From 26305f997cf754fa558ef745680376b47cdd221b Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Tue, 13 Dec 2016 11:52:26 +0100 Subject: minimal fix in MOA-ID 1.5.1 to use 'https.cipherSuites' parameter if it is set switch to version 1.5.1.1 --- common/pom.xml | 4 ++-- id/pom.xml | 4 ++-- id/server/auth/pom.xml | 4 ++-- id/server/idserverlib/pom.xml | 4 ++-- .../moa/id/auth/MOAIDAuthInitializer.java | 21 +++++++++------------ id/server/pom.xml | 4 ++-- pom.xml | 10 +++++----- spss/pom.xml | 2 +- spss/server/serverlib/pom.xml | 2 +- 9 files changed, 26 insertions(+), 29 deletions(-) diff --git a/common/pom.xml b/common/pom.xml index 6f4bb6ecb..8fbe88f49 100644 --- a/common/pom.xml +++ b/common/pom.xml @@ -2,12 +2,12 @@ MOA MOA - 1.5.1 + 1.5.1.1 4.0.0 MOA moa-common - 1.5.1 + 1.5.1.1 jar MOA common library diff --git a/id/pom.xml b/id/pom.xml index ec5e48494..b8ac973fe 100644 --- a/id/pom.xml +++ b/id/pom.xml @@ -3,14 +3,14 @@ MOA MOA - 1.5.1 + 1.5.1.1 4.0.0 MOA id pom - 1.5.1 + 1.5.1.1 MOA ID diff --git a/id/server/auth/pom.xml b/id/server/auth/pom.xml index e1aeb2802..1e54df19a 100644 --- a/id/server/auth/pom.xml +++ b/id/server/auth/pom.xml @@ -2,14 +2,14 @@ MOA.id moa-id - 1.5.1 + 1.5.1.1 4.0.0 MOA.id.server moa-id-auth war - 1.5.1 + 1.5.1.1 MOA ID-Auth WebService diff --git a/id/server/idserverlib/pom.xml b/id/server/idserverlib/pom.xml index 9b266e00e..087fe6e06 100644 --- a/id/server/idserverlib/pom.xml +++ b/id/server/idserverlib/pom.xml @@ -2,14 +2,14 @@ MOA.id moa-id - 1.5.1 + 1.5.1.1 4.0.0 MOA.id.server moa-id-lib jar - 1.5.1 + 1.5.1.1 MOA ID API diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java index 924e9d643..1aa8c79d9 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java @@ -24,12 +24,10 @@ package at.gv.egovernment.moa.id.auth; -import iaik.pki.PKIException; -import iaik.pki.jsse.IAIKX509TrustManager; - import java.io.IOException; import java.security.GeneralSecurityException; import java.util.Properties; +import java.util.logging.Logger; import javax.activation.CommandMap; import javax.activation.MailcapCommandMap; @@ -37,18 +35,15 @@ import javax.mail.Session; import javax.net.ssl.SSLSocketFactory; import at.gv.egovernment.moa.id.config.ConfigurationException; +import at.gv.egovernment.moa.id.config.ConfigurationProvider; import at.gv.egovernment.moa.id.config.ConnectionParameter; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; import at.gv.egovernment.moa.id.iaik.config.LoggerConfigImpl; import at.gv.egovernment.moa.id.util.AxisSecureSocketFactory; import at.gv.egovernment.moa.id.util.MOAIDMessageProvider; import at.gv.egovernment.moa.id.util.SSLUtils; -import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.logging.LoggingContext; -import at.gv.egovernment.moa.logging.LoggingContextManager; -import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider; -import at.gv.egovernment.moa.spss.server.iaik.config.IaikConfigurator; -import at.gv.egovernment.moa.util.Constants; +import iaik.pki.PKIException; +import iaik.pki.jsse.IAIKX509TrustManager; /** * Web application initializer @@ -85,9 +80,11 @@ public class MOAIDAuthInitializer { Session session = Session.getDefaultInstance(props, null); // Restricts TLS cipher suites - System.setProperty( - "https.cipherSuites", - "SSL_RSA_WITH_RC4_128_SHA,SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_3DES_EDE_CBC_SHA"); + if ((System.getProperty("https.cipherSuites") == null) || + System.getProperty("https.cipherSuites").isEmpty() ) + System.setProperty( + "https.cipherSuites", + "SSL_RSA_WITH_RC4_128_SHA,SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_3DES_EDE_CBC_SHA"); // load some jsse classes so that the integrity of the jars can be // verified // before the iaik jce is installed as the security provider diff --git a/id/server/pom.xml b/id/server/pom.xml index 72a47385c..146821454 100644 --- a/id/server/pom.xml +++ b/id/server/pom.xml @@ -4,14 +4,14 @@ MOA id - 1.5.1 + 1.5.1.1 4.0.0 MOA.id moa-id pom - 1.5.1 + 1.5.1.1 MOA ID Server diff --git a/pom.xml b/pom.xml index 476ae34f8..dd04a9480 100644 --- a/pom.xml +++ b/pom.xml @@ -4,7 +4,7 @@ MOA MOA pom - 1.5.1 + 1.5.1.1 MOA @@ -180,25 +180,25 @@ MOA moa-common - 1.5.1 + 1.5.1.1 compile MOA.id.server moa-id-lib - 1.5.1 + 1.5.1.1 compile MOA.spss.server moa-spss-lib - 1.5.1 + 1.5.1.1 compile MOA moa-common - 1.5.1 + 1.5.1.1 test-jar test diff --git a/spss/pom.xml b/spss/pom.xml index 8a9281e62..4d720a01c 100644 --- a/spss/pom.xml +++ b/spss/pom.xml @@ -3,7 +3,7 @@ MOA MOA - 1.5.1 + 1.5.1.1 4.0.0 diff --git a/spss/server/serverlib/pom.xml b/spss/server/serverlib/pom.xml index cf50b132b..df4b48147 100644 --- a/spss/server/serverlib/pom.xml +++ b/spss/server/serverlib/pom.xml @@ -9,7 +9,7 @@ MOA.spss.server moa-spss-lib jar - 1.5.1 + 1.5.1.1 MOA SP/SS API -- cgit v1.2.3