diff options
Diffstat (limited to 'id/server')
17 files changed, 106 insertions, 47 deletions
| diff --git a/id/server/auth/.settings/org.eclipse.wst.common.component b/id/server/auth/.settings/org.eclipse.wst.common.component index b4ffa88f6..9725f5b61 100644 --- a/id/server/auth/.settings/org.eclipse.wst.common.component +++ b/id/server/auth/.settings/org.eclipse.wst.common.component @@ -17,7 +17,8 @@          </dependent-module>      <property name="context-root" value="moa-id-auth"/>      <wb-resource deploy-path="/WEB-INF/classes" source-path="src/main/resources"/> -        <wb-resource deploy-path="/" source-path="/src/main/webapp"/> +        <wb-resource deploy-path="/" source-path="/target/m2e-wtp/web-resources"/> +        <wb-resource deploy-path="/" source-path="/src/main/webapp" tag="defaultRootSource"/>      <property name="java-output-path" value="/target/classes"/>    </wb-module>  </project-modules> diff --git a/id/server/auth/src/main/webapp/iframeHandyBKU.html b/id/server/auth/src/main/webapp/iframeHandyBKU.html index b5936679f..0f6e1e282 100644 --- a/id/server/auth/src/main/webapp/iframeHandyBKU.html +++ b/id/server/auth/src/main/webapp/iframeHandyBKU.html @@ -8,11 +8,11 @@      	<script type="text/javascript">
  			// [MUSS] Geben Sie hier die URL zum Aufruf von MOA-ID an
             	// z.B.: https://yoururl.at/moa-id-auth/StartAuthentication?Target=IT&OA=https://youronlineapplication.at
 -			var MOA_ID_STARTAUTHENTICATION = "https://localhost:8443/moa-id-auth/StartAuthentication?Target=ZU&OA=https://localhost:8443/TestMOAID_OA/LoginServletExample";
 +			var MOA_ID_STARTAUTHENTICATION = "[MOA_ID_STARTAUTHENTICATION]";
  			// [MUSS] Geben Sie hier die URL zum MOA-ID Template fuer die Handy Signatur an -->
  			<!-- z.B.: value="https://yoururl.at/moa-id-auth/template_handyBKU.html"-->
 -			var URL_TO_HANDYSIGNATUR_TEMPLATE = "https://localhost:8443/moa-id-auth/template_handyBKU.html";
 +			var URL_TO_HANDYSIGNATUR_TEMPLATE = "[URL_TO_HANDYSIGNATUR_TEMPLATE]";
  			window.onload=function() {
 @@ -49,8 +49,7 @@  	    Bitte warten...
  		<form name="moaidform" method="post" id="moaidform">
  			<input type="hidden" name="Template" id="Template">
 -			<!--  <input type="hidden" name="bkuURI" value="https://www.handy-signatur.at/mobile/https-security-layer-request/default.aspx"> -->
 -			 <input type="hidden" name="bkuURI" value="https://test1.a-trust.at/https-security-layer-request/default.aspx"> 
 +			<input type="hidden" name="bkuURI" value="https://www.handy-signatur.at/mobile/https-security-layer-request/default.aspx">
  			<input type="hidden" name="useMandate" id="useMandate">
  		</form>		
  		<hr>
 diff --git a/id/server/auth/src/main/webapp/iframeOnlineBKU.html b/id/server/auth/src/main/webapp/iframeOnlineBKU.html index 7f6efb241..3ff0dac89 100644 --- a/id/server/auth/src/main/webapp/iframeOnlineBKU.html +++ b/id/server/auth/src/main/webapp/iframeOnlineBKU.html @@ -8,16 +8,16 @@  	    <script type="text/javascript">
  			// [MUSS] Geben Sie hier die URL zum Aufruf von MOA-ID an
              // z.B.: https://yoururl.at/moa-id-auth/StartAuthentication?Target=IT&OA=https://youronlineapplication.at
 -			var MOA_ID_STARTAUTHENTICATION = "https://localhost:8443/moa-id-auth/StartAuthentication?Target=ZU&OA=https://localhost:8443/TestMOAID_OA/LoginServletExample&sourceID=ABC123-_ABC123";
 +			var MOA_ID_STARTAUTHENTICATION = "[MOA_ID_STARTAUTHENTICATION]";
  			// [MUSS] Geben Sie hier die URL zum MOA-ID Template fuer die Online BKU an
  			// z.B.: "https://yoururl.at/moa-id-auth/template_onlineBKU.html"
 -			var URL_TO_ONLINEBKU_TEMPLATE = "https://localhost:8443/moa-id-auth/template_onlineBKU.html";
 +			var URL_TO_ONLINEBKU_TEMPLATE = "[URL_TO_ONLINEBKU_TEMPLATE]";
  			// [MUSS] Geben Sie hier die URL zur Online BKU an
  			// z.B.: value="https://yoururl.at/bkuonline/https-security-layer-request"
  			// Hinweis: Diese URL muss auch bei den vertrauenswürdigen BKUs in der MOA-ID Konfiguration angegeben werden (siehe Element MOA-IDConfiguration/TrustedBKUs/BKUURL)
 -			var URL_TO_ONLINEBKU = "https://localhost:8444/bkuonline/https-security-layer-request";
 +			var URL_TO_ONLINEBKU = "[URL_TO_ONLINEBKU]";
  			window.onload=function() {
  				document.getElementById('moaidform').action = MOA_ID_STARTAUTHENTICATION;
 diff --git a/id/server/auth/src/main/webapp/index.html b/id/server/auth/src/main/webapp/index.html index 03123c2a7..83b4ee418 100644 --- a/id/server/auth/src/main/webapp/index.html +++ b/id/server/auth/src/main/webapp/index.html @@ -11,11 +11,11 @@          <script type="text/javascript">
  			// [MUSS] Geben Sie hier die URL zum Aufruf von MOA-ID an
              // z.B.: https://yoururl.at/moa-id-auth/StartAuthentication?Target=IT&OA=https://youronlineapplication.at
 -			var MOA_ID_STARTAUTHENTICATION = "https://localhost:8443/moa-id-auth/StartAuthentication?Target=ZU&OA=https://localhost:8443/TestMOAID_OA/LoginServletExample";	
 +			var MOA_ID_STARTAUTHENTICATION = "[MOA_ID_STARTAUTHENTICATION]";			
  			// [MUSS] Geben Sie hier die URL zum MOA-ID Template fuer die lokale BKU an
              // z.B.: https://yoururl.at/moa-id-auth/template_localBKU.html
 -			var URL_TO_LOKALBKU_TEMPLATE = "https://localhost:8443/moa-id-auth/template_localBKU.html";
 +			var URL_TO_LOKALBKU_TEMPLATE = "[URL_TO_LOKALBKU_TEMPLATE]";
  			window.onload=function() {
 @@ -109,7 +109,7 @@          		var parent = el.parentNode;
  				var iFrameURL = "iframeOnlineBKU.html" + "?";
 -				iFrameURL += "useMandate=" + document.getElementById("useMandate").value + "&";
 +				iFrameURL += "use=" + document.getElementById("useMandate").value + "&";
  				iFrameURL += "ccc=" + ccc;
  				var iframe = document.createElement("iframe");
 @@ -156,7 +156,7 @@                  	        <!-- Block "KARTE": Anmeldung mit lokaler BKU *ohne* Vollmacht (No-Script Variante) -->
                      	    <!-- [MUSS] Geben Sie hier die URL zum Aufruf von MOA-ID an (inkl. Template-URL, bkuURI und useMandate Parameter!) -->			         
                          	<!-- z.B.: https://yoururl.at/moa-id-auth/StartAuthentication?Target=IT&OA=https://youronlineapplication.at&Template=https://yoururl.at/moa-id-auth/template_localBKU.html&bkuURI=https://127.0.0.1:3496/https-security-layer-request&useMandate=false -->
 -			                <a href="https://localhost:8443/moa-id-auth/StartAuthentication?Target=ZU&OA=https://localhost:8443/TestMOAID_OA/LoginServletExample&Template=https://localhost:8443/moa-id-auth/template_localBKU.html&bkuURI=https://127.0.0.1:3496/https-security-layer-request&useMandate=false">					
 +			                <a href="[MOA_ID_STARTAUTHENTICATION]&Template=[URL_TO_LOKALBKU_TEMPLATE]&bkuURI=https://127.0.0.1:3496/https-security-layer-request&useMandate=false">					
      	                    	<div id="bkukarte" class="hell">
          	                		<button name="bkuButton" type="button">KARTE</button>
  	        	                </div>
 @@ -166,7 +166,7 @@                      	    <!-- Block "KARTE+Vollmacht": Anmeldung mit lokaler BKU *mit* Vollmacht (No-Script Variante) -->
                          	<!-- [MUSS] Geben Sie hier die URL zum Aufruf von MOA-ID an (inkl. Template-URL, bkuURI und useMandate Parameter!) -->
  		                    <!-- z.B.: https://yoururl.at/moa-id-auth/StartAuthentication?Target=IT&OA=https://youronlineapplication.at&Template=https://yoururl.at/moa-id-auth/template_localBKU.html&bkuURI=https://127.0.0.1:3496/https-security-layer-request&useMandate=true -->
 -		                    <!-- <a href="https://localhost:8443/moa-id-auth/StartAuthentication?Target=ZU&OA=https://localhost:8443/TestMOAID_OA/LoginServletExample&Template=https://localhost:8443/moa-id-auth/template_localBKU.html&bkuURI=https://127.0.0.1:3496/https-security-layer-request&useMandate=true">					
 +		                    <!-- <a href="[MOA_ID_STARTAUTHENTICATION]&Template=[URL_TO_LOKALBKU_TEMPLATE]&bkuURI=https://127.0.0.1:3496/https-security-layer-request&useMandate=true">					
          	                	<div id="bkukarte" class="hell">
              	            		<button name="bkuButton" type="button">KARTE+<br>Vollmacht</button>
  	            	            </div>
 @@ -176,7 +176,7 @@  							<!-- Block "HANDY": Anmeldung mit Handysignatur *ohne* Vollmacht (No-Script Variante) -->
  		                    <!-- [MUSS] Geben Sie hier die URL zum Aufruf von MOA-ID an (inkl. Template-URL, bkuURI und useMandate Parameter!) -->
     		                    <!-- z.B.: https://yoururl.at/moa-id-auth/StartAuthentication?Target=IT&OA=https://youronlineapplication.at&Template=https://yoururl.at/moa-id-auth/template_handyBKU.html&bkuURI=https://www.handy-signatur.at/mobile/https-security-layer-request/default.aspx&useMandate=false -->
 -							<a href="https://localhost:8443/moa-id-auth/StartAuthentication?Target=ZU&OA=https://localhost:8443/TestMOAID_OA/LoginServletExample&Template=https://localhost:8443/moa-id-auth/template_localBKU.html&bkuURI=https://www.handy-signatur.at/mobile/https-security-layer-request/default.aspx&useMandate=false">
 +							<a href="[MOA_ID_STARTAUTHENTICATION]&Template=[URL_TO_HANDYSIGNATUR_TEMPLATE]&bkuURI=https://www.handy-signatur.at/mobile/https-security-layer-request/default.aspx&useMandate=false">
  								<div id="bkuhandy" class="hell">
  		                          	<button name="bkuButton" type="button">HANDY</button>
  								</div>
 @@ -185,7 +185,7 @@  	                        <!-- Block "HANDY+Vollnacht": Anmeldung mit Handysignatur *mit* Vollmacht (No-Script Variante) -->
  		                    <!-- [MUSS] Geben Sie hier die URL zum Aufruf von MOA-ID an (inkl. Template-URL, bkuURI und useMandate Parameter!) -->
     	    	                <!-- z.B.: https://yoururl.at/moa-id-auth/StartAuthentication?Target=IT&OA=https://youronlineapplication.at&Template=https://yoururl.at/moa-id-auth/template_handyBKU.html&bkuURI=https://www.handy-signatur.at/mobile/https-security-layer-request/default.aspx&useMandate=true -->
 -							<!-- <a href="https://localhost:8443/moa-id-auth/StartAuthentication?Target=ZU&OA=https://localhost:8443/TestMOAID_OA/LoginServletExample&Template=https://localhost:8443/moa-id-auth/template_localBKU.html&bkuURI=https://www.handy-signatur.at/mobile/https-security-layer-request/default.aspx&useMandate=true">
 +							<!-- <a href="[MOA_ID_STARTAUTHENTICATION]&Template=[URL_TO_HANDYSIGNATUR_TEMPLATE]&bkuURI=https://www.handy-signatur.at/mobile/https-security-layer-request/default.aspx&useMandate=true">
  								<div id="bkuhandy" class="hell">
  		                          	<button name="bkuButton" type="button">HANDY</button>
  								</div>
 @@ -202,7 +202,7 @@      	            	    </div>
          	                <div id="stork" class="hell" align="center"> 
                             		<p>
 -            	                	<form name="storkForm" method="POST" action="https://localhost:8443/moa-id-auth/StartAuthentication?Target=ZU&OA=https://localhost:8443/TestMOAID_OA/LoginServletExample&Template=https://localhost:8443/moa-id-auth/template_localBKU.html&bkuURI=https://127.0.0.1:3496/https-security-layer-request">
 +            	                	<form name="storkForm" method="POST" action="[MOA_ID_STARTAUTHENTICATION]&Template=[URL_TO_LOKALBKU_TEMPLATE]&bkuURI=https://127.0.0.1:3496/https-security-layer-request">
         	    	                		<select name="CCC" size="1" style="width:120px">
             		                			<option value="BE">België/Belgique</option>
  											<option value="EE">Eesti</option>
 @@ -224,22 +224,24 @@                     		</noscript>
                      <script>
 -						<!-- [OPTIONAL] Um die Online BKU auszublenden, kommentieren sie folgende drei Zeilen aus aus -->
 +                    	<!-- [OPTIONAL] Um die Anmeldung mit Vollmachten auszublenden, kommentieren Sie folgende fünf Zeilen aus -->
 +						document.write("<div id=\"mandate\">");
 +                    		document.write("<input tabindex=\"1\" type=\"checkbox\" name=\"Mandate\" style=\"vertical-align: middle; margin-right: 5px;\" id=\"mandateCheckBox\">");
 +								document.write("<label>in Vertretung anmelden</label>");
 +                      	document.write(" <a href=\"info_mandates.html\" target=\"_blank\" class=\"infobutton\" style=\"color:#FFF\">i</a>");
 +                    	document.write("</div> ");
 +                    
 +                    	<!-- [OPTIONAL] Um die Online BKU auszublenden, kommentieren sie folgende drei Zeilen aus aus -->
                          document.write("<div id=\"bkukarte\" class=\"hell\">");     
 -                            document.write("<button name=\"bkuButton\" type=\"button\" onClick=\"bkuOnlineClicked();\">KARTE</button>");
 +                            document.write("<button name=\"bkuButton\" type=\"button\" onClick=\"bkuOnlineClicked();\" tabindex=\"2\">KARTE</button>");
                          document.write("</div>");
  						<!-- [OPTIONAL] Um die Handysignatur auszublenden, kommentieren sie folgende drei Zeilen aus aus -->
                          document.write("<div id=\"bkuhandy\" class=\"hell\">");
 -                            document.write("<button name=\"bkuButton\" type=\"button\" onClick=\"bkuHandyClicked();\">HANDY</button>");
 +                            document.write("<button name=\"bkuButton\" type=\"button\" onClick=\"bkuHandyClicked();\" tabindex=\"3\">HANDY</button>");
                          document.write("</div>");
 -                        <!-- [OPTIONAL] Um die Anmeldung mit Vollmachten auszublenden, kommentieren Sie folgende fünf Zeilen aus -->
 -						document.write("<div id=\"mandate\">");
 -                        	document.write("<input type=\"checkbox\" name=\"Mandate\" style=\"vertical-align: middle; margin-right: 5px;\" id=\"mandateCheckBox\">");
 -								document.write("<label>in Vertretung anmelden</label>");
 -                          document.write(" <a href=\"info_mandates.html\" target=\"_blank\" class=\"infobutton\" style=\"color:#FFF\">i</a>");
 -                        document.write("</div> ");
 +                       
                          <!-- [OPTIONAL] Um die Anmeldung von ausländischen Identitäten auszublenden, kommentieren Sie folgende Zeilen aus -->
  						document.write("<div id=\"leftcontent\" style=\"margin-bottom:10px\">");
 @@ -272,7 +274,7 @@ -
 +s
                      <div id="localBKU" style="display:none" class="hell">
                          <hr>
                          <form method="post" id="moaidform">
 diff --git a/id/server/auth/src/main/webapp/template_handyBKU.html b/id/server/auth/src/main/webapp/template_handyBKU.html index 27834cd91..0ad73a6f3 100644 --- a/id/server/auth/src/main/webapp/template_handyBKU.html +++ b/id/server/auth/src/main/webapp/template_handyBKU.html @@ -12,6 +12,7 @@  	</head>
  	<body onLoad="onAnmeldeSubmit()">		 
        <form name="CustomizedForm" action="<BKU>" method="post" enctype="multipart/form-data<>">
 +			Falls Sie nicht automatisch weitergeleitet werden klicken Sie bitte hier:
       		<input class="button" type="submit" value="Starte Anmeldung" name="Senden">
  			<input type="hidden" name="XMLRequest" value="<XMLRequest>">
  			<input type="hidden" name="DataURL" value="<DataURL>">
 diff --git a/id/server/auth/src/main/webapp/template_localBKU.html b/id/server/auth/src/main/webapp/template_localBKU.html index 64275391a..f197d2c5c 100644 --- a/id/server/auth/src/main/webapp/template_localBKU.html +++ b/id/server/auth/src/main/webapp/template_localBKU.html @@ -11,7 +11,8 @@  		</script>
  	</head>
  	<body onLoad="onAnmeldeSubmit()">	   
 -		<form name="CustomizedForm" action="<BKU>" method="post" enctype="multipart/form-data<>">			
 +		<form name="CustomizedForm" action="<BKU>" method="post" enctype="multipart/form-data<>">
 +			Falls Sie nicht automatisch weitergeleitet werden klicken Sie bitte hier: 
       		<input class="button" type="submit" value="Starte Anmeldung" name="Senden">
  			<input type="hidden" name="XMLRequest" value="<XMLRequest>">
  			<input type="hidden" name="DataURL" value="<DataURL>">
 diff --git a/id/server/auth/src/main/webapp/template_onlineBKU.html b/id/server/auth/src/main/webapp/template_onlineBKU.html index 77f7d076a..565955538 100644 --- a/id/server/auth/src/main/webapp/template_onlineBKU.html +++ b/id/server/auth/src/main/webapp/template_onlineBKU.html @@ -11,7 +11,8 @@  		</script>
  	</head>
  	<body onLoad="onAnmeldeSubmit()">	 
 -		<form name="CustomizedForm" action="<BKU>" method="post" enctype="multipart/form-data<>">			
 +		<form name="CustomizedForm" action="<BKU>" method="post" enctype="multipart/form-data<>">
 +			Falls Sie nicht automatisch weitergeleitet werden klicken Sie bitte hier: 
  		    <input class="button" type="hidden" value="Starte Anmeldung" name="Senden">
  			<input type="hidden" name="XMLRequest" value="<XMLRequest>">
  			<input type="hidden" name="DataURL" value="<DataURL>">
 @@ -23,7 +24,6 @@  			<!-- [OPTIONAL] Aendern Sie hier die Hintergrundfarbe der Online-BKU -->
  	      <input type="hidden" name="appletBackgroundColor" value="#DDDDDD">
 -	      <input type="hidden" name="redirectTarget" value="_top">
  		</form>
  		<form name="CustomizedInfoForm" action="<BKU>" method="post">
 diff --git a/id/server/data/deploy/conf/moa-id/SampleMOAIDConfiguration.xml b/id/server/data/deploy/conf/moa-id/SampleMOAIDConfiguration.xml index a8a9b95da..b70b8f3f6 100644 --- a/id/server/data/deploy/conf/moa-id/SampleMOAIDConfiguration.xml +++ b/id/server/data/deploy/conf/moa-id/SampleMOAIDConfiguration.xml @@ -51,7 +51,7 @@  			   </C-PEPS>			                   			<!-- Test C-PEPS -->		  			<!--				    -			   <C-PEPS countryCode="ES" URL="https://88.84.94.24/PEPS/ColleagueRequest"/>			   			   			  			    +			   <C-PEPS countryCode="ES" URL="https://prespanishpeps.redsara.es/PEPS/ColleagueRequest"/>			   			   			  			     			   <C-PEPS countryCode="IT" URL="https://it-peps-stork.polito.it/PEPS2/ColleagueRequest"/>			   			     			   <C-PEPS countryCode="PT" URL="https://eu-id.teste.cartaodecidadao.gov.pt/PEPS/ColleagueRequest"/>			   			   			   			    			   <C-PEPS countryCode="SI" URL="https://peps-test.mju.gov.si/PEPS/ColleagueRequest">			    diff --git a/id/server/data/deploy/conf/moa-id/SampleMOAIDConfigurationProxy.xml b/id/server/data/deploy/conf/moa-id/SampleMOAIDConfigurationProxy.xml index 204fe6df9..c7da561e4 100644 --- a/id/server/data/deploy/conf/moa-id/SampleMOAIDConfigurationProxy.xml +++ b/id/server/data/deploy/conf/moa-id/SampleMOAIDConfigurationProxy.xml @@ -52,7 +52,7 @@  			   </C-PEPS>			                   			<!-- Test C-PEPS -->		  			<!--				    -			   <C-PEPS countryCode="ES" URL="https://88.84.94.24/PEPS/ColleagueRequest"/>			   			   			  			    +			   <C-PEPS countryCode="ES" URL="https://prespanishpeps.redsara.es/PEPS/ColleagueRequests"/>			   			   			  			     			   <C-PEPS countryCode="IT" URL="https://it-peps-stork.polito.it/PEPS2/ColleagueRequest"/>			   			     			   <C-PEPS countryCode="PT" URL="https://eu-id.teste.cartaodecidadao.gov.pt/PEPS/ColleagueRequest"/>			   			   			   			    			   <C-PEPS countryCode="SI" URL="https://peps-test.mju.gov.si/PEPS/ColleagueRequest">			    diff --git a/id/server/data/deploy/conf/moa-id/SampleMOAIDConfiguration_withTestBKs.xml b/id/server/data/deploy/conf/moa-id/SampleMOAIDConfiguration_withTestBKs.xml index 6f5a68d8b..f034a262e 100644 --- a/id/server/data/deploy/conf/moa-id/SampleMOAIDConfiguration_withTestBKs.xml +++ b/id/server/data/deploy/conf/moa-id/SampleMOAIDConfiguration_withTestBKs.xml @@ -53,7 +53,7 @@  			   </C-PEPS>			                   			<!-- Test C-PEPS -->		  			<!--				    -			   <C-PEPS countryCode="ES" URL="https://88.84.94.24/PEPS/ColleagueRequest"/>			   			   			  			    +			   <C-PEPS countryCode="ES" URL="https://prespanishpeps.redsara.es/PEPS/ColleagueRequest"/>			   			   			  			     			   <C-PEPS countryCode="IT" URL="https://it-peps-stork.polito.it/PEPS2/ColleagueRequest"/>			   			     			   <C-PEPS countryCode="PT" URL="https://eu-id.teste.cartaodecidadao.gov.pt/PEPS/ColleagueRequest"/>			   			   			   			    			   <C-PEPS countryCode="SI" URL="https://peps-test.mju.gov.si/PEPS/ColleagueRequest">			    diff --git a/id/server/data/deploy/conf/moa-id/SampleMOAIDConfiguration_withTestBKsProxy.xml b/id/server/data/deploy/conf/moa-id/SampleMOAIDConfiguration_withTestBKsProxy.xml index f9ab3469b..f3c0877a6 100644 --- a/id/server/data/deploy/conf/moa-id/SampleMOAIDConfiguration_withTestBKsProxy.xml +++ b/id/server/data/deploy/conf/moa-id/SampleMOAIDConfiguration_withTestBKsProxy.xml @@ -53,7 +53,7 @@  			   </C-PEPS>			                   			<!-- Test C-PEPS -->		  			<!--				    -			   <C-PEPS countryCode="ES" URL="https://88.84.94.24/PEPS/ColleagueRequest"/>			   			   			  			    +			   <C-PEPS countryCode="ES" URL="https://prespanishpeps.redsara.es/PEPS/ColleagueRequests"/>			   			   			  			     			   <C-PEPS countryCode="IT" URL="https://it-peps-stork.polito.it/PEPS2/ColleagueRequest"/>			   			     			   <C-PEPS countryCode="PT" URL="https://eu-id.teste.cartaodecidadao.gov.pt/PEPS/ColleagueRequest"/>			   			   			   			    			   <C-PEPS countryCode="SI" URL="https://peps-test.mju.gov.si/PEPS/ColleagueRequest">			    diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/CreateXMLSignatureResponseParser.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/CreateXMLSignatureResponseParser.java index 6004f251f..1624a59c0 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/CreateXMLSignatureResponseParser.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/CreateXMLSignatureResponseParser.java @@ -25,10 +25,13 @@  package at.gv.egovernment.moa.id.auth.parser;  import java.io.ByteArrayInputStream; +import java.io.IOException;  import java.io.InputStream;  import java.util.ArrayList;  import java.util.List; +import javax.xml.transform.TransformerException; +  import org.w3c.dom.Element;  import org.w3c.dom.NodeList;  import org.w3c.dom.traversal.NodeIterator; @@ -157,6 +160,7 @@ public class CreateXMLSignatureResponseParser {        Element dsigSignatureNode = (Element) list.item(0);        Element dsigSignatureElement = (Element) dsigSignatureNode; +              cResp.setDsigSignature(dsigSignatureElement);      }      catch (Throwable t) { @@ -201,6 +205,11 @@ public class CreateXMLSignatureResponseParser {        SAMLAttribute[] result = new SAMLAttribute[samlAttributes.size()];        samlAttributes.toArray(result);        cResp.setSamlAttributes(result); +       +      NodeList list = sigResponse_.getElementsByTagNameNS(Constants.DSIG_NS_URI, "Signature"); +      Element dsigSignatureNode = (Element) list.item(0);  +      cResp.setDsigSignature(dsigSignatureNode); +            }      catch (Throwable t) {        throw new ParseException("parser.01", new Object[] { t.toString()}, t); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/VerifyXMLSignatureResponseParser.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/VerifyXMLSignatureResponseParser.java index 4ddad2429..2c957603b 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/VerifyXMLSignatureResponseParser.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/VerifyXMLSignatureResponseParser.java @@ -151,6 +151,8 @@ public class VerifyXMLSignatureResponseParser {      VerifyXMLSignatureResponse respData=new VerifyXMLSignatureResponse();      try { +    	 +      String s = DOMUtils.serializeNode(verifyXMLSignatureResponse);        respData.setXmlDsigSubjectName(XPathUtils.getElementValue(verifyXMLSignatureResponse,DSIG_SUBJECT_NAME_XPATH,""));        Element e = (Element)XPathUtils.selectSingleNode(verifyXMLSignatureResponse,QUALIFIED_CERTIFICATE_XPATH);        respData.setQualifiedCertificate(e!=null); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java index d0fb1f87f..b2ef2d000 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java @@ -24,9 +24,14 @@  package at.gv.egovernment.moa.id.auth.validator; +import java.util.Calendar; +import java.util.GregorianCalendar;  import java.util.Iterator;  import java.util.List; +import javax.xml.bind.DatatypeConverter; + +import org.jaxen.SimpleNamespaceContext;  import org.w3c.dom.Element;  import at.gv.egovernment.moa.id.auth.builder.AuthenticationBlockAssertionBuilder; @@ -59,11 +64,25 @@ public class CreateXMLSignatureResponseValidator {    /** Xpath expression to the dsig:Signature element */    private static final String SIGNATURE_XPATH = Constants.DSIG_PREFIX + ":Signature"; -  //private static final String XADES_SIGNINGTIME_PATH = Constants.XADES_1_1_1_NS_PREFIX + ":SigningTime"; -      +  private static final String XADES_1_1_1_SIGNINGTIME_PATH = "//" + Constants.XADES_1_1_1_NS_PREFIX + ":SigningTime"; +  private static final String XADES_1_3_2_SIGNINGTIME_PATH = "//" + Constants.XADES_1_3_2_NS_PREFIX + ":SigningTime"; +   +   +  private static final long MAX_DIFFERENCE_IN_MILLISECONDS = 600000; // 10min +     /** Singleton instance. <code>null</code>, if none has been created. */    private static CreateXMLSignatureResponseValidator instance; +  private static SimpleNamespaceContext NS_CONTEXT; +  static { +    NS_CONTEXT = new SimpleNamespaceContext(); +    NS_CONTEXT.addNamespace(Constants.XADES_1_1_1_NS_PREFIX, Constants.XADES_1_1_1_NS_URI); +    NS_CONTEXT.addNamespace(Constants.XADES_1_2_2_NS_PREFIX, Constants.XADES_1_2_2_NS_URI); +    NS_CONTEXT.addNamespace(Constants.XADES_1_3_2_NS_PREFIX, Constants.XADES_1_3_2_NS_URI); +    NS_CONTEXT.addNamespace(Constants.XADES_1_4_1_NS_PREFIX, Constants.XADES_1_4_1_NS_URI); +  } + +      /**     * Constructor for a singleton CreateXMLSignatureResponseValidator.     * @return an instance of CreateXMLSignatureResponseValidator @@ -550,8 +569,36 @@ public class CreateXMLSignatureResponseValidator {    public void validateSigningDateTime( CreateXMLSignatureResponse csresp) throws ValidateException { -	  //TODO: insert Time validation!!!! -	   +	  Element dsigSignatureElement = csresp.getDsigSignature(); +	  if (dsigSignatureElement == null) { +		  throw new ValidateException("validator.05", new Object[] {"im AUTHBlock"}) ; +	  } +	  else { +		  Element signingTimeElem = (Element) XPathUtils.selectSingleNode(dsigSignatureElement, NS_CONTEXT, XADES_1_1_1_SIGNINGTIME_PATH); +		  if (signingTimeElem == null) { +			  signingTimeElem = (Element) XPathUtils.selectSingleNode(dsigSignatureElement, NS_CONTEXT, XADES_1_3_2_SIGNINGTIME_PATH); +			  if (signingTimeElem == null) +				  throw new ValidateException("validator.68", null) ; +		  } +			   +			   +		  String signingTimeStr = signingTimeElem.getTextContent(); +		  if (signingTimeStr == null) +			  throw new ValidateException("validator.68", null) ; +			   +		  Calendar signingTimeCal = DatatypeConverter.parseDate(signingTimeStr); +		  Calendar serverTimeCal = new GregorianCalendar(); +		   +		  long diff = Math.abs(signingTimeCal.getTimeInMillis() - serverTimeCal.getTimeInMillis()); +		   +		  if (diff > MAX_DIFFERENCE_IN_MILLISECONDS) +			  throw new ValidateException("validator.69", new Object[] {"mehr als " + MAX_DIFFERENCE_IN_MILLISECONDS + " Millisekunden"}) ; + +		  Logger.debug("Compare \"" + signingTimeCal.getTime() + "\" (SigningTime) with \"" + serverTimeCal.getTime() + "\" (server time)"); +			 +		   +	  } +		      }  } diff --git a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties index 272f26efb..c5ebc4b0d 100644 --- a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties +++ b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties @@ -181,6 +181,8 @@ validator.65=Es ist ein Fehler bei der Formulargenerierung f�r berufliche Part  validator.66=?berpr?fung der {0}-Infobox fehlgeschlagen\: berufliche Parteienvetretung ist nicht konfiguriert.
  validator.67=Der Specialtext ({0}) stimmt nicht mit dem für diese Applikation hinterlegten Text ({1}) überein.
 +validator.68=SigningTime im AUTH-Block konnte nicht eruiert werden.
 +validator.69=SigningTime im AUTH-Block und Serverzeit weichen zu stark ab ({0}).
  ssl.01=Validierung des SSL-Server-Endzertifikates hat fehlgeschlagen
 diff --git a/id/server/moa-id-commons/.classpath b/id/server/moa-id-commons/.classpath index 88431cf04..0e89cea3d 100644 --- a/id/server/moa-id-commons/.classpath +++ b/id/server/moa-id-commons/.classpath @@ -6,11 +6,6 @@  			<attribute name="maven.pomderived" value="true"/>  		</attributes>  	</classpathentry> -	<classpathentry excluding="**" kind="src" output="target/classes" path="src/main/resources"> -		<attributes> -			<attribute name="maven.pomderived" value="true"/> -		</attributes> -	</classpathentry>  	<classpathentry kind="src" output="target/test-classes" path="src/test/java">  		<attributes>  			<attribute name="optional" value="true"/> @@ -18,20 +13,20 @@  		</attributes>  	</classpathentry>  	<classpathentry kind="src" path="target/generated-sources/xjc"/> -	<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/J2SE-1.5"> +	<classpathentry excluding="**" kind="src" output="target/classes" path="src/main/resources/config">  		<attributes>  			<attribute name="maven.pomderived" value="true"/>  		</attributes>  	</classpathentry> -	<classpathentry kind="con" path="org.eclipse.m2e.MAVEN2_CLASSPATH_CONTAINER"> +	<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/J2SE-1.5">  		<attributes>  			<attribute name="maven.pomderived" value="true"/> -			<attribute name="org.eclipse.jst.component.nondependency" value=""/>  		</attributes>  	</classpathentry> -	<classpathentry excluding="**" kind="src" output="target/test-classes" path="src/test/resources"> +	<classpathentry kind="con" path="org.eclipse.m2e.MAVEN2_CLASSPATH_CONTAINER">  		<attributes>  			<attribute name="maven.pomderived" value="true"/> +			<attribute name="org.eclipse.jst.component.nondependency" value=""/>  		</attributes>  	</classpathentry>  	<classpathentry kind="output" path="target/classes"/> diff --git a/id/server/moa-id-commons/.project b/id/server/moa-id-commons/.project index 75c3e013e..a7c3725f2 100644 --- a/id/server/moa-id-commons/.project +++ b/id/server/moa-id-commons/.project @@ -28,10 +28,10 @@  		</buildCommand>  	</buildSpec>  	<natures> +		<nature>org.eclipse.m2e.core.maven2Nature</nature>  		<nature>org.eclipse.jem.workbench.JavaEMFNature</nature>  		<nature>org.eclipse.wst.common.modulecore.ModuleCoreNature</nature>  		<nature>org.eclipse.jdt.core.javanature</nature> -		<nature>org.eclipse.m2e.core.maven2Nature</nature>  		<nature>org.eclipse.wst.common.project.facet.core.nature</nature>  	</natures>  </projectDescription> | 
