From 414152df1310067623f10f90cfb89293926dd681 Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Tue, 10 Mar 2015 14:35:12 +0100 Subject: save some ram with logger --- .../java/at/gv/egovernment/moa/logging/Logger.java | 52 ++++++++++++++++------ 1 file changed, 39 insertions(+), 13 deletions(-) diff --git a/common/src/main/java/at/gv/egovernment/moa/logging/Logger.java b/common/src/main/java/at/gv/egovernment/moa/logging/Logger.java index 2e76325a5..184be20cb 100644 --- a/common/src/main/java/at/gv/egovernment/moa/logging/Logger.java +++ b/common/src/main/java/at/gv/egovernment/moa/logging/Logger.java @@ -24,6 +24,9 @@ package at.gv.egovernment.moa.logging; +import java.util.HashMap; +import java.util.Map; + /** * A utility class acting as a facade to the logging subsystem. * @@ -45,6 +48,29 @@ public class Logger { // there is no need for that anymore } + + /** The Constant instances. */ + private static final Map instances = new HashMap(); + + /** + * Gets the logger. + * + * @return the logger + */ + private static synchronized org.apache.log4j.Logger getLogger() { + String className = Thread.currentThread().getStackTrace()[3].getClassName(); + + org.apache.log4j.Logger logger = instances.get(className); + if (logger != null) { + return logger; + } + + logger = org.apache.log4j.Logger.getLogger(className); + instances.put(className, logger); + + return logger; + } + /** * Test, if the trace log level is enabled. * @@ -52,7 +78,7 @@ public class Logger { * false otherwise. */ public static boolean isTraceEnabled() { - org.apache.log4j.Logger logger = org.apache.log4j.Logger.getLogger(Thread.currentThread().getStackTrace()[2].getClassName()); + org.apache.log4j.Logger logger = getLogger(); return logger.isTraceEnabled(); } @@ -64,7 +90,7 @@ public class Logger { * false otherwise. */ public static boolean isTraceEnabled(String hierarchy) { - org.apache.log4j.Logger logger = org.apache.log4j.Logger.getLogger(Thread.currentThread().getStackTrace()[2].getClassName()); + org.apache.log4j.Logger logger = getLogger(); return logger.isTraceEnabled(); } @@ -74,7 +100,7 @@ public class Logger { * @param message The message to trace. */ public static void trace(Object message) { - org.apache.log4j.Logger logger = org.apache.log4j.Logger.getLogger(Thread.currentThread().getStackTrace()[2].getClassName()); + org.apache.log4j.Logger logger = getLogger(); logger.trace(message); } @@ -85,7 +111,7 @@ public class Logger { * false otherwise. */ public static boolean isDebugEnabled() { - org.apache.log4j.Logger logger = org.apache.log4j.Logger.getLogger(Thread.currentThread().getStackTrace()[2].getClassName()); + org.apache.log4j.Logger logger = getLogger(); return logger.isDebugEnabled(); } @@ -97,7 +123,7 @@ public class Logger { * false otherwise. */ public static boolean isDebugEnabled(String hierarchy) { - org.apache.log4j.Logger logger = org.apache.log4j.Logger.getLogger(Thread.currentThread().getStackTrace()[2].getClassName()); + org.apache.log4j.Logger logger = getLogger(); return logger.isDebugEnabled(); } @@ -107,7 +133,7 @@ public class Logger { * @param message The message to log. */ public static void debug(Object message) { - org.apache.log4j.Logger logger = org.apache.log4j.Logger.getLogger(Thread.currentThread().getStackTrace()[2].getClassName()); + org.apache.log4j.Logger logger = getLogger(); logger.debug(message); } @@ -117,7 +143,7 @@ public class Logger { * @param message The message to log. */ public static void info(Object message) { - org.apache.log4j.Logger logger = org.apache.log4j.Logger.getLogger(Thread.currentThread().getStackTrace()[2].getClassName()); + org.apache.log4j.Logger logger = getLogger(); logger.info(message); } @@ -127,7 +153,7 @@ public class Logger { * @param message The message to log. */ public static void warn(Object message) { - org.apache.log4j.Logger logger = org.apache.log4j.Logger.getLogger(Thread.currentThread().getStackTrace()[2].getClassName()); + org.apache.log4j.Logger logger = getLogger(); logger.warn(message); } @@ -138,7 +164,7 @@ public class Logger { * @param t An exception that may be the cause of the warning. */ public static void warn(Object message, Throwable t) { - org.apache.log4j.Logger logger = org.apache.log4j.Logger.getLogger(Thread.currentThread().getStackTrace()[2].getClassName()); + org.apache.log4j.Logger logger = getLogger(); logger.warn(message, t); } @@ -148,7 +174,7 @@ public class Logger { * @param message The message to log. */ public static void error(Object message) { - org.apache.log4j.Logger logger = org.apache.log4j.Logger.getLogger(Thread.currentThread().getStackTrace()[2].getClassName()); + org.apache.log4j.Logger logger = getLogger(); logger.error(message); } @@ -159,7 +185,7 @@ public class Logger { * @param t An exception that may be the cause of the error. */ public static void error(Object message, Throwable t) { - org.apache.log4j.Logger logger = org.apache.log4j.Logger.getLogger(Thread.currentThread().getStackTrace()[2].getClassName()); + org.apache.log4j.Logger logger = getLogger(); logger.error(message, t); } @@ -169,7 +195,7 @@ public class Logger { * @param message The message to log. */ public static void fatal(Object message) { - org.apache.log4j.Logger logger = org.apache.log4j.Logger.getLogger(Thread.currentThread().getStackTrace()[2].getClassName()); + org.apache.log4j.Logger logger = getLogger(); logger.fatal(message); } @@ -180,7 +206,7 @@ public class Logger { * @param t An exception that may be the cause of the error. */ public static void fatal(Object message, Throwable t) { - org.apache.log4j.Logger logger = org.apache.log4j.Logger.getLogger(Thread.currentThread().getStackTrace()[2].getClassName()); + org.apache.log4j.Logger logger = getLogger(); logger.fatal(message, t); } } -- cgit v1.2.3 From 399597f84d5a3112cc8ad7262a40cfcae88cf83c Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Thu, 12 Mar 2015 16:23:02 +0100 Subject: getting rid of log4j in logger class --- common/pom.xml | 27 +++-------- .../java/at/gv/egovernment/moa/logging/Logger.java | 50 ++++++++++---------- .../id/commons/validation/ValidationHelper.java | 53 +++++++++++----------- 3 files changed, 56 insertions(+), 74 deletions(-) diff --git a/common/pom.xml b/common/pom.xml index e702c5e66..72cf702bc 100644 --- a/common/pom.xml +++ b/common/pom.xml @@ -74,11 +74,6 @@ slf4j-api 1.7.10 - org.slf4j jcl-over-slf4j @@ -86,28 +81,18 @@ org.slf4j - slf4j-api + jul-to-slf4j 1.7.10 - + + org.slf4j + slf4j-log4j12 + 1.7.10 + log4j log4j - - org.slf4j - slf4j-log4j12 - 1.7.10 - - - org.slf4j - jul-to-slf4j - 1.7.10 - diff --git a/common/src/main/java/at/gv/egovernment/moa/logging/Logger.java b/common/src/main/java/at/gv/egovernment/moa/logging/Logger.java index 184be20cb..6999656ab 100644 --- a/common/src/main/java/at/gv/egovernment/moa/logging/Logger.java +++ b/common/src/main/java/at/gv/egovernment/moa/logging/Logger.java @@ -50,22 +50,22 @@ public class Logger { /** The Constant instances. */ - private static final Map instances = new HashMap(); + private static final Map instances = new HashMap(); /** * Gets the logger. * * @return the logger */ - private static synchronized org.apache.log4j.Logger getLogger() { + private static synchronized org.slf4j.Logger getLogger() { String className = Thread.currentThread().getStackTrace()[3].getClassName(); - org.apache.log4j.Logger logger = instances.get(className); + org.slf4j.Logger logger = instances.get(className); if (logger != null) { return logger; } - logger = org.apache.log4j.Logger.getLogger(className); + logger = org.slf4j.LoggerFactory.getLogger(className); instances.put(className, logger); return logger; @@ -78,7 +78,7 @@ public class Logger { * false otherwise. */ public static boolean isTraceEnabled() { - org.apache.log4j.Logger logger = getLogger(); + org.slf4j.Logger logger = getLogger(); return logger.isTraceEnabled(); } @@ -90,7 +90,7 @@ public class Logger { * false otherwise. */ public static boolean isTraceEnabled(String hierarchy) { - org.apache.log4j.Logger logger = getLogger(); + org.slf4j.Logger logger = getLogger(); return logger.isTraceEnabled(); } @@ -100,8 +100,8 @@ public class Logger { * @param message The message to trace. */ public static void trace(Object message) { - org.apache.log4j.Logger logger = getLogger(); - logger.trace(message); + org.slf4j.Logger logger = getLogger(); + logger.trace(message.toString()); } /** @@ -111,7 +111,7 @@ public class Logger { * false otherwise. */ public static boolean isDebugEnabled() { - org.apache.log4j.Logger logger = getLogger(); + org.slf4j.Logger logger = getLogger(); return logger.isDebugEnabled(); } @@ -123,7 +123,7 @@ public class Logger { * false otherwise. */ public static boolean isDebugEnabled(String hierarchy) { - org.apache.log4j.Logger logger = getLogger(); + org.slf4j.Logger logger = getLogger(); return logger.isDebugEnabled(); } @@ -133,8 +133,8 @@ public class Logger { * @param message The message to log. */ public static void debug(Object message) { - org.apache.log4j.Logger logger = getLogger(); - logger.debug(message); + org.slf4j.Logger logger = getLogger(); + logger.debug(message.toString()); } /** @@ -143,8 +143,8 @@ public class Logger { * @param message The message to log. */ public static void info(Object message) { - org.apache.log4j.Logger logger = getLogger(); - logger.info(message); + org.slf4j.Logger logger = getLogger(); + logger.info(message.toString()); } /** @@ -153,8 +153,8 @@ public class Logger { * @param message The message to log. */ public static void warn(Object message) { - org.apache.log4j.Logger logger = getLogger(); - logger.warn(message); + org.slf4j.Logger logger = getLogger(); + logger.warn(message.toString()); } /** @@ -164,8 +164,8 @@ public class Logger { * @param t An exception that may be the cause of the warning. */ public static void warn(Object message, Throwable t) { - org.apache.log4j.Logger logger = getLogger(); - logger.warn(message, t); + org.slf4j.Logger logger = getLogger(); + logger.warn(message.toString(), t); } /** @@ -174,8 +174,8 @@ public class Logger { * @param message The message to log. */ public static void error(Object message) { - org.apache.log4j.Logger logger = getLogger(); - logger.error(message); + org.slf4j.Logger logger = getLogger(); + logger.error(message.toString()); } /** @@ -185,8 +185,8 @@ public class Logger { * @param t An exception that may be the cause of the error. */ public static void error(Object message, Throwable t) { - org.apache.log4j.Logger logger = getLogger(); - logger.error(message, t); + org.slf4j.Logger logger = getLogger(); + logger.error(message.toString(), t); } /** @@ -195,8 +195,7 @@ public class Logger { * @param message The message to log. */ public static void fatal(Object message) { - org.apache.log4j.Logger logger = getLogger(); - logger.fatal(message); + error(message); } /** @@ -206,7 +205,6 @@ public class Logger { * @param t An exception that may be the cause of the error. */ public static void fatal(Object message, Throwable t) { - org.apache.log4j.Logger logger = getLogger(); - logger.fatal(message, t); + error(message, t); } } diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/validation/ValidationHelper.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/validation/ValidationHelper.java index be6d7d01e..13d680b78 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/validation/ValidationHelper.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/validation/ValidationHelper.java @@ -44,14 +44,13 @@ import javax.net.ssl.SSLSession; import javax.net.ssl.SSLSocket; import javax.net.ssl.SSLSocketFactory; -import org.apache.log4j.Logger; +import at.gv.egovernment.moa.logging.Logger; public class ValidationHelper { public static final String PUBLICSERVICE_URL_POSTFIX = ".gv.at"; - private static final Logger log = Logger.getLogger(ValidationHelper.class); private static final String TEMPLATE_DATEFORMAT = "dd.MM.yyyy"; @@ -68,7 +67,7 @@ public class ValidationHelper { host = host.substring(0, host.length()-1); if (url.getHost().endsWith(PUBLICSERVICE_URL_POSTFIX)) { - log.debug("PublicURLPrefix with .gv.at Domain found."); + Logger.debug("PublicURLPrefix with .gv.at Domain found."); return true; } else { @@ -95,7 +94,7 @@ public class ValidationHelper { return false; } else { - log.info("Found correct X509 Extension in server certificate. PublicService is allowed"); + Logger.info("Found correct X509 Extension in server certificate. PublicService is allowed"); return true; } } @@ -104,27 +103,27 @@ public class ValidationHelper { } } catch (MalformedURLException e) { - log.warn("PublicURLPrefix can not parsed to URL", e); + Logger.warn("PublicURLPrefix can not parsed to URL", e); return false; } catch (UnknownHostException e) { - log.warn("Can not connect to PublicURLPrefix Server", e); + Logger.warn("Can not connect to PublicURLPrefix Server", e); return false; } catch (IOException e) { - log.warn("Can not connect to PublicURLPrefix Server", e); + Logger.warn("Can not connect to PublicURLPrefix Server", e); return false; } catch (CertificateEncodingException e) { - log.warn("Can not parse X509 server certificate", e); + Logger.warn("Can not parse X509 server certificate", e); return false; } catch (CertificateException e) { - log.warn("Can not read X509 server certificate", e); + Logger.warn("Can not read X509 server certificate", e); return false; } catch (X509ExtensionInitException e) { - log.warn("Can not read X509 server certificate extension", e); + Logger.warn("Can not read X509 server certificate extension", e); return false; } @@ -133,7 +132,7 @@ public class ValidationHelper { try { socket.close(); } catch (IOException e) { - log.warn("SSL Socket can not be closed.", e); + Logger.warn("SSL Socket can not be closed.", e); } } } @@ -148,7 +147,7 @@ public class ValidationHelper { return true; } catch (Throwable t) { - log.warn("No valid DataBase OAID received! " + oaIDObj); + Logger.warn("No valid DataBase OAID received! " + oaIDObj); } } return false; @@ -156,7 +155,7 @@ public class ValidationHelper { public static boolean validateNumber(String value) { - log.debug("Validate Number " + value); + Logger.debug("Validate Number " + value); try { Float.valueOf(value); @@ -171,7 +170,7 @@ public class ValidationHelper { } public static boolean validatePhoneNumber(String value) { - log.debug ("Validate PhoneNumber " + value); + Logger.debug ("Validate PhoneNumber " + value); /* ************************************************************************************************ * Legende: @@ -187,11 +186,11 @@ public class ValidationHelper { Matcher matcher = pattern.matcher(value); boolean b = matcher.matches(); if (b) { - log.debug("Parameter PhoneNumber erfolgreich ueberprueft"); + Logger.debug("Parameter PhoneNumber erfolgreich ueberprueft"); return true; } else { - log.error("Fehler Ueberpruefung Parameter PhoneNumber. PhoneNumber entspricht nicht den Kriterien ^ [a-zA-Z .,;:/\\-]* [ ]* [(]{0,1}[ ]*[+]{0,1}[ ]*[0-9]{0,2}[ ]*[)]{0,1} [ ]* [0-9]*[ ]*[/\\-]{0,1} [ ]*[ ]* [0-9]* [ ]* [a-zA-Z .,;:\\/-]* $"); + Logger.error("Fehler Ueberpruefung Parameter PhoneNumber. PhoneNumber entspricht nicht den Kriterien ^ [a-zA-Z .,;:/\\-]* [ ]* [(]{0,1}[ ]*[+]{0,1}[ ]*[0-9]{0,2}[ ]*[)]{0,1} [ ]* [0-9]*[ ]*[/\\-]{0,1} [ ]*[ ]* [0-9]* [ ]* [a-zA-Z .,;:\\/-]* $"); return false; } @@ -200,7 +199,7 @@ public class ValidationHelper { public static boolean validateURL(String urlString) { - log.debug("Validate URL " + urlString); + Logger.debug("Validate URL " + urlString); if (urlString.startsWith("http") || urlString.startsWith("https")) { try { @@ -216,7 +215,7 @@ public class ValidationHelper { // public static boolean validateGeneralURL(String urlString) { // -// log.debug("Validate URL " + urlString); +// Logger.debug("Validate URL " + urlString); // // try { // new URL(urlString); @@ -231,17 +230,17 @@ public class ValidationHelper { public static boolean isValidAdminTarget(String target) { - log.debug("Ueberpruefe Parameter Target"); + Logger.debug("Ueberpruefe Parameter Target"); Pattern pattern = Pattern.compile("[a-zA-Z-]{1,5}"); Matcher matcher = pattern.matcher(target); boolean b = matcher.matches(); if (b) { - log.debug("Parameter SSO-Target erfolgreich ueberprueft. SSO Target is PublicService."); + Logger.debug("Parameter SSO-Target erfolgreich ueberprueft. SSO Target is PublicService."); return true; } else { - log.info("Parameter SSO-Target entspricht nicht den Kriterien " + + Logger.info("Parameter SSO-Target entspricht nicht den Kriterien " + "(nur Zeichen a-z, A-Z und -, sowie 1-5 Zeichen lang) fuer den oeffentlichen Bereich. " + "Valiere SSO-Target fuer privatwirtschaftliche Bereiche."); return false; @@ -250,14 +249,14 @@ public class ValidationHelper { public static boolean isValidTarget(String target) { - log.debug("Ueberpruefe Parameter Target"); + Logger.debug("Ueberpruefe Parameter Target"); if (TargetValidator.isValidTarget(target)) { - log.debug("Parameter Target erfolgreich ueberprueft"); + Logger.debug("Parameter Target erfolgreich ueberprueft"); return true; } else { - log.error("Fehler Ueberpruefung Parameter Target. Target entspricht nicht den Kriterien (nur Zeichen a-z, A-Z und -, sowie 1-5 Zeichen lang)"); + Logger.error("Fehler Ueberpruefung Parameter Target. Target entspricht nicht den Kriterien (nur Zeichen a-z, A-Z und -, sowie 1-5 Zeichen lang)"); return false; } @@ -265,17 +264,17 @@ public class ValidationHelper { public static boolean isValidSourceID(String sourceID) { - log.debug("Ueberpruefe Parameter sourceID"); + Logger.debug("Ueberpruefe Parameter sourceID"); Pattern pattern = Pattern.compile("[\\w-_]{1,20}"); Matcher matcher = pattern.matcher(sourceID); boolean b = matcher.matches(); if (b) { - log.debug("Parameter sourceID erfolgreich ueberprueft"); + Logger.debug("Parameter sourceID erfolgreich ueberprueft"); return true; } else { - log.error("Fehler Ueberpruefung Parameter sourceID. SourceID entspricht nicht den Kriterien (nur Zeichen a-z, A-Z, - und _, sowie 1-20 Zeichen lang)"); + Logger.error("Fehler Ueberpruefung Parameter sourceID. SourceID entspricht nicht den Kriterien (nur Zeichen a-z, A-Z, - und _, sowie 1-20 Zeichen lang)"); return false; } } -- cgit v1.2.3 From 12c3c34ea26ff20e39c9b67f698e9c8b99ef11ee Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Fri, 13 Mar 2015 15:38:31 +0100 Subject: STORK PEPS-conform logging --- .../moa/id/auth/AuthenticationServer.java | 24 ++++++++++++++++++++++ .../moa/id/auth/servlet/PEPSConnectorServlet.java | 20 ++++++++++++++++++ .../modules/stork/tasks/PepsConnectorTask.java | 20 ++++++++++++++++++ 3 files changed, 64 insertions(+) diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java index fd7c7f237..c4d6859db 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java @@ -11,9 +11,11 @@ import java.io.InputStream; import java.io.StringWriter; import java.io.UnsupportedEncodingException; import java.math.BigInteger; +import java.net.URL; import java.security.NoSuchAlgorithmException; import java.security.Principal; import java.security.cert.CertificateException; +import java.text.SimpleDateFormat; import java.util.ArrayList; //import java.security.cert.CertificateFactory; import java.util.Calendar; @@ -1845,6 +1847,17 @@ public class AuthenticationServer implements MOAIDAuthConstants { //send moasession.setStorkAuthnRequest(authnRequest); + // do PEPS-conform logging for easier evaluation + try { + // 2015-03-12 16:44:27.144#S-PEPS receives request from SP#spurl#spepsurl#spapp#spdomain#citizen country#qaa#msghash#msg_id id1# + Logger.info(new SimpleDateFormat("yyyy-MM-dd HH:mm:ss.SSS").format(new Date()) + "#S-PEPS receives request from SP#" + + moasession.getPublicOAURLPrefix() + "#" + issuerValue + "#" + spApplication + "#" + + new URL(moasession.getPublicOAURLPrefix()).getHost() + "#" + moasession.getCcc() + "#" + oaParam.getQaaLevel() + + "#_hash_#" + moasession.getProcessInstanceId() + "#"); + } catch (Exception e1) { + Logger.info("STORK PEPS conform logging failed because of: " + e1.getMessage()); + } + AuthenticationSessionStoreage.changeSessionID(moasession, authnRequest.getSamlId()); @@ -1877,6 +1890,17 @@ public class AuthenticationServer implements MOAIDAuthConstants { } Logger.info("STORK AuthnRequest successfully successfully prepared for client with target location: " + authnRequest.getDestination()); + + // do PEPS-conform logging for easier evaluation + try { + // 2015-03-12 16:44:27.144#S-PEPS generates request to C-PEPS#spepsurl#cpepsurl#spapp#spdomain#citizen country#qaa#msghash#msg_id id1#id2# + Logger.info(new SimpleDateFormat("yyyy-MM-dd HH:mm:ss.SSS").format(new Date()) + "#S-PEPS generates request to C-PEPS#" + + issuerValue + "#" + destination + "#" + spApplication + "#" + + new URL(moasession.getPublicOAURLPrefix()).getHost() + "#" + moasession.getCcc() + "#" + oaParam.getQaaLevel() + + "#_hash_#" + moasession.getProcessInstanceId() + "#" + authnRequest.getSamlId() + "#"); + } catch (Exception e1) { + Logger.info("STORK PEPS conform logging failed because of: " + e1.getMessage()); + } } private static String generateDssSignRequest(String text, String mimeType, String citizenCountry) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java index 7357818c8..24daa76a3 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java @@ -28,8 +28,10 @@ import java.io.IOException; import java.io.InputStream; import java.io.StringWriter; import java.net.URL; +import java.text.SimpleDateFormat; import java.util.ArrayList; import java.util.Arrays; +import java.util.Date; import java.util.List; import java.util.Properties; @@ -201,6 +203,15 @@ public class PEPSConnectorServlet extends AuthServlet { Logger.debug("STORK response: "); Logger.debug(authnResponse.toString()); + // do PEPS-conform logging for easier evaluation + try { + // 2015-03-12 16:44:27.144#S-PEPS receives response from C-PEPS#orig_msg_id id2 (in response to)#orig_msg_id id1 (in response to)#status#msghash#msg_id id3# + Logger.info(new SimpleDateFormat("yyyy-MM-dd HH:mm:ss.SSS").format(new Date()) + "#S-PEPS receives response from C-PEPS#" + + authnResponse.getInResponseTo() + "#NA#" + authnResponse.getMessage() + "#_hash_#" + authnResponse.getSamlId() + "#"); + } catch (Exception e1) { + Logger.info("STORK PEPS conform logging failed because of: " + e1.getMessage()); + } + Logger.debug("Trying to find MOA Session-ID ..."); //String moaSessionID = request.getParameter(PARAM_SESSIONID); //first use SAML2 relayState @@ -554,6 +565,15 @@ public class PEPSConnectorServlet extends AuthServlet { // stork did the authentication step moaSession.setAuthenticated(true); + // do PEPS-conform logging for easier evaluation + try { + // 2015-03-12 16:44:27.144#S-PEPS generates response to SP#orig_msg_id id1 (in response to)#status#msghash#msg_id id4# + Logger.info(new SimpleDateFormat("yyyy-MM-dd HH:mm:ss.SSS").format(new Date()) + "#S-PEPS generates response to SP#" + + "#NA#" + authnResponse.getMessage() + "#_hash_#" + moaSession.getProcessInstanceId() + "#"); + } catch (Exception e1) { + Logger.info("STORK PEPS conform logging failed because of: " + e1.getMessage()); + } + // //TODO: found better solution, but QAA Level in response could be not supported yet // try { // diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java index 59f54f957..d233f88c4 100644 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java +++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java @@ -6,8 +6,10 @@ import java.io.IOException; import java.io.InputStream; import java.io.StringWriter; import java.net.URL; +import java.text.SimpleDateFormat; import java.util.ArrayList; import java.util.Arrays; +import java.util.Date; import java.util.List; import java.util.Properties; @@ -170,6 +172,15 @@ public class PepsConnectorTask extends AbstractAuthServletTask { Logger.debug("STORK response: "); Logger.debug(authnResponse.toString()); + // do PEPS-conform logging for easier evaluation + try { + // 2015-03-12 16:44:27.144#S-PEPS receives response from C-PEPS#orig_msg_id id2 (in response to)#orig_msg_id id1 (in response to)#status#msghash#msg_id id3# + Logger.info(new SimpleDateFormat("yyyy-MM-dd HH:mm:ss.SSS").format(new Date()) + "#S-PEPS receives response from C-PEPS#" + + authnResponse.getInResponseTo() + "#NA#" + authnResponse.getMessage() + "#_hash_#" + authnResponse.getSamlId() + "#"); + } catch (Exception e1) { + Logger.info("STORK PEPS conform logging failed because of: " + e1.getMessage()); + } + Logger.debug("Trying to find MOA Session-ID ..."); // String moaSessionID = request.getParameter(PARAM_SESSIONID); // first use SAML2 relayState @@ -549,6 +560,15 @@ public class PepsConnectorTask extends AbstractAuthServletTask { // stork did the authentication step moaSession.setAuthenticated(true); + // do PEPS-conform logging for easier evaluation + try { + // 2015-03-12 16:44:27.144#S-PEPS generates response to SP#orig_msg_id id1 (in response to)#status#msghash#msg_id id4# + Logger.info(new SimpleDateFormat("yyyy-MM-dd HH:mm:ss.SSS").format(new Date()) + "#S-PEPS generates response to SP#" + + "#" + moaSession.getProcessInstanceId() + "#" + authnResponse.getMessage() + "#_hash_#" + moaSession.getProcessInstanceId() + "#"); + } catch (Exception e1) { + Logger.info("STORK PEPS conform logging failed because of: " + e1.getMessage()); + } + // TODO: found better solution, but QAA Level in STORK response is not be supported yet // try { // -- cgit v1.2.3 From 9ac6c3342ba7afdd75838230d13ceda70614cedc Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Fri, 13 Mar 2015 16:03:33 +0100 Subject: added fakeidl no-signature option config --- .../moa/id/config/auth/AuthConfigurationProvider.java | 10 ++++++++++ .../moa/id/auth/modules/stork/tasks/PepsConnectorTask.java | 8 ++++++-- 2 files changed, 16 insertions(+), 2 deletions(-) diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java index c746c0888..d33a9ea92 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java @@ -1042,6 +1042,16 @@ public class AuthConfigurationProvider extends ConfigurationProvider { return null; } + /** + * Gets the countries for which it is configured to require no signature + * + * @return the stork no signature countries + */ + public List getStorkNoSignatureCountries() { + String prop = props.getProperty("stork.fakeIdL.noSignatureCountries", ""); + return Arrays.asList(prop.replaceAll(" ", "").split(",")); + } + public boolean isMonitoringActive() { String prop = props.getProperty("configuration.monitoring.active", "false"); return Boolean.valueOf(prop); diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java index d233f88c4..3d787f371 100644 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java +++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java @@ -326,9 +326,13 @@ public class PepsConnectorTask extends AbstractAuthServletTask { // //////////////////////////////////////////////////////////////////////// + AuthConfigurationProvider config = AuthConfigurationProvider.getInstance(); + String citizenSignature = null; + if(config.isStorkFakeIdLActive() && config.getStorkNoSignatureCountries().contains(storkAuthnRequest.getCitizenCountryCode()) && config.getStorkFakeIdLCountries().contains(storkAuthnRequest.getCitizenCountryCode())) { + Logger.debug("signedDoc extraction skipped due to configuration"); + } else { Logger.debug("Starting extraction of signedDoc attribute"); // extract signed doc element and citizen signature - String citizenSignature = null; try { if (authnResponse.getPersonalAttributeList().get("signedDoc") == null @@ -409,6 +413,7 @@ public class PepsConnectorTask extends AbstractAuthServletTask { Logger.error("Could not extract citizen signature from C-PEPS", e); throw new MOAIDException("stork.09", null); } + } Logger.debug("Foregin Citizen signature successfully extracted from STORK Assertion (signedDoc)"); Logger.debug("Citizen signature will be verified by SZR Gateway!"); @@ -441,7 +446,6 @@ public class PepsConnectorTask extends AbstractAuthServletTask { IdentityLink identityLink = null; executionContext.put("identityLinkAvailable", false); try { - AuthConfigurationProvider config = AuthConfigurationProvider.getInstance(); if(config.isStorkFakeIdLActive() && config.getStorkFakeIdLCountries().contains(storkAuthnRequest.getCitizenCountryCode())) { // create fake IdL // - fetch IdL template from resources -- cgit v1.2.3 From c0613b08431899c6d97affc570a237b81dfcda80 Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Fri, 13 Mar 2015 16:04:09 +0100 Subject: fixed date format issue with fakeIdL creation --- .../gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java | 2 +- .../egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java index 82e079459..cd751ce7f 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java @@ -906,7 +906,7 @@ public class AuthenticationDataBuilder implements MOAIDAuthConstants { } } catch (Exception e) { - Logger.error("Failed to extract country code from certificate", e); + Logger.error("Failed to extract country code from certificate with message: " + e.getMessage()); } diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java index 3d787f371..6e0bd19ff 100644 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java +++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java @@ -30,6 +30,7 @@ import org.apache.velocity.Template; import org.apache.velocity.VelocityContext; import org.apache.velocity.app.VelocityEngine; import org.opensaml.saml2.core.StatusCode; +import org.springframework.format.datetime.DateFormatter; import org.w3c.dom.Element; import org.w3c.dom.Node; @@ -482,6 +483,7 @@ public class PepsConnectorTask extends AbstractAuthServletTask { if(!STORKResponseProcessor.hasAttribute("dateOfBirth", attributeList)) throw new STORKException("dateOfBirth is missing"); String dateOfBirth = STORKResponseProcessor.getAttributeValue("dateOfBirth", attributeList, false); + dateOfBirth = new SimpleDateFormat("yyyy-MM-dd").format(new SimpleDateFormat("yyyyMMdd").parse(dateOfBirth)); prDateOfBirth.getFirstChild().setNodeValue(dateOfBirth); identityLink = new IdentityLinkAssertionParser(idlassertion).parseIdentityLink(); -- cgit v1.2.3