aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib/src
diff options
context:
space:
mode:
Diffstat (limited to 'id/server/idserverlib/src')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java4
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SendAssertionFormBuilder.java4
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java8
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java6
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java63
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java15
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java19
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java43
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java13
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ProcessValidatorInputServlet.java2
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/SSOSendAssertionServlet.java50
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java18
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyCertificateServlet.java8
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyIdentityLinkServlet.java10
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java208
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java12
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/IRequest.java2
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/ModulUtils.java10
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestImpl.java10
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestStorage.java57
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java71
-rw-r--r--id/server/idserverlib/src/main/resources/resources/templates/loginFormFull.html315
-rw-r--r--id/server/idserverlib/src/main/resources/resources/templates/loginFormIFrame.html260
-rw-r--r--id/server/idserverlib/src/main/resources/resources/templates/sendAssertionFormFull.html2
-rw-r--r--id/server/idserverlib/src/main/resources/resources/templates/sendAssertionFormIFrame.html2
25 files changed, 446 insertions, 766 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java
index 9ba11bebd..a80fcfa25 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java
@@ -30,6 +30,7 @@ public class LoginFormBuilder {
private static String BKU_HANDY = "#HANDY#";
private static String BKU_LOCAL = "#LOCAL#";
private static String CONTEXTPATH = "#CONTEXTPATH#";
+ private static String MOASESSIONID = "#SESSIONID#";
private static String SERVLET = CONTEXTPATH+"/GenerateIframeTemplate";
@@ -84,7 +85,7 @@ public class LoginFormBuilder {
return template;
}
- public static String buildLoginForm(String modul, String action, String oaname, String contextpath, boolean isIFrame) {
+ public static String buildLoginForm(String modul, String action, String oaname, String contextpath, boolean isIFrame, String moaSessionID) {
String value = getTemplate(isIFrame);
if(value != null) {
@@ -98,6 +99,7 @@ public class LoginFormBuilder {
value = value.replace(ACTION, action);
value = value.replace(OANAME, oaname);
value = value.replace(CONTEXTPATH, contextpath);
+ value = value.replace(MOASESSIONID, moaSessionID);
}
return value;
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SendAssertionFormBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SendAssertionFormBuilder.java
index a72848832..956593237 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SendAssertionFormBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SendAssertionFormBuilder.java
@@ -25,6 +25,7 @@ public class SendAssertionFormBuilder {
private static String URL = "#URL#";
private static String MODUL = "#MODUL#";
private static String ACTION = "#ACTION#";
+ private static String ID = "#ID#";
private static String OANAME = "#OAName#";
private static String CONTEXTPATH = "#CONTEXTPATH#";
@@ -75,7 +76,7 @@ public class SendAssertionFormBuilder {
return template;
}
- public static String buildForm(String modul, String action, String oaname, String contextpath, boolean isIFrame) {
+ public static String buildForm(String modul, String action, String id, String oaname, String contextpath, boolean isIFrame) {
String value = getTemplate(isIFrame);
if(value != null) {
@@ -87,6 +88,7 @@ public class SendAssertionFormBuilder {
}
value = value.replace(MODUL, modul);
value = value.replace(ACTION, action);
+ value = value.replace(ID, id);
value = value.replace(OANAME, oaname);
value = value.replace(CONTEXTPATH, contextpath);
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java
index c9a10b812..58cea2926 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java
@@ -221,11 +221,11 @@ public class StartAuthentificationParameterParser implements MOAIDAuthConstants{
}
public static void parse(HttpServletRequest req, HttpServletResponse resp,
- AuthenticationSession moasession) throws WrongParametersException, MOAIDException {
+ AuthenticationSession moasession, IRequest request) throws WrongParametersException, MOAIDException {
- //check Module and Action
- HttpSession httpSession = req.getSession();
- IRequest request = RequestStorage.getPendingRequest(httpSession);
+// //check Module and Action
+// HttpSession httpSession = req.getSession();
+// IRequest request = RequestStorage.getPendingRequest(httpSession);
String modul = request.requestedModule();//req.getParameter(PARAM_MODUL);
String action = request.requestedAction();//req.getParameter(PARAM_ACTION);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java
index 4b15d80b4..022f21491 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java
@@ -50,6 +50,7 @@ import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.auth.WrongParametersException;
import at.gv.egovernment.moa.id.config.ConfigurationException;
import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
+import at.gv.egovernment.moa.id.entrypoints.DispatcherServlet;
import at.gv.egovernment.moa.id.storage.ExceptionStoreImpl;
import at.gv.egovernment.moa.id.storage.IExceptionStore;
import at.gv.egovernment.moa.id.util.ServletUtils;
@@ -143,7 +144,7 @@ public class AuthServlet extends HttpServlet implements MOAIDAuthConstants {
* servlet response
*/
protected void handleError(String errorMessage, Throwable exceptionThrown,
- HttpServletRequest req, HttpServletResponse resp) {
+ HttpServletRequest req, HttpServletResponse resp, String pendingRequestID) {
if (null != errorMessage) {
Logger.error(errorMessage);
@@ -167,7 +168,8 @@ public class AuthServlet extends HttpServlet implements MOAIDAuthConstants {
String redirectURL = null;
redirectURL = ServletUtils.getBaseUrl(req);
- redirectURL += "/dispatcher?" + ERROR_CODE_PARAM + "=" + id;
+ redirectURL += "/dispatcher?" + ERROR_CODE_PARAM + "=" + id
+ + "&" + DispatcherServlet.PARAM_TARGET_PENDINGREQUESTID + "=" + pendingRequestID;
resp.setContentType("text/html");
resp.setStatus(302);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java
index 2ea34ee12..8d23f1a3b 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java
@@ -52,19 +52,26 @@ public class GenerateIFrameTemplateServlet extends AuthServlet {
protected void doGet(HttpServletRequest req, HttpServletResponse resp)
throws ServletException, IOException {
Logger.info("Receive " + GenerateIFrameTemplateServlet.class + " Request");
-
+
+ String pendingRequestID = null;
+
try {
String bkuid = req.getParameter(PARAM_BKU);
String useMandate = req.getParameter(PARAM_USEMANDATE);
String ccc = req.getParameter(PARAM_CCC);
-
- String moasessionid = null;
+ String moasessionid = req.getParameter(PARAM_SESSIONID);
+
AuthenticationSession moasession = null;
-
+
try {
- moasessionid = (String) req.getSession().getAttribute(AuthenticationManager.MOA_SESSION);
- moasession = AuthenticationSessionStoreage.getSession(moasessionid);
-
+ //moasessionid = (String) req.getSession().getAttribute(AuthenticationManager.MOA_SESSION);
+
+ pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(moasessionid);
+
+ moasession = AuthenticationSessionStoreage.getSession(moasessionid);
+
+ String newmoasessionid = AuthenticationSessionStoreage.changeSessionID(moasession);
+
} catch (MOADatabaseException e) {
Logger.info("MOASession with SessionID="+ moasessionid + " is not found in Database");
throw new MOAIDException("init.04", new Object[] {
@@ -131,49 +138,9 @@ public class GenerateIFrameTemplateServlet extends AuthServlet {
}
catch (MOAIDException ex) {
- handleError(null, ex, req, resp);
+ handleError(null, ex, req, resp, pendingRequestID);
}
}
-
-// private String getTemplateURIFromConfig(int bkuID, OAAuthParameter oaParam) throws WrongParametersException {
-// //TODO: CHANGE to real OA config
-//
-// List<String> bkuURIs = Arrays.asList(
-// "http://localhost:8080/moa-id-auth/template_onlineBKU.html",
-// "http://localhost:8080/moa-id-auth/template_handyBKU.html",
-// "http://127.0.0.1:8080/moa-id-auth/template_localBKU.html");
-//
-//// List<String> bkuURIs = Arrays.asList(
-//// "http://demo.egiz.gv.at/demoportal_moaid-2.0/template_onlineBKU.html",
-//// "http://demo.egiz.gv.at/demoportal_moaid-2.0/template_handyBKU.html",
-//// "http://demo.egiz.gv.at/demoportal_moaid-2.0/template_localBKU.html");
-//
-// if (bkuID < bkuURIs.size())
-// return bkuURIs.get(bkuID);
-// else
-// throw new WrongParametersException("GenerateIFrameTemplate", PARAM_TEMPLATE,
-// "auth.12");
-// }
-//
-// private String getBKUURIFromConfig(int bkuID, OAAuthParameter oaParam) throws WrongParametersException {
-// //TODO: CHANGE to real OA config
-//
-// List<String> bkuURIs = Arrays.asList(
-// "https://labda.iaik.tugraz.at:8843/bkuonline/https-security-layer-request",
-// "https://www.handy-signatur.at/mobile/https-security-layer-request/default.aspx",
-// "https://127.0.0.1:3496/https-security-layer-request");
-//
-//// List<String> bkuURIs = Arrays.asList(
-//// "https://demo.egiz.gv.at/demoportal_bkuonline/https-security-layer-request",
-//// "https://www.handy-signatur.at/mobile/https-security-layer-request/default.aspx",
-//// "https://127.0.0.1:3496/https-security-layer-request");
-//
-// if (bkuID < bkuURIs.size())
-// return bkuURIs.get(bkuID);
-// else
-// throw new WrongParametersException("GenerateIFrameTemplate", PARAM_BKU,
-// "auth.12");
-// }
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java
index d49f4e215..02c751a0a 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java
@@ -114,7 +114,10 @@ public class GetForeignIDServlet extends AuthServlet {
resp.setHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL);
resp.addHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL_IE);
- Map parameters;
+ Map parameters;
+
+ String pendingRequestID = null;
+
try
{
parameters = getParameters(req);
@@ -123,7 +126,8 @@ public class GetForeignIDServlet extends AuthServlet {
Logger.error("Parsing mulitpart/form-data request parameters failed: " + e.getMessage());
throw new IOException(e.getMessage());
}
- String sessionID = req.getParameter(PARAM_SESSIONID);
+ String sessionID = req.getParameter(PARAM_SESSIONID);
+ pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(sessionID);
// escape parameter strings
sessionID = StringEscapeUtils.escapeHtml(sessionID);
@@ -195,8 +199,9 @@ public class GetForeignIDServlet extends AuthServlet {
}
redirectURL = addURLParameter(redirectURL, PARAM_SAMLARTIFACT, URLEncoder.encode(samlArtifactBase64, "UTF-8"));
redirectURL = resp.encodeRedirectURL(redirectURL);*/
+
redirectURL = new DataURLBuilder().buildDataURL(session.getAuthURL(),
- ModulUtils.buildAuthURL(session.getModul(), session.getAction()), newMOASessionID);
+ ModulUtils.buildAuthURL(session.getModul(), session.getAction(), pendingRequestID), newMOASessionID);
redirectURL = resp.encodeRedirectURL(redirectURL);
} else {
@@ -219,10 +224,10 @@ public class GetForeignIDServlet extends AuthServlet {
}
catch (MOAIDException ex) {
- handleError(null, ex, req, resp);
+ handleError(null, ex, req, resp, pendingRequestID);
}
catch (SZRGWClientException ex) {
- handleError(null, ex, req, resp);
+ handleError(null, ex, req, resp, pendingRequestID);
}
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java
index 7d825da17..8e5fccfef 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java
@@ -143,12 +143,15 @@ public class GetMISSessionIDServlet extends AuthServlet {
sessionID = StringEscapeUtils.escapeHtml(sessionID);
AuthenticationSession session = null;
+ String pendingRequestID = null;
try {
// check parameter
if (!ParamValidatorUtils.isValidSessionID(sessionID))
throw new WrongParametersException("VerifyCertificate",
PARAM_SESSIONID, "auth.12");
+ pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(sessionID);
+
session = AuthenticationServer.getSession(sessionID);
String misSessionID = session.getMISSessionID();
@@ -209,11 +212,11 @@ public class GetMISSessionIDServlet extends AuthServlet {
Logger.info("Changed MOASession " + oldsessionID + " to Session " + newMOASessionID);
Logger.info("Daten angelegt zu MOASession " + newMOASessionID);
-
+
String redirectURL = new DataURLBuilder().buildDataURL(
session.getAuthURL(),
ModulUtils.buildAuthURL(session.getModul(),
- session.getAction()), newMOASessionID);
+ session.getAction(), pendingRequestID), newMOASessionID);
redirectURL = resp.encodeRedirectURL(redirectURL);
@@ -252,17 +255,17 @@ public class GetMISSessionIDServlet extends AuthServlet {
Logger.debug("REDIRECT TO: " + redirectURL);
} catch (MOAIDException ex) {
- handleError(null, ex, req, resp);
+ handleError(null, ex, req, resp, pendingRequestID);
} catch (GeneralSecurityException ex) {
- handleError(null, ex, req, resp);
+ handleError(null, ex, req, resp, pendingRequestID);
} catch (PKIException e) {
- handleError(null, e, req, resp);
+ handleError(null, e, req, resp, pendingRequestID);
} catch (MISSimpleClientException e) {
- handleError(null, e, req, resp);
+ handleError(null, e, req, resp, pendingRequestID);
} catch (SAXException e) {
- handleError(null, e, req, resp);
+ handleError(null, e, req, resp, pendingRequestID);
} catch (ParserConfigurationException e) {
- handleError(null, e, req, resp);
+ handleError(null, e, req, resp, pendingRequestID);
}
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java
index caf2e4490..8dc5d7469 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java
@@ -83,29 +83,34 @@ public class LogOutServlet extends AuthServlet {
SSOManager ssomanager = SSOManager.getInstance();
- //get SSO token from request
- String ssoid = ssomanager.getSSOSessionID(req);
-
- if (ssomanager.isValidSSOSession(ssoid, req)) {
-
- //TODO: Single LogOut Implementation
+ try {
+ //get SSO token from request
+ String ssoid = ssomanager.getSSOSessionID(req);
- //delete SSO session and MOA session
- AuthenticationManager authmanager = AuthenticationManager.getInstance();
- String moasessionid = AuthenticationSessionStoreage.getMOASessionID(ssoid);
-
- authmanager.logout(req, resp, moasessionid);
- Logger.info("User with SSO Id " + ssoid + " is logged out and get redirect to "+ redirectUrl);
- } else {
- Logger.info("No active SSO session found. User is maybe logout already and get redirect to "+ redirectUrl);
- }
+ if (ssomanager.isValidSSOSession(ssoid, req)) {
- //Remove SSO token
- ssomanager.deleteSSOSessionID(req, resp);
+ //TODO: Single LogOut Implementation
- //invalidate Session
- req.getSession().invalidate();
+ //delete SSO session and MOA session
+ AuthenticationManager authmanager = AuthenticationManager.getInstance();
+ String moasessionid = AuthenticationSessionStoreage.getMOASessionID(ssoid);
+ RequestStorage.removePendingRequest(RequestStorage.getPendingRequest(req.getSession()),
+ AuthenticationSessionStoreage.getPendingRequestID(moasessionid));
+
+ authmanager.logout(req, resp, moasessionid);
+ Logger.info("User with SSO Id " + ssoid + " is logged out and get redirect to "+ redirectUrl);
+ } else {
+ Logger.info("No active SSO session found. User is maybe logout already and get redirect to "+ redirectUrl);
+ }
+
+ //Remove SSO token
+ ssomanager.deleteSSOSessionID(req, resp);
+
+ } catch (Exception e) {
+ Logger.warn(LogOutServlet.class.getName() + " has an LogOut Error. Redirect to Applikation " + redirectUrl, e);
+ }
+
//Redirect to Application
resp.setStatus(301);
resp.addHeader("Location", redirectUrl);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
index 63bc2a8cc..f6412f897 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
@@ -56,6 +56,8 @@ public class PEPSConnectorServlet extends AuthServlet {
*/
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
+ String pendingRequestID = null;
+
try {
Logger.info("PEPSConnector Servlet invoked, expecting C-PEPS message.");
@@ -80,6 +82,8 @@ public class PEPSConnectorServlet extends AuthServlet {
httpSession.invalidate();
}
+ pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(moaSessionID);
+
Logger.info("Found MOA sessionID: " + moaSessionID);
Logger.debug("Beginning to extract SAMLResponse out of HTTP Request");
@@ -199,7 +203,7 @@ public class PEPSConnectorServlet extends AuthServlet {
AuthenticationServer.getInstance().getForeignAuthenticationData(moaSession);
Logger.info("MOA assertion assembled and SAML Artifact generated.");
- //session is implicit stored in changeSessionID!!!!
+ //session is implicit stored in changeSessionID!!!!
String newMOASessionID = AuthenticationSessionStoreage.changeSessionID(moaSession);
Logger.info("Changed MOASession " + moaSessionID + " to Session " + newMOASessionID);
@@ -214,8 +218,9 @@ public class PEPSConnectorServlet extends AuthServlet {
}
redirectURL = addURLParameter(redirectURL, PARAM_SAMLARTIFACT, URLEncoder.encode(samlArtifactBase64, "UTF-8"));
redirectURL = response.encodeRedirectURL(redirectURL);*/
+
redirectURL = new DataURLBuilder().buildDataURL(moaSession.getAuthURL(),
- ModulUtils.buildAuthURL(moaSession.getModul(), moaSession.getAction()), newMOASessionID);
+ ModulUtils.buildAuthURL(moaSession.getModul(), moaSession.getAction(), pendingRequestID), newMOASessionID);
redirectURL = response.encodeRedirectURL(redirectURL);
} else {
@@ -236,9 +241,9 @@ public class PEPSConnectorServlet extends AuthServlet {
} catch (AuthenticationException e) {
- handleError(null, e, request, response);
+ handleError(null, e, request, response, pendingRequestID);
} catch (MOAIDException e) {
- handleError(null, e, request, response);
+ handleError(null, e, request, response, pendingRequestID);
}
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ProcessValidatorInputServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ProcessValidatorInputServlet.java
index 200d25fbe..ba8698934 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ProcessValidatorInputServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ProcessValidatorInputServlet.java
@@ -135,7 +135,7 @@ public class ProcessValidatorInputServlet extends AuthServlet {
handleWrongParameters(ex, req, resp);
}
catch (MOAIDException ex) {
- handleError(null, ex, req, resp);
+ handleError(null, ex, req, resp, null); //TODO: is this Class required?
}
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/SSOSendAssertionServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/SSOSendAssertionServlet.java
index ecbd87498..9b559770f 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/SSOSendAssertionServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/SSOSendAssertionServlet.java
@@ -36,18 +36,48 @@ public class SSOSendAssertionServlet extends AuthServlet{
private static final long serialVersionUID = 1L;
private static final String PARAM = "value";
+ private static final String MODULE = "mod";
+ private static final String ACTION = "action";
+ private static final String ID = "identifier";
protected void doPost(HttpServletRequest req, HttpServletResponse resp)
throws ServletException, IOException {
+
+ String id = null;
Logger.info("Receive " + SSOSendAssertionServlet.class + " Request");
try {
+ Object idObject = req.getParameter(ID);
+
+ if (idObject != null && (idObject instanceof String)) {
+ id = (String) idObject;
+ }
+
String value = req.getParameter(PARAM);
value = StringEscapeUtils.escapeHtml(value);
if (!ParamValidatorUtils.isValidUseMandate(value))
throw new WrongParametersException("SSOSendAssertionServlet", PARAM, null);
-
+ //get module and action
+ Object moduleObject = req.getParameter(MODULE);
+ String module = null;
+ if (moduleObject != null && (moduleObject instanceof String)) {
+ module = (String) moduleObject;
+ }
+
+
+ Object actionObject = req.getParameter(ACTION);
+ String action = null;
+ if (actionObject != null && (actionObject instanceof String)) {
+ action = (String) actionObject;
+ }
+
+ if (MiscUtil.isEmpty(module) || MiscUtil.isEmpty(action) || MiscUtil.isEmpty(id)) {
+ Logger.warn("No Moduel or Action parameter received!");
+ throw new WrongParametersException("Module or Action is empty", "", "auth.10");
+ }
+
+
SSOManager ssomanager = SSOManager.getInstance();
//get SSO Cookie for Request
String ssoId = ssomanager.getSSOSessionID(req);
@@ -86,15 +116,9 @@ public class SSOSendAssertionServlet extends AuthServlet{
moaSessionID = AuthenticationSessionStoreage.getMOASessionID(ssoId);
AuthenticationSession moasession = AuthenticationSessionStoreage.getSession(moaSessionID);
AuthenticationSessionStoreage.setAuthenticated(moaSessionID, true);
-
- HttpSession httpSession = req.getSession();
- IRequest protocolRequest = RequestStorage.getPendingRequest(httpSession);
-
- if (protocolRequest == null)
- throw new AuthenticationException("auth.21", new Object[] {});
-
+
String redirectURL = new DataURLBuilder().buildDataURL(moasession.getAuthURL(),
- ModulUtils.buildAuthURL(protocolRequest.requestedModule(), protocolRequest.requestedAction()), "");
+ ModulUtils.buildAuthURL(module, action, id), "");
resp.setContentType("text/html");
resp.setStatus(302);
@@ -109,16 +133,16 @@ public class SSOSendAssertionServlet extends AuthServlet{
}
} else {
- handleError("SSO Session is not valid", null, req, resp);
+ handleError("SSO Session is not valid", null, req, resp, id);
}
} catch (MOADatabaseException e) {
- handleError("SSO Session is not found", e, req, resp);
+ handleError("SSO Session is not found", e, req, resp, id);
} catch (WrongParametersException e) {
- handleError("Parameter is not valid", e, req, resp);
+ handleError("Parameter is not valid", e, req, resp, id);
} catch (AuthenticationException e) {
- handleError(e.getMessage(), e, req, resp);
+ handleError(e.getMessage(), e, req, resp, id);
}
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java
index adef74370..96914647e 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java
@@ -136,6 +136,7 @@ public class VerifyAuthenticationBlockServlet extends AuthServlet {
resp.setHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL);
resp.addHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL_IE);
+ String pendingRequestID = null;
Map parameters;
try
@@ -152,6 +153,8 @@ public class VerifyAuthenticationBlockServlet extends AuthServlet {
// escape parameter strings
sessionID = StringEscapeUtils.escapeHtml(sessionID);
+ pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(sessionID);
+
String redirectURL = null;
try {
// check parameter
@@ -161,7 +164,7 @@ public class VerifyAuthenticationBlockServlet extends AuthServlet {
throw new WrongParametersException("VerifyAuthenticationBlock", PARAM_XMLRESPONSE, "auth.12");
AuthenticationSession session = AuthenticationServer.getSession(sessionID);
-
+
String samlArtifactBase64 = AuthenticationServer.getInstance().verifyAuthenticationBlock(session, createXMLSignatureResponse);
@@ -252,8 +255,9 @@ public class VerifyAuthenticationBlockServlet extends AuthServlet {
redirectURL = addURLParameter(redirectURL, PARAM_SAMLARTIFACT, URLEncoder.encode(samlArtifactBase64, "UTF-8"));
redirectURL = resp.encodeRedirectURL(redirectURL);*/
+
redirectURL = new DataURLBuilder().buildDataURL(session.getAuthURL(),
- ModulUtils.buildAuthURL(session.getModul(), session.getAction()), samlArtifactBase64);
+ ModulUtils.buildAuthURL(session.getModul(), session.getAction(), pendingRequestID), samlArtifactBase64);
} else {
redirectURL = new DataURLBuilder().buildDataURL(session.getAuthURL(), AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, session.getSessionID());
@@ -270,15 +274,15 @@ public class VerifyAuthenticationBlockServlet extends AuthServlet {
}
catch (MOAIDException ex) {
- handleError(null, ex, req, resp);
+ handleError(null, ex, req, resp, pendingRequestID);
} catch (GeneralSecurityException e) {
- handleError(null, e, req, resp);
+ handleError(null, e, req, resp, pendingRequestID);
} catch (PKIException e) {
- handleError(null, e, req, resp);
+ handleError(null, e, req, resp, pendingRequestID);
} catch (MISSimpleClientException e) {
- handleError(null, e, req, resp);
+ handleError(null, e, req, resp, pendingRequestID);
} catch (TransformerException e) {
- handleError(null, e, req, resp);
+ handleError(null, e, req, resp, pendingRequestID);
}
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyCertificateServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyCertificateServlet.java
index e07be8420..896bd0864 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyCertificateServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyCertificateServlet.java
@@ -106,6 +106,8 @@ public class VerifyCertificateServlet extends AuthServlet {
resp.setHeader(MOAIDAuthConstants.HEADER_PRAGMA,MOAIDAuthConstants.HEADER_VALUE_PRAGMA);
resp.setHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL);
resp.addHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL_IE);
+
+ String pendingRequestID = null;
Map parameters;
try
@@ -120,7 +122,9 @@ public class VerifyCertificateServlet extends AuthServlet {
// escape parameter strings
sessionID = StringEscapeUtils.escapeHtml(sessionID);
-
+
+ pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(sessionID);
+
AuthenticationSession session = null;
try {
// check parameter
@@ -177,7 +181,7 @@ public class VerifyCertificateServlet extends AuthServlet {
}
catch (MOAIDException ex) {
- handleError(null, ex, req, resp);
+ handleError(null, ex, req, resp, pendingRequestID);
}
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyIdentityLinkServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyIdentityLinkServlet.java
index 2f12c7ae6..c6310d8c0 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyIdentityLinkServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyIdentityLinkServlet.java
@@ -113,6 +113,8 @@ public class VerifyIdentityLinkServlet extends AuthServlet {
Logger.debug("POST VerifyIdentityLink");
Map parameters;
+ String pendingRequestID = null;
+
try
{
parameters = getParameters(req);
@@ -127,6 +129,8 @@ public class VerifyIdentityLinkServlet extends AuthServlet {
// escape parameter strings
sessionID = StringEscapeUtils.escapeHtml(sessionID);
+ pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(sessionID);
+
resp.setHeader(MOAIDAuthConstants.HEADER_EXPIRES,MOAIDAuthConstants.HEADER_VALUE_EXPIRES);
resp.setHeader(MOAIDAuthConstants.HEADER_PRAGMA,MOAIDAuthConstants.HEADER_VALUE_PRAGMA);
resp.setHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL);
@@ -175,7 +179,7 @@ public class VerifyIdentityLinkServlet extends AuthServlet {
}
catch(Exception e) {
- handleError(null, e, req, resp);
+ handleError(null, e, req, resp, pendingRequestID);
}
}
@@ -234,11 +238,11 @@ public class VerifyIdentityLinkServlet extends AuthServlet {
}
}
catch (ParseException ex) {
- handleError(null, ex, req, resp);
+ handleError(null, ex, req, resp, pendingRequestID);
}
catch (MOAIDException ex) {
- handleError(null, ex, req, resp);
+ handleError(null, ex, req, resp, pendingRequestID);
}
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
index e995a1c2e..e7b41e3c9 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
@@ -3,13 +3,20 @@ package at.gv.egovernment.moa.id.entrypoints;
import iaik.util.logging.Log;
import java.io.IOException;
+import java.util.ConcurrentModificationException;
+import java.util.HashMap;
import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+import java.util.concurrent.ConcurrentHashMap;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
+import javax.swing.ListModel;
import at.gv.egovernment.moa.id.AuthenticationException;
import at.gv.egovernment.moa.id.MOAIDException;
@@ -32,6 +39,7 @@ import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
import at.gv.egovernment.moa.id.storage.ExceptionStoreImpl;
import at.gv.egovernment.moa.id.util.HTTPSessionUtils;
import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
+import at.gv.egovernment.moa.id.util.Random;
import at.gv.egovernment.moa.id.util.legacy.LegacyHelper;
import at.gv.egovernment.moa.logging.Logger;
@@ -44,6 +52,7 @@ public class DispatcherServlet extends AuthServlet{
public static final String PARAM_TARGET_MODULE = "mod";
public static final String PARAM_TARGET_ACTION = "action";
+ public static final String PARAM_TARGET_PENDINGREQUESTID = "pendingid";
@Override
public void init(ServletConfig config) throws ServletException {
@@ -66,6 +75,8 @@ public class DispatcherServlet extends AuthServlet{
boolean isValidSSOSession = false;
boolean useSSOOA = false;
+ String protocolRequestID = null;
+
try {
Logger.info("REQUEST: " + req.getRequestURI());
@@ -76,30 +87,65 @@ public class DispatcherServlet extends AuthServlet{
Throwable throwable = ExceptionStoreImpl.getStore()
.fetchException(errorid);
ExceptionStoreImpl.getStore().removeException(errorid);
+
+ Object idObject = req.getParameter(PARAM_TARGET_PENDINGREQUESTID);
- if (throwable != null) {
+ Map<String, IRequest> errorRequests = RequestStorage.getPendingRequest(req.getSession());
+
+ String pendingRequestID = null;
+ if (idObject != null && (idObject instanceof String)) {
+ if (errorRequests.containsKey((String)idObject))
+ pendingRequestID = (String) idObject;
+ }
+
+ if (throwable != null) {
+ if (errorRequests != null) {
+
+ synchronized (errorRequests) {
+
+ IRequest errorRequest = null;
+ if (pendingRequestID != null) {
+ errorRequest = errorRequests.get(pendingRequestID);
+
+ //remove the
+ RequestStorage.removePendingRequest(errorRequests, pendingRequestID);
+ }
+ else {
+ if (errorRequests.size() > 1) {
+ handleErrorNoRedirect(throwable.getMessage(), throwable,
+ req, resp);
+
+ } else {
+ Set<String> keys = errorRequests.keySet();
+ errorRequest = errorRequests.get(keys.toArray()[0]);
+ RequestStorage.removeAllPendingRequests(req.getSession());
+ }
+
+ }
+
- IRequest errorRequest = RequestStorage
- .getPendingRequest(req.getSession());
-
- //remove the
- RequestStorage.removePendingRequest(req.getSession());
-
- if (errorRequest != null) {
- try {
- IModulInfo handlingModule = ModulStorage
- .getModuleByPath(errorRequest
- .requestedModule());
- if (handlingModule != null) {
- if (handlingModule.generateErrorMessage(
- throwable, req, resp, errorRequest)) {
- return;
+
+ if (errorRequest != null) {
+
+ try {
+ IModulInfo handlingModule = ModulStorage
+ .getModuleByPath(errorRequest
+ .requestedModule());
+ if (handlingModule != null) {
+ if (handlingModule.generateErrorMessage(
+ throwable, req, resp, errorRequest)) {
+ return;
+ }
}
+ } catch (Throwable e) {
+ Logger.error(e);
+ handleErrorNoRedirect(throwable.getMessage(),
+ throwable, req, resp);
}
- } catch (Throwable e) {
- Logger.error(e);
- handleErrorNoRedirect(throwable.getMessage(),
- throwable, req, resp);
+ }
+ else {
+ handleErrorNoRedirect(throwable.getMessage(), throwable,
+ req, resp);
}
}
handleErrorNoRedirect(throwable.getMessage(), throwable,
@@ -113,6 +159,7 @@ public class DispatcherServlet extends AuthServlet{
return;
}
+ }
Object moduleObject = req.getParameter(PARAM_TARGET_MODULE);
String module = null;
@@ -133,7 +180,7 @@ public class DispatcherServlet extends AuthServlet{
if (action == null) {
action = req.getParameter(PARAM_TARGET_ACTION);
}
-
+
Logger.debug("dispatching to " + module + " protocol " + action);
IModulInfo info = ModulStorage.getModuleByPath(module);
@@ -174,46 +221,103 @@ public class DispatcherServlet extends AuthServlet{
}
HttpSession httpSession = req.getSession();
+ Map<String, IRequest> protocolRequests = null;
IRequest protocolRequest = null;
+
try {
- protocolRequest = RequestStorage.getPendingRequest(httpSession);
-
- if (protocolRequest != null) {
- // check if pending request is same protocol and action
- if (!protocolRequest.requestedModule().equals(module)
- || !protocolRequest.requestedAction()
- .equals(action)
- || !info.validate(req, resp, protocolRequest)) {
- resp.sendError(HttpServletResponse.SC_CONFLICT);
- Logger.error("Different Request is pending in this session!");
+ protocolRequests = RequestStorage.getPendingRequest(httpSession);
+
+ Object idObject = req.getParameter(PARAM_TARGET_PENDINGREQUESTID);
+
+ if (protocolRequests != null &&
+ idObject != null && (idObject instanceof String)) {
+
+// synchronized (protocolRequests) {
+
+ protocolRequestID = (String) idObject;
+
+ //get IRequest if it exits
+ if (protocolRequests.containsKey(protocolRequestID)) {
+ protocolRequest = protocolRequests.get(protocolRequestID);
+
+ //RequestStorage.setPendingRequest(httpSession, protocolRequests);
+
+ } else {
+ resp.sendError(HttpServletResponse.SC_CONFLICT);
+ Logger.error("No PendingRequest with ID " + protocolRequestID + " found for this session!");
+ return;
+ }
+// }
+ } else {
+ try {
+ protocolRequest = info.preProcess(req, resp, action);
+
+ if (protocolRequest != null) {
+
+ if(protocolRequests != null) {
+
+// synchronized (protocolRequests) {
+// synchronized (protocolRequest) {
+ Set<String> mapkeys = protocolRequests.keySet();
+ for (String el : mapkeys) {
+ IRequest value = protocolRequests.get(el);
+
+ if (value.getOAURL().equals(protocolRequest.getOAURL())) {
+
+ if(!AuthenticationSessionStoreage.deleteSessionWithPendingRequestID(el)) {
+ Logger.warn("NO MOASession with PendingRequestID " + el + " found. Delete all user sessions!");
+ RequestStorage.removeAllPendingRequests(req.getSession());
+
+ } else {
+
+
+ RequestStorage.removePendingRequest(protocolRequests, el);
+ }
+ }
+ }
+// }
+// }
+
+ } else {
+ protocolRequests = new ConcurrentHashMap<String, IRequest>();
+ }
+
+ synchronized (protocolRequest) {
+ synchronized (protocolRequests) {
+
+ //Start new Authentication
+ protocolRequest.setAction(action);
+ protocolRequest.setModule(module);
+ protocolRequestID = Random.nextRandom();
+ protocolRequest.setRequestID(protocolRequestID);
+ protocolRequests.put(protocolRequestID, protocolRequest);
+ }
+ }
+ }
+ } catch (MOAIDException e) {
+ resp.sendError(HttpServletResponse.SC_BAD_REQUEST);
+ Logger.error("Failed to generate a valid protocol request!");
return;
}
- }
-
- if (protocolRequest == null) {
- protocolRequest = info.preProcess(req, resp, action);
- if (protocolRequest != null) {
- protocolRequest.setAction(action);
- protocolRequest.setModule(module);
+
+ if (protocolRequest == null) {
+ resp.sendError(HttpServletResponse.SC_BAD_REQUEST);
+ Logger.error("Failed to generate a valid protocol request!");
+ return;
}
}
+
+
- if (protocolRequest == null) {
- resp.sendError(HttpServletResponse.SC_BAD_REQUEST);
- Logger.error("Failed to generate a valid protocol request!");
- return;
- }
-
+
//load Parameters from OnlineApplicationConfiguration
OAAuthParameter oaParam = AuthConfigurationProvider.getInstance()
.getOnlineApplicationParameter(protocolRequest.getOAURL());
if (oaParam == null) {
- //TODO: Find a better place for this!!
- //req.getSession().invalidate();
throw new AuthenticationException("auth.00", new Object[] { protocolRequest.getOAURL() });
}
-
- RequestStorage.setPendingRequest(httpSession, protocolRequest);
+
+ RequestStorage.setPendingRequest(httpSession, protocolRequests);
AuthenticationManager authmanager = AuthenticationManager.getInstance();
@@ -296,6 +400,8 @@ public class DispatcherServlet extends AuthServlet{
}
}
else {
+
+ //TODO: maybe transmit moasessionID with http GET to handle more then one PendingRequest!
moasessionID = HTTPSessionUtils.getHTTPSessionString(req.getSession(),
AuthenticationManager.MOA_SESSION, null);
moasession = AuthenticationSessionStoreage.getSession(moasessionID);
@@ -319,7 +425,7 @@ public class DispatcherServlet extends AuthServlet{
moduleAction.processRequest(protocolRequest, req, resp, moasession);
- RequestStorage.removePendingRequest(httpSession);
+ RequestStorage.removePendingRequest(protocolRequests, protocolRequestID);
boolean isSSOSession = AuthenticationSessionStoreage.isSSOSession(moasessionID);
@@ -331,7 +437,7 @@ public class DispatcherServlet extends AuthServlet{
authmanager.logout(req, resp, moasessionID);
}
- ConfigurationDBUtils.closeSession();
+// ConfigurationDBUtils.closeSession();
//authmanager.logout(req, resp);
@@ -345,7 +451,7 @@ public class DispatcherServlet extends AuthServlet{
} catch (WrongParametersException ex) {
handleWrongParameters(ex, req, resp);
} catch (MOAIDException ex) {
- handleError(null, ex, req, resp);
+ handleError(null, ex, req, resp, protocolRequestID);
} catch (Throwable e) {
e.printStackTrace();
resp.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
index b6742fb9e..b9f0b2144 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
@@ -177,7 +177,7 @@ public class AuthenticationManager extends AuthServlet {
}
authSession.setAuthenticated(false);
- HTTPSessionUtils.setHTTPSessionString(session, MOA_SESSION, null); // remove moa session from HTTP Session
+ //HTTPSessionUtils.setHTTPSessionString(session, MOA_SESSION, null); // remove moa session from HTTP Session
AuthenticationSessionStoreage.destroySession(moaSessionID);
@@ -230,7 +230,7 @@ public class AuthenticationManager extends AuthServlet {
//parse request parameter into MOASession
- StartAuthentificationParameterParser.parse(request, response, moasession);
+ StartAuthentificationParameterParser.parse(request, response, moasession, target);
Logger.info("Start Authentication Module: " + moasession.getModul()
+ " Action: " + moasession.getAction());
@@ -245,7 +245,7 @@ public class AuthenticationManager extends AuthServlet {
//store MOASession
try {
- AuthenticationSessionStoreage.storeSession(moasession);
+ AuthenticationSessionStoreage.storeSession(moasession, target.getRequestID());
} catch (MOADatabaseException e) {
Logger.error("Database Error! MOASession is not stored!");
throw new MOAIDException("init.04", new Object[] {
@@ -284,11 +284,11 @@ public class AuthenticationManager extends AuthServlet {
String loginForm = LoginFormBuilder.buildLoginForm(target.requestedModule(),
- target.requestedAction(), oaParam.getFriendlyName(), request.getContextPath(), oaParam.useIFrame());
+ target.requestedAction(), oaParam.getFriendlyName(), request.getContextPath(), oaParam.useIFrame(), moasession.getSessionID());
//store MOASession
try {
- AuthenticationSessionStoreage.storeSession(moasession);
+ AuthenticationSessionStoreage.storeSession(moasession, target.getRequestID());
} catch (MOADatabaseException e) {
Logger.error("Database Error! MOASession is not stored!");
throw new MOAIDException("init.04", new Object[] {
@@ -310,7 +310,7 @@ public class AuthenticationManager extends AuthServlet {
throws ServletException, IOException, MOAIDException {
String form = SendAssertionFormBuilder.buildForm(target.requestedModule(),
- target.requestedAction(), oaParam.getFriendlyName(), request.getContextPath(), oaParam.useIFrame());
+ target.requestedAction(), target.getRequestID(), oaParam.getFriendlyName(), request.getContextPath(), oaParam.useIFrame());
response.setContentType("text/html;charset=UTF-8");
PrintWriter out = new PrintWriter(response.getOutputStream());
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/IRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/IRequest.java
index f63b0049f..824b210cf 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/IRequest.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/IRequest.java
@@ -10,6 +10,8 @@ public interface IRequest {
public void setModule(String module);
public void setAction(String action);
public String getTarget();
+ public void setRequestID(String id);
+ public String getRequestID();
//public void setTarget();
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/ModulUtils.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/ModulUtils.java
index 9ce835c7e..b07695938 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/ModulUtils.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/ModulUtils.java
@@ -8,15 +8,17 @@ public class ModulUtils {
public static final String UNAUTHDISPATCHER = "dispatcher";
public static final String AUTHDISPATCHER = "dispatcher";
- public static String buildUnauthURL(String modul, String action) {
+ public static String buildUnauthURL(String modul, String action, String pendingRequestID) {
return UNAUTHDISPATCHER + "?" +
DispatcherServlet.PARAM_TARGET_MODULE + "=" + modul + "&" +
- DispatcherServlet.PARAM_TARGET_ACTION + "=" + action;
+ DispatcherServlet.PARAM_TARGET_ACTION + "=" + action + "&" +
+ DispatcherServlet.PARAM_TARGET_PENDINGREQUESTID + "=" + pendingRequestID;
}
- public static String buildAuthURL(String modul, String action) {
+ public static String buildAuthURL(String modul, String action, String pendingRequestID) {
return AUTHDISPATCHER +
"?" + DispatcherServlet.PARAM_TARGET_MODULE + "=" + modul + "&" +
- DispatcherServlet.PARAM_TARGET_ACTION + "=" + action;
+ DispatcherServlet.PARAM_TARGET_ACTION + "=" + action + "&" +
+ DispatcherServlet.PARAM_TARGET_PENDINGREQUESTID + "=" + pendingRequestID;
}
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestImpl.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestImpl.java
index 29f9ff69b..420f11622 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestImpl.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestImpl.java
@@ -9,6 +9,7 @@ public class RequestImpl implements IRequest {
private String module = null;
private String action = null;
private String target = null;
+ private String requestID;
public void setOAURL(String value) {
@@ -66,4 +67,13 @@ public class RequestImpl implements IRequest {
public void setTarget(String target) {
this.target = target;
}
+
+ public void setRequestID(String id) {
+ this.requestID = id;
+
+ }
+
+ public String getRequestID() {
+ return requestID;
+ }
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestStorage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestStorage.java
index 4e7d8d2ed..35481a0a1 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestStorage.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestStorage.java
@@ -1,28 +1,65 @@
package at.gv.egovernment.moa.id.moduls;
+import java.util.List;
+import java.util.Map;
+
import javax.servlet.http.HttpSession;
+import at.gv.egovernment.moa.logging.Logger;
+
public class RequestStorage {
private static final String PENDING_REQUEST = "PENDING_REQUEST";
- public static IRequest getPendingRequest(HttpSession session) {
- Object obj = session.getAttribute(PENDING_REQUEST);
- if (obj != null) {
- if (obj instanceof IRequest) {
- return (IRequest) obj;
- } else {
+ public static Map<String,IRequest> getPendingRequest(HttpSession session) {
+
+
+ Object obj = session.getAttribute(PENDING_REQUEST);
+ if (obj != null) {
+ synchronized (obj) {
+ if (obj instanceof Map<?,?>) {
+ if (((Map<?,?>) obj).size() > 0) {
+ if ( ((Map<?,?>) obj).keySet().toArray()[0] instanceof String) {
+ if (((Map<?,?>) obj).get(((Map<?,?>) obj).keySet().toArray()[0])
+ instanceof IRequest) {
+ return (Map<String, IRequest>) obj;
+
+
+
+ }
+ }
+ }
+ }
+ }
session.setAttribute(PENDING_REQUEST, null);
}
- }
- return null;
+ return null;
}
- public static void setPendingRequest(HttpSession session, IRequest request) {
+ public static void setPendingRequest(HttpSession session, Map<String, IRequest> request) {
session.setAttribute(PENDING_REQUEST, request);
}
- public static void removePendingRequest(HttpSession session) {
+ public static void removeAllPendingRequests(HttpSession session) {
session.setAttribute(PENDING_REQUEST, null);
}
+
+ public static void removePendingRequest(Map<String, IRequest> requestmap, String requestID) {
+
+ if (requestmap != null && requestID != null) {
+
+ synchronized (requestmap) {
+
+ //Map<String, IRequest> requestmap = getPendingRequest(session);
+
+ if (requestmap.containsKey(requestID)) {
+ requestmap.remove(requestID);
+ Logger.debug("Remove PendingRequest with ID " + requestID);
+
+ }
+
+ //setPendingRequest(session, requestmap);
+ }
+ }
+ }
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java
index da5556b30..1f71bf8bf 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java
@@ -107,11 +107,33 @@ public class AuthenticationSessionStoreage {
} catch (MOADatabaseException e) {
Logger.warn("MOASession could not be stored.");
throw new MOADatabaseException(e);
- }
-
+ }
+ }
+
+ public static void storeSession(AuthenticationSession session, String pendingRequestID) throws MOADatabaseException, BuildException {
+ try {
+ AuthenticatedSessionStore dbsession = searchInDatabase(session.getSessionID());
+ dbsession.setPendingRequestID(pendingRequestID);
+
+ dbsession.setAuthenticated(session.isAuthenticated());
+ byte[] serialized = SerializationUtils.serialize(session);
+
+ dbsession.setSession(SessionEncrytionUtil.encrypt(serialized));
+
+ //set Timestamp in this state, because automated timestamp generation is buggy in Hibernate 4.2.1
+ dbsession.setUpdated(new Date());
+
+ MOASessionDBUtils.saveOrUpdate(dbsession);
+ Log.info("MOASession with sessionID=" + session.getSessionID() + " is stored in Database");
+
+ } catch (MOADatabaseException e) {
+ Logger.warn("MOASession could not be stored.");
+ throw new MOADatabaseException(e);
+ }
}
+
public static void destroySession(String moaSessionID) throws MOADatabaseException {
Session session = MOASessionDBUtils.getCurrentSession();
@@ -236,6 +258,7 @@ public class AuthenticationSessionStoreage {
dbsession.setSSOSession(true);
dbsession.setSSOsessionid(SSOSessionID);
dbsession.setAuthenticated(false);
+ dbsession.setPendingRequestID("");
//Store MOASession
session.saveOrUpdate(dbsession);
@@ -365,7 +388,51 @@ public class AuthenticationSessionStoreage {
}
}
+
+ public static boolean deleteSessionWithPendingRequestID(String id) {
+ MiscUtil.assertNotNull(id, "PendingRequestID");
+ Logger.trace("Delete MOAsession with PendingRequestID " + id + " from database.");
+ Session session = MOASessionDBUtils.getCurrentSession();
+
+ List<AuthenticatedSessionStore> result;
+
+ synchronized (session) {
+ session.beginTransaction();
+ Query query = session.getNamedQuery("getSessionWithPendingRequestID");
+ query.setString("sessionid", id);
+ result = query.list();
+
+ //send transaction
+ session.getTransaction().commit();
+ }
+
+ Logger.trace("Found entries: " + result.size());
+
+ //Assertion requires an unique artifact
+ if (result.size() != 1) {
+ Logger.trace("No entries found.");
+ return false;
+
+ } else {
+ MOASessionDBUtils.delete(result.get(0));
+ return true;
+ }
+
+ }
+
+ public static String getPendingRequestID(String sessionID) {
+ try {
+ AuthenticatedSessionStore dbsession = searchInDatabase(sessionID);
+ return dbsession.getPendingRequestID();
+
+ } catch (MOADatabaseException e) {
+ Logger.warn("MOASession with ID " + sessionID + " not found");
+ return "";
+ }
+
+ }
+
public static void clean(long now, long authDataTimeOutCreated, long authDataTimeOutUpdated) {
Date expioredatecreate = new Date(now - authDataTimeOutCreated);
Date expioredateupdate = new Date(now - authDataTimeOutUpdated);
diff --git a/id/server/idserverlib/src/main/resources/resources/templates/loginFormFull.html b/id/server/idserverlib/src/main/resources/resources/templates/loginFormFull.html
deleted file mode 100644
index 1228ba90e..000000000
--- a/id/server/idserverlib/src/main/resources/resources/templates/loginFormFull.html
+++ /dev/null
@@ -1,315 +0,0 @@
-<html>
-<head>
- <meta content="text/html; charset=utf-8" http-equiv="Content-Type">
- <meta content="text/css" http-equiv="Content-Style-Type">
- <link rel="stylesheet" type="text/css" href="#CONTEXTPATH#/css/index.css">
- <link type="text/css" rel="stylesheet" href="#CONTEXTPATH#/css/2.0/stammzahl.css">
- <link type="text/css" rel="stylesheet" href="#CONTEXTPATH#/css/2.0/stylesnew.css">
- <link type="text/css" rel="stylesheet" href="#CONTEXTPATH#/css/2.0/stylesinput.css">
-
- <script type="text/javascript">
- function isIE() {
- return (/MSIE (\d+\.\d+);/.test(navigator.userAgent));
- }
-
- function isFullscreen() {
- try {
- return ((top.innerWidth == screen.width) && (top.innerHeight == screen.height));
- } catch (e) {
- return false;
- }
- }
-
- function isActivexEnabled() {
- var supported = null;
- try {
- supported = !!new ActiveXObject("htmlfile");
- } catch (e) {
- supported = false;
- }
- return supported;
- }
-
- function isMetro() {
- if (!isIE())
- return false;
- return !isActivexEnabled() && isFullscreen();
- }
-
- window.onload=function() {
- document.getElementById("localBKU").style.display="none";
- return;
- }
-
- function bkuOnlineClicked() {
- if (isMetro())
- document.getElementById("metroDetected").style.display="block";
- document.getElementById("localBKU").style.display="block";
-
-/* if (checkMandateSSO())
- return; */
-
- setMandateSelection();
-/* setSSOSelection(); */
-
- var iFrameURL = "#AUTH_URL#" + "?";
- iFrameURL += "bkuURI=" + "#ONLINE#";
- iFrameURL += "&useMandate=" + document.getElementById("useMandate").value;
-/* iFrameURL += "&SSO=" + document.getElementById("useSSO").value; */
- iFrameURL += "&MODUL=" + "#MODUL#";
- iFrameURL += "&ACTION=" + "#ACTION#";
-
- generateIFrame(iFrameURL);
- }
-
- function bkuHandyClicked() {
- document.getElementById("localBKU").style.display="none";
-
-/* if (checkMandateSSO())
- return; */
-
- setMandateSelection();
-/* setSSOSelection(); */
-
- var iFrameURL = "#AUTH_URL#" + "?";
- iFrameURL += "bkuURI=" + "#HANDY#";
- iFrameURL += "&useMandate=" + document.getElementById("useMandate").value;
-/* iFrameURL += "&SSO=" + document.getElementById("useSSO").value; */
- iFrameURL += "&MODUL=" + "#MODUL#";
- iFrameURL += "&ACTION=" + "#ACTION#";
-
- generateIFrame(iFrameURL);
- }
-
- function storkClicked() {
- document.getElementById("localBKU").style.display="none";
-
-/* if (checkMandateSSO())
- return; */
-
- setMandateSelection();
-/* setSSOSelection(); */
-
- var ccc = "AT";
- var countrySelection = document.getElementById("cccSelection");
-
- if (countrySelection != null) {
- ccc = document.getElementById("cccSelection").value;
- }
-
- var iFrameURL = "#AUTH_URL#" + "?";
- iFrameURL += "bkuURI=" + "#ONLINE#";
- iFrameURL += "&useMandate=" + document.getElementById("useMandate").value;
- iFrameURL += "&CCC=" + ccc;
-/* iFrameURL += "&SSO=" + document.getElementById("useSSO").value; */
- iFrameURL += "&MODUL=" + "#MODUL#";
- iFrameURL += "&ACTION=" + "#ACTION#";
-
- generateIFrame(iFrameURL);
- }
-
- function generateIFrame(iFrameURL) {
- var el = document.getElementById("bkulogin");
- var parent = el.parentNode;
-
- var iframe = document.createElement("iframe");
- iframe.setAttribute("src", iFrameURL);
- iframe.setAttribute("width", "220");
- iframe.setAttribute("height", "165");
- iframe.setAttribute("frameborder", "0");
- iframe.setAttribute("scrolling", "no");
- iframe.setAttribute("title", "Login");
-
- parent.replaceChild(iframe, el);
- }
-
- function setMandateSelection() {
- document.getElementById("moaidform").action = "#AUTH_URL#";
-
- document.getElementById("useMandate").value = "false";
- var checkbox = document.getElementById("mandateCheckBox");
- if (checkbox != null) {
- if (document.getElementById("mandateCheckBox").checked) {
- document.getElementById("useMandate").value = "true";
- }
- }
- }
-
-/* function setSSOSelection() {
- document.getElementById("useSSO").value = "false";
- var checkbox = document.getElementById("SSOCheckBox");
- if (checkbox != null) {
- if (document.getElementById("SSOCheckBox").checked) {
- document.getElementById("useSSO").value = "true";
- }
- }
- } */
-
-/* function checkMandateSSO() {
- var sso = document.getElementById("SSOCheckBox");
- var mandate = document.getElementById("mandateCheckBox");
-
-
- if (sso.checked && mandate.checked) {
- alert("Anmeldung in Vertretung in kombination mit Single Sign-On wird aktuell noch nicht unterstützt!")
- mandate.checked = false;
- sso.checked = false;
- return true;
- } else {
- return false;
- }
- } */
- </script>
-</head>
-
-
-<body>
- <div class="pageWidth">
-
- <div id="pagebase">
- <div id="page">
-
- <div id="header" class="header clearfix">
- <h1 class="main_header">MOA-ID 2.0 - Login Preview</h1>
-
-<!-- <ul id="servicenav">
- <li><a href="http://www.dsk.gv.at">Datenschutzkommission<span class="hidden">.</span></a></li>
- <li><a href="http://www.stammzahlenregister.gv.at/site/5109/default.aspx">Stammzahlenregister<span class="hidden">.</span></a></li>
- <li><a href="http://www.dsk.gv.at/DesktopDefault.aspx?alias=dvr">Datenverarbeitungsregister<span class="hidden">.</span></a></li>
- <li><a href="http://www.dsk.gv.at/DesktopDefault.aspx?alias=dsken" lang="en" class="last-item">English<span class="hidden">.</span></a></li>
- </ul> -->
-
- <div id="mainnavjump"></div>
- <p id="homelink"><img src="#CONTEXTPATH#/img/2.0/logo.png" style="width: 250px" alt="EGIZ"></p>
- <ul id="mainnav" class="clearfix">
-<!-- <li><a href="http://www2.egiz.gv.at">Home<span class="hidden">.</span></a></li> -->
-<!-- <li><a href="http://www.stammzahlenregister.gv.at/site/5970/default.aspx">bPK<span class="hidden">.</span></a></li>
- <li><a href="http://www.stammzahlenregister.gv.at/site/5981/default.aspx">Ergänzungsregister<span class="hidden">.</span></a></li>
- <li class="selected"><a href="http://www.stammzahlenregister.gv.at/site/5983/default.aspx" class="current">Vollmachten<span class="hidden"> (gew&auml;hlt)</span><span class="hidden">.</span></a></li>
- <li><a href="http://www.stammzahlenregister.gv.at/site/6001/default.aspx">Veröffentlichungen<span class="hidden">.</span></a></li> -->
- </ul>
-
- </div>
-
-
- <br class="clearAll">
-
- <div id="viewcontrol" class="switch">
- <div id="page1" class="case selected-case">
- <div style="margin-left: 0px;">
-
- <h2 class="OA_header">Anmeldung an: #OAName#</h2>
-
- <div id="main">
- <div id="leftcontent">
- <h2 id="tabheader" class="dunkel">
- Login mit Bürgerkarte
- </h2>
- <div id="bkulogin" class="hell">
-
- <div id="mandateLogin" style="margin-top: 10px; margin-bottom: 10px">
- <table style="margin-left: auto; margin-right: auto;">
- <tr>
- <td><input tabindex="1" type="checkbox" name="Mandate"
- style="vertical-align: middle; margin-right: 5px"
- id="mandateCheckBox"></td>
- <td><label for="mandateCheckBox">in Vertretung anmelden</label></td>
- <td><a href="info_mandates.html" target="_blank"
- class="infobutton" style="margin-left: 5px" tabindex="5">i</a></td>
- </tr>
-<!-- <tr>
- <td><input tabindex="1" type="checkbox" name="SSO"
- style="vertical-align: middle; margin-right: 5px"
- id="SSOCheckBox"></td>
- <td><label for="SSOCheckBox">Single Sign-On</label></td>
- <td></td>
- </tr> -->
- </table>
- </div>
-
- <div id="bkukarte" class="hell">
- <button name="bkuButton" type="button" onClick="bkuOnlineClicked();">KARTE</button>
- </div>
-
- <div id="bkuhandy" class="hell">
- <button name="bkuButton" type="button" onClick="bkuHandyClicked();">HANDY</button>
- </div>
-
- <!-- <div id="mandate">
- <input type="checkbox" name="Mandate" style="vertical-align: middle; margin-right: 5px;" id="mandateCheckBox">
- <label>in Vertretung anmelden</label>
- <a href="info_mandates.html" target="_blank" class="infobutton" style="color:#FFF">i</a>
- </div> -->
-
- <div id="stork" class="hell" align="center">
- <div id="leftcontent" style="margin-bottom:10px">
- <h2 id="tabheader" class="dunkel">
- Home Country Selection
- </h2>
- </div>
- <p>
- <select name="cccSelection" id="cccSelection" size="1" style="width: 120px; margin-right: 5px;" >
- <option value="BE">Belgi&euml;/Belgique</option>
- <option value="EE">Eesti</option>
- <option value="ES">Espa&ntilde;a</option>
- <option value="IS">&Iacute;sland</option>
- <option value="IT">Italia</option>
- <option value="LI">Liechtenstein</option>
- <option value="LT">Lithuania</option>
- <option value="PT">Portugal</option>
- <option value="SI">Slovenija</option>
- <option value="FI">Suomi</option>
- <option value="SE">Sverige</option>
- </select>
- <button name="bkuButton" type="button" onClick="storkClicked();">Send</button>
- <a href="info_stork.html" target="_blank" class="infobutton" style="color:#FFF">i</a>
- </p>
- </div>
- </div>
-
- <div id="metroDetected" style="display:none" class="hell">
- <p>
- Anscheinend verwenden Sie Internet Explorer im Metro-Modus. Wählen Sie bitte "Auf dem Desktop anzeigen" aus den Optionen um die Karten-Anmeldung starten zu können.
- </p>
- </div>
-
- <div id="localBKU" style="display:none" class="hell">
- <hr>
- <form method="get" id="moaidform">
- <input type="hidden" name="bkuURI" value="#LOCAL#">
- <input type="hidden" name="useMandate" id="useMandate">
-<!-- <input type="hidden" name="SSO" id="useSSO"> -->
- <input type="hidden" name="CCC" id="ccc">
- <input type="hidden" name="MODUL" value="#MODUL#">
- <input type="hidden" name="ACTION" value="#ACTION#">
- <input type="submit" size="400" value="lokale BKU" class="sendButton">
- </form>
- <p>
- <small>Alternativ können Sie eine lokal installierte BKU verwenden.</small>
- </p>
- </div>
- </div>
- </div>
- </div>
- </div>
- </div>
-
- <br style="clear: both">
- <div id="footer" class="clearfix">
-
-<!-- <h2 class="hidden">&Uuml;ber die Website der Stammzahlenregisterbeh&ouml;rde</h2>
- <ul>
- <li><a href="http://www.stammzahlenregister.gv.at/site/5115/Default.aspx" class="first-item">Impressum<span class="hidden">.</span></a></li>
- <li><a href="http://www.stammzahlenregister.gv.at/site/6004/Default.aspx" lang="en">Sitemap<span class="hidden">.</span></a></li>
-
- <li><a href="http://www.stammzahlenregister.gv.at/site/5122/Default.aspx">Kontakt<span class="hidden">.</span></a></li>
- <li><a href="http://www.stammzahlenregister.gv.at/site/6005/Default.aspx">Hilfe<span class="hidden">.</span></a></li>
- </ul> -->
- </div>
-
-
- </div>
- </div>
- </div>
-</body>
-</html>
diff --git a/id/server/idserverlib/src/main/resources/resources/templates/loginFormIFrame.html b/id/server/idserverlib/src/main/resources/resources/templates/loginFormIFrame.html
deleted file mode 100644
index 3d39f9233..000000000
--- a/id/server/idserverlib/src/main/resources/resources/templates/loginFormIFrame.html
+++ /dev/null
@@ -1,260 +0,0 @@
-<html>
-<head>
- <meta content="text/html; charset=utf-8" http-equiv="Content-Type">
- <meta content="text/css" http-equiv="Content-Style-Type">
- <link rel="stylesheet" type="text/css" href="#CONTEXTPATH#/css/index.css">
-
- <script type="text/javascript">
- function isIE() {
- return (/MSIE (\d+\.\d+);/.test(navigator.userAgent));
- }
-
- function isFullscreen() {
- try {
- return ((top.innerWidth == screen.width) && (top.innerHeight == screen.height));
- } catch (e) {
- return false;
- }
- }
-
- function isActivexEnabled() {
- var supported = null;
- try {
- supported = !!new ActiveXObject("htmlfile");
- } catch (e) {
- supported = false;
- }
- return supported;
- }
-
- function isMetro() {
- if (!isIE())
- return false;
- return !isActivexEnabled() && isFullscreen();
- }
-
- window.onload=function() {
- document.getElementById("localBKU").style.display="block";
- return;
- }
-
- function bkuLocalClicked() {
- if (isMetro())
- document.getElementById("metroDetected").style.display="block";
-
-/* if (checkMandateSSO())
- return; */
-
- setMandateSelection();
-/* setSSOSelection(); */
-
- document.getElementById("moaidform").submit();
- }
-
- function bkuOnlineClicked() {
- if (isMetro())
- document.getElementById("metroDetected").style.display="block";
-
-/* if (checkMandateSSO())
- return; */
-
- setMandateSelection();
-/* setSSOSelection(); */
-
- var iFrameURL = "#AUTH_URL#" + "?";
- iFrameURL += "bkuURI=" + "#ONLINE#";
- iFrameURL += "&useMandate=" + document.getElementById("useMandate").value;
- iFrameURL += "&SSO=" + document.getElementById("useSSO").value;
- iFrameURL += "&MODUL=" + "#MODUL#";
- iFrameURL += "&ACTION=" + "#ACTION#";
-
- generateIFrame(iFrameURL);
- }
-
- function bkuHandyClicked() {
- document.getElementById("localBKU").style.display="none";
-
-/* if (checkMandateSSO())
- return; */
-
- setMandateSelection();
-/* setSSOSelection(); */
-
- var iFrameURL = "#AUTH_URL#" + "?";
- iFrameURL += "bkuURI=" + "#HANDY#";
- iFrameURL += "&useMandate=" + document.getElementById("useMandate").value;
- iFrameURL += "&SSO=" + document.getElementById("useSSO").value;
- iFrameURL += "&MODUL=" + "#MODUL#";
- iFrameURL += "&ACTION=" + "#ACTION#";
-
- generateIFrame(iFrameURL);
- }
-
- function storkClicked() {
- document.getElementById("localBKU").style.display="none";
-
-/* if (checkMandateSSO())
- return; */
-
- setMandateSelection();
-/* setSSOSelection(); */
-
- var ccc = "AT";
- var countrySelection = document.getElementById("cccSelection");
-
- if (countrySelection != null) {
- ccc = document.getElementById("cccSelection").value;
- }
-
- var iFrameURL = "#AUTH_URL#" + "?";
- iFrameURL += "bkuURI=" + "#ONLINE#";
- iFrameURL += "&useMandate=" + document.getElementById("useMandate").value;
- iFrameURL += "&CCC=" + ccc;
- iFrameURL += "&SSO=" + document.getElementById("useSSO").value;
- iFrameURL += "&MODUL=" + "#MODUL#";
- iFrameURL += "&ACTION=" + "#ACTION#";
-
- generateIFrame(iFrameURL);
- }
-
- function generateIFrame(iFrameURL) {
- var el = document.getElementById("bkulogin");
- var parent = el.parentNode;
-
- var iframe = document.createElement("iframe");
- iframe.setAttribute("src", iFrameURL);
- iframe.setAttribute("width", "220");
- iframe.setAttribute("height", "165");
- iframe.setAttribute("frameborder", "0");
- iframe.setAttribute("scrolling", "no");
- iframe.setAttribute("title", "Login");
-
- parent.replaceChild(iframe, el);
-
-/* document.location.href=iFrameURL; */
- }
-
- function setMandateSelection() {
- document.getElementById("useMandate").value = "false";
- var checkbox = document.getElementById("mandateCheckBox");
- if (checkbox != null) {
- if (document.getElementById("mandateCheckBox").checked) {
- document.getElementById("useMandate").value = "true";
- }
- }
- }
-
-/* function setSSOSelection() {
- document.getElementById("useSSO").value = "false";
- var checkbox = document.getElementById("SSOCheckBox");
- if (checkbox != null) {
- if (document.getElementById("SSOCheckBox").checked) {
- document.getElementById("useSSO").value = "true";
- }
- }
- }
-
- function checkMandateSSO() {
- var sso = document.getElementById("SSOCheckBox");
- var mandate = document.getElementById("mandateCheckBox");
-
-
- if (sso.checked && mandate.checked) {
- alert("Anmeldung in Vertretung in kombination mit Single Sign-On wird aktuell noch nicht unterstützt!")
- mandate.checked = false;
- sso.checked = false;
- return true;
- } else {
- return false;
- }
- } */
- </script>
-</head>
-
-
-<body>
- <div id="leftcontent">
- <h2 id="tabheader" class="dunkel">
- Login mit Bürgerkarte
- </h2>
- <div id="bkulogin" class="hell">
-
- <div id="mandateLogin" style="margin-top: 10px; margin-bottom: 10px">
- <table style="margin-left: auto; margin-right: auto;">
- <tr>
- <td><input tabindex="1" type="checkbox" name="Mandate"
- style="vertical-align: middle; margin-right: 5px"
- id="mandateCheckBox"></td>
- <td><label for="mandateCheckBox">in Vertretung anmelden</label></td>
- <td><a href="info_mandates.html" target="_blank"
- class="infobutton" style="margin-left: 5px" tabindex="5">i</a></td>
- </tr>
-<!-- <tr>
- <td><input tabindex="1" type="checkbox" name="SSO"
- style="vertical-align: middle; margin-right: 5px"
- id="SSOCheckBox"></td>
- <td><label for="SSOCheckBox">Single Sign-On</label></td>
- <td></td>
- </tr> -->
- </table>
- </div>
-
- <div id="bkukarte" class="hell">
- <button name="bkuButton" type="button" onClick="bkuOnlineClicked();">KARTE</button>
- </div>
-
- <div id="bkuhandy" class="hell">
- <button name="bkuButton" type="button" onClick="bkuHandyClicked();">HANDY</button>
- </div>
-
- <div id="localBKU" style="display:none" class="hell">
- <hr>
- <form method="get" id="moaidform" action="#AUTH_URL#">
- <input type="hidden" name="bkuURI" value="#LOCAL#">
- <input type="hidden" name="useMandate" id="useMandate">
- <input type="hidden" name="SSO" id="useSSO">
- <input type="hidden" name="CCC" id="ccc">
- <input type="hidden" name="MODUL" value="#MODUL#">
- <input type="hidden" name="ACTION" value="#ACTION#">
- <input type="submit" size="400" value="lokale BKU" class="sendButton" style="margin-top: 5px;">
- </form>
- <p style="margin-bottom: 0px; margin-top: 3px;">
- <small>Alternativ können Sie eine lokal installierte BKU verwenden.</small>
- </p>
- </div>
-
- <div id="stork" class="hell" align="center">
- <div id="leftcontent" style="margin-bottom:10px">
- <h2 id="tabheader" class="dunkel">
- Home Country Selection
- </h2>
- </div>
- <p>
- <select name="cccSelection" id="cccSelection" size="1" style="width: 120px; margin-right: 5px;" >
- <option value="BE">Belgi&euml;/Belgique</option>
- <option value="EE">Eesti</option>
- <option value="ES">Espa&ntilde;a</option>
- <option value="IS">&Iacute;sland</option>
- <option value="IT">Italia</option>
- <option value="LI">Liechtenstein</option>
- <option value="LT">Lithuania</option>
- <option value="PT">Portugal</option>
- <option value="SI">Slovenija</option>
- <option value="FI">Suomi</option>
- <option value="SE">Sverige</option>
- </select>
- <button name="bkuButton" type="button" onClick="storkClicked();">Send</button>
- <a href="info_stork.html" target="_blank" class="infobutton" style="color:#FFF">i</a>
- </p>
- </div>
- </div>
-
- <div id="metroDetected" style="display:none" class="hell">
- <p>
- Anscheinend verwenden Sie Internet Explorer im Metro-Modus. Wählen Sie bitte "Auf dem Desktop anzeigen" aus den Optionen um die Karten-Anmeldung starten zu können.
- </p>
- </div>
-
- </div>
-</body>
-</html>
diff --git a/id/server/idserverlib/src/main/resources/resources/templates/sendAssertionFormFull.html b/id/server/idserverlib/src/main/resources/resources/templates/sendAssertionFormFull.html
index c4b7196b1..f4377ace4 100644
--- a/id/server/idserverlib/src/main/resources/resources/templates/sendAssertionFormFull.html
+++ b/id/server/idserverlib/src/main/resources/resources/templates/sendAssertionFormFull.html
@@ -65,6 +65,7 @@
<input type="hidden" name="value" value="true">
<input type="hidden" name="mod" value="#MODUL#">
<input type="hidden" name="action" value="#ACTION#">
+ <input type="hidden" name="identifier" value="#ID#">
<input type="submit" size="400" value="Ja" class="setAssertionButton_full">
</form>
</div>
@@ -73,6 +74,7 @@
<input type="hidden" name="value" value="false">
<input type="hidden" name="mod" value="#MODUL#">
<input type="hidden" name="action" value="#ACTION#">
+ <input type="hidden" name="identifier" value="#ID#">
<input type="submit" size="400" value="Nein" class="setAssertionButton_full">
</form>
</div>
diff --git a/id/server/idserverlib/src/main/resources/resources/templates/sendAssertionFormIFrame.html b/id/server/idserverlib/src/main/resources/resources/templates/sendAssertionFormIFrame.html
index 46e8f46d8..a30bbfa9a 100644
--- a/id/server/idserverlib/src/main/resources/resources/templates/sendAssertionFormIFrame.html
+++ b/id/server/idserverlib/src/main/resources/resources/templates/sendAssertionFormIFrame.html
@@ -24,6 +24,7 @@
<input type="hidden" name="value" value="true">
<input type="hidden" name="mod" value="#MODUL#">
<input type="hidden" name="action" value="#ACTION#">
+ <input type="hidden" name="identifier" value="#ID#">
<input type="submit" size="400" value="Ja" class="setAssertionButton">
</form>
</div>
@@ -32,6 +33,7 @@
<input type="hidden" name="value" value="false">
<input type="hidden" name="mod" value="#MODUL#">
<input type="hidden" name="action" value="#ACTION#">
+ <input type="hidden" name="identifier" value="#ID#">
<input type="submit" size="400" value="Nein" class="setAssertionButton">
</form>
</div>