aboutsummaryrefslogtreecommitdiff
path: root/id/server
diff options
context:
space:
mode:
Diffstat (limited to 'id/server')
-rw-r--r--id/server/auth/.gitignore2
-rw-r--r--id/server/auth/src/main/webapp/index.html2
-rw-r--r--id/server/data/deploy/conf/moa-id/moa-id.properties28
-rw-r--r--id/server/doc/handbook/config/config.html124
-rw-r--r--id/server/doc/handbook/index.html2
-rw-r--r--id/server/idserverlib/.gitignore1
-rw-r--r--id/server/idserverlib/bin/.gitignore2
-rw-r--r--id/server/idserverlib/pom.xml24
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java24
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java3
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java2
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/PVPAttributeBuilder.java4
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java17
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java18
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java15
-rw-r--r--id/server/idserverlib/src/main/resources/resources/properties/pvp-stork_role_mapping.properties4
-rw-r--r--id/server/moa-id-commons/.gitignore1
-rw-r--r--id/server/proxy/.gitignore2
-rw-r--r--id/server/stork2-commons/.gitignore1
-rw-r--r--id/server/stork2-saml-engine/.gitignore1
20 files changed, 250 insertions, 27 deletions
diff --git a/id/server/auth/.gitignore b/id/server/auth/.gitignore
new file mode 100644
index 000000000..4dc009173
--- /dev/null
+++ b/id/server/auth/.gitignore
@@ -0,0 +1,2 @@
+/target
+/bin
diff --git a/id/server/auth/src/main/webapp/index.html b/id/server/auth/src/main/webapp/index.html
index 968f211bc..391195def 100644
--- a/id/server/auth/src/main/webapp/index.html
+++ b/id/server/auth/src/main/webapp/index.html
@@ -14,7 +14,7 @@
</tr>
</table>
<hr/>
- <p class="title">MOA-ID 2.1.1</p>
+ <p class="title">MOA-ID 2.1.2</p>
<hr/>
<h1>Inhalt</h1>
<ol>
diff --git a/id/server/data/deploy/conf/moa-id/moa-id.properties b/id/server/data/deploy/conf/moa-id/moa-id.properties
index 4290b1985..9d1e931e9 100644
--- a/id/server/data/deploy/conf/moa-id/moa-id.properties
+++ b/id/server/data/deploy/conf/moa-id/moa-id.properties
@@ -125,3 +125,31 @@ advancedlogging.hibernate.c3p0.timeout=300
advancedlogging.hibernate.c3p0.max_size=20
advancedlogging.hibernate.c3p0.max_statements=0
advancedlogging.hibernate.c3p0.min_size=3
+
+
+################SZR Client configuration####################################
+## The SZR client is only required if MOA-ID-Auth should be
+## use as STORK <-> PVP Gateway.
+########
+service.egovutil.szr.test=true
+service.egovutil.szr.test.url=https://pvawp.bmi.gv.at/bmi.gv.at/soap/SZ2Services-T/services/SZR
+service.egovutil.szr.prod.url=https://pvawp.bmi.gv.at/bmi.gv.at/soap/SZ2Services/services/SZR
+service.egovutil.szr.token.version=1.8
+service.egovutil.szr.token.participantid=
+service.egovutil.szr.token.gvoudomain=
+service.egovutil.szr.token.userid=
+service.egovutil.szr.token.cn=
+service.egovutil.szr.token.gvouid=
+service.egovutil.szr.token.ou=
+service.egovutil.szr.token.gvsecclass=
+service.egovutil.szr.token.gvfunction=
+service.egovutil.szr.token.gvgid=
+service.egovutil.szr.roles=
+service.egovutil.szr.ssl.keystore.file=
+service.egovutil.szr.ssl.keystore.password=
+service.egovutil.szr.ssl.keystore.type=
+service.egovutil.szr.ssl.truststore.file=
+service.egovutil.szr.ssl.truststore.password=
+service.egovutil.szr.ssl.truststore.type=
+service.egovutil.szr.ssl.trustall=false
+service.egovutil.szr.ssl.laxhostnameverification=false \ No newline at end of file
diff --git a/id/server/doc/handbook/config/config.html b/id/server/doc/handbook/config/config.html
index 2d2709bcc..9b4190035 100644
--- a/id/server/doc/handbook/config/config.html
+++ b/id/server/doc/handbook/config/config.html
@@ -74,6 +74,7 @@
</ol>
</li>
<li> <a href="#basisconfig_moa_id_auth_param_testing">Testing</a></li>
+ <li><a href="#basisconfig_moa_id_auth_szrclient">SZR Client f&uuml;r STORK &lt;-&gt; PVP Gateway Betrieb</a></li>
</ol>
</li>
</ol>
@@ -904,7 +905,130 @@ https://&lt;host&gt;:&lt;port&gt;/moa-id-auth/MonitoringServlet</pre>
<p><strong>Defaultwert:</strong> true</p></td>
</tr>
</table>
+ <h4><a name="basisconfig_moa_id_auth_szrclient" id="uebersicht_bekanntmachung16"></a>2.2.2.6 SZR Client f&uuml;r STORK &lt;-&gt; PVP Gateway Betrieb</h4>
+ <p>Die Konfiguration des Stammzahlenregister (SZR) Clients ist nur erforderlich wenn das Modul MOA-ID-Auth als STORK &lt;-&gt; PVP Gateway betrieben wird. Da in diesem Fall die Benutzerin oder der Benutzer &uuml;ber ein PVP Stammportal authentifiziert wird ist eine direkte Generierung der STORK eID w&auml;hrend des Anmeldevorgangs nicht m&ouml;glich. Somit erfolgt f&uuml;r diese Personen einen Stammzahlenregisterabfrage zur Bestimmung der STORK eID.</p>
+ <p>F&uuml;r den in MOA-ID-Auth verwendeten SZR Client sind folgende Konfigurationsparameter erforderlich.</p>
+ <table width="1247" border="1">
+ <tr>
+ <th width="281" scope="col">Name</th>
+ <th width="261" scope="col">Beispielwert</th>
+ <th width="683" scope="col">Beschreibung</th>
+ </tr>
+ <tr>
+ <td>service.egovutil.szr.test</td>
+ <td>false</td>
+ <td>Definiert ob das Produktivsystem oder das Testsystem des SZR Webservice verwendet werden soll</td>
+ </tr>
+ <tr>
+ <td>service.egovutil.szr.test.url</td>
+ <td>&nbsp;</td>
+ <td>URL auf das Test SZR Webservice</td>
+ </tr>
+ <tr>
+ <td>service.egovutil.szr.prod.url</td>
+ <td>&nbsp;</td>
+ <td>URL auf das produktive SZR Webservice</td>
+ </tr>
+ <tr>
+ <td>service.egovutil.szr.token.version</td>
+ <td>1.8</td>
+ <td><p>Verwendete PVP Version</p>
+ <p><strong>Hinweis: </strong>der Client implementiert die PVP Version 1.8</p></td>
+ </tr>
+ <tr>
+ <td>service.egovutil.szr.token.participantid</td>
+ <td>&nbsp;</td>
+ <td>Org-ID des Portalverbund-Teilnehmers bei dem der Benutzer registriert ist.</td>
+ </tr>
+ <tr>
+ <td>service.egovutil.szr.token.gvoudomain</td>
+ <td>&nbsp;</td>
+ <td>Organisations-Dom&auml;ne des Benutzers</td>
+ </tr>
+ <tr>
+ <td>service.egovutil.szr.token.userid</td>
+ <td>&nbsp;</td>
+ <td>UserID, mit dem der Benutzer am Stammportal authentifiziert ist</td>
+ </tr>
+ <tr>
+ <td>service.egovutil.szr.token.cn</td>
+ <td>&nbsp;</td>
+ <td>Name des Benutzers oder des System-Principals in der Form Anwendung.Subsystem</td>
+ </tr>
+ <tr>
+ <td>service.egovutil.szr.token.gvouid</td>
+ <td>&nbsp;</td>
+ <td>Stammdienststelle: Eindeutige Kennung f&uuml;r die Organisation des Benutzers</td>
+ </tr>
+ <tr>
+ <td>service.egovutil.szr.token.ou</td>
+ <td>&nbsp;</td>
+ <td>Stammdienststelle: Verwaltungskennzeichen der mit gvouid bezeichneten Organisation</td>
+ </tr>
+ <tr>
+ <td>service.egovutil.szr.token.gvsecclass</td>
+ <td>&nbsp;</td>
+ <td>Sicherheitsklasse</td>
+ </tr>
+ <tr>
+ <td>service.egovutil.szr.token.gvfunction</td>
+ <td>&nbsp;</td>
+ <td>Entspricht Funktion in gvPersonenFunktion.</td>
+ </tr>
+ <tr>
+ <td>service.egovutil.szr.token.gvgid</td>
+ <td>&nbsp;</td>
+ <td>Globaler Identifier des Benutzers</td>
+ </tr>
+ <tr>
+ <td>service.egovutil.szr.roles</td>
+ <td>szr-bpk-abfrage,szr-stammzahl-abfrage</td>
+ <td><p>PVP Rolle f&uuml;r den Zugriff auf das SZR</p>
+ <p>Hinweis: mehrere Rollen werden mittels ',' getrennt. </p></td>
+ </tr>
+ <tr>
+ <td>service.egovutil.szr.ssl.keystore.file</td>
+ <td>keys/szr-key.p12</td>
+ <td>Dateiname des Java Keystore oder PKCS12 Keystore zur Authentifizierung mittels Client Zertifikat am SZR Webservice.</td>
+ </tr>
+ <tr>
+ <td>service.egovutil.szr.ssl.keystore.password</td>
+ <td>password</td>
+ <td>Passwort f&uuml;r den Keystore mit dem Client Zertifikat</td>
+ </tr>
+ <tr>
+ <td>service.egovutil.szr.ssl.keystore.type</td>
+ <td>PKCS12</td>
+ <td>Typ des Keystore mit dem Client Zertifikat (PKCS12 oder JKS)</td>
+ </tr>
+ <tr>
+ <td>service.egovutil.szr.ssl.truststore.file</td>
+ <td>keys/truststore.jks</td>
+ <td>Dateiname des Truststores zur Validierung von SSL Servicerzertifikaten</td>
+ </tr>
+ <tr>
+ <td>service.egovutil.szr.ssl.truststore.password</td>
+ <td>password</td>
+ <td>Passwort f&uuml;r den Truststore</td>
+ </tr>
+ <tr>
+ <td>service.egovutil.szr.ssl.truststore.type</td>
+ <td>JKS</td>
+ <td>Typ des TrustStore (PKCS12 oder JKS)</td>
+ </tr>
+ <tr>
+ <td>service.egovutil.szr.ssl.trustall</td>
+ <td>false</td>
+ <td>Deaktiviert die SSL Serverzertifikatsvalidierung</td>
+ </tr>
+ <tr>
+ <td>service.egovutil.szr.ssl.laxhostnameverification</td>
+ <td>false</td>
+ <td>Deaktiviert die Validierung des Hostname mit dem SSL Serverzertifikat</td>
+ </tr>
+ </table>
<p>&nbsp;</p>
+ <p><strong>Hinweis:</strong> Detaillierte Informationen zu den einzelnen PVP spezifischen Konfigurationsparametern finden Sie in der entsprechenden PVP Spezifikation.</p>
<h2><a name="uebersicht_logging" id="uebersicht_logging"></a>2.3 Konfiguration des Loggings</h2>
<p>Die Module MOA-ID-Auth und MOA-ID-Configuration verwendet als Framework f&uuml;r Logging-Information die Open Source Software <code>log4j</code>. Die Konfiguration der Logging-Information erfolgt nicht direkt durch die einzelnen Module, sondern &uuml;ber eine eigene Konfigurationsdatei, die der <span class="term">Java Virtual Machine</span> durch eine <span class="term">System Property </span> mitgeteilt wird. Der Name der <span class="term">System Property </span> lautet <code>log4j.configuration</code>; als Wert der <span class="term">System Property </span> ist eine URL anzugeben, die auf die <code>log4j</code>-Konfigurationsdatei verweist, z.B. </p>
<pre>log4j.configuration=file:/C:/Programme/apache/tomcat-4.1.30/conf/moa-id/log4j.properties</pre>
diff --git a/id/server/doc/handbook/index.html b/id/server/doc/handbook/index.html
index 892a82484..c3b25b390 100644
--- a/id/server/doc/handbook/index.html
+++ b/id/server/doc/handbook/index.html
@@ -15,7 +15,7 @@
</table>
<hr/>
<p class="title">MOA-ID (Identifikation) </p>
- <p class="subtitle">&Uuml;bersicht zur Dokumentation der Version 2.1.1 </p>
+ <p class="subtitle">&Uuml;bersicht zur Dokumentation der Version 2.1.2 </p>
<hr/>
<dl>
<dt><a href="./intro/intro.html">Einf&uuml;hrung</a></dt>
diff --git a/id/server/idserverlib/.gitignore b/id/server/idserverlib/.gitignore
new file mode 100644
index 000000000..ea8c4bf7f
--- /dev/null
+++ b/id/server/idserverlib/.gitignore
@@ -0,0 +1 @@
+/target
diff --git a/id/server/idserverlib/bin/.gitignore b/id/server/idserverlib/bin/.gitignore
new file mode 100644
index 000000000..e2c1dc811
--- /dev/null
+++ b/id/server/idserverlib/bin/.gitignore
@@ -0,0 +1,2 @@
+/src
+/src
diff --git a/id/server/idserverlib/pom.xml b/id/server/idserverlib/pom.xml
index 32c8f5705..65004490b 100644
--- a/id/server/idserverlib/pom.xml
+++ b/id/server/idserverlib/pom.xml
@@ -75,6 +75,10 @@
<artifactId>axis-wsdl4j</artifactId>
<groupId>axis</groupId>
</exclusion>
+ <exclusion>
+ <artifactId>jaxb-impl</artifactId>
+ <groupId>com.sun.xml.bind</groupId>
+ </exclusion>
</exclusions>
</dependency>
<dependency>
@@ -115,6 +119,14 @@
<artifactId>bcprov-jdk16</artifactId>
<groupId>bouncycastle</groupId>
</exclusion>
+ <exclusion>
+ <artifactId>jaxb-impl</artifactId>
+ <groupId>com.sun.xml.bind</groupId>
+ </exclusion>
+ <exclusion>
+ <artifactId>jaxb-core</artifactId>
+ <groupId>com.sun.xml.bind</groupId>
+ </exclusion>
</exclusions>
</dependency>
@@ -123,6 +135,14 @@
<artifactId>jaxb-api</artifactId>
</dependency>
+ <!-- Required for MOA-SPSS API access -->
+ <dependency>
+ <groupId>com.sun.xml.rpc</groupId>
+ <artifactId>jaxrpc-impl</artifactId>
+ <version>1.1.3_01</version>
+ </dependency>
+
+
<dependency>
<groupId>javax.mail</groupId>
<artifactId>mail</artifactId>
@@ -370,6 +390,10 @@
<artifactId>bcprov-jdk16</artifactId>
<groupId>org.bouncycastle</groupId>
</exclusion>
+ <exclusion>
+ <artifactId>jaxws-tools</artifactId>
+ <groupId>com.sun.xml.ws</groupId>
+ </exclusion>
</exclusions>
</dependency>
</dependencies>
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
index 48933d5c9..5c0e497a3 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
@@ -364,8 +364,28 @@ public class AuthenticationDataBuilder implements MOAIDAuthConstants {
authData.setIdentificationType(extractor.getSingleAttributeValue(PVPConstants.EID_SOURCE_PIN_TYPE_NAME));
if (extractor.containsAttribute(PVPConstants.BPK_NAME)) {
- String pvpbPK = extractor.getSingleAttributeValue(PVPConstants.BPK_NAME);
- authData.setBPK(pvpbPK.split(":")[1]);
+ String pvpbPK = extractor.getSingleAttributeValue(PVPConstants.BPK_NAME);
+ String[] spitted = pvpbPK.split(":");
+ authData.setBPK(spitted[1]);
+ if (MiscUtil.isEmpty(authData.getBPKType())) {
+ Logger.debug("PVP assertion contains NO bPK/wbPK target attribute. " +
+ "Starting target extraction from bPK/wbPK prefix ...");
+ //exract bPK/wbPK type from bpk attribute value prefix if type is
+ //not transmitted as single attribute
+ Pattern pattern = Pattern.compile("[a-zA-Z]{2}(-[a-zA-Z]+)?");
+ Matcher matcher = pattern.matcher(spitted[0]);
+ if (matcher.matches()) {
+ //find public service bPK
+ authData.setBPKType(Constants.URN_PREFIX_CDID + "+" + spitted[0]);
+ Logger.debug("Found bPK prefix. Set target to " + authData.getBPKType());
+
+ } else {
+ //find business service wbPK
+ authData.setBPKType(Constants.URN_PREFIX_WBPK+ "+" + spitted[0]);
+ Logger.debug("Found wbPK prefix. Set target to " + authData.getBPKType());
+
+ }
+ }
}
boolean foundEncryptedbPKForOA = false;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java
index a2570ed7e..063d7d8e4 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java
@@ -277,11 +277,10 @@ public class BPKBuilder {
MessageDigest md = MessageDigest.getInstance("SHA-1");
byte[] hash = md.digest(basisbegriff.getBytes("ISO-8859-1"));
String hashBase64 = Base64Utils.encode(hash);
- Logger.debug("STORK identification defined as: " + hashBase64);
return hashBase64;
} catch (Exception ex) {
- throw new BuildException("builder.00", new Object[]{"storkid", ex.toString()}, ex);
+ throw new BuildException("builder.00", new Object[]{"bPK/wbPK", ex.toString()}, ex);
}
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java
index dbf54951f..0a8a6a581 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java
@@ -194,7 +194,7 @@ public class MetadataAction implements IAction {
.createSAMLObject(SPSSODescriptor.class);
spSSODescriptor.setAuthnRequestsSigned(true);
- spSSODescriptor.setWantAssertionsSigned(true);
+ spSSODescriptor.setWantAssertionsSigned(false);
//Set AuthRequest Signing certificate
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/PVPAttributeBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/PVPAttributeBuilder.java
index 8b6e71e6b..3d8661143 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/PVPAttributeBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/PVPAttributeBuilder.java
@@ -150,14 +150,14 @@ public class PVPAttributeBuilder {
}
public static Attribute buildAttribute(String name, OAAuthParameter oaParam,
- IAuthData authData) throws PVP2Exception {
+ IAuthData authData) throws PVP2Exception, AttributeException {
if (builders.containsKey(name)) {
try {
return builders.get(name).build(oaParam, authData, generator);
}
catch (AttributeException e) {
if (e instanceof UnavailableAttributeException) {
- throw new UnprovideableAttributeException(((UnavailableAttributeException) e).getAttributeName());
+ throw e;
} else if (e instanceof InvalidDateFormatAttributeException) {
throw new InvalidDateFormatException();
} else if (e instanceof NoMandateDataAttributeException) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java
index 3b01e91ad..b301b6e5e 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java
@@ -70,6 +70,8 @@ import at.gv.egovernment.moa.id.data.IAuthData;
import at.gv.egovernment.moa.id.data.SLOInformationImpl;
import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
import at.gv.egovernment.moa.id.protocols.pvp2x.builder.PVPAttributeBuilder;
+import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException;
+import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.UnavailableAttributeException;
import at.gv.egovernment.moa.id.protocols.pvp2x.config.PVPConfiguration;
import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.MandateAttributesNotHandleAbleException;
import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.NoMandateDataAvailableException;
@@ -251,10 +253,21 @@ public class PVP2AssertionBuilder implements PVPConstants {
} else {
attrList.add(attr);
}
+
+ } catch (UnavailableAttributeException e) {
+ Logger.info(
+ "Attribute generation for "
+ + reqAttribut.getFriendlyName() + " not possible.");
+ if (reqAttribut.isRequired()) {
+ throw new UnprovideableAttributeException(
+ reqAttribut.getName());
+ }
+
+
} catch (PVP2Exception e) {
- Logger.error(
+ Logger.warn(
"Attribute generation failed! for "
- + reqAttribut.getFriendlyName(), e);
+ + reqAttribut.getFriendlyName());
if (reqAttribut.isRequired()) {
throw new UnprovideableAttributeException(
reqAttribut.getName());
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java
index 7d3c72630..65e520cc3 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java
@@ -36,8 +36,6 @@ import javax.xml.transform.TransformerException;
import org.w3c.dom.Element;
import org.xml.sax.SAXException;
-import com.sun.xml.bind.marshaller.NamespacePrefixMapper;
-
import at.gv.egovernment.moa.id.auth.AuthenticationServer;
import at.gv.egovernment.moa.id.auth.builder.AuthenticationDataAssertionBuilder;
import at.gv.egovernment.moa.id.auth.builder.BPKBuilder;
@@ -235,14 +233,14 @@ public class SAML1AuthenticationServer extends AuthenticationServer {
Marshaller m = jc.createMarshaller();
m.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, Boolean.TRUE);
- m.setProperty("com.sun.xml.bind.namespacePrefixMapper", new NamespacePrefixMapper() {
- public String getPreferredPrefix(String arg0, String arg1, boolean arg2) {
- if (Constants.PD_NS_URI.equals(arg0))
- return Constants.PD_PREFIX;
- else
- return arg1;
- }
- });
+// m.setProperty("com.sun.xml.bind.namespacePrefixMapper", new NamespacePrefixMapper() {
+// public String getPreferredPrefix(String arg0, String arg1, boolean arg2) {
+// if (Constants.PD_NS_URI.equals(arg0))
+// return Constants.PD_PREFIX;
+// else
+// return arg1;
+// }
+// });
ByteArrayOutputStream stream = new ByteArrayOutputStream();
m.marshal(
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java
index 021eaee37..aaded0ce6 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java
@@ -36,12 +36,17 @@ import eu.stork.peps.auth.commons.STORKStatusCode;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
+import java.text.DateFormat;
+import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
+import org.joda.time.format.DateTimeFormat;
+import org.joda.time.format.DateTimeFormatter;
+
import javassist.expr.Instanceof;
/**
@@ -65,7 +70,7 @@ public class MOAAttributeProvider {
Map<String, String> tempFunctionMap = new HashMap<String, String>();
tempFunctionMap.put("eIdentifier", "geteIdentifier");
tempFunctionMap.put("ECApplicationRole","getECApplicationRole");
- tempSimpleMap.put("dateOfBirth", "getFormatedDateOfBirth");
+ tempFunctionMap.put("dateOfBirth", "getFormatedDateOfBirth");
storkAttributeFunctionMapping = Collections.unmodifiableMap(tempFunctionMap);
}
@@ -116,7 +121,7 @@ public class MOAAttributeProvider {
private List<String> getECApplicationRole() {
List<String> storkRoles = null;
- if (true || authData.getAuthenticationRoles() != null
+ if (authData.getAuthenticationRoles() != null
&& authData.getAuthenticationRoles().size() > 0) {
storkRoles = new ArrayList<String>();
@@ -132,9 +137,11 @@ public class MOAAttributeProvider {
}
private String getFormatedDateOfBirth() {
- if (authData.getDateOfBirth() != null)
- return authData.getFormatedDateOfBirth();
+ if (authData.getDateOfBirth() != null) {
+ DateFormat fmt = new SimpleDateFormat("yyyyMMdd");
+ return fmt.format(authData.getDateOfBirth());
+ }
else
return null;
diff --git a/id/server/idserverlib/src/main/resources/resources/properties/pvp-stork_role_mapping.properties b/id/server/idserverlib/src/main/resources/resources/properties/pvp-stork_role_mapping.properties
index 5bcfc7bd2..295d381cd 100644
--- a/id/server/idserverlib/src/main/resources/resources/properties/pvp-stork_role_mapping.properties
+++ b/id/server/idserverlib/src/main/resources/resources/properties/pvp-stork_role_mapping.properties
@@ -1,2 +1,2 @@
-xxpvprole=CIRCABC/viewer
-yypvprole=CIRCABC/admin \ No newline at end of file
+viewer=CIRCABC/viewer
+CIRCABC-viewer=CIRCABC/viewer \ No newline at end of file
diff --git a/id/server/moa-id-commons/.gitignore b/id/server/moa-id-commons/.gitignore
new file mode 100644
index 000000000..ea8c4bf7f
--- /dev/null
+++ b/id/server/moa-id-commons/.gitignore
@@ -0,0 +1 @@
+/target
diff --git a/id/server/proxy/.gitignore b/id/server/proxy/.gitignore
new file mode 100644
index 000000000..4dc009173
--- /dev/null
+++ b/id/server/proxy/.gitignore
@@ -0,0 +1,2 @@
+/target
+/bin
diff --git a/id/server/stork2-commons/.gitignore b/id/server/stork2-commons/.gitignore
new file mode 100644
index 000000000..ea8c4bf7f
--- /dev/null
+++ b/id/server/stork2-commons/.gitignore
@@ -0,0 +1 @@
+/target
diff --git a/id/server/stork2-saml-engine/.gitignore b/id/server/stork2-saml-engine/.gitignore
new file mode 100644
index 000000000..ea8c4bf7f
--- /dev/null
+++ b/id/server/stork2-saml-engine/.gitignore
@@ -0,0 +1 @@
+/target