diff options
Diffstat (limited to 'spss.slinterface/WEB-INF/src/at/gv')
7 files changed, 262 insertions, 11 deletions
diff --git a/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/Constants.java b/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/Constants.java index 434643d16..6dbba7f89 100644 --- a/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/Constants.java +++ b/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/Constants.java @@ -19,6 +19,7 @@ public class Constants public static final String IP_MOA2SL_STYLESHEET_ = "location.stylesheet.moa2sl"; public static final String IP_SL_SCHEMA_ = "location.schema.sl"; public static final String IP_MOA_SCHEMA_ = "location.schema.moa"; + public static final String IP_TEMP_DIR_ = "location.tempdir"; public static final String IP_SP_ENDPOINT_ = "service.sp.endpoint"; public static final String IP_SP_TRUSTPROFILEID_ = "service.sp.trustProfileId"; @@ -28,6 +29,7 @@ public class Constants public static final String LH_LISTENERS_ = LH_BASE_ + ".listeners"; public static final String LH_FILTERS_ = LH_BASE_ + ".filters"; public static final String LH_SERVLETS_ = LH_BASE_ + ".servlets"; + public static final String LH_BEANS_ = LH_BASE_ + ".beans"; public static final String LH_TEST_ = LH_BASE_ + ".test"; // Web service context parameters diff --git a/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/Utils.java b/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/Utils.java index 8c1292734..50ae5dc03 100644 --- a/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/Utils.java +++ b/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/Utils.java @@ -8,6 +8,7 @@ package at.gv.egovernment.moa.spss.slinterface; import java.io.ByteArrayOutputStream; import java.io.IOException; import java.io.InputStream; +import java.io.OutputStream; /** * @author Gregor Karlinger (mailto:gregor.karlinger@cio.gv.at) @@ -30,4 +31,21 @@ public class Utils while (bytesRead != -1); return result.toByteArray(); } + + /* ---------------------------------------------------------------------------------------------------- */ + + public static void transferStreams(InputStream in, OutputStream out) throws IOException + { + byte[] currentBytes = new byte[500]; + int bytesRead; + do + { + bytesRead = in.read(currentBytes); + if (bytesRead > 0) + { + out.write(currentBytes, 0, bytesRead); + } + } + while (bytesRead != -1); + } } diff --git a/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/beans/DataInfoBean.java b/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/beans/DataInfoBean.java index 1a64312d7..3e23c9eb0 100644 --- a/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/beans/DataInfoBean.java +++ b/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/beans/DataInfoBean.java @@ -5,21 +5,157 @@ */ package at.gv.egovernment.moa.spss.slinterface.beans; +import iaik.utils.Util; + +import java.io.File; +import java.io.FileOutputStream; +import java.io.IOException; +import java.util.ArrayList; +import java.util.List; +import java.util.Properties; +import java.util.Random; + +import javax.servlet.ServletContext; +import javax.servlet.http.HttpSession; +import javax.servlet.http.HttpSessionBindingEvent; +import javax.servlet.http.HttpSessionBindingListener; + +import org.apache.log4j.Logger; import org.w3c.dom.Document; +import org.w3c.dom.Element; + +import at.gv.egovernment.moa.spss.slinterface.Constants; +import at.gv.egovernment.moa.spss.slinterface.DOMUtils; /** * @author Gregor Karlinger (mailto:gregor.karlinger@cio.gv.at) */ -public class DataInfoBean +public class DataInfoBean implements HttpSessionBindingListener { + private static Logger logger_ = Logger.getLogger(Constants.LH_BEANS_); + + private static final String HID_ELEM_ = "HashInputData"; + private static final String B64CONT_ELEM_ = "Base64Content"; + private static final String XMLCONT_ELEM_ = "XMLContent"; + + private static final String HID_URL_PREFIX_ = "/showdata?hidCount="; + + List hashInputDataFilenames_; + int hashInputDataCount_; + + /* ---------------------------------------------------------------------------------------------------- */ + + public DataInfoBean(Document moaResponseDoc, ServletContext context, HttpSession session) + throws IOException + { + hashInputDataFilenames_ = new ArrayList(); + int hashInputDataCount_ = 0; + + Element moaResponseElem = moaResponseDoc.getDocumentElement(); + List hidElems = DOMUtils.getChildElems(moaResponseElem, Constants.NSURI_MOA_12_, HID_ELEM_, false); + + Properties initProps = (Properties) context.getAttribute(Constants.WSCP_INIT_PROPS_); + String tempDir = initProps.getProperty(Constants.IP_TEMP_DIR_); + if (tempDir == null) + { + String message = "Init property \"" + Constants.IP_TEMP_DIR_ + "\" not set."; + logger_.error(message); + throw new IOException(message); + } + + Random random = new Random(); + for (int i = 0; i < hidElems.size(); i++) + { + // Open file for current hash input data + String currHidFileNameStr = tempDir + session.getId() + "_" + System.currentTimeMillis() + "_" + + random.nextLong(); + currHidFileNameStr = context.getRealPath(currHidFileNameStr); + FileOutputStream currHidFOS; + try + { + currHidFOS = new FileOutputStream(currHidFileNameStr); + } + catch (IOException e) + { + String message = "Cannot open file \"" + currHidFileNameStr + "\"."; + logger_.error(message); + throw new IOException(message); + } + + // Write HID to file + Element currHidElem = (Element) hidElems.get(i); + Element base64ContentElem = DOMUtils.getChildElem(currHidElem, Constants.NSURI_MOA_12_, B64CONT_ELEM_); + if (base64ContentElem != null) + { + // HID is base64 + + String base64ContentText = DOMUtils.getText(base64ContentElem); + byte[] content = Util.Base64Decode(base64ContentText.getBytes()); + try + { + currHidFOS.write(content); + currHidFOS.close(); + } + catch (IOException e) + { + String message = "Cannot write to file \"" + currHidFileNameStr + "\"."; + logger_.error(message); + throw new IOException(message); + } + } + else + { + // HID is XML + + // TODO treatment of XML content + throw new RuntimeException("XML content not support yet."); + } + + hashInputDataFilenames_.add(currHidFileNameStr); + } + } + + /* ---------------------------------------------------------------------------------------------------- */ + + public void valueBound(HttpSessionBindingEvent event) + { + // Do nothing. + } + + /* ---------------------------------------------------------------------------------------------------- */ + + public void valueUnbound(HttpSessionBindingEvent event) + { + // Delete all temporary hash input data files + for (int i = 0; i < hashInputDataFilenames_.size(); i++) + { + String currFileStr = (String) hashInputDataFilenames_.get(i); + File currFile = new File(currFileStr); + currFile.delete(); + } + } + + /* ---------------------------------------------------------------------------------------------------- */ + + public void setHashInputDataCount(int count) + { + hashInputDataCount_ = count; + } + + /* ---------------------------------------------------------------------------------------------------- */ - /** - * - */ - public DataInfoBean(Document slResponseDoc) + public String getHashInputDataFilename() { - super(); - // TODO Auto-generated constructor stub + return (String) hashInputDataFilenames_.get(hashInputDataCount_); } + /* ---------------------------------------------------------------------------------------------------- */ + + public String getHashInputDataURL() + { + + return (hashInputDataFilenames_.size() > hashInputDataCount_) + ? HID_URL_PREFIX_ + hashInputDataCount_ + : null; + } } diff --git a/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/filters/SL2MOAFilter.java b/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/filters/SL2MOAFilter.java index f4a4a1243..9a4529565 100644 --- a/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/filters/SL2MOAFilter.java +++ b/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/filters/SL2MOAFilter.java @@ -10,7 +10,6 @@ import java.io.ByteArrayOutputStream; import java.io.CharArrayReader; import java.io.IOException; import java.io.InputStream; -import java.io.OutputStream; import java.io.Reader; import java.util.Iterator; import java.util.List; @@ -129,8 +128,8 @@ public class SL2MOAFilter implements Filter } // Create bean with info about signed data - DataInfoBean dataInfo = new DataInfoBean(moaResponseDoc); - request.setAttribute("dataInfo", dataInfo); + DataInfoBean dataInfo = new DataInfoBean(moaResponseDoc, config_.getServletContext(), session); + session.setAttribute("dataInfo", dataInfo); // Transform MOA response into a SL response Document slResponseDoc; diff --git a/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/servlets/HashInputDataServlet.java b/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/servlets/HashInputDataServlet.java new file mode 100644 index 000000000..193a15a9e --- /dev/null +++ b/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/servlets/HashInputDataServlet.java @@ -0,0 +1,91 @@ +/* + * Created on 01.12.2003 + * + * (c) Stabsstelle IKT-Strategie des Bundes + */ +package at.gv.egovernment.moa.spss.slinterface.servlets; + +import java.io.FileInputStream; +import java.io.OutputStream; + +import javax.servlet.ServletException; +import javax.servlet.http.HttpServlet; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.servlet.http.HttpSession; + +import org.apache.log4j.Logger; + +import at.gv.egovernment.moa.spss.slinterface.Constants; +import at.gv.egovernment.moa.spss.slinterface.Utils; +import at.gv.egovernment.moa.spss.slinterface.beans.DataInfoBean; + +/** + * @author Gregor Karlinger (mailto:gregor.karlinger@cio.gv.at) + */ +public class HashInputDataServlet extends HttpServlet +{ + private static Logger logger_ = Logger.getLogger(Constants.LH_SERVLETS_); + + /** + * Default constructor. + */ + public HashInputDataServlet() + { + super(); + } + + public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException + { + // Get DataInfoBean object from session + HttpSession session = request.getSession(false); + if (session == null) + { + String message = "No session available."; + logger_.error(message); + throw new ServletException(message); + } + DataInfoBean dataInfo = (DataInfoBean) session.getAttribute("dataInfo"); + + // Get parameter inicating which hash input data file to show + String hidCountStr = request.getParameter("hidCount"); + if (hidCountStr == null) + { + String message = "Parameter \"hidCount\" not available in request."; + logger_.error(message); + throw new ServletException(message); + } + int hidCount = -1; + try + { + hidCount = Integer.parseInt(hidCountStr); + } + catch (NumberFormatException e) + { + String message = "Parameter \"hidCount\" (\"" + hidCount + "\") is not a valid string representation of an integer."; + logger_.error(message, e); + throw new ServletException(message, e); + } + + // Get file name of temporary HID file + dataInfo.setHashInputDataCount(hidCount); + String hidFilename = dataInfo.getHashInputDataFilename(); + + // Set response headers + response.setContentType("application/octet-stream"); + + // Write content from temporary HID file to response OS + try + { + FileInputStream hidFIS = new FileInputStream(hidFilename); + OutputStream responseOS = response.getOutputStream(); + Utils.transferStreams(hidFIS, responseOS); + } + catch (Exception e) + { + String message = "Writing hash input data to response stream failed."; + logger_.error(message, e); + throw new ServletException(message, e); + } + } +} diff --git a/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/servlets/ReturnServlet.java b/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/servlets/ReturnServlet.java index c37e6f697..052c51f94 100644 --- a/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/servlets/ReturnServlet.java +++ b/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/servlets/ReturnServlet.java @@ -46,7 +46,7 @@ public class ReturnServlet extends HttpServlet HttpSession session = request.getSession(false); if (session == null) { - String message = "No session available"; + String message = "No session available."; logger_.error(message); throw new ServletException(message); } diff --git a/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/transformers/SL2MOA.java b/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/transformers/SL2MOA.java index 11855242e..6c476e9ce 100644 --- a/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/transformers/SL2MOA.java +++ b/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/transformers/SL2MOA.java @@ -77,6 +77,11 @@ public class SL2MOA // Convert SL request into MOA request verifyRequestElem = Utils.transformDeep(verifyRequestElem, prefixMap, nsTransforms, nameTransforms); + // Add ReturnHashInputData element + Element returnHashInputDataElem = slVerifyXMLSignatureRequest.createElementNS( + Constants.NSURI_MOA_12_, Constants.NSPRE_MOA_12_ + ":ReturnHashInputData"); + verifyRequestElem.appendChild(returnHashInputDataElem); + // Add trust profile ID element Element trustProfileIDElem = slVerifyXMLSignatureRequest.createElementNS( Constants.NSURI_MOA_12_, Constants.NSPRE_MOA_12_ + ":TrustProfileID"); |