diff options
Diffstat (limited to 'id')
9 files changed, 68 insertions, 23 deletions
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java index b0de196ca..fd4030937 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java @@ -934,17 +934,20 @@ public class EditOAAction extends ActionSupport implements ServletRequestAware, TemplateType el = new TemplateType(); el.setURL(generalOA.getSLTemplateURL1()); template.add(el); - } + } else + template.add(new TemplateType()); if (MiscUtil.isNotEmpty(generalOA.getSLTemplateURL2())) { TemplateType el = new TemplateType(); el.setURL(generalOA.getSLTemplateURL2()); template.add(el); - } + }else + template.add(new TemplateType()); if (MiscUtil.isNotEmpty(generalOA.getSLTemplateURL3())) { TemplateType el = new TemplateType(); el.setURL(generalOA.getSLTemplateURL3()); template.add(el); - } + }else + template.add(new TemplateType()); } else { if (template != null && template.size() > 0) template.clear(); diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/ValidationHelper.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/ValidationHelper.java index 46d9f4db8..b0e4804a8 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/ValidationHelper.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/ValidationHelper.java @@ -172,14 +172,14 @@ public class ValidationHelper { log.debug("Validate URL " + urlString); - if (urlString.startsWith("http") || urlString.startsWith("https")) { + //if (urlString.startsWith("http") || urlString.startsWith("https")) { try { new URL(urlString); return true; } catch (MalformedURLException e) { } - } + //} return false; } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java index d7d97e5d4..1c7da7079 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java @@ -247,7 +247,7 @@ public class MOAConfigValidator { log.info("Empty SLRequestTemplate Handy-BKU"); errors.add(LanguageHelper.getErrorString("validation.general.slrequest.handy.empty")); } else { - if (!ValidationHelper.validateURL(check)) { + if (ValidationHelper.isNotValidIdentityLinkSigner(check)) { log.info("SLRequestTemplate Handy-BKU is not valid"); errors.add(LanguageHelper.getErrorString("validation.general.slrequest.handy.valid")); } @@ -258,7 +258,7 @@ public class MOAConfigValidator { log.info("Empty SLRequestTemplate local BKU"); errors.add(LanguageHelper.getErrorString("validation.general.slrequest.local.empty")); } else { - if (!ValidationHelper.validateURL(check)) { + if (ValidationHelper.isNotValidIdentityLinkSigner(check)) { log.info("SLRequestTemplate local BKU is not valid"); errors.add(LanguageHelper.getErrorString("validation.general.slrequest.local.valid")); } @@ -269,7 +269,7 @@ public class MOAConfigValidator { log.info("Empty SLRequestTemplate Online-BKU"); errors.add(LanguageHelper.getErrorString("validation.general.slrequest.online.empty")); } else { - if (!ValidationHelper.validateURL(check)) { + if (ValidationHelper.isNotValidIdentityLinkSigner(check)) { log.info("SLRequestTemplate Online-BKU is not valid"); errors.add(LanguageHelper.getErrorString("validation.general.slrequest.online.valid")); } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAGeneralConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAGeneralConfigValidation.java index c84c44de4..d3a2241d3 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAGeneralConfigValidation.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAGeneralConfigValidation.java @@ -133,19 +133,19 @@ public class OAGeneralConfigValidation { } else { check = form.getSLTemplateURL1(); if (MiscUtil.isNotEmpty(check) && - !ValidationHelper.validateURL(check) ) { + ValidationHelper.isNotValidIdentityLinkSigner(check) ) { log.info("First OA-specific SecurityLayer Templates is not valid"); errors.add(LanguageHelper.getErrorString("validation.general.sltemplate1.valid")); } check = form.getSLTemplateURL2(); if (MiscUtil.isNotEmpty(check) && - !ValidationHelper.validateURL(check) ) { + ValidationHelper.isNotValidIdentityLinkSigner(check) ) { log.info("Second OA-specific SecurityLayer Templates is not valid"); errors.add(LanguageHelper.getErrorString("validation.general.sltemplate2.valid")); } check = form.getSLTemplateURL3(); if (MiscUtil.isNotEmpty(check) && - !ValidationHelper.validateURL(check) ) { + ValidationHelper.isNotValidIdentityLinkSigner(check) ) { log.info("Third OA-specific SecurityLayer Templates is not valid"); errors.add(LanguageHelper.getErrorString("validation.general.sltemplate3.valid")); } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java index 17a5d2be9..d4b5d1c05 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java @@ -247,8 +247,11 @@ public class StatisticLogger { AuthenticationSession moasession = AuthenticationSessionStoreage.getSessionWithPendingRequestID(errorRequest.getRequestID()); if (moasession != null) { - dblog.setBkuurl(moasession.getBkuURL()); - dblog.setBkutype(findBKUType(moasession.getBkuURL(), dbOA)); + if (MiscUtil.isNotEmpty(moasession.getBkuURL())) { + dblog.setBkuurl(moasession.getBkuURL()); + dblog.setBkutype(findBKUType(moasession.getBkuURL(), dbOA)); + } + dblog.setMandatelogin(moasession.getUseMandate()); } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java index 003fdfbe9..25e73d595 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java @@ -242,6 +242,7 @@ public class AuthenticationServer implements MOAIDAuthConstants { String template = null; if (session.getTemplateURL() != null) { try { + template = new String(FileUtils.readURL(session.getTemplateURL())); } catch (IOException ex) { throw new AuthenticationException("auth.03", new Object[] { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java index 89cc1d25e..f0de8b2e3 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java @@ -38,6 +38,7 @@ import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; +import at.gv.egovernment.moa.id.commons.db.dao.config.TemplateType; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.moduls.IRequest; @@ -46,6 +47,7 @@ import at.gv.egovernment.moa.id.protocols.saml1.SAML1Protocol; import at.gv.egovernment.moa.id.util.ParamValidatorUtils; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.BoolUtils; +import at.gv.egovernment.moa.util.FileUtils; import at.gv.egovernment.moa.util.MiscUtil; import at.gv.egovernment.moa.util.StringUtils; import at.gv.egovernment.moa.util.URLEncoder; @@ -232,8 +234,21 @@ public class StartAuthentificationParameterParser implements MOAIDAuthConstants{ } if (MiscUtil.isEmpty(templateURL)) { - templateURL = oaParam.getTemplateURL().get(0).getURL(); - Log.info("No SL-Template in request, load SL-Template from OA config (URL: " + templateURL + ")"); + + List<TemplateType> templateURLList = oaParam.getTemplateURL(); + + if ( templateURLList != null && templateURLList.size() > 0 + && MiscUtil.isNotEmpty(templateURLList.get(0).getURL()) ) { + templateURL = FileUtils.makeAbsoluteURL( + oaParam.getTemplateURL().get(0).getURL(), + AuthConfigurationProvider.getInstance().getRootConfigFileDir()); + Log.info("No SL-Template in request, load SL-Template from OA config (URL: " + templateURL + ")"); + + } else { + Logger.error("NO SL-Tempalte found in OA config"); + throw new WrongParametersException("StartAuthentication", PARAM_TEMPLATE, "auth.12"); + + } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java index d2d458e74..deec69c7f 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java @@ -24,6 +24,7 @@ package at.gv.egovernment.moa.id.auth.servlet; import java.io.IOException; import java.io.PrintWriter; +import java.util.List; import javax.servlet.ServletConfig; import javax.servlet.ServletException; @@ -40,12 +41,14 @@ import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; import at.gv.egovernment.moa.id.auth.parser.StartAuthentificationParameterParser; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; +import at.gv.egovernment.moa.id.commons.db.dao.config.TemplateType; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; import at.gv.egovernment.moa.id.util.MOAIDMessageProvider; import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.FileUtils; import at.gv.egovernment.moa.util.MiscUtil; import at.gv.egovernment.moa.util.StringUtils; @@ -122,7 +125,21 @@ public class GenerateIFrameTemplateServlet extends AuthServlet { bkuURL = AuthConfigurationProvider.getInstance().getDefaultBKUURL(bkuid); } - String templateURL = AuthConfigurationProvider.getInstance().getSLRequestTemplates(bkuid); + //search for OA specific template + String templateURL = null; + List<TemplateType> oaTemplateURLList = oaParam.getTemplateURL(); + if ( oaTemplateURLList != null && oaTemplateURLList.size() > 0 + && MiscUtil.isNotEmpty(oaTemplateURLList.get(0).getURL()) ) { + templateURL = oaTemplateURLList.get(0).getURL(); + + } else { + templateURL = AuthConfigurationProvider.getInstance().getSLRequestTemplates(bkuid); + } + + //make url absolut if it is a local url + if (MiscUtil.isNotEmpty(templateURL)) + templateURL = FileUtils.makeAbsoluteURL(templateURL, + AuthConfigurationProvider.getInstance().getRootConfigFileDir()); if (oaParam.isOnlyMandateAllowed()) useMandate = "true"; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ParamValidatorUtils.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ParamValidatorUtils.java index bd6514c5c..9df283965 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ParamValidatorUtils.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ParamValidatorUtils.java @@ -68,6 +68,7 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.TemplateType; import at.gv.egovernment.moa.id.config.ConfigurationException;
import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.util.FileUtils;
import at.gv.egovernment.moa.util.MiscUtil;
import at.gv.egovernment.moa.util.StringUtils;
@@ -293,7 +294,8 @@ public class ParamValidatorUtils implements MOAIDAuthConstants{ //get OA specific template URLs
if (oaSlTemplates != null && oaSlTemplates.size() > 0) {
for (TemplateType el : oaSlTemplates)
- trustedTemplateURLs.add(el.getURL());
+ if (MiscUtil.isNotEmpty(el.getURL()))
+ trustedTemplateURLs.add(el.getURL());
}
boolean b = trustedTemplateURLs.contains(template);
@@ -308,13 +310,17 @@ public class ParamValidatorUtils implements MOAIDAuthConstants{ }
+ } else if (template.startsWith("file")){
+ new URL(template);
+ Logger.debug("Parameter Template bzw. bkuSelectionTemplateURL erfolgreich ueberprueft");
+ Logger.debug("Load SL-Layer Template from local filesystem " + template);
+ return true;
+
+ } else {
+ Logger.error("Fehler Ueberpruefung Parameter Template bzw. bkuSelectionTemplateURL. Paramter beginnt nicht mit http oder https.");
+ return false;
}
- else {
- Logger.error("Fehler Ueberpruefung Parameter Template bzw. bkuSelectionTemplateURL. Paramter beginnt nicht mit http oder https.");
- return false;
- }
-
-
+
} catch (MalformedURLException e) {
Logger.error("Fehler Ueberpruefung Parameter Template bzw. bkuSelectionTemplateURL.", e);
return false;
|