diff options
Diffstat (limited to 'id/server')
9 files changed, 121 insertions, 92 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java index 70aa1a160..2e08fad6b 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java @@ -167,8 +167,10 @@ public class GetIdentityLinkFormBuilder extends Builder { htmlForm = replaceTag(htmlForm, CERTINFO_XMLREQUEST_TAG, encodeParameter(certInfoXMLRequest), true, ALL); htmlForm = replaceTag(htmlForm, CERTINFO_DATAURL_TAG, certInfoDataURL, true, ALL); + Map<String, String> map = null; + if (oaParam != null) { - Map<String, String> map = oaParam.getFormCustomizaten(); + map = oaParam.getFormCustomizaten(); htmlForm = replaceTag(htmlForm, COLOR_TAG, map.get(FormBuildUtils.MAIN_BACKGROUNDCOLOR), false, ALL); htmlForm = replaceTag(htmlForm, REDIRECTTARGETTAG, map.get(FormBuildUtils.REDIRECTTARGET), false, ALL); @@ -179,11 +181,15 @@ public class GetIdentityLinkFormBuilder extends Builder { if (MiscUtil.isNotEmpty(appletheigth)) htmlForm = replaceTag(htmlForm, APPLETHEIGHT_TAG, appletheigth, false, ALL); + else if (map != null && MiscUtil.isNotEmpty(map.get(FormBuildUtils.APPLET_HEIGHT))) + htmlForm = replaceTag(htmlForm, APPLETHEIGHT_TAG, map.get(FormBuildUtils.APPLET_HEIGHT), false, ALL); else htmlForm = replaceTag(htmlForm, APPLETHEIGHT_TAG, "160", false, ALL); if (MiscUtil.isNotEmpty(appletwidth)) htmlForm = replaceTag(htmlForm, APPLETWIDTH_TAG, appletwidth, false, ALL); + else if (map != null && MiscUtil.isNotEmpty(map.get(FormBuildUtils.APPLET_WIDTH))) + htmlForm = replaceTag(htmlForm, APPLETWIDTH_TAG, map.get(FormBuildUtils.APPLET_WIDTH), false, ALL); else htmlForm = replaceTag(htmlForm, APPLETWIDTH_TAG, "250", false, ALL); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java index 90ad3cf42..ff3b7b170 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java @@ -22,6 +22,7 @@ ******************************************************************************/ package at.gv.egovernment.moa.id.auth.builder; +import java.io.ByteArrayInputStream; import java.io.File; import java.io.FileInputStream; import java.io.FileNotFoundException; @@ -58,7 +59,7 @@ public class LoginFormBuilder { private static String SERVLET = CONTEXTPATH+"/GenerateIframeTemplate"; - public static String getTemplate() { + private static String getTemplate() { String pathLocation =""; InputStream input = null; @@ -118,8 +119,21 @@ public class LoginFormBuilder { } public static String buildLoginForm(String modul, String action, OAAuthParameter oaParam, String contextpath, String moaSessionID) { - String value = getTemplate(); + String value = null; + + byte[] oatemplate = oaParam.getBKUSelectionTemplate(); + // OA specific template requires a size of 8 bits minimum + if (oatemplate != null && oatemplate.length > 7) { + InputStream is = new ByteArrayInputStream(oatemplate); + value = getTemplate(is); + + } else { + //load default BKU-selection template + value = getTemplate(); + + } + if(value != null) { if(modul == null) { modul = SAML1Protocol.PATH; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SendAssertionFormBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SendAssertionFormBuilder.java index f65a3c011..24b848176 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SendAssertionFormBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SendAssertionFormBuilder.java @@ -22,6 +22,7 @@ ******************************************************************************/ package at.gv.egovernment.moa.id.auth.builder; +import java.io.ByteArrayInputStream; import java.io.File; import java.io.FileInputStream; import java.io.FileNotFoundException; @@ -58,32 +59,50 @@ public class SendAssertionFormBuilder { private static String SERVLET = CONTEXTPATH+"/SSOSendAssertionServlet"; private static String getTemplate() { - - String template = null; - InputStream input = null; - try { - String pathLocation; - - String rootconfigdir = AuthConfigurationProvider.getInstance().getRootConfigFileDir(); - pathLocation = rootconfigdir + HTMLTEMPLATESDIR + HTMLTEMPLATEFULL; + String pathLocation; + InputStream input = null; + try { + String rootconfigdir = AuthConfigurationProvider.getInstance().getRootConfigFileDir(); + pathLocation = rootconfigdir + HTMLTEMPLATESDIR + HTMLTEMPLATEFULL; + + try { + File file = new File(new URI(pathLocation)); + input = new FileInputStream(file); + + } catch (FileNotFoundException e) { - try { - File file = new File(new URI(pathLocation)); - input = new FileInputStream(file); - - } catch (FileNotFoundException e) { - - Logger.warn("No LoginFormTempaltes found. Use Generic Templates from package."); - - pathLocation = "resources/templates/" + HTMLTEMPLATEFULL; - - input = Thread.currentThread() - .getContextClassLoader() - .getResourceAsStream(pathLocation); - - } + Logger.warn("No LoginFormTempaltes found. Use Generic Templates from package."); + + pathLocation = "resources/templates/" + HTMLTEMPLATEFULL; + + input = Thread.currentThread() + .getContextClassLoader() + .getResourceAsStream(pathLocation); + + } + + return getTemplate(input); + + } catch (Exception e) { + try { + input.close(); + } catch (IOException e1) { + Logger.warn("SendAssertionTemplate inputstream can not be closed.", e); + } + + return null; + } + + } + + private static String getTemplate(InputStream input) { + + String template = null; + + try { + StringWriter writer = new StringWriter(); IOUtils.copy(input, writer); template = writer.toString(); @@ -105,7 +124,19 @@ public class SendAssertionFormBuilder { } public static String buildForm(String modul, String action, String id, OAAuthParameter oaParam, String contextpath) { - String value = getTemplate(); + String value = null; + + byte[] oatemplate = oaParam.getSendAssertionTemplate(); + // OA specific template requires a size of 8 bits minimum + if (oatemplate != null && oatemplate.length > 7) { + InputStream is = new ByteArrayInputStream(oatemplate); + value = getTemplate(is); + + } else { + //load default BKU-selection template + value = getTemplate(); + + } if(value != null) { if(modul == null) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java index c66e19eb0..d2d458e74 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java @@ -82,9 +82,12 @@ public class GenerateIFrameTemplateServlet extends AuthServlet { AuthenticationSession moasession = null; - try { - //moasessionid = (String) req.getSession().getAttribute(AuthenticationManager.MOA_SESSION); - + if (MiscUtil.isEmpty(bkuid) || MiscUtil.isEmpty(moasessionid)) { + Logger.warn("MOASessionID or BKU-type is empty. Maybe an old BKU-selection template is in use."); + throw new MOAIDException("auth.23", new Object[] {}); + } + + try { pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(moasessionid); moasession = AuthenticationSessionStoreage.getSession(moasessionid); @@ -112,7 +115,7 @@ public class GenerateIFrameTemplateServlet extends AuthServlet { //load Parameters from config String target = oaParam.getTarget(); - + String bkuURL = oaParam.getBKUURL(bkuid); if (MiscUtil.isEmpty(bkuURL)) { Logger.info("No OA specific BKU defined. Use BKU from default configuration"); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java index 7a38e2afd..8e7ca0779 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java @@ -320,6 +320,12 @@ public Map<String, String> getFormCustomizaten() { if (MiscUtil.isNotEmpty(bkuselection.getAppletRedirectTarget())) map.put(FormBuildUtils.REDIRECTTARGET, bkuselection.getAppletRedirectTarget()); + if (MiscUtil.isNotEmpty(bkuselection.getAppletHeight())) + map.put(FormBuildUtils.APPLET_HEIGHT, bkuselection.getAppletHeight()); + + if (MiscUtil.isNotEmpty(bkuselection.getAppletWidth())) + map.put(FormBuildUtils.APPLET_WIDTH, bkuselection.getAppletWidth()); + } } @@ -343,6 +349,27 @@ public List<OAStorkAttribute> getRequestedAttributes() { } +public byte[] getBKUSelectionTemplate() { + + TemplatesType templates = oa_auth.getTemplates(); + if (templates != null && templates.getBKUSelectionTemplate() != null) { + return templates.getBKUSelectionTemplate().getTransformation(); + + } + + return null; +} + +public byte[] getSendAssertionTemplate() { + + TemplatesType templates = oa_auth.getTemplates(); + if (templates != null && templates.getSendAssertionTemplate() != null) { + return templates.getSendAssertionTemplate().getTransformation(); + + } + + return null; +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java index 1f526caca..6b774261d 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java @@ -22,14 +22,8 @@ *******************************************************************************/ package at.gv.egovernment.moa.id.entrypoints; - - -import iaik.security.ecc.provider.ECCProvider; -import iaik.security.provider.IAIK; - import java.io.IOException; -import java.io.PrintWriter; -import java.security.Security; + import java.util.Iterator; import java.util.Map; import java.util.Set; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/FormBuildUtils.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/FormBuildUtils.java index 37ead5cff..d3ac574f8 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/FormBuildUtils.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/FormBuildUtils.java @@ -43,6 +43,8 @@ public class FormBuildUtils { public static String FONTFAMILY = "#FONTTYPE#"; public static String HEADER_TEXT = "#HEADER_TEXT#"; public static String REDIRECTTARGET = "#REDIRECTTARGET#"; + public static String APPLET_HEIGHT = "#APPLETHEIGHT#"; + public static String APPLET_WIDTH = "#APPLETWIDTH#"; private static String MANDATEVISIBLE = "#MANDATEVISIBLE#"; private static String MANDATECHECKED = "#MANDATECHECKED#"; diff --git a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties index a6c0601e4..2f956bd39 100644 --- a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties +++ b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties @@ -41,6 +41,8 @@ auth.19=Die Authentifizierung kann nicht passiv durchgef\u00FChrt werden. auth.20=No valid MOA session found. Authentification process is abourted.
auth.21=Der Anmeldevorgang wurde durch den Benutzer abgebrochen.
auth.22=Das Protokoll {0} ist deaktiviert.
+auth.23=Das BKU-Selektion Template entspricht nicht der Spezifikation von MOA-ID 2.x.
+auth.24=Das Send-Assertion Template entspricht nicht der Spezifikation von MOA-ID 2.x.
init.00=MOA ID Authentisierung wurde erfolgreich gestartet
init.01=Fehler beim Aktivieren des IAIK-JCE/JSSE/JDK1.3 Workaround\: SSL ist m\u00F6glicherweise nicht verf\u00FCgbar
diff --git a/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd b/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd index 7944a7321..2461e1274 100644 --- a/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd +++ b/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd @@ -160,36 +160,6 @@ </xsd:complexContent> </xsd:complexType> </xsd:element> - <xsd:element name="ProxyComponent_General" minOccurs="0"> - <xsd:annotation> - <xsd:documentation>enthält Konfigurationsparameter der - Proxy-Komponente - </xsd:documentation> - </xsd:annotation> - <xsd:complexType> - <xsd:sequence> - <xsd:element name="AuthComponent"> - <xsd:annotation> - <xsd:documentation>enthält Parameter für die Kommunikation zw. - Proxykomponente und Authenttisierungskomponente - </xsd:documentation> - </xsd:annotation> - <xsd:complexType> - <xsd:sequence> - <xsd:element name="ConnectionParameter_Proxy" type="ConnectionParameterClientAuthType" minOccurs="0"> - <xsd:annotation> - <xsd:documentation>enthält Parameter für die SOAP-Verbindung - von der Proxy-Komponente zur Auth-Komponente (vgl. - AuthComponent/MOA-SP/ConnectionParameter) - </xsd:documentation> - </xsd:annotation> - </xsd:element> - </xsd:sequence> - </xsd:complexType> - </xsd:element> - </xsd:sequence> - </xsd:complexType> - </xsd:element> <xsd:element name="OnlineApplication" type="OnlineApplication" maxOccurs="unbounded"> <xsd:annotation> <xsd:documentation>enthält Parameter für die OA @@ -463,6 +433,8 @@ <xsd:element name="Template" type="TemplateType" minOccurs="0" maxOccurs="3"/> <xsd:element name="AditionalAuthBlockText" type="xsd:string" minOccurs="0"/> <xsd:element name="BKUSelectionCustomization" type="BKUSelectionCustomizationType" minOccurs="0" maxOccurs="1"/> + <xsd:element name="BKUSelectionTemplate" type="TransformsInfoType" minOccurs="0" maxOccurs="1"/> + <xsd:element name="SendAssertionTemplate" type="TransformsInfoType" minOccurs="0" maxOccurs="1"/> </xsd:sequence> </xsd:complexType> <xsd:complexType name="TemplateType"> @@ -507,7 +479,6 @@ </xsd:element> </xsd:sequence> </xsd:complexType> - <xsd:complexType name="ProxyComponentType"/> <xsd:complexType name="OnlineApplicationType"> <xsd:sequence> <xsd:element name="isActive" type="xsd:boolean" default="false" minOccurs="1" maxOccurs="1"/> @@ -557,29 +528,6 @@ maxOccurs="1"/ --> </xsd:complexType> </xsd:element> - <xsd:element name="ProxyComponent_OA" minOccurs="0"> - <xsd:annotation> - <xsd:documentation>enthält Parameter über die OA, die die - Proxy-Komponente betreffen - </xsd:documentation> - </xsd:annotation> - <xsd:complexType> - <xsd:sequence> - <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType"> - <xsd:annotation> - <xsd:documentation>enthält Parameter über die OA, die die - Proxy-Komponente betreffen - </xsd:documentation> - </xsd:annotation> - </xsd:element> - </xsd:sequence> - <xsd:attribute name="configFileURL" type="xsd:anyURI" use="optional"/> - <xsd:attribute name="sessionTimeOut" type="xsd:int" use="optional"/> - <xsd:attribute name="loginParameterResolverImpl" type="xsd:string" use="optional"/> - <xsd:attribute name="loginParameterResolverConfiguration" type="xsd:string" use="optional"/> - <xsd:attribute name="connectionBuilderImpl" type="xsd:string" use="optional"/> - </xsd:complexType> - </xsd:element> </xsd:sequence> </xsd:complexType> <xsd:complexType name="ConnectionParameterServerAuthType"> @@ -995,6 +943,8 @@ <xsd:element name="ButtonBackGroundColorFocus" type="xsd:string" minOccurs="0" maxOccurs="1"/> <xsd:element name="ButtonFontColor" type="xsd:string" minOccurs="0" maxOccurs="1"/> <xsd:element name="AppletRedirectTarget" type="xsd:string" minOccurs="0" maxOccurs="1"/> + <xsd:element name="AppletHeight" type="xsd:string" minOccurs="0" maxOccurs="1"/> + <xsd:element name="AppletWidth" type="xsd:string" minOccurs="0" maxOccurs="1"/> <xsd:element name="MandateLoginButton" type="xsd:boolean" default="true" minOccurs="0" maxOccurs="1"/> <xsd:element name="OnlyMandateLoginAllowed" type="xsd:boolean" default="false" minOccurs="0" maxOccurs="1"/> </xsd:sequence> |