aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib/src/main
diff options
context:
space:
mode:
Diffstat (limited to 'id/server/idserverlib/src/main')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java9
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java6
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java11
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java11
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java20
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java7
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java4
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/SSOSendAssertionServlet.java8
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java9
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyCertificateServlet.java5
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyIdentityLinkServlet.java13
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java12
12 files changed, 89 insertions, 26 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
index a8c4daad7..1bb829bab 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
@@ -571,11 +571,8 @@ public class AuthenticationServer implements MOAIDAuthConstants {
String authBlock = buildAuthenticationBlock(session, oaParam);
// builds the <CreateXMLSignatureRequest>
- List<String> transformsInfos = oaParam.getTransformsInfos();
- if ((transformsInfos == null) || (transformsInfos.size() == 0)) {
- // no OA specific transforms specified, use default ones
- transformsInfos = authConf.getTransformsInfos();
- }
+ List<String> transformsInfos = authConf.getTransformsInfos();
+
String createXMLSignatureRequest = new CreateXMLSignatureRequestBuilder()
.build(authBlock, oaParam.getKeyBoxIdentifier(),
transformsInfos);
@@ -1949,7 +1946,9 @@ public class AuthenticationServer implements MOAIDAuthConstants {
StringWriter writer = new StringWriter();
template.merge(context, writer);
+ resp.setContentType("text/html;charset=UTF-8");
resp.getOutputStream().write(writer.toString().getBytes());
+
} catch (Exception e) {
Logger.error("Error sending STORK SAML AuthnRequest.", e);
httpSession.invalidate();
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java
index 0a0355bd7..6f30e98df 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java
@@ -187,8 +187,12 @@ public class GenerateIFrameTemplateServlet extends AuthServlet {
catch (MOAIDException ex) {
handleError(null, ex, req, resp, pendingRequestID);
+
+ } catch (Exception e) {
+ Logger.error("BKUSelectionServlet has an interal Error.", e);
+
}
-
+
finally {
ConfigurationDBUtils.closeSession();
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java
index e9afb2e68..17dd9e343 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java
@@ -260,11 +260,12 @@ public class GetForeignIDServlet extends AuthServlet {
}
catch (MOAIDException ex) {
- handleError(null, ex, req, resp, pendingRequestID);
- } catch (Exception e1) {
- // TODO Auto-generated catch block
- e1.printStackTrace();
- }
+ handleError(null, ex, req, resp, pendingRequestID);
+
+ } catch (Exception e) {
+ Logger.error("GetForeignIDServlet has an interal Error.", e);
+
+ }
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java
index 5733cee85..a776bbe9a 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java
@@ -246,16 +246,23 @@ public class GetMISSessionIDServlet extends AuthServlet {
} catch (MOAIDException ex) {
handleError(null, ex, req, resp, pendingRequestID);
+
} catch (GeneralSecurityException ex) {
handleError(null, ex, req, resp, pendingRequestID);
+
} catch (PKIException e) {
handleError(null, e, req, resp, pendingRequestID);
+
} catch (SAXException e) {
handleError(null, e, req, resp, pendingRequestID);
+
} catch (ParserConfigurationException e) {
handleError(null, e, req, resp, pendingRequestID);
- }
-
+
+ } catch (Exception e) {
+ Logger.error("MISMandateValidation has an interal Error.", e);
+
+ }
finally {
ConfigurationDBUtils.closeSession();
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java
index 84732d4ce..fc4ec305d 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java
@@ -54,6 +54,9 @@ import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import at.gv.egovernment.moa.id.auth.MOAIDAuthInitializer;
+import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead;
+import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
+import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
import at.gv.egovernment.moa.id.moduls.AuthenticationManager;
import at.gv.egovernment.moa.id.moduls.RequestStorage;
@@ -86,6 +89,16 @@ public class LogOutServlet extends AuthServlet {
//set default redirect Target
Logger.debug("Set default RedirectURL back to MOA-ID-Auth");
redirectUrl = AuthConfigurationProvider.getInstance().getPublicURLPrefix();
+
+ } else {
+ //return an error if RedirectURL is not a active Online-Applikation
+ OnlineApplication oa = ConfigurationDBRead.getActiveOnlineApplication(redirectUrl);
+ if (oa == null) {
+ Logger.info("RedirctURL does not match to OA configuration. Set default RedirectURL back to MOA-ID-Auth");
+ redirectUrl = AuthConfigurationProvider.getInstance().getPublicURLPrefix();
+
+ }
+
}
if (ssomanager.isValidSSOSession(ssoid, req)) {
@@ -108,7 +121,12 @@ public class LogOutServlet extends AuthServlet {
ssomanager.deleteSSOSessionID(req, resp);
} catch (Exception e) {
- Logger.warn(LogOutServlet.class.getName() + " has an LogOut Error. Redirect to Applikation " + redirectUrl, e);
+ resp.sendError(HttpServletResponse.SC_FORBIDDEN, "Request not allowed.");
+ return;
+
+ } finally {
+ ConfigurationDBUtils.closeSession();
+
}
//Redirect to Application
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
index 328a441cd..d6db64a85 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
@@ -384,9 +384,14 @@ public class PEPSConnectorServlet extends AuthServlet {
} catch (AuthenticationException e) {
handleError(null, e, request, response, pendingRequestID);
+
} catch (MOAIDException e) {
handleError(null, e, request, response, pendingRequestID);
- }
+
+ } catch (Exception e) {
+ Logger.error("PEPSConnector has an interal Error.", e);
+ }
+
finally {
ConfigurationDBUtils.closeSession();
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java
index 671151bbe..00acdc540 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java
@@ -70,7 +70,9 @@ public class RedirectServlet extends AuthServlet{
} else {
try {
- redirectTarget = oa.getAuthComponentOA().getTemplates().getBKUSelectionCustomization().getAppletRedirectTarget();
+ String test = oa.getAuthComponentOA().getTemplates().getBKUSelectionCustomization().getAppletRedirectTarget();
+ if (MiscUtil.isNotEmpty(test))
+ redirectTarget = test;
} catch (Exception e) {
Logger.debug("Use default redirectTarget.");
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/SSOSendAssertionServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/SSOSendAssertionServlet.java
index 6fa7b56c6..997241822 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/SSOSendAssertionServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/SSOSendAssertionServlet.java
@@ -150,11 +150,17 @@ public class SSOSendAssertionServlet extends AuthServlet{
} catch (MOADatabaseException e) {
handleError("SSO Session is not found", e, req, resp, id);
+
} catch (WrongParametersException e) {
handleError("Parameter is not valid", e, req, resp, id);
+
} catch (AuthenticationException e) {
handleError(e.getMessage(), e, req, resp, id);
- }
+
+ } catch (Exception e) {
+ Logger.error("SSOSendAssertion has an interal Error.", e);
+ }
+
}
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java
index 2b46c8ff2..787dc6f10 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java
@@ -303,13 +303,20 @@ public class VerifyAuthenticationBlockServlet extends AuthServlet {
catch (MOAIDException ex) {
handleError(null, ex, req, resp, pendingRequestID);
+
} catch (GeneralSecurityException e) {
handleError(null, e, req, resp, pendingRequestID);
+
} catch (PKIException e) {
handleError(null, e, req, resp, pendingRequestID);
+
} catch (TransformerException e) {
handleError(null, e, req, resp, pendingRequestID);
- }
+
+ } catch (Exception e) {
+ Logger.error("AuthBlockValidation has an interal Error.", e);
+ }
+
finally {
ConfigurationDBUtils.closeSession();
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyCertificateServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyCertificateServlet.java
index fddd0d6b9..a3397f561 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyCertificateServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyCertificateServlet.java
@@ -215,9 +215,12 @@ public class VerifyCertificateServlet extends AuthServlet {
}
}
catch (MOAIDException ex) {
-
handleError(null, ex, req, resp, pendingRequestID);
+
+ } catch (Exception e) {
+ Logger.error("CertificateValidation has an interal Error.", e);
}
+
finally {
ConfigurationDBUtils.closeSession();
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyIdentityLinkServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyIdentityLinkServlet.java
index 10a41c487..3b503f07b 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyIdentityLinkServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyIdentityLinkServlet.java
@@ -142,7 +142,8 @@ public class VerifyIdentityLinkServlet extends AuthServlet {
try
{
parameters = getParameters(req);
- } catch (FileUploadException e)
+
+ } catch (Exception e)
{
Logger.error("Parsing mulitpart/form-data request parameters failed: " + e.getMessage());
throw new IOException(e.getMessage());
@@ -259,12 +260,14 @@ public class VerifyIdentityLinkServlet extends AuthServlet {
}
catch (ParseException ex) {
handleError(null, ex, req, resp, pendingRequestID);
- }
-
- catch (MOAIDException ex) {
+
+ } catch (MOAIDException ex) {
handleError(null, ex, req, resp, pendingRequestID);
+
+ } catch (Exception e) {
+ Logger.error("IdentityLinkValidation has an interal Error.", e);
}
-
+
finally {
ConfigurationDBUtils.closeSession();
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java
index 393b80d04..e6efa0256 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java
@@ -119,7 +119,7 @@ public class AuthenticationSessionStoreage {
dbsession.setUpdated(new Date());
MOASessionDBUtils.saveOrUpdate(dbsession);
- Logger.info("MOASession with sessionID=" + session.getSessionID() + " is stored in Database");
+ Logger.debug("MOASession with sessionID=" + session.getSessionID() + " is stored in Database");
} catch (MOADatabaseException e) {
Logger.warn("MOASession could not be stored.");
@@ -144,7 +144,7 @@ public class AuthenticationSessionStoreage {
dbsession.setUpdated(new Date());
MOASessionDBUtils.saveOrUpdate(dbsession);
- Logger.info("MOASession with sessionID=" + session.getSessionID() + " is stored in Database");
+ Logger.debug("MOASession with sessionID=" + session.getSessionID() + " is stored in Database");
} catch (MOADatabaseException e) {
Logger.warn("MOASession could not be stored.");
@@ -191,6 +191,10 @@ public class AuthenticationSessionStoreage {
AuthenticatedSessionStore dbsession = searchInDatabase(session.getSessionID());
String id = Random.nextRandom();
+
+ Logger.debug("Change SessionID from " + session.getSessionID()
+ + "to " + id);
+
session.setSessionID(id);
dbsession.setSessionid(id);
@@ -207,6 +211,8 @@ public class AuthenticationSessionStoreage {
MOASessionDBUtils.saveOrUpdate(dbsession);
+ Logger.trace("Change SessionID complete.");
+
return id;
} catch (MOADatabaseException e) {
@@ -225,6 +231,8 @@ public class AuthenticationSessionStoreage {
Session session = MOASessionDBUtils.getCurrentSession();
List<AuthenticatedSessionStore> result;
+ Logger.trace("Add SSO information to session " + moaSessionID);
+
synchronized (session) {
tx = session.beginTransaction();