diff options
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java')
-rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java | 422 |
1 files changed, 207 insertions, 215 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java index d3e340a90..fff019ae7 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java @@ -1,12 +1,6 @@ package at.gv.egovernment.moa.id.config.auth; -import java.io.File; -import java.io.FileInputStream; -import java.io.FileNotFoundException; -import java.io.IOException; import java.net.MalformedURLException; -import java.net.URI; -import java.net.URISyntaxException; import java.net.URL; import java.util.ArrayList; import java.util.Arrays; @@ -20,6 +14,11 @@ import java.util.Properties; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.transaction.annotation.Transactional; +import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration; +import at.gv.egiz.eaaf.core.exceptions.EAAFConfigurationException; +import at.gv.egiz.eaaf.core.exceptions.EAAFException; +import at.gv.egiz.eaaf.core.impl.idp.conf.SPConfigurationImpl; +import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils; import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; import at.gv.egovernment.moa.id.commons.MOAIDConstants; import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; @@ -35,7 +34,6 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.MOASP; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OnlineApplication; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.SecurityLayer; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.VerifyIdentityLink; -import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils; import at.gv.egovernment.moa.id.config.ConfigurationProviderImpl; import at.gv.egovernment.moa.id.config.ConfigurationUtils; import at.gv.egovernment.moa.id.config.ConnectionParameter; @@ -55,111 +53,77 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide private static final boolean TRUST_MANAGER_REVOCATION_CHECKING_DEFAULT = true; - private MOAIDConfiguration configuration; - private final Properties properties = new Properties(); - + private MOAIDConfiguration configuration; private boolean requireJDBCBackupImplementation = false; - public PropertyBasedAuthConfigurationProvider(String configFileName) throws ConfigurationException { - if (configFileName == null) { - configFileName = System.getProperty(ConfigurationProvider.CONFIG_PROPERTY_NAME); - - if (MiscUtil.isEmpty(configFileName)) - throw new ConfigurationException("config.01", null); - } - - Logger.info("Loading MOA-ID-AUTH configuration " + configFileName); - - try { - URI fileURI = new URI(configFileName); - //instance = new PropertyBasedAuthConfigurationProvider(fileURI); - initialize(fileURI); - - } catch (URISyntaxException e){ - Logger.error("MOA-ID-Auth configuration file does not starts with file:/ as prefix.", e); - throw new ConfigurationException("config24", new Object[]{MOAIDAuthConstants.FILE_URI_PREFIX, configFileName}); + public PropertyBasedAuthConfigurationProvider(String configFileName) throws ConfigurationException, EAAFConfigurationException { + super(configFileName); +// try { + Logger.info("Loading MOA-ID-AUTH configuration " + getConfigurationFilePath().toString()); + initialize(); - } +// } catch (URISyntaxException e){ +// Logger.error("MOA-ID-Auth configuration file does not starts with file:/ as prefix.", e); +// throw new ConfigurationException("config24", new Object[]{MOAIDAuthConstants.FILE_URI_PREFIX, configFileName}); +// +// } } -// /** -// * The constructor with path to a properties file as argument. -// * -// * @param fileName the path to the properties file -// * @throws ConfigurationException if an error occurs during loading the properties file. -// */ -// public PropertyBasedAuthConfigurationProvider(URI fileName) throws ConfigurationException { -// initialize(fileName); -// -// } + + //TODO: add EAAFCore configuration prefix if required + @Override + public String getApplicationSpecificKeyPrefix() { + return null; + + } - private void initialize(URI fileName) throws ConfigurationException { - File propertiesFile = new File(fileName); - rootConfigFileDir = propertiesFile.getParent(); - try { - rootConfigFileDir = new File(rootConfigFileDir).toURI().toURL().toString(); - - } catch (MalformedURLException t) { - throw new ConfigurationException("config.03", null, t); - - } + @Override + protected String getBackupConfigPath() { + return System.getProperty(ConfigurationProvider.CONFIG_PROPERTY_NAME); - FileInputStream in = null; - try { - in = new FileInputStream(propertiesFile); - properties.load(in); - super.initial(properties); - -// JPAPropertiesWithJavaConfig.setLocalProperties(configProp); -// System.getProperties().setProperty("location", "file:" + fileName); -// context = new ClassPathXmlApplicationContext( -// new String[] { "moaid.configuration.beans.xml", -// "configuration.beans.xml" -// }); -// AutowireCapableBeanFactory acbFactory = context.getAutowireCapableBeanFactory(); -// acbFactory.autowireBean(this); - - //Some databases do not allow the selection of a lob in SQL where expression - String dbDriver = properties.getProperty("configuration.hibernate.connection.driver_class"); - if (MiscUtil.isNotEmpty(dbDriver)) { - for (String el:MOAIDConstants.JDBC_DRIVER_NEEDS_WORKAROUND) { - if (dbDriver.startsWith(el)) { - requireJDBCBackupImplementation = true; - Logger.info("JDBC driver '" + dbDriver - + "' is blacklisted --> Switch to alternative DB access methode implementation."); - - } - } - } - - - } catch (FileNotFoundException e) { - throw new ConfigurationException("config.03", null, e); + } + + + /** + * Provides configuration information regarding the online application behind the given URL, relevant to the MOA-ID Auth component. + * + * @param oaURL URL requested for an online application + * @return an <code>OAAuthParameter</code>, or <code>null</code> if none is applicable + */ + @Override + @Transactional + public ISPConfiguration getServiceProviderConfiguration(String spIdentifier) throws EAAFConfigurationException { + Map<String, String> oa = getActiveOnlineApplication(spIdentifier); + if (oa == null) { + return null; + } + + return new OAAuthParameterDecorator(new SPConfigurationImpl(oa, this)); - } catch (IOException e) { - throw new ConfigurationException("config.03", null, e); - - } catch (org.opensaml.xml.ConfigurationException e) { - Logger.error("OpenSAML initilalization FAILED. ", e); - throw new ConfigurationException("config.23", null, e); - - } catch (Exception e) { - Logger.error("General error during start-up process.", e); - throw new ConfigurationException("init.02", null, e); - - - } finally { - if (in != null) - try { - in.close(); - - } catch (IOException e) { - Logger.warn("Close MOA-ID-Auth configuration file FAILED.", e); + } + + /** + * Provides configuration information regarding the online application behind the given URL, relevant to the MOA-ID Auth component. + * + * @param oaURL URL requested for an online application + * @return an <code>OAAuthParameter</code>, or <code>null</code> if none is applicable + */ + @SuppressWarnings("unchecked") + @Override + @Transactional + public <T> T getServiceProviderConfiguration(String spIdentifier, final Class<T> decorator) throws EAAFConfigurationException { + ISPConfiguration spConfig = getServiceProviderConfiguration(spIdentifier); + if (spConfig != null && decorator != null) { + if (decorator.isInstance(spConfig)) + return (T)spConfig; + else + Logger.error("SPConfig: " + spConfig.getClass().getName() + " is NOT instance of: " + decorator.getName()); - } } + return null; + } /** @@ -172,14 +136,6 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide } /** - * Get the properties. - * @return the properties - */ - private Properties getProperties() { - return properties; - } - - /** * Method that avoids iterating over a {@link Collection} of type {@code T} which is actual {@code null}. * @param item the collection * @return the given {@link Collection} {@code item} if it is not {@code null}, or an empty {@link List} otherwise. @@ -225,23 +181,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide } } - - public String getBasicMOAIDConfiguration(final String key) { - return properties.getProperty(key); - - } - - public String getBasicMOAIDConfiguration(final String key, final String defaultValue) { - return properties.getProperty(key, defaultValue); - - } - - public Map<String, String> getBasicMOAIDConfigurationWithPrefix(final String prefix) { - return KeyValueUtils.getSubSetWithPrefix(KeyValueUtils.concertPropertiesToMap(properties), prefix); - } - - /* (non-Javadoc) * @see at.gv.egovernment.moa.id.config.auth.AuthConfiguration#getPropertyWithKey(java.lang.String) */ @@ -400,22 +340,6 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide } /** - * Provides configuration information regarding the online application behind the given URL, relevant to the MOA-ID Auth component. - * - * @param oaURL URL requested for an online application - * @return an <code>OAAuthParameter</code>, or <code>null</code> if none is applicable - */ - @Transactional - public OAAuthParameter getOnlineApplicationParameter(String oaURL) { - Map<String, String> oa = getActiveOnlineApplication(oaURL); - if (oa == null) { - return null; - } - - return new OAAuthParameter(oa, this); - } - - /** * Returns a string with a url-reference to the VerifyAuthBlock trust profile id within the moa-sp part of the authentication component. * * @return a string with a url-reference to the VerifyAuthBlock trust profile ID. @@ -505,7 +429,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_URL); if (moaspURL != null) { result = - new ConnectionParameterMOASP(moaspURL, this.getProperties(), this.getRootConfigFileDir()); + new ConnectionParameterMOASP(moaspURL, getFullConfigurationProperties(), getRootConfigFileDir()); } @@ -517,41 +441,42 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide return result; } - /** - * Returns the {@link ConnectionParameter} for the ForeignID. NOTE: may return {@code null}. - * - * @return the connection parameter. - * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral}. - */ - @Transactional - public ConnectionParameter getForeignIDConnectionParameter(IOAAuthParameters oaParameters) throws ConfigurationException { - String serviceURL = null; - try { - //load OA specific MIS service URL if OA configuration exists - if (oaParameters != null) - serviceURL = oaParameters.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_EXTERNAL_SZRGW_SERVICE_URL); - - //get first entry from general configuration if no OA specific URL exists - if (MiscUtil.isEmpty(serviceURL)) { - List<String> serviceURLs = KeyValueUtils.getListOfCSVValues( - configuration.getStringValue(MOAIDConfigurationConstants.GENERAL_AUTH_SERVICES_SZRGW_URL)); - if (serviceURLs.size() > 0) - serviceURL = serviceURLs.get(0); - - } - - if (MiscUtil.isNotEmpty(serviceURL)) - return new ConnectionParameterMandate(serviceURL, this.getProperties(), this.getRootConfigFileDir()); - - else - throw new ConfigurationException("service.09", new Object[]{"NO SZR-GW Service URL"}); - - } catch (at.gv.egiz.components.configuration.api.ConfigurationException e) { - Logger.warn("Initialize SZR-GW service connection parameters FAILED.", e); - throw new ConfigurationException("service.09", new Object[]{e.getMessage()}, e); - - } - } +// /** +// * Returns the {@link ConnectionParameter} for the ForeignID. NOTE: may return {@code null}. +// * +// * @return the connection parameter. +// * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral}. +// */ +// @Transactional +// @Deprecated +// public ConnectionParameter getForeignIDConnectionParameter(IOAAuthParameters oaParameters) throws ConfigurationException { +// String serviceURL = null; +// try { +// //load OA specific MIS service URL if OA configuration exists +// if (oaParameters != null) +// serviceURL = oaParameters.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_EXTERNAL_CENTRAL_EIDASNODE_SERVICE_URL); +// +// //get first entry from general configuration if no OA specific URL exists +// if (MiscUtil.isEmpty(serviceURL)) { +// List<String> serviceURLs = KeyValueUtils.getListOfCSVValues( +// configuration.getStringValue(MOAIDConfigurationConstants.GENERAL_AUTH_SERVICES_CENTRAL_EIDASNODE_URL)); +// if (serviceURLs.size() > 0) +// serviceURL = serviceURLs.get(0); +// +// } +// +// if (MiscUtil.isNotEmpty(serviceURL)) +// return new ConnectionParameterMandate(serviceURL, getFullConfigurationProperties(), getRootConfigFileDir()); +// +// else +// throw new ConfigurationException("service.09", new Object[]{"NO SZR-GW Service URL"}); +// +// } catch (at.gv.egiz.components.configuration.api.ConfigurationException e) { +// Logger.warn("Initialize SZR-GW service connection parameters FAILED.", e); +// throw new ConfigurationException("service.09", new Object[]{e.getMessage()}, e); +// +// } +// } /** * Returns the {@link ConnectionParameter} for the OnlineMandates. NOTE: may return {@code null}. @@ -577,7 +502,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide } if (MiscUtil.isNotEmpty(serviceURL)) - return new ConnectionParameterMandate(serviceURL, this.getProperties(), this.getRootConfigFileDir()); + return new ConnectionParameterMandate(serviceURL, getFullConfigurationProperties(), getRootConfigFileDir()); else throw new ConfigurationException("service.06", new Object[]{"NO MIS Service URL"}); @@ -849,8 +774,9 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * @return the MOASessionEncryptionKey or {@code null} */ public String getMOASessionEncryptionKey() { - String prop = properties.getProperty("configuration.moasession.key"); + String prop = getFullConfigurationProperties().getProperty("configuration.moasession.key"); return MiscUtil.isNotEmpty(prop) ? prop : null; + } /** @@ -859,7 +785,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * @return the MOAConfigurationEncryptionKey or {@code null} */ public String getMOAConfigurationEncryptionKey() { - String prop = properties.getProperty("configuration.moaconfig.key"); + String prop = getFullConfigurationProperties().getProperty("configuration.moaconfig.key"); return MiscUtil.isNotEmpty(prop) ? prop : null; } @@ -867,7 +793,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * @return {@code true} if IdentityLinkResigning is set, {@code false} otherwise. */ public boolean isIdentityLinkResigning() { - String prop = properties.getProperty("configuration.resignidentitylink.active", "false"); + String prop = getFullConfigurationProperties().getProperty("configuration.resignidentitylink.active", "false"); return Boolean.valueOf(prop); } @@ -877,7 +803,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * @return the IdentityLinkResigningKey or {@code null} */ public String getIdentityLinkResigningKey() { - String prop = properties.getProperty("configuration.resignidentitylink.keygroup"); + String prop = getFullConfigurationProperties().getProperty("configuration.resignidentitylink.keygroup"); return MiscUtil.isNotEmpty(prop) ? prop : null; } @@ -885,7 +811,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * @return {@code true} if MonitoringActive is set, {@code false} otherwise. */ public boolean isMonitoringActive() { - String prop = properties.getProperty("configuration.monitoring.active", "false"); + String prop = getFullConfigurationProperties().getProperty("configuration.monitoring.active", "false"); return Boolean.valueOf(prop); } @@ -895,7 +821,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * @return the MonitoringTestIdentityLinkURL or {@code null} */ public String getMonitoringTestIdentityLinkURL() { - String prop = properties.getProperty("configuration.monitoring.test.identitylink.url"); + String prop = getFullConfigurationProperties().getProperty("configuration.monitoring.test.identitylink.url"); return MiscUtil.isNotEmpty(prop) ? prop : null; } @@ -905,7 +831,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * @return the MonitoringMessageSuccess or {@code null} */ public String getMonitoringMessageSuccess() { - String prop = properties.getProperty("configuration.monitoring.message.success"); + String prop = getFullConfigurationProperties().getProperty("configuration.monitoring.message.success"); return MiscUtil.isNotEmpty(prop) ? prop : null; } @@ -913,7 +839,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * @return {@code true} if AdvancedLoggingActive is set, {@code false} otherwise. */ public boolean isAdvancedLoggingActive() { - String prop = properties.getProperty("configuration.advancedlogging.active", "false"); + String prop = getFullConfigurationProperties().getProperty("configuration.advancedlogging.active", "false"); return Boolean.valueOf(prop); } @@ -965,7 +891,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * @return {@code true} if PVP2AssertionEncryptionActive is set, {@code false} otherwise. */ public boolean isPVP2AssertionEncryptionActive() { - String prop = this.getProperties().getProperty("protocols.pvp2.assertion.encryption.active", "true"); + String prop = getFullConfigurationProperties().getProperty("protocols.pvp2.assertion.encryption.active", "true"); return Boolean.valueOf(prop); } @@ -973,7 +899,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * @return {@code true} if CertifiacteQCActive is set, {@code false} otherwise. */ public boolean isCertifiacteQCActive() { - String prop = this.getProperties().getProperty("configuration.validation.certificate.QC.ignore", "false"); + String prop = getFullConfigurationProperties().getProperty("configuration.validation.certificate.QC.ignore", "false"); return !Boolean.valueOf(prop); } @@ -993,7 +919,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide Logger.warn("Error in MOA-ID Configuration. No STORK configuration found."); } else { - result = new STORKConfig(this.getProperties(), this.getRootConfigFileDir()); + result = new STORKConfig(getFullConfigurationProperties(), this.getRootConfigFileDir()); } } catch (at.gv.egiz.components.configuration.api.ConfigurationException e) { @@ -1055,10 +981,10 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide private Properties getGeneralProperiesConfig(final String propPrefix) { Properties configProp = new Properties(); - for (Object key : this.getProperties().keySet()) { + for (Object key : getFullConfigurationProperties().keySet()) { if (key.toString().startsWith(propPrefix)) { String propertyName = key.toString().substring(propPrefix.length()); - configProp.put(propertyName, this.getProperties().get(key.toString())); + configProp.put(propertyName, getFullConfigurationProperties().get(key.toString())); } } return configProp; @@ -1087,7 +1013,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide @Transactional public String getTrustedCACertificates() { try { - String path = rootConfigFileDir + configuration.getStringValue( + String path = getRootConfigFileDir() + configuration.getStringValue( MOAIDConfigurationConstants.GENERAL_AUTH_TRUSTSTORE_URL); if (MiscUtil.isNotEmpty(path)) return path; @@ -1098,7 +1024,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide } - } catch (at.gv.egiz.components.configuration.api.ConfigurationException e) { + } catch (at.gv.egiz.components.configuration.api.ConfigurationException | ConfigurationException e) { Logger.warn("Error in MOA-ID Configuration. No TrustStoreDirectory defined.", e); return null; } @@ -1116,13 +1042,9 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide Logger.trace("Get active OnlineApplication with ID " + id + " from database."); Map<String, String> oaConfig = null; try { - - //TODO: //Some databases do not allow the selection of a lob in SQL where expression - String dbDriver = properties.getProperty("configuration.hibernate.connection.driver_class"); if (requireJDBCBackupImplementation) - oaConfig = configuration.getOnlineApplicationBackupVersion(id); - + oaConfig = configuration.getOnlineApplicationBackupVersion(id); else oaConfig = configuration.getOnlineApplication(id); @@ -1135,7 +1057,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide Logger.info("Online application with identifier " + id + " is found, but NOT active."); } else - Logger.warn("Online application with identifier " + id + " is not found."); + Logger.info("Online application with identifier " + id + " is not found."); } catch (at.gv.egiz.components.configuration.api.ConfigurationException e) { @@ -1149,13 +1071,13 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide //Load document service url from moa properties public String getDocumentServiceUrl() { - String prop = properties.getProperty("stork.documentservice.url", "false"); + String prop = getFullConfigurationProperties().getProperty("stork.documentservice.url", "false"); return prop; } public boolean isPVPSchemaValidationActive() { - String prop = properties.getProperty("protocols.pvp2.schemavalidation", "true"); + String prop = getFullConfigurationProperties().getProperty("protocols.pvp2.schemavalidation", "true"); return Boolean.valueOf(prop); } @@ -1165,7 +1087,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * @return true, if fake IdLs are available for stork */ public boolean isStorkFakeIdLActive() { - String prop = properties.getProperty("stork.fakeIdL.active", "false"); + String prop = getFullConfigurationProperties().getProperty("stork.fakeIdL.active", "false"); return Boolean.valueOf(prop); } @@ -1175,7 +1097,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * @return the countries */ public List<String> getStorkFakeIdLCountries() { - String prop = properties.getProperty("stork.fakeIdL.countries", ""); + String prop = getFullConfigurationProperties().getProperty("stork.fakeIdL.countries", ""); return Arrays.asList(prop.replaceAll(" ", "").split(",")); } @@ -1185,7 +1107,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * @return the resigning key */ public String getStorkFakeIdLResigningKey() { - String prop = properties.getProperty("stork.fakeIdL.keygroup"); + String prop = getFullConfigurationProperties().getProperty("stork.fakeIdL.keygroup"); if (MiscUtil.isNotEmpty(prop)) return prop; else @@ -1198,7 +1120,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide */ @Override public List<String> getStorkNoSignatureCountries() { - String prop = properties.getProperty("stork.fakeIdL.noSignatureCountries", ""); + String prop = getFullConfigurationProperties().getProperty("stork.fakeIdL.noSignatureCountries", ""); return Arrays.asList(prop.replaceAll(" ", "").split(",")); } @@ -1208,7 +1130,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide @Override @Deprecated public boolean isHTTPAuthAllowed() { - String prop = properties.getProperty("configuration.localhttpallowed.active", "false"); + String prop = getFullConfigurationProperties().getProperty("configuration.localhttpallowed.active", "false"); return Boolean.valueOf(prop); } @@ -1220,7 +1142,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide final String[] DEFAULTORDER = new String[] {RevocationSourceTypes.OCSP, RevocationSourceTypes.CRL}; List<String> result = new ArrayList<String>(); - String prop = properties.getProperty("configuration.ssl.validation.revocation.method.order"); + String prop = getFullConfigurationProperties().getProperty("configuration.ssl.validation.revocation.method.order"); if (MiscUtil.isNotEmpty(prop)) { String[] configOrder = prop.split(","); for (String el : configOrder) { @@ -1301,19 +1223,89 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide } return false; + + } + + private void initialize() throws ConfigurationException { + try { + initial(getFullConfigurationProperties()); + String dbDriver = getFullConfigurationProperties().getProperty("configuration.hibernate.connection.driver_class"); + if (MiscUtil.isNotEmpty(dbDriver)) { + for (String el:MOAIDConstants.JDBC_DRIVER_NEEDS_WORKAROUND) { + if (dbDriver.startsWith(el)) { + requireJDBCBackupImplementation = true; + Logger.info("JDBC driver '" + dbDriver + + "' is blacklisted --> Switch to alternative DB access methode implementation."); + + } + } + } + + + } catch (org.opensaml.xml.ConfigurationException e) { + Logger.error("OpenSAML initilalization FAILED. ", e); + throw new ConfigurationException("config.23", null, e); + + } catch (Exception e) { + Logger.error("General error during start-up process.", e); + throw new ConfigurationException("init.02", null, e); + + } + } - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.commons.api.AuthConfiguration#getBasicMOAIDConfigurationBoolean(java.lang.String, boolean) - */ + @Override - public boolean getBasicMOAIDConfigurationBoolean(String key, boolean defaultValue) { - String value = properties.getProperty(key); + public String validateIDPURL(URL requestedURL) throws EAAFException{ + List<String> configuredPublicURLPrefix = getPublicURLPrefix(); - if (MiscUtil.isNotEmpty(value)) - return Boolean.valueOf(value.trim()); - - return defaultValue; + if (!isVirtualIDPsEnabled()) { + Logger.trace("Virtual IDPs are disabled. Use default IDP PublicURLPrefix from configuration: " + configuredPublicURLPrefix.get(0)); + return configuredPublicURLPrefix.get(0); + + } else { + Logger.debug("Extract AuthenticationServiceURL: " + requestedURL); + URL resultURL = null; + + for (String el : configuredPublicURLPrefix) { + try { + URL configuredURL = new URL(el); + + //get Ports from URL + int configPort = configuredURL.getPort(); + if (configPort == -1) + configPort = configuredURL.getDefaultPort(); + + int authURLPort = requestedURL.getPort(); + if (authURLPort == -1) + authURLPort = requestedURL.getDefaultPort(); + + //check AuthURL against ConfigurationURL + if (configuredURL.getHost().equals(requestedURL.getHost()) && + configPort == authURLPort && + ( configuredURL.getPath().equals(requestedURL.getPath()) + || requestedURL.getPath().startsWith(configuredURL.getPath()) ) + && configuredURL.getProtocol().equals(requestedURL.getProtocol()) ) { + Logger.debug("Select configurated PublicURLPrefix: " + configuredURL + + " for authURL: " + requestedURL); + resultURL = configuredURL; + } + + } catch (MalformedURLException e) { + Logger.error("Configurated IDP PublicURLPrefix is not a valid URL." + el); + + } + } + + if (resultURL == null) { + Logger.warn("Extract AuthenticationServiceURL: " + requestedURL + " is NOT found in configuration."); + throw new ConfigurationException("config.25", new Object[]{requestedURL}); + + } else { + return resultURL.toExternalForm(); + + } + } } } |