diff options
Diffstat (limited to 'id/server')
3 files changed, 35 insertions, 12 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java index 64447b20e..397eebd9b 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java @@ -399,9 +399,10 @@ public class PEPSConnectorServlet extends AuthServlet { ModulUtils.buildAuthURL(moaSession.getModul(), moaSession.getAction(), pendingRequestID), newMOASessionID);
redirectURL = response.encodeRedirectURL(redirectURL);
- response.setContentType("text/html");
- response.setStatus(302);
- response.addHeader("Location", redirectURL);
+// response.setContentType("text/html");
+// response.setStatus(302);
+// response.addHeader("Location", redirectURL);
+ response.sendRedirect(redirectURL);
Logger.info("REDIRECT TO: " + redirectURL);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorWithLocalSigningServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorWithLocalSigningServlet.java index 62e15a379..cd7427913 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorWithLocalSigningServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorWithLocalSigningServlet.java @@ -24,7 +24,6 @@ package at.gv.egovernment.moa.id.auth.servlet; import iaik.x509.X509Certificate; -import java.io.ByteArrayInputStream; import java.io.IOException; import java.io.InputStream; import java.io.StringWriter; @@ -42,7 +41,6 @@ import javax.servlet.http.HttpServletResponse; import javax.xml.bind.JAXBContext; import javax.xml.bind.JAXBElement; import javax.xml.bind.JAXBException; -import javax.xml.parsers.DocumentBuilderFactory; import javax.xml.parsers.ParserConfigurationException; import javax.xml.transform.Source; import javax.xml.transform.TransformerConfigurationException; @@ -57,7 +55,6 @@ import org.apache.velocity.Template; import org.apache.velocity.VelocityContext; import org.apache.velocity.app.VelocityEngine; import org.opensaml.saml2.core.StatusCode; -import org.w3c.dom.Element; import org.xml.sax.SAXException; import at.gv.egovernment.moa.id.auth.AuthenticationServer; @@ -73,6 +70,7 @@ import at.gv.egovernment.moa.id.auth.exception.ServiceException; import at.gv.egovernment.moa.id.auth.stork.STORKException; import at.gv.egovernment.moa.id.auth.stork.STORKResponseProcessor; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; +import at.gv.egovernment.moa.id.commons.db.dao.config.AttributeProviderPlugin; import at.gv.egovernment.moa.id.config.ConfigurationException; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; @@ -86,7 +84,7 @@ import at.gv.egovernment.moa.spss.MOAException; import at.gv.egovernment.moa.spss.api.SPSSFactory; import at.gv.egovernment.moa.spss.api.SignatureVerificationService; import at.gv.egovernment.moa.spss.api.common.Content; -import at.gv.egovernment.moa.spss.api.common.SignerInfo; + import at.gv.egovernment.moa.spss.api.xmlverify.VerifySignatureInfo; import at.gv.egovernment.moa.spss.api.xmlverify.VerifySignatureLocation; import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureRequest; @@ -117,7 +115,7 @@ public class PEPSConnectorWithLocalSigningServlet extends AuthServlet { public static final String PEPSCONNECTOR_SERVLET_URL_PATTERN = "/PEPSConnectorWithLocalSigning"; - private String oasisDssWebFormURL = "http://testvidp.buergerkarte.at/oasis-dss/DSSWebFormServlet";//TODO load from config + private String oasisDssWebFormURL = "https://testvidp.buergerkarte.at/oasis-dss/DSSWebFormServlet";//TODO load from config /** @@ -262,9 +260,10 @@ public class PEPSConnectorWithLocalSigningServlet extends AuthServlet { ModulUtils.buildAuthURL(moaSession.getModul(), moaSession.getAction(), pendingRequestID), newMOASessionID); redirectURL = response.encodeRedirectURL(redirectURL); - response.setContentType("text/html"); - response.setStatus(302); - response.addHeader("Location", redirectURL); +// response.setContentType("text/html"); +// response.setStatus(302); +// response.addHeader("Location", redirectURL); + response.sendRedirect(redirectURL); Logger.info("REDIRECT TO: " + redirectURL); } catch (AuthenticationException e) { @@ -467,6 +466,29 @@ public class PEPSConnectorWithLocalSigningServlet extends AuthServlet { String url = acsURL+"?moaSessionID="+newMOASessionID; //redirect to OASIS module and sign there + + boolean found = false; + try{ + List<AttributeProviderPlugin> aps = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moaSession.getPublicOAURLPrefix()).getStorkAPs(); + for(AttributeProviderPlugin ap : aps) + { + if(ap.getAttributes().equalsIgnoreCase("signedDoc")) + { + oasisDssWebFormURL = ap.getUrl(); + found = true; + Logger.info("Loaded signedDoc attribute provider url from config:"+oasisDssWebFormURL); + break; + } + } + }catch(Exception e) + { + e.printStackTrace(); + Logger.error("Loading the signedDoc attribute provider url from config failed"); + } + if(!found) + { + Logger.error("Failed to load the signedDoc attribute provider url from config"); + } performRedirect(url,request,response,signRequest); return; diff --git a/id/server/idserverlib/src/main/resources/resources/templates/stork2_postbinding_template.html b/id/server/idserverlib/src/main/resources/resources/templates/stork2_postbinding_template.html index f655caee0..f901351a2 100644 --- a/id/server/idserverlib/src/main/resources/resources/templates/stork2_postbinding_template.html +++ b/id/server/idserverlib/src/main/resources/resources/templates/stork2_postbinding_template.html @@ -23,7 +23,7 @@ --> </style> - <form action="${action}" method="post" target="_parent"> + <form action="${action}" method="post" target="_self"> <div> #if($RelayState)<input type="hidden" name="RelayState" value="${RelayState}" />#end #if($SAMLRequest)<input type="hidden" |