + selectedModul.getName());
+ resultElement.put(el.getKey(), el.getValue());
+
+ } else {
+ logger.warn("Configuration Key {} is not part of a loaded MOA-ID configuration validation-module!", el.getKey());
+
+ }
+
+ }
+ }
+
+
+}
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/modul/AbstractModuleValidator.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/modul/AbstractModuleValidator.java
new file mode 100644
index 000000000..076f5c75e
--- /dev/null
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/modul/AbstractModuleValidator.java
@@ -0,0 +1,148 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.config.webgui.validation.modul;
+
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.regex.Pattern;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egiz.components.configuration.api.Configuration;
+import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationModulValidationException;
+import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationTaskValidationException;
+import at.gv.egovernment.moa.id.config.webgui.exception.ValidationObjectIdentifier;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.IDynamicLoadableTaskValidator;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator;
+
+/**
+ * @author tlenz
+ *
+ */
+public abstract class AbstractModuleValidator implements IModuleValidator {
+ private static final Logger logger = LoggerFactory.getLogger(AbstractModuleValidator.class);
+ protected List<ITaskValidator>taskValidator = new ArrayList<ITaskValidator>();
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.modul.IModuleValidator#validate(java.util.Map)
+ */
+ @Override
+ public void validate(Map<String, String> input)
+ throws ConfigurationModulValidationException {
+ List<ValidationObjectIdentifier> errors = new ArrayList<ValidationObjectIdentifier>();
+
+// //perform whitelist checks
+// List<Pattern> allowedPatterns = new ArrayList<Pattern>();
+// for (ITaskValidator task : taskValidator)
+// allowedPatterns.addAll(task.getAllAllowedPatterns());
+//
+// for (String el : input.keySet()) {
+// boolean valid = false;
+//
+// for (Pattern pat : allowedPatterns) {
+// if (pat.matcher(el).matches()) {
+// valid = true;
+// break;
+// }
+// }
+//
+// if (!valid) {
+// logger.warn("Task-Validator for keyPrefix: "
+// + getKeyPrefix() + " found a non-whitelisted key: " + el);
+// throw new ConfigurationModulValidationException(
+// new ValidationObjectIdentifier(el, "unkown", "This key is not allowed!"));
+//
+// }
+// }
+
+ for (ITaskValidator task : taskValidator) {
+ try {
+ task.validate(input);
+
+ } catch (ConfigurationTaskValidationException e) {
+ logger.debug("Task " + task.getName()
+ + " found " + e.getValidationErrors().size()
+ + " errors in configuration");
+ errors.addAll(e.getValidationErrors());
+ }
+ }
+
+ if (!errors.isEmpty())
+ throw new ConfigurationModulValidationException(errors);
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.modul.IModuleValidator#validate(java.util.Map)
+ */
+ public Map<String, String> postProcessing(Map<String, String> input,
+ List<String> keysToDelete, Configuration dbconfig) {
+ Map<String, String> added = new HashMap<String, String>();
+
+ for (ITaskValidator task : taskValidator) {
+ try {
+ Map<String, String> taskResult = task.postProcessing(input, keysToDelete, dbconfig);
+ if (taskResult != null)
+ added.putAll(taskResult);
+
+ } catch (Exception e) {
+ logger.warn("Post processing of task: " + task.getName()
+ + " FAILED!", e);
+
+ }
+ }
+ if (added.isEmpty())
+ return null;
+ else
+ return added;
+
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.modul.IModuleValidator#getKeyPrefix()
+ */
+ @Override
+ abstract public String getKeyPrefix();
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.modul.IModuleValidator#getName()
+ */
+ @Override
+ abstract public String getName();
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.modul.IModuleValidator#addTaskValidator(at.gv.egovernment.moa.id.config.webgui.validation.task.IDynamicTaskValidator)
+ */
+ @Override
+ public void addTaskValidator(IDynamicLoadableTaskValidator validator) {
+ taskValidator.add(validator);
+
+ }
+
+ protected void addTaskValidator(ITaskValidator validator) {
+ taskValidator.add(validator);
+ }
+
+}
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/modul/IModuleValidator.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/modul/IModuleValidator.java
new file mode 100644
index 000000000..3ee665a87
--- /dev/null
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/modul/IModuleValidator.java
@@ -0,0 +1,79 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.config.webgui.validation.modul;
+
+import java.util.List;
+import java.util.Map;
+
+import at.gv.egiz.components.configuration.api.Configuration;
+import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationModulValidationException;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.IDynamicLoadableTaskValidator;
+
+/**
+ * @author tlenz
+ *
+ */
+public interface IModuleValidator {
+
+ /**
+ * Validate a specific key/value configuration
+ *
+ * @param input key/value configuration pairs without prefix
+ * @throws ConfigurationModulValidationException
+ */
+ public void validate(Map<String, String> input) throws ConfigurationModulValidationException;
+
+ /**
+ * Get module specific additional key/value pairs which must be added
+ *
+ * @param input Set of key/value pairs
+ * @param keysToDelete List<String> of keys which should be deleted
+ * @param dbconfig {Configuration} to access the current used configuration
+ * @return {Map<String, String>} of key/value pairs which had to be added to configuration or null
+ */
+ public Map<String, String> postProcessing(Map<String, String> input,
+ List<String> keysToDelete, Configuration dbconfig);
+
+
+ /**
+ * Key prefix for which this validation module is sensitive
+ *
+ * @return
+ */
+ public String getKeyPrefix();
+
+ /**
+ * Friendly name of the validation module
+ *
+ * @return
+ */
+ public String getName();
+
+
+ /**
+ *
+ *
+ * @param validator
+ */
+ public void addTaskValidator(IDynamicLoadableTaskValidator validator);
+}
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/modul/impl/GatewayValidator.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/modul/impl/GatewayValidator.java
new file mode 100644
index 000000000..e7775beba
--- /dev/null
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/modul/impl/GatewayValidator.java
@@ -0,0 +1,58 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.config.webgui.validation.modul.impl;
+
+import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
+import at.gv.egovernment.moa.id.config.webgui.validation.modul.AbstractModuleValidator;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.impl.ServicesGeneralInformationTask;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.impl.ServicesPVPGatewayTask;
+
+/**
+ * @author tlenz
+ *
+ */
+public class GatewayValidator extends AbstractModuleValidator {
+
+ public GatewayValidator() {
+ addTaskValidator(new ServicesGeneralInformationTask());
+ addTaskValidator(new ServicesPVPGatewayTask());
+ }
+
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.IModuleValidator#getKeyPrefix()
+ */
+ @Override
+ public String getKeyPrefix() {
+ return MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES_GATEWAY;
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.IModuleValidator#getName()
+ */
+ @Override
+ public String getName() {
+ return "MOA-ID STORK<->PVP Gateway Configuration";
+ }
+
+}
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/modul/impl/GeneralConfigurationValidator.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/modul/impl/GeneralConfigurationValidator.java
new file mode 100644
index 000000000..01114d235
--- /dev/null
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/modul/impl/GeneralConfigurationValidator.java
@@ -0,0 +1,62 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.config.webgui.validation.modul.impl;
+
+import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
+import at.gv.egovernment.moa.id.config.webgui.validation.modul.AbstractModuleValidator;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.impl.GeneralMOAIDConfigurationTask;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.impl.GeneralOpenIDConfigurationTask;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.impl.GeneralPVP2XConfigurationTask;
+
+/**
+ * @author tlenz
+ *
+ */
+public class GeneralConfigurationValidator extends AbstractModuleValidator {
+
+
+ public GeneralConfigurationValidator() {
+ //add default task to this module
+ addTaskValidator(new GeneralMOAIDConfigurationTask());
+ addTaskValidator(new GeneralPVP2XConfigurationTask());
+ addTaskValidator(new GeneralOpenIDConfigurationTask());
+
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.IModuleValidator#getKeyPrefix()
+ */
+ @Override
+ public String getKeyPrefix() {
+ return MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL;
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.IModuleValidator#getName()
+ */
+ @Override
+ public String getName() {
+ return "General MOA-ID Configuration";
+ }
+
+}
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/modul/impl/InterfederationIDPValidator.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/modul/impl/InterfederationIDPValidator.java
new file mode 100644
index 000000000..5b9312e8e
--- /dev/null
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/modul/impl/InterfederationIDPValidator.java
@@ -0,0 +1,57 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.config.webgui.validation.modul.impl;
+
+import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
+import at.gv.egovernment.moa.id.config.webgui.validation.modul.AbstractModuleValidator;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.impl.ServicesGeneralInformationTask;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.impl.ServicesInterfederationIDPTask;
+
+/**
+ * @author tlenz
+ *
+ */
+public class InterfederationIDPValidator extends AbstractModuleValidator {
+
+ public InterfederationIDPValidator() {
+ addTaskValidator(new ServicesGeneralInformationTask());
+ addTaskValidator(new ServicesInterfederationIDPTask());
+
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.IModuleValidator#getKeyPrefix()
+ */
+ @Override
+ public String getKeyPrefix() {
+ return MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES_IIDP;
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.IModuleValidator#getName()
+ */
+ @Override
+ public String getName() {
+ return "MOA-ID Interfederation IDP Configuration";
+ }
+}
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/modul/impl/OnlineApplicationValidator.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/modul/impl/OnlineApplicationValidator.java
new file mode 100644
index 000000000..dbce8ec3a
--- /dev/null
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/modul/impl/OnlineApplicationValidator.java
@@ -0,0 +1,71 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.config.webgui.validation.modul.impl;
+
+import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
+import at.gv.egovernment.moa.id.config.webgui.validation.modul.AbstractModuleValidator;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.impl.ServicesAuthenticationInformationTask;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.impl.ServicesBKUSelectionTask;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.impl.ServicesGeneralInformationTask;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.impl.ServicesProtocolSAML1Task;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.impl.ServicesSSOAuthenticationTask;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.impl.ServicesTargetTask;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.impl.ServicesbPKDecryptionTask;
+
+/**
+ * @author tlenz
+ *
+ */
+public class OnlineApplicationValidator extends AbstractModuleValidator {
+
+ /**
+ *
+ */
+ public OnlineApplicationValidator() {
+ addTaskValidator(new ServicesGeneralInformationTask());
+ addTaskValidator(new ServicesTargetTask());
+ addTaskValidator(new ServicesAuthenticationInformationTask());
+ addTaskValidator(new ServicesSSOAuthenticationTask());
+ addTaskValidator(new ServicesbPKDecryptionTask());
+ addTaskValidator(new ServicesProtocolSAML1Task());
+ addTaskValidator(new ServicesBKUSelectionTask());
+
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.IModuleValidator#getKeyPrefix()
+ */
+ @Override
+ public String getKeyPrefix() {
+ return MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES_OA;
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.IModuleValidator#getName()
+ */
+ @Override
+ public String getName() {
+ return "MOA-ID Online-Application Configuration";
+ }
+
+}
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/modul/impl/VIDPValidator.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/modul/impl/VIDPValidator.java
new file mode 100644
index 000000000..ad3c15b16
--- /dev/null
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/modul/impl/VIDPValidator.java
@@ -0,0 +1,61 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.config.webgui.validation.modul.impl;
+
+import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
+import at.gv.egovernment.moa.id.config.webgui.validation.modul.AbstractModuleValidator;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.impl.ServicesBKUSelectionTask;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.impl.ServicesGeneralInformationTask;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.impl.ServicesTargetTask;
+
+/**
+ * @author tlenz
+ *
+ */
+public class VIDPValidator extends AbstractModuleValidator {
+
+
+ public VIDPValidator() {
+ addTaskValidator(new ServicesGeneralInformationTask());
+ addTaskValidator(new ServicesTargetTask());
+ addTaskValidator(new ServicesBKUSelectionTask());
+
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.IModuleValidator#getKeyPrefix()
+ */
+ @Override
+ public String getKeyPrefix() {
+ return MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES_VIDP;
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.IModuleValidator#getName()
+ */
+ @Override
+ public String getName() {
+ return "MOA-ID V-IDP Configuration";
+ }
+
+}
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/AbstractTaskValidator.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/AbstractTaskValidator.java
new file mode 100644
index 000000000..a124949f1
--- /dev/null
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/AbstractTaskValidator.java
@@ -0,0 +1,106 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.config.webgui.validation.task;
+
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Map;
+import java.util.regex.Pattern;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egiz.components.configuration.api.Configuration;
+import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationTaskValidationException;
+import at.gv.egovernment.moa.id.config.webgui.exception.ValidationObjectIdentifier;
+
+/**
+ * @author tlenz
+ *
+ */
+public abstract class AbstractTaskValidator implements ITaskValidator {
+ private static final Logger logger = LoggerFactory.getLogger(AbstractTaskValidator.class);
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#validate(java.util.Map)
+ */
+ @Override
+ public void validate(Map<String, String> input)
+ throws ConfigurationTaskValidationException {
+
+ //start task specific validation
+ taskValidate(input);
+
+ }
+
+ /**
+ * Validate a specific set of key/value pairs without whitelist checks
+ *
+ * @param input Key/Value pairs of a module for validation
+ * @throws ConfigurationModulValidationException
+ */
+ abstract protected void taskValidate(Map<String, String> input)
+ throws ConfigurationTaskValidationException;
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#postProcessing(java.util.Map, java.util.List, at.gv.egiz.components.configuration.api.Configuration)
+ */
+ @Override
+ abstract public Map<String, String> postProcessing(Map<String, String> input,
+ List<String> keysToDelete, Configuration dbconfig);
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getKeyPrefix()
+ */
+ @Override
+ abstract public String getKeyPrefix();
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getName()
+ */
+ @Override
+ abstract public String getName();
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getAllAllowedKeys()
+ */
+ @Override
+ abstract public List<Pattern> getAllAllowedPatterns();
+
+ protected List<Pattern> generatePatternsFromKeys(List<String> keys) {
+ List<Pattern> patterns = new ArrayList<Pattern>();
+ for (String key : keys) {
+ if (key != null) {
+ String patternKey;
+ if (key.contains(".")) {
+ patternKey = key.replaceAll("\\.", "\\\\.");
+ } else
+ patternKey = key;
+
+ patterns.add(Pattern.compile(patternKey));
+ } else
+ logger.info("Found NULL key in whitelist of task: " + getName());
+ }
+ return patterns;
+ }
+}
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/IDynamicLoadableTaskValidator.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/IDynamicLoadableTaskValidator.java
new file mode 100644
index 000000000..b1a38ab67
--- /dev/null
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/IDynamicLoadableTaskValidator.java
@@ -0,0 +1,39 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.config.webgui.validation.task;
+
+import java.util.List;
+
+/**
+ * @author tlenz
+ *
+ */
+public interface IDynamicLoadableTaskValidator extends ITaskValidator {
+
+ /**
+ * Get a list of {IModuleValidator} prefixes in which this task should be added
+ *
+ * @return List of prefix keys
+ */
+ public List<String> getModulValidatorPrefix();
+}
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/ITaskValidator.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/ITaskValidator.java
new file mode 100644
index 000000000..f91440d3a
--- /dev/null
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/ITaskValidator.java
@@ -0,0 +1,79 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.config.webgui.validation.task;
+
+import java.util.List;
+import java.util.Map;
+import java.util.regex.Pattern;
+
+import at.gv.egiz.components.configuration.api.Configuration;
+import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationTaskValidationException;
+
+/**
+ * @author tlenz
+ *
+ */
+public interface ITaskValidator {
+
+ /**
+ * Validate a specific set of key/value pairs (whitelist checks are included)
+ *
+ * @param input Key/Value pairs of a module for validation
+ * @throws ConfigurationModulValidationException
+ */
+ public void validate(Map<String, String> input) throws ConfigurationTaskValidationException;
+
+ /**
+ * Get task specific key/value pairs which must be added
+ * The return keys must be full qualified according to the MOA-ID key namespace definition
+ *
+ * @param input Set of key/value pairs
+ * @param keysToDelete List<String> of keys which should be deleted
+ * @param dbconfig {Configuration} to access the current used configuration
+ * @return {Map<String, String>} of key/value pairs which had to be added to configuration or null
+ */
+ public Map<String, String> postProcessing(Map<String, String> input,
+ List<String> keysToDelete, Configuration dbconfig);
+
+ /**
+ * Get a key prefix for with this validation task is sensitive
+ *
+ * @return keyPrefix {String} or null if no prefix is defined
+ */
+ public String getKeyPrefix();
+
+ /**
+ * Get the friendly name of this validation task
+ *
+ * @return friendlyName {String}
+ */
+ public String getName();
+
+ /**
+ * Get a list of keys which are white listed for this task
+ *
+ * @return {List<Pattern>} of keys which are allowed
+ */
+ public List<Pattern> getAllAllowedPatterns();
+
+}
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralMOAIDConfigurationTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralMOAIDConfigurationTask.java
new file mode 100644
index 000000000..ed02f8186
--- /dev/null
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralMOAIDConfigurationTask.java
@@ -0,0 +1,615 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.config.webgui.validation.task.impl;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.regex.Pattern;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egiz.components.configuration.api.Configuration;
+import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
+import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils;
+import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
+import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationTaskValidationException;
+import at.gv.egovernment.moa.id.config.webgui.exception.ValidationObjectIdentifier;
+import at.gv.egovernment.moa.id.config.webgui.helper.LanguageHelper;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+/**
+ * @author tlenz
+ *
+ */
+public class GeneralMOAIDConfigurationTask extends AbstractTaskValidator implements ITaskValidator {
+
+ private static final Logger log = LoggerFactory.getLogger(GeneralMOAIDConfigurationTask.class);
+ public static final List<String> KEYWHITELIST;
+
+ static {
+ ArrayList<String> temp = new ArrayList<String>();
+ temp.add(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_PUBLICURLPREFIX, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL));
+ temp.add(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_DEFAULTS_BKU_HANDY, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL));
+ temp.add(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_DEFAULTS_BKU_LOCAL, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL));
+ temp.add(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_DEFAULTS_BKU_ONLINE, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL));
+ temp.add(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_DEFAULTS_TEMPLATES_HANDY, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL));
+ temp.add(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_DEFAULTS_TEMPLATES_LOCAL, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL));
+ temp.add(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_DEFAULTS_TEMPLATES_ONLINE, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL));
+
+ temp.add(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_AUTHBLOCK_TRANSFORMATION_BASE64, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL));
+ temp.add(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_AUTHBLOCK_TRANSFORMATION_BASE64, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL));
+ temp.add(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_AUTHBLOCK_TRANSFORMATION_NAME, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL));
+ temp.add(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_CERTSTORE_URL, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL));
+ temp.add(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_AUTHBLOCK_TRANSFORM, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL));
+ temp.add(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_TRUSTPROFILE_AUTHBLOCK_PROD, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL));
+ temp.add(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_TRUSTPROFILE_AUTHBLOCK_TEST, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL));
+ temp.add(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_TRUSTPROFILE_IDL_PROD, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL));
+ temp.add(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_TRUSTPROFILE_IDL_TEST, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL));
+ temp.add(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_URL, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL));
+ temp.add(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_REVOCATIONCHECKING, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL));
+ temp.add(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_SERVICES_OVS_URL, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL));
+ temp.add(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_SERVICES_SZRGW_URL, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL));
+ temp.add(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_SSO_AUTHBLOCK_TEXT, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL));
+ temp.add(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_SSO_SERVICENAME, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL));
+ temp.add(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_SSO_TARGET, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL));
+ temp.add(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_TIMEOUS_SSO_CREATE, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL));
+ temp.add(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_TIMEOUS_SSO_UPDATE, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL));
+ temp.add(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_TIMEOUTS_TRANSACTION, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL));
+ temp.add(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_TRUSTSTORE_URL, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL));
+
+ temp.add(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_SAML1_ENABLED, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL));
+ temp.add(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_SAML1_LEGACY, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL));
+ temp.add(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_SAML1_SOURCEID, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL));
+
+ KEYWHITELIST = Collections.unmodifiableList(temp);
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#validate(java.util.Map)
+ */
+ @Override
+ protected void taskValidate(Map<String, String> input)
+ throws ConfigurationTaskValidationException {
+ List<ValidationObjectIdentifier> errors = new ArrayList<ValidationObjectIdentifier>();
+
+ //check all keys against key whitelist
+
+
+ String check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_SAML1_SOURCEID, getKeyPrefix()));
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ log.warn("SAML1 SourceID contains potentail XSS characters: " + check);
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.GENERAL_PROTOCOLS_SAML1_SOURCEID,
+ "SAML1 - SourceID",
+ LanguageHelper.getErrorString("validation.general.SAML1SourceID",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)})));
+ }
+ }
+
+ check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_PUBLICURLPREFIX, getKeyPrefix()));
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!ValidationHelper.validateURL(check)) {
+ log.info("Public URL Prefix is not valid");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.GENERAL_PUBLICURLPREFIX,
+ "Public URL Prefix",
+ LanguageHelper.getErrorString("validation.general.publicURLprefix.valid")));
+ }
+ } else {
+ log.info("PublicURL Prefix is empty.");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.GENERAL_PUBLICURLPREFIX,
+ "Public URL Prefix",
+ LanguageHelper.getErrorString("validation.general.publicURLprefix.empty")));
+ }
+
+ check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_TIMEOUTS_TRANSACTION, getKeyPrefix()));
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!ValidationHelper.validateNumber(check)) {
+ log.warn("Assertion Timeout is no number " + check);
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.GENERAL_AUTH_TIMEOUTS_TRANSACTION,
+ "Timeout - Transaction",
+ LanguageHelper.getErrorString("validation.general.timeouts.assertion.valid",
+ new Object[] {ValidationHelper.getNotValidOAIdentifierCharacters()}) ));
+ }
+ }
+ check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_TIMEOUS_SSO_CREATE, getKeyPrefix()));
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!ValidationHelper.validateNumber(check)) {
+ log.warn("MOASessionCreated Timeout is no number " + check);
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.GENERAL_AUTH_TIMEOUS_SSO_CREATE,
+ "Timeout - SSO created",
+ LanguageHelper.getErrorString("validation.general.timeouts.moasessioncreated.valid",
+ new Object[] {ValidationHelper.getNotValidOAIdentifierCharacters()}) ));
+ }
+ }
+ check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_TIMEOUS_SSO_UPDATE, getKeyPrefix()));
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!ValidationHelper.validateNumber(check)) {
+ log.warn("MOASessionUpdated Timeout is no number " + check);
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.GENERAL_AUTH_TIMEOUS_SSO_UPDATE,
+ "Timeout - SSO updated",
+ LanguageHelper.getErrorString("validation.general.timeouts.moasessionupdated.valid",
+ new Object[] {ValidationHelper.getNotValidOAIdentifierCharacters()}) ));
+ }
+ }
+
+ check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_CERTSTORE_URL, getKeyPrefix()));
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.isValidOAIdentifier(check)) {
+ log.warn("CertStoreDirectory contains potentail XSS characters: " + check);
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.GENERAL_AUTH_CERTSTORE_URL,
+ "Certificate - CertStore Directory",
+ LanguageHelper.getErrorString("validation.general.certStoreDirectory.valid",
+ new Object[] {ValidationHelper.getNotValidOAIdentifierCharacters()}) ));
+ }
+ } else {
+ log.info("CertStoreDirectory is empty.");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.GENERAL_AUTH_CERTSTORE_URL,
+ "Certificate - CertStore Directory",
+ LanguageHelper.getErrorString("validation.general.certStoreDirectory.empty")));
+ }
+
+ check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_DEFAULTS_BKU_HANDY, getKeyPrefix()));
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!ValidationHelper.validateURL(check)) {
+ log.info("Not valid Handy-BKU URL");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.GENERAL_DEFAULTS_BKU_HANDY,
+ "Default BKUs - Handy",
+ LanguageHelper.getErrorString("validation.general.bku.handy.valid")));
+ }
+ } else {
+ log.info("Empty Handy-BKU URL");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.GENERAL_DEFAULTS_BKU_HANDY,
+ "Default BKUs - Handy",
+ LanguageHelper.getErrorString("validation.general.bku.handy.empty")));
+ }
+
+ check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_DEFAULTS_BKU_LOCAL, getKeyPrefix()));
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!ValidationHelper.validateURL(check)) {
+ log.info("Not valid Online-BKU URL");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.GENERAL_DEFAULTS_BKU_LOCAL,
+ "Default BKUs - Local",
+ LanguageHelper.getErrorString("validation.general.bku.local.valid")));
+ }
+ } else {
+ log.info("Empty Online-BKU URL");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.GENERAL_DEFAULTS_BKU_LOCAL,
+ "Default BKUs - Local",
+ LanguageHelper.getErrorString("validation.general.bku.local.empty")));
+
+ }
+
+ check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_DEFAULTS_BKU_ONLINE, getKeyPrefix()));
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!ValidationHelper.validateURL(check)) {
+ log.info("Not valid Online-BKU URL");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.GENERAL_DEFAULTS_BKU_ONLINE,
+ "Default BKUs - Online",
+ LanguageHelper.getErrorString("validation.general.bku.online.valid")));
+ }
+ } else {
+ log.info("Empty Online-BKU URL");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.GENERAL_DEFAULTS_BKU_ONLINE,
+ "Default BKUs - Online",
+ LanguageHelper.getErrorString("validation.general.bku.online.empty")));
+
+ }
+
+ check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_SERVICES_OVS_URL, getKeyPrefix()));
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!ValidationHelper.validateURL(check)) {
+ log.info("Not valid Online-Mandate Service URL");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.GENERAL_AUTH_SERVICES_OVS_URL,
+ "Services - OVS",
+ LanguageHelper.getErrorString("validation.general.mandateservice.valid")));
+ }
+ }
+
+ check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_AUTHBLOCK_TRANSFORM, getKeyPrefix()));
+ if (MiscUtil.isEmpty(check)) {
+ log.info("Empty MoaspssAuthTransformation");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_AUTHBLOCK_TRANSFORM,
+ "MOA-SP - AuthBlocktransformation",
+ LanguageHelper.getErrorString("validation.general.moasp.auth.transformation.empty")));
+ } else {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ log.info("IdentityLinkSigners is not valid: " + check);
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_AUTHBLOCK_TRANSFORM,
+ "MOA-SP - AuthBlocktransformationx",
+ LanguageHelper.getErrorString("validation.general.moasp.auth.transformation.valid",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )));
+
+ }
+ }
+
+ check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_TRUSTPROFILE_AUTHBLOCK_PROD, getKeyPrefix()));
+ if (MiscUtil.isEmpty(check)) {
+ log.info("Empty MOA-SP/SS Authblock TrustProfile");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_TRUSTPROFILE_AUTHBLOCK_PROD,
+ "MOA-SP - TrustProfile AuthBlock",
+ LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.empty")));
+ } else {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ log.info("Authblock TrustProfile is not valid: " +check);
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_TRUSTPROFILE_AUTHBLOCK_PROD,
+ "MOA-SP - TrustProfile AuthBlock",
+ LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.valid",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}) ));
+ }
+ }
+
+ check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_TRUSTPROFILE_IDL_PROD, getKeyPrefix()));
+ if (MiscUtil.isEmpty(check)) {
+ log.info("Empty MOA-SP/SS IdentityLink TrustProfile");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_TRUSTPROFILE_IDL_PROD,
+ "MOA-SP - TrustProfile IdL",
+ LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.empty")));
+ } else {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ log.info("IdentityLink TrustProfile is not valid: " +check);
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_TRUSTPROFILE_IDL_PROD,
+ "MOA-SP - TrustProfile IdL",
+ LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.valid",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}) ));
+ }
+ }
+
+ check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_TRUSTPROFILE_AUTHBLOCK_TEST, getKeyPrefix()));
+ if (MiscUtil.isEmpty(check)) {
+ log.info("Empty MOA-SP/SS Test-Authblock TrustProfile");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_TRUSTPROFILE_AUTHBLOCK_PROD,
+ "MOA-SP - Test-TrustProfile AuthBlock",
+ LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.test.empty")));
+ } else {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ log.info("Authblock Test-TrustProfile is not valid: " +check);
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_TRUSTPROFILE_AUTHBLOCK_PROD,
+ "MOA-SP - Test-TrustProfile AuthBlock",
+ LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.test.valid",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}) ));
+ }
+ }
+
+ check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_TRUSTPROFILE_IDL_TEST, getKeyPrefix()));
+ if (MiscUtil.isEmpty(check)) {
+ log.info("Empty MOA-SP/SS Test-IdentityLink TrustProfile");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_TRUSTPROFILE_IDL_PROD,
+ "MOA-SP - Test-TrustProfile IdL",
+ LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.test.empty")));
+ } else {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ log.info("IdentityLink Test-TrustProfile is not valid: " +check);
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_TRUSTPROFILE_IDL_PROD,
+ "MOA-SP - Test-TrustProfile IdL",
+ LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.test.valid",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}) ));
+ }
+ }
+
+
+ check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_DEFAULTS_TEMPLATES_HANDY, getKeyPrefix()));
+ if (MiscUtil.isEmpty(check)) {
+ log.info("Empty SLRequestTemplate Handy-BKU");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.GENERAL_DEFAULTS_TEMPLATES_HANDY,
+ "Default SL-Templates - Handy",
+ LanguageHelper.getErrorString("validation.general.slrequest.handy.empty")));
+ } else {
+ if (ValidationHelper.isNotValidIdentityLinkSigner(check)) {
+ log.info("SLRequestTemplate Handy-BKU is not valid");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.GENERAL_DEFAULTS_TEMPLATES_HANDY,
+ "Default SL-Templates - ",
+ LanguageHelper.getErrorString("validation.general.slrequest.handy.valid")));
+ }
+ }
+
+ check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_DEFAULTS_TEMPLATES_LOCAL, getKeyPrefix()));
+ if (MiscUtil.isEmpty(check)) {
+ log.info("Empty SLRequestTemplate local BKU");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.GENERAL_DEFAULTS_TEMPLATES_LOCAL,
+ "Default SL-Templates - Local",
+ LanguageHelper.getErrorString("validation.general.slrequest.local.empty")));
+ } else {
+ if (ValidationHelper.isNotValidIdentityLinkSigner(check)) {
+ log.info("SLRequestTemplate local BKU is not valid");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.GENERAL_DEFAULTS_TEMPLATES_LOCAL,
+ "Default SL-Templates - Local",
+ LanguageHelper.getErrorString("validation.general.slrequest.local.valid")));
+ }
+ }
+
+ check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_DEFAULTS_TEMPLATES_ONLINE, getKeyPrefix()));
+ if (MiscUtil.isEmpty(check)) {
+ log.info("Empty SLRequestTemplate Online-BKU");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.GENERAL_DEFAULTS_TEMPLATES_ONLINE,
+ "Default SL-Templates - Online ",
+ LanguageHelper.getErrorString("validation.general.slrequest.online.empty")));
+ } else {
+ if (ValidationHelper.isNotValidIdentityLinkSigner(check)) {
+ log.info("SLRequestTemplate Online-BKU is not valid");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.GENERAL_DEFAULTS_TEMPLATES_ONLINE,
+ "Default SL-Templates - Online",
+ LanguageHelper.getErrorString("validation.general.slrequest.online.valid")));
+ }
+ }
+
+ check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_SSO_SERVICENAME, getKeyPrefix()));
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ log.info("SSO friendlyname is not valid: " + check);
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.GENERAL_AUTH_SSO_SERVICENAME,
+ "SSO - Servicename",
+ LanguageHelper.getErrorString("validation.general.sso.friendlyname.valid",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}) ));
+ }
+ }
+
+ check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_SSO_AUTHBLOCK_TEXT, getKeyPrefix()));
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, true)) {
+ log.info("SSO SpecialText is not valid: " + check);
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.GENERAL_AUTH_SSO_AUTHBLOCK_TEXT,
+ "SSO - AuthBlocktext",
+ LanguageHelper.getErrorString("validation.general.sso.specialauthtext.valid",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(true)} )));
+ }
+ }
+
+ check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_SSO_TARGET, getKeyPrefix()));
+ if (MiscUtil.isEmpty(check)) {
+ log.info("Empty SSO Target");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.GENERAL_AUTH_SSO_TARGET,
+ "SSO - Target",
+ LanguageHelper.getErrorString("validation.general.sso.target.empty")));
+
+ } else {
+
+ //TODO: maybe store full bPK target (incl. prefix)
+ if (!ValidationHelper.isValidAdminTarget(check)) {
+
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ log.warn("IdentificationNumber contains potentail XSS characters: " + check);
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.GENERAL_AUTH_SSO_TARGET,
+ "SSO - Target",
+ LanguageHelper.getErrorString("validation.general.sso.target.valid",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}) ));
+ }
+
+ String num = check.replaceAll(" ", "");
+
+ boolean isSSOTargetValid = false;
+ for (String allowedPrefix : MOAIDConfigurationConstants.ALLOWED_WBPK_PREFIXES) {
+ if (num.startsWith(allowedPrefix)) {
+ isSSOTargetValid = true;
+ break;
+ }
+ }
+
+ if (!isSSOTargetValid) {
+ log.info("Not valid SSO Target");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.GENERAL_AUTH_SSO_TARGET,
+ "SSO - Target",
+ LanguageHelper.getErrorString("validation.general.sso.target.valid")));
+ }
+
+ }
+ }
+
+ check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_SERVICES_SZRGW_URL, getKeyPrefix()));
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!ValidationHelper.validateURL(check)) {
+ log.info("SZRGW URL is not valid");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.GENERAL_AUTH_SERVICES_SZRGW_URL,
+ "Services - SZR-GW URL",
+ LanguageHelper.getErrorString("validation.general.szrgw.url.valid")));
+ }
+ }
+
+ check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_TRUSTSTORE_URL, getKeyPrefix()));
+ if (MiscUtil.isEmpty(check)) {
+ log.info("Empty TrustCACerts Directory");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.GENERAL_AUTH_TRUSTSTORE_URL,
+ "Certificate - TrustStore Directory",
+ LanguageHelper.getErrorString("validation.general.trustedcacerts.empty")));
+
+ } else {
+ if (ValidationHelper.isNotValidIdentityLinkSigner(check)) {
+ log.info("Not valid TrustCACerts Directory");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.GENERAL_AUTH_TRUSTSTORE_URL,
+ "Certificate - TrustStore Directory",
+ LanguageHelper.getErrorString("validation.general.trustedcacerts.valid",
+ new Object[] {ValidationHelper.getNotValidOAIdentifierCharacters()}) ));
+ }
+ }
+
+ check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_AUTHBLOCK_TRANSFORMATION_BASE64, getKeyPrefix()));
+ if (MiscUtil.isEmpty(check) || check.equals(MOAIDConfigurationConstants.WEBGUI_EMPTY_ELEMENT)) {
+ log.info("AuthBlock Transformation file is empty");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.GENERAL_AUTH_AUTHBLOCK_TRANSFORMATION_BASE64,
+ "AuthBlock - Transformation",
+ LanguageHelper.getErrorString("validation.general.slrequest.file.empty")));
+
+ }
+
+ if (!errors.isEmpty())
+ throw new ConfigurationTaskValidationException(errors);
+
+
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#postProcessing(java.util.Map, java.util.List, at.gv.egiz.components.configuration.api.Configuration)
+ */
+ @Override
+ public Map<String, String> postProcessing(Map<String, String> input,
+ List<String> keysToDelete, Configuration dbconfig) {
+
+ Map<String, String> newConfigValues = new HashMap<String, String>();
+
+ String pubURLPrefix = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_PUBLICURLPREFIX, getKeyPrefix()));
+ if(pubURLPrefix.endsWith("/")) {
+ int length = pubURLPrefix.length();
+ pubURLPrefix = pubURLPrefix.substring(0, length-1);
+ newConfigValues.put(MOAIDConfigurationConstants.GENERAL_PUBLICURLPREFIX, pubURLPrefix);
+ log.debug("Change key: " + MOAIDConfigurationConstants.GENERAL_PUBLICURLPREFIX
+ + " from value: " + input.get(MOAIDConfigurationConstants.GENERAL_PUBLICURLPREFIX)
+ + " to value: " + pubURLPrefix);
+ }
+
+ String ssoTarget = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_SSO_TARGET, getKeyPrefix()));
+ if (MiscUtil.isNotEmpty(ssoTarget)) {
+ String newTarget = null;
+ if (!ValidationHelper.isValidAdminTarget(ssoTarget)) {
+ String num = ssoTarget.replaceAll(" ", "");
+ String pre = null;
+ if (!num.startsWith(MOAIDConfigurationConstants.PREFIX_WPBK)) {
+ //add wbPK prefix
+ if (num.startsWith(MOAIDConfigurationConstants.IDENIFICATIONTYPE_FN)) {
+ num = num.substring(MOAIDConfigurationConstants.IDENIFICATIONTYPE_FN.length());
+
+ num = at.gv.egovernment.moa.util.StringUtils.deleteLeadingZeros(num);
+ pre = MOAIDConfigurationConstants.IDENIFICATIONTYPE_FN;
+ }
+
+ if (num.startsWith(MOAIDConfigurationConstants.IDENIFICATIONTYPE_ZVR)) {
+ num = num.substring(MOAIDConfigurationConstants.IDENIFICATIONTYPE_ZVR.length());
+ pre = MOAIDConfigurationConstants.IDENIFICATIONTYPE_ZVR;
+ }
+
+ if (num.startsWith(MOAIDConfigurationConstants.IDENIFICATIONTYPE_ERSB)){
+ num = num.substring(MOAIDConfigurationConstants.IDENIFICATIONTYPE_ERSB.length());
+ pre = MOAIDConfigurationConstants.IDENIFICATIONTYPE_ERSB;
+ }
+
+ newTarget = MOAIDConfigurationConstants.PREFIX_WPBK + pre + "+" + num;
+
+ } else {
+ //wbPK prefix is already added
+ newTarget = num;
+
+ }
+
+ newConfigValues.put(MOAIDConfigurationConstants.GENERAL_AUTH_SSO_TARGET
+ , newTarget);
+ log.debug("Change key: " + MOAIDConfigurationConstants.GENERAL_AUTH_SSO_TARGET
+ + " from value: " + input.get(MOAIDConfigurationConstants.GENERAL_AUTH_SSO_TARGET)
+ + " to value: " + newTarget);
+
+ } else {
+ //TODO: maybe store full bPK target (incl. prefix)
+ newConfigValues.put(MOAIDConfigurationConstants.GENERAL_AUTH_SSO_TARGET
+ , ssoTarget);
+ log.debug("Change key: " + MOAIDConfigurationConstants.GENERAL_AUTH_SSO_TARGET
+ + " from value: " + input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_SSO_TARGET, getKeyPrefix()))
+ + " to value: " + ssoTarget);
+
+ }
+ }
+
+ //TODO: add AuthBlock transformation filename
+ String authBlockTransformation = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_AUTHBLOCK_TRANSFORMATION_BASE64, getKeyPrefix()));
+
+ String[] splittet = authBlockTransformation.split(",");
+ if (splittet.length > 1) {
+ newConfigValues.put(MOAIDConfigurationConstants.GENERAL_AUTH_AUTHBLOCK_TRANSFORMATION_BASE64,
+ splittet[1]);
+ log.debug("Extract AuthBlock Transformation from GUI upload and add it to key: {}", MOAIDConfigurationConstants.GENERAL_AUTH_AUTHBLOCK_TRANSFORMATION_BASE64);
+
+ }
+
+ if (newConfigValues.isEmpty())
+ return null;
+ else
+ return newConfigValues;
+
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getKeyPrefix()
+ */
+ @Override
+ public String getKeyPrefix() {
+ return MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL;
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getName()
+ */
+ @Override
+ public String getName() {
+ return "General MOA-ID Configuration Task";
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#getAllAllowedKeys()
+ */
+ @Override
+ public List<Pattern> getAllAllowedPatterns() {
+ return generatePatternsFromKeys(KEYWHITELIST);
+ }
+}
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralOpenIDConfigurationTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralOpenIDConfigurationTask.java
new file mode 100644
index 000000000..35fed19a3
--- /dev/null
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralOpenIDConfigurationTask.java
@@ -0,0 +1,95 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.config.webgui.validation.task.impl;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+import java.util.Map;
+import java.util.regex.Pattern;
+
+import at.gv.egiz.components.configuration.api.Configuration;
+import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
+import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils;
+import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationTaskValidationException;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator;
+
+/**
+ * @author tlenz
+ *
+ */
+public class GeneralOpenIDConfigurationTask extends AbstractTaskValidator {
+
+ private static final List<String> KEYWHITELIST;
+
+ static {
+ ArrayList<String> temp = new ArrayList<String>();
+ temp.add(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_OPENID_ENABLED, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL));
+ temp.add(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_OPENID_LEGACY, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL));
+
+ KEYWHITELIST = Collections.unmodifiableList(temp);
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#tastValidate(java.util.Map)
+ */
+ @Override
+ protected void taskValidate(Map<String, String> input)
+ throws ConfigurationTaskValidationException {
+
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#postProcessing(java.util.Map, java.util.List, at.gv.egiz.components.configuration.api.Configuration)
+ */
+ @Override
+ public Map<String, String> postProcessing(Map<String, String> input,
+ List<String> keysToDelete, Configuration dbconfig) {
+ return null;
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#getKeyPrefix()
+ */
+ @Override
+ public String getKeyPrefix() {
+ return MOAIDConfigurationConstants.GENERAL_PROTOCOLS_OPENID;
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#getName()
+ */
+ @Override
+ public String getName() {
+ return "General OpenID Configuration Task";
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#getAllAllowedKeys()
+ */
+ @Override
+ public List<Pattern> getAllAllowedPatterns() {
+ return generatePatternsFromKeys(KEYWHITELIST);
+ }
+
+}
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralPVP2XConfigurationTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralPVP2XConfigurationTask.java
new file mode 100644
index 000000000..a593b5461
--- /dev/null
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralPVP2XConfigurationTask.java
@@ -0,0 +1,236 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.config.webgui.validation.task.impl;
+
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.List;
+import java.util.Map;
+import java.util.regex.Pattern;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egiz.components.configuration.api.Configuration;
+import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
+import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils;
+import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
+import at.gv.egovernment.moa.id.config.webgui.exception.ValidationObjectIdentifier;
+import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationTaskValidationException;
+import at.gv.egovernment.moa.id.config.webgui.helper.LanguageHelper;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+/**
+ * @author tlenz
+ *
+ */
+public class GeneralPVP2XConfigurationTask extends AbstractTaskValidator implements ITaskValidator {
+ private static final Logger logger = LoggerFactory.getLogger(GeneralPVP2XConfigurationTask.class);
+
+ private static final List<String> KEYWHITELIST;
+
+ static {
+ ArrayList<String> temp = new ArrayList<String>();
+ temp.add(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_ENABLED, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL));
+
+ temp.add(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_LEGACY, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL));
+ temp.add(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_CONTACT_COMPANY, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL));
+ temp.add(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_CONTACT_FAMLIYNAME, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL));
+ temp.add(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_CONTACT_GIVENNAME, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL));
+ temp.add(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_CONTACT_MAIL, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL));
+ temp.add(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_CONTACT_PHONE, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL));
+ temp.add(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_CONTACT_TYPE, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL));
+ temp.add(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_ORG_FULLNAME, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL));
+ temp.add(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_ORG_SHORTNAME, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL));
+ temp.add(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_ORG_URL, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL));
+ temp.add(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_SERVICENAMME, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL));
+
+ KEYWHITELIST = Collections.unmodifiableList(temp);
+ }
+
+ public static final List<String> AllowedTypes= Arrays.asList(
+ "technical",
+ "support",
+ "administrative",
+ "billing",
+ "other");
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#validate(java.util.Map)
+ */
+ @Override
+ protected void taskValidate(Map<String, String> input)
+ throws ConfigurationTaskValidationException {
+
+ List<ValidationObjectIdentifier> errors = new ArrayList<ValidationObjectIdentifier>();
+
+ String check =
+ input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_SERVICENAMME, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL));
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ logger.info("PVP2 IssuerName is not valid: " + check);
+ errors.add(new ValidationObjectIdentifier(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_SERVICENAMME,
+ "Service Name",
+ LanguageHelper.getErrorString("validation.general.protocol.pvp2.issuername.valid",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)})));
+ }
+ }
+
+ check =
+ input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_ORG_FULLNAME, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL));
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ logger.info("PVP2 organisation display name is not valid: " + check);
+ errors.add(new ValidationObjectIdentifier(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_ORG_FULLNAME,
+ "Organisation - Full name",
+ LanguageHelper.getErrorString("validation.general.protocol.pvp2.org.displayname.valid",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)})));
+ }
+ }
+
+ check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_ORG_SHORTNAME, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL));
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ logger.info("PVP2 organisation name is not valid: " + check);
+ errors.add(new ValidationObjectIdentifier(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_ORG_SHORTNAME,
+ "Organisation - Short name",
+ LanguageHelper.getErrorString("validation.general.protocol.pvp2.org.name.valid",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)})));
+ }
+ }
+
+ check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_ORG_URL, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL));
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!ValidationHelper.validateURL(check)) {
+ logger.info("PVP2 organisation URL is not valid");
+ errors.add(new ValidationObjectIdentifier(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_ORG_URL,
+ "Organisation - URL",
+ LanguageHelper.getErrorString("validation.general.protocol.pvp2.org.url.valid")));
+ }
+ }
+
+
+ check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_CONTACT_COMPANY, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL));
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ logger.info("PVP2 Contact: Company is not valid: " + check);
+ errors.add(new ValidationObjectIdentifier(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_CONTACT_COMPANY,
+ "Contact - Company",
+ LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.company.valid",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)})));
+ }
+ }
+
+ check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_CONTACT_GIVENNAME, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL));
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ logger.info("PVP2 Contact: GivenName is not valid: " + check);
+ errors.add(new ValidationObjectIdentifier(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_CONTACT_GIVENNAME,
+ "Contact - GivenName",
+ LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.givenname.valid",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)})));
+ }
+ }
+
+ check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_CONTACT_FAMLIYNAME, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL));
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ logger.info("PVP2 Contact: SureName is not valid: " + check);
+ errors.add(new ValidationObjectIdentifier(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_CONTACT_FAMLIYNAME,
+ "Contact - FamilyName",
+ LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.surename.valid",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)})));
+ }
+ }
+
+ check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_CONTACT_TYPE, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL));
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!AllowedTypes.contains(check)) {
+ errors.add(new ValidationObjectIdentifier(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_CONTACT_TYPE,
+ "Contact - Type",
+ LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.type.valid")));
+ }
+ }
+
+ check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_CONTACT_MAIL, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL));
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!ValidationHelper.isEmailAddressFormat(check)) {
+ errors.add(new ValidationObjectIdentifier(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_CONTACT_MAIL,
+ "Contact - Mail",
+ LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.mail.valid")));
+ }
+ }
+
+ check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_CONTACT_PHONE, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL));
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!ValidationHelper.validatePhoneNumber(check)) {
+ errors.add(new ValidationObjectIdentifier(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_CONTACT_PHONE,
+ "Contact - Phone",
+ LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.phone.valid")));
+ }
+ }
+
+ if (!errors.isEmpty())
+ throw new ConfigurationTaskValidationException(errors);
+
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#postProcessing(java.util.Map, java.util.List, at.gv.egiz.components.configuration.api.Configuration)
+ */
+ @Override
+ public Map<String, String> postProcessing(Map<String, String> input,
+ List<String> keysToDelete, Configuration dbconfig) {
+ return null;
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getKeyPrefix()
+ */
+ @Override
+ public String getKeyPrefix() {
+ return MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X;
+
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getName()
+ */
+ @Override
+ public String getName() {
+ return "General PVP2X Configuration Task";
+
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#getAllAllowedKeys()
+ */
+ @Override
+ public List<Pattern> getAllAllowedPatterns() {
+ return generatePatternsFromKeys(KEYWHITELIST);
+ }
+
+}
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralRevisionLogTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralRevisionLogTask.java
new file mode 100644
index 000000000..35f1e5228
--- /dev/null
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralRevisionLogTask.java
@@ -0,0 +1,152 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.config.webgui.validation.task.impl;
+
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.UUID;
+import java.util.regex.Pattern;
+
+import org.apache.commons.lang.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egiz.components.configuration.api.Configuration;
+import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
+import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils;
+import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
+import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationTaskValidationException;
+import at.gv.egovernment.moa.id.config.webgui.exception.ValidationObjectIdentifier;
+import at.gv.egovernment.moa.id.config.webgui.helper.LanguageHelper;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.IDynamicLoadableTaskValidator;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+/**
+ * @author tlenz
+ *
+ */
+public class GeneralRevisionLogTask extends AbstractTaskValidator implements IDynamicLoadableTaskValidator {
+ private static final Logger log = LoggerFactory.getLogger(GeneralRevisionLogTask.class);
+ private static final List<String> KEYWHITELIST;
+
+ static {
+ ArrayList<String> temp = new ArrayList<String>();
+ KEYWHITELIST = Collections.unmodifiableList(temp);
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getKeyPrefix()
+ */
+ @Override
+ public String getKeyPrefix() {
+ return MOAIDConfigurationConstants.SERVICE_REVERSION;
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getName()
+ */
+ @Override
+ public String getName() {
+ return "General - Reversion Logging Task";
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#postProcessing(java.util.Map, java.util.List, at.gv.egiz.components.configuration.api.Configuration)
+ */
+ @Override
+ public Map<String, String> postProcessing(Map<String, String> input,
+ List<String> keysToDelete, Configuration dbconfig) {
+ Map<String, String> newConfigValues = new HashMap<String, String>();
+
+ String eventCodes = input.get(MOAIDConfigurationConstants.GENERAL_REVERSION_LOGS_EVENTCODES);
+ if (MiscUtil.isNotEmpty(eventCodes)) {
+ newConfigValues.put(MOAIDConfigurationConstants.GENERAL_REVERSION_LOGS_EVENTCODES,
+ KeyValueUtils.normalizeCSVValueString(eventCodes));
+
+ }
+
+ if (newConfigValues.isEmpty())
+ return null;
+ else
+ return newConfigValues;
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#tastValidate(java.util.Map)
+ */
+ @Override
+ protected void taskValidate(Map<String, String> input)
+ throws ConfigurationTaskValidationException {
+ List<ValidationObjectIdentifier> errors = new ArrayList<ValidationObjectIdentifier>();
+
+ String eventCodes = input.get(MOAIDConfigurationConstants.GENERAL_REVERSION_LOGS_EVENTCODES);
+ if (MiscUtil.isNotEmpty(eventCodes)) {
+ String[] codes = eventCodes.split(",");
+ for (String el: codes) {
+ try {
+ Integer.parseInt(el.trim());
+
+ } catch (NumberFormatException e) {
+ log.info("Revisions-Log eventcode(s) are not valid", e);
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.GENERAL_REVERSION_LOGS_EVENTCODES,
+ "Reversion - Logger Enabled",
+ LanguageHelper.getErrorString("error.oa.reversion.log.eventcodes")));
+ break;
+
+ }
+
+ }
+
+ }
+
+
+ if (!errors.isEmpty())
+ throw new ConfigurationTaskValidationException(errors);
+
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#getAllAllowedKeys()
+ */
+ @Override
+ public List<Pattern> getAllAllowedPatterns() {
+ return generatePatternsFromKeys(KEYWHITELIST);
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.IDynamicLoadableTaskValidator#getModulValidatorPrefix()
+ */
+ @Override
+ public List<String> getModulValidatorPrefix() {
+ return Arrays.asList(
+ MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL
+ );
+ }
+
+}
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralSTORKConfigurationTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralSTORKConfigurationTask.java
new file mode 100644
index 000000000..c6086583a
--- /dev/null
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralSTORKConfigurationTask.java
@@ -0,0 +1,612 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.config.webgui.validation.task.impl;
+
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+import java.util.regex.Pattern;
+
+import org.apache.commons.collections4.map.HashedMap;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egiz.components.configuration.api.Configuration;
+import at.gv.egiz.components.configuration.api.ConfigurationException;
+import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
+import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils;
+import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
+import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationTaskValidationException;
+import at.gv.egovernment.moa.id.config.webgui.exception.ValidationObjectIdentifier;
+import at.gv.egovernment.moa.id.config.webgui.helper.LanguageHelper;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.IDynamicLoadableTaskValidator;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+/**
+ * @author tlenz
+ *
+ */
+public class GeneralSTORKConfigurationTask extends AbstractTaskValidator implements
+ IDynamicLoadableTaskValidator {
+ private static final Logger log = LoggerFactory.getLogger(GeneralSTORKConfigurationTask.class);
+
+public static final List<String> KEYWHITELIST;
+
+ static {
+ ArrayList<String> temp = new ArrayList<String>();
+ temp.add(
+ KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_ATTRIBUTES_LIST, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL)
+ + ".\\S?." + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_ATTRIBUTES_LIST_MANDATORY);
+
+ temp.add(
+ KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_ATTRIBUTES_LIST, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL)
+ + ".\\S?." + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_ATTRIBUTES_LIST_NAME);
+
+ temp.add(
+ KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL)
+ + ".\\S?." + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST_SUPPORT_XMLDSIG);
+
+ temp.add(
+ KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL)
+ + ".\\S?." + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST_COUNTRY);
+
+ temp.add(
+ KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL)
+ + ".\\S?." + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST_URL);
+
+ temp.add(
+ KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_QAA, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL));
+
+
+ KEYWHITELIST = Collections.unmodifiableList(temp);
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#validate(java.util.Map)
+ */
+ @Override
+ public void taskValidate(Map<String, String> input)
+ throws ConfigurationTaskValidationException {
+ List<ValidationObjectIdentifier> errors = new ArrayList<ValidationObjectIdentifier>();
+ Map<String, String> validatedCPeps = new HashedMap<String, String>();
+ List<String> validatedAttributes = new ArrayList<String>();
+
+ //validate C-PEPS entries
+ Map<String, String> cPepsList = KeyValueUtils.getSubSetWithPrefix(input,
+ KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL));
+ if (!cPepsList.isEmpty()) {
+ Iterator<String> cPepsKeys = cPepsList.keySet().iterator();
+ while (cPepsKeys.hasNext()) {
+ String cpepsKey = cPepsKeys.next();
+ String index = KeyValueUtils.getParentKey(cpepsKey);
+
+ if (cpepsKey.endsWith(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST_COUNTRY)) {
+ String cc = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL)
+ + "." + cpepsKey);
+ String url = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL)
+ + "." + index + "."
+ + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST_URL);
+
+ log.trace("Extract C-PEPS for country: " + cc + " with URL:" + url);
+ if (!validatedCPeps.containsKey(cc)) {
+ if (MiscUtil.isNotEmpty(cc)) {
+ if (ValidationHelper.containsPotentialCSSCharacter(cc, false)) {
+ log.warn("CPEPS config countrycode contains potentail XSS characters: " + cc);
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST
+ + "." + cpepsKey,
+ "STORK - CPEPS Country",
+ LanguageHelper.getErrorString("validation.stork.cpeps.cc",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)})));
+ }
+ if(!cc.toLowerCase().matches("^[a-z][a-z]$")) {
+ log.warn("CPEPS config countrycode does not comply to ISO 3166-2 : " + cc);
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST
+ + "." + cpepsKey,
+ "STORK - CPEPS Country",
+ LanguageHelper.getErrorString("validation.stork.cpeps.cc",
+ new Object[] {cc})));
+ }
+ } else {
+ log.warn("CPEPS config countrycode is empty : " + cc);
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST
+ + "." + cpepsKey,
+ "STORK - CPEPS Country",
+ LanguageHelper.getErrorString("validation.stork.cpeps.empty",
+ new Object[] {cc})));
+ }
+
+ // check url
+ if (MiscUtil.isNotEmpty(url)) {
+ if (!ValidationHelper.validateURL(url)) {
+ log.info("CPEPS config URL is invalid : " + url);
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST
+ + "." + index + "."
+ + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST_URL,
+ "STORK - CPEPS URL",
+ LanguageHelper.getErrorString("validation.stork.cpeps.url")));
+ }
+ } else {
+ log.warn("CPEPS config url is empty : " + url);
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST
+ + "." + index + "."
+ + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST_URL,
+ "STORK - CPEPS URL",
+ LanguageHelper.getErrorString("validation.stork.cpeps.empty",
+ new Object[] {url})));
+
+ }
+ validatedCPeps.put(cc, url);
+
+ } else {
+ log.warn("Duplicated C-PEPS country with countryCode: " + cc + " found.");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST
+ + "." + cpepsKey,
+ "STORK - CPEPS Country",
+ LanguageHelper.getErrorString("validation.stork.cpeps.duplicate")));
+
+ }
+ }
+ }
+ }
+
+
+ // check qaa
+ try {
+ int qaa = Integer.valueOf(input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_QAA, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL)));
+ if(1 > qaa && 4 < qaa) {
+ log.warn("QAA is out of range : " + qaa);
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.GENERAL_AUTH_STORK_QAA,
+ "STORK - QAA Level",
+ LanguageHelper.getErrorString("validation.stork.qaa.outofrange",
+ new Object[] {qaa})));
+ }
+ } catch (Exception e) {
+ log.warn("STORK QAA can not parsed : " + input.get(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_QAA));
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.GENERAL_AUTH_STORK_QAA,
+ "STORK - QAA Level",
+ LanguageHelper.getErrorString("validation.stork.qaa.outofrange",
+ new Object[] {input.get(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_QAA)})));
+
+ }
+
+
+ // check attributes
+ Map<String, String> attributeList = KeyValueUtils.getSubSetWithPrefix(input,
+ KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_ATTRIBUTES_LIST, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL));
+ if (!attributeList.isEmpty()) {
+ for(String key : attributeList.keySet()) {
+ if (key.endsWith(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_ATTRIBUTES_LIST_NAME)) {
+ String value = attributeList.get(key);
+ if (!validatedAttributes.contains(value)) {
+ if (ValidationHelper.containsPotentialCSSCharacter(value, true)) {
+ log.warn("default attributes contains potentail XSS characters: " + value);
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.GENERAL_AUTH_STORK_QAA,
+ "STORK - Attributes",
+ LanguageHelper.getErrorString("validation.stork.requestedattributes",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(true)})));
+ }
+ if(!value.toLowerCase().matches("^[a-z0-9]*$")) {
+ log.warn("default attributes do not match the requested format : " + value);
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.GENERAL_AUTH_STORK_QAA,
+ "STORK - Attributes",
+ LanguageHelper.getErrorString("validation.stork.requestedattributes",
+ new Object[] {value})));
+ }
+ validatedAttributes.add(value);
+
+ } else {
+ log.warn("Duplicated STORK attribute: " + value + " found.");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.GENERAL_AUTH_STORK_ATTRIBUTES_LIST
+ + "." + key,
+ "STORK - Attributes",
+ LanguageHelper.getErrorString("validation.stork.requestedattributes")));
+
+ }
+ }
+ }
+
+ }
+
+
+ if (!errors.isEmpty())
+ throw new ConfigurationTaskValidationException(errors);
+
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#postProcessing(java.util.Map, java.util.List, at.gv.egiz.components.configuration.api.Configuration)
+ */
+ @Override
+ public Map<String, String> postProcessing(Map<String, String> input,
+ List<String> keysToDelete, Configuration dbconfig) {
+ List<String> currentCEPSCountries = new ArrayList<String>();
+ List<String> currentAttributeNames = new ArrayList<String>();
+
+ List<String> cPESCountriesToAdd = new ArrayList<String>();
+ List<String> attributeNamesToAdd = new ArrayList<String>();
+ List<String> cPESCountriesToDelete = new ArrayList<String>();
+ List<String> attributeNamesToDelete = new ArrayList<String>();
+
+ Map<String, String> newConfigValues = new HashMap<String, String>();
+
+ try {
+ //load current configuration
+ String[] currentCPEPSKeys = dbconfig.findConfigurationId(
+ MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST
+ + ".%."
+ + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST_COUNTRY);
+ if (currentCPEPSKeys != null) {
+ for (String el : currentCPEPSKeys) {
+ String cc = dbconfig.getStringValue(el);
+ if (MiscUtil.isNotEmpty(cc))
+ currentCEPSCountries.add(cc);
+
+ else {
+ //if empty, mark do delete
+ String keyToDelete = KeyValueUtils.getParentKey(el) + ".*";
+ log.trace("Mark C-PEPS key: {} for deleting.", keyToDelete);
+ keysToDelete.add(keyToDelete);
+ }
+ }
+ cPESCountriesToDelete.addAll(currentCEPSCountries);
+ }
+
+ String[] currentAttributeKeys = dbconfig.findConfigurationId(
+ MOAIDConfigurationConstants.GENERAL_AUTH_STORK_ATTRIBUTES_LIST
+ + ".%."
+ + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_ATTRIBUTES_LIST_NAME);
+ if (currentAttributeKeys != null) {
+ for (String el : currentAttributeKeys) {
+ String cc = dbconfig.getStringValue(el);
+ if (MiscUtil.isNotEmpty(cc))
+ currentAttributeNames.add(cc);
+
+ else {
+ //if empty, mark do delete
+ String keyToDelete = KeyValueUtils.getParentKey(el) + ".*";
+ log.trace("Mark empty STORK attribute key: {} for deleting.", keyToDelete);
+ keysToDelete.add(keyToDelete);
+
+ }
+ }
+ attributeNamesToDelete.addAll(currentAttributeNames);
+ }
+
+ //parse new configuration
+ Map<String, String> cPepsList = KeyValueUtils.getSubSetWithPrefix(input,
+ KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL));
+ if (!cPepsList.isEmpty()) {
+ Iterator<String> cPepsKeys = cPepsList.keySet().iterator();
+ while (cPepsKeys.hasNext()) {
+ String cpepsKey = cPepsKeys.next();
+
+ if (cpepsKey.endsWith(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST_COUNTRY)) {
+ String cc = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL)
+ + "." + cpepsKey);
+
+ //check new configuration against current configuration
+ if (currentCEPSCountries.contains(cc)) {
+ log.trace("C-PEPS for country {} is already in configuration", cc);
+ cPESCountriesToDelete.remove(cc);
+
+ } else {
+ if (MiscUtil.isNotEmpty(cc)) {
+ log.trace("C-PEPS for country {} must be added to Service configurations", cc);
+ cPESCountriesToAdd.add(cc);
+
+ }
+ }
+ }
+ }
+ }
+
+ Map<String, String> attributeList = KeyValueUtils.getSubSetWithPrefix(input,
+ KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_ATTRIBUTES_LIST, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL));
+ if (!attributeList.isEmpty()) {
+ Iterator<String> attributeKeys = attributeList.keySet().iterator();
+ while (attributeKeys.hasNext()) {
+ String attributeKey = attributeKeys.next();
+
+ if (attributeKey.endsWith(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_ATTRIBUTES_LIST_NAME)) {
+ String attributeName = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_ATTRIBUTES_LIST, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL)
+ + "." + attributeKey);
+
+ //check new configuration against current configuration
+ if (currentAttributeNames.contains(attributeName)) {
+ log.trace("STORK Attribute {} is already in configuration", attributeName);
+ attributeNamesToDelete.remove(attributeName);
+
+ } else {
+ if (MiscUtil.isNotEmpty(attributeName)) {
+ log.trace("STORK Attribute {} must be added to Service configurations", attributeName);
+ attributeNamesToAdd.add(attributeName);
+
+ } }
+ }
+ }
+ }
+
+ //add new key/value pairs to online Applications
+ if (!cPESCountriesToAdd.isEmpty() || !attributeNamesToAdd.isEmpty()) {
+ String[] currentOAServices = dbconfig.findConfigurationId(
+ MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES_OA
+ + ".%."
+ + MOAIDConfigurationConstants.SERVICE_UNIQUEIDENTIFIER);
+
+ for(String el : currentOAServices) {
+ String oaKey = KeyValueUtils.getParentKey(el);
+ String[] oaCPEPSList = dbconfig.findConfigurationId(
+ oaKey + "." + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST
+ + ".%."
+ + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST_COUNTRYCODE);
+
+ int nextListCounter = KeyValueUtils.findNextFreeListCounter(oaCPEPSList, oaKey + "." + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST);
+
+ //get all C-PEPS countries from OA
+ List<String> actuallyAddedOACPEPS = new ArrayList<String>();
+ for (String oaCPEPS : oaCPEPSList) {
+ String oaCC = dbconfig.getStringValue(oaCPEPS);
+ if (MiscUtil.isNotEmpty(oaCC) && !actuallyAddedOACPEPS.contains(oaCC))
+ actuallyAddedOACPEPS.add(oaCC);
+
+ }
+
+ for (String cc : cPESCountriesToAdd) {
+ if (!actuallyAddedOACPEPS.contains(cc)) {
+ log.debug("Add key: "
+ + oaKey
+ + "." + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST
+ + "." + String.valueOf(nextListCounter)
+ + "." + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST_COUNTRYCODE
+ + " and value: " + cc + " to configuration.");
+ newConfigValues.put(oaKey
+ + "." + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST
+ + "." + String.valueOf(nextListCounter)
+ + "." + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST_COUNTRYCODE
+ , cc);
+
+ log.debug("Add key: "
+ + oaKey
+ + "." + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST
+ + "." + String.valueOf(nextListCounter)
+ + "." + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST_ENABLED
+ + " and value: true" + " to configuration.");
+ newConfigValues.put(oaKey
+ + "." + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST
+ + "." + String.valueOf(nextListCounter)
+ + "." + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST_ENABLED
+ , String.valueOf(true));
+
+ nextListCounter++;
+
+ } else {
+ log.info("Configuration is maybe inconsistend! New C-PEPS country: "
+ + cc + " is already added on Service: " + oaKey);
+
+ }
+ }
+
+ String[] oaAttributeList = dbconfig.findConfigurationId(
+ oaKey + "." + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST
+ + ".%."
+ + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST_NAME);
+
+ int nextAttributeListCounter = KeyValueUtils.findNextFreeListCounter(oaAttributeList, oaKey + "." + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST);
+
+ //get all STORK attributes from OA
+ List<String> actuallyAddedOAAttributes = new ArrayList<String>();
+ for (String oaAttr : oaAttributeList) {
+ String oaAttrName = dbconfig.getStringValue(oaAttr);
+ if (MiscUtil.isNotEmpty(oaAttrName) && !actuallyAddedOAAttributes.contains(oaAttrName))
+ actuallyAddedOAAttributes.add(oaAttrName);
+
+ }
+
+ for (String attrName : attributeNamesToAdd) {
+ if (!actuallyAddedOAAttributes.contains(attrName)) {
+ log.debug("Add key: "
+ + oaKey
+ + "." + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST
+ + "." + String.valueOf(nextAttributeListCounter)
+ + "." + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST_NAME
+ + " and value: " + attrName + " to configuration.");
+ newConfigValues.put(oaKey
+ + "." + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST
+ + "." + String.valueOf(nextAttributeListCounter)
+ + "." + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST_NAME
+ , attrName);
+
+ log.debug("Add key: "
+ + oaKey
+ + "." + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST
+ + "." + String.valueOf(nextAttributeListCounter)
+ + "." + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST_REQUESTED
+ + " and value: true" + " to configuration.");
+ newConfigValues.put(oaKey
+ + "." + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST
+ + "." + String.valueOf(nextAttributeListCounter)
+ + "." + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST_REQUESTED
+ , String.valueOf(true));
+
+ log.debug("Add key: "
+ + oaKey
+ + "." + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST
+ + "." + String.valueOf(nextAttributeListCounter)
+ + "." + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST_MANDATORY
+ + " and value: false" + " to configuration.");
+ newConfigValues.put(oaKey
+ + "." + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST
+ + "." + String.valueOf(nextAttributeListCounter)
+ + "." + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST_MANDATORY
+ , String.valueOf(false));
+
+ } else {
+ log.info("Configuration is maybe inconsistend! New STORK attribute: "
+ + attrName + " is already added on Service: " + oaKey);
+
+ }
+ }
+ }
+ }
+
+ //delete unused key/value pairs from online applications
+ if (!cPESCountriesToDelete.isEmpty()) {
+ for (String el : cPESCountriesToDelete) {
+ //mark general config to delete
+ String[] generalCPEPS = dbconfig.findConfigurationId(
+ MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST
+ + ".%."
+ + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST_COUNTRY);
+
+ for (String ccKey : generalCPEPS) {
+ String storedCC = dbconfig.getStringValue(ccKey);
+ if (el.equals(storedCC)) {
+ //delete C-PEPS
+ String keyToDelete = KeyValueUtils.getParentKey(ccKey) + ".*";
+ log.debug("Mark key: " + keyToDelete + " for deleting.");
+ keysToDelete.add(keyToDelete);
+
+ }
+ }
+
+ //mark service key to delete
+ String[] servicesOAs = dbconfig.findConfigurationId(
+ MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES_OA
+ + ".%."
+ + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST
+ + ".%."
+ + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST_COUNTRYCODE);
+
+ for (String ccKey : servicesOAs) {
+ String storedCC = dbconfig.getStringValue(ccKey);
+ if (el.equals(storedCC)) {
+ //delete C-PEPS
+ String keyToDelete = KeyValueUtils.getParentKey(ccKey) + ".*";
+ log.debug("Mark key: " + keyToDelete + " for deleting.");
+ keysToDelete.add(keyToDelete);
+
+ }
+ }
+ }
+ }
+ if (!attributeNamesToDelete.isEmpty()) {
+ for (String el : attributeNamesToDelete) {
+ //mark general config to delete
+ String[] generalAttributes = dbconfig.findConfigurationId(
+ MOAIDConfigurationConstants.GENERAL_AUTH_STORK_ATTRIBUTES_LIST
+ + ".%."
+ + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_ATTRIBUTES_LIST_NAME);
+
+ for (String attrKey : generalAttributes) {
+ String storedAttr = dbconfig.getStringValue(attrKey);
+ if (el.equals(storedAttr)) {
+ //delete C-PEPS
+ String keyToDelete = KeyValueUtils.getParentKey(attrKey) + ".*";
+ log.debug("Mark key: " + keyToDelete + " for deleting.");
+ keysToDelete.add(keyToDelete);
+
+ }
+ }
+
+
+ //mark service key to delete
+ String[] servicesOAs = dbconfig.findConfigurationId(
+ MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES_OA
+ + ".%."
+ + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST
+ + ".%."
+ + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST_NAME);
+
+ for (String attrKey : servicesOAs) {
+ String storedAttr = dbconfig.getStringValue(attrKey);
+ if (el.equals(storedAttr)) {
+ //delete C-PEPS
+ String keyToDelete = KeyValueUtils.getParentKey(attrKey) + ".*";
+ log.debug("Mark key: " + keyToDelete + " for deleting.");
+ keysToDelete.add(keyToDelete);
+
+ }
+ }
+ }
+ }
+
+ } catch (ConfigurationException e) {
+ log.error("Configuration is not accessable!", e);
+
+ }
+
+ if (newConfigValues.isEmpty())
+ return null;
+ else
+ return newConfigValues;
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getKeyPrefix()
+ */
+ @Override
+ public String getKeyPrefix() {
+ return MOAIDConfigurationConstants.GENERAL_AUTH_STORK;
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getName()
+ */
+ @Override
+ public String getName() {
+ return "General STORK Configuration Task";
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.IDynamicLoadableTaskValidator#getModulValidatorPrefix()
+ */
+ @Override
+ public List<String> getModulValidatorPrefix() {
+ return Arrays.asList(MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL);
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#getAllAllowedKeys()
+ */
+ @Override
+ public List<Pattern> getAllAllowedPatterns() {
+ return generatePatternsFromKeys(KEYWHITELIST);
+ }
+
+}
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesAuthenticationInformationTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesAuthenticationInformationTask.java
new file mode 100644
index 000000000..8e8feefe0
--- /dev/null
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesAuthenticationInformationTask.java
@@ -0,0 +1,246 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.config.webgui.validation.task.impl;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.regex.Pattern;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egiz.components.configuration.api.Configuration;
+import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
+import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils;
+import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
+import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationTaskValidationException;
+import at.gv.egovernment.moa.id.config.webgui.exception.ValidationObjectIdentifier;
+import at.gv.egovernment.moa.id.config.webgui.helper.LanguageHelper;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+/**
+ * @author tlenz
+ *
+ */
+public class ServicesAuthenticationInformationTask extends AbstractTaskValidator implements ITaskValidator {
+ private static final Logger log = LoggerFactory.getLogger(ServicesAuthenticationInformationTask.class);
+ private static final List<String> KEYWHITELIST;
+
+ static {
+ ArrayList<String> temp = new ArrayList<String>();
+ KEYWHITELIST = Collections.unmodifiableList(temp);
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getKeyPrefix()
+ */
+ @Override
+ public String getKeyPrefix() {
+ return "";
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getName()
+ */
+ @Override
+ public String getName() {
+ return "Service - Authentication Configuration Task";
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#postProcessing(java.util.Map, java.util.List, at.gv.egiz.components.configuration.api.Configuration)
+ */
+ @Override
+ public Map<String, String> postProcessing(Map<String, String> input,
+ List<String> keysToDelete, Configuration dbconfig) {
+ Map<String, String> newConfigValues = new HashMap<String, String>();
+
+ //normalize CSV encoded value string of mandate profiles
+ String mandateProfiles = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_MANDATES_OVS_PROFILES);
+ if (MiscUtil.isNotEmpty(mandateProfiles)) {
+ newConfigValues.put(
+ MOAIDConfigurationConstants.SERVICE_AUTH_MANDATES_OVS_PROFILES,
+ KeyValueUtils.normalizeCSVValueString(mandateProfiles));
+
+ }
+
+ if (newConfigValues.isEmpty())
+ return null;
+ else
+ return newConfigValues;
+
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#tastValidate(java.util.Map)
+ */
+ @Override
+ protected void taskValidate(Map<String, String> input)
+ throws ConfigurationTaskValidationException {
+ List<ValidationObjectIdentifier> errors = new ArrayList<ValidationObjectIdentifier>();
+
+ //Check BKU URLs
+ String check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_HANDY);
+ if (MiscUtil.isNotEmpty(check) &&
+ !ValidationHelper.validateURL(check)) {
+ log.info("Not valid Handy-BKU URL");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_AUTH_BKU_HANDY,
+ "BKU - Handy",
+ LanguageHelper.getErrorString("validation.general.bku.handy.valid")));
+ }
+
+ check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_LOCAL);
+ if (MiscUtil.isNotEmpty(check) &&
+ !ValidationHelper.validateURL(check)) {
+ log.info("Not valid Online-BKU URL");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_AUTH_BKU_LOCAL,
+ "BKU - Local",
+ LanguageHelper.getErrorString("validation.general.bku.local.valid")));
+ }
+
+ check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_ONLINE);
+ if (MiscUtil.isNotEmpty(check) &&
+ !ValidationHelper.validateURL(check)) {
+ log.info("Not valid Online-BKU URL");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_AUTH_BKU_ONLINE,
+ "BKU - Online",
+ LanguageHelper.getErrorString("validation.general.bku.online.valid")));
+ }
+
+ //check KeyBoxIdentifier
+ check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_KEYBOXIDENTIFIER);
+ if (MiscUtil.isEmpty(check)) {
+ log.info("Empty KeyBoxIdentifier");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_AUTH_BKU_ONLINE,
+ "BKU - KeyBoxIdentifier",
+ LanguageHelper.getErrorString("validation.general.keyboxidentifier.empty")));
+
+ } else {
+ if (!MOAIDConfigurationConstants.ALLOWED_KEYBOXIDENTIFIER.contains(check)) {
+ log.info("Not valid KeyBoxIdentifier " + check);
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_AUTH_BKU_ONLINE,
+ "BKU - KeyBoxIdentifier",
+ LanguageHelper.getErrorString("validation.general.keyboxidentifier.valid")));
+ }
+ }
+
+ //check LegacyMode SLTemplates
+ String isLegacyModeActive = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_LEGACY);
+ if (MiscUtil.isNotEmpty(isLegacyModeActive) && Boolean.parseBoolean(isLegacyModeActive)) {
+ if (MiscUtil.isEmpty(input.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_FIRST_VALUE)) &&
+ MiscUtil.isEmpty(input.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_SECOND_VALUE)) &&
+ MiscUtil.isEmpty(input.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_THIRD_VALUE)) ) {
+ log.info("Empty OA-specific SecurityLayer Templates");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_LEGACY,
+ "BKU - SecurityLayer Templates",
+ LanguageHelper.getErrorString("validation.general.sltemplates.empty")));
+
+ } else {
+ check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_FIRST_VALUE);
+ if (MiscUtil.isNotEmpty(check) &&
+ ValidationHelper.isNotValidIdentityLinkSigner(check) ) {
+ log.info("First OA-specific SecurityLayer Templates is not valid");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_FIRST_VALUE,
+ "BKU - 1. SecurityLayer Templates",
+ LanguageHelper.getErrorString("validation.general.sltemplate1.valid")));
+ }
+ check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_SECOND_VALUE);
+ if (MiscUtil.isNotEmpty(check) &&
+ ValidationHelper.isNotValidIdentityLinkSigner(check) ) {
+ log.info("Second OA-specific SecurityLayer Templates is not valid");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_SECOND_VALUE,
+ "BKU - 2. SecurityLayer Templates",
+ LanguageHelper.getErrorString("validation.general.sltemplate2.valid")));
+ }
+ check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_THIRD_VALUE);
+ if (MiscUtil.isNotEmpty(check) &&
+ ValidationHelper.isNotValidIdentityLinkSigner(check) ) {
+ log.info("Third OA-specific SecurityLayer Templates is not valid");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_THIRD_VALUE,
+ "BKU - 3. SecurityLayer Templates",
+ LanguageHelper.getErrorString("validation.general.sltemplate3.valid")));
+ }
+ }
+ }
+
+ //check Mandate Profiles
+ String checkUseMandate = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_MANDATES_OVS_USE);
+ if (MiscUtil.isNotEmpty(checkUseMandate) && Boolean.parseBoolean(checkUseMandate)) {
+ check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_MANDATES_OVS_PROFILES);
+ if (ValidationHelper.containsPotentialCSSCharacter(check, true)) {
+ log.warn("MandateProfiles contains potentail XSS characters: " + check);
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_AUTH_MANDATES_OVS_PROFILES,
+ "Mandates - Profiles",
+ LanguageHelper.getErrorString("validation.general.mandate.profiles",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(true)}) ));
+ }
+
+ }
+
+ String isTestCredentialsActive = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TESTCREDENTIALS_ENABLED);
+ check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TESTCREDENTIALS_OIDs);
+ if (MiscUtil.isNotEmpty(isTestCredentialsActive) &&
+ Boolean.parseBoolean(isTestCredentialsActive) &&
+ MiscUtil.isNotEmpty(check)) {
+ String[] oids = check.split(",");
+ for (String el : oids) {
+ if (!el.startsWith(MOAIDConfigurationConstants.TESTCREDENTIALROOTOID)) {
+ log.warn("Test credential OID does not start with test credential root OID");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_AUTH_TESTCREDENTIALS_OIDs,
+ "Test-Identities - allowed OIDs",
+ LanguageHelper.getErrorString("validation.general.testcredentials.oid.valid",
+ new Object[] {el}) ));
+ }
+ }
+ }
+
+ if (!errors.isEmpty())
+ throw new ConfigurationTaskValidationException(errors);
+
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#getAllAllowedKeys()
+ */
+ @Override
+ public List<Pattern> getAllAllowedPatterns() {
+ return generatePatternsFromKeys(KEYWHITELIST);
+ }
+
+}
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesAuthenticationSTORKTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesAuthenticationSTORKTask.java
new file mode 100644
index 000000000..087334c4b
--- /dev/null
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesAuthenticationSTORKTask.java
@@ -0,0 +1,301 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.config.webgui.validation.task.impl;
+
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+import java.util.Map.Entry;
+import java.util.regex.Pattern;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egiz.components.configuration.api.Configuration;
+import at.gv.egiz.components.configuration.api.ConfigurationException;
+import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
+import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils;
+import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationTaskValidationException;
+import at.gv.egovernment.moa.id.config.webgui.exception.ValidationObjectIdentifier;
+import at.gv.egovernment.moa.id.config.webgui.helper.LanguageHelper;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.IDynamicLoadableTaskValidator;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+/**
+ * @author tlenz
+ *
+ */
+public class ServicesAuthenticationSTORKTask extends AbstractTaskValidator implements IDynamicLoadableTaskValidator {
+ private static final Logger log = LoggerFactory.getLogger(ServicesAuthenticationSTORKTask.class);
+ private static final List<String> KEYWHITELIST;
+
+ static {
+ ArrayList<String> temp = new ArrayList<String>();
+ KEYWHITELIST = Collections.unmodifiableList(temp);
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getKeyPrefix()
+ */
+ @Override
+ public String getKeyPrefix() {
+ return "";
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getName()
+ */
+ @Override
+ public String getName() {
+ return "Service - General Configuration Task";
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#postProcessing(java.util.Map, java.util.List, at.gv.egiz.components.configuration.api.Configuration)
+ */
+ @Override
+ public Map<String, String> postProcessing(Map<String, String> input,
+ List<String> keysToDelete, Configuration dbconfig) {
+ Map<String, String> newConfigValues = new HashMap<String, String>();
+
+ //C-PEPS
+ try {
+ //search all actually configured C-PEPS
+ String[] cPepsKeys = dbconfig.findConfigurationId(
+ MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST
+ + ".%."
+ + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST_COUNTRY);
+ List<String> cPepsCountries = new ArrayList<String>();
+ for (String el : cPepsKeys) {
+ String country = dbconfig.getStringValue(el);
+ if (MiscUtil.isNotEmpty(el))
+ cPepsCountries.add(country);
+
+ }
+
+ //check SERVICE STORK countries against C-PEPS configuration
+ Map<String, String> GUICountries = KeyValueUtils.getSubSetWithPrefix(input, MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST);
+ Iterator<Entry<String, String>> GUICountriesInterator = GUICountries.entrySet().iterator();
+ while (GUICountriesInterator.hasNext()) {
+ Entry<String, String> entry = GUICountriesInterator.next();
+ if (entry.getKey().endsWith(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST_COUNTRYCODE)) {
+
+ if (cPepsCountries.contains(entry.getValue())) {
+ //Service contains C-PEPS
+ log.trace("Service contains C-PEPS with countryCode: " + entry.getValue());
+ cPepsCountries.remove(entry.getValue());
+
+ } else {
+ //Service contains countryCode which is not a C-PEPS --> remove country code from service
+ log.debug("No C-PEPS with service countryCode: " + entry.getValue()
+ + " Remove countryCode from service.");
+ String index = KeyValueUtils.getParentKey(entry.getKey());
+ if (MiscUtil.isNotEmpty(index)) {
+ keysToDelete.add(
+ MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST
+ + "." + index + "*");
+
+ } else
+ log.warn("Can not remove countryCode from service. Suspect key: "
+ + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST
+ + "." + entry.getKey());
+
+ }
+ }
+ }
+
+ // add new C-PEPS to service
+ int nextFreeIndex = KeyValueUtils.findNextFreeListCounter(GUICountries.keySet(), new String());
+ for (String el : cPepsCountries) {
+ log.debug("Add new C-PEPS: " + el + " to service with key: "
+ + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST
+ + "." + nextFreeIndex);
+ newConfigValues.put(
+ MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST
+ + "." + nextFreeIndex + "."
+ + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST_COUNTRYCODE,
+ el);
+ newConfigValues.put(
+ MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST
+ + "." + nextFreeIndex + "."
+ + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST_ENABLED,
+ String.valueOf(true));
+ nextFreeIndex++;
+ }
+
+
+ } catch (ConfigurationException e) {
+ log.error("Can not access configuration.", e);
+
+ }
+
+
+ //STORK attributes
+ try {
+ //search all actually configured C-PEPS
+ String[] attributeKeys = dbconfig.findConfigurationId(
+ MOAIDConfigurationConstants.GENERAL_AUTH_STORK_ATTRIBUTES_LIST
+ + ".%."
+ + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_ATTRIBUTES_LIST_NAME);
+ List<String> attributeNames = new ArrayList<String>();
+ for (String el : attributeKeys) {
+ String country = dbconfig.getStringValue(el);
+ if (MiscUtil.isNotEmpty(el))
+ attributeNames.add(country);
+
+ }
+
+ //check SERVICE STORK countries against C-PEPS configuration
+ Map<String, String> GUIAttributes = KeyValueUtils.getSubSetWithPrefix(input, MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST);
+ Iterator<Entry<String, String>> GUIAttributesInterator = GUIAttributes.entrySet().iterator();
+ while (GUIAttributesInterator.hasNext()) {
+ Entry<String, String> entry = GUIAttributesInterator.next();
+ if (entry.getKey().endsWith(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST_NAME)) {
+
+ if (attributeNames.contains(entry.getValue())) {
+ //Service contains C-PEPS
+ log.trace("Service contains STORK attribute with name: " + entry.getValue());
+ attributeNames.remove(entry.getValue());
+
+ } else {
+ //Service contains countryCode which is not a C-PEPS --> remove country code from service
+ log.debug("No STORK attribute with service attributeName: " + entry.getValue()
+ + " Remove STORK attribte from service.");
+ String index = KeyValueUtils.getParentKey(entry.getKey());
+ if (MiscUtil.isNotEmpty(index)) {
+ keysToDelete.add(
+ MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST
+ + "." + index + "*");
+
+ } else
+ log.warn("Can not remove STORK attribute from service. Suspect key: "
+ + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST
+ + "." + entry.getKey());
+
+ }
+ }
+ }
+
+ // add new C-PEPS to service
+ int nextFreeIndex = KeyValueUtils.findNextFreeListCounter(GUIAttributes.keySet(), new String());
+ for (String el : attributeNames) {
+ log.debug("Add new STORK attribute: " + el + " to service with key: "
+ + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST
+ + "." + nextFreeIndex);
+ newConfigValues.put(
+ MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST
+ + "." + nextFreeIndex + "."
+ + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST_NAME,
+ el);
+
+ newConfigValues.put(
+ MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST
+ + "." + nextFreeIndex + "."
+ + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST_REQUESTED,
+ String.valueOf(false));
+
+ newConfigValues.put(
+ MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST
+ + "." + nextFreeIndex + "."
+ + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST_MANDATORY,
+ String.valueOf(false));
+
+ nextFreeIndex++;
+ }
+
+
+ } catch (ConfigurationException e) {
+ log.error("Can not access configuration.", e);
+
+ }
+
+
+
+ if (newConfigValues.isEmpty())
+ return null;
+ else
+ return newConfigValues;
+
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#tastValidate(java.util.Map)
+ */
+ @Override
+ protected void taskValidate(Map<String, String> input)
+ throws ConfigurationTaskValidationException {
+ List<ValidationObjectIdentifier> errors = new ArrayList<ValidationObjectIdentifier>();
+
+ // check qaa
+ String qaaString = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_MINQAALEVEL);
+ if (MiscUtil.isNotEmpty(qaaString)) {
+ try {
+ int qaa = Integer.parseInt(qaaString);
+ if(1 > qaa && 4 < qaa) {
+ log.warn("QAA is out of range : " + qaa);
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_AUTH_STORK_MINQAALEVEL,
+ "STORK - minimal QAA level",
+ LanguageHelper.getErrorString("validation.stork.qaa.outofrange",
+ new Object[] {qaa})));
+ }
+
+ } catch (NumberFormatException e) {
+ log.warn("QAA level is not a number: " + qaaString);
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_AUTH_STORK_MINQAALEVEL,
+ "STORK - minimal QAA level",
+ LanguageHelper.getErrorString("validation.stork.qaa.outofrange",
+ new Object[] {qaaString})));
+ }
+ }
+
+ if (!errors.isEmpty())
+ throw new ConfigurationTaskValidationException(errors);
+
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#getAllAllowedKeys()
+ */
+ @Override
+ public List<Pattern> getAllAllowedPatterns() {
+ return generatePatternsFromKeys(KEYWHITELIST);
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.IDynamicLoadableTaskValidator#getModulValidatorPrefix()
+ */
+ @Override
+ public List<String> getModulValidatorPrefix() {
+ return Arrays.asList(
+ MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES_OA
+ );
+ }
+
+}
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesBKUSelectionTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesBKUSelectionTask.java
new file mode 100644
index 000000000..ca1109aa1
--- /dev/null
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesBKUSelectionTask.java
@@ -0,0 +1,426 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.config.webgui.validation.task.impl;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.regex.Pattern;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egiz.components.configuration.api.Configuration;
+import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
+import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
+import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationTaskValidationException;
+import at.gv.egovernment.moa.id.config.webgui.exception.ValidationObjectIdentifier;
+import at.gv.egovernment.moa.id.config.webgui.helper.GUIDataParser;
+import at.gv.egovernment.moa.id.config.webgui.helper.LanguageHelper;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator;
+import at.gv.egovernment.moa.util.Base64Utils;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+/**
+ * @author tlenz
+ *
+ */
+public class ServicesBKUSelectionTask extends AbstractTaskValidator implements ITaskValidator {
+ private static final Logger log = LoggerFactory.getLogger(ServicesBKUSelectionTask.class);
+ private static final List<String> KEYWHITELIST;
+
+ static {
+ ArrayList<String> temp = new ArrayList<String>();
+ KEYWHITELIST = Collections.unmodifiableList(temp);
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getKeyPrefix()
+ */
+ @Override
+ public String getKeyPrefix() {
+ return "auth.templates";
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getName()
+ */
+ @Override
+ public String getName() {
+ return "Service - BKU-Selection Configuration Task";
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#postProcessing(java.util.Map, java.util.List, at.gv.egiz.components.configuration.api.Configuration)
+ */
+ @Override
+ public Map<String, String> postProcessing(Map<String, String> input,
+ List<String> keysToDelete, Configuration dbconfig) {
+
+ Map<String, String> newConfigValues = new HashMap<String, String>();
+
+ String bkuSelectTemplateUploadedFileName = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION_FILENAME);
+ if (MiscUtil.isNotEmpty(bkuSelectTemplateUploadedFileName)) {
+ newConfigValues.put(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION_PREVIEW, bkuSelectTemplateUploadedFileName);
+
+ }
+
+ String sendAssertionTemplateUploadedFileName = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION_FILENAME);
+ if (MiscUtil.isNotEmpty(sendAssertionTemplateUploadedFileName)) {
+ newConfigValues.put(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION_PREVIEW, sendAssertionTemplateUploadedFileName);
+
+ }
+
+ String bkuSelectionFileUpload = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION_DATA);
+ String bkuSelectionFile = GUIDataParser.getBase64ContentFromGUIUpload(bkuSelectionFileUpload);
+ if (bkuSelectionFile != null)
+ newConfigValues.put(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION_DATA,
+ bkuSelectionFile);
+
+ String sendAssertionTemplateUpload = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION_DATA);
+ String sendAssertionTemplate = GUIDataParser.getBase64ContentFromGUIUpload(sendAssertionTemplateUpload);
+ if (sendAssertionTemplate != null)
+ newConfigValues.put(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION_DATA,
+ sendAssertionTemplate);
+
+ String deleteBKUSelectionTemplate = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION_DELETE);
+ if (MiscUtil.isNotEmpty(deleteBKUSelectionTemplate) && Boolean.parseBoolean(deleteBKUSelectionTemplate)) {
+ newConfigValues.put(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION_DATA,
+ null);
+ newConfigValues.put(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION_DELETE, String.valueOf(false));
+ newConfigValues.put(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION_PREVIEW, null);
+ newConfigValues.put(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION_FILENAME, null);
+
+ }
+
+ String deleteSendAssertionTemplate = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION_DELETE);
+ if (MiscUtil.isNotEmpty(deleteSendAssertionTemplate) && Boolean.parseBoolean(deleteSendAssertionTemplate)) {
+ newConfigValues.put(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION_DATA,
+ null);
+ newConfigValues.put(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION_DELETE, String.valueOf(false));
+ newConfigValues.put(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION_PREVIEW, null);
+ newConfigValues.put(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION_FILENAME, null);
+ }
+
+
+
+ if (newConfigValues.isEmpty())
+ return null;
+ else
+ return newConfigValues;
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#tastValidate(java.util.Map)
+ */
+ @Override
+ protected void taskValidate(Map<String, String> input)
+ throws ConfigurationTaskValidationException {
+ List<ValidationObjectIdentifier> errors = new ArrayList<ValidationObjectIdentifier>();
+
+
+ //validate aditionalAuthBlockText
+ String check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_AUTHBLOCKTEXT);
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ log.warn("AditionalAuthBlockText contains potentail XSS characters: " + check);
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_AUTH_BKU_AUTHBLOCKTEXT,
+ "AuthBlock - Addition AuthBlocktext",
+ LanguageHelper.getErrorString("validation.general.aditionalauthblocktext",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)})));
+ }
+ }
+
+ //validate BKU selection template
+ String bkuSelectTemplate = null;
+ String bkuSelectionFileUpload = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION_DATA);
+ if (MiscUtil.isNotEmpty(bkuSelectionFileUpload) &&
+ !bkuSelectionFileUpload.equals(MOAIDConfigurationConstants.WEBGUI_EMPTY_ELEMENT) ) {
+ String bkuSelectTemplateFileName = "unknown";
+ try {
+ String bkuSelectTemplateUploadedFileName = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION_FILENAME);
+ if (MiscUtil.isNotEmpty(bkuSelectTemplateUploadedFileName)) {
+ if (ValidationHelper.containsPotentialCSSCharacter(bkuSelectTemplateUploadedFileName, false)) {
+ log.info("BKU Selection Filename is not valid");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION_FILENAME,
+ "Templates - BKU Selection Filename",
+ LanguageHelper.getErrorString("validation.general.bkuselection.filename.valid")));
+
+ } else
+ bkuSelectTemplateFileName = bkuSelectTemplateUploadedFileName;
+
+ } else {
+ String bkuSelectTemplatePreView = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION_PREVIEW);
+ if (MiscUtil.isNotEmpty(bkuSelectTemplatePreView))
+ bkuSelectTemplateFileName = bkuSelectTemplatePreView;
+
+ }
+
+ bkuSelectTemplate = GUIDataParser.getBase64ContentFromGUIUpload(bkuSelectionFileUpload);
+ if (bkuSelectTemplate == null) {
+ log.info("BKU Selection Template is not decodeable.");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION_DATA,
+ "Templates - BKU Selection",
+ LanguageHelper.getErrorString("validation.general.bkuselection.file.valid",
+ new Object[] {bkuSelectTemplateFileName})));
+
+ }
+
+ } catch (Exception e) {
+ log.info("BKU Selection Template is not decodeable.");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION_DATA,
+ "Templates - BKU Selection",
+ LanguageHelper.getErrorString("validation.general.bkuselection.file.valid",
+ new Object[] {bkuSelectTemplateFileName})));
+
+ }
+
+ }
+
+ //validate send-assertion template
+ String sendAssertionTemplate = null;
+ String sendAssertionFileUpload = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION_DATA);
+ if (MiscUtil.isNotEmpty(sendAssertionFileUpload) &&
+ !sendAssertionFileUpload.equals(MOAIDConfigurationConstants.WEBGUI_EMPTY_ELEMENT)) {
+ String sendAssertionTemplateFileName = "unknown";
+ try {
+ String sendAssertionTemplateUploadedFileName = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION_FILENAME);
+ if (MiscUtil.isNotEmpty(sendAssertionTemplateUploadedFileName)) {
+ if (ValidationHelper.containsPotentialCSSCharacter(sendAssertionTemplateUploadedFileName, false)) {
+ log.info("Send Assertion Filename is not valid");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION_FILENAME,
+ "Templates - Send Assertion Filename",
+ LanguageHelper.getErrorString("validation.general.sendassertion.filename.valid")));
+
+ } else
+ sendAssertionTemplateFileName = sendAssertionTemplateUploadedFileName;
+
+ } else {
+ String sendAssertionTemplatePreView = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION_PREVIEW);
+ if (MiscUtil.isNotEmpty(sendAssertionTemplatePreView))
+ sendAssertionTemplateFileName = sendAssertionTemplatePreView;
+
+ }
+
+ sendAssertionTemplate = GUIDataParser.getBase64ContentFromGUIUpload(sendAssertionFileUpload);
+ if (sendAssertionTemplate == null) {
+ log.info("Send Assertion Template is not decodeable.");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION_DATA,
+ "Templates - Send Assertion",
+ LanguageHelper.getErrorString("validation.general.sendassertion.file.valid",
+ new Object[] {sendAssertionTemplateFileName})));
+
+ }
+
+ } catch (Exception e) {
+ log.info("Send Assertion Template is not decodeable.");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION_DATA,
+ "Templates - Send Assertion",
+ LanguageHelper.getErrorString("validation.general.sendassertion.file.valid",
+ new Object[] {sendAssertionTemplateFileName})));
+
+ }
+
+ }
+
+ check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BACKGROUNDCOLOR);
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!check.startsWith("#"))
+ check = "#" + check;
+
+ if (!ValidationHelper.isValidHexValue(check)) {
+ log.warn("BKUSelectionBackGroundColor is not a valid hex value " + check);
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BACKGROUNDCOLOR,
+ "Templates - Background Color",
+ LanguageHelper.getErrorString("validation.general.form.color.background")));
+ }
+ }
+
+ check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_FRONTCOLOR);
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!check.startsWith("#"))
+ check = "#" + check;
+
+ if (!ValidationHelper.isValidHexValue(check)) {
+ log.warn("BKUSelectionFrontColor is not a valid hex value " + check);
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_FRONTCOLOR,
+ "Templates - Front Color",
+ LanguageHelper.getErrorString("validation.general.form.color.front")));
+ }
+ }
+
+ check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_HEADERBACKGROUNDCOLOR);
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!check.startsWith("#"))
+ check = "#" + check;
+
+ if (!ValidationHelper.isValidHexValue(check)) {
+ log.warn("HeaderBackGroundColor is not a valid hex value " + check);
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_HEADERBACKGROUNDCOLOR,
+ "Templates - Header Background-Color",
+ LanguageHelper.getErrorString("validation.general.form.header.color.back")));
+ }
+ }
+
+ check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_HEADERFRONTCOLOR);
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!check.startsWith("#"))
+ check = "#" + check;
+
+ if (!ValidationHelper.isValidHexValue(check)) {
+ log.warn("HeaderFrontColor is not a valid hex value " + check);
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_HEADERFRONTCOLOR,
+ "Templates - Header Front-Color",
+ LanguageHelper.getErrorString("validation.general.form.header.color.front")));
+ }
+ }
+
+ check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_HEADERTEXT);
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ log.warn("HeaderText contains potentail XSS characters: " + check);
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_HEADERTEXT,
+ "Templates - Header Text",
+ LanguageHelper.getErrorString("validation.general.form.header.text",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}) ));
+ }
+ }
+
+ check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BUTTONBACKGROUNDCOLOR);
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!check.startsWith("#"))
+ check = "#" + check;
+
+ if (!ValidationHelper.isValidHexValue(check)) {
+ log.warn("ButtonBackGroundColor is not a valid hex value " + check);
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BUTTONBACKGROUNDCOLOR,
+ "Templates - Button Background-Color",
+ LanguageHelper.getErrorString("validation.general.form.button.color.back")));
+ }
+ }
+
+ check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BUTTONBACLGROUNDCOLORFOCUS);
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!check.startsWith("#"))
+ check = "#" + check;
+
+ if (!ValidationHelper.isValidHexValue(check)) {
+ log.warn("ButtonBackGroundColorFocus is not a valid hex value " + check);
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BUTTONBACLGROUNDCOLORFOCUS,
+ "Templates - Button Background-Color on Focus",
+ LanguageHelper.getErrorString("validation.general.form.button.color.back.focus")));
+ }
+ }
+
+ check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BUTTONFRONTCOLOR);
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!check.startsWith("#"))
+ check = "#" + check;
+
+ if (!ValidationHelper.isValidHexValue(check)) {
+ log.warn("ButtonFrontColor is not a valid hex value " + check);
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BUTTONFRONTCOLOR,
+ "Templates - Button Front-Color",
+ LanguageHelper.getErrorString("validation.general.form.button.color.front")));
+ }
+ }
+
+ check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_APPLETREDIRECTTARGET);
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!MOAIDConfigurationConstants.ALLOWED_REDIRECTTARGETNAMES.contains(check)) {
+ log.warn("AppletRedirectTarget has not valid value " + check);
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_APPLETREDIRECTTARGET,
+ "Templates - Applet Redirect-Target",
+ LanguageHelper.getErrorString("validation.general.form.appletredirecttarget")));
+ }
+ }
+
+ check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_FONTTYPE);
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, true)) {
+ log.warn("FontType contains potentail XSS characters: " + check);
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_FONTTYPE,
+ "Templates - Font Type",
+ LanguageHelper.getErrorString("validation.general.form.fonttype",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(true)}) ));
+ }
+ }
+
+ check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_APPLETHEIGHT);
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!ValidationHelper.validateNumber(check)) {
+ log.warn("Applet height "+ check + " is no valid number");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_APPLETHEIGHT,
+ "Templates - Applet Height",
+ LanguageHelper.getErrorString("validation.general.form.applet.height",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(true)}) ));
+ }
+ }
+
+ check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_APPLETWIDTH);
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!ValidationHelper.validateNumber(check)) {
+ log.warn("Applet width "+ check + " is no valid number");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_APPLETWIDTH,
+ "Templates - Applet Width",
+ LanguageHelper.getErrorString("validation.general.form.applet.width",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(true)}) ));
+ }
+ }
+
+ if (!errors.isEmpty())
+ throw new ConfigurationTaskValidationException(errors);
+
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#getAllAllowedKeys()
+ */
+ @Override
+ public List<Pattern> getAllAllowedPatterns() {
+ return generatePatternsFromKeys(KEYWHITELIST);
+ }
+
+}
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesGeneralInformationTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesGeneralInformationTask.java
new file mode 100644
index 000000000..86d047c74
--- /dev/null
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesGeneralInformationTask.java
@@ -0,0 +1,215 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.config.webgui.validation.task.impl;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+import java.util.Map;
+import java.util.regex.Pattern;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+
+import at.gv.egiz.components.configuration.api.Configuration;
+import at.gv.egiz.components.configuration.api.ConfigurationException;
+import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
+import at.gv.egovernment.moa.id.commons.config.persistence.MOAIDConfiguration;
+import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
+import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationTaskValidationException;
+import at.gv.egovernment.moa.id.config.webgui.exception.ValidationObjectIdentifier;
+import at.gv.egovernment.moa.id.config.webgui.helper.LanguageHelper;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+/**
+ * @author tlenz
+ *
+ */
+public class ServicesGeneralInformationTask extends AbstractTaskValidator implements ITaskValidator {
+ private static final Logger log = LoggerFactory.getLogger(ServicesGeneralInformationTask.class);
+ private static final List<String> KEYWHITELIST;
+
+ private static MOAIDConfiguration dbconfig;
+
+ static {
+ ArrayList<String> temp = new ArrayList<String>();
+ KEYWHITELIST = Collections.unmodifiableList(temp);
+ }
+
+
+ @Autowired
+ public void setDatabaseConfiguration(MOAIDConfiguration config) {
+ dbconfig = config;
+
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getKeyPrefix()
+ */
+ @Override
+ public String getKeyPrefix() {
+ return "";
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getName()
+ */
+ @Override
+ public String getName() {
+ return "Service - General Configuration Task";
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#postProcessing(java.util.Map, java.util.List, at.gv.egiz.components.configuration.api.Configuration)
+ */
+ @Override
+ public Map<String, String> postProcessing(Map<String, String> input,
+ List<String> keysToDelete, Configuration dbconfig) {
+ return null;
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#tastValidate(java.util.Map)
+ */
+ @Override
+ protected void taskValidate(Map<String, String> input)
+ throws ConfigurationTaskValidationException {
+ if (dbconfig == null) {
+ throw new ConfigurationTaskValidationException(
+ new ValidationObjectIdentifier("internal", "Internal Error", "Configuration is not readable!"));
+
+ }
+
+ List<ValidationObjectIdentifier> errors = new ArrayList<ValidationObjectIdentifier>();
+
+ String check = input.get(MOAIDConfigurationConstants.SERVICE_FRIENDLYNAME);
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ log.warn("OAFriendlyName contains potentail XSS characters: " + check);
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_FRIENDLYNAME,
+ "FriendlyName",
+ LanguageHelper.getErrorString("validation.general.oafriendlyname.valid",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)})));
+ }
+ } else {
+ log.info("OA friendlyName is empty");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_FRIENDLYNAME,
+ "FriendlyName",
+ LanguageHelper.getErrorString("validation.general.oafriendlyname.empty")));
+ }
+
+ String isBusinessService = input.get(MOAIDConfigurationConstants.SERVICE_BUSINESSSERVICE);
+ if (MiscUtil.isEmpty(isBusinessService)) {
+ log.info("OA businessservice flag is empty");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_BUSINESSSERVICE,
+ "BusinessService",
+ LanguageHelper.getErrorString("validation.general.businessservice.empty")));
+
+ }
+
+ String servicePrefixId = input.get(MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES);
+ if (MiscUtil.isNotEmpty(servicePrefixId)) {
+ String uniqueServiceID = input.get(MOAIDConfigurationConstants.SERVICE_UNIQUEIDENTIFIER);
+ if (MiscUtil.isEmpty(uniqueServiceID)) {
+ log.info("Empty unique service identifier");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_UNIQUEIDENTIFIER,
+ "Unique Identifier",
+ LanguageHelper.getErrorString("validation.general.oaidentifier.empty")));
+
+ } else {
+ if (!ValidationHelper.validateURL(uniqueServiceID)) {
+ log.warn("Unique serice identifier is not a valid URL: " + uniqueServiceID);
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_UNIQUEIDENTIFIER,
+ "Unique Identifier",
+ LanguageHelper.getErrorString("validation.general.oaidentifier.valid")));
+
+ } else {
+ //check uniqueness of service identifier
+ try {
+ String[] allServiceKeys = dbconfig.findConfigurationId(
+ MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES
+ +".%."
+ + MOAIDConfigurationConstants.SERVICE_UNIQUEIDENTIFIER);
+ if (allServiceKeys != null) {
+ List<String> foundKeys = new ArrayList<String>();
+ for (String elKey : allServiceKeys) {
+ String elValue = dbconfig.getStringValue(elKey);
+ if (uniqueServiceID.startsWith(elValue) ||
+ (elValue != null && elValue.startsWith(uniqueServiceID))) {
+ log.debug("Found service with key: " + elKey
+ + " and uniqueID: " + elValue
+ + " which maches to edited service with uniqueID:"
+ + uniqueServiceID);
+ foundKeys.add(elKey);
+
+ }
+
+ }
+ if ((foundKeys.size() > 1) ||
+ ((foundKeys.size() == 1) && !foundKeys.get(0).startsWith(servicePrefixId) )) {
+ log.info("The service identifier is not unique");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_UNIQUEIDENTIFIER,
+ "Unique Identifier",
+ LanguageHelper.getErrorString("validation.general.oaidentifier.notunique")));
+
+ }
+ }
+
+ } catch (ConfigurationException e) {
+ log.error("Configuration not readable!", e);
+ new ValidationObjectIdentifier("internal", "Internal Error", "Configuration is not readable!");
+
+ }
+ }
+ }
+
+ } else {
+ throw new ConfigurationTaskValidationException(
+ new ValidationObjectIdentifier("internal", "Internal Error", "No MOA-ID service prefix! Can not check uniqueness of service configuration."));
+
+ }
+
+
+ if (!errors.isEmpty())
+ throw new ConfigurationTaskValidationException(errors);
+
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#getAllAllowedKeys()
+ */
+ @Override
+ public List<Pattern> getAllAllowedPatterns() {
+ return generatePatternsFromKeys(KEYWHITELIST);
+ }
+
+}
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesInterfederationIDPTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesInterfederationIDPTask.java
new file mode 100644
index 000000000..8c3475d8b
--- /dev/null
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesInterfederationIDPTask.java
@@ -0,0 +1,116 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.config.webgui.validation.task.impl;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+import java.util.Map;
+import java.util.regex.Pattern;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egiz.components.configuration.api.Configuration;
+import at.gv.egiz.components.configuration.api.ConfigurationException;
+import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
+import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
+import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationTaskValidationException;
+import at.gv.egovernment.moa.id.config.webgui.exception.ValidationObjectIdentifier;
+import at.gv.egovernment.moa.id.config.webgui.helper.LanguageHelper;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+/**
+ * @author tlenz
+ *
+ */
+public class ServicesInterfederationIDPTask extends AbstractTaskValidator implements ITaskValidator {
+ private static final Logger log = LoggerFactory.getLogger(ServicesInterfederationIDPTask.class);
+ private static final List<String> KEYWHITELIST;
+
+ static {
+ ArrayList<String> temp = new ArrayList<String>();
+ KEYWHITELIST = Collections.unmodifiableList(temp);
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getKeyPrefix()
+ */
+ @Override
+ public String getKeyPrefix() {
+ return "interfederation";
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getName()
+ */
+ @Override
+ public String getName() {
+ return "Service - Interfederation IDP";
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#postProcessing(java.util.Map, java.util.List, at.gv.egiz.components.configuration.api.Configuration)
+ */
+ @Override
+ public Map<String, String> postProcessing(Map<String, String> input,
+ List<String> keysToDelete, Configuration dbconfig) {
+ return null;
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#tastValidate(java.util.Map)
+ */
+ @Override
+ protected void taskValidate(Map<String, String> input)
+ throws ConfigurationTaskValidationException {
+ List<ValidationObjectIdentifier> errors = new ArrayList<ValidationObjectIdentifier>();
+
+ String queryURL = input.get(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_ATTRIBUTQUERY_URL);
+ if (MiscUtil.isNotEmpty(queryURL)) {
+ if (!ValidationHelper.validateURL(queryURL)) {
+ log.info("AttributeQuery URL is not valid");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_ATTRIBUTQUERY_URL,
+ "Attribute Querry URL",
+ LanguageHelper.getErrorString("validation.interfederation.moaidp.queryurl.valid")));
+
+ }
+ }
+
+ if (!errors.isEmpty())
+ throw new ConfigurationTaskValidationException(errors);
+
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#getAllAllowedKeys()
+ */
+ @Override
+ public List<Pattern> getAllAllowedPatterns() {
+ return generatePatternsFromKeys(KEYWHITELIST);
+ }
+
+}
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesPVPGatewayTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesPVPGatewayTask.java
new file mode 100644
index 000000000..2e9dd1c30
--- /dev/null
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesPVPGatewayTask.java
@@ -0,0 +1,121 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.config.webgui.validation.task.impl;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+import java.util.Map;
+import java.util.regex.Pattern;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egiz.components.configuration.api.Configuration;
+import at.gv.egiz.components.configuration.api.ConfigurationException;
+import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
+import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
+import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationTaskValidationException;
+import at.gv.egovernment.moa.id.config.webgui.exception.ValidationObjectIdentifier;
+import at.gv.egovernment.moa.id.config.webgui.helper.LanguageHelper;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+/**
+ * @author tlenz
+ *
+ */
+public class ServicesPVPGatewayTask extends AbstractTaskValidator implements ITaskValidator {
+ private static final Logger log = LoggerFactory.getLogger(ServicesPVPGatewayTask.class);
+ private static final List<String> KEYWHITELIST;
+
+ static {
+ ArrayList<String> temp = new ArrayList<String>();
+ KEYWHITELIST = Collections.unmodifiableList(temp);
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getKeyPrefix()
+ */
+ @Override
+ public String getKeyPrefix() {
+ return "interfederation";
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getName()
+ */
+ @Override
+ public String getName() {
+ return "Service - PVP Gateway Configuration Task";
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#postProcessing(java.util.Map, java.util.List, at.gv.egiz.components.configuration.api.Configuration)
+ */
+ @Override
+ public Map<String, String> postProcessing(Map<String, String> input,
+ List<String> keysToDelete, Configuration dbconfig) {
+ return null;
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#tastValidate(java.util.Map)
+ */
+ @Override
+ protected void taskValidate(Map<String, String> input)
+ throws ConfigurationTaskValidationException {
+ List<ValidationObjectIdentifier> errors = new ArrayList<ValidationObjectIdentifier>();
+
+ String entityID = input.get(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_FORWARD_IDPIDENTIFIER);
+ if (MiscUtil.isNotEmpty(entityID)) {
+ if (!ValidationHelper.validateURL(entityID)) {
+ log.info("PVP gateway EntityID is not valid");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_FORWARD_IDPIDENTIFIER,
+ "EntityID of PVP Portal ",
+ LanguageHelper.getErrorString("validation.interfederation.gateway.entityID.valid")));
+
+ }
+
+ } else
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_FORWARD_IDPIDENTIFIER,
+ "EntityID of PVP Portal ",
+ LanguageHelper.getErrorString("validation.interfederation.gateway.entityID.empty")));
+
+ if (!errors.isEmpty())
+ throw new ConfigurationTaskValidationException(errors);
+
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#getAllAllowedKeys()
+ */
+ @Override
+ public List<Pattern> getAllAllowedPatterns() {
+ return generatePatternsFromKeys(KEYWHITELIST);
+ }
+
+}
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesProtocolOpenIDTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesProtocolOpenIDTask.java
new file mode 100644
index 000000000..51f93adca
--- /dev/null
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesProtocolOpenIDTask.java
@@ -0,0 +1,152 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.config.webgui.validation.task.impl;
+
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.UUID;
+import java.util.regex.Pattern;
+
+import org.apache.commons.lang.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egiz.components.configuration.api.Configuration;
+import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
+import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
+import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationTaskValidationException;
+import at.gv.egovernment.moa.id.config.webgui.exception.ValidationObjectIdentifier;
+import at.gv.egovernment.moa.id.config.webgui.helper.LanguageHelper;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.IDynamicLoadableTaskValidator;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+/**
+ * @author tlenz
+ *
+ */
+public class ServicesProtocolOpenIDTask extends AbstractTaskValidator implements IDynamicLoadableTaskValidator {
+ private static final Logger log = LoggerFactory.getLogger(ServicesProtocolOpenIDTask.class);
+ private static final List<String> KEYWHITELIST;
+
+ static {
+ ArrayList<String> temp = new ArrayList<String>();
+ KEYWHITELIST = Collections.unmodifiableList(temp);
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getKeyPrefix()
+ */
+ @Override
+ public String getKeyPrefix() {
+ return "";
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getName()
+ */
+ @Override
+ public String getName() {
+ return "Service - Protocol OpenID-Connect Task";
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#postProcessing(java.util.Map, java.util.List, at.gv.egiz.components.configuration.api.Configuration)
+ */
+ @Override
+ public Map<String, String> postProcessing(Map<String, String> input,
+ List<String> keysToDelete, Configuration dbconfig) {
+ Map<String, String> newConfigValues = new HashMap<String, String>();
+
+ //TODO: check secret
+ String guiClientID = input.get(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_OPENID_CLIENTID);
+ String guiClientSecret = input.get(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_OPENID_CLIENTSECRET);
+
+ if (MiscUtil.isEmpty(guiClientSecret)) {
+ log.info("OpenID Connect client-secret is empty --> generate a new secrete.");
+ guiClientSecret = UUID.randomUUID().toString();
+ newConfigValues.put(
+ MOAIDConfigurationConstants.SERVICE_PROTOCOLS_OPENID_CLIENTSECRET,
+ guiClientSecret);
+
+ }
+
+ if (MiscUtil.isEmpty(guiClientID)) {
+ log.info("OpenID Connect ClientID is empty --> Set ClientID to unique identifier.");
+ newConfigValues.put(
+ MOAIDConfigurationConstants.SERVICE_PROTOCOLS_OPENID_CLIENTID,
+ input.get(MOAIDConfigurationConstants.SERVICE_UNIQUEIDENTIFIER));
+
+ }
+
+ if (newConfigValues.isEmpty())
+ return null;
+ else
+ return newConfigValues;
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#tastValidate(java.util.Map)
+ */
+ @Override
+ protected void taskValidate(Map<String, String> input)
+ throws ConfigurationTaskValidationException {
+ List<ValidationObjectIdentifier> errors = new ArrayList<ValidationObjectIdentifier>();
+
+ String redirectURL = input.get(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_OPENID_REDIRECTURL);
+ // validate redirectUri
+ if (StringUtils.isNotEmpty(redirectURL) && !ValidationHelper.validateURL(redirectURL)) {
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_PROTOCOLS_OPENID_REDIRECTURL,
+ "OpenID - Redirect URL",
+ LanguageHelper.getErrorString("error.oa.oauth.redirecturi")));
+ }
+
+ if (!errors.isEmpty())
+ throw new ConfigurationTaskValidationException(errors);
+
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#getAllAllowedKeys()
+ */
+ @Override
+ public List<Pattern> getAllAllowedPatterns() {
+ return generatePatternsFromKeys(KEYWHITELIST);
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.IDynamicLoadableTaskValidator#getModulValidatorPrefix()
+ */
+ @Override
+ public List<String> getModulValidatorPrefix() {
+ return Arrays.asList(
+ MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES_OA
+ );
+ }
+
+}
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesProtocolPVP2XTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesProtocolPVP2XTask.java
new file mode 100644
index 000000000..c55c35da0
--- /dev/null
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesProtocolPVP2XTask.java
@@ -0,0 +1,338 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.config.webgui.validation.task.impl;
+
+import iaik.x509.X509Certificate;
+
+import java.io.IOException;
+import java.security.cert.CertificateException;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.Timer;
+import java.util.regex.Pattern;
+
+import javax.net.ssl.SSLHandshakeException;
+
+import org.apache.commons.httpclient.MOAHttpClient;
+import org.opensaml.saml2.metadata.provider.HTTPMetadataProvider;
+import org.opensaml.saml2.metadata.provider.MetadataFilter;
+import org.opensaml.saml2.metadata.provider.MetadataFilterChain;
+import org.opensaml.saml2.metadata.provider.MetadataProviderException;
+import org.opensaml.xml.parse.BasicParserPool;
+import org.opensaml.xml.security.x509.BasicX509Credential;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egiz.components.configuration.api.Configuration;
+import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
+import at.gv.egovernment.moa.id.commons.ex.MOAHttpProtocolSocketFactoryException;
+import at.gv.egovernment.moa.id.commons.utils.MOAHttpProtocolSocketFactory;
+import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
+import at.gv.egovernment.moa.id.config.webgui.MOAIDWebGUIConfiguration;
+import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationTaskValidationException;
+import at.gv.egovernment.moa.id.config.webgui.exception.SchemaValidationException;
+import at.gv.egovernment.moa.id.config.webgui.exception.SignatureValidationException;
+import at.gv.egovernment.moa.id.config.webgui.exception.ValidationObjectIdentifier;
+import at.gv.egovernment.moa.id.config.webgui.helper.LanguageHelper;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.IDynamicLoadableTaskValidator;
+import at.gv.egovernment.moa.id.config.webgui.validation.utils.MetaDataVerificationFilter;
+import at.gv.egovernment.moa.id.config.webgui.validation.utils.SchemaValidationFilter;
+import at.gv.egovernment.moa.util.Base64Utils;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+/**
+ * @author tlenz
+ *
+ */
+public class ServicesProtocolPVP2XTask extends AbstractTaskValidator implements IDynamicLoadableTaskValidator {
+ private static final Logger log = LoggerFactory.getLogger(ServicesProtocolPVP2XTask.class);
+ private static final List<String> KEYWHITELIST;
+
+ static {
+ ArrayList<String> temp = new ArrayList<String>();
+ KEYWHITELIST = Collections.unmodifiableList(temp);
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getKeyPrefix()
+ */
+ @Override
+ public String getKeyPrefix() {
+ return "";
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getName()
+ */
+ @Override
+ public String getName() {
+ return "Service - General Configuration Task";
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#postProcessing(java.util.Map, java.util.List, at.gv.egiz.components.configuration.api.Configuration)
+ */
+ @Override
+ public Map<String, String> postProcessing(Map<String, String> input,
+ List<String> keysToDelete, Configuration dbconfig) {
+
+ Map<String, String> newConfigValues = new HashMap<String, String>();
+ String certBase64 = input.get(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_CERTIFICATE);
+
+ if (MiscUtil.isNotEmpty(certBase64)) {
+ String[] splittet = certBase64.split(",");
+ if (splittet.length > 1) {
+ newConfigValues.put(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_CERTIFICATE,
+ splittet[1]);
+ log.debug("Extract PVP2X metadata validation certificate from GUI upload and add it to key: {}", MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_CERTIFICATE);
+
+ try {
+ byte[] certSerialized = null;
+ if (MiscUtil.isNotEmpty(splittet[1])) {
+ certSerialized = Base64Utils.decode(splittet[1], true);
+ X509Certificate cert = new X509Certificate(certSerialized);
+ newConfigValues.put(
+ MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_CERTIFICATE_SUBJECT,
+ cert.getSubjectDN().getName());
+
+ }
+
+ } catch (IOException | CertificateException e) {
+ log.error("PVP2X metadata signing certificate is not parseable.", e);
+
+ }
+ }
+ }
+
+ if (newConfigValues.isEmpty())
+ return null;
+ else
+ return newConfigValues;
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#tastValidate(java.util.Map)
+ */
+ @Override
+ protected void taskValidate(Map<String, String> input)
+ throws ConfigurationTaskValidationException {
+ List<ValidationObjectIdentifier> errors = new ArrayList<ValidationObjectIdentifier>();
+
+ Timer timer = null;
+ MOAHttpClient httpClient = null;
+ HTTPMetadataProvider httpProvider = null;
+
+ String certBase64 = input.get(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_CERTIFICATE);
+
+ try {
+ byte[] certSerialized = null;
+ if (MiscUtil.isNotEmpty(certBase64) &&
+ !certBase64.equals(MOAIDConfigurationConstants.WEBGUI_EMPTY_ELEMENT)) {
+ String[] splittet = certBase64.split(",");
+ if (splittet.length > 1)
+ certSerialized = Base64Utils.decode(splittet[1], true);
+ else
+ certSerialized = Base64Utils.decode(certBase64, true);
+ }
+
+
+ String metadataURL = input.get(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_URL);
+ if (MiscUtil.isNotEmpty(metadataURL)) {
+
+ if (!ValidationHelper.validateURL(metadataURL)) {
+ log.info("MetaDataURL has no valid form.");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_URL,
+ "PVP2x - Metadata URL",
+ LanguageHelper.getErrorString("validation.pvp2.metadataurl.valid")));
+
+ } else {
+
+ if (certSerialized == null) {
+ log.info("No certificate for metadata validation");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_CERTIFICATE,
+ "PVP2x - Metadata Certificate",
+ LanguageHelper.getErrorString("validation.pvp2.certificate.notfound")));
+
+ } else {
+
+ X509Certificate cert = new X509Certificate(certSerialized);
+ BasicX509Credential credential = new BasicX509Credential();
+ credential.setEntityCertificate(cert);
+
+ timer = new Timer();
+ httpClient = new MOAHttpClient();
+
+ if (metadataURL.startsWith("https:"))
+ try {
+ MOAHttpProtocolSocketFactory protoSocketFactory = new MOAHttpProtocolSocketFactory(
+ "MOAMetaDataProvider",
+ MOAIDWebGUIConfiguration.getInstance().getCertStoreDirectory(),
+ MOAIDWebGUIConfiguration.getInstance().getTrustStoreDirectory(),
+ null,
+ "pkix",
+ true);
+
+ httpClient.setCustomSSLTrustStore(
+ metadataURL,
+ protoSocketFactory);
+
+ } catch (MOAHttpProtocolSocketFactoryException e) {
+ log.warn("MOA SSL-TrustStore can not initialized. Use default Java TrustStore.", e);
+
+ } catch (at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationException e) {
+ log.info("No MOA specific SSL-TrustStore configured. Use default Java TrustStore.", e);
+
+ }
+
+ List<MetadataFilter> filterList = new ArrayList<MetadataFilter>();
+ filterList.add(new MetaDataVerificationFilter(credential));
+
+ try {
+ filterList.add(new SchemaValidationFilter(
+ MOAIDWebGUIConfiguration.getInstance().isPVPMetadataSchemaValidationActive()));
+
+ } catch (at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationException e) {
+ log.warn("Configuration access FAILED!", e);
+
+ }
+
+ MetadataFilterChain filter = new MetadataFilterChain();
+ filter.setFilters(filterList);
+
+ httpProvider =
+ new HTTPMetadataProvider(timer, httpClient, metadataURL);
+ httpProvider.setParserPool(new BasicParserPool());
+ httpProvider.setRequireValidMetadata(true);
+ httpProvider.setMetadataFilter(filter);
+ httpProvider.setMinRefreshDelay(1000*60*15); //15 minutes
+ httpProvider.setMaxRefreshDelay(1000*60*60*24); //24 hours
+ httpProvider.setRequireValidMetadata(true);
+ httpProvider.initialize();
+
+ if (httpProvider.getMetadata() == null) {
+ log.info("Metadata could be received but validation FAILED.");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_URL,
+ "PVP2x - Metadata",
+ LanguageHelper.getErrorString("validation.pvp2.metadata.validation")));
+ }
+ }
+ }
+ }
+
+ } catch (CertificateException e) {
+ log.info("Uploaded Certificate can not be found", e);
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_URL,
+ "PVP2x - Metadata",
+ LanguageHelper.getErrorString("validation.pvp2.certificate.notfound")));
+
+ } catch (IOException e) {
+ log.info("Metadata can not be loaded from URL", e);
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_URL,
+ "PVP2x - Metadata",
+ LanguageHelper.getErrorString("validation.pvp2.metadataurl.read")));
+
+ } catch (MetadataProviderException e) {
+
+ try {
+ if (e.getCause() != null && e.getCause().getCause() instanceof SSLHandshakeException) {
+ log.info("SSL Server certificate not trusted.", e);
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_URL,
+ "PVP2x - Metadata",
+ LanguageHelper.getErrorString("validation.pvp2.metadata.ssl")));
+
+ } else if (e.getCause() != null && e.getCause().getCause() instanceof SignatureValidationException) {
+ log.info("MetaDate verification failed", e);
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_URL,
+ "PVP2x - Metadata",
+ LanguageHelper.getErrorString("validation.pvp2.metadata.verify.sig")));
+
+ } else if (e.getCause() != null && e.getCause().getCause() instanceof SchemaValidationException) {
+ log.info("MetaDate verification failed", e);
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_URL,
+ "PVP2x - Metadata",
+ LanguageHelper.getErrorString("validation.pvp2.metadata.verify.schema")));
+
+ } else {
+ log.info("MetaDate verification failed", e);
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_URL,
+ "PVP2x - Metadata",
+ LanguageHelper.getErrorString("validation.pvp2.metadata.verify.general")));
+ }
+
+ } catch (Exception e1) {
+ log.info("MetaDate verification failed", e1);
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_URL,
+ "PVP2x - Metadata",
+ LanguageHelper.getErrorString("validation.pvp2.metadata.verify.general")));
+
+ }
+
+ } finally {
+ if (httpProvider != null)
+ httpProvider.destroy();
+
+ if (timer != null)
+ timer.cancel();
+
+ }
+
+ if (!errors.isEmpty())
+ throw new ConfigurationTaskValidationException(errors);
+
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#getAllAllowedKeys()
+ */
+ @Override
+ public List<Pattern> getAllAllowedPatterns() {
+ return generatePatternsFromKeys(KEYWHITELIST);
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.IDynamicLoadableTaskValidator#getModulValidatorPrefix()
+ */
+ @Override
+ public List<String> getModulValidatorPrefix() {
+ return Arrays.asList(
+ MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES_OA,
+ MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES_IIDP
+ );
+ }
+
+}
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesProtocolSAML1Task.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesProtocolSAML1Task.java
new file mode 100644
index 000000000..fe3a791e7
--- /dev/null
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesProtocolSAML1Task.java
@@ -0,0 +1,114 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.config.webgui.validation.task.impl;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+import java.util.Map;
+import java.util.regex.Pattern;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egiz.components.configuration.api.Configuration;
+import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
+import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationTaskValidationException;
+import at.gv.egovernment.moa.id.config.webgui.exception.ValidationObjectIdentifier;
+import at.gv.egovernment.moa.id.config.webgui.helper.LanguageHelper;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+/**
+ * @author tlenz
+ *
+ */
+public class ServicesProtocolSAML1Task extends AbstractTaskValidator implements ITaskValidator {
+ private static final Logger log = LoggerFactory.getLogger(ServicesProtocolSAML1Task.class);
+ private static final List<String> KEYWHITELIST;
+
+ static {
+ ArrayList<String> temp = new ArrayList<String>();
+ KEYWHITELIST = Collections.unmodifiableList(temp);
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getKeyPrefix()
+ */
+ @Override
+ public String getKeyPrefix() {
+ return "protocols.saml1";
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getName()
+ */
+ @Override
+ public String getName() {
+ return "Service - SAML1 Protocol Task";
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#postProcessing(java.util.Map, java.util.List, at.gv.egiz.components.configuration.api.Configuration)
+ */
+ @Override
+ public Map<String, String> postProcessing(Map<String, String> input,
+ List<String> keysToDelete, Configuration dbconfig) {
+ return null;
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#tastValidate(java.util.Map)
+ */
+ @Override
+ protected void taskValidate(Map<String, String> input)
+ throws ConfigurationTaskValidationException {
+ List<ValidationObjectIdentifier> errors = new ArrayList<ValidationObjectIdentifier>();
+
+ String isBusinessService = input.get(MOAIDConfigurationConstants.SERVICE_BUSINESSSERVICE);
+ String isProvideBaseID = input.get(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_BASEID);
+
+ if (Boolean.parseBoolean(isBusinessService) &&
+ MiscUtil.isNotEmpty(isProvideBaseID) && Boolean.parseBoolean(isProvideBaseID)) {
+ log.info("ProvideStammZahl can not be used with BusinessService applications");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_BASEID,
+ "Protocols - SAML1 BaseID",
+ LanguageHelper.getErrorString("validation.saml1.providestammzahl")));
+ }
+
+ if (!errors.isEmpty())
+ throw new ConfigurationTaskValidationException(errors);
+
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#getAllAllowedKeys()
+ */
+ @Override
+ public List<Pattern> getAllAllowedPatterns() {
+ return generatePatternsFromKeys(KEYWHITELIST);
+ }
+
+}
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesProtocolSTORKTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesProtocolSTORKTask.java
new file mode 100644
index 000000000..d4e80bed9
--- /dev/null
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesProtocolSTORKTask.java
@@ -0,0 +1,273 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.config.webgui.validation.task.impl;
+
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+import java.util.Map.Entry;
+import java.util.regex.Pattern;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egiz.components.configuration.api.Configuration;
+import at.gv.egiz.components.configuration.api.ConfigurationException;
+import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
+import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils;
+import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
+import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationTaskValidationException;
+import at.gv.egovernment.moa.id.config.webgui.exception.ValidationObjectIdentifier;
+import at.gv.egovernment.moa.id.config.webgui.helper.LanguageHelper;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.IDynamicLoadableTaskValidator;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+/**
+ * @author tlenz
+ *
+ */
+public class ServicesProtocolSTORKTask extends AbstractTaskValidator implements IDynamicLoadableTaskValidator {
+ private static final Logger log = LoggerFactory.getLogger(ServicesProtocolSTORKTask.class);
+ private static final List<String> KEYWHITELIST;
+
+ static {
+ ArrayList<String> temp = new ArrayList<String>();
+ KEYWHITELIST = Collections.unmodifiableList(temp);
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getKeyPrefix()
+ */
+ @Override
+ public String getKeyPrefix() {
+ return "";
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getName()
+ */
+ @Override
+ public String getName() {
+ return "Service - General Configuration Task";
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#postProcessing(java.util.Map, java.util.List, at.gv.egiz.components.configuration.api.Configuration)
+ */
+ @Override
+ public Map<String, String> postProcessing(Map<String, String> input,
+ List<String> keysToDelete, Configuration dbconfig) {
+ Map<String, String> newConfigValues = new HashMap<String, String>();
+
+ try {
+ //search actually stored service configurations
+ List<String> storedServices = new ArrayList<String>();
+ for (String prefix : getModulValidatorPrefix()) {
+ String[] storedService = dbconfig.findConfigurationId(prefix + ".%." + MOAIDConfigurationConstants.SERVICE_UNIQUEIDENTIFIER);
+ if (storedService != null && storedService.length > 0)
+ storedServices.addAll(Arrays.asList(storedService));
+ }
+
+ String GUIServiceUniqueID = input.get(MOAIDConfigurationConstants.SERVICE_UNIQUEIDENTIFIER);
+ String selectedServiceKey = null;
+ for (String serviceKey : storedServices) {
+ String storedUniqueId = dbconfig.getStringValue(serviceKey);
+ if (storedUniqueId.equals(GUIServiceUniqueID)) {
+ selectedServiceKey = KeyValueUtils.getPrefixFromKey(serviceKey, MOAIDConfigurationConstants.SERVICE_UNIQUEIDENTIFIER);
+ log.debug("Find service with key: " + selectedServiceKey + " --> Start STORK attribute provider postProcessing.");
+ break;
+ }
+
+ }
+
+ //load actually stored attribute provider names for service
+ Map<String, String> storedAttributeProviders = new HashMap<String, String>();
+ if (MiscUtil.isNotEmpty(selectedServiceKey)) {
+ String[] storedAttribteProviderNames = dbconfig.findConfigurationId(
+ selectedServiceKey + "."
+ + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST
+ + ".%." + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST_NAME);
+ if (storedAttribteProviderNames != null) {
+ for (String el : storedAttribteProviderNames) {
+ String attrProviderName = dbconfig.getStringValue(el);
+ storedAttributeProviders.put(attrProviderName, el);
+
+ }
+ }
+ }
+
+ Map<String, String> storkAttrProviders = KeyValueUtils.getSubSetWithPrefix(input, MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST);
+ Iterator<Entry<String, String>> interator = storkAttrProviders.entrySet().iterator();
+ while (interator.hasNext()) {
+ Entry<String, String> current = interator.next();
+ if (current.getKey().endsWith(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST_NAME)) {
+ String guiAttrProviderName = current.getValue();
+ if (storedAttributeProviders.containsKey(guiAttrProviderName)) {
+ log.trace("STORK attribute provider: " + guiAttrProviderName
+ + " is already stored");
+ storedAttributeProviders.remove(guiAttrProviderName);
+
+ } else {
+ log.trace("Add new STORK attribute provider: " + guiAttrProviderName
+ + " to service");
+
+ }
+ }
+ }
+
+ if (!storedAttributeProviders.isEmpty()) {
+ log.trace("Remove STORK attribute providers from configuration.");
+ for (String el : storedAttributeProviders.values()) {
+ String removeString = KeyValueUtils.getPrefixFromKey(el, MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST_NAME);
+ keysToDelete.add(removeString + "*");
+ log.debug("Remove STORK attribute provider with key:" + removeString + "*");
+
+ }
+
+ }
+
+ } catch (ConfigurationException e) {
+ log.error("Configuration access FAILED.", e);
+
+ }
+
+
+ if (newConfigValues.isEmpty())
+ return null;
+ else
+ return newConfigValues;
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#tastValidate(java.util.Map)
+ */
+ @Override
+ protected void taskValidate(Map<String, String> input)
+ throws ConfigurationTaskValidationException {
+ List<ValidationObjectIdentifier> errors = new ArrayList<ValidationObjectIdentifier>();
+
+ //check V-IDP specific Target configurations
+ String isBusinessService = input.get(MOAIDConfigurationConstants.SERVICE_BUSINESSSERVICE);
+ if (!Boolean.parseBoolean(isBusinessService)) {
+ log.info("STORK V-IDP only allowed as business Service.");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_BUSINESSSERVICE,
+ "BusinessService",
+ "STORK V-IDP only allowed as business Service."));
+ }
+
+ String identificationType = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_TYPE);
+ if (MiscUtil.isEmpty(identificationType) ||
+ !MOAIDConfigurationConstants.IDENIFICATIONTYPE_STORK.equals(identificationType)) {
+ log.info("STORK V-IDP only allowes identification numbers with STORK prefix.");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_TYPE,
+ "BusinessService - IdentificationType",
+ "STORK V-IDP only allowes identification numbers with STORK prefix"));
+
+ }
+
+
+ Map<String, String> storkAttrProviders = KeyValueUtils.getSubSetWithPrefix(input, MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST);
+ Iterator<Entry<String, String>> interator = storkAttrProviders.entrySet().iterator();
+ while (interator.hasNext()) {
+ Entry<String, String> current = interator.next();
+ if (current.getKey().endsWith(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST_NAME)) {
+ log.trace("Validate STORK attribute provider with key: " + current.getKey() + " value: " + current.getValue());
+ String index = KeyValueUtils.getParentKey(current.getKey());
+
+ //validate attribute provider name
+ String attrProviderName = current.getValue();
+ if (MiscUtil.isEmpty(attrProviderName)) {
+ log.info("AttributeProviderPlugin Name is empty.");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST
+ + "." + index + "." + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST_NAME,
+ "STORK - Attribute Provider",
+ LanguageHelper.getErrorString("validation.stork.ap.name.empty")));
+
+ } else {
+ if (!MOAIDConfigurationConstants.ALLOWED_STORKATTRIBUTEPROVIDERS.contains(attrProviderName)) {
+ log.info("AttributeProviderPlugin Name is not supported.");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST
+ + "." + index + "." + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST_NAME,
+ "STORK - Attribute Provider",
+ LanguageHelper.getErrorString("validation.stork.ap.name.valid")));
+ }
+ }
+
+ String attrProviderURL = storkAttrProviders.get(index + "." + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST_URL);
+ String attrProviderAttr = storkAttrProviders.get(index + "." + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST_ATTRIBUTES);
+
+ if (MiscUtil.isEmpty(attrProviderURL) || !ValidationHelper.validateURL(attrProviderURL)) {
+ log.info("AttributeProviderPlugin URL has no valid form.");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST
+ + "." + index + "." + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST_URL,
+ "STORK - Attribute Provider",
+ LanguageHelper.getErrorString("validation.stork.ap.url.valid")));
+ }
+
+
+ if (MiscUtil.isEmpty(attrProviderAttr) || !attrProviderAttr.matches("[a-zA-Z]+(, ?[a-zA-Z]+)*")) {
+ log.info("AttributeProviderPlugin attributes are empty or do not match csv format.");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST
+ + "." + index + "." + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST_ATTRIBUTES,
+ "STORK - Attribute Provider",
+ LanguageHelper.getErrorString("validation.stork.ap.attributes.valid")));
+ }
+
+ }
+ }
+
+ if (!errors.isEmpty())
+ throw new ConfigurationTaskValidationException(errors);
+
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#getAllAllowedKeys()
+ */
+ @Override
+ public List<Pattern> getAllAllowedPatterns() {
+ return generatePatternsFromKeys(KEYWHITELIST);
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.IDynamicLoadableTaskValidator#getModulValidatorPrefix()
+ */
+ @Override
+ public List<String> getModulValidatorPrefix() {
+ return Arrays.asList(
+ MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES_VIDP
+ );
+ }
+
+}
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesReversionLogTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesReversionLogTask.java
new file mode 100644
index 000000000..da441de4b
--- /dev/null
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesReversionLogTask.java
@@ -0,0 +1,162 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.config.webgui.validation.task.impl;
+
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.UUID;
+import java.util.regex.Pattern;
+
+import org.apache.commons.lang.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egiz.components.configuration.api.Configuration;
+import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
+import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils;
+import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
+import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationTaskValidationException;
+import at.gv.egovernment.moa.id.config.webgui.exception.ValidationObjectIdentifier;
+import at.gv.egovernment.moa.id.config.webgui.helper.LanguageHelper;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.IDynamicLoadableTaskValidator;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+/**
+ * @author tlenz
+ *
+ */
+public class ServicesReversionLogTask extends AbstractTaskValidator implements IDynamicLoadableTaskValidator {
+ private static final Logger log = LoggerFactory.getLogger(ServicesReversionLogTask.class);
+ private static final List<String> KEYWHITELIST;
+
+ static {
+ ArrayList<String> temp = new ArrayList<String>();
+ KEYWHITELIST = Collections.unmodifiableList(temp);
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getKeyPrefix()
+ */
+ @Override
+ public String getKeyPrefix() {
+ return MOAIDConfigurationConstants.SERVICE_REVERSION;
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getName()
+ */
+ @Override
+ public String getName() {
+ return "Service - Reversion Logging Task";
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#postProcessing(java.util.Map, java.util.List, at.gv.egiz.components.configuration.api.Configuration)
+ */
+ @Override
+ public Map<String, String> postProcessing(Map<String, String> input,
+ List<String> keysToDelete, Configuration dbconfig) {
+ Map<String, String> newConfigValues = new HashMap<String, String>();
+
+ String eventCodes = input.get(MOAIDConfigurationConstants.SERVICE_REVERSION_LOGS_EVENTCODES);
+ if (MiscUtil.isNotEmpty(eventCodes)) {
+ newConfigValues.put(MOAIDConfigurationConstants.SERVICE_REVERSION_LOGS_EVENTCODES,
+ KeyValueUtils.normalizeCSVValueString(eventCodes));
+
+ }
+
+ if (newConfigValues.isEmpty())
+ return null;
+ else
+ return newConfigValues;
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#tastValidate(java.util.Map)
+ */
+ @Override
+ protected void taskValidate(Map<String, String> input)
+ throws ConfigurationTaskValidationException {
+ List<ValidationObjectIdentifier> errors = new ArrayList<ValidationObjectIdentifier>();
+
+ String isEnabled = input.get(MOAIDConfigurationConstants.SERVICE_REVERSION_LOGS_ENABLED);
+ String eventCodes = input.get(MOAIDConfigurationConstants.SERVICE_REVERSION_LOGS_EVENTCODES);
+
+ if (Boolean.parseBoolean(isEnabled) && MiscUtil.isEmpty(eventCodes)) {
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_REVERSION_LOGS_ENABLED,
+ "Reversion - Logger Enabled",
+ LanguageHelper.getErrorString("error.oa.reversion.log.enabled")));
+
+ }
+
+ if (MiscUtil.isNotEmpty(eventCodes)) {
+ String[] codes = eventCodes.split(",");
+ for (String el: codes) {
+ try {
+ Integer.parseInt(el.trim());
+
+ } catch (NumberFormatException e) {
+ log.info("", e);
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_REVERSION_LOGS_EVENTCODES,
+ "Reversion - Logger Enabled",
+ LanguageHelper.getErrorString("error.oa.reversion.log.eventcodes")));
+ break;
+
+ }
+
+ }
+
+ }
+
+
+ if (!errors.isEmpty())
+ throw new ConfigurationTaskValidationException(errors);
+
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#getAllAllowedKeys()
+ */
+ @Override
+ public List<Pattern> getAllAllowedPatterns() {
+ return generatePatternsFromKeys(KEYWHITELIST);
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.IDynamicLoadableTaskValidator#getModulValidatorPrefix()
+ */
+ @Override
+ public List<String> getModulValidatorPrefix() {
+ return Arrays.asList(
+ MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES_OA
+ );
+ }
+
+}
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesSSOAuthenticationTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesSSOAuthenticationTask.java
new file mode 100644
index 000000000..bf2a38cd9
--- /dev/null
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesSSOAuthenticationTask.java
@@ -0,0 +1,101 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.config.webgui.validation.task.impl;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+import java.util.Map;
+import java.util.regex.Pattern;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egiz.components.configuration.api.Configuration;
+import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationTaskValidationException;
+import at.gv.egovernment.moa.id.config.webgui.exception.ValidationObjectIdentifier;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator;
+
+/**
+ * @author tlenz
+ *
+ */
+public class ServicesSSOAuthenticationTask extends AbstractTaskValidator implements ITaskValidator {
+ private static final Logger log = LoggerFactory.getLogger(ServicesSSOAuthenticationTask.class);
+ private static final List<String> KEYWHITELIST;
+
+ static {
+ ArrayList<String> temp = new ArrayList<String>();
+ KEYWHITELIST = Collections.unmodifiableList(temp);
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getKeyPrefix()
+ */
+ @Override
+ public String getKeyPrefix() {
+ return "auth.sso";
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getName()
+ */
+ @Override
+ public String getName() {
+ return "Service - SSO Authentication Configuration Task";
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#postProcessing(java.util.Map, java.util.List, at.gv.egiz.components.configuration.api.Configuration)
+ */
+ @Override
+ public Map<String, String> postProcessing(Map<String, String> input,
+ List<String> keysToDelete, Configuration dbconfig) {
+ return null;
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#tastValidate(java.util.Map)
+ */
+ @Override
+ protected void taskValidate(Map<String, String> input)
+ throws ConfigurationTaskValidationException {
+ List<ValidationObjectIdentifier> errors = new ArrayList<ValidationObjectIdentifier>();
+
+ //Actually, there is nothing to validate.
+
+ if (!errors.isEmpty())
+ throw new ConfigurationTaskValidationException(errors);
+
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#getAllAllowedKeys()
+ */
+ @Override
+ public List<Pattern> getAllAllowedPatterns() {
+ return generatePatternsFromKeys(KEYWHITELIST);
+ }
+
+}
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesTargetTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesTargetTask.java
new file mode 100644
index 000000000..5d23a60f6
--- /dev/null
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesTargetTask.java
@@ -0,0 +1,223 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.config.webgui.validation.task.impl;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+import java.util.Map;
+import java.util.regex.Pattern;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egiz.components.configuration.api.Configuration;
+import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
+import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
+import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationTaskValidationException;
+import at.gv.egovernment.moa.id.config.webgui.exception.ValidationObjectIdentifier;
+import at.gv.egovernment.moa.id.config.webgui.helper.LanguageHelper;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator;
+import at.gv.egovernment.moa.id.config.webgui.validation.utils.CompanyNumberValidator;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+/**
+ * @author tlenz
+ *
+ */
+public class ServicesTargetTask extends AbstractTaskValidator implements ITaskValidator {
+ private static final Logger log = LoggerFactory.getLogger(ServicesTargetTask.class);
+ private static final List<String> KEYWHITELIST;
+
+ static {
+ ArrayList<String> temp = new ArrayList<String>();
+ KEYWHITELIST = Collections.unmodifiableList(temp);
+ }
+
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getKeyPrefix()
+ */
+ @Override
+ public String getKeyPrefix() {
+ return "";
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getName()
+ */
+ @Override
+ public String getName() {
+ return "Service - Target Configuration Task";
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#postProcessing(java.util.Map, java.util.List, at.gv.egiz.components.configuration.api.Configuration)
+ */
+ @Override
+ public Map<String, String> postProcessing(Map<String, String> input,
+ List<String> keysToDelete, Configuration dbconfig) {
+ return null;
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#tastValidate(java.util.Map)
+ */
+ @Override
+ protected void taskValidate(Map<String, String> input)
+ throws ConfigurationTaskValidationException {
+ List<ValidationObjectIdentifier> errors = new ArrayList<ValidationObjectIdentifier>();
+
+ String isBusinessService = input.get(MOAIDConfigurationConstants.SERVICE_BUSINESSSERVICE);
+ String check;
+ if (Boolean.parseBoolean(isBusinessService)) {
+
+ //check identification type
+ check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_TYPE);
+ if (!MOAIDConfigurationConstants.BUSINESSSERVICENAMES.keySet().contains(check)) {
+ log.info("IdentificationType is not known.");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_TYPE,
+ "BusinessService - Type",
+ LanguageHelper.getErrorString("validation.general.stork.sptarget")));
+ }
+
+ //check identification number
+ check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_VALUE);
+ if (MiscUtil.isEmpty(check)) {
+ log.info("Empty IdentificationNumber");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_VALUE,
+ "BusinessService - Value",
+ LanguageHelper.getErrorString("validation.general.identificationnumber.empty")));
+
+ } else {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ log.warn("IdentificationNumber contains potentail XSS characters: " + check);
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_VALUE,
+ "BusinessService - Value",
+ LanguageHelper.getErrorString("validation.general.identificationnumber.valid",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}) ));
+ }
+
+ if (input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_TYPE)
+ .equals(MOAIDConfigurationConstants.IDENIFICATIONTYPE_FN)) {
+ CompanyNumberValidator val = new CompanyNumberValidator();
+ if (!val.validate(check)) {
+ log.info("Not valid CompanyNumber");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_VALUE,
+ "BusinessService - Value",
+ LanguageHelper.getErrorString("validation.general.identificationnumber.fn.valid")));
+ }
+ }
+ }
+
+ } else {
+
+ //check own target
+ String useOwnTarget = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_USE_OWN);
+ if (MiscUtil.isNotEmpty(useOwnTarget) && Boolean.parseBoolean(useOwnTarget)) {
+ check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_OWN_NAME);
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ log.warn("TargetFriendlyName contains potentail XSS characters: " + check);
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_OWN_NAME,
+ "Own Target - FriendlyName",
+ LanguageHelper.getErrorString("validation.general.targetfriendlyname",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}) ));
+ }
+ }
+
+ //check Own Target
+ check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_OWN_TARGET);
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!ValidationHelper.isValidAdminTarget(check)) {
+ log.info("Not valid Target");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_OWN_TARGET,
+ "Own Target - Target",
+ LanguageHelper.getErrorString("validation.general.target.admin.valid")));
+ }
+ }
+
+ } else {
+
+ //check PublicURL Prefix allows PublicService
+ String uniqueID = input.get(MOAIDConfigurationConstants.SERVICE_UNIQUEIDENTIFIER);
+
+ //TODO: reactivate if Role based user management is complete!
+// if (!ValidationHelper.isPublicServiceAllowed(input.get(uniqueID))) {
+// log.warn("PublicURLPrefix does not allow PublicService: " + uniqueID);
+// errors.add(new ValidationObjectIdentifier(
+// MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_TARGET,
+// "PublicService - Target",
+// LanguageHelper.getErrorString("validation.general.target.publicserviceurl",
+// new Object[] {uniqueID}) ));
+//
+// }
+
+ //check Target
+ check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_TARGET);
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!ValidationHelper.isValidTarget(check)) {
+ log.info("Not valid Target");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_TARGET,
+ "PublicService - Target",
+ LanguageHelper.getErrorString("validation.general.target.valid")));
+ }
+ }
+
+ String isSubTargetUsed = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_USE_SUB);
+ if (MiscUtil.isNotEmpty(isSubTargetUsed) && Boolean.parseBoolean(isSubTargetUsed)) {
+ check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_TARGET_SUB);
+ if (!ValidationHelper.isValidAdminTarget(check)) {
+ log.info("Not valid Target-Subsector");
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_TARGET_SUB,
+ "PublicService - Target SubSector",
+ LanguageHelper.getErrorString("validation.general.target.subsector.valid")));
+
+ }
+ }
+ }
+ }
+
+ if (!errors.isEmpty())
+ throw new ConfigurationTaskValidationException(errors);
+
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#getAllAllowedKeys()
+ */
+ @Override
+ public List<Pattern> getAllAllowedPatterns() {
+ return generatePatternsFromKeys(KEYWHITELIST);
+ }
+
+}
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesbPKDecryptionTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesbPKDecryptionTask.java
new file mode 100644
index 000000000..96088b6eb
--- /dev/null
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesbPKDecryptionTask.java
@@ -0,0 +1,137 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.config.webgui.validation.task.impl;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+import java.util.Map;
+import java.util.regex.Pattern;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egiz.components.configuration.api.Configuration;
+import at.gv.egiz.components.configuration.api.ConfigurationException;
+import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
+import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
+import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationTaskValidationException;
+import at.gv.egovernment.moa.id.config.webgui.exception.ValidationObjectIdentifier;
+import at.gv.egovernment.moa.id.config.webgui.helper.LanguageHelper;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+/**
+ * @author tlenz
+ *
+ */
+public class ServicesbPKDecryptionTask extends AbstractTaskValidator implements ITaskValidator {
+ private static final Logger log = LoggerFactory.getLogger(ServicesbPKDecryptionTask.class);
+ private static final List<String> KEYWHITELIST;
+
+ static {
+ ArrayList<String> temp = new ArrayList<String>();
+ KEYWHITELIST = Collections.unmodifiableList(temp);
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getKeyPrefix()
+ */
+ @Override
+ public String getKeyPrefix() {
+ return "";
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getName()
+ */
+ @Override
+ public String getName() {
+ return "Service - bPK-Decryption Configuration Task";
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#postProcessing(java.util.Map, java.util.List, at.gv.egiz.components.configuration.api.Configuration)
+ */
+ @Override
+ public Map<String, String> postProcessing(Map<String, String> input,
+ List<String> keysToDelete, Configuration dbconfig) {
+ return null;
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#tastValidate(java.util.Map)
+ */
+ @Override
+ protected void taskValidate(Map<String, String> input)
+ throws ConfigurationTaskValidationException {
+ List<ValidationObjectIdentifier> errors = new ArrayList<ValidationObjectIdentifier>();
+
+
+ //TODO:
+
+
+// String check = input.get(MOAIDConfigurationConstants.SERVICE_FRIENDLYNAME);
+// if (MiscUtil.isNotEmpty(check)) {
+// if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+// log.warn("OAFriendlyName contains potentail XSS characters: " + check);
+// errors.add(new ValidationObjectIdentifier(
+// MOAIDConfigurationConstants.SERVICE_FRIENDLYNAME,
+// "FriendlyName",
+// LanguageHelper.getErrorString("validation.general.oafriendlyname.valid",
+// new Object[] {ValidationHelper.getPotentialCSSCharacter(false)})));
+// }
+// } else {
+// log.info("OA friendlyName is empty");
+// errors.add(new ValidationObjectIdentifier(
+// MOAIDConfigurationConstants.SERVICE_FRIENDLYNAME,
+// "FriendlyName",
+// LanguageHelper.getErrorString("validation.general.oafriendlyname.empty")));
+// }
+//
+// String isBusinessService = input.get(MOAIDConfigurationConstants.SERVICE_BUSINESSSERVICE);
+// if (MiscUtil.isEmpty(isBusinessService)) {
+// log.info("OA businessservice flag is empty");
+// errors.add(new ValidationObjectIdentifier(
+// MOAIDConfigurationConstants.SERVICE_BUSINESSSERVICE,
+// "BusinessService",
+// LanguageHelper.getErrorString("validation.general.businessservice.empty")));
+//
+// }
+
+
+ if (!errors.isEmpty())
+ throw new ConfigurationTaskValidationException(errors);
+
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#getAllAllowedKeys()
+ */
+ @Override
+ public List<Pattern> getAllAllowedPatterns() {
+ return generatePatternsFromKeys(KEYWHITELIST);
+ }
+
+}
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/utils/CompanyNumberValidator.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/utils/CompanyNumberValidator.java
new file mode 100644
index 000000000..b9eb76857
--- /dev/null
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/utils/CompanyNumberValidator.java
@@ -0,0 +1,78 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
+package at.gv.egovernment.moa.id.config.webgui.validation.utils;
+
+import org.apache.commons.lang.StringUtils;
+
+import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
+
+public class CompanyNumberValidator implements IdentificationNumberValidator {
+
+ public boolean validate(String commercialRegisterNumber) {
+
+ String normalizedNumber = commercialRegisterNumber.replaceAll(" ", "");
+ if(normalizedNumber.startsWith(MOAIDConfigurationConstants.IDENIFICATIONTYPE_FN))
+ normalizedNumber = normalizedNumber.substring(2);
+
+ return checkCommercialRegisterNumber(normalizedNumber);
+ }
+
+ private boolean checkCommercialRegisterNumber(String commercialRegisterNumber) {
+ if (commercialRegisterNumber == null) {
+ return false;
+ }
+ commercialRegisterNumber = StringUtils.leftPad(commercialRegisterNumber, 7,
+ '0');
+ if (!commercialRegisterNumber.matches("\\d{6}[abdfghikmpstvwxzy]")) {
+ return false;
+ }
+ String digits = commercialRegisterNumber.substring(0,
+ commercialRegisterNumber.length() - 1);
+ char checkDigit = commercialRegisterNumber.charAt(commercialRegisterNumber
+ .length() - 1);
+ boolean result = calcCheckDigitFromCommercialRegisterNumber(digits) == checkDigit;
+ return result;
+ }
+
+ public static char calcCheckDigitFromCommercialRegisterNumber(
+ String commercialRegisterDigits) {
+ final int[] WEIGHT = { 6, 4, 14, 15, 10, 1 };
+ final char[] CHECKDIGIT = { 'a', 'b', 'd', 'f', 'g', 'h', 'i', 'k', 'm',
+ 'p', 's', 't', 'v', 'w', 'x', 'y', 'z' };
+ if (commercialRegisterDigits == null) {
+ throw new NullPointerException("Commercial register number missing.");
+ }
+ commercialRegisterDigits = StringUtils.leftPad(commercialRegisterDigits, 6,
+ '0');
+ if (!commercialRegisterDigits.matches("\\d{6}")) {
+ throw new IllegalArgumentException(
+ "Invalid commercial register number provided.");
+ }
+ int sum = 0;
+ for (int i = 0; i < commercialRegisterDigits.length(); i++) {
+ int value = commercialRegisterDigits.charAt(i) - '0';
+ sum += WEIGHT[i] * value;
+ }
+ return CHECKDIGIT[sum % 17];
+ }
+}
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/utils/IdentificationNumberValidator.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/utils/IdentificationNumberValidator.java
new file mode 100644
index 000000000..1ecbd3f82
--- /dev/null
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/utils/IdentificationNumberValidator.java
@@ -0,0 +1,29 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
+package at.gv.egovernment.moa.id.config.webgui.validation.utils;
+
+public interface IdentificationNumberValidator {
+
+ boolean validate(String idNumber);
+
+}
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/utils/MetaDataVerificationFilter.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/utils/MetaDataVerificationFilter.java
new file mode 100644
index 000000000..6ec48fa43
--- /dev/null
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/utils/MetaDataVerificationFilter.java
@@ -0,0 +1,122 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
+package at.gv.egovernment.moa.id.config.webgui.validation.utils;
+
+import java.util.Iterator;
+
+import org.opensaml.common.SignableSAMLObject;
+import org.opensaml.saml2.metadata.EntitiesDescriptor;
+import org.opensaml.saml2.metadata.EntityDescriptor;
+import org.opensaml.saml2.metadata.provider.MetadataFilter;
+import org.opensaml.security.SAMLSignatureProfileValidator;
+import org.opensaml.xml.XMLObject;
+import org.opensaml.xml.security.credential.Credential;
+import org.opensaml.xml.security.x509.BasicX509Credential;
+import org.opensaml.xml.signature.SignatureValidator;
+import org.opensaml.xml.validation.ValidationException;
+
+import at.gv.egovernment.moa.id.config.webgui.exception.SignatureValidationException;
+import at.gv.egovernment.moa.logging.Logger;
+
+public class MetaDataVerificationFilter implements MetadataFilter {
+
+ BasicX509Credential credential;
+
+ public MetaDataVerificationFilter(BasicX509Credential credential) {
+ this.credential = credential;
+ }
+
+
+ public void doFilter(XMLObject metadata) throws SignatureValidationException {
+
+ if (metadata instanceof EntitiesDescriptor) {
+ EntitiesDescriptor entitiesDescriptor = (EntitiesDescriptor) metadata;
+ if(entitiesDescriptor.getSignature() == null) {
+ throw new SignatureValidationException("Root element of metadata file has to be signed");
+ }
+ try {
+ processEntitiesDescriptor(entitiesDescriptor);
+
+ } catch (SignatureValidationException e) {
+ throw new SignatureValidationException("Invalid signature element in EntitiesDescriptor");
+ }
+
+ } if (metadata instanceof EntityDescriptor) {
+ try {
+ EntityDescriptor entity = (EntityDescriptor) metadata;
+ if (entity.getSignature() != null)
+ verify(entity, this.credential);
+
+ else
+ throw new SignatureValidationException("Root element of metadata file has to be signed", null);
+
+ } catch (SignatureValidationException e) {
+ throw new SignatureValidationException("Invalid signature element in EntityDescriptor", null);
+ }
+ }
+ }
+
+ private void processEntitiesDescriptor(EntitiesDescriptor desc) throws SignatureValidationException {
+ Iterator<EntitiesDescriptor> entID = desc.getEntitiesDescriptors().iterator();
+
+ if(desc.getSignature() != null) {
+ verify(desc, this.credential);
+ }
+
+ while(entID.hasNext()) {
+ processEntitiesDescriptor(entID.next());
+ }
+
+ Iterator<EntityDescriptor> entIT = desc.getEntityDescriptors().iterator();
+
+ while(entIT.hasNext()) {
+ EntityDescriptor entity = entIT.next();
+ if (entity.getSignature() != null)
+ verify(entity, this.credential);
+ }
+ }
+
+ private void verify(SignableSAMLObject entityDescriptor, Credential cred)
+ throws SignatureValidationException {
+ if (entityDescriptor.getSignature() == null) {
+ throw new SignatureValidationException("PVP2X Metadata not signed");
+ }
+
+ try {
+ SAMLSignatureProfileValidator sigValidator = new SAMLSignatureProfileValidator();
+ sigValidator.validate(entityDescriptor.getSignature());
+ } catch (ValidationException e) {
+ Logger.error("Failed to validate Signature", e);
+ throw new SignatureValidationException("Failed to validate Signature", e);
+ }
+
+ SignatureValidator sigValidator = new SignatureValidator(cred);
+ try {
+ sigValidator.validate(entityDescriptor.getSignature());
+ } catch (ValidationException e) {
+ Logger.error("Failed to verfiy Signature", e);
+ throw new SignatureValidationException("Failed to verfiy Signature", e);
+
+ }
+ }
+}
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/utils/SchemaValidationFilter.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/utils/SchemaValidationFilter.java
new file mode 100644
index 000000000..587afe381
--- /dev/null
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/utils/SchemaValidationFilter.java
@@ -0,0 +1,98 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.config.webgui.validation.utils;
+
+import org.opensaml.saml2.metadata.provider.FilterException;
+import org.opensaml.saml2.metadata.provider.MetadataFilter;
+import org.opensaml.xml.XMLObject;
+
+import javax.xml.transform.dom.DOMSource;
+import javax.xml.validation.Schema;
+import javax.xml.validation.Validator;
+
+import org.opensaml.common.xml.SAMLSchemaBuilder;
+
+import org.xml.sax.SAXException;
+
+import at.gv.egovernment.moa.id.config.webgui.exception.SchemaValidationException;
+import at.gv.egovernment.moa.logging.Logger;
+
+/**
+ * @author tlenz
+ *
+ */
+public class SchemaValidationFilter implements MetadataFilter {
+
+ private boolean isActive = true;
+
+ /**
+ *
+ */
+ public SchemaValidationFilter(boolean useSchemaValidation) {
+ this.isActive = useSchemaValidation;
+ }
+
+
+ /* (non-Javadoc)
+ * @see org.opensaml.saml2.metadata.provider.MetadataFilter#doFilter(org.opensaml.xml.XMLObject)
+ */
+ @Override
+ public void doFilter(XMLObject arg0) throws SchemaValidationException {
+
+ String errString = null;
+
+ if (isActive) {
+ try {
+ Schema test = SAMLSchemaBuilder.getSAML11Schema();
+ Validator val = test.newValidator();
+ DOMSource source = new DOMSource(arg0.getDOM());
+ val.validate(source);
+ Logger.info("Metadata Schema validation check done OK");
+ return;
+
+ } catch (SAXException e) {
+ if (Logger.isDebugEnabled() || Logger.isTraceEnabled())
+ Logger.warn("Metadata Schema validation FAILED with exception:", e);
+ else
+ Logger.warn("Metadata Schema validation FAILED with message: "+ e.getMessage());
+
+ errString = e.getMessage();
+
+ } catch (Exception e) {
+ if (Logger.isDebugEnabled() || Logger.isTraceEnabled())
+ Logger.warn("Metadata Schema validation FAILED with exception:", e);
+ else
+ Logger.warn("Metadata Schema validation FAILED with message: "+ e.getMessage());
+
+ errString = e.getMessage();
+
+ }
+
+ throw new SchemaValidationException("Metadata Schema validation FAILED with message: "+ errString);
+
+ } else
+ Logger.info("Metadata Schema validation check is DEACTIVATED!");
+
+ }
+
+}
diff --git a/id/moa-id-webgui/src/main/resources/META-INF/services/at.gv.egiz.components.configuration.meta.api.ConfigurationModul b/id/moa-id-webgui/src/main/resources/META-INF/services/at.gv.egiz.components.configuration.meta.api.ConfigurationModul
new file mode 100644
index 000000000..f228893b9
--- /dev/null
+++ b/id/moa-id-webgui/src/main/resources/META-INF/services/at.gv.egiz.components.configuration.meta.api.ConfigurationModul
@@ -0,0 +1 @@
+at.gv.egovernment.moa.id.config.webgui.MOAIDConfigurationModul \ No newline at end of file
diff --git a/id/moa-id-webgui/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider b/id/moa-id-webgui/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider
new file mode 100644
index 000000000..b0b17a83c
--- /dev/null
+++ b/id/moa-id-webgui/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider
@@ -0,0 +1 @@
+at.gv.egovernment.moa.id.config.webgui.MOAIDSpringResourceProvider \ No newline at end of file
diff --git a/id/moa-id-webgui/src/main/resources/META-INF/services/at.gv.egovernment.moa.id.config.webgui.validation.modul.IModuleValidator b/id/moa-id-webgui/src/main/resources/META-INF/services/at.gv.egovernment.moa.id.config.webgui.validation.modul.IModuleValidator
new file mode 100644
index 000000000..8e29f32f0
--- /dev/null
+++ b/id/moa-id-webgui/src/main/resources/META-INF/services/at.gv.egovernment.moa.id.config.webgui.validation.modul.IModuleValidator
@@ -0,0 +1,5 @@
+at.gv.egovernment.moa.id.config.webgui.validation.modul.impl.GeneralConfigurationValidator
+at.gv.egovernment.moa.id.config.webgui.validation.modul.impl.GatewayValidator
+at.gv.egovernment.moa.id.config.webgui.validation.modul.impl.InterfederationIDPValidator
+at.gv.egovernment.moa.id.config.webgui.validation.modul.impl.OnlineApplicationValidator
+at.gv.egovernment.moa.id.config.webgui.validation.modul.impl.VIDPValidator
diff --git a/id/moa-id-webgui/src/main/resources/META-INF/services/at.gv.egovernment.moa.id.config.webgui.validation.task.IDynamicLoadableTaskValidator b/id/moa-id-webgui/src/main/resources/META-INF/services/at.gv.egovernment.moa.id.config.webgui.validation.task.IDynamicLoadableTaskValidator
new file mode 100644
index 000000000..8faf16843
--- /dev/null
+++ b/id/moa-id-webgui/src/main/resources/META-INF/services/at.gv.egovernment.moa.id.config.webgui.validation.task.IDynamicLoadableTaskValidator
@@ -0,0 +1,5 @@
+at.gv.egovernment.moa.id.config.webgui.validation.task.impl.ServicesProtocolOpenIDTask
+at.gv.egovernment.moa.id.config.webgui.validation.task.impl.ServicesProtocolPVP2XTask
+at.gv.egovernment.moa.id.config.webgui.validation.task.impl.GeneralSTORKConfigurationTask
+at.gv.egovernment.moa.id.config.webgui.validation.task.impl.ServicesAuthenticationSTORKTask
+at.gv.egovernment.moa.id.config.webgui.validation.task.impl.ServicesProtocolSTORKTask \ No newline at end of file
diff --git a/id/moa-id-webgui/src/main/resources/applicationResources_de.properties b/id/moa-id-webgui/src/main/resources/applicationResources_de.properties
new file mode 100644
index 000000000..bb0499020
--- /dev/null
+++ b/id/moa-id-webgui/src/main/resources/applicationResources_de.properties
@@ -0,0 +1,525 @@
+title=MOA-ID 2.x Configuration Tool
+
+
+config.01=Configfile is not found. ({0})
+config.02=Configfile is not readable. ({0})
+config.03=Hibernate Database connector can not be initialized
+config.04=OpenSAML (PVP2 Login) can not be initialized
+config.05=Configuration file not defined
+config.06=Configfile {1} does not start with {0} prefix.
+
+error.title=Fehler:
+error.login.internal=W\u00E4hrend der Verarbeitung ist ein interner Fehler aufgetreten. Bitte Versuchen Sie es nocheinmal oder kontaktieren Sie den Administrator.
+error.general.text=W\u00E4hrend der Verarbeitung ist ein interner Fehler aufgetreten. Bitte Versuchen Sie es nocheinmal oder kontaktieren Sie den Administrator.
+errors.listOAs.noOA=Es wurden keine Online-Applikationen in der Datenbank gefunden.
+errors.listIDPs.noIDP=Es wurden kein IdentityProvider f\u00FCr Interfederation in der Datenbank gefunden.
+errors.edit.oa.oaid=Es wurde keine g\u00FCtige Online-Applikations-ID \u00FCbergeben.
+errors.edit.oa.oaid.allowed=Sie besitzen nicht die ben\u00F6tigen Rechte um auf diese Online-Applikation zuzugreifen.
+error.oa.pvp2.certificate=Das hinterlegte PVP2 Zertifikat konnte nicht gelesen werden.
+error.db.oa.store=Die Konfiguration konnte nicht in der Datenbank gespeichert werden.
+errors.notallowed=Sie besitzen nicht die n\u00F6tigen Rechte um diese Funktion zu benutzen.
+errors.importexport.nofile=Es wurde keine Datei angegeben.
+errors.importexport.legacyimport=Der Importvorgang der Legacy-Konfiguration wurde mit einem Fehler abgebrochen (Fehler={0}).
+errors.importexport.export=Die MOA-ID 2.x Konfiguration konnte nicht in ein XML File exportiert werden. (Fehler={0})
+errors.importexport.import=Der Importvorgang der XML Konfiguration wurde mit einem Fehler abgebrochen (Fehler={0}).
+errors.importexport.export.noconfig=Die Konfiguration kann nicht exportiert werden da keine MOA-ID Konfiguration vorhanden ist.
+errors.edit.user.userid=Es wurde keine g\u00FCtige User ID \u00FCbergeben.
+errors.edit.user.save=Der Benutzer konnte nicht in die Datenbank eingetragen werden.
+errors.edit.user.notallowed=Das Bearbeiten fremder Benutzereinstellungen ist nur dem Admin erlaubt.
+error.login=Der Anmeldevorgang wurde abgebrochen. Bitte Versuchen sie es noch einmal.
+error.mail.send=An die angegebene Mailadresse konnte keine Nachticht versendet werden.
+error.mail.verification=Der Verifikationsvorgang wurde durch einen internen Fehler unterbrochen. Bitte Versuchen sie es noch einmal.
+error.editoa.mailverification=Die Verwaltung von Online-Applikationen ist vor\u00FCbergehend deaktiviert, da die Mailadresse des Benutzeraccounts noch nicht verifiziert wurde.
+error.bkuformpreview.notpossible="Die Vorschau konnte nicht generiert werden da ein interner Fehler auftreten ist."
+error.oa.oauth.redirecturi=Redirect URL ist keine richtige URL
+error.oa.oauth.clientSecret=Client-Secret darf nicht leer sein
+error.oa.oauth.keyname=Key-Name darf nicht leer sein
+error.oa.oauth.keystore=Keystore darf nicht leer sein und muss eine richtige URL sein.
+
+
+mail.userrequest.subject=Accountanforderung MOA-ID 2.x Konfigurationstool
+
+webpages.slo.error=Der Abmeldevorgang bei allen Online-Applikationen war nicht erfolgreich. Bitte schlie \t\u00DFen Sie aus Sicherheitsgr\u00FCnden ihren Browser.
+webpages.slo.success=Sie wurden erfolgreich bei allen Online-Applikationen abgemeldet.
+
+webpages.error.header=Es ist ein Fehler aufgetreten
+webpages.index.header=Willkommen bei der MOA-ID 2.x Konfigurationsapplikation
+webpages.index.desciption.head=Um dieses Service nutzen zu k\u00F6nnen m\u00FCssen sie sich einloggen.
+webpages.index.login=Anmelden
+webpages.index.logout=Abmelden
+webpages.index.login.pvp2=Anmeldung mit B\u00FCrgerkarte oder Handy-Signature
+webpages.index.login.notallowed=Entweder sind Benutzername oder Passwort sind nicht korrekt oder der Account wurde noch nicht aktiviert.
+webpages.index.username.unkown=Der Benutzer ist nicht bekannt.
+webpages.index.username.notactive=Der Benutzer wurde durch den Administrator noch nicht freigeschalten.
+webpages.index.password.false=Das Passwort stimmt nicht.
+
+webpages.inportexport.header=Konfiguration Importieren/Exportieren
+webpages.inportexport.success=Die Konfiguration konnte erfolgreich importiert werden.
+webpages.inportexport.legacyimport.header=Legacy Konfiguration importieren (MOA-ID < 2.0)
+webpages.inportexport.legacyimport.upload=Legacy Konfiguration
+webpages.edit.import=Importieren
+webpages.edit.export=Exportieren
+webpages.inportexport.import.header=MOA-ID 2.x Konfiguration
+webpages.inportexport.import.upload=Konfiguration importieren
+webpages.inportexport.import.download=Konfiguration exportieren
+webpages.inportexport.descripten=ACHTUNG\: Die importierte Konfiguration ersetzt eine aktuell vorhandene Konfiguration vollst\u00E4ndig\!
+
+webpages.usermanagement.newuser=Neuen Benutzer erstellen
+webpages.usermanagement.header=Benutzerverwaltung
+webpages.listUsers.list.header=Liste aller vorhandenen Benutzer
+webpages.listUsers.list.first=Familien-/Firmenname
+webpages.listUsers.list.second=Vorname
+webpages.listUsers.list.third=Benutzername
+webpages.edituser.header=Benutzerdaten
+webpages.edituser.givenname=Vorname
+webpages.edituser.familyName=Familienname
+webpages.edituser.institut=Organisation
+webpages.edituser.phone=Telefonnummer
+webpages.edituser.mail=EMail Adresse
+webpages.edituser.access.header=Zugangsdaten
+webpages.edituser.username=Benutzername
+webpages.edituser.password=Kennwort
+webpages.edituser.password_second=Kennwort wiederholen
+webpages.edituser.bpk=BPK
+webpages.edituser.role.header=Rechte und Role
+webpages.edituser.active=Benutzer ist aktiviert
+webpages.edituser.admin=Benutzer ist Admin
+webpages.edit.delete.user=Benutzer l\u00F6schen
+webpages.edit.newUser=Neuen Benutzer anfordern
+webpages.edituser.isusernamepasswordallowed=Benutzername/Passwort erlauben
+webpages.edituser.changemailaddress.verify=Bevor Sie Online-Applikationen verwalten k\u00F6nnen muss Ihre Mailadresse verifzieren werden. Eine entsprechende Mail wurde bereits an Ihr angegebenes Postfach versendet.
+webpages.edituser.verify.mail.button=Mailadresse pr\u00FCfen
+webpages.edituser.verify.mail.message=Es wurde eine Verifikationsmail an Ihr Postfach versendet
+
+webpages.mainpage.menu.oa.insert=Neue Applikation anlegen
+webpages.mainpage.menu.oa.display=Meine Applikationen
+webpages.mainpage.menu.oa.search=Applikation suchen
+webpages.mainpage.menu.general.user=Meine Daten
+webpages.mainpage.menu.general.importexport=Importieren/Exportieren
+webpages.mainpage.menu.general.config.moaid=Allgemeine Konfiguration
+webpages.mainpage.menu.general.usermanagement=Benutzerverwaltung
+webpages.mainpage.menu.general.adminrequests=Offene Anfragen
+webpages.mainpage.menu.interfederation=Interfederation
+
+webpages.interfederation.header=IDP Interfederation Konfiguration
+webpages.interfederation.list.header=Liste aller konfiguerierten IDPs
+webpages.inderfederation.moaid.header=Interfederation
+webpages.inderfederation.moaid.businessServiceIDP=Privatwirtschaftlicher IDP
+webpages.inderfederation.moaid.inboundSSO=Eingehendes SSO erlauben
+webpages.inderfederation.moaid.outboundSSO=Ausgehendes SSO erlauben
+webpages.inderfederation.moaid.storeSSOSession=SSO Session speichern
+webpages.inderfederation.moaid.attributQueryURL=AttributQuery Service URL
+webpages.inderfederation.moaid.sendPassivRequest=Verwende SAML2 isPassive Attribut
+webpages.inderfederation.moaid.perfomLocalAuthOnError=Im Fehlerfall Authentifizierung lokal durchf\u00FChren
+webpages.interfederation.new.header=Neuen Identity Provider hinzuf\u00FCgen
+webpages.interfederation.new.vidp=STORK VIDP
+webpages.interfederation.new.moaid=MOA-ID IDP
+webpages.interfederation.new.gateway=STORK<->PVP Gateway
+webpages.inderfederation.gateway.entityID=EntityID des PVP Portals
+
+
+
+webpages.moaconfig.save.success=Die MOA-ID Konfiguration wurde erfolgreich gespeichert.
+webpages.moaconfig.header=Allgemeine Konfiguration
+webpages.oaconfig.general.publicURLPreFix=Public URL Prefix
+webpages.moaconfig.defaultbkus.header=Default BKUs
+webpages.moaconfig.slrequesttemplates.header=SecurityLayer Request Templates
+webpages.moaconfig.slrequesttemplates.local=Locale BKU
+webpages.moaconfig.slrequesttemplates.handy=Handy BKU
+webpages.moaconfig.slrequesttemplates.online=Online BKU
+webpages.moaconfig.certificates.header=Zertifikatspr\u00FCfung
+webpages.moaconfig.certificates.certstore=CertStoreDirecorty
+webpages.moaconfig.certificates.trustmanagerrev=TrustManagerRevocationChecking
+webpages.moaconfig.certificates.trustCACerts=TrustedCACertificates
+webpages.moaconfig.certificates.chainingmode=ChainingMode
+webpages.moaconfig.timeout.header=Session TimeOuts
+webpages.moaconfig.timeout.assertion=Anmeldedaten [sec]
+webpages.moaconfig.timeout.MOASessionCreated=SSO Session authentifiziert [sec]
+webpages.moaconfig.timeout.MOASessionUpdated=SSO Session letzter Zugriff [sec]
+webpages.moaconfig.moasp.header=MOA-SP Konfiguration
+webpages.moaconfig.moasp.idltrustprofile=Personenbindung Trustprofil
+webpages.moaconfig.moasp.authtrustprofile=Authentfizierungsblock Trustprofil
+webpages.moaconfig.moasp.authblocktransform=Authentfizierungsblock Transformationen
+webpages.moaconfig.moasp.url=URL zum MOA-SP Service
+webpages.moaconfig.identitylinksigners=IdentityLinkSigners
+webpages.moaconfig.services.header=Externe Services
+webpages.moaconfig.services.mandates=Online-Vollmachten Service URL
+webpages.moaconfig.services.szrgw=SZR Gateway Service URL
+webpages.moaconfig.sso.header=Single Sign-On
+webpages.moaconfig.sso.PublicUrl=SSO Service URL-Prefix
+webpages.moaconfig.sso.FriendlyName=SSO Service Name
+webpages.moaconfig.services.sso.Target=SSO Service Target
+webpages.moaconfig.services.sso.SpecialText=SSO AuthBlockText
+webpages.moaconfig.protocols.header=Protokolle
+webpages.moaconfig.protocols.allowed.header=Protokolle aktivieren
+webpages.moaconfig.protocols.legacy.header=Legacy Modus aktivieren
+webpages.moaconfig.protocols.legacy.saml1=SAML1
+webpages.moaconfig.protocols.legacy.pvp2=PVP2.1
+webpages.moaconfig.protocols.oauth=OpenID Connect
+webpages.moaconfig.protocols.saml1.header=SAML1 Konfiguration
+webpages.moaconfig.protocols.saml1.sourceID=SourceID
+webpages.moaconfig.protocols.pvp2.header=PVP2 Konfiguration
+webpages.moaconfig.protocols.pvp2.PublicUrlPrefix=PVP2 Service URL-Prefix
+webpages.moaconfig.protocols.pvp2.IssuerName=PVP Service Name
+webpages.moaconfig.protocols.pvp2.org.header=Organisation
+webpages.moaconfig.protocols.pvp2.org.name=Kurzbezeichnung
+webpages.moaconfig.protocols.pvp2.org.displayname=Vollst\u00E4ndiger Name
+webpages.moaconfig.protocols.pvp2.org.url=URL der Organisation
+webpages.moaconfig.protocols.pvp2.contact.header=Kontaktdaten
+webpages.moaconfig.protocols.pvp2.contact.surename=Familienname
+webpages.moaconfig.protocols.pvp2.contact.givenname=Vorname
+webpages.moaconfig.protocols.pvp2.contact.email=Mailadresse
+webpages.moaconfig.protocols.pvp2.contact.company=Unternehmen
+webpages.moaconfig.protocols.pvp2.contact.phone=Telefonnummer
+webpages.moaconfig.protocols.pvp2.contact.type=Type des Kontakts
+webpages.moaconfig.sl.transormations.header=SecurityLayer Transformationen
+webpages.moaconfig.sl.transormations.filename=Dateiname
+webpages.moaconfig.sl.transormations.upload=Neue Transformation hochladen
+
+webpages.listOAs.list.elInfo=Type
+webpages.listOAs.list.first=Eindeutige Kennung
+webpages.listOAs.list.second=Name der Online-Applikation
+
+webpages.searchoa.header=Online-Applikation suchen
+webpages.searchoa.search.friendlyname=Name der Online-Applikation
+webpages.searchoa.butten.search=Suchen
+
+webpages.oaconfig.header=Konfiguration der Onlineapplikation
+webpages.oaconfig.general.isActive=Online-Applikation ist aktiviert
+webpages.oaconfig.general.bku.header=BKU Konfiguration
+webpages.oaconfig.general.bku.local=Locale BKU
+webpages.oaconfig.general.bku.online=Online BKU
+webpages.oaconfig.general.bku.handy=Handy BKU
+webpages.oaconfig.general.bku.slversion=SecurityLayer Version
+webpages.oaconfig.general.bku.keyboxidentifier=KeyBoxIdentifier
+webpages.oaconfig.general.bku.legacy=SecurityLayerTemplates (Legacy Request)
+webpages.oaconfig.general.bku.sltemplate.first=SecurityLayer Template
+webpages.oaconfig.general.bku.sltemplate.second=SecurityLayer Template (WhiteList)
+webpages.oaconfig.general.bku.sltemplate.third=SecurityLayer Template (WhiteList)
+
+webpages.oaconfig.general.bku.delete=L\u00F6schen
+webpages.oaconfig.general.bku.bkuselection.header=BKU-Selection Template
+webpages.oaconfig.general.bku.bkuselection.filename=Dateiname
+webpages.oaconfig.general.bku.bkuselection.upload=Neues Template hochladen
+webpages.oaconfig.general.bku.sendassertion.header=Send-Assertion Template
+webpages.oaconfig.general.bku.sendassertion.filename=Dateiname
+webpages.oaconfig.general.bku.sendassertion.upload=Neues Template hochladen
+
+webpages.oaconfig.bPKEncDec.header=Fremd-bPK Konfiguration
+webpages.oaconfig.bPKEncDec.keystore.header=KeyStore Konfiguration
+webpages.oaconfig.bPKEncDec.filename=Dateiname
+webpages.oaconfig.bPKEncDec.delete=L\u00F6schen
+webpages.oaconfig.bPKEncDec.upload=KeyStore hochladen
+webpages.oaconfig.bPKEncDec.keyStorePassword=KeyStore Password
+webpages.oaconfig.bPKEncDec.keyAlias=Schl\u00FCsselname
+webpages.oaconfig.bPKEncDec.keyPassword=Schl\u00FCsselpassword
+
+webpages.oaconfig.general.identification=Eindeutiger Identifikatior (PublicURLPrefix)
+webpages.oaconfig.general.mandate.header=Vollmachten
+webpages.oaconfig.general.mandate.profiles=Profile
+webpages.oaconfig.general.mandate.usemandate=Vollmachten (ja/nein)
+webpages.oaconfig.general.friendlyname=Name der Online-Applikation
+webpages.oaconfig.general.isbusinessservice=Privatwirtschaftliche Applikation
+webpages.oaconfig.general.isstorkservice=Stork Applikation
+webpages.oaconfig.general.public.header=&Ouml;ffentlicher Bereich
+webpages.oaconfig.general.stork.header=STORK Bereich
+webpages.oaconfig.general.stork.countrycode=Landesvorwahl
+webpages.oaconfig.general.target.friendlyname=Bezeichnung des Bereichs (Frei w\u00E4hlbar)
+webpages.oaconfig.general.target.admin.checkbox=Anderen Bereich frei definieren
+webpages.oaconfig.general.target.admin=Bereich (Frei w\u00E4hlbar)
+webpages.oaconfig.general.target.friendlyname.disabled=Bezeichnung des Bereichs (vom Administrator eingestellt)
+webpages.oaconfig.general.target.admin.disabled=Bereich (vom Administrator eingestellt)
+webpages.oaconfig.general.target=Bereich (Target)
+webpages.oaconfig.general.target.subsector=Sub-Bereich
+webpages.oaconfig.general.target.subsector.checkbox=Target verfeinern
+webpages.oaconfig.general.business.header=Privatwirtschaftlicher Bereich
+webpages.oaconfig.general.business.value=Identifikationsnummer
+webpages.oaconfig.general.business.type=Type der Identifikationsnummer
+webpages.oaconfig.general.aditional.header=Zus&auml;tzliche allgemeine Einstellungen
+webpages.oaconfig.general.aditional.authblocktext=AuthblockText
+webpages.oaconfig.general.aditional.iframe=B\u00FCrgerkartenauswahl im IFrame
+webpages.oaconfig.general.aditional.useUTC=UTC Zeit verwenden
+webpages.oaconfig.general.aditional.calculateHPI="TODO!"
+webpages.oaconfig.general.isHideBPKAuthBlock=bPK/wbPK im AuthBlock ausblenden
+
+webpages.oaconfig.menu.saml1.show=SAML1 Konfiguration einblenden
+webpages.oaconfig.menu.saml1.hidden=SAML1 Konfiguration ausblenden
+webpages.oaconfig.menu.pvp2.show=PVP2 Konfiguration einblenden
+webpages.oaconfig.menu.pvp2.hidden=PVP2 Konfiguration ausblenden
+webpages.oaconfig.menu.oauth20.show=OAuth 2.0 Konfiguration einblenden
+webpages.oaconfig.menu.oauth20.hidden=OAuth 2.0 Konfiguration ausblenden
+webpages.oaconfig.menu.vidp.show=VIDP Konfiguration einblenden
+webpages.oaconfig.menu.vidp.hidden=VIDP Konfiguration ausblenden
+
+webpages.oaconfig.menu.stork=STORK Konfiguration
+
+webpages.oaconfig.protocols.header=Authentifizierungsprotokolle
+
+webpages.oaconfig.general.BKUSelection.button.show=Login-Fenster Konfiguration einblenden
+webpages.oaconfig.general.BKUSelection.button.hidden=Login-Fenster Konfiguration ausblenden
+webpages.oaconfig.general.BKUSelection.header=Formularkonfiguration
+webpages.oaconfig.general.BKUSelection.isOnlyMandateLoginAllowed=Nur Vollmachtenanmeldung erlauben
+webpages.oaconfig.general.BKUSelection.backgroundcolor=Hintergrundfarbe der BKU-Auswahl
+webpages.oaconfig.general.BKUSelection.frontcolor=Vordergrundfarbe der BKU-Auswahl
+webpages.oaconfig.general.BKUSelection.header.backgroundcolor=Hintergrundfarbe der \u00DCberschrift
+webpages.oaconfig.general.BKUSelection.header.frontcolor=Vordergrundfarbe der \u00DCberschrift
+webpages.oaconfig.general.BKUSelection.header.text=\u00DCberschriftstext
+webpages.oaconfig.general.BKUSelection.header.button.background=Hintergrundfarbe der Schaltfl\u00E4chen
+webpages.oaconfig.general.BKUSelection.header.button.background.focus=Hintergrundfarbe der Schaltfl\u00E4chen (Focus)
+webpages.oaconfig.general.BKUSelection.header.button.front=Vordergrundfarbe der Schaltfl\u00E4chen
+webpages.oaconfig.general.BKUSelection.redirectTarget=Targetparameter
+webpages.oaconfig.general.BKUSelection.fonttype=Formularschrifttyp
+webpages.oaconfig.general.BKUSelection.fonttype.list=Formularschrifttypen
+webpages.oaconfig.general.BKUSelection.header.applet.height=Appleth\u00F6he
+webpages.oaconfig.general.BKUSelection.header.applet.width=Appletbreite
+
+webpages.oaconfig.general.testing.header=Test Identit\u00E4ten
+webpages.oaconfig.general.testing.usetesting=Test Identit\u00E4ten erlauben
+webpages.oaconfig.general.testing.oids=OIDs f\u00FCr Test Identit\u00E4ten einschr\u00E4nken.
+
+webpages.oaconfig.sso.header=Single Sign-On
+webpages.oaconfig.sso.singlelogouturl=Single Log-Out URL
+webpages.oaconfig.sso.useauthdataframe=Zus\u00E4tzliche Userabfrage
+webpages.oaconfig.sso.usesso=Single Sign-On verwenden
+
+webpages.oaconfig.stork.header=Secure idenTity acrOss boRders linKed
+webpages.oaconfig.stork.enabledcpeps=aktivierte Ziell&auml;nder
+webpages.oaconfig.stork.attributes.header=angeforderte Attribute
+webpages.oaconfig.stork.attributes.used=anfordern?
+webpages.oaconfig.stork.attributes.name=Attributname
+webpages.oaconfig.stork.attributes.mandatory=obligatorisch?
+webpages.oaconfig.stork.usestork=STORK Logon aktivieren
+webpages.moaconfig.stork.pepslist=C-PEPS Konfiguration
+webpages.moaconfig.stork.newpeps=Neuen PEPS konfigurieren
+webpages.moaconfig.stork.removepeps=l\u00F6schen
+webpages.moaconfig.stork.qaa.default=Standard QAA-Level ausw\u00E4hlen
+webpages.moaconfig.stork.attributes.heading=Attributkonfiguration
+webpages.moaconfig.stork.attributes.new=Neues Attribut hinzuf\u00FCgen
+webpages.moaconfig.stork.attributes.heading.name=Attributname
+webpages.moaconfig.stork.attributes.heading.mandatory=zwingend
+webpages.moaconfig.stork.attributes.remove=l\u00F6schen
+webpages.moaconfig.stork.qaa=Mindest-QAA-Level f\u00FCr diese OA ausw\u00E4hlen
+
+webpages.oaconfig.protocols.saml1.header=SAML1 Konfiguration
+webpages.oaconfig.saml1.isActice=SAML1 aktivieren
+webpages.oaconfig.saml1.provideStammZahl=Stammzahl \u00FCbertragen
+webpages.oaconfig.saml1.provideAuthBlock=Authentifizierungsblock \u00FCbertragen
+webpages.oaconfig.saml1.provideIdentityLink=Personenbindung \u00FCbertragen
+webpages.oaconfig.saml1.provideCertificate=Zertifikat \u00FCbertragen
+webpages.oaconfig.saml1.provideFullMandateData=Vollst\u00E4ndige Vollmacht \u00FCbertragen
+webpages.oaconfig.saml1.useCondition=Usecondition
+webpages.oaconfig.saml1.conditionLength=ConditionLength
+webpages.oaconfig.saml1.provideAllErrors=Fehlermeldungen an OA \u00FCbertragen
+
+webpages.oaconfig.protocols.pvp2.header=PVP2.x Konfiguration
+webpages.oaconfig.pvp2.reload=PVP2.x konfiguration neu laden
+webpages.oaconfig.pvp2.metaDataURL=URL zu den Metadaten
+webpages.oaconfig.pvp2.certifcate=Zertifikat hochladen
+webpages.oaconfig.pvp2.certifcate.info=Infos zum Zertifikat
+
+webpages.oaconfig.protocols.oauth20.header=OAuth 2.0 Konfiguration
+webpages.oaconfig.oauth20.clientId=Client ID
+webpages.oaconfig.oauth20.clientSecret=Client Passwort
+webpages.oaconfig.oauth20.redirectUri=Redirect Uri
+
+webpages.oaconfig.vidp.enabled=VIDP interface aktiv
+webpages.oaconfig.vidp.requireconsent=Zustimmung f\u00FCr das Ausliefern der Attribute vom Benutzer einholen?
+webpages.oaconfig.vidp.ap.new=Neuen Attribut Provider erstellen
+webpages.oaconfig.vidp.ap.remove=Entfernen
+webpages.oaconfig.vidp.ap.list=Liste der konfigurierten Attribut Provider
+
+
+message.title=Meldung:
+webpages.oaconfig.success=Die Online-Applikation {0} konnte erfolgreich gespeichert werden.
+webpages.oaconfig.success.admin=Die Online-Applikation {0} konnte erfolgreich gespeichert werden. Es ist jedoch eine Aktivierung durch den Administrator erforderlich.
+webpages.oaconfig.cancle=Die Bearbeitung der Online-Applikation {0} wurde abgebrochen.
+webpages.idp.success=Der IdentityProvider {0} konnte erfolgreich gespeichert werden.
+webpages.idp.cancle=Die Bearbeitung des IdentityProvider {0} wurde abgebrochen.
+
+webpages.oaconfig.delete.message=Die Online-Applikation {0} wurde erfolgreich gel\u00F6scht.
+webpages.oaconfig.delete.error=Die Online-Applikation {0} konnte nicht gel\u00F6scht werden.
+
+webpages.edit.save=\u00C4nderungen Speichern
+webpages.edit.back=Zur\u00FCck und \u00C4nderungen verwerfen
+webpages.edit.delete=Online-Applikation l\u00F6schen
+
+webpages.header.info=Sie sind angemeldet als:
+webpages.header.lastlogin=Letzte Anmeldung am:
+
+webpages.openadminrequests.header=Offene Antr\u00E4ge
+webpages.openadminrequests.users.header=Benutzeraccounts
+webpages.openadminrequests.oas.header=Online-Applikationen
+
+
+validation.newuser.mailaddress=Die Validierung der Mailadresse konnte erfolgreich durchgef\u00FChrt werden.
+
+validation.edituser.familyname.empty=Der Familienname ist leer.
+validation.edituser.familyname.valid=Der Familienname enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.edituser.givenname.empty=Der Vorname ist leer.
+validation.edituser.givenname.valid=Der Vorname enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.edituser.institut.empty=Die Organisation ist leer.
+validation.edituser.institut.valid=Die Organisation enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.edituser.mail.empty=Die EMail Adresse ist leer.
+validation.edituser.mail.valid=Die EMail Adresse hat kein g\u00FCltiges Format.
+validation.edituser.phone.empty=Die Telefonnummer ist leer.
+validation.edituser.phone.valid=Die Telefonnummer hat kein g\u00FCltiges Form
+validation.edituser.username.empty=Der Benutzername ist leer.
+validation.edituser.username.valid=Der Benutzername enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.edituser.username.duplicate=Der Benutzername ist bereits vergeben
+validation.edituser.password.empty=Das Passwort ist leer.
+validation.edituser.password.valid=Das Passwort konnte nicht in einen g\u00FCltigen Schl\u00FCssel transferiert werden.
+validation.edituser.password.equal=Die Passw\u00F6rter sind nicht identisch.
+validation.edituser.bpk.valid=Die BPK enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+
+validation.general.SAML1SourceID=Die SAML1SourceID enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.publicURLprefix.empty=Public URL Prefix Feld ist leer.
+validation.general.publicURLprefix.valid=Public URL Prefix hat kein g\u00FCltiges Format.
+validation.general.businessservice.empty=Die Application ist weder dem \u00F6ffentlichen noch dem privaten Sektor zugeordnet.
+validation.general.certStoreDirectory.empty=CertStoreDirectory Feld ist leer.
+validation.general.certStoreDirectory.valid=Das CertStoreDirectory Feld enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.Defaultchainigmode.empty=Es wurde kein DefaultChainingMode gew\u00E4hlt.
+validation.general.Defaultchainigmode.valid=Der DefaultChainingMode enth\u00E4lt einen ung\u00F6ltigen Wert.
+validation.general.IdentityLinkSigners.empty=Es wurde kein IdentityLinkSigner angegeben
+validation.general.IdentityLinkSigners.valid=Der IdentityLinkSigner in der Zeile {0} enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {1}
+validation.general.mandateservice.valid=Die URL zum Online-Vollmachten Service hat kein g\u00F6ltiges Format.
+validation.general.moasp.auth.transformation.empty=Die Transformation f\u00F6r den Authentfizierungsblock ist leer.
+validation.general.moasp.auth.transformation.valid=Die Transformation f\u00F6r den Authentfizierungsblock in der Zeile {0} enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {1}
+validation.general.moasp.auth.trustprofile.empty=Das TrustProfile zur Pr\u00F6fung des Authentfizierungsblock ist leer.
+validation.general.moasp.auth.trustprofile.valid=Das TrustProfile zur Pr\u00F6fung des Authentfizierungsblock enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.moasp.idl.trustprofile.empty=Das TrustProfile zur Pr\u00F6fung der Personenbindung ist leer.
+validation.general.moasp.idl.trustprofile.valid=Das TrustProfile zur Pr\u00F6fung der Personenbindung enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.moaspss.url.valid=Die URL zum MOA-SP/SS Service hat kein g\u00F6ltiges Format.
+validation.general.protocol.pvp2.issuername.valid=PVP2\: Service Name enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.protocol.pvp2.org.displayname.valid=PVP2 Organisation\: Vollst\u00E4ndiger Name enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.protocol.pvp2.org.name.valid=PVP2 Organisation\: Kurzbezeichnung enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.protocol.pvp2.org.url.valid=PVP2 Organisation\: URL hat kein g\u00F6ltiges Format.
+validation.general.protocol.pvp2.serviceurl.valid=PVP2\: Service URL-Prefix hat kein g\u00F6ltiges Format.
+validation.general.protocol.pvp2.contact.company.valid=PVP2 Kontaktdaten\: Der Firmenname enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.protocol.pvp2.contact.givenname.valid=PVP2 Kontaktdaten\: Der Familienname enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.protocol.pvp2.contact.surename.valid=PVP2 Kontaktdaten\: Der Vorname enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.protocol.pvp2.contact.type.valid=PVP2 Kontaktdaten: Der angegebene Kontakttyp existiert nicht.
+validation.general.protocol.pvp2.contact.mail.valid=PVP2 Kontaktdaten\: Die EMail Adresse ist nicht g\u00FCltig.
+validation.general.protocol.pvp2.contact.phone.valid=PVP2 Kontaktdaten\: Die Telefonnummer ist nicht g\u00FCltig.
+validation.general.timeouts.assertion.valid=Das Feld Assertion TimeOut hat keinen g\u00F6ltigen Wert.
+validation.general.timeouts.moasessioncreated.valid=Das Feld MOASessionCreated TimeOut hat keinen g\u00FCltigen Wert.
+validation.general.timeouts.moasessionupdated.valid=Das Feld MOASessionUpdated TimeOut hat keinen g\u00FCltigen Wert.
+
+validation.general.slrequest.handy.empty=Die URL zum SecurityLayer Template f\u00F6r die Handy-BKU ist leer.
+validation.general.slrequest.handy.valid=Die URL zum SecurityLayer Template f\u00F6r die Handy-BKU hat kein g\u00F6ltiges Format.
+validation.general.slrequest.local.empty=Die URL zum SecurityLayer Template f\u00F6r die locale BKU ist leer.
+validation.general.slrequest.local.valid=Die URL zum SecurityLayer Template f\u00F6r die locale BKU hat kein g\u00F6ltiges Format.
+validation.general.slrequest.online.empty=Die URL zum SecurityLayer Template f\u00F6r die Online-BKU ist leer.
+validation.general.slrequest.online.valid=Die URL zum SecurityLayer Template f\u00F6r die Online-BKU hat kein g\u00F6ltiges Format.
+validation.general.sso.friendlyname.valid=Der SSO Service Name enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.sso.identificationnumber.valid=Die SSO IdentificationNumber enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.sso.publicurl.valid=Der SSO Service URL-Prefix hat kein g\u00F6ltiges Format.
+validation.general.sso.specialauthtext.valid=Der SSO AuthBlockText enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.sso.target.empty=Das SSO Target Feld ist leer.
+validation.general.sso.target.valid=Das SSO Target Feld enth\u00E4lt ein ung\u00FCltiges Target.
+validation.general.szrgw.url.valid=Die URL des SZR Gateways hat kein g\u00F6ltiges Format.
+validation.general.trustedcacerts.empty=Das Feld TrustedCACertificates ist leer.
+validation.general.trustedcacerts.valid=Das Feld TrustedCACertificates enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.slrequest.filename.valid=Der Dateiname der angegebenen SecurtityLayer Transformation enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.slrequest.file.valid=Die angegebenen AuthBlock Transformation konnte nicht geladen werden.
+validation.general.slrequest.file.empty=Die AuthBlock Transformation ist leer.
+
+validation.general.aditionalauthblocktext=Der Zusatztext f\u00FCr den AuthBlock enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.bku.handy.empty=Die URL f\u00FCr die Handy-BKU ist leer.
+validation.general.bku.handy.valid=Die URL f\u00FCr die Handy-BKU hat kein g\u00FCltiges Format.
+validation.general.bku.local.empty=Die URL f\u00FCr die lokale BKU ist leer.
+validation.general.bku.local.valid=Die URL f\u00FCr die locale BKU hat kein g\u00FCltiges Format.
+validation.general.bku.online.empty=Die URL f\u00FCr die Online-BKU ist leer.
+validation.general.bku.online.valid=Die URL f\u00FCr die Online-BKU hat kein g\u00FCltiges Format.
+validation.general.oafriendlyname.empty=Es wurde kein Name f\u00FCr die Online-Applikation angegeben.
+validation.general.oafriendlyname.valid=Der Name der Online-Applikation enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.keyboxidentifier.empty=Es wurde kein KeyBoxIdentifier ausgew\u00E4hlt.
+validation.general.keyboxidentifier.valid=Der KeyBoxIdentifier hat ein ung\u00FCltiges Format.
+validation.general.sltemplates.empty=Wenn der Legacymodus verwendet werden soll muss zumindest ein SecurityLayer Template angegeben werden.
+validation.general.sltemplate1.valid=Die erste SecurityLayer Template URL hat kein g\u00FCltiges Format.
+validation.general.sltemplate2.valid=Die zweite SecurityLayer Template URL hat kein g\u00FCltiges Format.
+validation.general.sltemplate3.valid=Die dritte SecurityLayer Template URL hat kein g\u00FCltiges Format.
+validation.general.mandate.profiles=Die Liste von Vollmachtsprofilen enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.mandate.usemandate=Die Konfiguration von Vollmachtsprofile ist nur mit aktivierten Vollmachten m\u00F6glich.
+validation.general.target.empty=Der Target f\u00FCr die Online-Applikation ist leer.
+validation.general.target.valid=Der Target f\u00FCr die Online-Applikation hat kein g\u00FCltiges Format.
+validation.general.target.subsector.valid=Der Target-Subsektor hat kein g\u00FCltiges Format.
+validation.general.target.admin.valid=Der Admin-Target f\u00FCr die Online-Applikation hat kein g\u00FCltiges Format.
+validation.general.target.publicserviceurl=Die Domain des eindeutigen Identifiers f\u00FCr die Online-Applikation erlaubt nur Applikationen aus dem privatwirtschaftlichen Bereich.
+validation.general.slversion=Die SecurityLayer Version ist kein Zahlenformat.
+validation.general.slversion.business=Im privatwirtschaftlichen Bereich muss die SecurityLayerversion mindestes 1.2 betragen. Die SLVersion wurde auf 1.2 ge\u00E4ndert.
+validation.general.targetfriendlyname=Der Name des Bereichs (Target) enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.identificationtype.valid=Der Identifikationstype wird nicht unterst\u00FCtzt.
+validation.general.identificationnumber.empty=Im privatwirtschaftlichen Bereich ist eine Identifikationsnummer erforderlich.
+validation.general.identificationnumber.valid=Die Identifikationsnummer f\u00FCr den privatwirtschaftlichen Bereich enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.identificationnumber.fn.valid=Die Firmenbuchnummer hat kein g\u00FCltiges Format.
+validation.general.oaidentifier.empty=Es wurde kein eindeutiger Identifier f\u00FCr die Online-Applikation angegeben.
+validation.general.oaidentifier.valid=Der eindeutige Identifier f\u00FCr die Online-Applikation ist keine g\u00FCltige URL.
+validation.general.oaidentifier.notunique=Der gew\u00E4hlte eindeutige Identifier ist bereits vorhanden. Eine Eintragung der Online-Applikation ist nicht m\u00F6glich.
+validation.general.stork.sptarget=Der STORK SP-Target ist leer.
+validation.general.stork.sptargetsize=Die Definition von STORK SP-Target ist nicht korrekt: zu viele Buchstaben.
+validation.general.bkuselection.filename.valid=Der Dateiname des BKU-Selektion Templates enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.bkuselection.file.valid=Das BKU-Selektion Templates konnte nicht geladen werden.
+validation.general.bkuselection.file.selected=Es kann nur EIN BKU-Selektion Template angegeben werden.
+validation.general.sendassertion.filename.valid=Der Dateiname des Send-Assertion Templates enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.sendassertion.file.valid=Das Send-Assertion Templates konnte nicht geladen werden.
+validation.general.sendassertion.file.selected=Es kann nur EIN Send-Assertion Template angegeben werden.
+validation.general.testcredentials.oid.valid=Die Testdaten OID {0} ist ung\u00FCltig.
+
+validation.bPKDec.keyStorePassword.empty=Das Password f\u00FCr den KeyStore ist leer.
+validation.bPKDec.keyStorePassword.valid=Das Password f\u00FCr den KeyStore enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.bPKDec.keyAlias.empty=Der Schl\u00FCsselname ist leer.
+validation.bPKDec.keyAlias.valid=Der Schl\u00FCsselname enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.bPKDec.keyPassword.empty=Das Password f\u00FCr den privaten Schl\u00FCssel ist leer.
+validation.bPKDec.keyPassword.valid=Das Password f\u00FCr den privaten Schl\u00FCssel enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.bPKDec.keyStore.filename.valid=Der Dateiname des KeyStores enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.bPKDec.keyStore.file.valid=Der KeyStore konnte nicht geladen oder ge\u00F6ffnet werden. Eventuell sind das Passwort oder der Schl\u00FCsselname nicht korrekt.
+validation.bPKDec.keyStore.file.selected=Es kann nur EIN KeyStore angegeben werden.
+
+validation.stork.cpeps.cc=CPEPS L\u00E4ndercode folgt nicht ISO 3166-2
+validation.stork.cpeps.empty=CPEPS Konfiguration ist unvollst\u00E4ndig
+validation.stork.cpeps.url=CPEPS URL ist ung\u00FCltig
+validation.stork.cpeps.duplicate=L\u00E4ndercodes sind nicht eindeutig
+validation.stork.requestedattributes=STORK Attribute sind fehlerhaft. Bsp.: attr1, attr2
+validation.stork.qaa.outofrange=G\u00FCltige QAA Werte sind 1, 2, 3, und 4
+validation.stork.attributes.empty=Es muss mindestens ein Attribut definiert sein
+validation.stork.ap.url.valid=Ung\u00FCltige AttributProvider Url
+validation.stork.ap.name.empty=Ung\u00FCltiger AttributProvider Name
+validation.stork.ap.name.valid=Ung\u00FCltiger AttributProvider Name
+validation.stork.ap.attributes.valid=Ung\u00FCltige Attributconfiguration f\u00FCr ein Attribut Provider Plugin. Feld darf nicht leer sein und ist als csv anzugeben.
+
+validation.pvp2.metadataurl.empty=Keine Metadaten URL angegeben.
+validation.pvp2.metadataurl.valid=Die Metadaten URL wei\u00DFt kein g\u00FCltiges URL Format auf.
+validation.pvp2.metadataurl.read=Unter der angegebenen Metadaten URL konnten keine Informationen abgerufen werden.
+validation.pvp2.metadata.verify.sig=Die Metadaten konnten nicht mit dem angegebenen Zertifikat verifziert werden.
+validation.pvp2.metadata.verify.schema=Die Schema-Validierung der Metadaten ist fehlgeschlagen.
+validation.pvp2.metadata.verify.general=Bei der Validierung der Metadaten ist ein allgemeiner Fehler aufgetreten.
+validation.pvp2.certificate.format=Das angegebene PVP2 Zertifikat wei\u00DFt kein g\u00FCltiges Format auf.
+validation.pvp2.certificate.notfound=Kein PVP2 Zertifikat eingef\u00FCgt.
+validation.pvp2.metadata.ssl=Das SSL Serverzertifikat des Metadaten Service ist nicht vertrauensw\u00FCrdig.
+validation.pvp2.metadata.validation=Die Metadaten konnten von der angegebenen URL geladen werden, jedoch schlug die Validierung der Metadaten fehl.
+
+validation.sso.logouturl.empty=Eine URL zum Single Log-Out Service ist erforderlich.
+validation.sso.logouturl.valid=Die URL zum Single Log-Out Service wei\u00DFt kein g\u00FCltiges Format auf.
+
+validation.interfederation.moaidp.queryurl.valid=Die URL zum AttributQuery Service wei\u00DFt kein g\u00FCltiges Format auf.
+validation.interfederation.moaidp.queryurl.empty=Die URL zum AttributQuery Service muss konfiguriert werden.
+validation.interfederation.moaidp.metadataurl.publicservice=Die Domain des Metadaten Services f\u00FCr diesen IDP erlaubt nur Applikationen aus dem privatwirtschaftlichen Bereich.
+validation.interfederation.gateway.entityID.valid=Die EntityID zum PVP Portal wei\u00DFt kein g\u00FCltiges Format auf.
+validation.interfederation.gateway.entityID.empty=Die EntityID zum PVP Portal muss konfiguriert werden.
+
+validation.saml1.providestammzahl=ProvideStammZahl kann nicht mit Applikationen aus dem privatwirtschaftlichen Bereich kombiniert werden.
+
+validation.general.bkuselection.specialfeatures.valid=Die speziellen Einstellungen f\u00FCr die BKU Auswahl (Vollmachtsanmeldung ausblenden / zwingend voraussetzen) k\u00F6nnen nicht in Kombination mit SSO verwendet werden.
+validation.general.bkuselection.specialfeatures.combination=Eine zwingend erforderliche Vollmachtenanmeldung in Kombination mit einer ausgeblendeten Vollmachtenauswahlcheckbox ist nicht m\u00F6glich.
+validation.general.form.color.background=Die Hintergrundfarbe f\\u00FCr die BKU Auswahl enth\\u00E4lt keinen g\\u00FCltigen Hexadezimalwert. (z.B. \\\#FFFFFF)
+validation.general.form.color.front=Die Vordergrundfarbe f\\u00FCr die BKU Auswahl enth\\u00E4lt keinen g\\u00FCltigen Hexadezimalwert. (z.B. \\\#FFFFFF)
+validation.general.form.header.color.back=Die Hintergrundfarbe der BKU-Auswahl\\u00FCberschrift enth\\u00E4lt keinen g\\u00FCltigen Hexadezimalwert. (z.B. \\\#FFFFFF)
+validation.general.form.header.color.front=Die Vordergrundfarbe der BKU-Auswahl\\u00FCberschrift enth\\u00E4lt keinen g\\u00FCltigen Hexadezimalwert. (z.B. \\\#FFFFFF)
+validation.general.form.header.text=Die BKU-Auswahl\\u00FCberschrift enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.form.button.color.back.focus=Die Hintergrundfarbe f\\u00FCr Focus der BKU-Auswahlbuttons enth\\u00E4lt keinen g\\u00FCltigen Hexadezimalwert. (z.B. \\\#FFFFFF)
+validation.general.form.button.color.back=Die Hintergrundfarbe der BKU-Auswahlbuttons enth\\u00E4lt keinen g\\u00FCltigen Hexadezimalwert. (z.B. \\\#FFFFFF)
+validation.general.form.button.color.front=Die Vordergrundfarbe der BKU-Auswahlbuttons enth\\u00E4lt keinen g\\u00FCltigen Hexadezimalwert. (z.B. \\\#FFFFFF)
+validation.general.form.appletredirecttarget=Der RedirectTarget beinhaltet einen ung\\u00FCltiten Wert.
+validation.general.form.fonttype=Der BKU-Auswahl Schrifttyp enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.form.applet.width=Die Appleth\u00F6he ist keine g\\u00FCltige Zahl.
+validation.general.form.applet.height=Die Appletbreite ist keine g\\u00FCltige Zahl.
diff --git a/id/moa-id-webgui/src/main/resources/applicationResources_en.properties b/id/moa-id-webgui/src/main/resources/applicationResources_en.properties
new file mode 100644
index 000000000..420ac27ec
--- /dev/null
+++ b/id/moa-id-webgui/src/main/resources/applicationResources_en.properties
@@ -0,0 +1,522 @@
+title=MOA-ID 2.x Configuration Tool
+
+
+config.01=Configfile is not found. ({0})
+config.02=Configfile is not readable. ({0})
+config.03=Hibernate Database connector can not be initialized
+config.04=OpenSAML (PVP2 Login) can not be initialized
+config.05=Configuration file is not defined
+config.06=Configfile {1} does not start with {0} prefix.
+
+error.title=Error:
+error.login.internal=The error occurred during the processing. Please try again or contact Administrator.
+error.general.text=During the processing the error condition occured. Please try again or contact the administrator.
+errors.listOAs.noOA=There is no Online-Application found in the database.
+errors.listIDPs.noIDP=There is no interfederation IdentityProvider found in the database.
+errors.edit.oa.oaid=There is no valid Online-Application ID transfered.
+errors.edit.oa.oaid.allowed=You do not possess the necessary rights in order to access this Online-Application.
+error.oa.pvp2.certificate=Provided PVP2 certificate could not be read.
+error.db.oa.store=The configuration could not be saved in the database.
+errors.notallowed=You do not posses necessary righs in order to use this function.
+errors.importexport.nofile=There is no file provided.
+errors.importexport.legacyimport=The Import of the legacy configuration was interrupted due to the error. (Error={0}).
+errors.importexport.export=The MOA-ID 2.x configuration could not be exported to XML file. (Error={0})
+errors.importexport.import=The import of XML configuration was interrupted due to the error. (Error={0}).
+errors.importexport.export.noconfig=The configuration could not be exported as there is no MOA-ID configuration available.
+errors.edit.user.userid=There is no valid user ID provided.
+errors.edit.user.save=The user could not be inserted in the database.
+errors.edit.user.notallowed=The editing of the other users configuration can be only done by administrators.
+error.login=The login procedure was interrupted. Please try again.
+error.mail.send=The message could not be sent to the provided address.
+error.mail.verification=The verification procedure was interrupted due to the error. Please try again.
+error.editoa.mailverification=The administration of the Online-Applications is temporarly deactivated because the email address of user's account is not verified.
+error.bkuformpreview.notpossible="The preview could not be generated as due to internal error."
+error.oa.oauth.redirecturi=Redirect URL ist not valid URL
+error.oa.oauth.clientSecret=Client-Secret cannot be blank
+error.oa.oauth.keyname=Key-Name cannot be blank
+error.oa.oauth.keystore=Keystore cannot be blank and has to be provided in the form of valid URL.
+
+mail.userrequest.subject=Requesting accounts - MOA-ID 2.x Config Tool
+
+
+webpages.slo.error=LogOut process finished with an error. For security reasons, please close your browser.
+webpages.slo.success=LogOut process finished successful
+
+webpages.error.header=The error occured
+webpages.index.header=Welcome to MOA-ID 2.x Configuration
+webpages.index.desciption.head=In order to use this service you should log in
+webpages.index.login=Login
+webpages.index.logout=Logout
+webpages.index.login.pvp2=Login with Buergerkarte or Handy-Signature
+webpages.index.login.notallowed=The user name or password are wrong, or the user account is not activated.
+webpages.index.username.unkown=The user is unknown.
+webpages.index.username.notactive=The user is still not activated by the administrator.
+webpages.index.password.false=The password is not valid.
+
+webpages.inportexport.header=Import/export configuration
+webpages.inportexport.success=The configuration was imported successfully
+webpages.inportexport.legacyimport.header=Import legacy configuration (MOA-ID < 2.0)
+webpages.inportexport.legacyimport.upload=Legacy configuration
+webpages.edit.import=Import
+webpages.edit.export=Export
+webpages.inportexport.import.header=MOA-ID 2.x configuration
+webpages.inportexport.import.upload=Import configuration
+webpages.inportexport.import.download=Export configuration
+webpages.inportexport.descripten=WARNING\: The imported configuration will completely replace currently active configuration\!
+
+webpages.usermanagement.newuser=Create new user
+webpages.usermanagement.header=User management
+webpages.listUsers.list.header=List all users
+webpages.listUsers.list.first=Surname-/Company
+webpages.listUsers.list.second=Name
+webpages.listUsers.list.third=User name
+webpages.edituser.header=User data
+webpages.edituser.givenname=Name
+webpages.edituser.familyName=Surname
+webpages.edituser.institut=Organization
+webpages.edituser.phone=Phone number
+webpages.edituser.mail=Email Address
+webpages.edituser.access.header=Login
+webpages.edituser.username=User name
+webpages.edituser.password=Password
+webpages.edituser.password_second=Repeat password
+webpages.edituser.bpk=BPK
+webpages.edituser.role.header=Rights and roles
+webpages.edituser.active=The user is activated
+webpages.edituser.admin=The user is admin
+webpages.edit.delete.user=Remove user
+webpages.edit.newUser=Request new user
+webpages.edituser.isusernamepasswordallowed=Allow username/password
+webpages.edituser.changemailaddress.verify=Your email address should be verified, in order to be able to manage Online-Applications. The verification email has been already sent to your email-address.
+webpages.edituser.verify.mail.button=Check email address
+webpages.edituser.verify.mail.message=Verification email has been sent to your inbox.
+
+webpages.mainpage.menu.oa.insert=Create new application
+webpages.mainpage.menu.oa.display=My applications
+webpages.mainpage.menu.oa.search=Find application
+webpages.mainpage.menu.general.user=My data
+webpages.mainpage.menu.general.importexport=Import/export
+webpages.mainpage.menu.general.config.moaid=General configuration
+webpages.mainpage.menu.general.usermanagement=User management
+webpages.mainpage.menu.general.adminrequests=Open requests
+
+webpages.mainpage.menu.interfederation=Interfederation
+webpages.interfederation.header=IDP Interfederation Configuration
+webpages.interfederation.list.header=List of all interfederation IDPs
+webpages.inderfederation.moaid.businessServiceIDP=BusinessService IDP
+webpages.inderfederation.moaid.header=Interfederation
+webpages.inderfederation.moaid.inboundSSO=Allow inbound SSO
+webpages.inderfederation.moaid.outboundSSO=Allow outbound SSO
+webpages.inderfederation.moaid.storeSSOSession=Store SSO session
+webpages.inderfederation.moaid.attributQueryURL=AttributQuery service URL
+webpages.inderfederation.moaid.sendPassivRequest=Use SAML2 isPassive attribute
+webpages.inderfederation.moaid.perfomLocalAuthOnError=Local authentication in case of an error
+webpages.interfederation.new.header=Add new Identity Provider
+webpages.interfederation.new.vidp=STORK VIDP
+webpages.interfederation.new.moaid=MOA-ID IDP
+webpages.interfederation.new.gateway=STORK<->PVP Gateway
+webpages.inderfederation.gateway.entityID=PVP portal EntityID
+
+webpages.moaconfig.save.success=MOA-ID has been successfully saved.
+webpages.moaconfig.header=General configuration
+webpages.oaconfig.general.publicURLPreFix=Public URL Prefix
+webpages.moaconfig.defaultbkus.header=Default CCE
+webpages.moaconfig.slrequesttemplates.header=SecurityLayer Request Templates
+webpages.moaconfig.slrequesttemplates.local=Local CCE
+webpages.moaconfig.slrequesttemplates.handy=Mobile CCE
+webpages.moaconfig.slrequesttemplates.online=Online CCE
+webpages.moaconfig.certificates.header=Certificate check
+webpages.moaconfig.certificates.certstore=CertStoreDirectory
+webpages.moaconfig.certificates.trustmanagerrev=TrustManagerRevocationChecking
+webpages.moaconfig.certificates.trustCACerts=TrustedCACertificates
+webpages.moaconfig.certificates.chainingmode=ChainingMode
+webpages.moaconfig.timeout.header=Session TimeOuts
+webpages.moaconfig.timeout.assertion=Assertion [sec]
+webpages.moaconfig.timeout.MOASessionCreated=SSO Session authenticated [sec]
+webpages.moaconfig.timeout.MOASessionUpdated=SSO Session last access[sec]
+webpages.moaconfig.moasp.header=MOA-SP configuration
+webpages.moaconfig.moasp.idltrustprofile=Trustprofile for IdentityLink
+webpages.moaconfig.moasp.authtrustprofile=Trustprofile for authentication block
+webpages.moaconfig.moasp.authblocktransform=Transformations for authentication block
+webpages.moaconfig.moasp.url=URL for MOA-SP Service
+webpages.moaconfig.identitylinksigners=IdentityLinkSigners
+webpages.moaconfig.services.header=External Services
+webpages.moaconfig.services.mandates=Online-Mandate Service URL
+webpages.moaconfig.services.szrgw=SZR Gateway Service URL
+webpages.moaconfig.sso.header=Single Sign-On
+webpages.moaconfig.sso.PublicUrl=SSO Service URL-Prefix
+webpages.moaconfig.sso.FriendlyName=SSO Service Name
+webpages.moaconfig.services.sso.Target=SSO Service Target
+webpages.moaconfig.services.sso.SpecialText=SSO AuthBlockText
+webpages.moaconfig.protocols.header=Logging
+webpages.moaconfig.protocols.allowed.header=Activate logging
+webpages.moaconfig.protocols.legacy.header=Activate Legacy Mode
+webpages.moaconfig.protocols.legacy.saml1=SAML1
+webpages.moaconfig.protocols.legacy.pvp2=PVP2.1
+webpages.moaconfig.protocols.oauth=OpenID Connect
+webpages.moaconfig.protocols.saml1.header=SAML1 Configuration
+webpages.moaconfig.protocols.saml1.sourceID=SourceID
+webpages.moaconfig.protocols.pvp2.header=PVP2 Configuration
+webpages.moaconfig.protocols.pvp2.PublicUrlPrefix=PVP2 Service URL-Prefix
+webpages.moaconfig.protocols.pvp2.IssuerName=PVP Service Name
+webpages.moaconfig.protocols.pvp2.org.header=Organization
+webpages.moaconfig.protocols.pvp2.org.name=Short description
+webpages.moaconfig.protocols.pvp2.org.displayname=Complete name
+webpages.moaconfig.protocols.pvp2.org.url=Organization's URL
+webpages.moaconfig.protocols.pvp2.contact.header=Contact data
+webpages.moaconfig.protocols.pvp2.contact.surename=Surname
+webpages.moaconfig.protocols.pvp2.contact.givenname=Name
+webpages.moaconfig.protocols.pvp2.contact.email=E-mail address
+webpages.moaconfig.protocols.pvp2.contact.company=Company
+webpages.moaconfig.protocols.pvp2.contact.phone=Phone number
+webpages.moaconfig.protocols.pvp2.contact.type=Contact type
+webpages.moaconfig.sl.transormations.header=SecurityLayer Transformations
+webpages.moaconfig.sl.transormations.filename=File name
+webpages.moaconfig.sl.transormations.upload=Upload new transformations
+
+webpages.listOAs.list.elInfo=Type
+webpages.listOAs.list.first=Unique identifier
+webpages.listOAs.list.second=Name of the Online-Application
+
+webpages.searchoa.header=Find Online-Application
+webpages.searchoa.search.friendlyname=Name of the Online-Applikation
+webpages.searchoa.butten.search=Search
+
+webpages.oaconfig.header=Configuration of the Online-Application
+webpages.oaconfig.general.isActive=Online-Application is activated
+webpages.oaconfig.general.bku.header=CCE configuration
+webpages.oaconfig.general.bku.local=Local CCE
+webpages.oaconfig.general.bku.online=Online CCE
+webpages.oaconfig.general.bku.handy=Mobile CCE
+webpages.oaconfig.general.bku.slversion=SecurityLayer Version
+webpages.oaconfig.general.bku.keyboxidentifier=KeyBoxIdentifier
+webpages.oaconfig.general.bku.legacy=SecurityLayerTemplates (Legacy Request)
+webpages.oaconfig.general.bku.sltemplate.first=SecurityLayer Template
+webpages.oaconfig.general.bku.sltemplate.second=SecurityLayer Template (WhiteList)
+webpages.oaconfig.general.bku.sltemplate.third=SecurityLayer Template (WhiteList)
+
+webpages.oaconfig.general.testing.header=Test Credentials
+webpages.oaconfig.general.testing.usetesting=Allow test credentials
+webpages.oaconfig.general.testing.oids=Use special test credential OIDs
+
+webpages.oaconfig.general.bku.delete=Remove
+webpages.oaconfig.general.bku.bkuselection.header=CCE-Selection Template
+webpages.oaconfig.general.bku.bkuselection.filename=Filename
+webpages.oaconfig.general.bku.bkuselection.upload=Upload new template
+webpages.oaconfig.general.bku.sendassertion.header=Send-Assertion Template
+webpages.oaconfig.general.bku.sendassertion.filename=Filename
+webpages.oaconfig.general.bku.sendassertion.upload=Upload new template
+
+webpages.oaconfig.bPKEncDec.header=Foreign-bPK Configuration
+webpages.oaconfig.bPKEncDec.keystore.header=Keystore configuration
+webpages.oaconfig.bPKEncDec.filename=Filename
+webpages.oaconfig.bPKEncDec.delete=Remove
+webpages.oaconfig.bPKEncDec.upload=Upload new keystore
+webpages.oaconfig.bPKEncDec.keyStorePassword=Keystore password
+webpages.oaconfig.bPKEncDec.keyAlias=Key alias
+webpages.oaconfig.bPKEncDec.keyPassword=Key password
+
+webpages.oaconfig.general.identification=Unique identifier (PublicURLPrefix)
+webpages.oaconfig.general.mandate.header=Mandates
+webpages.oaconfig.general.mandate.profiles=Profile
+webpages.oaconfig.general.mandate.usemandate=Mandates (ja/nein)
+webpages.oaconfig.general.friendlyname=Name of the Online-Application
+webpages.oaconfig.general.isbusinessservice=Private sector application
+webpages.oaconfig.general.isstorkservice=Stork application
+webpages.oaconfig.general.public.header=Public sector
+webpages.oaconfig.general.stork.header=STORK sector
+webpages.oaconfig.general.stork.countrycode=Country code
+webpages.oaconfig.general.target.friendlyname=Name of the sector (arbitrary defined)
+webpages.oaconfig.general.target.admin.checkbox=Define other sector arbitrary
+webpages.oaconfig.general.target.admin=Sector (arbitrary defined)
+webpages.oaconfig.general.target.friendlyname.disabled=Name of the sector (defined by admin)
+webpages.oaconfig.general.target.admin.disabled=Sector (defined by admin)
+webpages.oaconfig.general.target=Sector (Target)
+webpages.oaconfig.general.target.subsector=Sub-sector
+webpages.oaconfig.general.target.subsector.checkbox=Refine target
+webpages.oaconfig.general.business.header=Private sector
+webpages.oaconfig.general.business.value=Identification number
+webpages.oaconfig.general.business.type=Type of identification number
+webpages.oaconfig.general.aditional.header=Additional general settings
+webpages.oaconfig.general.aditional.authblocktext=AuthblockText
+webpages.oaconfig.general.aditional.iframe=Selection of citizen card in IFrame
+webpages.oaconfig.general.aditional.useUTC=Use UTC time
+webpages.oaconfig.general.aditional.calculateHPI="TODO!"
+webpages.oaconfig.general.isHideBPKAuthBlock=Hide bPK/wbPK from AuthBlock
+
+webpages.oaconfig.menu.saml1.show=Show SAML1 configuration
+webpages.oaconfig.menu.saml1.hidden=Hide SAML1 configuration
+webpages.oaconfig.menu.pvp2.show=Show PVP2 configuration
+webpages.oaconfig.menu.pvp2.hidden=Hide PVP2 configuration
+webpages.oaconfig.menu.oauth20.show=Show OAuth 2.0 configuration
+webpages.oaconfig.menu.oauth20.hidden=Hide OAuth 2.0 configuration
+webpages.oaconfig.menu.vidp.show=Show VIDP configuration
+webpages.oaconfig.menu.vidp.hidden=Hide VIDP configuration
+
+webpages.oaconfig.menu.stork=STORK configuration
+
+webpages.oaconfig.protocols.header=Authentication protocols
+
+webpages.oaconfig.general.BKUSelection.button.show=Show configuration of login window
+webpages.oaconfig.general.BKUSelection.button.hidden=Hide configuration of login window
+webpages.oaconfig.general.BKUSelection.header=Configuration of form
+webpages.oaconfig.general.BKUSelection.isOnlyMandateLoginAllowed=Allow mandated login only
+webpages.oaconfig.general.BKUSelection.backgroundcolor=Background color of CCE-Auswahl
+webpages.oaconfig.general.BKUSelection.frontcolor=Foreground color of CCE-Auswahl
+webpages.oaconfig.general.BKUSelection.header.backgroundcolor=Background color of header
+webpages.oaconfig.general.BKUSelection.header.frontcolor=Foreground color of header
+webpages.oaconfig.general.BKUSelection.header.text=Header text
+webpages.oaconfig.general.BKUSelection.header.button.background=Background color of button
+webpages.oaconfig.general.BKUSelection.header.button.background.focus=Background color of button (focus)
+webpages.oaconfig.general.BKUSelection.header.button.front=Foreground color of buton
+webpages.oaconfig.general.BKUSelection.redirectTarget=Targetparameter
+webpages.oaconfig.general.BKUSelection.fonttype=Form font type
+webpages.oaconfig.general.BKUSelection.fonttype.list=Form font type list
+webpages.oaconfig.general.BKUSelection.header.applet.height=Height of applet
+webpages.oaconfig.general.BKUSelection.header.applet.width=Width of applet
+
+webpages.oaconfig.sso.header=Single Sign-On
+webpages.oaconfig.sso.singlelogouturl=Single Log-Out URL
+webpages.oaconfig.sso.useauthdataframe=Additional user request
+webpages.oaconfig.sso.usesso=Use Single Sign-On
+
+webpages.oaconfig.stork.header=Secure idenTity acrOss boRders linKed
+webpages.oaconfig.stork.usestork=Activate STORK Logon
+webpages.oaconfig.stork.attributes.header=requested attributes
+webpages.oaconfig.stork.attributes.used=require?
+webpages.oaconfig.stork.attributes.name=Attribute name
+webpages.oaconfig.stork.attributes.mandatory=mandatory?
+webpages.oaconfig.stork.enabledcpeps=activated target countries
+webpages.moaconfig.stork.pepslist=C-PEPS configuration
+webpages.moaconfig.stork.newpeps=Configure new PEPS
+webpages.moaconfig.stork.removepeps=remove
+webpages.moaconfig.stork.qaa.default=Select standard QAA-Level
+webpages.moaconfig.stork.attributes.heading=Configuration of attributes
+webpages.moaconfig.stork.attributes.new=Add new attribute
+webpages.moaconfig.stork.attributes.heading.name=Name of attribute
+webpages.moaconfig.stork.attributes.heading.mandatory=mandatory
+webpages.moaconfig.stork.attributes.remove=remove
+webpages.moaconfig.stork.qaa=Select minimal QAA-Level for current OA
+
+webpages.oaconfig.protocols.saml1.header=SAML1 configuration
+webpages.oaconfig.saml1.isActice=Activate SAML1
+webpages.oaconfig.saml1.provideStammZahl=Transfer SourcePIN
+webpages.oaconfig.saml1.provideAuthBlock=Transfer Authentication block
+webpages.oaconfig.saml1.provideIdentityLink=Transfer IdentityLink
+webpages.oaconfig.saml1.provideCertificate=Transfer certificate
+webpages.oaconfig.saml1.provideFullMandateData=Transfer complete mandate data
+webpages.oaconfig.saml1.useCondition=Use condition
+webpages.oaconfig.saml1.conditionLength=Condition length
+webpages.oaconfig.saml1.provideAllErrors=Transfer errors to application
+
+webpages.oaconfig.protocols.pvp2.header=PVP2.x configuration
+webpages.oaconfig.pvp2.reload=Load new PVP2.x configuration
+webpages.oaconfig.pvp2.metaDataURL=Metadata URL
+webpages.oaconfig.pvp2.certifcate=Upload certificate
+webpages.oaconfig.pvp2.certifcate.info=Certificate infos
+
+webpages.oaconfig.protocols.oauth20.header=OAuth 2.0 configuration
+webpages.oaconfig.oauth20.clientId=Client ID
+webpages.oaconfig.oauth20.clientSecret=Client Password
+webpages.oaconfig.oauth20.redirectUri=Redirect URI
+
+webpages.oaconfig.vidp.enabled=VIDP interface is active
+webpages.oaconfig.vidp.requireconsent=Ask the user for attributes transfer consent?
+webpages.oaconfig.vidp.ap.new=Create new attribute provider
+webpages.oaconfig.vidp.ap.remove=Remove
+webpages.oaconfig.vidp.ap.list=List of configured attribute providers
+
+
+message.title=Announcement:
+webpages.oaconfig.success=The Online-Application {0} could be saved.
+webpages.oaconfig.success.admin=Online-Applikation {0} could be saved. The activation by the Administrator is necessary.
+webpages.oaconfig.cancle=The processing of Online-Applikation {0} was interrupted.
+webpages.idp.success=IdentityProvider {0} could be saved.
+webpages.idp.cancle=The processing of IdentityProvider {0} was interrupted.
+
+webpages.oaconfig.delete.message=Online-Application {0} was succesfully removed.
+webpages.oaconfig.delete.error=Online-Application {0} could not be removed.
+
+webpages.edit.save=Save changes
+webpages.edit.back=Forget changes and go back
+webpages.edit.delete=Remove Online-Application
+
+webpages.header.info=You are logged in as:
+webpages.header.lastlogin=Last login on:
+
+webpages.openadminrequests.header=Active requests:
+webpages.openadminrequests.users.header=User accounts
+webpages.openadminrequests.oas.header=Online-Applications
+
+
+validation.newuser.mailaddress=Validation of eMail address completed.
+
+validation.edituser.familyname.empty=The surname is blank.
+validation.edituser.familyname.valid=The surname contains forbidden characters. The following characters are not allowed\: {0}
+validation.edituser.givenname.empty=The name is blank.
+validation.edituser.givenname.valid=The name contains forbidden characters. The following characters are not allowed\: {0}
+validation.edituser.institut.empty=The organization is blank.
+validation.edituser.institut.valid=The organization contains forbidden characters. The following characters are not allowed\: {0}
+validation.edituser.mail.empty=The eMail address is blank.
+validation.edituser.mail.valid=The eMail address has invalid format.
+validation.edituser.phone.empty=The phone number is blank.
+validation.edituser.phone.valid=The phone number has invalid form
+validation.edituser.username.empty=The user name is blank.
+validation.edituser.username.valid=The user name contains forbidden characters. The following characters are not allowed\: {0}
+validation.edituser.username.duplicate=The user name is already used
+validation.edituser.password.empty=The password is blank.
+validation.edituser.password.valid=The password could not be transferred into valid key.
+validation.edituser.password.equal=The passwords are not identical.
+validation.edituser.bpk.valid=BPK contains forbidden characters. The following characters are not allowed\: {0}
+
+validation.general.SAML1SourceID=SAML1SourceID contains forbidden characters. The following characters are not allowed\: {0}
+validation.general.publicURLprefix.empty=Public URL Prefix is blank.
+validation.general.publicURLprefix.valid=Public URL Prefix has invalid format.
+validation.general.businessservice.empty=Online application is no public or private application.
+validation.general.certStoreDirectory.empty=CertStoreDirectory is blank.
+validation.general.certStoreDirectory.valid=CertStoreDirectory Feld contains forbidden characters. The following characters are not allowed\: {0}
+validation.general.Defaultchainigmode.empty=There is no DefaultChainingMode selected.
+validation.general.Defaultchainigmode.valid=DefaultChainingMode contains invalid value.
+validation.general.IdentityLinkSigners.empty=There is no IdentityLinkSigner given
+validation.general.IdentityLinkSigners.valid=IdentityLinkSigner in the line {0} contains forbidden characters. The following characters are not allowed\: {1}
+validation.general.mandateservice.valid=URL for Online-Mandating Service has invalid format.
+validation.general.moasp.auth.transformation.empty=Transformation for authentication block is blank.
+validation.general.moasp.auth.transformation.valid=Transformation for authentication block in the line {0} contians forbidden characters. The following characters are not allowed\: {1}
+validation.general.moasp.auth.trustprofile.empty=TrustProfile for checking of authentication block is blank.
+validation.general.moasp.auth.trustprofile.valid=TrustProfile for checking of authentication block contains forbidden characters. The following characters are not allowed\: {0}
+validation.general.moasp.idl.trustprofile.empty=TrustProfile for checking of IdentityLink is blank.
+validation.general.moasp.idl.trustprofile.valid=TrustProfile for checking of IdentityLink contain forbidden characters. The following characters are not allowed\: {0}
+validation.general.moaspss.url.valid=URL for MOA-SP/SS service has invalid format.
+validation.general.protocol.pvp2.issuername.valid=PVP2\: service name contains forbidden characters. The following characters are not allowed\: {0}
+validation.general.protocol.pvp2.org.displayname.valid=PVP2 organization\: complete name contains forbidden characters. The following characters are not allowed\: {0}
+validation.general.protocol.pvp2.org.name.valid=PVP2 organization\: Short description contains forbidden characters. The following characters are not allowed\: {0}
+validation.general.protocol.pvp2.org.url.valid=PVP2 organization\: URL has invalid format.
+validation.general.protocol.pvp2.serviceurl.valid=PVP2\: service URL-Prefix has invalid format.
+validation.general.protocol.pvp2.contact.company.valid=PVP2 contact data\: the company name contains forbidden characters. The following characters are not allowed\: {0}
+validation.general.protocol.pvp2.contact.givenname.valid=PVP2 contact data\: the surname contains forbidden characters. The following characters are not allowed\: {0}
+validation.general.protocol.pvp2.contact.surename.valid=PVP2 contact data\: the name contains forbidden characters. The following characters are not allowed\: {0}
+validation.general.protocol.pvp2.contact.type.valid=PVP2 contact data: the provided contact type is not existing.
+validation.general.protocol.pvp2.contact.mail.valid=PVP2 contact data\: the e-Mail address provided is invalid.
+validation.general.protocol.pvp2.contact.phone.valid=PVP2 contact data\: the phone number provided is invalid.
+validation.general.timeouts.assertion.valid=The field assertion timeout has invalid value.
+validation.general.timeouts.moasessioncreated.valid=The field MOASessionCreated TimeOut has invalid value.
+validation.general.timeouts.moasessionupdated.valid=The field MOASessionUpdated TimeOut has invalid value.
+
+validation.general.slrequest.handy.empty=URL for SecurityLayer Template for die Handy-CCE is blank.
+validation.general.slrequest.handy.valid=URL for SecurityLayer Template for Mobile-CCE has invalid format.
+validation.general.slrequest.local.empty=URL for SecurityLayer Template for local CCE is blank.
+validation.general.slrequest.local.valid=URL for SecurityLayer Template for local CCE has invalid format.
+validation.general.slrequest.online.empty=URL for SecurityLayer Template for Online-CCE is blank.
+validation.general.slrequest.online.valid=URL for SecurityLayer Template for die Online-CCE has invalid format.
+validation.general.sso.friendlyname.valid=SSO Service Name contains forbidden characters. The following characters are not allowed\: {0}
+validation.general.sso.identificationnumber.valid=SSO IdentificationNumber contains forbidden characters. The following characters are not allowed\: {0}
+validation.general.sso.publicurl.valid=SSO Service URL-Prefix has invalid format.
+validation.general.sso.specialauthtext.valid=SSO AuthBlockText contains forbidden characters. The following characters are not allowed\: {0}
+validation.general.sso.target.empty=SSO Target field is blank.
+validation.general.sso.target.valid=SSO Target field contains invalid target.
+validation.general.szrgw.url.valid=URL for SZR Gateway has invalid format.
+validation.general.trustedcacerts.empty=Field TrustedCACertificates is blank.
+validation.general.trustedcacerts.valid=Das Feld TrustedCACertificates contains forbidden characters. The following characters are not allowed\: {0}
+validation.general.slrequest.filename.valid=File name of provided AuthBlock transformation contains forbidden characters. The following characters are not allowed\: {0}
+validation.general.slrequest.file.valid=The provided AuthBlock transformation could not be loaded.
+validation.general.slrequest.file.empty=The AuthBlock transformation is empty
+
+validation.general.aditionalauthblocktext=The additional text for AuthBlock contains forbidden characters. The following characters are not allowed\: {0}
+validation.general.bku.handy.empty=URL for Mobile-CCE is blank.
+validation.general.bku.handy.valid=URL for Mobile-CCE has invalid format.
+validation.general.bku.local.empty=URL for local CCE is blank.
+validation.general.bku.local.valid=URL for local CCE has invalid format.
+validation.general.bku.online.empty=URL for Online-CCE is blank.
+validation.general.bku.online.valid=URL for Online-CCE has invalid format.
+validation.general.oafriendlyname.empty=There is no name for Online-Application provided.
+validation.general.oafriendlyname.valid=The name of Online-Application contains forbidden characters. The following characters are not allowed\: {0}
+validation.general.keyboxidentifier.empty=There is no KeyBoxIdentifier selected.
+validation.general.keyboxidentifier.valid=The KeyBoxIdentifier has invalid format.
+validation.general.sltemplates.empty=When the Legacy mod is used werden, at least one SecurityLayer Template should be provided.
+validation.general.sltemplate1.valid=First SecurityLayer Template URL has invalid format.
+validation.general.sltemplate2.valid=Second SecurityLayer Template URL has invalid format.
+validation.general.sltemplate3.valid=Third SecurityLayer Template URL has invalid format.
+validation.general.mandate.profiles=The list of Mandate profiles contains forbidden characters. The following characters are not allowed\: {0}
+validation.general.mandate.usemandate=The configuration of Mandate profile is only with activated mandating support possible.
+validation.general.target.empty=The Target for the Online-Application is blank.
+validation.general.target.valid=The Target for the Online-Application has invalid format.
+validation.general.target.subsector.valid=The Target-Subsector has invalid format.
+validation.general.target.admin.valid=The Admin-Target for the Online-Application has invalid format.
+validation.general.target.publicserviceurl=The domain of unique identifier for the Online-Application permits applications from the private sector only.
+validation.general.slversion=The version of SecurityLayer is not the number.
+validation.general.slversion.business=In private sector the version of SecurityLayer should be at least 1.2. SLVersion was set on 1.2.
+validation.general.targetfriendlyname=The name of the sector (Target) contains forbidden characters. The following characters are not allowed\: {0}
+validation.general.identificationtype.valid=The identification type is not supported.
+validation.general.identificationnumber.empty=The identification number is necessary for private sector.
+validation.general.identificationnumber.valid=The identification number for the private sector contains forbidden characters. The following characters are not allowed\: {0}
+validation.general.identificationnumber.fn.valid=The identification number has invalid format.
+validation.general.oaidentifier.empty=There is no unique identifier for the Online-Application provided.
+validation.general.oaidentifier.valid=The unique identifier for the Online-Application is not valid URL.
+validation.general.oaidentifier.notunique=The selected unique identifier is already available. Registration of the Online-Application was not possible.
+validation.general.stork.sptarget=STORK SP-Target is blank.
+validation.general.stork.sptargetsize=The Definition of STORK SP-Target is incorrect: too many characters.
+validation.general.bkuselection.filename.valid=The file name of CCE-selection template contains forbidden characters. The following characters are not allowed\: {0}
+validation.general.bkuselection.file.valid=The CCE-selection template could not be loaded.
+validation.general.bkuselection.file.selected=Only one CCE-selection template can be provided.
+validation.general.sendassertion.filename.valid=The file name of Send-Assertion Templates contains forbidden characters. The following characters are not allowed\: {0}
+validation.general.sendassertion.file.valid=Send-Assertion Templates could not be loaded.
+validation.general.sendassertion.file.selected=Only one Send-Assertion Template can be provided.
+validation.general.testcredentials.oid.valid=The OID {0} for test credentials is not a valid.
+
+validation.bPKDec.keyStorePassword.empty=KeyStore password is blank.
+validation.bPKDec.keyStorePassword.valid=The keyStore password contains forbidden characters. The following characters are not allowed\: {0}
+validation.bPKDec.keyAlias.empty=Key alias is blank.
+validation.bPKDec.keyAlias.valid=The key alias contains forbidden characters. The following characters are not allowed\: {0}
+validation.bPKDec.keyPassword.empty=Key password is blank.
+validation.bPKDec.keyPassword.valid=The key password contains forbidden characters. The following characters are not allowed\: {0}
+validation.bPKDec.keyStore.filename.valid=The keyStore filename contains forbidden characters. The following characters are not allowed\: {0}
+validation.bPKDec.keyStore.file.valid=KeyStore can not loaded. Maybe keyStore password or key alias are wrong.
+validation.bPKDec.keyStore.file.selected=Only one keyStore can be provided.
+
+validation.stork.cpeps.cc=CPEPS country code is not based on 3166-2
+validation.stork.cpeps.empty=CPEPS configuration is incomplete
+validation.stork.cpeps.url=CPEPS URL is invalid
+validation.stork.cpeps.duplicate=Country codes are not unique
+validation.stork.requestedattributes=STORK attributes are incorrect. Example: attr1, attr2
+validation.stork.qaa.outofrange=Valid QAA values are 1, 2, 3, and 4
+validation.stork.attributes.empty=Only one attribute can be provided
+validation.stork.ap.url.valid=Invalid URL of AttributeProvider
+validation.stork.ap.name.empty=Invalid name of AttributeProvider
+validation.stork.ap.name.valid=Invalid Name of AttributeProvider
+validation.stork.ap.attributes.valid=Invalid attribute configuration for Attribute Provider Plugin. The field may not be blank und must be provided as csv.
+
+validation.pvp2.metadataurl.empty=There is no metadata URL provided.
+validation.pvp2.metadataurl.valid=The metadata URL has invalid URL format .
+validation.pvp2.metadataurl.read=No information could be found under provided URL.
+validation.pvp2.metadata.verify.sig=The metadata could not be verified with the provided certificate.
+validation.pvp2.metadata.verify.schema=Metadata schema validation FAILED.
+validation.pvp2.metadata.verify.general=Metadata validation has an generic error.
+validation.pvp2.certificate.format=The provided PVP2 certificate has invalid format.
+validation.pvp2.certificate.notfound=There is no PVP2 inserted.
+validation.pvp2.metadata.ssl=The SSL server certificate is not trusted.
+
+validation.sso.logouturl.empty=URL for Single Log-Out Service is necessary.
+validation.sso.logouturl.valid=URL for Single Log-Out Service has incorrect format.
+
+validation.interfederation.moaidp.queryurl.valid=URL for AttributQuery Service has incorrect format.
+validation.interfederation.moaidp.queryurl.empty=URL for AttributQuery Service is necessary.
+validation.interfederation.moaidp.metadataurl.publicservice=The domain of Metadata service for that IDP permits private sector only.
+validation.interfederation.gateway.entityID.valid=PVP portal EntityID has an incorrect format.
+validation.interfederation.gateway.entityID.empty=PVP portal EntityID is necessary.
+
+validation.saml1.providestammzahl=ProvideSourcePIN cannot be combined with applications from private sector.
+
+validation.general.bkuselection.specialfeatures.valid=The special settings for the selection of CCE (Hide mandate login / compulsory required) could not be used in combination with SSO.
+validation.general.bkuselection.specialfeatures.combination=Required mandate based in combination with hidden checkbox for selection of mandating is not possible.
+validation.general.form.color.background=Background color for CCE selection contains invalid hexadecimal value. (e.g. \\\#FFFFFF)
+validation.general.form.color.front=Foreground color for CCE selection contains invalid hexadecimal value. (e.g. \\\#FFFFFF)
+validation.general.form.header.color.back=Background color for the caption of CCE selection contains no valid hexadecimal value. (e.g. \\\#FFFFFF)
+validation.general.form.header.color.front=Foreground collor for the caption of CCE selection contains no valid hexadecimal value. (e.g. \\\#FFFFFF)
+validation.general.form.header.text=The caption of CCE contains forbidden characters. The following characters are not allowed\: {0}
+validation.general.form.button.color.back.focus=Die Hintergrundfarbe f\\u00FCr Focus der CCE-Auswahlbuttons enth\\u00E4lt keinen g\\u00FCltigen Hexadezimalwert. (z.B. \\\#FFFFFF)
+validation.general.form.button.color.back=Background color for selection buttons for CCE contains no valid hexadecimal value. (e.g. \\\#FFFFFF)
+validation.general.form.button.color.front=Foreground color for selection buttons for CCE contains no valid hexadecimal value. (e.g. \\\#FFFFFF)
+validation.general.form.appletredirecttarget=RedirectTarget contains invalud value.
+validation.general.form.fonttype=Font type for CCE selection contains forbidden characters. The following characters are not allowed\: {0}
+validation.general.form.applet.width=The height of applet is invalid number.
+validation.general.form.applet.height=The width of applet is invalid number.
diff --git a/id/moa-id-webgui/src/main/resources/gui/meta.properties b/id/moa-id-webgui/src/main/resources/gui/meta.properties
new file mode 100644
index 000000000..0abf358d9
--- /dev/null
+++ b/id/moa-id-webgui/src/main/resources/gui/meta.properties
@@ -0,0 +1,76 @@
+__BASE__.moaidgeneral.0=moa.id.general
+__BASE__.moaidoa.0=moa.id.services.oa
+__BASE__.moaidinterfederation.0=moa.id.services
+
+moa.id.general.__TY=general
+moa.id.general.__CA=General Configuration
+moa.id.general.__DE=General MOA-ID Configuration
+
+moa.id.services.__TY=GROUP
+moa.id.services.__CA=MOA-ID Interfederation Services
+moa.id.services.__DE=Interfederation Services
+
+##Online application##
+moa.id.services.oa.__TY=ARRAY
+moa.id.services.oa.__ADD=true
+moa.id.services.oa.__DEL=true
+moa.id.services.oa.__CA=List of online Applications
+moa.id.services.oa.__DE=All actually configured online application
+moa.id.services.oa.__CTY=moaidoa
+moa.id.services.oa.__CCA=Unique ID;Friendlyname
+moa.id.services.oa.__CIDS=uniqueID;friendlyName
+moa.id.services.oa.__CDE=Online Application
+
+moa.id.services.oa.__TE.friendlyName=Sample Name
+moa.id.services.oa.__TE.uniqueID=http://sampleonline.application.com/
+moa.id.services.oa.__TE.isActive=false
+
+##V-IDP##
+moa.id.services.vidp.__GR=moa.id.services
+moa.id.services.vidp.__TY=ARRAY
+moa.id.services.vidp.__ADD=true
+moa.id.services.vidp.__DEL=true
+moa.id.services.vidp.__CA=List of V-IDPs
+moa.id.services.vidp.__DE=All actually configured V-IDP instances
+moa.id.services.vidp.__CTY=moaidvidp
+moa.id.services.vidp.__CCA=Unique ID;Friendlyname
+moa.id.services.vidp.__CIDS=uniqueID;friendlyName
+moa.id.services.vidp.__CDE=V-IDP
+
+moa.id.services.vidp.__TE.friendlyName=Sample V-IDP
+moa.id.services.vidp.__TE.uniqueID=http://sampleonline.application.com/
+moa.id.services.vidp.__TE.isActive=false
+
+##I-IDP##
+moa.id.services.iidp.__GR=moa.id.services
+moa.id.services.iidp.__TY=ARRAY
+moa.id.services.iidp.__ADD=true
+moa.id.services.iidp.__DEL=true
+moa.id.services.iidp.__CA=List of Interfederation IDPs
+moa.id.services.iidp.__DE=All actually configured I-IDP instances
+moa.id.services.iidp.__CTY=moaidiidp
+moa.id.services.iidp.__CCA=Unique ID;Friendlyname
+moa.id.services.iidp.__CIDS=uniqueID;friendlyName
+moa.id.services.iidp.__CDE=I-IDP
+
+moa.id.services.iidp.__TE.friendlyName=Sample I-IDP
+moa.id.services.iidp.__TE.uniqueID=http://sampleonline.application.com/
+moa.id.services.iidp.__TE.isActive=false
+
+##Gateway##
+moa.id.services.gateway.__GR=moa.id.services
+moa.id.services.gateway.__TY=ARRAY
+moa.id.services.gateway.__ADD=true
+moa.id.services.gateway.__DEL=true
+moa.id.services.gateway.__CA=List of STORK<->PVP Gateways
+moa.id.services.gateway.__DE=All actually configured Gateway instances
+moa.id.services.gateway.__CTY=moaidgateway
+moa.id.services.gateway.__CCA=Unique ID;Friendlyname
+moa.id.services.gateway.__CIDS=uniqueID;friendlyName
+moa.id.services.gateway.__CDE=V-IDP
+
+moa.id.services.gateway.__TE.friendlyName=Sample Gateway
+moa.id.services.gateway.__TE.uniqueID=http://sampleonline.application.com/
+moa.id.services.gateway.__TE.isActive=false
+
+
diff --git a/id/moa-id-webgui/src/main/resources/gui/types/gateway.json b/id/moa-id-webgui/src/main/resources/gui/types/gateway.json
new file mode 100644
index 000000000..50ccd200c
--- /dev/null
+++ b/id/moa-id-webgui/src/main/resources/gui/types/gateway.json
@@ -0,0 +1,50 @@
+{
+ "$schema": "http://json-schema.org/draft-04/schema#",
+ "id": "http://www.egiz.gv.at/dynUI/OA",
+ "typeName": "moaidgateway",
+ "type": "object",
+ "title": "STORK<->PVP Gateway",
+ "format": "tabs",
+ "properties": {
+ "isActive" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/isactive",
+ "type": "boolean",
+ "format" : "checkbox",
+ "title": "is Active"
+ },
+ "uniqueID": {
+ "id": "http://www.egiz.gv.at/dynUI/OA/uniqueId",
+ "type": "string",
+ "format": "url",
+ "title": "Unique Identifier (PublicURLPrefix)"
+ },
+ "friendlyName": {
+ "id": "http://www.egiz.gv.at/dynUI/OA/friendlyname",
+ "type": "string",
+ "title": "Friendlyname"
+ },
+ "businessservice" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/type",
+ "type": "boolean",
+ "format" : "checkbox",
+ "title": "Private Sector application"
+ },
+ "interfederation": {
+ "id": "http://www.egiz.gv.at/dynUI/OA/interfederation",
+ "type": "object",
+ "title": "PVP Gateway",
+ "description": "STORK<->PVP Gateway configuration",
+ "options": {
+ "collapsed": true
+ },
+ "properties": {
+ "forward.IDP": {
+ "id": "http://www.egiz.gv.at/dynUI/OA/interfederation/forward/entityID",
+ "type": "string",
+ "title": "PVP portal EntityID"
+ }
+ }
+ }
+ },
+ "required": ["uniqueID", "friendlyName"]
+}
diff --git a/id/moa-id-webgui/src/main/resources/gui/types/general.json b/id/moa-id-webgui/src/main/resources/gui/types/general.json
new file mode 100644
index 000000000..f12b71eea
--- /dev/null
+++ b/id/moa-id-webgui/src/main/resources/gui/types/general.json
@@ -0,0 +1,480 @@
+{
+ "$schema": "http://json-schema.org/draft-04/schema#",
+ "id": "http://www.egiz.gv.at/dynUI/general",
+ "typeName": "general",
+ "type": "object",
+ "title": "General MOA-ID Configuration",
+ "format": "tabs",
+ "properties": {
+ "publicURLPrefix": {
+ "id": "http://www.egiz.gv.at/dynUI/general/publicurlprefix",
+ "type": "string",
+ "format": "url",
+ "title": "Public URL Prefix"
+ },
+ "defaults.bku": {
+ "id": "http://www.egiz.gv.at/dynUI/general/bkuurls",
+ "type": "object",
+ "title": "Default BKUs",
+ "description": "Default BKUs for authentication",
+ "options": {
+ "collapsed": true
+ },
+ "properties": {
+ "onlineBKU" : {
+ "id": "http://www.egiz.gv.at/dynUI/general/bkuurls/online",
+ "type": "string",
+ "format": "url",
+ "title": "Online BKU"
+ },
+ "handyBKU" : {
+ "id": "http://www.egiz.gv.at/dynUI/general/bkuurls/handy",
+ "type": "string",
+ "format": "url",
+ "title": "Handy BKU"
+ },
+ "localBKU" : {
+ "id": "http://www.egiz.gv.at/dynUI/general/bkuurls/local",
+ "type": "string",
+ "format": "url",
+ "title": "Local BKU"
+ }
+ }
+ },
+ "defaults.templates": {
+ "id": "http://www.egiz.gv.at/dynUI/general/templates",
+ "type": "object",
+ "title": "Default SL-Templates",
+ "description": "Default SecurityLayer templates",
+ "options": {
+ "collapsed": true
+ },
+ "properties": {
+ "onlineBKU" : {
+ "id": "http://www.egiz.gv.at/dynUI/general/templates/online",
+ "type": "string",
+ "title": "Online BKU"
+ },
+ "handyBKU" : {
+ "id": "http://www.egiz.gv.at/dynUI/general/templates/handy",
+ "type": "string",
+ "title": "Handy BKU"
+ },
+ "localBKU" : {
+ "id": "http://www.egiz.gv.at/dynUI/general/templates/local",
+ "type": "string",
+ "title": "Local BKU"
+ }
+ }
+ },
+ "auth": {
+ "id": "http://www.egiz.gv.at/dynUI/general/auth",
+ "type": "object",
+ "title": "Authentication",
+ "description": "Authentication configuration",
+ "options": {
+ "collapsed": true
+ },
+ "properties": {
+ "authblock.transformation": {
+ "id": "http://www.egiz.gv.at/dynUI/general/auth/authblock/transform",
+ "type": "object",
+ "format": "file",
+ "title": "AuthBlock transformation",
+ "description": "XML Transformation for AuthBlock generation",
+ "properties": {
+ "data" : {
+ "id": "http://www.egiz.gv.at/dynUI/general/auth/authblock/transform/data",
+ "type": "string"
+ },
+ "preview" : {
+ "id": "http://www.egiz.gv.at/dynUI/general/auth/authblock/transform/preview",
+ "type": "string"
+ },
+ "filename" : {
+ "id": "http://www.egiz.gv.at/dynUIOA/general/auth/authblock/transform/filename",
+ "type": "string"
+ }
+ }
+ },
+ "timeouts": {
+ "id": "http://www.egiz.gv.at/dynUI/general/auth/timeouts",
+ "type": "object",
+ "title": "Timeout Configuration",
+ "description": "Session and Process timeout configuration",
+ "options": {
+ "collapsed": true
+ },
+ "properties": {
+ "sso.create" : {
+ "id": "http://www.egiz.gv.at/dynUI/general/auth/timeouts/ss/create",
+ "type": "integer",
+ "title": "SSO created"
+ },
+ "sso.update" : {
+ "id": "http://www.egiz.gv.at/dynUI/general/auth/timeouts/sso/update",
+ "type": "integer",
+ "title": "SSO updated"
+ },
+ "transaction" : {
+ "id": "http://www.egiz.gv.at/dynUI/general/auth/timeouts/transaction",
+ "type": "integer",
+ "title": "Transaction"
+ }
+ }
+ },
+ "moasp": {
+ "id": "http://www.egiz.gv.at/dynUI/general/auth/moasp",
+ "type": "object",
+ "title": "MOA-SP",
+ "description": "IdentityLink and Authblock validation",
+ "options": {
+ "collapsed": true
+ },
+ "properties": {
+ "trustprofile.idl.prod" : {
+ "id": "http://www.egiz.gv.at/dynUI/general/auth/moasp/trust/idl",
+ "type": "string",
+ "title": "TrustProfile IdentityLink"
+ },
+ "trustprofile.authblock.prod" : {
+ "id": "http://www.egiz.gv.at/dynUI/general/auth/moasp/trust/authblock",
+ "type": "string",
+ "title": "TrustProfile AuthBlock"
+ },
+ "authblock.transform" : {
+ "id": "http://www.egiz.gv.at/dynUI/general/auth/moasp/authblock/transform",
+ "type": "string",
+ "title": "AuthBlock Transformation"
+ }
+ }
+ },
+ "certificate": {
+ "id": "http://www.egiz.gv.at/dynUI/general/auth/certificate",
+ "type": "object",
+ "title": "X509 validation",
+ "description": "Validation of X509 certificates",
+ "options": {
+ "collapsed": true
+ },
+ "properties": {
+ "certstore.url" : {
+ "id": "http://www.egiz.gv.at/dynUI/general/auth/certificate/certstore",
+ "type": "string",
+ "title": "CertStore URL (relative to MOA-ID config directory)"
+ },
+ "truststore.url" : {
+ "id": "http://www.egiz.gv.at/dynUI/general/auth/certificate/truststore",
+ "type": "string",
+ "title": "TrustStore URL (relative to MOA-ID config directory)"
+ },
+ "revocationchecking" : {
+ "id": "http://www.egiz.gv.at/dynUI/general/auth/certificate/revocationchecking",
+ "type": "boolean",
+ "format" : "checkbox",
+ "title": "Activate X509 certificate revocation check"
+ }
+ }
+ },
+ "services": {
+ "id": "http://www.egiz.gv.at/dynUI/general/auth/services",
+ "type": "object",
+ "title": "External services",
+ "description": "Configuration of externel services",
+ "options": {
+ "collapsed": true
+ },
+ "properties": {
+ "ovs.url" : {
+ "id": "http://www.egiz.gv.at/dynUI/general/auth/services/ovs/url",
+ "type": "string",
+ "format": "url",
+ "title": "URL to online mandate service (OVS)"
+ },
+ "szrgw.url" : {
+ "id": "http://www.egiz.gv.at/dynUI/general/auth/services/szrgw/url",
+ "type": "string",
+ "format": "url",
+ "title": "URL to Stammzahlenregistergateway (SZR-GW)"
+ }
+ }
+ },
+ "sso": {
+ "id": "http://www.egiz.gv.at/dynUI/general/auth/sso",
+ "type": "object",
+ "title": "SSO Configuration",
+ "description": "Single Sign-On authentication",
+ "options": {
+ "collapsed": true
+ },
+ "properties": {
+ "servicename" : {
+ "id": "http://www.egiz.gv.at/dynUI/general/auth/sso/idpname",
+ "type": "string",
+ "title": "Service name"
+ },
+ "target" : {
+ "id": "http://www.egiz.gv.at/dynUI/general/auth/sso/target",
+ "type": "string",
+ "title": "Service Target"
+ },
+ "authblock.text" : {
+ "id": "http://www.egiz.gv.at/dynUI/general/auth/sso/authblocktext",
+ "type": "string",
+ "format": "textarea",
+ "title": "AuthBlock Text"
+ }
+ }
+ }
+ }
+ },
+ "reversion.log": {
+ "id": "http://www.egiz.gv.at/dynUI/general/reversion/log",
+ "type": "object",
+ "title": "Revisions-Logging",
+ "description": "General Revision-Logging",
+ "options": {
+ "collapsed": true
+ },
+ "properties": {
+ "eventcodes": {
+ "id": "http://www.egiz.gv.at/dynUI/general/reversion/log/eventcodes",
+ "type": "string",
+ "title": "EventCodes (CSV)"
+ }
+ }
+ },
+ "protocols": {
+ "id": "http://www.egiz.gv.at/dynUI/general/protocols",
+ "type": "object",
+ "title": "Protocols",
+ "description": "Authentication protocol configuration",
+ "options": {
+ "collapsed": true
+ },
+ "properties": {
+ "saml1": {
+ "id": "http://www.egiz.gv.at/dynUI/general/protocols/saml1",
+ "type": "object",
+ "title": "SAML1 Configuration",
+ "description": "SAML1 authentication protocol",
+ "options": {
+ "collapsed": true
+ },
+ "properties": {
+ "enabled" : {
+ "id": "http://www.egiz.gv.at/dynUI/general/protocols/saml1/enabled",
+ "type": "boolean",
+ "format" : "checkbox",
+ "title": "Enabled"
+ },
+ "legacy" : {
+ "id": "http://www.egiz.gv.at/dynUI/general/protocols/saml1/legacy",
+ "type": "boolean",
+ "format" : "checkbox",
+ "title": "Legacy mode enabled"
+ },
+ "sourceID" : {
+ "id": "http://www.egiz.gv.at/dynUI/general/protocols/saml1/sourceid",
+ "type": "string",
+ "title": "SourceID"
+ }
+ }
+ },
+ "pvp2x": {
+ "id": "http://www.egiz.gv.at/dynUI/general/protocols/pvp2x",
+ "type": "object",
+ "title": "PVP Configuration",
+ "description": "PVP 2.x authentication protocol",
+ "options": {
+ "collapsed": true
+ },
+ "properties": {
+ "enabled" : {
+ "id": "http://www.egiz.gv.at/dynUI/general/protocols/pvp2x/enabled",
+ "type": "boolean",
+ "format" : "checkbox",
+ "title": "Enabled"
+ },
+ "legacy" : {
+ "id": "http://www.egiz.gv.at/dynUI/general/protocols/pvp2/legacyx",
+ "type": "boolean",
+ "format" : "checkbox",
+ "title": "Legacy mode enabled"
+ },
+ "metadata" : {
+ "id": "http://www.egiz.gv.at/dynUI/general/protocols/pvp2x/metadata",
+ "type": "object",
+ "title": "Metadata",
+ "description": "PVP 2.x Metadata configuration",
+ "options": {
+ "collapsed": true
+ },
+ "properties": {
+ "servicename" : {
+ "id": "http://www.egiz.gv.at/dynUI/general/protocols/pvp2x/metadata/servicename",
+ "type": "string",
+ "title": "Service Name"
+ },
+ "org.name.short" : {
+ "id": "http://www.egiz.gv.at/dynUI/general/protocols/pvp2x/metadata/org/name/short",
+ "type": "string",
+ "title": "Organisation - Short name"
+ },
+ "org.name.full" : {
+ "id": "http://www.egiz.gv.at/dynUI/general/protocols/pvp2x/metadata/org/name/full",
+ "type": "string",
+ "title": "Organisation - Full name"
+ },
+ "org.url" : {
+ "id": "http://www.egiz.gv.at/dynUI/general/protocols/pvp2x/metadata/org/url",
+ "type": "string",
+ "format": "url",
+ "title": "Organisation - URL"
+ },
+ "contact.givenname" : {
+ "id": "http://www.egiz.gv.at/dynUI/general/protocols/pvp2x/metadata/contact/givenname",
+ "type": "string",
+ "title": "Contact - Givenname"
+ },
+ "contact.familyname" : {
+ "id": "http://www.egiz.gv.at/dynUI/general/protocols/pvp2x/metadata/contact/familyname",
+ "type": "string",
+ "title": "Contact - Familyname"
+ },
+ "contact.company" : {
+ "id": "http://www.egiz.gv.at/dynUI/general/protocols/pvp2x/metadata/contact/company",
+ "type": "string",
+ "title": "Contact - Company"
+ },
+ "contact.mail" : {
+ "id": "http://www.egiz.gv.at/dynUI/general/protocols/pvp2x/metadata/contact/mail",
+ "type": "string",
+ "format": "email",
+ "title": "Contact - Mail"
+ },
+ "contact.phone" : {
+ "id": "http://www.egiz.gv.at/dynUI/general/protocols/pvp2x/metadata/contact/phone",
+ "type": "string",
+ "format": "tel",
+ "title": "Contact - phone"
+ },
+ "contact.type" : {
+ "id": "http://www.egiz.gv.at/dynUI/general/protocols/pvp2x/metadata/contact/type",
+ "type": "string",
+ "title": "Contact - Type",
+ "enum": [
+ "technical",
+ "support",
+ "administrative",
+ "billing",
+ "other"
+ ]
+ }
+ }
+ }
+ }
+ },
+ "openID": {
+ "id": "http://www.egiz.gv.at/dynUI/general/protocols/openid",
+ "type": "object",
+ "title": "OpenID Connect Configuration",
+ "description": "OpenID Connect authentication protocol",
+ "options": {
+ "collapsed": true
+ },
+ "properties": {
+ "enabled" : {
+ "id": "http://www.egiz.gv.at/dynUI/general/protocols/openid/enabled",
+ "type": "boolean",
+ "format" : "checkbox",
+ "title": "Enabled"
+ }
+ }
+ }
+ }
+ },
+ "auth.stork": {
+ "id": "http://www.egiz.gv.at/dynUI/general/auth/stork",
+ "type": "object",
+ "title": "STORK",
+ "description": "STORK cross boarder eID",
+ "options": {
+ "collapsed": true
+ },
+ "properties": {
+ "qaa": {
+ "id": "http://www.egiz.gv.at/dynUI/general/auth/stork/qaa",
+ "type": "integer",
+ "title": "Minimal QAA level"
+ },
+ "cpeps" : {
+ "type": "array",
+ "title": "C-PEPS services",
+ "format": "table",
+ "options": {
+ "collapsed": true
+ },
+ "items": {
+ "type": "object",
+ "properties": {
+ "countrycode": {
+ "type": "string",
+ "title": "CountryCode"
+ },
+ "url": {
+ "type": "string",
+ "format": "url",
+ "title": "URL"
+ },
+ "support.xmldsig": {
+ "type": "boolean",
+ "format": "checkbox",
+ "title": "XMLDsig supported"
+ }
+ }
+ }
+ },
+ "attributes" : {
+ "type": "array",
+ "title": "STORK attributes",
+ "format": "table",
+ "options": {
+ "collapsed": true
+ },
+ "items": {
+ "type": "object",
+ "properties": {
+ "friendlyname": {
+ "type": "string",
+ "title": "Attribute name"
+ },
+ "mandatory": {
+ "type": "boolean",
+ "format": "checkbox",
+ "title": "Mandatory"
+ }
+ }
+ }
+ }
+ }
+ },
+ "reversion.log": {
+ "id": "http://www.egiz.gv.at/dynUI/general/reversion/log",
+ "type": "object",
+ "title": "Revision Logging",
+ "description": "Default Revisions-Logging",
+ "options": {
+ "collapsed": true
+ },
+ "properties": {
+ "eventcodes": {
+ "id": "http://www.egiz.gv.at/dynUI/general/reversion/log/eventcodes",
+ "type": "string",
+ "title": "EventCodes (CSV)"
+ }
+ }
+ }
+ },
+ "required": ["publicURLPrefix"]
+}
diff --git a/id/moa-id-webgui/src/main/resources/gui/types/iidp.json b/id/moa-id-webgui/src/main/resources/gui/types/iidp.json
new file mode 100644
index 000000000..a42254c36
--- /dev/null
+++ b/id/moa-id-webgui/src/main/resources/gui/types/iidp.json
@@ -0,0 +1,124 @@
+{
+ "$schema": "http://json-schema.org/draft-04/schema#",
+ "id": "http://www.egiz.gv.at/dynUI/OA",
+ "typeName": "moaidiidp",
+ "type": "object",
+ "title": "Interfederation IDP",
+ "format": "tabs",
+ "properties": {
+ "isActive" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/isactive",
+ "type": "boolean",
+ "format" : "checkbox",
+ "title": "is Active"
+ },
+ "uniqueID": {
+ "id": "http://www.egiz.gv.at/dynUI/OA/uniqueId",
+ "type": "string",
+ "format": "url",
+ "title": "Unique Identifier (PublicURLPrefix)"
+ },
+ "friendlyName": {
+ "id": "http://www.egiz.gv.at/dynUI/OA/friendlyname",
+ "type": "string",
+ "title": "Friendlyname"
+ },
+ "businessservice" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/type",
+ "type": "boolean",
+ "format" : "checkbox",
+ "title": "Private Sector application"
+ },
+ "interfederation": {
+ "id": "http://www.egiz.gv.at/dynUI/OA/interfederation",
+ "type": "object",
+ "title": "PVP Gateway",
+ "description": "STORK<->PVP Gateway configuration",
+ "options": {
+ "collapsed": true
+ },
+ "properties": {
+ "SSO.inbound": {
+ "id": "http://www.egiz.gv.at/dynUI/OA/interfederation/sso/inbound",
+ "type": "boolean",
+ "format" : "checkbox",
+ "title": "Allow inbound SSO"
+ },
+ "SSO.outbound": {
+ "id": "http://www.egiz.gv.at/dynUI/OA/interfederation/sso/outbound",
+ "type": "boolean",
+ "format" : "checkbox",
+ "title": "Allow outbound SSO"
+ },
+ "SSO.store": {
+ "id": "http://www.egiz.gv.at/dynUI/OA/interfederation/sso/store",
+ "type": "boolean",
+ "format" : "checkbox",
+ "title": "Store SSO session"
+ },
+ "passiveReqeust": {
+ "id": "http://www.egiz.gv.at/dynUI/OA/interfederation/passiveReqeust",
+ "type": "boolean",
+ "format" : "checkbox",
+ "title": "Use SAML2 isPassive attribute"
+ },
+ "localAuthOnError": {
+ "id": "http://www.egiz.gv.at/dynUI/OA/interfederation/sso/localAuthOnError",
+ "type": "boolean",
+ "format" : "checkbox",
+ "title": "Local authentication in case of an error"
+ },
+ "attributequery.url": {
+ "id": "http://www.egiz.gv.at/dynUI/OA/interfederation/attributequery/url",
+ "type": "string",
+ "title": "AttributeQuery service URL"
+ }
+ }
+ },
+ "protocols": {
+ "id": "http://www.egiz.gv.at/dynUI/oa/protocols",
+ "type": "object",
+ "title": "Protocols",
+ "description": "Authentication protocol configuration",
+ "options": {
+ "collapsed": true
+ },
+ "properties": {
+ "pvp2x": {
+ "id": "http://www.egiz.gv.at/dynUI/oa/protocols/pvp2x",
+ "type": "object",
+ "title": "PVP Configuration",
+ "description": "PVP 2.x authentication protocol",
+ "options": {
+ "collapsed": true
+ },
+ "properties": {
+ "URL" : {
+ "id": "http://www.egiz.gv.at/dynUI/oa/protocols/pvp2x/metadata/url",
+ "type": "string",
+ "title": "Metadata URL"
+ },
+ "certificate": {
+ "id": "http://www.egiz.gv.at/dynUI/oa/protocols/pvp2x/metadata/certificate",
+ "type": "object",
+ "format": "file",
+ "title": "Metadata certificate",
+ "description": "Certificate for metadata signature validation",
+ "properties": {
+ "data" : {
+ "id": "http://www.egiz.gv.at/dynUI/oa/protocols/pvp2x/metadata/certificate/data",
+ "type": "string"
+ },
+ "preview" : {
+ "id": "http://www.egiz.gv.at/dynUI/oa/protocols/pvp2x/metadata/certificate/preview",
+ "type": "string"
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "required": ["uniqueID", "friendlyName"]
+}
diff --git a/id/moa-id-webgui/src/main/resources/gui/types/oa.json b/id/moa-id-webgui/src/main/resources/gui/types/oa.json
new file mode 100644
index 000000000..c22c2560c
--- /dev/null
+++ b/id/moa-id-webgui/src/main/resources/gui/types/oa.json
@@ -0,0 +1,702 @@
+{
+ "$schema": "http://json-schema.org/draft-04/schema#",
+ "id": "http://www.egiz.gv.at/dynUI/OA",
+ "typeName": "moaidoa",
+ "type": "object",
+ "title": "Online Application Configuration",
+ "format": "tabs",
+ "properties": {
+ "isActive" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/isactive",
+ "type": "boolean",
+ "format" : "checkbox",
+ "title": "is Active"
+ },
+ "uniqueID": {
+ "id": "http://www.egiz.gv.at/dynUI/OA/uniqueId",
+ "type": "string",
+ "format": "url",
+ "title": "Unique Identifier (PublicURLPrefix)"
+ },
+ "friendlyName": {
+ "id": "http://www.egiz.gv.at/dynUI/OA/friendlyname",
+ "type": "string",
+ "title": "Friendlyname"
+ },
+ "businessservice" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/type",
+ "type": "boolean",
+ "format" : "checkbox",
+ "title": "Private Sector application"
+ },
+ "auth.target": {
+ "id": "http://www.egiz.gv.at/dynUI/OA/target",
+ "type": "object",
+ "title": "Target definition",
+ "description": "bPK or wbPK target definitions",
+ "options": {
+ "collapsed": true
+ },
+ "properties": {
+ "public": {
+ "id": "http://www.egiz.gv.at/dynUI/OA/target/public",
+ "type": "object",
+ "title": "Public Sector definition",
+ "description": "bPK target definitions",
+ "options": {
+ "collapsed": true
+ },
+ "properties": {
+ "target" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/target/public/target",
+ "type": "string",
+ "title": "Target",
+ "enum": [
+ "AR",
+ "AS",
+ "BF",
+ "BW",
+ "EA",
+ "EF",
+ "GH",
+ "GS",
+ "JR",
+ "KL",
+ "KU",
+ "LF",
+ "LV",
+ "RT",
+ "SA",
+ "SF",
+ "SO",
+ "SV",
+ "UW",
+ "VT",
+ "VV",
+ "WT",
+ "ZP",
+ "BR",
+ "HR",
+ "KI",
+ "OI",
+ "PV",
+ "RD",
+ "VS",
+ "ZU"
+ ]
+ },
+ "use.sub" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/target/public/usesubtarget",
+ "type": "boolean",
+ "format" : "checkbox",
+ "title": "Use sub-target"
+ },
+ "target.sub" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/target/public/subtarget",
+ "type": "string",
+ "title": "Sub-Target"
+ },
+ "own" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/target/public/own",
+ "type": "object",
+ "title": "Own Target",
+ "description": "Own Target definition",
+ "options": {
+ "collapsed": true
+ },
+ "properties": {
+ "use" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/target/public/useowntarget",
+ "type": "boolean",
+ "format" : "checkbox",
+ "title": "Use own-target"
+ },
+ "target" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/target/public/owntarget",
+ "type": "string",
+ "title": "Own target"
+ },
+ "name" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/target/public/owntarget/friendlyname",
+ "type": "string",
+ "title": "Own target - friendlyname"
+ }
+ }
+ }
+ }
+ },
+ "business": {
+ "id": "http://www.egiz.gv.at/dynUI/OA/target/private",
+ "type": "object",
+ "title": "Private Sector definition",
+ "description": "wbPK target definitions",
+ "options": {
+ "collapsed": true
+ },
+ "properties": {
+ "type" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/target/private/type",
+ "type": "string",
+ "title": "Sector Type",
+ "enum": [
+ "FN",
+ "ZVR",
+ "ERSB",
+ "STORK"
+ ]
+ },
+ "value" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/target/private/value",
+ "type": "string",
+ "title": "Identifier"
+ }
+ }
+ }
+ }
+ },
+ "auth": {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth",
+ "type": "object",
+ "title": "Authentication",
+ "description": "Authentication configuration",
+ "options": {
+ "collapsed": true
+ },
+ "properties": {
+ "bku": {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/bku",
+ "type": "object",
+ "title": "BKU configuration",
+ "description": "Online application specific BKU communikation",
+ "options": {
+ "collapsed": true
+ },
+ "properties": {
+ "onlineBKU" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/bku/online",
+ "type": "string",
+ "title": "Online BKU"
+ },
+ "handyBKU" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/handy",
+ "type": "string",
+ "title": "Handy BKU"
+ },
+ "localBKU" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/bku/local",
+ "type": "string",
+ "title": "Local BKU"
+ },
+ "keyBoxIdentifier" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/bku/keyBoxIdentifier",
+ "type": "string",
+ "title": "KeyBoxIdentifier",
+ "enum": [
+ "SecureSignatureKeypair",
+ "CertifiedKeypair"
+ ]
+ },
+ "template": {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/bku/template",
+ "type": "object",
+ "title": "SecurityLayer Templates",
+ "description": "Online application specific SecurityLayer templates",
+ "options": {
+ "collapsed": true
+ },
+ "properties": {
+ "legacy" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/bku/template/legacy",
+ "type": "boolean",
+ "format" : "checkbox",
+ "title": "Activate Legacy Mode"
+ },
+ "first.url" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/first/url",
+ "type": "string",
+ "title": "First SL-Template"
+ },
+ "second.url" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/second/url",
+ "type": "string",
+ "title": "Second SL-Template"
+ },
+ "third.url" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/third/url",
+ "type": "string",
+ "title": "Third SL-Template"
+ }
+ }
+ }
+ }
+ },
+ "templates": {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/templates",
+ "type": "object",
+ "title": "BKU selection customization",
+ "description": "Customization of the BKU selection form",
+ "options": {
+ "collapsed": true
+ },
+ "properties": {
+ "customize": {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize",
+ "type": "object",
+ "title": "Customize default template",
+ "description": "Customization of the default template",
+ "options": {
+ "collapsed": true
+ },
+ "properties": {
+ "fonttype" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize/fonttype",
+ "type": "string",
+ "title": "Font Type"
+ },
+ "color.back" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize/color/back",
+ "type": "string",
+ "title": "Backcolor"
+ },
+ "color.front" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize/color/front",
+ "type": "string",
+ "title": "Frontcolor"
+ },
+ "header.color.back" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize/header/color/back",
+ "type": "string",
+ "title": "Header Backcolor"
+ },
+ "header.color.front" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize/header/color/front",
+ "type": "string",
+ "title": "Header Frontcolor"
+ },
+ "header.text" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize/header/text",
+ "type": "string",
+ "title": "Header Text"
+ },
+ "button.color.back.focus" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize/button/color/back/focus",
+ "type": "string",
+ "title": "Font Type"
+ },
+ "button.color.front" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize/button/color/front",
+ "type": "string",
+ "title": "Font Type"
+ },
+ "applet.redirecttarget" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize/applet/redirecttarget",
+ "type": "string",
+ "title": "Applet - Redirect Target",
+ "enum": [
+ "_parent",
+ "_blank",
+ "_self",
+ "_top"
+ ]
+ },
+ "applet.hight" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize/applet/hight",
+ "type": "string",
+ "title": "Applet - Hight"
+ },
+ "applet.width" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize/applet/width",
+ "type": "string",
+ "title": "Applet - Width"
+ }
+ }
+ },
+ "bkuselection": {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/bkuselection",
+ "type": "object",
+ "format": "file",
+ "title": "BKU selection template",
+ "description": "Applicatio specific BKU selection template",
+ "properties": {
+ "data" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/bkuselection/data",
+ "type": "string"
+ },
+ "preview" : {
+ "id": "http://www.egiz.gv.at/dynUIOA/auth/template/bkuselection/preview",
+ "type": "string"
+ },
+ "filename" : {
+ "id": "http://www.egiz.gv.at/dynUIOA/auth/template/bkuselection/filename",
+ "type": "string"
+ }
+ }
+ },
+ "bkuselection.delete": {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/bkuselection/delete",
+ "type": "boolean",
+ "format" : "checkbox",
+ "title": "Delete BKUSelection Template"
+ },
+ "sendAssertion": {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/sendAssertion",
+ "type": "object",
+ "format": "file",
+ "title": "SendAssertion selection template",
+ "description": "Applicatio specific SendAssertion template",
+ "properties": {
+ "data" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/sendAssertion/data",
+ "type": "string"
+ },
+ "preview" : {
+ "id": "http://www.egiz.gv.at/dynUIOA/auth/template/sendAssertion/preview",
+ "type": "string"
+ },
+ "filename" : {
+ "id": "http://www.egiz.gv.at/dynUIOA/auth/template/sendAssertion/filename",
+ "type": "string"
+ }
+ }
+ },
+ "sendAssertion.delete": {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/bkuselection/delete",
+ "type": "boolean",
+ "format" : "checkbox",
+ "title": "Delete SendAssertion Template"
+ }
+ }
+ },
+ "authblock": {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/authblock",
+ "type": "object",
+ "title": "AuthBlock configuration",
+ "description": "Online application specific AuthBlock configuration",
+ "options": {
+ "collapsed": true
+ },
+ "properties": {
+ "removebPK" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/authblock/removebpk",
+ "type": "boolean",
+ "format" : "checkbox",
+ "title": "Remove bPK/wbPK"
+ },
+ "additionaltext" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/authblock/text",
+ "type": "string",
+ "format": "textarea",
+ "title": "Additional AuthBlock Text"
+ }
+ }
+ },
+ "testcredentials": {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/testcredentials",
+ "type": "object",
+ "title": "Test identities",
+ "description": "Test identities configuration",
+ "options": {
+ "collapsed": true
+ },
+ "properties": {
+ "enabled" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/testcredentials/enabled",
+ "type": "boolean",
+ "format" : "checkbox",
+ "title": "Enable test identities"
+ },
+ "oids" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/testcredentials/oids",
+ "type": "string",
+ "title": "Allowed test-identity OIDs"
+ }
+ }
+ },
+ "mandates.ovs": {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/mandates",
+ "type": "object",
+ "title": "Mandates",
+ "description": "Online mandate configuration",
+ "options": {
+ "collapsed": true
+ },
+ "properties": {
+ "use" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/mandates/use",
+ "type": "boolean",
+ "format" : "checkbox",
+ "title": "Mandates (yes/no)"
+ },
+ "only" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/mandates/only",
+ "type": "boolean",
+ "format" : "checkbox",
+ "title": "Only mandates allowed"
+ },
+ "profiles" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/mandates/profiles",
+ "type": "string",
+ "title": "Allowed mandated profiles"
+ }
+ }
+ },
+ "sso": {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/sso",
+ "type": "object",
+ "title": "Single Sign-On (SSO)",
+ "description": "Single Sign-On configuration",
+ "options": {
+ "collapsed": true
+ },
+ "properties": {
+ "enabled" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/sso/enabled",
+ "type": "boolean",
+ "format" : "checkbox",
+ "title": "Single Sign-On (yes/no)"
+ },
+ "userRequest" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/sso/sendassertionrequest",
+ "type": "boolean",
+ "format" : "checkbox",
+ "title": "Additional Userrequest"
+ }
+ }
+ },
+ "stork": {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/stork",
+ "type": "object",
+ "title": "STORK",
+ "description": "STORK configuration",
+ "options": {
+ "collapsed": true
+ },
+ "properties": {
+ "enabled" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/stork/enabled",
+ "type": "boolean",
+ "format" : "checkbox",
+ "title": "Enable STORK logon"
+ },
+ "minqaalevel" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/stork/minqaa",
+ "type": "string",
+ "title": "Minimum QAA Level",
+ "enum": [
+ "4",
+ "3",
+ "2",
+ "1"
+ ]
+ },
+ "countries" : {
+ "type": "array",
+ "title": "Countries",
+ "format": "table",
+ "options": {
+ "collapsed": true,
+ "disable_array_add": true,
+ "disable_array_delete": true,
+ "disable_array_reorder": true
+ },
+ "items": {
+ "type": "object",
+ "properties": {
+ "countrycode": {
+ "type": "string",
+ "readOnly": true,
+ "title": "CountryCode"
+ },
+ "enabled": {
+ "type": "boolean",
+ "format": "checkbox",
+ "title": "Enabled"
+ }
+ }
+ }
+ },
+ "attributes" : {
+ "type": "array",
+ "title": "Attributes",
+ "format": "table",
+ "options": {
+ "collapsed": true,
+ "disable_array_add": true,
+ "disable_array_delete": true,
+ "disable_array_reorder": true
+ },
+ "items": {
+ "type": "object",
+ "properties": {
+ "name": {
+ "type": "string",
+ "readOnly": true,
+ "title": "CountryCode"
+ },
+ "requested": {
+ "type": "boolean",
+ "format": "checkbox",
+ "title": "Requested"
+ },
+ "mandatory": {
+ "type": "boolean",
+ "format": "checkbox",
+ "title": "Mandatory"
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "reversion.log": {
+ "id": "http://www.egiz.gv.at/dynUI/oa/reversion/log",
+ "type": "object",
+ "title": "Revisions-Logging",
+ "description": "Service specific Revision-Logging",
+ "options": {
+ "collapsed": true
+ },
+ "properties": {
+ "enabled": {
+ "id": "http://www.egiz.gv.at/dynUI/oa/reversion/log/enabled",
+ "type": "boolean",
+ "format" : "checkbox",
+ "title": "Enabled"
+ },
+ "eventcodes": {
+ "id": "http://www.egiz.gv.at/dynUI/oa/reversion/log/eventcodes",
+ "type": "string",
+ "title": "EventCodes (CSV)"
+ }
+ }
+ },
+ "protocols": {
+ "id": "http://www.egiz.gv.at/dynUI/oa/protocols",
+ "type": "object",
+ "title": "Protocols",
+ "description": "Authentication protocol configuration",
+ "options": {
+ "collapsed": true
+ },
+ "properties": {
+ "saml1": {
+ "id": "http://www.egiz.gv.at/dynUI/oa/protocols/saml1",
+ "type": "object",
+ "title": "SAML1 Configuration",
+ "description": "SAML1 authentication protocol",
+ "options": {
+ "collapsed": true
+ },
+ "properties": {
+ "enabled" : {
+ "id": "http://www.egiz.gv.at/dynUI/oa/protocols/saml1/enabled",
+ "type": "boolean",
+ "format" : "checkbox",
+ "title": "Enabled"
+ },
+ "idl" : {
+ "id": "http://www.egiz.gv.at/dynUI/oa/protocols/saml1/idl",
+ "type": "boolean",
+ "format" : "checkbox",
+ "title": "IdentityLink"
+ },
+ "baseid" : {
+ "id": "http://www.egiz.gv.at/dynUI/oa/protocols/saml1/baseid",
+ "type": "boolean",
+ "format" : "checkbox",
+ "title": "BaseID"
+ },
+ "authblock" : {
+ "id": "http://www.egiz.gv.at/dynUI/oa/protocols/saml1/authblock",
+ "type": "boolean",
+ "format" : "checkbox",
+ "title": "AuthBlock"
+ },
+ "certificate" : {
+ "id": "http://www.egiz.gv.at/dynUI/oa/protocols/saml1/certificate",
+ "type": "boolean",
+ "format" : "checkbox",
+ "title": "Signer Certificate"
+ },
+ "mandate" : {
+ "id": "http://www.egiz.gv.at/dynUI/oa/protocols/saml1/mandate",
+ "type": "boolean",
+ "format" : "checkbox",
+ "title": "Full mandate"
+ },
+ "returnError" : {
+ "id": "http://www.egiz.gv.at/dynUI/oa/protocols/saml1/returnError",
+ "type": "boolean",
+ "format" : "checkbox",
+ "title": "Return Errors to Application"
+ }
+ }
+ },
+ "pvp2x": {
+ "id": "http://www.egiz.gv.at/dynUI/oa/protocols/pvp2x",
+ "type": "object",
+ "title": "PVP Configuration",
+ "description": "PVP 2.x authentication protocol",
+ "options": {
+ "collapsed": true
+ },
+ "properties": {
+ "URL" : {
+ "id": "http://www.egiz.gv.at/dynUI/oa/protocols/pvp2x/metadata/url",
+ "type": "string",
+ "title": "Metadata URL"
+ },
+ "certificate": {
+ "id": "http://www.egiz.gv.at/dynUI/oa/protocols/pvp2x/metadata/certificate",
+ "type": "object",
+ "format": "file",
+ "title": "Metadata certificate",
+ "description": "Certificate for metadata signature validation",
+ "properties": {
+ "data" : {
+ "id": "http://www.egiz.gv.at/dynUI/oa/protocols/pvp2x/metadata/certificate/data",
+ "type": "string"
+ },
+ "preview" : {
+ "id": "http://www.egiz.gv.at/dynUI/oa/protocols/pvp2x/metadata/certificate/preview",
+ "type": "string"
+ }
+ }
+ }
+ }
+ },
+ "openID" : {
+ "id": "http://www.egiz.gv.at/dynUI/oa/protocols/openid",
+ "type": "object",
+ "title": "OpenID Connect Configuration",
+ "description": "OpenID Connect authentication protocol",
+ "options": {
+ "collapsed": true
+ },
+ "properties": {
+ "clientID" : {
+ "id": "http://www.egiz.gv.at/dynUI/oa/protocols/openid/clientid",
+ "type": "string",
+ "readOnly" : true,
+ "title": "Client-ID"
+ },
+ "secret" : {
+ "id": "http://www.egiz.gv.at/dynUI/oa/protocols/openid/clientsecret",
+ "type": "string",
+ "readOnly" : true,
+ "title": "Client-Secret"
+ },
+ "redirectURL" : {
+ "id": "http://www.egiz.gv.at/dynUI/oa/protocols/openid/redirectURL",
+ "type": "string",
+ "title": "Client-Secret"
+ }
+ }
+ }
+ }
+ }
+ },
+ "required": ["uniqueID", "friendlyName"]
+}
diff --git a/id/moa-id-webgui/src/main/resources/gui/types/vidp.json b/id/moa-id-webgui/src/main/resources/gui/types/vidp.json
new file mode 100644
index 000000000..1fc2601df
--- /dev/null
+++ b/id/moa-id-webgui/src/main/resources/gui/types/vidp.json
@@ -0,0 +1,371 @@
+{
+ "$schema": "http://json-schema.org/draft-04/schema#",
+ "id": "http://www.egiz.gv.at/dynUI/OA",
+ "typeName": "moaidvidp",
+ "type": "object",
+ "title": "STORK V-IDP",
+ "format": "tabs",
+ "properties": {
+ "isActive" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/isactive",
+ "type": "boolean",
+ "format" : "checkbox",
+ "title": "is Active"
+ },
+ "uniqueID": {
+ "id": "http://www.egiz.gv.at/dynUI/OA/uniqueId",
+ "type": "string",
+ "format": "url",
+ "title": "Unique Identifier (PublicURLPrefix)"
+ },
+ "friendlyName": {
+ "id": "http://www.egiz.gv.at/dynUI/OA/friendlyname",
+ "type": "string",
+ "title": "Friendlyname"
+ },
+ "businessservice" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/type",
+ "type": "boolean",
+ "format" : "checkbox",
+ "title": "Private Sector application"
+ },
+ "auth.target": {
+ "id": "http://www.egiz.gv.at/dynUI/OA/target",
+ "type": "object",
+ "title": "Target definition",
+ "description": "bPK or wbPK target definitions",
+ "options": {
+ "collapsed": true
+ },
+ "properties": {
+ "business": {
+ "id": "http://www.egiz.gv.at/dynUI/OA/target/private",
+ "type": "object",
+ "title": "Private Sector definition",
+ "description": "wbPK target definitions",
+ "options": {
+ "collapsed": true
+ },
+ "properties": {
+ "type" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/target/private/type",
+ "type": "string",
+ "title": "Sector Type",
+ "enum": [
+ "FN",
+ "ZVR",
+ "ERSB",
+ "STORK"
+ ]
+ },
+ "value" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/target/private/value",
+ "type": "string",
+ "title": "Identifier"
+ }
+ }
+ }
+ }
+ },
+ "auth": {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth",
+ "type": "object",
+ "title": "Authentication",
+ "description": "Authentication configuration",
+ "options": {
+ "collapsed": true
+ },
+ "properties": {
+ "bku": {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/bku",
+ "type": "object",
+ "title": "BKU configuration",
+ "description": "Online application specific BKU communikation",
+ "options": {
+ "collapsed": true
+ },
+ "properties": {
+ "onlineBKU" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/bku/online",
+ "type": "string",
+ "title": "Online BKU"
+ },
+ "handyBKU" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/handy",
+ "type": "string",
+ "title": "Handy BKU"
+ },
+ "localBKU" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/bku/local",
+ "type": "string",
+ "title": "Local BKU"
+ },
+ "keyBoxIdentifier" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/bku/keyBoxIdentifier",
+ "type": "string",
+ "title": "KeyBoxIdentifier",
+ "enum": [
+ "SecureSignatureKeypair",
+ "CertifiedKeypair"
+ ]
+ },
+ "template": {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/bku/template",
+ "type": "object",
+ "title": "SecurityLayer Templates",
+ "description": "Online application specific SecurityLayer templates",
+ "options": {
+ "collapsed": true
+ },
+ "properties": {
+ "legacy" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/bku/template/legacy",
+ "type": "boolean",
+ "format" : "checkbox",
+ "title": "Activate Legacy Mode"
+ },
+ "first.url" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/first/url",
+ "type": "string",
+ "title": "First SL-Template"
+ },
+ "second.url" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/second/url",
+ "type": "string",
+ "title": "Second SL-Template"
+ },
+ "third.url" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/third/url",
+ "type": "string",
+ "title": "Third SL-Template"
+ }
+ }
+ }
+ }
+ },
+ "templates": {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/templates",
+ "type": "object",
+ "title": "BKU selection customization",
+ "description": "Customization of the BKU selection form",
+ "options": {
+ "collapsed": true
+ },
+ "properties": {
+ "customize": {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize",
+ "type": "object",
+ "title": "Customize default template",
+ "description": "Customization of the default template",
+ "options": {
+ "collapsed": true
+ },
+ "properties": {
+ "fonttype" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize/fonttype",
+ "type": "string",
+ "title": "Font Type"
+ },
+ "color.back" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize/color/back",
+ "type": "string",
+ "title": "Backcolor"
+ },
+ "color.front" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize/color/front",
+ "type": "string",
+ "title": "Frontcolor"
+ },
+ "header.color.back" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize/header/color/back",
+ "type": "string",
+ "title": "Header Backcolor"
+ },
+ "header.color.front" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize/header/color/front",
+ "type": "string",
+ "title": "Header Frontcolor"
+ },
+ "header.text" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize/header/text",
+ "type": "string",
+ "title": "Header Text"
+ },
+ "button.color.back.focus" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize/button/color/back/focus",
+ "type": "string",
+ "title": "Font Type"
+ },
+ "button.color.front" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize/button/color/front",
+ "type": "string",
+ "title": "Font Type"
+ },
+ "applet.redirecttarget" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize/applet/redirecttarget",
+ "type": "string",
+ "title": "Applet - Redirect Target",
+ "enum": [
+ "_parent",
+ "_blank",
+ "_self",
+ "_top"
+ ]
+ },
+ "applet.hight" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize/applet/hight",
+ "type": "string",
+ "title": "Applet - Hight"
+ },
+ "applet.width" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize/applet/width",
+ "type": "string",
+ "title": "Applet - Width"
+ }
+ }
+ },
+ "bkuselection": {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/bkuselection",
+ "type": "object",
+ "format": "file",
+ "title": "BKU selection template",
+ "description": "Applicatio specific BKU selection template",
+ "properties": {
+ "data" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/bkuselection/data",
+ "type": "string"
+ },
+ "preview" : {
+ "id": "http://www.egiz.gv.at/dynUIOA/auth/template/bkuselection/preview",
+ "type": "string"
+ },
+ "filename" : {
+ "id": "http://www.egiz.gv.at/dynUIOA/auth/template/bkuselection/filename",
+ "type": "string"
+ }
+ }
+ },
+ "sendAssertion": {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/sendAssertion",
+ "type": "object",
+ "format": "file",
+ "title": "SendAssertion selection template",
+ "description": "Applicatio specific SendAssertion template",
+ "properties": {
+ "data" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/sendAssertion/data",
+ "type": "string"
+ },
+ "preview" : {
+ "id": "http://www.egiz.gv.at/dynUIOA/auth/template/sendAssertion/preview",
+ "type": "string"
+ },
+ "filename" : {
+ "id": "http://www.egiz.gv.at/dynUIOA/auth/template/sendAssertion/filename",
+ "type": "string"
+ }
+ }
+ }
+ }
+ },
+ "authblock": {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/authblock",
+ "type": "object",
+ "title": "AuthBlock configuration",
+ "description": "Online application specific AuthBlock configuration",
+ "options": {
+ "collapsed": true
+ },
+ "properties": {
+ "removebPK" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/authblock/removebpk",
+ "type": "boolean",
+ "format" : "checkbox",
+ "title": "Remove bPK/wbPK"
+ },
+ "additionaltext" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/authblock/text",
+ "type": "string",
+ "format": "textarea",
+ "title": "Additional AuthBlock Text"
+ }
+ }
+ },
+ "testcredentials": {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/testcredentials",
+ "type": "object",
+ "title": "Test identities",
+ "description": "Test identities configuration",
+ "options": {
+ "collapsed": true
+ },
+ "properties": {
+ "enabled" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/testcredentials/enabled",
+ "type": "boolean",
+ "format" : "checkbox",
+ "title": "Enable test identities"
+ },
+ "oids" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/testcredentials/oids",
+ "type": "string",
+ "title": "Allowed test-identity OIDs"
+ }
+ }
+ },
+ "stork": {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/stork",
+ "type": "object",
+ "title": "STORK",
+ "description": "STORK configuration",
+ "options": {
+ "collapsed": true
+ },
+ "properties": {
+ "requireConsent" : {
+ "id": "http://www.egiz.gv.at/dynUI/OA/auth/stork/requireConsent",
+ "type": "boolean",
+ "format" : "checkbox",
+ "title": "Ask the user for attributes transfer consent"
+ },
+ "attributeprovider" : {
+ "type": "array",
+ "title": "Attribute-Provider Plug-ins",
+ "format": "table",
+ "options": {
+ "collapsed": true
+ },
+ "items": {
+ "type": "object",
+ "properties": {
+ "name": {
+ "type": "string",
+ "title": "Attribute Plug-in",
+ "enum": [
+ "StorkAttributeRequestProvider",
+ "EHvdAttributeProvider_deprecated",
+ "EHvdAttributeProvider",
+ "SignedDocAttributeRequestProvider",
+ "MandateAttributeRequestProvider",
+ "PVPAuthenticationProvider"
+ ]
+ },
+ "url": {
+ "type": "string",
+ "format": "url",
+ "title": "URL"
+ },
+ "attributes": {
+ "type": "string",
+ "title": "Attribute (CSV)"
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "required": ["uniqueID", "friendlyName"]
+}
diff --git a/id/moa-id-webgui/src/main/resources/moaid.webgui.beans.xml b/id/moa-id-webgui/src/main/resources/moaid.webgui.beans.xml
new file mode 100644
index 000000000..0ee7ac89c
--- /dev/null
+++ b/id/moa-id-webgui/src/main/resources/moaid.webgui.beans.xml
@@ -0,0 +1,24 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:context="http://www.springframework.org/schema/context"
+ xmlns:tx="http://www.springframework.org/schema/tx"
+ xmlns:aop="http://www.springframework.org/schema/aop"
+ xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd
+ http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+ http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
+ http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd">
+
+ <bean id="moaidconfigurationmodul" class="at.gv.egovernment.moa.id.config.webgui.MOAIDConfigurationModul">
+ <!-- <property name="databaseConfiguration" ref="moaidconfig"/> -->
+ </bean>
+
+ <bean id="moaidConfigurationValidiation" class="at.gv.egovernment.moa.id.config.webgui.validation.MOAIDConfigurationValidator">
+ <!-- <property name="databaseConfiguration" ref="moaidconfig"/> -->
+ </bean>
+
+ <bean id="moaidServiceGeneralInfoTask" class="at.gv.egovernment.moa.id.config.webgui.validation.task.impl.ServicesGeneralInformationTask">
+ <!-- <property name="databaseConfiguration" ref="moaidconfig"/> -->
+ </bean>
+
+</beans> \ No newline at end of file