diff options
Diffstat (limited to 'id')
4 files changed, 0 insertions, 949 deletions
diff --git a/id/server/auth/src/main/webapp/WEB-INF/urlrewrite.xml b/id/server/auth/src/main/webapp/WEB-INF/urlrewrite.xml deleted file mode 100644 index a67549ef3..000000000 --- a/id/server/auth/src/main/webapp/WEB-INF/urlrewrite.xml +++ /dev/null @@ -1,134 +0,0 @@ -<?xml version="1.0" encoding="utf-8"?> -<!DOCTYPE urlrewrite PUBLIC "-//tuckey.org//DTD UrlRewrite 4.0//EN" - "http://www.tuckey.org/res/dtds/urlrewrite4.0.dtd"> - -<!-- Configuration file for UrlRewriteFilter http://www.tuckey.org/urlrewrite/ --> -<urlrewrite> - - <rule> - <note> - The rule means that requests to /test/status/ will be redirected to - /rewrite-status - the url will be rewritten. - </note> - <from>/test/status/</from> - <to type="redirect">%{context-path}/rewrite-status</to> - </rule> - - <!-- Legacy Rules --> - <rule match-type="regex"> - <from>^/StartAuthentication$</from> - <to type="forward">/dispatcher?mod=id_saml1&action=GetArtifact</to> - </rule> - <rule match-type="regex"> - <from>^/StartAuthentication\?(.*)$</from> - <to type="forward">/dispatcher?mod=id_saml1&action=GetArtifact&$1</to> - </rule> - - <rule match-type="regex"> - <from>^/auth/([a-zA-Z0-9]+)/([a-zA-Z0-9]+)$</from> - <to type="forward">/dispatcher?mod=$1&action=$2</to> - </rule> - <rule match-type="regex"> - <from>^/auth/([a-zA-Z0-9]+)/([a-zA-Z0-9]+)\?(.*)$</from> - <to type="forward">/dispatcher?mod=$1&action=$2&$3</to> - </rule> - - - <rule match-type="regex"> - <from>^/pvp2/metadata$</from> - <to type="forward">/dispatcher?mod=id_pvp2x&action=Metadata&%{query-string}</to> - </rule> - <rule match-type="regex"> - <from>^/pvp2/redirect$</from> - <to type="forward">/dispatcher?mod=id_pvp2x&action=Redirect&endpointtype=idp&%{query-string}</to> - </rule> - <rule match-type="regex"> - <from>^/pvp2/post$</from> - <to type="forward">/dispatcher?mod=id_pvp2x&action=Post&endpointtype=idp&%{query-string}</to> - </rule> - <rule match-type="regex"> - <from>^/pvp2/Soap$</from> - <to type="forward">/dispatcher?mod=id_pvp2x&action=Soap&endpointtype=idp</to> - </rule> - <rule match-type="regex"> - <from>^/pvp2/attributequery$</from> - <to type="forward">/dispatcher?mod=id_pvp2x&action=AttributeQuery&endpointtype=idp</to> - </rule> - <rule match-type="regex"> - <from>^/pvp2/sp/redirect$</from> - <to type="forward">/dispatcher?mod=id_pvp2x&action=Redirect&endpointtype=sp&%{query-string}</to> - </rule> - <rule match-type="regex"> - <from>^/pvp2/sp/post$</from> - <to type="forward">/dispatcher?mod=id_pvp2x&action=Post&endpointtype=sp&%{query-string}</to> - </rule> - - - <rule match-type="regex"> - <from>^/stork2/StartAuthentication$</from> - <to type="forward">/dispatcher?mod=id_stork2&action=AuthenticationRequest&%{query-string}</to> - </rule> - <rule match-type="regex"> - <from>^/stork2/ResumeAuthentication$</from> - <to type="forward">/dispatcher?mod=id_stork2&action=AttributeCollector&%{query-string}</to> - </rule> - <rule match-type="regex"> - <from>^/stork2/GetConsent$</from> - <to type="forward">/dispatcher?mod=id_stork2&action=ConsentEvaluator&%{query-string}</to> - </rule> - <rule match-type="regex"> - <from>^/stork2/SendPEPSAuthnRequest$</from> - <to type="forward">/dispatcher?mod=id_stork2&action=AuthenticationRequest&%{query-string}</to> - </rule> - <rule match-type="regex"> - <from>^/stork2/ServiceProvider$</from> - <to type="forward">/dispatcher?mod=id_stork2&action=AuthenticationRequest&%{query-string}</to> - </rule> - <rule match-type="regex"> - <from>^/stork2/SendPEPSAuthnRequestWithoutSignedDoc$</from> - <to type="forward">/dispatcher?mod=id_stork2&action=AuthenticationRequest1&%{query-string}</to> - </rule> - <rule match-type="regex"> - <from>^/stork2/RetrieveMandate$</from> - <to type="forward">/dispatcher?mod=id_stork2&action=MandateRetrievalRequest&%{query-string}</to> - </rule> - - <!-- eIDAS protocol --> - <rule match-type="regex"> - <from>^/eidas/ColleagueRequest$</from> - <to type="forward">/dispatcher?mod=eidas&action=AuthenticationRequest&%{query-string}</to> - </rule> - <rule match-type="regex"> - <from>^/eidas/metadata$</from> - <to type="forward">/dispatcher?mod=eidas&action=MetadataRequest&%{query-string}</to> - </rule> - - - <rule match-type="regex"> - <from>^/oauth2/auth\\?(.*)$</from> - <to type="forward">/dispatcher?mod=id_oauth20&action=AUTH&%{query-string}</to> - </rule> - <rule match-type="regex"> - <from>^/oauth2/token\\?(.*)$</from> - <to type="forward">/dispatcher?mod=id_oauth20&action=TOKEN&%{query-string}</to> - </rule> - - - <outbound-rule> - <note> - The outbound-rule specifies that when response.encodeURL is called (if - you are using JSTL c:url) - the url /rewrite-status will be rewritten to /test/status/. - - The above rule and this outbound-rule means that end users should never - see the - url /rewrite-status only /test/status/ both in thier location bar and in - hyperlinks - in your pages. - </note> - <from>/rewrite-status</from> - <to>/test/status/</to> - </outbound-rule> - -</urlrewrite> diff --git a/id/server/auth/src/main/webapp/WEB-INF/web.xml b/id/server/auth/src/main/webapp/WEB-INF/web.xml index 92dcf1266..af1603621 100644 --- a/id/server/auth/src/main/webapp/WEB-INF/web.xml +++ b/id/server/auth/src/main/webapp/WEB-INF/web.xml @@ -5,11 +5,6 @@ <display-name>MOA ID Auth</display-name> <description>MOA ID Authentication Service</description> - <!-- bootstrap loader for spring framework --> -<!-- <listener> - <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class> - </listener> --> - <filter> <filter-name>characterEncodingFilter</filter-name> <filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class> @@ -27,142 +22,6 @@ <url-pattern>/*</url-pattern> </filter-mapping> - <!-- exposes request and response to the current thread --> -<!-- <filter> - <filter-name>requestContextFilter</filter-name> - <filter-class>org.springframework.web.filter.RequestContextFilter</filter-class> - </filter> - <filter-mapping> - <filter-name>requestContextFilter</filter-name> - <url-pattern>/*</url-pattern> - </filter-mapping> - - <filter> - <filter-name>UrlRewriteFilter</filter-name> - <filter-class>org.tuckey.web.filters.urlrewrite.UrlRewriteFilter</filter-class> - </filter> - <filter-mapping> - <filter-name>UrlRewriteFilter</filter-name> - <url-pattern>/*</url-pattern> - </filter-mapping> - - <servlet> - <description>Generate BKU Request template</description> - <display-name>GenerateIframeTemplate</display-name> - <servlet-name>GenerateIframeTemplate</servlet-name> - <servlet-class>at.gv.egovernment.moa.id.auth.servlet.GenerateIFrameTemplateServlet</servlet-class> - </servlet> - <servlet-mapping> - <servlet-name>GenerateIframeTemplate</servlet-name> - <url-pattern>/GenerateIframeTemplate</url-pattern> - </servlet-mapping> - - <servlet> - <display-name>RedirectServlet</display-name> - <servlet-name>RedirectServlet</servlet-name> - <servlet-class>at.gv.egovernment.moa.id.auth.servlet.RedirectServlet</servlet-class> - </servlet> - <servlet-mapping> - <servlet-name>RedirectServlet</servlet-name> - <url-pattern>/RedirectServlet</url-pattern> - </servlet-mapping> - - automatically registered by module 'moa-id-module-monitoring' using @WebServlet annotation - - <servlet> - <display-name>MonitoringServlet</display-name> - <servlet-name>MonitoringServlet</servlet-name> - <servlet-class>at.gv.egovernment.moa.id.auth.servlet.MonitoringServlet</servlet-class> - </servlet> - <servlet-mapping> - <servlet-name>MonitoringServlet</servlet-name> - <url-pattern>/MonitoringServlet</url-pattern> - </servlet-mapping> - - - <servlet> - <display-name>SSOSendAssertionServlet</display-name> - <servlet-name>SSOSendAssertionServlet</servlet-name> - <servlet-class>at.gv.egovernment.moa.id.auth.servlet.SSOSendAssertionServlet</servlet-class> - </servlet> - <servlet-mapping> - <servlet-name>SSOSendAssertionServlet</servlet-name> - <url-pattern>/SSOSendAssertionServlet</url-pattern> - </servlet-mapping> - - <servlet> - <description>SSO LogOut</description> - <display-name>LogOut</display-name> - <servlet-name>LogOut</servlet-name> - <servlet-class>at.gv.egovernment.moa.id.auth.servlet.LogOutServlet</servlet-class> - </servlet> - <servlet-mapping> - <servlet-name>LogOut</servlet-name> - <url-pattern>/LogOut</url-pattern> - </servlet-mapping> - - <servlet> - <description>IDP Single LogOut Service</description> - <display-name>IDP-SLO</display-name> - <servlet-name>IDPSLO</servlet-name> - <servlet-class>at.gv.egovernment.moa.id.auth.servlet.IDPSingleLogOutServlet</servlet-class> - </servlet> - <servlet-mapping> - <servlet-name>IDPSLO</servlet-name> - <url-pattern>/idpSingleLogout</url-pattern> - </servlet-mapping> --> - -<!-- <servlet> - <display-name>Apache-Axis Servlet</display-name> - <servlet-name>AxisServlet</servlet-name> - <servlet-class>org.apache.axis.transport.http.AxisServlet</servlet-class> - </servlet> - <servlet-mapping> - <servlet-name>AxisServlet</servlet-name> - <url-pattern>/services/*</url-pattern> - </servlet-mapping> --> - -<!-- <servlet> - <display-name>Dispatcher Servlet</display-name> - <servlet-name>DispatcherServlet</servlet-name> - <servlet-class>at.gv.egovernment.moa.id.entrypoints.DispatcherServlet</servlet-class> - <load-on-startup>1</load-on-startup> - </servlet> - <servlet-mapping> - <servlet-name>DispatcherServlet</servlet-name> - <url-pattern>/dispatcher</url-pattern> - </servlet-mapping> - - <servlet> - <description>Resumes a suspended process task.</description> - <display-name>ProcessEngineSignal</display-name> - <servlet-name>ProcessEngineSignal</servlet-name> - <servlet-class>at.gv.egovernment.moa.id.auth.servlet.ProcessEngineSignalServlet</servlet-class> - </servlet> - <servlet-mapping> - do not change this servlet-name - <servlet-name>ProcessEngineSignal</servlet-name> - - Use this url-pattern in order to signal the next (asynchronous) task. - <url-pattern>/signalProcess</url-pattern> - - legacy url patterns for asynchronous tasks (internal default module/processes) - <url-pattern>/GetMISSessionID</url-pattern> - <url-pattern>/GetForeignID</url-pattern> - <url-pattern>/VerifyAuthBlock</url-pattern> - <url-pattern>/VerifyCertificate</url-pattern> - <url-pattern>/VerifyIdentityLink</url-pattern> - - - STORK servlet mappings; automatically registered by the stork module; - refer to at.gv.egovernment.moa.id.auth.modules.stork.STORKWebApplicationInitializer - - - <url-pattern>/PEPSConnectorWithLocalSigning</url-pattern> - <url-pattern>/PEPSConnector</url-pattern> - - </servlet-mapping> --> - <session-config> <session-timeout>5</session-timeout> </session-config> diff --git a/id/server/auth/src/main/webapp/errorpage-auth.jsp b/id/server/auth/src/main/webapp/errorpage-auth.jsp deleted file mode 100644 index 07f3e7f69..000000000 --- a/id/server/auth/src/main/webapp/errorpage-auth.jsp +++ /dev/null @@ -1,50 +0,0 @@ -<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
-<%@ page contentType="text/html; charset=UTF-8" %>
-<html>
-<head>
-<title>Ein Fehler ist aufgetreten</title>
-</head>
-<% Throwable exceptionThrown = (Throwable)request.getAttribute("ExceptionThrown");
- String errorMessage = (String)request.getAttribute("ErrorMessage");
- String wrongParameters = (String)request.getAttribute("WrongParameters");
-%>
-
-<body>
-<h1>Fehler bei der Anmeldung</h1>
-<p>Bei der Anmeldung ist ein Fehler aufgetreten.</p>
-
-<% if (errorMessage != null) { %>
-<p>
-<%= errorMessage%><br>
-</p>
-<% } %>
-<% if (exceptionThrown != null) { %>
-<p>
-<%= exceptionThrown.getMessage()%>
-</p>
-<% } %>
-<% if (wrongParameters != null) { %>
-<p>Die Angabe der Parameter ist unvollständig.<br></p>
-<b> <%= wrongParameters %> </b><br>
-<p>
- Beispiele für korrekte Links zur MOA-ID Authentisierung sind:
-</p>
-<p>
-<tt><a href="https://<MOA-URL>/StartAuthentication?Target=<Geschäftsbereich>&OA=<OA-URL>&Template=<Template-URL>"></tt>
-</p>
-<p>
-<tt><a href="https://<MOA-URL>/SelectBKU?Target=<Geschäftsbereich>&OA=<OA-URL>&Template=<Template-URL>&BKUSelectionTemplate=<BKU-Template-URL>"></tt>
-</p>
-<p>
-Im Falle einer Applikation aus dem privatwirtschaftlichen Bereich (type="businessService") entfällt die Angabe des <i>Target</i> Parameters:
-</p>
-<p>
-<tt><a href="https://<MOA-URL>/StartAuthentication?OA=<OA-URL>&Template=<Template-URL>"></tt>
-</p>
-<p>
-<tt><a href="https://<MOA-URL>/SelectBKU?OA=<OA-URL>&Template=<Template-URL>&BKUSelectionTemplate=<BKU-Template-URL>"></tt>
-</p>
-<p>Die Angabe der Parameter <tt>"Template"</tt> und <tt>"BKUSelectionTemplate"</tt> ist optional.</p>
-<% } %>
-</body>
-</html>
\ No newline at end of file diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java deleted file mode 100644 index c7f86c167..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java +++ /dev/null @@ -1,624 +0,0 @@ -///******************************************************************************* -// * Copyright 2014 Federal Chancellery Austria -// * MOA-ID has been developed in a cooperation between BRZ, the Federal -// * Chancellery Austria - ICT staff unit, and Graz University of Technology. -// * -// * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by -// * the European Commission - subsequent versions of the EUPL (the "Licence"); -// * You may not use this work except in compliance with the Licence. -// * You may obtain a copy of the Licence at: -// * http://www.osor.eu/eupl/ -// * -// * Unless required by applicable law or agreed to in writing, software -// * distributed under the Licence is distributed on an "AS IS" basis, -// * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// * See the Licence for the specific language governing permissions and -// * limitations under the Licence. -// * -// * This product combines work with different licenses. See the "NOTICE" text -// * file for details on the various modules and licenses. -// * The "NOTICE" text file is part of the distribution. Any derivative works -// * that you distribute must include a readable copy of the "NOTICE" text file. -// *******************************************************************************/ -//package at.gv.egovernment.moa.id.entrypoints; -// -//import java.io.IOException; -//import java.util.Iterator; -// -//import javax.servlet.ServletException; -//import javax.servlet.http.HttpServletRequest; -//import javax.servlet.http.HttpServletResponse; -// -//import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants; -//import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger; -//import at.gv.egovernment.moa.id.advancedlogging.StatisticLogger; -//import at.gv.egovernment.moa.id.advancedlogging.TransactionIDUtils; -//import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; -//import at.gv.egovernment.moa.id.auth.builder.AuthenticationDataBuilder; -//import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; -//import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; -//import at.gv.egovernment.moa.id.auth.exception.InvalidProtocolRequestException; -//import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -//import at.gv.egovernment.moa.id.auth.exception.ProtocolNotActiveException; -//import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; -//import at.gv.egovernment.moa.id.auth.servlet.AuthServlet; -//import at.gv.egovernment.moa.id.config.ConfigurationException; -//import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -//import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -//import at.gv.egovernment.moa.id.data.IAuthData; -//import at.gv.egovernment.moa.id.data.SLOInformationInterface; -//import at.gv.egovernment.moa.id.moduls.AuthenticationManager; -//import at.gv.egovernment.moa.id.moduls.IAction; -//import at.gv.egovernment.moa.id.moduls.IModulInfo; -//import at.gv.egovernment.moa.id.moduls.IRequest; -//import at.gv.egovernment.moa.id.moduls.ModulStorage; -//import at.gv.egovernment.moa.id.moduls.NoPassivAuthenticationException; -//import at.gv.egovernment.moa.id.moduls.RequestStorage; -//import at.gv.egovernment.moa.id.moduls.SSOManager; -//import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AuthnRequestValidatorException; -//import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; -//import at.gv.egovernment.moa.id.storage.DBExceptionStoreImpl; -//import at.gv.egovernment.moa.id.util.ErrorResponseUtils; -//import at.gv.egovernment.moa.id.util.MOAIDMessageProvider; -//import at.gv.egovernment.moa.id.util.Random; -//import at.gv.egovernment.moa.id.util.legacy.LegacyHelper; -//import at.gv.egovernment.moa.logging.Logger; -//import at.gv.egovernment.moa.util.MiscUtil; -// -//public class DispatcherServlet extends AuthServlet{ -// -// /** -// * -// */ -// private static final long serialVersionUID = 1L; -// -// public static final String PARAM_TARGET_MODULE = "mod"; -// public static final String PARAM_TARGET_ACTION = "action"; -// public static final String PARAM_TARGET_PENDINGREQUESTID = "pendingid"; -// -//// @Override -//// public void init(ServletConfig config) throws ServletException { -//// try { -//// super.init(config); -//// MOAIDAuthInitializer.initialize(); -//// Logger.info(MOAIDMessageProvider.getInstance().getMessage( -//// "init.00", null)); -//// -//// Logger.info("Dispatcher Servlet initialization finished."); -//// -//// } catch (Exception ex) { -//// Logger.fatal( -//// MOAIDMessageProvider.getInstance().getMessage("init.02", -//// null), ex); -//// -//// //throw new ServletException(ex); -//// -//// } -//// -//// } -// -// protected void processRequest(HttpServletRequest req, -// HttpServletResponse resp) throws ServletException, IOException { -// boolean isValidSSOSession = false; -// boolean useSSOOA = false; -// String protocolRequestID = null; -// -// try { -// Logger.debug("REQUEST: " + req.getRequestURI()); -// Logger.debug("QUERY : " + req.getQueryString()); -// -// -//// *** start of error handling *** -// -// String errorid = req.getParameter(ERROR_CODE_PARAM); -// if (errorid != null) { -// -// Throwable throwable = DBExceptionStoreImpl.getStore() -// .fetchException(errorid); -// DBExceptionStoreImpl.getStore().removeException(errorid); -// -// Object idObject = req.getParameter(PARAM_TARGET_PENDINGREQUESTID); -// -// //Map<String, IRequest> errorRequests = RequestStorage.getPendingRequest(req.getSession()); -// -// String pendingRequestID = null; -// if (idObject != null && (idObject instanceof String)) { -// pendingRequestID = (String) idObject; -// } -// -// if (throwable != null) { -// -// IRequest errorRequest = null; -// if (pendingRequestID != null) { -// errorRequest = RequestStorage.getPendingRequest(pendingRequestID); -// -// } -// -// if (errorRequest != null) { -// RequestStorage.removePendingRequest(pendingRequestID); -// MOAReversionLogger.getInstance().logEvent(errorRequest, MOAIDEventConstants.TRANSACTION_ERROR); -// -// try { -// IModulInfo handlingModule = ModulStorage -// .getModuleByPath(errorRequest -// .requestedModule()); -// if (handlingModule != null) { -// -// if (handlingModule.generateErrorMessage( -// throwable, req, resp, errorRequest)) { -// -// //log Error Message -// StatisticLogger logger = StatisticLogger.getInstance(); -// logger.logErrorOperation(throwable, errorRequest); -// -// //remove MOASession -// AuthenticationSession moaSession = AuthenticationSessionStoreage.getSessionWithPendingRequestID(pendingRequestID); -// if (moaSession != null) -// AuthenticationManager.getInstance().performOnlyIDPLogOut(req, resp, moaSession.getSessionID()); -// -// return; -// -// } else { -// handleErrorNoRedirect(throwable.getMessage(), throwable, -// req, resp); -// -// } -// } -// -// } catch (Throwable e) { -// Logger.error(e); -// handleErrorNoRedirect(throwable.getMessage(), -// throwable, req, resp); -// } -// -// } else { -// handleErrorNoRedirect(throwable.getMessage(), throwable, -// req, resp); -// } -// -// } else -// handleErrorNoRedirect(MOAIDMessageProvider.getInstance().getMessage("auth.26", null), -// null, req, resp); -// -// return; -// } -// -//// *** end of error handling *** -// -// -//// *** start of protocol specific stuff *** -// -// Object moduleObject = req.getParameter(PARAM_TARGET_MODULE); -// String module = null; -// if (moduleObject != null && (moduleObject instanceof String)) { -// module = (String) moduleObject; -// } -// -// if (module == null) { -// module = (String) req.getAttribute(PARAM_TARGET_MODULE); -// } -// -// Object actionObject = req.getParameter(PARAM_TARGET_ACTION); -// String action = null; -// if (actionObject != null && (actionObject instanceof String)) { -// action = (String) actionObject; -// } -// -// if (action == null) { -// action = req.getParameter(PARAM_TARGET_ACTION); -// } -// -// Logger.debug("dispatching to " + module + " protocol " + action); -// -// IModulInfo info = ModulStorage.getModuleByPath(module); -// -// IAction moduleAction = null; -// -// if (info == null) { -// -// Iterator<IModulInfo> modules = ModulStorage.getAllModules() -// .iterator(); -// while (modules.hasNext()) { -// info = modules.next(); -// moduleAction = info.canHandleRequest(req, resp); -// if (moduleAction != null) { -// action = moduleAction.getDefaultActionName(); -// module = info.getPath(); -// break; -// } -// info = null; -// } -// -// if (moduleAction == null) { -// resp.sendError(HttpServletResponse.SC_NOT_FOUND); -// Logger.error("Protocol " + module -// + " has no module registered"); -// return; -// } -// } -// -// if (moduleAction == null) { -// moduleAction = info.getAction(action); -// -// if (moduleAction == null) { -// resp.sendError(HttpServletResponse.SC_NOT_FOUND); -// Logger.error("Action " + action + " is not available!"); -// return; -// } -// } -// -// //get SSO Cookie for Request -// SSOManager ssomanager = SSOManager.getInstance(); -// String ssoId = ssomanager.getSSOSessionID(req); -// -// IRequest protocolRequest = null; -// String uniqueSessionIdentifier = null; -// -// try { -// Object idObject = req.getParameter(PARAM_TARGET_PENDINGREQUESTID); -// -// if (idObject != null && (idObject instanceof String)) { -// -// protocolRequestID = (String) idObject; -// protocolRequest = RequestStorage.getPendingRequest(protocolRequestID); -// -// //get IRequest if it exits -// if (protocolRequest != null) { -// Logger.debug(DispatcherServlet.class.getName()+": Found PendingRequest with ID " + protocolRequestID); -// -// } else { -// Logger.error("No PendingRequest with ID " + protocolRequestID + " found.!"); -// handleErrorNoRedirect("Während des Anmeldevorgangs ist ein Fehler aufgetreten. Bitte versuchen Sie es noch einmal.", -// null, req, resp); -// return; -// } -// } else { -// try { -// -// //load unique session identifier with SSO-sessionID -// uniqueSessionIdentifier = ssomanager.getUniqueSessionIdentifier(ssoId); -// if (MiscUtil.isEmpty(uniqueSessionIdentifier)) -// uniqueSessionIdentifier = Random.nextRandom(); -// TransactionIDUtils.setSessionId(uniqueSessionIdentifier); -// -// //set transactionID to Logger -// protocolRequestID = Random.nextRandom(); -// TransactionIDUtils.setTransactionId(protocolRequestID); -// -// //log information for security and process reversion -// MOAReversionLogger.getInstance().logEvent(MOAIDEventConstants.SESSION_CREATED, uniqueSessionIdentifier); -// MOAReversionLogger.getInstance().logEvent(MOAIDEventConstants.TRANSACTION_CREATED, protocolRequestID); -// MOAReversionLogger.getInstance().logEvent(uniqueSessionIdentifier, protocolRequestID, MOAIDEventConstants.TRANSACTION_IP, req.getRemoteAddr()); -// -// protocolRequest = info.preProcess(req, resp, action, uniqueSessionIdentifier, protocolRequestID); -// -// //request is a valid interfederation response -// if (protocolRequest != null && -// protocolRequest.getInterfederationResponse() != null ) { -// Logger.debug("Create new interfederated MOA-Session and add to HTTPRequest"); -// -// //reload SP protocol implementation -// info = ModulStorage.getModuleByPath(protocolRequest.requestedModule()); -// moduleAction = info.getAction(protocolRequest.requestedAction()); -// -// //create interfederated MOASession -// String sessionID = -// AuthenticationSessionStoreage.createInterfederatedSession(protocolRequest, true, ssoId); -// req.getParameterMap().put(MOAIDAuthConstants.PARAM_SESSIONID, new String[]{ sessionID }); -// -// Logger.info("PreProcessing of SSO interfederation response complete. "); -// -// //request is a not valid interfederation response -// } else if (protocolRequest != null && -// MiscUtil.isNotEmpty(protocolRequest.getRequestID())) { -// -// OAAuthParameter oaParams = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(protocolRequest.getOAURL()); -// if (!oaParams.isPerformLocalAuthenticationOnInterfederationError()) { -// // -> send end error to service provider -// Logger.info("Federated authentication for entity " + protocolRequest.getOAURL() -// + " FAILED. Sending error message to service provider."); -// MOAIDException e = new MOAIDException("auth.27", new Object[]{}); -// IModulInfo requestedModul = ModulStorage.getModuleByPath(protocolRequest.requestedModule()); -// if (!requestedModul.generateErrorMessage(e, req, resp, protocolRequest)) -// handleErrorNoRedirect(e.getMessage(), e, req, -// resp); -// -// return; -// -// } else -// //-> Restart local authentication -// Logger.info("Restart authentication with stored " + protocolRequest.requestedModule() -// + " AuthnRequest for OnlineApplication " + protocolRequest.getOAURL()); -// -// //request is a new authentication request -// } else if (protocolRequest != null && -// MiscUtil.isEmpty(protocolRequest.getRequestID())) { -// //Start new Authentication -// protocolRequest.setModule(module); -// -// //if preProcessing has not set a specific action from decoded request -// // then set the default action -// if (MiscUtil.isEmpty(protocolRequest.requestedAction())) -// protocolRequest.setAction(action); -// else -// moduleAction = info.getAction(protocolRequest.requestedAction()); -// -// protocolRequest.setRequestID(protocolRequestID); -// protocolRequest.setSessionIdentifier(uniqueSessionIdentifier); -// RequestStorage.setPendingRequest(protocolRequest); -// Logger.debug(DispatcherServlet.class.getName()+": Create PendingRequest with ID " + protocolRequestID + "."); -// -// -// } else { -// Logger.error("Failed to generate a valid protocol request!"); -// resp.setContentType("text/html;charset=UTF-8"); -// resp.sendError(HttpServletResponse.SC_BAD_REQUEST, "NO valid protocol request received!"); -// return; -// -// } -// -// } catch (ProtocolNotActiveException e) { -// resp.getWriter().write(e.getMessage()); -// resp.setContentType("text/html;charset=UTF-8"); -// resp.sendError(HttpServletResponse.SC_FORBIDDEN, e.getMessage()); -// return; -// -// } catch (AuthnRequestValidatorException e) { -// //log Error Message -// StatisticLogger logger = StatisticLogger.getInstance(); -// logger.logErrorOperation(e, e.getErrorRequest()); -// -// //TODO: maybe add some error message handling??? -// -// return; -// -// }catch (InvalidProtocolRequestException e) { -// ErrorResponseUtils utils = ErrorResponseUtils.getInstance(); -// String code = utils.mapInternalErrorToExternalError(e.getMessageId()); -// String descr = e.getMessage(); -// Logger.error("Protocol validation FAILED!"); -// resp.setContentType("text/html;charset=UTF-8"); -// resp.sendError(HttpServletResponse.SC_BAD_REQUEST, "Protocol validation FAILED!" + -// "(Errorcode=" + code + -// " | Description=" + descr + ")"); -// return; -// } catch (ConfigurationException e) { -// resp.setContentType("text/html;charset=UTF-8"); -// resp.sendError(HttpServletResponse.SC_BAD_REQUEST, "NO valid protocol request received!" + -// "(Errorcode=9199" -// +" | Description="+ e.getMessage() + ")"); -// return; -// -// } catch (MOAIDException e) { -// Logger.error("Failed to generate a valid protocol request!"); -// resp.setContentType("text/html;charset=UTF-8"); -// resp.sendError(HttpServletResponse.SC_BAD_REQUEST, "NO valid protocol request received!" + -// "(Errorcode=6000" -// +" | Description=Das Authentifizierungsprotokoll wurde nicht erkannt oder wird nicht unterst\u00FCzt" + ")"); -// return; -// -// } -// } -// -//// *** end of protocol specific stuff *** -// -// if (protocolRequest != null) -// MOAReversionLogger.getInstance().logEvent(protocolRequest.getOnlineApplicationConfiguration(), -// protocolRequest, MOAIDEventConstants.AUTHPROTOCOL_TYPE, protocolRequest.requestedModule()); -// -//// *** start handling authentication *** -// -// AuthenticationManager authmanager = AuthenticationManager.getInstance(); -// -// String moasessionID = null; -// String newSSOSessionId = null; -// AuthenticationSession moasession = null; -// IAuthData authData = null; -// -// boolean needAuthentication = moduleAction.needAuthentication(protocolRequest, req, resp); -// -// if (needAuthentication) { -// -// //check if interfederation IDP is requested -// ssomanager.checkInterfederationIsRequested(req, resp, protocolRequest); -// -// //check SSO session -// if (ssoId != null) { -// String correspondingMOASession = ssomanager.existsOldSSOSession(ssoId); -// -// if (correspondingMOASession != null) { -// Logger.warn("Request sends an old SSO Session ID("+ssoId+")! " + -// "Invalidate the corresponding MOASession with ID="+ correspondingMOASession); -// -// MOAReversionLogger.getInstance().logEvent(protocolRequest.getOnlineApplicationConfiguration(), -// protocolRequest, MOAIDEventConstants.AUTHPROCESS_SSO_INVALID); -// -// AuthenticationSessionStoreage.destroySession(correspondingMOASession); -// ssomanager.deleteSSOSessionID(req, resp); -// } -// } -// -// //load Parameters from OnlineApplicationConfiguration -// OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance() -// .getOnlineApplicationParameter(protocolRequest.getOAURL()); -// -// if (oaParam == null) { -// throw new AuthenticationException("auth.00", new Object[] { protocolRequest.getOAURL() }); -// } -// -// -// isValidSSOSession = ssomanager.isValidSSOSession(ssoId, protocolRequest); -// useSSOOA = oaParam.useSSO() || oaParam.isInderfederationIDP(); -// -// -// //if a legacy request is used SSO should not be allowed, actually -// boolean isUseMandateRequested = LegacyHelper.isUseMandateRequested(req); -// -// if (protocolRequest.isPassiv() -// && protocolRequest.forceAuth()) { -// // conflict! -// throw new NoPassivAuthenticationException(); -// } -// -// boolean tryperform = authmanager.tryPerformAuthentication( -// req, resp); -// -// if (tryperform) -// MOAReversionLogger.getInstance().logEvent(protocolRequest.getOnlineApplicationConfiguration(), -// protocolRequest, MOAIDEventConstants.AUTHPROCESS_FINISHED); -// else -// MOAReversionLogger.getInstance().logEvent(protocolRequest.getOnlineApplicationConfiguration(), -// protocolRequest, MOAIDEventConstants.AUTHPROCESS_SERVICEPROVIDER, protocolRequest.getOAURL()); -// -// if (protocolRequest.forceAuth()) { -// if (!tryperform) { -// authmanager.doAuthentication(req, resp, -// protocolRequest); -// return; -// } -// } else if (protocolRequest.isPassiv()) { -// if (tryperform || (isValidSSOSession && useSSOOA && !isUseMandateRequested) ) { -// // Passive authentication ok! -// } else { -// throw new NoPassivAuthenticationException(); -// } -// } else { -// if (tryperform || (isValidSSOSession && useSSOOA && !isUseMandateRequested) ) { -// // Is authenticated .. proceed -// } else { -// // Start authentication! -// authmanager.doAuthentication(req, resp, -// protocolRequest); -// return; -// } -// } -// -// if ((useSSOOA || isValidSSOSession)) //TODO: SSO with mandates requires an OVS extension -// { -// -// if (useSSOOA && isValidSSOSession) { -// -// MOAReversionLogger.getInstance().logEvent(protocolRequest.getOnlineApplicationConfiguration(), -// protocolRequest, MOAIDEventConstants.AUTHPROCESS_SSO); -// -// moasessionID = ssomanager.getMOASession(ssoId); -// moasession = AuthenticationSessionStoreage.getSession(moasessionID); -// -// //use new OAParameter -// if (oaParam.useSSOQuestion() && !AuthenticationSessionStoreage.isAuthenticated(moasessionID)) { -// authmanager.sendTransmitAssertionQuestion(req, resp, protocolRequest, oaParam); -// return; -// } -// -// } else { -// moasessionID = (String) req.getParameter(MOAIDAuthConstants.PARAM_SESSIONID); -// moasession = AuthenticationSessionStoreage.getSession(moasessionID); -// -// } -// //save SSO session usage in Database -// if (useSSOOA) { -// newSSOSessionId = ssomanager.createSSOSessionInformations(moasessionID, protocolRequest.getOAURL()); -// -// if (MiscUtil.isNotEmpty(newSSOSessionId)) { -// ssomanager.setSSOSessionID(req, resp, newSSOSessionId); -// -// } else { -// ssomanager.deleteSSOSessionID(req, resp); -// -// } -// } -// -// } else { -// moasessionID = (String) req.getParameter(MOAIDAuthConstants.PARAM_SESSIONID); -// moasession = AuthenticationSessionStoreage.getSession(moasessionID); -// moasessionID = AuthenticationSessionStoreage.changeSessionID(moasession); -// -// } -// -// //build authenticationdata from session information and OA configuration -// authData = AuthenticationDataBuilder.buildAuthenticationData(protocolRequest, moasession); -// } -// -//// *** end handling authentication *** -// -//// *** start finalizing authentication (SSO, final redirects, statistic logging etc) *** -// -// SLOInformationInterface assertionID = moduleAction.processRequest(protocolRequest, req, resp, authData); -// -// RequestStorage.removePendingRequest(protocolRequestID); -// -// if (needAuthentication) { -// boolean isSSOSession = MiscUtil.isNotEmpty(newSSOSessionId) && useSSOOA; -// -// if ((useSSOOA || isSSOSession) //TODO: SSO with mandates requires an OVS extension -// && !moasession.getUseMandate()) { -// -// try { -// //Store OA specific SSO session information -// AuthenticationSessionStoreage.addSSOInformation(moasessionID, -// newSSOSessionId, assertionID, protocolRequest); -// -// } catch (AuthenticationException e) { -// Logger.warn("SSO Session information can not be stored -> SSO is not enabled!"); -// -// authmanager.performOnlyIDPLogOut(req, resp, moasessionID); -// isSSOSession = false; -// } -// -// } else { -// authmanager.performOnlyIDPLogOut(req, resp, moasessionID); -// } -// -// //Advanced statistic logging -// StatisticLogger logger = StatisticLogger.getInstance(); -// logger.logSuccessOperation(protocolRequest, authData, isSSOSession); -// -// } -// -//// *** end finalizing authentication *** -// -// } catch (Throwable e) { -// Logger.warn("An authentication error occured: ", e);; -// // Try handle module specific, if not possible rethrow -// if (!info.generateErrorMessage(e, req, resp, protocolRequest)) -// handleErrorNoRedirect(e.getMessage(), e, req, -// resp); -// -// } -// -// //log transaction_destroy to reversionslog -// MOAReversionLogger.getInstance().logEvent(MOAIDEventConstants.TRANSACTION_DESTROYED, protocolRequestID); -// -// } catch (WrongParametersException ex) { -// handleWrongParameters(ex, req, resp); -// -// } catch (MOAIDException ex) { -// handleError(null, ex, req, resp, protocolRequestID); -// -// } catch (Throwable e) { -// handleErrorNoRedirect(e.getMessage(), e, req, -// resp); -// } -// -// finally { -// -// -// TransactionIDUtils.removeTransactionId(); -// TransactionIDUtils.removeSessionId(); -// } -// -// Logger.debug("Clossing Dispatcher processing loop"); -// } -// -// @Override -// protected void doGet(HttpServletRequest req, HttpServletResponse resp) -// throws ServletException, IOException { -// processRequest(req, resp); -// } -// -// @Override -// protected void doPost(HttpServletRequest req, HttpServletResponse resp) -// throws ServletException, IOException { -// processRequest(req, resp); -// } -//} |