From 557e2e7053680b6611f312fff132b6eb94c4a8c6 Mon Sep 17 00:00:00 2001
From: kstranacher_eGovL
 <kstranacher_eGovL@d688527b-c9ab-4aba-bd8d-4036d912da1d>
Date: Thu, 11 Oct 2012 13:02:47 +0000
Subject: Update https.cipherSuites

git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/trunk@1299 d688527b-c9ab-4aba-bd8d-4036d912da1d
---
 .../.settings/org.eclipse.wst.common.component     |  8 +++--
 .../moa/id/auth/MOAIDAuthInitializer.java          | 30 +++++++++++++++--
 spss/server/serverws/.classpath                    | 39 ++++++----------------
 spss/server/serverws/.project                      |  4 +--
 .../.settings/org.eclipse.wst.common.component     |  4 +--
 .../org.eclipse.wst.common.project.facet.core.xml  |  4 +--
 6 files changed, 49 insertions(+), 40 deletions(-)

diff --git a/id/server/idserverlib/.settings/org.eclipse.wst.common.component b/id/server/idserverlib/.settings/org.eclipse.wst.common.component
index a5eb3d4d8..7ea6221a5 100644
--- a/id/server/idserverlib/.settings/org.eclipse.wst.common.component
+++ b/id/server/idserverlib/.settings/org.eclipse.wst.common.component
@@ -1,7 +1,11 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<project-modules id="moduleCoreId" project-version="2.0">
+<project-modules id="moduleCoreId" project-version="1.5.0">
   <wb-module deploy-name="moa-id-lib">
     <wb-resource deploy-path="/" source-path="src/main/java"/>
     <wb-resource deploy-path="/" source-path="src/main/resources"/>
+        <wb-resource deploy-path="/" source-path="/"/>
+        <wb-resource deploy-path="/" source-path="/src/test/java"/>
+        <wb-resource deploy-path="/" source-path="/src/main/java"/>
+        <wb-resource deploy-path="/" source-path="/src/main/resources"/>
   </wb-module>
-</project-modules>
\ No newline at end of file
+</project-modules>
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java
index 924e9d643..cf5615a13 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java
@@ -85,9 +85,35 @@ public class MOAIDAuthInitializer {
         Session session = Session.getDefaultInstance(props, null);
 
         // Restricts TLS cipher suites
+//        System.setProperty(
+//                        "https.cipherSuites",
+//                        "SSL_RSA_WITH_RC4_128_SHA,SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_3DES_EDE_CBC_SHA");
+//      
+        // actual HIGH cipher suites from OpenSSL
+//	 	  Mapping OpenSSL - Java
+//        OpenSSL							Java
+//        http://www.openssl.org/docs/apps/ciphers.html		http://docs.oracle.com/javase/6/docs/technotes/guides/security/SunProviders.html
+//        via “openssl ciphers -tls1 HIGH –v”
+//
+//        ADH-AES256-SHA			TLS_DH_anon_WITH_AES_256_CBC_SHA
+//        DHE-RSA-AES256-SHA		TLS_DHE_RSA_WITH_AES_256_CBC_SHA
+//        DHE-DSS-AES256-SHA		TLS_DHE_DSS_WITH_AES_256_CBC_SHA
+//        AES256-SHA				TLS_RSA_WITH_AES_256_CBC_SHA
+//        ADH-AES128-SHA			TLS_DH_anon_WITH_AES_128_CBC_SHA
+//        DHE-RSA-AES128-SHA		TLS_DHE_RSA_WITH_AES_128_CBC_SHA
+//        DHE-DSS-AES128-SHA		TLS_DHE_DSS_WITH_AES_128_CBC_SHA
+//        AES128-SHA				TLS_RSA_WITH_AES_128_CBC_SHA
+//        ADH-DES-CBC3-SHA			SSL_DH_anon_WITH_3DES_EDE_CBC_SHA
+//        EDH-RSA-DES-CBC3-SHA		-
+//        EDH-DSS-DES-CBC3-SHA		- 
+//        DES-CBC3-SHA				SSL_RSA_WITH_3DES_EDE_CBC_SHA
+
         System.setProperty(
-                        "https.cipherSuites",
-                        "SSL_RSA_WITH_RC4_128_SHA,SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_3DES_EDE_CBC_SHA");
+              "https.cipherSuites",
+        	  "TLS_DH_anon_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,SSL_DH_anon_WITH_3DES_EDE_CBC_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA");
+    
+
+        
         // load some jsse classes so that the integrity of the jars can be
         // verified
         // before the iaik jce is installed as the security provider
diff --git a/spss/server/serverws/.classpath b/spss/server/serverws/.classpath
index c9263c2c9..af4743f8a 100644
--- a/spss/server/serverws/.classpath
+++ b/spss/server/serverws/.classpath
@@ -1,31 +1,12 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <classpath>
-  <classpathentry kind="output" path="target/classes"/>
-  <classpathentry kind="var" path="M2_REPO/javax/activation/activation/1.1/activation-1.1.jar"/>
-  <classpathentry kind="var" path="M2_REPO/javax/mail/mail/1.4/mail-1.4.jar"/>
-  <classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/J2SE-1.4"/>
-  <classpathentry kind="src" path="/moa-spss-lib"/>
-  <classpathentry kind="var" path="M2_REPO/axis/axis/1.0_IAIK/axis-1.0_IAIK.jar"/>
-  <classpathentry kind="var" path="M2_REPO/org/apache/axis/axis-jaxrpc/1.4/axis-jaxrpc-1.4.jar"/>
-  <classpathentry kind="var" path="M2_REPO/org/apache/axis/axis-saaj/1.4/axis-saaj-1.4.jar"/>
-  <classpathentry kind="var" path="M2_REPO/axis/axis-wsdl4j/1.5.1/axis-wsdl4j-1.5.1.jar"/>
-  <classpathentry kind="var" path="M2_REPO/commons-discovery/commons-discovery/0.2/commons-discovery-0.2.jar"/>
-  <classpathentry kind="var" path="M2_REPO/commons-logging/commons-logging/1.0.4/commons-logging-1.0.4.jar"/>
-  <classpathentry kind="var" path="M2_REPO/log4j/log4j/1.2.14/log4j-1.2.14.jar"/>
-  <classpathentry kind="var" path="M2_REPO/postgresql/postgresql/7.2/postgresql-7.2.jar"/>
-  <classpathentry kind="var" path="M2_REPO/xalan-bin-dist/xalan/2.7.0/xalan-2.7.0.jar"/>
-  <classpathentry kind="var" path="M2_REPO/xerces/xercesImpl/2.7.1/xercesImpl-2.7.1.jar"/>
-  <classpathentry kind="var" path="M2_REPO/xalan-bin-dist/xml-apis/2.7.0/xml-apis-2.7.0.jar"/>
-  <classpathentry kind="var" path="M2_REPO/xalan-bin-dist/serializer/2.7.0/serializer-2.7.0.jar"/>
-  <classpathentry kind="var" path="M2_REPO/iaik/prod/iaik_moa/1.32/iaik_moa-1.32.jar"/>
-  <classpathentry kind="var" path="M2_REPO/iaik/prod/iaik_ixsil/1.2.2.5/iaik_ixsil-1.2.2.5.jar"/>
-  <classpathentry kind="var" path="M2_REPO/iaik/prod/iaik_jce_full/4.0_MOA/iaik_jce_full-4.0_MOA.jar"/>
-  <classpathentry kind="var" path="M2_REPO/iaik/prod/iaik_ecc/2.19/iaik_ecc-2.19.jar"/>
-  <classpathentry kind="var" path="M2_REPO/iaik/prod/iaik_cms/4.1_MOA/iaik_cms-4.1_MOA.jar"/>
-  <classpathentry kind="var" path="M2_REPO/iaik/prod/iaik_Pkcs11Provider/1.2.4/iaik_Pkcs11Provider-1.2.4.jar"/>
-  <classpathentry kind="var" path="M2_REPO/iaik/prod/iaik_Pkcs11Wrapper/1.2.17/iaik_Pkcs11Wrapper-1.2.17.jar"/>
-  <classpathentry kind="src" path="/moa-common"/>
-  <classpathentry kind="var" path="M2_REPO/jaxen/jaxen/1.0-FCS/jaxen-1.0-FCS.jar"/>
-  <classpathentry kind="var" path="M2_REPO/saxpath/saxpath/1.0-FCS/saxpath-1.0-FCS.jar"/>
-  <classpathentry kind="var" path="M2_REPO/joda-time/joda-time/1.6.2/joda-time-1.6.2.jar"/>
-</classpath>
\ No newline at end of file
+	<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/J2SE-1.4"/>
+	<classpathentry kind="con" path="org.maven.ide.eclipse.MAVEN2_CLASSPATH_CONTAINER">
+		<attributes>
+			<attribute name="org.eclipse.jst.component.dependency" value="/WEB-INF/lib"/>
+		</attributes>
+	</classpathentry>
+	<classpathentry kind="con" path="org.eclipse.jst.j2ee.internal.web.container"/>
+	<classpathentry kind="con" path="org.eclipse.jst.j2ee.internal.module.container"/>
+	<classpathentry kind="output" path="target/classes"/>
+</classpath>
diff --git a/spss/server/serverws/.project b/spss/server/serverws/.project
index 2c2ea723a..dd934fd1a 100644
--- a/spss/server/serverws/.project
+++ b/spss/server/serverws/.project
@@ -17,10 +17,10 @@
       <name>org.eclipse.wst.validation.validationbuilder</name>
     </buildCommand>
     <buildCommand>
-      <name>org.maven.ide.eclipse.maven2Builder</name>
+      <name>org.eclipse.m2e.core.maven2Builder</name>
     </buildCommand>
     <buildCommand>
-      <name>org.eclipse.m2e.core.maven2Builder</name>
+      <name>org.maven.ide.eclipse.maven2Builder</name>
     </buildCommand>
   </buildSpec>
   <natures>
diff --git a/spss/server/serverws/.settings/org.eclipse.wst.common.component b/spss/server/serverws/.settings/org.eclipse.wst.common.component
index 98ab901d4..784056e0f 100644
--- a/spss/server/serverws/.settings/org.eclipse.wst.common.component
+++ b/spss/server/serverws/.settings/org.eclipse.wst.common.component
@@ -1,13 +1,11 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <project-modules id="moduleCoreId" project-version="1.5.0">
   <wb-module deploy-name="moa-spss-ws">
+        <wb-resource deploy-path="/" source-path="/src/main/webapp"/>
         <dependent-module deploy-path="/WEB-INF/lib" handle="module:/resource/moa-spss-lib/moa-spss-lib">
             <dependency-type>uses</dependency-type>
         </dependent-module>
     <property name="context-root" value="moa-spss-ws"/>
-    <wb-resource deploy-path="/" source-path="src/main/webapp"/>
-    <wb-resource deploy-path="/" source-path="resources/wsdl"/>
-    <wb-resource deploy-path="/" source-path="C:/eclipse_workspaces/MOAJoinup01/20120704_trunk/spss/handbook"/>
     <property name="java-output-path" value="/target/classes"/>
   </wb-module>
 </project-modules>
diff --git a/spss/server/serverws/.settings/org.eclipse.wst.common.project.facet.core.xml b/spss/server/serverws/.settings/org.eclipse.wst.common.project.facet.core.xml
index a801c94a0..df66dd21b 100644
--- a/spss/server/serverws/.settings/org.eclipse.wst.common.project.facet.core.xml
+++ b/spss/server/serverws/.settings/org.eclipse.wst.common.project.facet.core.xml
@@ -2,6 +2,6 @@
 <faceted-project>
   <fixed facet="jst.java"/>
   <fixed facet="jst.web"/>
-  <installed facet="jst.web" version="2.4"/>
   <installed facet="jst.java" version="1.4"/>
-</faceted-project>
\ No newline at end of file
+  <installed facet="jst.web" version="2.3"/>
+</faceted-project>
-- 
cgit v1.2.3