1 files changed, 119 insertions, 0 deletions

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/proxy/MOAIDProxyInitializer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/proxy/MOAIDProxyInitializer.java
new file mode 100644
index 000000000..61f38412e
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/proxy/MOAIDProxyInitializer.java
@@ -0,0 +1,119 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.id.proxy;
+
+import iaik.pki.PKIException;
+import iaik.pki.jsse.IAIKX509TrustManager;
+
+import java.io.IOException;
+import java.security.GeneralSecurityException;
+
+import javax.net.ssl.SSLSocketFactory;
+
+import at.gv.egovernment.moa.id.config.ConfigurationException;
+import at.gv.egovernment.moa.id.config.ConnectionParameter;
+import at.gv.egovernment.moa.id.config.proxy.OAProxyParameter;
+import at.gv.egovernment.moa.id.config.proxy.ProxyConfigurationProvider;
+import at.gv.egovernment.moa.id.iaik.config.LoggerConfigImpl;
+import at.gv.egovernment.moa.id.util.AxisSecureSocketFactory;
+import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
+import at.gv.egovernment.moa.id.util.SSLUtils;
+import at.gv.egovernment.moa.logging.Logger;
+
+/**
+ * Web application initializer
+ * 
+ * @author Paul Ivancsics
+ * @version $Id$
+ */
+public class MOAIDProxyInitializer {
+
+  /**
+   * Initializes the web application components which need initialization: 
+   * logging, JSSE, MOA-ID Auth configuration, Axis, session cleaner.
+   */
+  public static void initialize() 
+    throws ConfigurationException, IOException, GeneralSecurityException, PKIException {
+      
+    Logger.setHierarchy("moa.id.proxy");
+    
+    // Restricts TLS cipher suites
+    System.setProperty("https.cipherSuites", "SSL_RSA_WITH_RC4_128_SHA,SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_3DES_EDE_CBC_SHA");
+        
+    // load some jsse classes so that the integrity of the jars can be verified
+    // before the iaik jce is installed as the security provider
+    // this workaround is only needed when sun jsse is used in conjunction with
+    // iaik-jce (on jdk1.3)
+    ClassLoader cl = MOAIDProxyInitializer.class.getClassLoader();
+    try {
+      cl.loadClass("javax.security.cert.Certificate"); // from jcert.jar
+    } 
+    catch (ClassNotFoundException e) {
+      Logger.warn(MOAIDMessageProvider.getInstance().getMessage("init.01", null), e);
+    }
+
+    // Initializes the SSLSocketFactory store
+    SSLUtils.initialize();
+
+    // Initializes IAIKX509TrustManager logging
+    String log4jConfigURL = System.getProperty("log4j.configuration");
+    if (log4jConfigURL != null) {
+      IAIKX509TrustManager.initLog(new LoggerConfigImpl(log4jConfigURL));
+    }
+    
+    // Loads the configuration
+    ProxyConfigurationProvider proxyConf = ProxyConfigurationProvider.reload();
+
+    // Initializes the Axis secure socket factory for use in calling the MOA-Auth web service,
+    // using configuration data
+    ConnectionParameter connParamAuth = proxyConf.getAuthComponentConnectionParameter();
+    if (connParamAuth!=null) {
+	    if (connParamAuth.isHTTPSURL()) {
+	      SSLSocketFactory ssf = SSLUtils.getSSLSocketFactory(proxyConf, connParamAuth);
+	      AxisSecureSocketFactory.initialize(ssf);
+	    }
+    } else {
+    	throw new ConfigurationException("config.16", null);
+    }
+    
+    // Initializes the Axis secure socket factories for use in calling the online applications,
+    // using configuration data
+    OAProxyParameter[] oaParams = proxyConf.getOnlineApplicationParameters();
+    for (int i = 0; i < oaParams.length; i++) {
+      OAProxyParameter oaParam = oaParams[i];
+      ConnectionParameter oaConnParam = oaParam.getConnectionParameter();
+      if (oaConnParam.isHTTPSURL())
+        SSLUtils.getSSLSocketFactory(proxyConf, oaConnParam);
+    }
+    
+    // Initializes the ConnectionBuilderFactory from configuration data
+    ConnectionBuilderFactory.initialize();
+
+    // Initializes the LoginParameterResolverFactory from configuration data
+    LoginParameterResolverFactory.initialize();
+    
+  }
+  
+}