diff options
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyCertificateServlet.java')
| -rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyCertificateServlet.java | 470 |
1 files changed, 235 insertions, 235 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyCertificateServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyCertificateServlet.java index 2aa717a65..574452163 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyCertificateServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyCertificateServlet.java @@ -1,235 +1,235 @@ -/*******************************************************************************
- * Copyright 2014 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- ******************************************************************************/
-/*
- * Copyright 2003 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package at.gv.egovernment.moa.id.auth.servlet;
-
-import iaik.x509.X509Certificate;
-
-import java.io.IOException;
-import java.util.Map;
-
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.apache.commons.fileupload.FileUploadException;
-import org.apache.commons.lang.StringEscapeUtils;
-
-import at.gv.egovernment.moa.id.auth.AuthenticationServer;
-import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
-import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
-import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
-import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
-import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
-import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
-import at.gv.egovernment.moa.id.auth.modules.internal.tasks.VerifyCertificateTask;
-import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
-import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
-import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
-import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
-import at.gv.egovernment.moa.id.util.ServletUtils;
-import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.spss.util.CertificateUtils; -
-/**
- * Servlet requested for getting the foreign eID
- * provided by the security layer implementation.
- * Utilizes the {@link AuthenticationServer}.
- * @deprecated Use {@link VerifyCertificateTask} instead.
- *
- */
-public class VerifyCertificateServlet extends AuthServlet {
-
- /**
- *
- */
- private static final long serialVersionUID = -4110159749768152538L;
-
-/**
- * Constructor for VerifyCertificateServlet.
- */
- public VerifyCertificateServlet() {
- super();
- }
-
- /**
- * GET requested by security layer implementation to verify
- * that data URL resource is available.
- * @see javax.servlet.http.HttpServlet#doGet(HttpServletRequest, HttpServletResponse)
- */
- protected void doGet(HttpServletRequest req, HttpServletResponse resp)
- throws ServletException, IOException {
-
- Logger.debug("GET VerifyCertificateServlet");
-
- resp.setHeader(MOAIDAuthConstants.HEADER_EXPIRES,MOAIDAuthConstants.HEADER_VALUE_EXPIRES);
- resp.setHeader(MOAIDAuthConstants.HEADER_PRAGMA,MOAIDAuthConstants.HEADER_VALUE_PRAGMA);
- resp.setHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL);
- resp.addHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL_IE);
- }
-
- /**
- * Gets the signer certificate from the InfoboxReadRequest and
- * responds with a new
- * <code>CreateXMLSignatureRequest</code>.
- * <br>
- * Request parameters:
- * <ul>
- * <li>MOASessionID: ID of associated authentication session</li>
- * <li>XMLResponse: <code><InfoboxReadResponse></code></li>
- * </ul>
- * @see javax.servlet.http.HttpServlet#doPost(HttpServletRequest, HttpServletResponse)
- */
- protected void doPost(HttpServletRequest req, HttpServletResponse resp)
- throws ServletException, IOException {
-
- Logger.debug("POST VerifyCertificateServlet");
-
- Logger.warn(getClass().getName() + " is deprecated and should not be used any more.");
-
- resp.setHeader(MOAIDAuthConstants.HEADER_EXPIRES,MOAIDAuthConstants.HEADER_VALUE_EXPIRES);
- resp.setHeader(MOAIDAuthConstants.HEADER_PRAGMA,MOAIDAuthConstants.HEADER_VALUE_PRAGMA);
- resp.setHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL);
- resp.addHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL_IE);
-
- String pendingRequestID = null;
-
- Map<String, String> parameters;
- try
- {
- parameters = getParameters(req);
- } catch (FileUploadException e)
- {
- Logger.error("Parsing mulitpart/form-data request parameters failed: " + e.getMessage());
- throw new IOException(e.getMessage());
- }
- String sessionID = req.getParameter(PARAM_SESSIONID);
-
- // escape parameter strings
- sessionID = StringEscapeUtils.escapeHtml(sessionID);
-
- pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(sessionID);
-
- AuthenticationSession session = null;
- try {
- // check parameter
- if (!ParamValidatorUtils.isValidSessionID(sessionID))
- throw new WrongParametersException("VerifyCertificate", PARAM_SESSIONID, "auth.12");
-
- session = AuthenticationServer.getSession(sessionID);
-
- //change MOASessionID
- sessionID = AuthenticationSessionStoreage.changeSessionID(session);
-
- X509Certificate cert = AuthenticationServer.getInstance().getCertificate(sessionID, parameters);
- if (cert == null) {
- Logger.error("Certificate could not be read.");
- throw new AuthenticationException("auth.14", null);
- }
-
- boolean useMandate = session.getUseMandate();
-
-
- if (useMandate) {
-
- // verify certificate for OrganWalter
- String createXMLSignatureRequestOrRedirect = AuthenticationServer.getInstance().verifyCertificate(session, cert);
-
- try {
- AuthenticationSessionStoreage.storeSession(session);
- } catch (MOADatabaseException e) {
- throw new MOAIDException("session store error", null);
- }
-
- ServletUtils.writeCreateXMLSignatureRequestOrRedirect(resp, session, createXMLSignatureRequestOrRedirect, AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, "VerifyCertificate");
-
- }
- else {
-
- - String countrycode = CertificateUtils.getIssuerCountry(cert); - if (countrycode != null) { - if (countrycode.compareToIgnoreCase("AT") == 0) { - Logger.error("Certificate issuer country code is \"AT\". Login not support in foreign identities mode."); - throw new AuthenticationException("auth.22", null); - } - } - - // Foreign Identities Modus
- String createXMLSignatureRequest = AuthenticationServer.getInstance().createXMLSignatureRequestForeignID(session, cert);
- // build dataurl (to the GetForeignIDSerlvet)
- String dataurl =
- new DataURLBuilder().buildDataURL(
- session.getAuthURL(),
- REQ_GET_FOREIGN_ID,
- session.getSessionID());
-
- try {
- AuthenticationSessionStoreage.storeSession(session);
- } catch (MOADatabaseException e) {
- throw new MOAIDException("session store error", null);
- }
-
- ServletUtils.writeCreateXMLSignatureRequest(resp, createXMLSignatureRequest, AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, "GetForeignID", dataurl);
-
- Logger.debug("Send CreateXMLSignatureRequest to BKU");
- }
- }
- catch (MOAIDException ex) {
- handleError(null, ex, req, resp, pendingRequestID);
-
- } catch (Exception e) {
- Logger.error("CertificateValidation has an interal Error.", e);
- }
-
-
- finally {
- ConfigurationDBUtils.closeSession();
- }
- }
-
-
-}
+///*******************************************************************************
+// * Copyright 2014 Federal Chancellery Austria
+// * MOA-ID has been developed in a cooperation between BRZ, the Federal
+// * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+// *
+// * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+// * the European Commission - subsequent versions of the EUPL (the "Licence");
+// * You may not use this work except in compliance with the Licence.
+// * You may obtain a copy of the Licence at:
+// * http://www.osor.eu/eupl/
+// *
+// * Unless required by applicable law or agreed to in writing, software
+// * distributed under the Licence is distributed on an "AS IS" basis,
+// * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// * See the Licence for the specific language governing permissions and
+// * limitations under the Licence.
+// *
+// * This product combines work with different licenses. See the "NOTICE" text
+// * file for details on the various modules and licenses.
+// * The "NOTICE" text file is part of the distribution. Any derivative works
+// * that you distribute must include a readable copy of the "NOTICE" text file.
+// ******************************************************************************/
+///*
+// * Copyright 2003 Federal Chancellery Austria
+// * MOA-ID has been developed in a cooperation between BRZ, the Federal
+// * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+// *
+// * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+// * the European Commission - subsequent versions of the EUPL (the "Licence");
+// * You may not use this work except in compliance with the Licence.
+// * You may obtain a copy of the Licence at:
+// * http://www.osor.eu/eupl/
+// *
+// * Unless required by applicable law or agreed to in writing, software
+// * distributed under the Licence is distributed on an "AS IS" basis,
+// * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// * See the Licence for the specific language governing permissions and
+// * limitations under the Licence.
+// *
+// * This product combines work with different licenses. See the "NOTICE" text
+// * file for details on the various modules and licenses.
+// * The "NOTICE" text file is part of the distribution. Any derivative works
+// * that you distribute must include a readable copy of the "NOTICE" text file.
+// */
+//
+//
+//package at.gv.egovernment.moa.id.auth.servlet;
+//
+//import iaik.x509.X509Certificate;
+//
+//import java.io.IOException;
+//import java.util.Map;
+//
+//import javax.servlet.ServletException;
+//import javax.servlet.http.HttpServletRequest;
+//import javax.servlet.http.HttpServletResponse;
+//
+//import org.apache.commons.fileupload.FileUploadException;
+//import org.apache.commons.lang.StringEscapeUtils;
+//
+//import at.gv.egovernment.moa.id.auth.AuthenticationServer;
+//import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
+//import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
+//import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
+//import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
+//import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
+//import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
+//import at.gv.egovernment.moa.id.auth.modules.internal.tasks.VerifyCertificateTask;
+//import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
+//import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
+//import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
+//import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
+//import at.gv.egovernment.moa.id.util.ServletUtils;
+//import at.gv.egovernment.moa.logging.Logger;
+//import at.gv.egovernment.moa.spss.util.CertificateUtils; +//
+///**
+// * Servlet requested for getting the foreign eID
+// * provided by the security layer implementation.
+// * Utilizes the {@link AuthenticationServer}.
+// * @deprecated Use {@link VerifyCertificateTask} instead.
+// *
+// */
+//public class VerifyCertificateServlet extends AuthServlet {
+//
+// /**
+// *
+// */
+// private static final long serialVersionUID = -4110159749768152538L;
+//
+///**
+// * Constructor for VerifyCertificateServlet.
+// */
+// public VerifyCertificateServlet() {
+// super();
+// }
+//
+// /**
+// * GET requested by security layer implementation to verify
+// * that data URL resource is available.
+// * @see javax.servlet.http.HttpServlet#doGet(HttpServletRequest, HttpServletResponse)
+// */
+// protected void doGet(HttpServletRequest req, HttpServletResponse resp)
+// throws ServletException, IOException {
+//
+// Logger.debug("GET VerifyCertificateServlet");
+//
+// resp.setHeader(MOAIDAuthConstants.HEADER_EXPIRES,MOAIDAuthConstants.HEADER_VALUE_EXPIRES);
+// resp.setHeader(MOAIDAuthConstants.HEADER_PRAGMA,MOAIDAuthConstants.HEADER_VALUE_PRAGMA);
+// resp.setHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL);
+// resp.addHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL_IE);
+// }
+//
+// /**
+// * Gets the signer certificate from the InfoboxReadRequest and
+// * responds with a new
+// * <code>CreateXMLSignatureRequest</code>.
+// * <br>
+// * Request parameters:
+// * <ul>
+// * <li>MOASessionID: ID of associated authentication session</li>
+// * <li>XMLResponse: <code><InfoboxReadResponse></code></li>
+// * </ul>
+// * @see javax.servlet.http.HttpServlet#doPost(HttpServletRequest, HttpServletResponse)
+// */
+// protected void doPost(HttpServletRequest req, HttpServletResponse resp)
+// throws ServletException, IOException {
+//
+// Logger.debug("POST VerifyCertificateServlet");
+//
+// Logger.warn(getClass().getName() + " is deprecated and should not be used any more.");
+//
+// resp.setHeader(MOAIDAuthConstants.HEADER_EXPIRES,MOAIDAuthConstants.HEADER_VALUE_EXPIRES);
+// resp.setHeader(MOAIDAuthConstants.HEADER_PRAGMA,MOAIDAuthConstants.HEADER_VALUE_PRAGMA);
+// resp.setHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL);
+// resp.addHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL_IE);
+//
+// String pendingRequestID = null;
+//
+// Map<String, String> parameters;
+// try
+// {
+// parameters = getParameters(req);
+// } catch (FileUploadException e)
+// {
+// Logger.error("Parsing mulitpart/form-data request parameters failed: " + e.getMessage());
+// throw new IOException(e.getMessage());
+// }
+// String sessionID = req.getParameter(PARAM_SESSIONID);
+//
+// // escape parameter strings
+// sessionID = StringEscapeUtils.escapeHtml(sessionID);
+//
+// pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(sessionID);
+//
+// AuthenticationSession session = null;
+// try {
+// // check parameter
+// if (!ParamValidatorUtils.isValidSessionID(sessionID))
+// throw new WrongParametersException("VerifyCertificate", PARAM_SESSIONID, "auth.12");
+//
+// session = AuthenticationServer.getSession(sessionID);
+//
+// //change MOASessionID
+// sessionID = AuthenticationSessionStoreage.changeSessionID(session);
+//
+// X509Certificate cert = AuthenticationServer.getInstance().getCertificate(sessionID, parameters);
+// if (cert == null) {
+// Logger.error("Certificate could not be read.");
+// throw new AuthenticationException("auth.14", null);
+// }
+//
+// boolean useMandate = session.getUseMandate();
+//
+//
+// if (useMandate) {
+//
+// // verify certificate for OrganWalter
+// String createXMLSignatureRequestOrRedirect = AuthenticationServer.getInstance().verifyCertificate(session, cert);
+//
+// try {
+// AuthenticationSessionStoreage.storeSession(session);
+// } catch (MOADatabaseException e) {
+// throw new MOAIDException("session store error", null);
+// }
+//
+// ServletUtils.writeCreateXMLSignatureRequestOrRedirect(resp, session, createXMLSignatureRequestOrRedirect, AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, "VerifyCertificate");
+//
+// }
+// else {
+//
+// +// String countrycode = CertificateUtils.getIssuerCountry(cert); +// if (countrycode != null) { +// if (countrycode.compareToIgnoreCase("AT") == 0) { +// Logger.error("Certificate issuer country code is \"AT\". Login not support in foreign identities mode."); +// throw new AuthenticationException("auth.22", null); +// } +// } +// +// // Foreign Identities Modus
+// String createXMLSignatureRequest = AuthenticationServer.getInstance().createXMLSignatureRequestForeignID(session, cert);
+// // build dataurl (to the GetForeignIDSerlvet)
+// String dataurl =
+// new DataURLBuilder().buildDataURL(
+// session.getAuthURL(),
+// REQ_GET_FOREIGN_ID,
+// session.getSessionID());
+//
+// try {
+// AuthenticationSessionStoreage.storeSession(session);
+// } catch (MOADatabaseException e) {
+// throw new MOAIDException("session store error", null);
+// }
+//
+// ServletUtils.writeCreateXMLSignatureRequest(resp, createXMLSignatureRequest, AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, "GetForeignID", dataurl);
+//
+// Logger.debug("Send CreateXMLSignatureRequest to BKU");
+// }
+// }
+// catch (MOAIDException ex) {
+// handleError(null, ex, req, resp, pendingRequestID);
+//
+// } catch (Exception e) {
+// Logger.error("CertificateValidation has an interal Error.", e);
+// }
+//
+//
+// finally {
+// ConfigurationDBUtils.closeSession();
+// }
+// }
+//
+//
+//}
|