diff options
Diffstat (limited to 'id/server/idserverlib/src/main/java/at')
3 files changed, 1 insertions, 789 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/AbstractAuthServletTask.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/AbstractAuthServletTask.java index 66f91266f..68d5ae299 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/AbstractAuthServletTask.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/AbstractAuthServletTask.java @@ -1,29 +1,17 @@ package at.gv.egovernment.moa.id.auth.modules;
-import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.HEADER_CACHE_CONTROL;
-import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.HEADER_EXPIRES;
-import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.HEADER_PRAGMA;
-import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL;
-import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL_IE;
-import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.HEADER_VALUE_EXPIRES;
-import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.HEADER_VALUE_PRAGMA;
import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.PARAM_TARGET_PENDINGREQUESTID;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
-import java.util.Enumeration;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Map.Entry;
-import javax.servlet.RequestDispatcher;
-import javax.servlet.ServletContext;
-import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
import org.apache.commons.fileupload.FileItem;
import org.apache.commons.fileupload.FileItemFactory;
@@ -36,24 +24,16 @@ import org.apache.commons.lang3.ObjectUtils; import org.springframework.beans.factory.annotation.Autowired;
import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger;
-import at.gv.egovernment.moa.id.advancedlogging.StatisticLogger;
import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
-import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
-import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
-import at.gv.egovernment.moa.id.config.ConfigurationException;
import at.gv.egovernment.moa.id.config.auth.AuthConfiguration;
import at.gv.egovernment.moa.id.moduls.IRequest;
import at.gv.egovernment.moa.id.moduls.IRequestStorage;
import at.gv.egovernment.moa.id.process.api.ExecutionContext;
import at.gv.egovernment.moa.id.process.springweb.MoaIdTask;
-import at.gv.egovernment.moa.id.protocols.AbstractProtocolModulController;
import at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage;
-import at.gv.egovernment.moa.id.storage.ITransactionStorage;
-import at.gv.egovernment.moa.id.util.Random;
-import at.gv.egovernment.moa.id.util.ServletUtils;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.MiscUtil;
@@ -63,8 +43,6 @@ import at.gv.egovernment.moa.util.MiscUtil; */
public abstract class AbstractAuthServletTask extends MoaIdTask {
- @Autowired private StatisticLogger statisticLogger;
- @Autowired private ITransactionStorage transactionStorage;
@Autowired protected IRequestStorage requestStoreage;
@Autowired protected IAuthenticationSessionStoreage authenticatedSessionStorage;
@Autowired protected MOAReversionLogger revisionsLogger;
@@ -116,165 +94,6 @@ public abstract class AbstractAuthServletTask extends MoaIdTask { }
}
-
- protected void handleErrorNoRedirect(String errorMessage, Throwable exceptionThrown,
- HttpServletRequest req, HttpServletResponse resp) {
-
- if (null != errorMessage) {
- Logger.error(errorMessage);
- req.setAttribute("ErrorMessage", errorMessage);
- }
-
- if (null != exceptionThrown) {
- if (null == errorMessage)
- errorMessage = exceptionThrown.getMessage();
- Logger.error(errorMessage, exceptionThrown);
- req.setAttribute("ExceptionThrown", exceptionThrown);
- }
-
- if (Logger.isDebugEnabled()) {
- req.setAttribute("LogLevel", "debug");
- }
-
- statisticLogger.logErrorOperation(exceptionThrown);
-
- // forward this to errorpage-auth.jsp where the HTML error page is
- // generated
- ServletContext context = req.getServletContext();
- RequestDispatcher dispatcher = context
- .getRequestDispatcher("/errorpage-auth.jsp");
- try {
-
- resp.setHeader(HEADER_EXPIRES, HEADER_VALUE_EXPIRES);
- resp.setHeader(HEADER_PRAGMA, HEADER_VALUE_PRAGMA);
- resp.setHeader(HEADER_CACHE_CONTROL, HEADER_VALUE_CACHE_CONTROL);
- resp.addHeader(HEADER_CACHE_CONTROL, HEADER_VALUE_CACHE_CONTROL_IE);
-
- dispatcher.forward(req, resp);
- } catch (ServletException e) {
- Logger.error(e);
- } catch (IOException e) {
- Logger.error(e);
- }
- }
-
- /**
- * Handles an error. <br>>
- * <ul>
- * <li>Logs the error</li>
- * <li>Places error message and exception thrown into the request as request
- * attributes (to be used by <code>"/errorpage-auth.jsp"</code>)</li>
- * <li>Sets HTTP status 500 (internal server error)</li>
- * </ul>
- *
- * @param errorMessage
- * error message
- * @param exceptionThrown
- * exception thrown
- * @param req
- * servlet request
- * @param resp
- * servlet response
- */
- protected void handleError(String errorMessage, Throwable exceptionThrown,
- HttpServletRequest req, HttpServletResponse resp, String pendingRequestID) {
-
- if (null != errorMessage) {
- Logger.error(errorMessage);
- req.setAttribute("ErrorMessage", errorMessage);
- }
-
- if (null != exceptionThrown) {
- if (null == errorMessage)
- errorMessage = exceptionThrown.getMessage();
- Logger.error(errorMessage, exceptionThrown);
- req.setAttribute("ExceptionThrown", exceptionThrown);
- }
-
- if (Logger.isDebugEnabled()) {
- req.setAttribute("LogLevel", "debug");
- }
-
- if (!(exceptionThrown instanceof MOAIDException)) {
- Logger.error("Receive an internal error: Message=" + exceptionThrown.getMessage(), exceptionThrown);
-
- }
-
-
- try {
- String key = Random.nextRandom();
- transactionStorage.put(key, exceptionThrown);
-
- if (key != null && MiscUtil.isNotEmpty(pendingRequestID)) {
- String redirectURL = null;
-
- redirectURL = ServletUtils.getBaseUrl(req) + "/";
- redirectURL += AbstractProtocolModulController.FINALIZEPROTOCOL_ENDPOINT
- + "?" + ERROR_CODE_PARAM + "=" + key
- + "&" + MOAIDAuthConstants.PARAM_TARGET_PENDINGREQUESTID + "=" + pendingRequestID;
-
- resp.setContentType("text/html");
- resp.setStatus(302);
-
- resp.addHeader("Location", redirectURL);
- Logger.debug("REDIRECT TO: " + redirectURL);
-
- return;
-
- } else {
- //Exception can not be stored in database
- handleErrorNoRedirect(errorMessage, exceptionThrown, req, resp);
- }
-
- } catch (MOADatabaseException e) {
- Logger.warn("Exception can not be stored to Database.", e);
- handleErrorNoRedirect(errorMessage, exceptionThrown, req, resp);
-
- }
-
-
-
-
- }
-
- /**
- * Handles a <code>WrongParametersException</code>.
- *
- * @param req
- * servlet request
- * @param resp
- * servlet response
- */
- protected void handleWrongParameters(WrongParametersException ex,
- HttpServletRequest req, HttpServletResponse resp) {
- Logger.error(ex.toString());
- req.setAttribute("WrongParameters", ex.getMessage());
-
- // forward this to errorpage-auth.jsp where the HTML error page is
- // generated
- ServletContext context = req.getServletContext();
- RequestDispatcher dispatcher = context
- .getRequestDispatcher("/errorpage-auth.jsp");
- try {
- setNoCachingHeaders(resp);
- dispatcher.forward(req, resp);
- } catch (ServletException e) {
- Logger.error(e);
- } catch (IOException e) {
- Logger.error(e);
- }
- }
-
- /**
- * Logs all servlet parameters for debugging purposes.
- */
- protected void logParameters(HttpServletRequest req) {
- for (Enumeration params = req.getParameterNames(); params
- .hasMoreElements();) {
- String parname = (String) params.nextElement();
- Logger.debug("Parameter " + parname + req.getParameter(parname));
- }
- }
/**
* Parses the request input stream for parameters, assuming parameters are
@@ -334,27 +153,7 @@ public abstract class AbstractAuthServletTask extends MoaIdTask { }
}
- else {
- // request is encoded as application/x-www-urlencoded
- // [tknall]: we must not consume request body input stream once servlet-api request parameters have been accessed
-
- /*
- InputStream in = req.getInputStream();
-
- String paramName;
- String paramValueURLEncoded;
- do {
- paramName = new String(readBytesUpTo(in, '='));
- if (paramName.length() > 0) {
- paramValueURLEncoded = readBytesUpTo(in, '&');
- String paramValue = URLDecoder.decode(paramValueURLEncoded,
- "UTF-8");
- parameters.put(paramName, paramValue);
- }
- } while (paramName.length() > 0);
- in.close();
- */
-
+ else {
Iterator<Entry<String, String[]>> requestParamIt = req.getParameterMap().entrySet().iterator();
while (requestParamIt.hasNext()) {
Entry<String, String[]> entry = requestParamIt.next();
@@ -394,19 +193,6 @@ public abstract class AbstractAuthServletTask extends MoaIdTask { }
/**
- * Sets response headers that prevent caching (code taken from {@link AuthServlet}).
- *
- * @param resp
- * The HttpServletResponse.
- */
- public void setNoCachingHeaders(HttpServletResponse resp) {
- resp.setHeader(HEADER_EXPIRES, HEADER_VALUE_EXPIRES);
- resp.setHeader(HEADER_PRAGMA, HEADER_VALUE_PRAGMA);
- resp.setHeader(HEADER_CACHE_CONTROL, HEADER_VALUE_CACHE_CONTROL);
- resp.addHeader(HEADER_CACHE_CONTROL, HEADER_VALUE_CACHE_CONTROL_IE);
- }
-
- /**
* Adds a parameter to a URL.
*
* @param url
@@ -425,32 +211,4 @@ public abstract class AbstractAuthServletTask extends MoaIdTask { else
return url + "&" + param;
}
-
- /**
- * Checks if HTTP requests are allowed
- *
- * @param authURL
- * requestURL
- * @throws AuthenticationException
- * if HTTP requests are not allowed
- * @throws ConfigurationException
- */
- protected void checkIfHTTPisAllowed(String authURL)
- throws AuthenticationException, ConfigurationException {
- // check if HTTP Connection may be allowed (through
- // FRONTEND_SERVLETS_ENABLE_HTTP_CONNECTION_PROPERTY)
-
- //Removed from MOA-ID 2.0 config
-// String boolStr = AuthConfigurationProvider
-// .getInstance()
-// .getGenericConfigurationParameter(
-// AuthConfigurationProvider.FRONTEND_SERVLETS_ENABLE_HTTP_CONNECTION_PROPERTY);
- if ((!authURL.startsWith("https:"))
- //&& (false == BoolUtils.valueOf(boolStr))
- )
- throw new AuthenticationException("auth.07", new Object[] { authURL
- + "*" });
-
- }
-
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java deleted file mode 100644 index fb6c71846..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java +++ /dev/null @@ -1,378 +0,0 @@ -///******************************************************************************* -// * Copyright 2014 Federal Chancellery Austria -// * MOA-ID has been developed in a cooperation between BRZ, the Federal -// * Chancellery Austria - ICT staff unit, and Graz University of Technology. -// * -// * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by -// * the European Commission - subsequent versions of the EUPL (the "Licence"); -// * You may not use this work except in compliance with the Licence. -// * You may obtain a copy of the Licence at: -// * http://www.osor.eu/eupl/ -// * -// * Unless required by applicable law or agreed to in writing, software -// * distributed under the Licence is distributed on an "AS IS" basis, -// * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// * See the Licence for the specific language governing permissions and -// * limitations under the Licence. -// * -// * This product combines work with different licenses. See the "NOTICE" text -// * file for details on the various modules and licenses. -// * The "NOTICE" text file is part of the distribution. Any derivative works -// * that you distribute must include a readable copy of the "NOTICE" text file. -// ******************************************************************************/ -///* -// * Copyright 2003 Federal Chancellery Austria -// * MOA-ID has been developed in a cooperation between BRZ, the Federal -// * Chancellery Austria - ICT staff unit, and Graz University of Technology. -// * -// * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by -// * the European Commission - subsequent versions of the EUPL (the "Licence"); -// * You may not use this work except in compliance with the Licence. -// * You may obtain a copy of the Licence at: -// * http://www.osor.eu/eupl/ -// * -// * Unless required by applicable law or agreed to in writing, software -// * distributed under the Licence is distributed on an "AS IS" basis, -// * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// * See the Licence for the specific language governing permissions and -// * limitations under the Licence. -// * -// * This product combines work with different licenses. See the "NOTICE" text -// * file for details on the various modules and licenses. -// * The "NOTICE" text file is part of the distribution. Any derivative works -// * that you distribute must include a readable copy of the "NOTICE" text file. -// */ -// -//package at.gv.egovernment.moa.id.auth.servlet; -// -//import java.io.IOException; -// -//import javax.servlet.RequestDispatcher; -//import javax.servlet.ServletConfig; -//import javax.servlet.ServletContext; -//import javax.servlet.ServletException; -//import javax.servlet.http.HttpServlet; -//import javax.servlet.http.HttpServletRequest; -//import javax.servlet.http.HttpServletResponse; -// -//import org.springframework.beans.BeansException; -//import org.springframework.beans.factory.NoSuchBeanDefinitionException; -//import org.springframework.beans.factory.NoUniqueBeanDefinitionException; -//import org.springframework.web.context.WebApplicationContext; -//import org.springframework.web.context.support.WebApplicationContextUtils; -// -//import at.gv.egovernment.moa.id.advancedlogging.StatisticLogger; -//import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; -//import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; -//import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -//import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; -//import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; -//import at.gv.egovernment.moa.id.config.ConfigurationException; -//import at.gv.egovernment.moa.id.process.ProcessEngine; -//import at.gv.egovernment.moa.id.process.ProcessExecutionException; -//import at.gv.egovernment.moa.id.storage.DBExceptionStoreImpl; -//import at.gv.egovernment.moa.id.storage.IExceptionStore; -//import at.gv.egovernment.moa.id.util.ServletUtils; -//import at.gv.egovernment.moa.logging.Logger; -//import at.gv.egovernment.moa.util.MiscUtil; -// -///** -// * Base class for MOA-ID Auth Servlets, providing standard error handling and -// * constant names. -// * -// * @author Paul Ivancsics -// * @version $Id$ -// */ -//public class AuthServlet extends HttpServlet { -// -// /** -// * -// */ -// private static final long serialVersionUID = -6929905344382283738L; -// -// protected static final String ERROR_CODE_PARAM = "errorid"; -// -// /** -// * The process engine. -// */ -// private ProcessEngine processEngine; -// -// @Override -// protected void doGet(HttpServletRequest req, HttpServletResponse resp) -// throws ServletException, IOException { -// Logger.debug("GET " + this.getServletName()); -// -// this.setNoCachingHeadersInHttpRespone(req, resp); -// } -// -// protected void handleErrorNoRedirect(String errorMessage, Throwable exceptionThrown, -// HttpServletRequest req, HttpServletResponse resp) { -// -// if (null != errorMessage) { -// Logger.error(errorMessage); -// req.setAttribute("ErrorMessage", errorMessage); -// } -// -// if (null != exceptionThrown) { -// if (null == errorMessage) -// errorMessage = exceptionThrown.getMessage(); -// Logger.error(errorMessage, exceptionThrown); -// req.setAttribute("ExceptionThrown", exceptionThrown); -// } -// -// if (Logger.isDebugEnabled()) { -// req.setAttribute("LogLevel", "debug"); -// } -// -// -// StatisticLogger logger = StatisticLogger.getInstance(); -// logger.logErrorOperation(exceptionThrown); -// -// -// // forward this to errorpage-auth.jsp where the HTML error page is -// // generated -// ServletContext context = getServletContext(); -// RequestDispatcher dispatcher = context -// .getRequestDispatcher("/errorpage-auth.jsp"); -// try { -// -// resp.setHeader(MOAIDAuthConstants.HEADER_EXPIRES, -// MOAIDAuthConstants.HEADER_VALUE_EXPIRES); -// resp.setHeader(MOAIDAuthConstants.HEADER_PRAGMA, -// MOAIDAuthConstants.HEADER_VALUE_PRAGMA); -// resp.setHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL, -// MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL); -// resp.addHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL, -// MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL_IE); -// -// dispatcher.forward(req, resp); -// } catch (ServletException e) { -// Logger.error(e); -// } catch (IOException e) { -// Logger.error(e); -// } -// } -// -// /** -// * Handles an error. <br>> -// * <ul> -// * <li>Logs the error</li> -// * <li>Places error message and exception thrown into the request as request -// * attributes (to be used by <code>"/errorpage-auth.jsp"</code>)</li> -// * <li>Sets HTTP status 500 (internal server error)</li> -// * </ul> -// * -// * @param errorMessage -// * error message -// * @param exceptionThrown -// * exception thrown -// * @param req -// * servlet request -// * @param resp -// * servlet response -// */ -// protected void handleError(String errorMessage, Throwable exceptionThrown, -// HttpServletRequest req, HttpServletResponse resp, String pendingRequestID) { -// -// Throwable loggedException = null; -// -// if (exceptionThrown != null -// && exceptionThrown instanceof ProcessExecutionException) { -// ProcessExecutionException procExc = -// (ProcessExecutionException) exceptionThrown; -// if (procExc.getCause() != null && -// procExc.getCause() instanceof TaskExecutionException) { -// TaskExecutionException taskExc = (TaskExecutionException) procExc.getCause(); -// loggedException = taskExc.getOriginalException(); -// -// } -// } -// -// if (loggedException == null) -// loggedException = exceptionThrown; -// -// -// if (!(loggedException instanceof MOAIDException)) { -// Logger.error("Receive an internal error: Message=" + loggedException.getMessage(), loggedException); -// -// } else { -// if (Logger.isDebugEnabled() || Logger.isTraceEnabled()) { -// Logger.error(loggedException.getMessage(), loggedException); -// -// } else { -// Logger.error(loggedException.getMessage()); -// -// } -// } -// -// IExceptionStore store = DBExceptionStoreImpl.getStore(); -// String id = store.storeException(loggedException); -// -// if (id != null && MiscUtil.isNotEmpty(pendingRequestID)) { -// -// String redirectURL = null; -// -// redirectURL = ServletUtils.getBaseUrl(req); -// -// //TODO: DEVELOPMENT -//// redirectURL += "/dispatcher?" + ERROR_CODE_PARAM + "=" + id -//// + "&" + DispatcherServlet.PARAM_TARGET_PENDINGREQUESTID + "=" + pendingRequestID; -// -// resp.setContentType("text/html"); -// resp.setStatus(302); -// -// resp.addHeader("Location", redirectURL); -// Logger.debug("REDIRECT TO: " + redirectURL); -// -// return; -// -// } else { -// -// //Exception can not be stored in database -// handleErrorNoRedirect(errorMessage, loggedException, req, resp); -// } -// } -// -// /** -// * Handles a <code>WrongParametersException</code>. -// * -// * @param req -// * servlet request -// * @param resp -// * servlet response -// */ -// protected void handleWrongParameters(WrongParametersException ex, -// HttpServletRequest req, HttpServletResponse resp) { -// Logger.error(ex.toString()); -// req.setAttribute("WrongParameters", ex.getMessage()); -// -// // forward this to errorpage-auth.jsp where the HTML error page is -// // generated -// ServletContext context = getServletContext(); -// RequestDispatcher dispatcher = context -// .getRequestDispatcher("/errorpage-auth.jsp"); -// try { -// resp.setHeader(MOAIDAuthConstants.HEADER_EXPIRES, -// MOAIDAuthConstants.HEADER_VALUE_EXPIRES); -// resp.setHeader(MOAIDAuthConstants.HEADER_PRAGMA, -// MOAIDAuthConstants.HEADER_VALUE_PRAGMA); -// resp.setHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL, -// MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL); -// resp.addHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL, -// MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL_IE); -// -// dispatcher.forward(req, resp); -// } catch (ServletException e) { -// Logger.error(e); -// } catch (IOException e) { -// Logger.error(e); -// } -// } -// -// -// /** -// * Calls the web application initializer. -// * -// * @see javax.servlet.Servlet#init(ServletConfig) -// */ -// public void init(ServletConfig servletConfig) throws ServletException { -// super.init(servletConfig); -// } -// -// -// /** -// * Set response headers to avoid caching -// * -// * @param request -// * HttpServletRequest -// * @param response -// * HttpServletResponse -// */ -// protected void setNoCachingHeadersInHttpRespone(HttpServletRequest request, -// HttpServletResponse response) { -// response.setHeader(MOAIDAuthConstants.HEADER_EXPIRES, -// MOAIDAuthConstants.HEADER_VALUE_EXPIRES); -// response.setHeader(MOAIDAuthConstants.HEADER_PRAGMA, -// MOAIDAuthConstants.HEADER_VALUE_PRAGMA); -// response.setHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL, -// MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL); -// response.addHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL, -// MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL_IE); -// -// } -// -// /** -// * Adds a parameter to a URL. -// * -// * @param url -// * the URL -// * @param paramname -// * parameter name -// * @param paramvalue -// * parameter value -// * @return the URL with parameter added -// */ -// protected static String addURLParameter(String url, String paramname, -// String paramvalue) { -// String param = paramname + "=" + paramvalue; -// if (url.indexOf("?") < 0) -// return url + "?" + param; -// else -// return url + "&" + param; -// } -// -// /** -// * Checks if HTTP requests are allowed -// * -// * @param authURL -// * requestURL -// * @throws AuthenticationException -// * if HTTP requests are not allowed -// * @throws ConfigurationException -// */ -// protected void checkIfHTTPisAllowed(String authURL) -// throws AuthenticationException, ConfigurationException { -// // check if HTTP Connection may be allowed (through -// // FRONTEND_SERVLETS_ENABLE_HTTP_CONNECTION_PROPERTY) -// -// //Removed from MOA-ID 2.0 config -//// String boolStr = AuthConfigurationProvider -//// .getInstance() -//// .getGenericConfigurationParameter( -//// AuthConfigurationProvider.FRONTEND_SERVLETS_ENABLE_HTTP_CONNECTION_PROPERTY); -// if ((!authURL.startsWith("https:")) -// //&& (false == BoolUtils.valueOf(boolStr)) -// ) -// throw new AuthenticationException("auth.07", new Object[] { authURL -// + "*" }); -// -// } -// -// -// /** -// * Returns the underlying process engine instance. -// * -// * @return The process engine (never {@code null}). -// * @throws NoSuchBeanDefinitionException -// * if no {@link ProcessEngine} bean was found. -// * @throws NoUniqueBeanDefinitionException -// * if more than one {@link ProcessEngine} bean was found. -// * @throws BeansException -// * if a problem getting the {@link ProcessEngine} bean occurred. -// * @throws IllegalStateException -// * if the Spring WebApplicationContext was not found, which means that the servlet is used outside a -// * Spring web environment. -// */ -// public synchronized ProcessEngine getProcessEngine() { -// if (processEngine == null) { -// WebApplicationContext ctx = WebApplicationContextUtils.getWebApplicationContext(getServletContext()); -// if (ctx == null) { -// throw new IllegalStateException( -// "Unable to find Spring WebApplicationContext. Servlet needs to be executed within a Spring web environment."); -// } -// processEngine = ctx.getBean(ProcessEngine.class); -// } -// return processEngine; -// } -// -//} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java deleted file mode 100644 index 663a14881..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java +++ /dev/null @@ -1,168 +0,0 @@ -///******************************************************************************* -// * Copyright 2014 Federal Chancellery Austria -// * MOA-ID has been developed in a cooperation between BRZ, the Federal -// * Chancellery Austria - ICT staff unit, and Graz University of Technology. -// * -// * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by -// * the European Commission - subsequent versions of the EUPL (the "Licence"); -// * You may not use this work except in compliance with the Licence. -// * You may obtain a copy of the Licence at: -// * http://www.osor.eu/eupl/ -// * -// * Unless required by applicable law or agreed to in writing, software -// * distributed under the Licence is distributed on an "AS IS" basis, -// * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// * See the Licence for the specific language governing permissions and -// * limitations under the Licence. -// * -// * This product combines work with different licenses. See the "NOTICE" text -// * file for details on the various modules and licenses. -// * The "NOTICE" text file is part of the distribution. Any derivative works -// * that you distribute must include a readable copy of the "NOTICE" text file. -// ******************************************************************************/ -//package at.gv.egovernment.moa.id.auth.servlet; -// -//import java.io.IOException; -//import java.util.Enumeration; -// -//import javax.servlet.ServletException; -//import javax.servlet.http.HttpServletRequest; -//import javax.servlet.http.HttpServletResponse; -// -//import org.apache.commons.lang.StringEscapeUtils; -// -//import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; -//import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; -//import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -//import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; -//import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; -//import at.gv.egovernment.moa.id.auth.modules.registration.ModuleRegistration; -//import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; -//import at.gv.egovernment.moa.id.process.ExecutionContextImpl; -//import at.gv.egovernment.moa.id.process.ProcessExecutionException; -//import at.gv.egovernment.moa.id.process.api.ExecutionContext; -//import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; -//import at.gv.egovernment.moa.logging.Logger; -//import at.gv.egovernment.moa.util.MiscUtil; -// -//public class GenerateIFrameTemplateServlet extends AuthServlet { -// -// private static final long serialVersionUID = 1L; -// -// protected void doGet(HttpServletRequest req, HttpServletResponse resp) -// throws ServletException, IOException { -// Logger.debug("Receive " + GenerateIFrameTemplateServlet.class + " Request"); -// -// String pendingRequestID = null; -// -// try { -// String moasessionid = req.getParameter(MOAIDAuthConstants.PARAM_SESSIONID); -// moasessionid = StringEscapeUtils.escapeHtml(moasessionid); -// AuthenticationSession moasession = null; -// try { -// pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(moasessionid); -// moasession = AuthenticationSessionStoreage.getSession(moasessionid); -// -// } catch (MOADatabaseException e) { -// Logger.info("MOASession with SessionID="+ moasessionid + " is not found in Database"); -// throw new MOAIDException("init.04", new Object[] { -// moasessionid}); -// -// } catch (Throwable e) { -// Logger.info("No HTTP Session found!"); -// throw new MOAIDException("auth.18", new Object[] {}); -// } -// -// -// -// ExecutionContext ec = new ExecutionContextImpl(); -// // set execution context -// Enumeration<String> reqParamNames = req.getParameterNames(); -// while(reqParamNames.hasMoreElements()) { -// String paramName = reqParamNames.nextElement(); -// if (MiscUtil.isNotEmpty(paramName)) -// ec.put(paramName, req.getParameter(paramName)); -// -// } -// -// ec.put("pendingRequestID", pendingRequestID); -// ec.put(MOAIDAuthConstants.PARAM_SESSIONID, moasessionid); -// -//// String bkuid = req.getParameter(MOAIDAuthConstants.PARAM_BKU); -//// String useMandate = req.getParameter(MOAIDAuthConstants.PARAM_USEMANDATE); -//// String ccc = req.getParameter(MOAIDAuthConstants.PARAM_CCC); -//// ec.put("ccc", moasession.getCcc()); -//// ec.put("useMandate", moasession.getUseMandate()); -//// ec.put("bkuURL", moasession.getBkuURL()); -// -// // select and create process instance -// String processDefinitionId = ModuleRegistration.getInstance().selectProcess(ec); -// if (processDefinitionId == null) { -// Logger.warn("No suitable process found for SessionID " + moasession.getSessionID()); -// throw new MOAIDException("process.02", new Object[] { moasession.getSessionID() }); -// } -// -// String processInstanceId = getProcessEngine().createProcessInstance(processDefinitionId, ec); -// -// // keep process instance id in moa session -// moasession.setProcessInstanceId(processInstanceId); -// -// // make sure moa session has been persisted before running the process -// try { -// AuthenticationSessionStoreage.storeSession(moasession); -// } catch (MOADatabaseException e) { -// Logger.error("Database Error! MOASession is not stored!"); -// throw new MOAIDException("init.04", new Object[] { moasession.getSessionID() }); -// } -// -// Logger.info("BKU is selected -> Start BKU communication ..."); -// -// // start process -// getProcessEngine().start(processInstanceId); -// -// } -// catch (WrongParametersException ex) { -// handleWrongParameters(ex, req, resp); -// } -// -// catch (MOAIDException ex) { -// handleError(null, ex, req, resp, pendingRequestID); -// -// } catch (ProcessExecutionException e) { -// Throwable cause = e.getCause(); -// if (cause != null && cause instanceof TaskExecutionException) { -// Throwable taskCause = cause.getCause(); -// if (taskCause != null && taskCause instanceof WrongParametersException) { -// WrongParametersException internalEx = (WrongParametersException) taskCause; -// handleWrongParameters(internalEx, req, resp); -// return; -// -// } else if (taskCause != null && taskCause instanceof MOAIDException) { -// MOAIDException moaTaskCause = (MOAIDException) taskCause; -// handleError(null, moaTaskCause, req, resp, pendingRequestID); -// return; -// -// } -// } -// -// Logger.error("BKUSelectionServlet has an interal Error.", e); -// -// } catch (Exception e) { -// Logger.error("BKUSelectionServlet has an interal Error.", e); -// -// } -// -// finally { -// -// } -// } -// -// -// -// -// -// -// -// -// -//} |