diff options
Diffstat (limited to 'spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/service/SignatureVerificationService.java')
| -rw-r--r-- | spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/service/SignatureVerificationService.java | 179 |
1 files changed, 179 insertions, 0 deletions
diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/service/SignatureVerificationService.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/service/SignatureVerificationService.java new file mode 100644 index 000000000..a1caac6a7 --- /dev/null +++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/service/SignatureVerificationService.java @@ -0,0 +1,179 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-SPSS has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.spss.server.service; + +import org.apache.axis.AxisFault; +import org.w3c.dom.Element; + +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.spss.MOAException; +import at.gv.egovernment.moa.spss.MOASystemException; +import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureRequest; +import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponse; +import at.gv.egovernment.moa.spss.api.xmlbind.VerifyCMSSignatureRequestParser; +import at.gv.egovernment.moa.spss.api.xmlbind.VerifyCMSSignatureResponseBuilder; +import at.gv.egovernment.moa.spss.api.xmlbind.VerifyXMLSignatureRequestParser; +import at.gv.egovernment.moa.spss.api.xmlbind.VerifyXMLSignatureResponseBuilder; +import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureRequest; +import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureResponse; +import at.gv.egovernment.moa.spss.server.invoke.CMSSignatureVerificationInvoker; +import at.gv.egovernment.moa.spss.server.invoke.XMLSignatureVerificationInvoker; +import at.gv.egovernment.moa.spss.server.transaction.TransactionContext; +import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager; +import at.gv.egovernment.moa.util.StreamUtils; + +/** + * The service endpoint for the <code>SignatureVerification</code> web service. + * + * @author Patrick Peck + * @version $Id$ + */ +public class SignatureVerificationService { + + /** + * Handle a <code>VerifyCMSSignatureRequest</code>. + * + * @param request The <code>VerifyCMSSignatureRequest</code> to work on + * (contained in the 0th element of the array). + * @return A <code>VerifyCMSSignatureResponse</code> as the only element of + * the <code>Element</code> array. + * @throws AxisFault An error occurred during handling of the message. + */ + public Element[] VerifyCMSSignatureRequest(Element[] request) + throws AxisFault { + CMSSignatureVerificationInvoker invoker = + CMSSignatureVerificationInvoker.getInstance(); + Element[] response = new Element[1]; + + try { + + // create a parser and builder for binding API objects to/from XML + VerifyCMSSignatureRequestParser requestParser = + new VerifyCMSSignatureRequestParser(); + VerifyCMSSignatureResponseBuilder responseBuilder = + new VerifyCMSSignatureResponseBuilder(); + Element reparsedReq; + VerifyCMSSignatureRequest requestObj; + VerifyCMSSignatureResponse responseObj; + + //since Axis (1.1 ff) has problem with namespaces we take the raw request stored by the Axishandler. + TransactionContext context = TransactionContextManager.getInstance().getTransactionContext(); + // validate the request + reparsedReq = ServiceUtils.reparseRequest(request[0]);//context.getRequest()); + + // convert to API objects + requestObj = requestParser.parse(reparsedReq); + + // invoke the core logic + responseObj = invoker.verifyCMSSignature(requestObj); + + // map back to XML + response[0] = responseBuilder.build(responseObj).getDocumentElement(); + + // save response in transaction + context.setResponse(response[0]); + + + } catch (MOAException e) { + AxisFault fault = AxisFault.makeFault(e); + fault.setFaultDetail(new Element[] { e.toErrorResponse()}); + Logger.debug("Anfrage zur Signaturpruefung wurde nicht erfolgreich beendet:" + + System.getProperty("line.separator") + StreamUtils.getStackTraceAsString(e)); + throw fault; + } catch (Throwable t) { + MOASystemException e = new MOASystemException("2900", null, t); + AxisFault fault = AxisFault.makeFault(e); + fault.setFaultDetail(new Element[] { e.toErrorResponse()}); + Logger.debug("Anfrage zur Signaturpruefung wurde nicht erfolgreich beendet:" + + System.getProperty("line.separator") + StreamUtils.getStackTraceAsString(e)); + throw fault; + } + + return response; + } + + /** + * Handle a <code>VerifyXMLSignatureRequest</code>. + * + * @param request The <code>VerifyXMLSignatureRequest</code> to work on + * (contained in the 0th element of the array). + * @return A <code>VerifyXMLSignatureResponse</code> as the only element of + * the <code>Element</code> array. + * @throws AxisFault An error occurred during handling of the message. + */ + public Element[] VerifyXMLSignatureRequest(Element[] request) + throws AxisFault { + XMLSignatureVerificationInvoker invoker = + XMLSignatureVerificationInvoker.getInstance(); + Element[] response = new Element[1]; + + try { + + // create a parser and builder for binding API objects to/from XML + VerifyXMLSignatureRequestParser requestParser = + new VerifyXMLSignatureRequestParser(); + VerifyXMLSignatureResponseBuilder responseBuilder = + new VerifyXMLSignatureResponseBuilder(); + Element reparsedReq; + VerifyXMLSignatureRequest requestObj; + VerifyXMLSignatureResponse responseObj; + + //since Axis (1.1 ff) has problem with namespaces we take the raw request stored by the Axishandler. + TransactionContext context = TransactionContextManager.getInstance().getTransactionContext(); + // validate the request + reparsedReq = ServiceUtils.reparseRequest(context.getRequest()); + + // convert to API objects + requestObj = requestParser.parse(reparsedReq); + + // invoke the core logic + responseObj = invoker.verifyXMLSignature(requestObj); + + // map back to XML + response[0] = responseBuilder.build(responseObj).getDocumentElement(); + + // save response in transaction + context.setResponse(response[0]); + + + } catch (MOAException e) { + AxisFault fault = AxisFault.makeFault(e); + fault.setFaultDetail(new Element[] { e.toErrorResponse()}); + Logger.debug("Anfrage zur Signaturpruefung wurde nicht erfolgreich beendet:" + + System.getProperty("line.separator") + StreamUtils.getStackTraceAsString(e)); + throw fault; + } catch (Throwable t) { + MOASystemException e = new MOASystemException("2900", null, t); + AxisFault fault = AxisFault.makeFault(e); + fault.setFaultDetail(new Element[] { e.toErrorResponse()}); + Logger.debug("Anfrage zur Signaturpruefung wurde nicht erfolgreich beendet:" + + System.getProperty("line.separator") + StreamUtils.getStackTraceAsString(e)); + throw fault; + } + + return response; + } + +} |