diff options
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/SelectBKUServlet.java')
-rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/SelectBKUServlet.java | 184 |
1 files changed, 184 insertions, 0 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/SelectBKUServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/SelectBKUServlet.java new file mode 100644 index 000000000..d544e2f85 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/SelectBKUServlet.java @@ -0,0 +1,184 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.id.auth.servlet; + +import java.io.IOException; +import java.io.OutputStreamWriter; +import java.io.Writer; + +import javax.servlet.ServletConfig; +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.apache.commons.lang.StringEscapeUtils; + +import at.gv.egovernment.moa.id.AuthenticationException; +import at.gv.egovernment.moa.id.auth.AuthenticationServer; +import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.auth.MOAIDAuthInitializer; +import at.gv.egovernment.moa.id.auth.WrongParametersException; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; +import at.gv.egovernment.moa.id.util.MOAIDMessageProvider; +import at.gv.egovernment.moa.id.util.ParamValidatorUtils; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.StringUtils; + +/** + * Servlet requested for selecting a BKU. + * <br>In case of {@link AuthConfigurationProvider#getBKUSelectionType}==HTMLComplete, + * the browser is redirected to the configured "BKU-Auswahl-URL". + * <br>In case of {@link AuthConfigurationProvider#getBKUSelectionType}==HTMLSelect, + * the list of available BKU's is fetched from a BKU-Auswahl server, and presented + * to the user in an HTML form. + * + * @author Paul Ivancsics + * @version $Id$ + */ +public class SelectBKUServlet extends AuthServlet { + + /** + * + */ + private static final long serialVersionUID = 4764993494204751296L; + +/** + * Calls the web application initializer. + * + * @see javax.servlet.Servlet#init(ServletConfig) + */ + public void init(ServletConfig servletConfig) throws ServletException { + try { + super.init(servletConfig); + MOAIDAuthInitializer.initialize(); + Logger.debug("default platform file.encoding: " + System.getProperty("file.encoding")); + Logger.info(MOAIDMessageProvider.getInstance().getMessage("init.00", null)); + } + catch (Exception ex) { + Logger.fatal(MOAIDMessageProvider.getInstance().getMessage("init.02", null), ex); + throw new ServletException(ex); + } + } + + /** + * Responds with an HTML form which requests the user to choose a BKU. + */ + protected void doGet(HttpServletRequest req, HttpServletResponse resp) + throws ServletException, IOException { + + Logger.debug("GET SelectBKU"); + + resp.setHeader(MOAIDAuthConstants.HEADER_EXPIRES,MOAIDAuthConstants.HEADER_VALUE_EXPIRES); + resp.setHeader(MOAIDAuthConstants.HEADER_PRAGMA,MOAIDAuthConstants.HEADER_VALUE_PRAGMA); + resp.setHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL); + resp.addHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL_IE); + + String authURL = req.getScheme() + "://" + req.getServerName(); + if ((req.getScheme().equalsIgnoreCase("https") && req.getServerPort()!=443) || (req.getScheme().equalsIgnoreCase("http") && req.getServerPort()!=80)) { + authURL = authURL.concat(":" + req.getServerPort()); + } + authURL = authURL.concat(req.getContextPath() + "/"); + + String target = req.getParameter(PARAM_TARGET); + String oaURL = req.getParameter(PARAM_OA); + String bkuSelectionTemplateURL = req.getParameter(PARAM_BKUTEMPLATE); + String templateURL = req.getParameter(PARAM_TEMPLATE); + + // escape parameter strings + target = StringEscapeUtils.escapeHtml(target); + oaURL = StringEscapeUtils.escapeHtml(oaURL); + templateURL = StringEscapeUtils.escapeHtml(templateURL); + bkuSelectionTemplateURL = StringEscapeUtils.escapeHtml(bkuSelectionTemplateURL); + + + resp.setHeader(HEADER_EXPIRES,HEADER_VALUE_EXPIRES); + resp.setHeader(HEADER_PRAGMA,HEADER_VALUE_PRAGMA); + resp.setHeader(HEADER_CACHE_CONTROL,HEADER_VALUE_CACHE_CONTROL); + resp.addHeader(HEADER_CACHE_CONTROL,HEADER_VALUE_CACHE_CONTROL_IE); + + try { + + // check parameter + if (!ParamValidatorUtils.isValidOA(oaURL)) + throw new WrongParametersException("SelectBKU", PARAM_OA, "auth.12"); + if (!ParamValidatorUtils.isValidTemplate(req, templateURL)) + throw new WrongParametersException("SelectBKU", PARAM_TEMPLATE, "auth.12"); + if (!ParamValidatorUtils.isValidTemplate(req, bkuSelectionTemplateURL)) + throw new WrongParametersException("SelectBKU", PARAM_TEMPLATE, "auth.12"); + + if (!ParamValidatorUtils.isValidTarget(target)) + throw new WrongParametersException("SelectBKU", PARAM_TARGET, "auth.12"); + + OAAuthParameter oaParam = + AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(oaURL); + if (oaParam == null) + throw new AuthenticationException("auth.00", new Object[] { oaURL }); + + // get target and target friendly name from config + String targetConfig = oaParam.getTarget(); + + String returnValue = null; + if (StringUtils.isEmpty(targetConfig)) { + // no target attribut is given in OA config + // target is used from request + // check parameter + if (!ParamValidatorUtils.isValidTarget(target)) + throw new WrongParametersException("StartAuthentication", PARAM_TARGET, "auth.12"); + + returnValue = AuthenticationServer.getInstance().selectBKU(authURL, target, oaURL, bkuSelectionTemplateURL, templateURL); + } + else { + // use target from config + returnValue = AuthenticationServer.getInstance().selectBKU(authURL, targetConfig, oaURL, bkuSelectionTemplateURL, templateURL); + } + + + String bkuSelectionType = AuthConfigurationProvider.getInstance().getBKUSelectionType(); + if (bkuSelectionType.equals(AuthConfigurationProvider.BKU_SELECTION_TYPE_HTMLCOMPLETE)) { + // bkuSelectionType==HTMLComplete + String redirectURL = returnValue; + resp.setContentType("text/html"); + resp.sendRedirect(redirectURL); + Logger.info("REDIRECT TO: " + redirectURL); + } else { + // bkuSelectionType==HTMLSelect + String htmlForm = returnValue; + resp.setContentType("text/html;charset=UTF-8"); + Logger.debug("HTML-Form: " + htmlForm); + Writer out = new OutputStreamWriter(resp.getOutputStream(), "UTF8"); + out.write(htmlForm); + out.flush(); + Logger.debug("Finished GET SelectBKU"); + } + } + catch (WrongParametersException ex) { + handleWrongParameters(ex, req, resp); + } + catch (Throwable ex) { + handleError(null, ex, req, resp); + } + } +} |