aboutsummaryrefslogtreecommitdiff
path: root/id/server
diff options
context:
space:
mode:
Diffstat (limited to 'id/server')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java8
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java18
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SendAssertionFormBuilder.java79
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java11
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java27
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java8
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/FormBuildUtils.java2
-rw-r--r--id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties2
-rw-r--r--id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd58
9 files changed, 121 insertions, 92 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java
index 70aa1a160..2e08fad6b 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java
@@ -167,8 +167,10 @@ public class GetIdentityLinkFormBuilder extends Builder {
htmlForm = replaceTag(htmlForm, CERTINFO_XMLREQUEST_TAG, encodeParameter(certInfoXMLRequest), true, ALL);
htmlForm = replaceTag(htmlForm, CERTINFO_DATAURL_TAG, certInfoDataURL, true, ALL);
+ Map<String, String> map = null;
+
if (oaParam != null) {
- Map<String, String> map = oaParam.getFormCustomizaten();
+ map = oaParam.getFormCustomizaten();
htmlForm = replaceTag(htmlForm, COLOR_TAG, map.get(FormBuildUtils.MAIN_BACKGROUNDCOLOR), false, ALL);
htmlForm = replaceTag(htmlForm, REDIRECTTARGETTAG, map.get(FormBuildUtils.REDIRECTTARGET), false, ALL);
@@ -179,11 +181,15 @@ public class GetIdentityLinkFormBuilder extends Builder {
if (MiscUtil.isNotEmpty(appletheigth))
htmlForm = replaceTag(htmlForm, APPLETHEIGHT_TAG, appletheigth, false, ALL);
+ else if (map != null && MiscUtil.isNotEmpty(map.get(FormBuildUtils.APPLET_HEIGHT)))
+ htmlForm = replaceTag(htmlForm, APPLETHEIGHT_TAG, map.get(FormBuildUtils.APPLET_HEIGHT), false, ALL);
else
htmlForm = replaceTag(htmlForm, APPLETHEIGHT_TAG, "160", false, ALL);
if (MiscUtil.isNotEmpty(appletwidth))
htmlForm = replaceTag(htmlForm, APPLETWIDTH_TAG, appletwidth, false, ALL);
+ else if (map != null && MiscUtil.isNotEmpty(map.get(FormBuildUtils.APPLET_WIDTH)))
+ htmlForm = replaceTag(htmlForm, APPLETWIDTH_TAG, map.get(FormBuildUtils.APPLET_WIDTH), false, ALL);
else
htmlForm = replaceTag(htmlForm, APPLETWIDTH_TAG, "250", false, ALL);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java
index 90ad3cf42..ff3b7b170 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java
@@ -22,6 +22,7 @@
******************************************************************************/
package at.gv.egovernment.moa.id.auth.builder;
+import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
@@ -58,7 +59,7 @@ public class LoginFormBuilder {
private static String SERVLET = CONTEXTPATH+"/GenerateIframeTemplate";
- public static String getTemplate() {
+ private static String getTemplate() {
String pathLocation ="";
InputStream input = null;
@@ -118,8 +119,21 @@ public class LoginFormBuilder {
}
public static String buildLoginForm(String modul, String action, OAAuthParameter oaParam, String contextpath, String moaSessionID) {
- String value = getTemplate();
+ String value = null;
+
+ byte[] oatemplate = oaParam.getBKUSelectionTemplate();
+ // OA specific template requires a size of 8 bits minimum
+ if (oatemplate != null && oatemplate.length > 7) {
+ InputStream is = new ByteArrayInputStream(oatemplate);
+ value = getTemplate(is);
+
+ } else {
+ //load default BKU-selection template
+ value = getTemplate();
+
+ }
+
if(value != null) {
if(modul == null) {
modul = SAML1Protocol.PATH;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SendAssertionFormBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SendAssertionFormBuilder.java
index f65a3c011..24b848176 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SendAssertionFormBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SendAssertionFormBuilder.java
@@ -22,6 +22,7 @@
******************************************************************************/
package at.gv.egovernment.moa.id.auth.builder;
+import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
@@ -58,32 +59,50 @@ public class SendAssertionFormBuilder {
private static String SERVLET = CONTEXTPATH+"/SSOSendAssertionServlet";
private static String getTemplate() {
-
- String template = null;
- InputStream input = null;
- try {
- String pathLocation;
-
- String rootconfigdir = AuthConfigurationProvider.getInstance().getRootConfigFileDir();
- pathLocation = rootconfigdir + HTMLTEMPLATESDIR + HTMLTEMPLATEFULL;
+ String pathLocation;
+ InputStream input = null;
+ try {
+ String rootconfigdir = AuthConfigurationProvider.getInstance().getRootConfigFileDir();
+ pathLocation = rootconfigdir + HTMLTEMPLATESDIR + HTMLTEMPLATEFULL;
+
+ try {
+ File file = new File(new URI(pathLocation));
+ input = new FileInputStream(file);
+
+ } catch (FileNotFoundException e) {
- try {
- File file = new File(new URI(pathLocation));
- input = new FileInputStream(file);
-
- } catch (FileNotFoundException e) {
-
- Logger.warn("No LoginFormTempaltes found. Use Generic Templates from package.");
-
- pathLocation = "resources/templates/" + HTMLTEMPLATEFULL;
-
- input = Thread.currentThread()
- .getContextClassLoader()
- .getResourceAsStream(pathLocation);
-
- }
+ Logger.warn("No LoginFormTempaltes found. Use Generic Templates from package.");
+
+ pathLocation = "resources/templates/" + HTMLTEMPLATEFULL;
+
+ input = Thread.currentThread()
+ .getContextClassLoader()
+ .getResourceAsStream(pathLocation);
+
+ }
+
+ return getTemplate(input);
+
+ } catch (Exception e) {
+ try {
+ input.close();
+ } catch (IOException e1) {
+ Logger.warn("SendAssertionTemplate inputstream can not be closed.", e);
+ }
+
+ return null;
+ }
+
+ }
+
+ private static String getTemplate(InputStream input) {
+
+ String template = null;
+
+ try {
+
StringWriter writer = new StringWriter();
IOUtils.copy(input, writer);
template = writer.toString();
@@ -105,7 +124,19 @@ public class SendAssertionFormBuilder {
}
public static String buildForm(String modul, String action, String id, OAAuthParameter oaParam, String contextpath) {
- String value = getTemplate();
+ String value = null;
+
+ byte[] oatemplate = oaParam.getSendAssertionTemplate();
+ // OA specific template requires a size of 8 bits minimum
+ if (oatemplate != null && oatemplate.length > 7) {
+ InputStream is = new ByteArrayInputStream(oatemplate);
+ value = getTemplate(is);
+
+ } else {
+ //load default BKU-selection template
+ value = getTemplate();
+
+ }
if(value != null) {
if(modul == null) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java
index c66e19eb0..d2d458e74 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java
@@ -82,9 +82,12 @@ public class GenerateIFrameTemplateServlet extends AuthServlet {
AuthenticationSession moasession = null;
- try {
- //moasessionid = (String) req.getSession().getAttribute(AuthenticationManager.MOA_SESSION);
-
+ if (MiscUtil.isEmpty(bkuid) || MiscUtil.isEmpty(moasessionid)) {
+ Logger.warn("MOASessionID or BKU-type is empty. Maybe an old BKU-selection template is in use.");
+ throw new MOAIDException("auth.23", new Object[] {});
+ }
+
+ try {
pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(moasessionid);
moasession = AuthenticationSessionStoreage.getSession(moasessionid);
@@ -112,7 +115,7 @@ public class GenerateIFrameTemplateServlet extends AuthServlet {
//load Parameters from config
String target = oaParam.getTarget();
-
+
String bkuURL = oaParam.getBKUURL(bkuid);
if (MiscUtil.isEmpty(bkuURL)) {
Logger.info("No OA specific BKU defined. Use BKU from default configuration");
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
index 7a38e2afd..8e7ca0779 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
@@ -320,6 +320,12 @@ public Map<String, String> getFormCustomizaten() {
if (MiscUtil.isNotEmpty(bkuselection.getAppletRedirectTarget()))
map.put(FormBuildUtils.REDIRECTTARGET, bkuselection.getAppletRedirectTarget());
+ if (MiscUtil.isNotEmpty(bkuselection.getAppletHeight()))
+ map.put(FormBuildUtils.APPLET_HEIGHT, bkuselection.getAppletHeight());
+
+ if (MiscUtil.isNotEmpty(bkuselection.getAppletWidth()))
+ map.put(FormBuildUtils.APPLET_WIDTH, bkuselection.getAppletWidth());
+
}
}
@@ -343,6 +349,27 @@ public List<OAStorkAttribute> getRequestedAttributes() {
}
+public byte[] getBKUSelectionTemplate() {
+
+ TemplatesType templates = oa_auth.getTemplates();
+ if (templates != null && templates.getBKUSelectionTemplate() != null) {
+ return templates.getBKUSelectionTemplate().getTransformation();
+
+ }
+
+ return null;
+}
+
+public byte[] getSendAssertionTemplate() {
+
+ TemplatesType templates = oa_auth.getTemplates();
+ if (templates != null && templates.getSendAssertionTemplate() != null) {
+ return templates.getSendAssertionTemplate().getTransformation();
+
+ }
+
+ return null;
+}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
index 1f526caca..6b774261d 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
@@ -22,14 +22,8 @@
*******************************************************************************/
package at.gv.egovernment.moa.id.entrypoints;
-
-
-import iaik.security.ecc.provider.ECCProvider;
-import iaik.security.provider.IAIK;
-
import java.io.IOException;
-import java.io.PrintWriter;
-import java.security.Security;
+
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/FormBuildUtils.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/FormBuildUtils.java
index 37ead5cff..d3ac574f8 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/FormBuildUtils.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/FormBuildUtils.java
@@ -43,6 +43,8 @@ public class FormBuildUtils {
public static String FONTFAMILY = "#FONTTYPE#";
public static String HEADER_TEXT = "#HEADER_TEXT#";
public static String REDIRECTTARGET = "#REDIRECTTARGET#";
+ public static String APPLET_HEIGHT = "#APPLETHEIGHT#";
+ public static String APPLET_WIDTH = "#APPLETWIDTH#";
private static String MANDATEVISIBLE = "#MANDATEVISIBLE#";
private static String MANDATECHECKED = "#MANDATECHECKED#";
diff --git a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties
index a6c0601e4..2f956bd39 100644
--- a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties
+++ b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties
@@ -41,6 +41,8 @@ auth.19=Die Authentifizierung kann nicht passiv durchgef\u00FChrt werden.
auth.20=No valid MOA session found. Authentification process is abourted.
auth.21=Der Anmeldevorgang wurde durch den Benutzer abgebrochen.
auth.22=Das Protokoll {0} ist deaktiviert.
+auth.23=Das BKU-Selektion Template entspricht nicht der Spezifikation von MOA-ID 2.x.
+auth.24=Das Send-Assertion Template entspricht nicht der Spezifikation von MOA-ID 2.x.
init.00=MOA ID Authentisierung wurde erfolgreich gestartet
init.01=Fehler beim Aktivieren des IAIK-JCE/JSSE/JDK1.3 Workaround\: SSL ist m\u00F6glicherweise nicht verf\u00FCgbar
diff --git a/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd b/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd
index 7944a7321..2461e1274 100644
--- a/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd
+++ b/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd
@@ -160,36 +160,6 @@
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
- <xsd:element name="ProxyComponent_General" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Konfigurationsparameter der
- Proxy-Komponente
- </xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="AuthComponent">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter für die Kommunikation zw.
- Proxykomponente und Authenttisierungskomponente
- </xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="ConnectionParameter_Proxy" type="ConnectionParameterClientAuthType" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter für die SOAP-Verbindung
- von der Proxy-Komponente zur Auth-Komponente (vgl.
- AuthComponent/MOA-SP/ConnectionParameter)
- </xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
<xsd:element name="OnlineApplication" type="OnlineApplication" maxOccurs="unbounded">
<xsd:annotation>
<xsd:documentation>enthält Parameter für die OA
@@ -463,6 +433,8 @@
<xsd:element name="Template" type="TemplateType" minOccurs="0" maxOccurs="3"/>
<xsd:element name="AditionalAuthBlockText" type="xsd:string" minOccurs="0"/>
<xsd:element name="BKUSelectionCustomization" type="BKUSelectionCustomizationType" minOccurs="0" maxOccurs="1"/>
+ <xsd:element name="BKUSelectionTemplate" type="TransformsInfoType" minOccurs="0" maxOccurs="1"/>
+ <xsd:element name="SendAssertionTemplate" type="TransformsInfoType" minOccurs="0" maxOccurs="1"/>
</xsd:sequence>
</xsd:complexType>
<xsd:complexType name="TemplateType">
@@ -507,7 +479,6 @@
</xsd:element>
</xsd:sequence>
</xsd:complexType>
- <xsd:complexType name="ProxyComponentType"/>
<xsd:complexType name="OnlineApplicationType">
<xsd:sequence>
<xsd:element name="isActive" type="xsd:boolean" default="false" minOccurs="1" maxOccurs="1"/>
@@ -557,29 +528,6 @@
maxOccurs="1"/ -->
</xsd:complexType>
</xsd:element>
- <xsd:element name="ProxyComponent_OA" minOccurs="0">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter über die OA, die die
- Proxy-Komponente betreffen
- </xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType">
- <xsd:annotation>
- <xsd:documentation>enthält Parameter über die OA, die die
- Proxy-Komponente betreffen
- </xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- <xsd:attribute name="configFileURL" type="xsd:anyURI" use="optional"/>
- <xsd:attribute name="sessionTimeOut" type="xsd:int" use="optional"/>
- <xsd:attribute name="loginParameterResolverImpl" type="xsd:string" use="optional"/>
- <xsd:attribute name="loginParameterResolverConfiguration" type="xsd:string" use="optional"/>
- <xsd:attribute name="connectionBuilderImpl" type="xsd:string" use="optional"/>
- </xsd:complexType>
- </xsd:element>
</xsd:sequence>
</xsd:complexType>
<xsd:complexType name="ConnectionParameterServerAuthType">
@@ -995,6 +943,8 @@
<xsd:element name="ButtonBackGroundColorFocus" type="xsd:string" minOccurs="0" maxOccurs="1"/>
<xsd:element name="ButtonFontColor" type="xsd:string" minOccurs="0" maxOccurs="1"/>
<xsd:element name="AppletRedirectTarget" type="xsd:string" minOccurs="0" maxOccurs="1"/>
+ <xsd:element name="AppletHeight" type="xsd:string" minOccurs="0" maxOccurs="1"/>
+ <xsd:element name="AppletWidth" type="xsd:string" minOccurs="0" maxOccurs="1"/>
<xsd:element name="MandateLoginButton" type="xsd:boolean" default="true" minOccurs="0" maxOccurs="1"/>
<xsd:element name="OnlyMandateLoginAllowed" type="xsd:boolean" default="false" minOccurs="0" maxOccurs="1"/>
</xsd:sequence>