From 56ed4518d7978c064af5f240494bf587136c93b0 Mon Sep 17 00:00:00 2001 From: rudolf Date: Mon, 15 Mar 2004 16:07:52 +0000 Subject: RSCH git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/trunk@99 d688527b-c9ab-4aba-bd8d-4036d912da1d --- id.server/build.xml | 13 +- .../data/abnahme-test/conf/OAConfHeaderAuth.xml | 2 +- .../data/abnahme-test/conf/OAConfParamAuth.xml | 2 +- .../abnahme-test/conf/moa-id/ConfigurationTest.xml | 4 +- .../xmldata/A200/A262/Configuration.xml | 22 +- .../xmldata/A300/A301/Configuration.xml | 2 +- .../xmldata/A300/A302/Configuration.xml | 2 +- .../xmldata/A300/A303/Configuration.xml | 2 +- .../xmldata/A300/A304/Configuration.xml | 2 +- .../xmldata/A300/A305/Configuration.xml | 2 +- .../xmldata/A300/A306/Configuration.xml | 2 +- .../xmldata/A300/A307/Configuration.xml | 2 +- .../xmldata/A300/A308/Configuration.xml | 2 +- .../xmldata/A300/A309/Configuration.xml | 2 +- .../xmldata/A300/A310/Configuration.xml | 2 +- .../xmldata/A300/A311/Configuration.xml | 2 +- .../xmldata/A300/A366/Configuration.xml | 4 +- .../xmldata/A300/A367/Configuration.xml | 4 +- .../xmldata/A700/A703/Configuration.xml | 2 +- .../abnahme-test/xmldata/A700/Configuration.xml | 2 +- .../xmldata/C000/C001/Configuration.xml | 2 +- .../xmldata/C000/C002/Configuration.xml | 2 +- .../data/abnahme-test/xmldata/Configuration.xml | 24 +- .../abnahme-test/xmldata/L000/Configuration.xml | 22 +- .../conf/moa-id/SampleMOAIDConfiguration.xml | 21 +- id.server/data/deploy/tomcat/server.mod_jk.xml | 157 ++-- id.server/data/deploy/tomcat/server.xml | 58 +- id.server/data/test/conf/ConfigurationTest.xml | 16 +- id.server/data/test/conf/OAConfHeaderAuth.xml | 2 +- id.server/doc/MOA-ID-Configuration-1.1.xsd | 306 ------- id.server/doc/MOA-ID-Configuration-1.2.xsd | 341 ++++++++ id.server/doc/MOA_ID_1.2_20040315.pdf | Bin 0 -> 577309 bytes id.server/doc/moa_id/api-doc/allclasses-frame.html | 44 + .../doc/moa_id/api-doc/allclasses-noframe.html | 44 + .../moa/id/AuthenticationException.html | 251 ++++++ .../moa/id/auth/AuthenticationServer.html | 631 ++++++++++++++ .../id/auth/class-use/AuthenticationServer.html | 172 ++++ .../gv/egovernment/moa/id/auth/package-frame.html | 32 + .../egovernment/moa/id/auth/package-summary.html | 148 ++++ .../gv/egovernment/moa/id/auth/package-tree.html | 145 ++++ .../at/gv/egovernment/moa/id/auth/package-use.html | 162 ++++ .../moa/id/class-use/AuthenticationException.html | 228 ++++++ .../moa/id/config/proxy/OAConfiguration.html | 613 ++++++++++++++ .../id/config/proxy/class-use/OAConfiguration.html | 184 +++++ .../moa/id/config/proxy/package-frame.html | 32 + .../moa/id/config/proxy/package-summary.html | 149 ++++ .../moa/id/config/proxy/package-tree.html | 145 ++++ .../moa/id/config/proxy/package-use.html | 163 ++++ .../moa/id/data/AuthenticationData.html | 906 +++++++++++++++++++++ .../moa/id/data/class-use/AuthenticationData.html | 214 +++++ .../gv/egovernment/moa/id/data/package-frame.html | 32 + .../egovernment/moa/id/data/package-summary.html | 148 ++++ .../gv/egovernment/moa/id/data/package-tree.html | 145 ++++ .../at/gv/egovernment/moa/id/data/package-use.html | 181 ++++ .../at/gv/egovernment/moa/id/package-frame.html | 32 + .../at/gv/egovernment/moa/id/package-summary.html | 148 ++++ .../at/gv/egovernment/moa/id/package-tree.html | 147 ++++ .../at/gv/egovernment/moa/id/package-use.html | 162 ++++ .../moa/id/proxy/ConnectionBuilder.html | 249 ++++++ .../moa/id/proxy/LoginParameterResolver.html | 506 ++++++++++++ .../id/proxy/LoginParameterResolverException.html | 251 ++++++ .../moa/id/proxy/NotAllowedException.html | 253 ++++++ .../moa/id/proxy/class-use/ConnectionBuilder.html | 136 ++++ .../id/proxy/class-use/LoginParameterResolver.html | 136 ++++ .../class-use/LoginParameterResolverException.html | 192 +++++ .../id/proxy/class-use/NotAllowedException.html | 182 +++++ .../gv/egovernment/moa/id/proxy/package-frame.html | 47 ++ .../egovernment/moa/id/proxy/package-summary.html | 175 ++++ .../gv/egovernment/moa/id/proxy/package-tree.html | 154 ++++ .../gv/egovernment/moa/id/proxy/package-use.html | 170 ++++ id.server/doc/moa_id/api-doc/constant-values.html | 262 ++++++ id.server/doc/moa_id/api-doc/deprecated-list.html | 134 +++ id.server/doc/moa_id/api-doc/help-doc.html | 193 +++++ id.server/doc/moa_id/api-doc/index-all.html | 462 +++++++++++ id.server/doc/moa_id/api-doc/index.html | 26 + id.server/doc/moa_id/api-doc/overview-frame.html | 50 ++ id.server/doc/moa_id/api-doc/overview-summary.html | 165 ++++ id.server/doc/moa_id/api-doc/overview-tree.html | 155 ++++ id.server/doc/moa_id/api-doc/package-list | 5 + id.server/doc/moa_id/api-doc/packages.html | 37 + id.server/doc/moa_id/api-doc/resources/inherit.gif | Bin 0 -> 57 bytes id.server/doc/moa_id/api-doc/serialized-form.html | 169 ++++ id.server/doc/moa_id/api-doc/stylesheet.css | 29 + .../moa_id/examples/conf/MOA-ID-Configuration.xml | 2 +- .../doc/moa_id/examples/conf/OAConfHeaderAuth.xml | 4 +- .../doc/moa_id/examples/conf/OAConfParamAuth.xml | 4 +- id.server/doc/moa_id/id-admin_2.htm | 33 +- id.server/doc/moa_id/moa.htm | 4 +- id.server/html/auth/WEB-INF/web.xml | 19 + id.server/html/auth/errorpage-auth.jsp | 41 + id.server/html/auth/errorpage.jsp | 41 - id.server/html/auth/index.jsp | 6 +- id.server/html/auth/message-auth.jsp | 20 + id.server/html/proxy/WEB-INF/web.xml | 23 + id.server/html/proxy/errorpage-proxy.jsp | 41 + id.server/html/proxy/message-proxy.jsp | 20 + id.server/lib/moa-spss-1.2d01/moa-common.jar | Bin 78133 -> 78882 bytes id.server/lib/moa-spss-1.2d01/moa-spss.jar | Bin 266660 -> 266660 bytes .../resources/properties/id_messages_de.properties | 12 +- .../moa/id/auth/AuthenticationServer.java | 19 +- .../AuthenticationDataAssertionBuilder.java | 7 +- .../moa/id/auth/builder/BPKBuilder.java | 50 ++ .../builder/CreateXMLSignatureRequestBuilder.java | 11 +- .../moa/id/auth/builder/PersonDataBuilder.java | 13 +- .../moa/id/auth/builder/VPKBuilder.java | 52 -- .../egovernment/moa/id/auth/data/IdentityLink.java | 27 +- .../auth/parser/IdentityLinkAssertionParser.java | 13 +- .../moa/id/auth/servlet/AuthServlet.java | 10 +- .../moa/id/auth/servlet/ConfigurationServlet.java | 37 +- .../VerifyXMLSignatureResponseValidator.java | 2 +- .../moa/id/config/ConfigurationBuilder.java | 4 +- .../moa/id/config/auth/OAAuthParameter.java | 40 +- .../config/proxy/ProxyConfigurationProvider.java | 2 - .../moa/id/data/AuthenticationData.java | 40 +- .../moa/id/iaik/config/PKIConfigurationImpl.java | 1 + .../moa/id/proxy/DefaultConnectionBuilder.java | 2 +- .../id/proxy/DefaultLoginParameterResolver.java | 31 +- .../moa/id/proxy/LoginParameterResolver.java | 28 +- .../moa/id/proxy/NotAllowedException.java | 39 + .../moa/id/proxy/OldXMLLoginParameterResolver.java | 16 +- .../moa/id/proxy/XMLLoginParameterResolver.java | 12 +- .../parser/AuthenticationDataAssertionParser.java | 17 +- .../moa/id/proxy/servlet/ConfigurationServlet.java | 35 +- .../moa/id/proxy/servlet/ProxyServlet.java | 189 +++-- .../moa/id/util/HTTPRequestJSPForwarder.java | 76 ++ .../at/gv/egovernment/moa/id/util/SSLUtils.java | 2 +- .../src/test/abnahme/A/Test300VerifyAuthBlock.java | 10 +- .../abnahme/P/Test100LoginParameterResolver.java | 8 +- .../builder/CreateXMLSignatureBuilderTest.java | 2 +- .../auth/MOAIDAuthConfigurationProviderTest.java | 6 +- .../proxy/MOAIDProxyConfigurationProviderTest.java | 4 +- .../id/proxy/parser/SAMLResponseParserTest.java | 2 +- 132 files changed, 10648 insertions(+), 853 deletions(-) delete mode 100644 id.server/doc/MOA-ID-Configuration-1.1.xsd create mode 100644 id.server/doc/MOA-ID-Configuration-1.2.xsd create mode 100644 id.server/doc/MOA_ID_1.2_20040315.pdf create mode 100644 id.server/doc/moa_id/api-doc/allclasses-frame.html create mode 100644 id.server/doc/moa_id/api-doc/allclasses-noframe.html create mode 100644 id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/AuthenticationException.html create mode 100644 id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/auth/AuthenticationServer.html create mode 100644 id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/auth/class-use/AuthenticationServer.html create mode 100644 id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/auth/package-frame.html create mode 100644 id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/auth/package-summary.html create mode 100644 id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/auth/package-tree.html create mode 100644 id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/auth/package-use.html create mode 100644 id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/class-use/AuthenticationException.html create mode 100644 id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/config/proxy/OAConfiguration.html create mode 100644 id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/config/proxy/class-use/OAConfiguration.html create mode 100644 id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/config/proxy/package-frame.html create mode 100644 id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/config/proxy/package-summary.html create mode 100644 id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/config/proxy/package-tree.html create mode 100644 id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/config/proxy/package-use.html create mode 100644 id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/data/AuthenticationData.html create mode 100644 id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/data/class-use/AuthenticationData.html create mode 100644 id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/data/package-frame.html create mode 100644 id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/data/package-summary.html create mode 100644 id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/data/package-tree.html create mode 100644 id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/data/package-use.html create mode 100644 id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/package-frame.html create mode 100644 id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/package-summary.html create mode 100644 id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/package-tree.html create mode 100644 id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/package-use.html create mode 100644 id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/ConnectionBuilder.html create mode 100644 id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/LoginParameterResolver.html create mode 100644 id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/LoginParameterResolverException.html create mode 100644 id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/NotAllowedException.html create mode 100644 id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/class-use/ConnectionBuilder.html create mode 100644 id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/class-use/LoginParameterResolver.html create mode 100644 id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/class-use/LoginParameterResolverException.html create mode 100644 id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/class-use/NotAllowedException.html create mode 100644 id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/package-frame.html create mode 100644 id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/package-summary.html create mode 100644 id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/package-tree.html create mode 100644 id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/package-use.html create mode 100644 id.server/doc/moa_id/api-doc/constant-values.html create mode 100644 id.server/doc/moa_id/api-doc/deprecated-list.html create mode 100644 id.server/doc/moa_id/api-doc/help-doc.html create mode 100644 id.server/doc/moa_id/api-doc/index-all.html create mode 100644 id.server/doc/moa_id/api-doc/index.html create mode 100644 id.server/doc/moa_id/api-doc/overview-frame.html create mode 100644 id.server/doc/moa_id/api-doc/overview-summary.html create mode 100644 id.server/doc/moa_id/api-doc/overview-tree.html create mode 100644 id.server/doc/moa_id/api-doc/package-list create mode 100644 id.server/doc/moa_id/api-doc/packages.html create mode 100644 id.server/doc/moa_id/api-doc/resources/inherit.gif create mode 100644 id.server/doc/moa_id/api-doc/serialized-form.html create mode 100644 id.server/doc/moa_id/api-doc/stylesheet.css create mode 100644 id.server/html/auth/errorpage-auth.jsp delete mode 100644 id.server/html/auth/errorpage.jsp create mode 100644 id.server/html/auth/message-auth.jsp create mode 100644 id.server/html/proxy/errorpage-proxy.jsp create mode 100644 id.server/html/proxy/message-proxy.jsp create mode 100644 id.server/src/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java delete mode 100644 id.server/src/at/gv/egovernment/moa/id/auth/builder/VPKBuilder.java create mode 100644 id.server/src/at/gv/egovernment/moa/id/proxy/NotAllowedException.java create mode 100644 id.server/src/at/gv/egovernment/moa/id/util/HTTPRequestJSPForwarder.java diff --git a/id.server/build.xml b/id.server/build.xml index 80d3b19f3..59a8a5d54 100644 --- a/id.server/build.xml +++ b/id.server/build.xml @@ -8,7 +8,7 @@ --> - + @@ -99,7 +99,7 @@ - + @@ -121,6 +121,7 @@ + @@ -138,8 +139,10 @@ + + - + MOA ID API]]> @@ -157,7 +160,7 @@ - +
-
+
diff --git a/id.server/data/abnahme-test/conf/OAConfParamAuth.xml b/id.server/data/abnahme-test/conf/OAConfParamAuth.xml index a70f6a6c0..7b1c7c075 100644 --- a/id.server/data/abnahme-test/conf/OAConfParamAuth.xml +++ b/id.server/data/abnahme-test/conf/OAConfParamAuth.xml @@ -5,6 +5,6 @@ stateful - + diff --git a/id.server/data/abnahme-test/conf/moa-id/ConfigurationTest.xml b/id.server/data/abnahme-test/conf/moa-id/ConfigurationTest.xml index f2e23f2e2..fff97860a 100644 --- a/id.server/data/abnahme-test/conf/moa-id/ConfigurationTest.xml +++ b/id.server/data/abnahme-test/conf/moa-id/ConfigurationTest.xml @@ -34,7 +34,7 @@ - + file:/C:/Programme/ApacheGroup/abnahme/conf/moa-id/oa/server-certs/tomcat @@ -43,7 +43,7 @@ - + file:/home/moa/id/abnahme/conf/moa-id/oa/server-certs/tomcat diff --git a/id.server/data/abnahme-test/xmldata/A200/A262/Configuration.xml b/id.server/data/abnahme-test/xmldata/A200/A262/Configuration.xml index 44b4f519b..4f3cfe2ba 100644 --- a/id.server/data/abnahme-test/xmldata/A200/A262/Configuration.xml +++ b/id.server/data/abnahme-test/xmldata/A200/A262/Configuration.xml @@ -34,7 +34,7 @@ - + url:AcceptedServerCertificates @@ -43,7 +43,7 @@ - + url:AcceptedServerCertificates2 @@ -52,7 +52,7 @@ - + url:AcceptedServerCertificates2 @@ -61,7 +61,7 @@ - + url:AcceptedServerCertificates2 @@ -70,25 +70,25 @@ - + - + - + - + - + - + - + diff --git a/id.server/data/abnahme-test/xmldata/A300/A301/Configuration.xml b/id.server/data/abnahme-test/xmldata/A300/A301/Configuration.xml index 39d9a864b..1b70f3997 100644 --- a/id.server/data/abnahme-test/xmldata/A300/A301/Configuration.xml +++ b/id.server/data/abnahme-test/xmldata/A300/A301/Configuration.xml @@ -40,7 +40,7 @@ - + url:AcceptedServerCertificates2 diff --git a/id.server/data/abnahme-test/xmldata/A300/A302/Configuration.xml b/id.server/data/abnahme-test/xmldata/A300/A302/Configuration.xml index 804a27e92..aff5564dc 100644 --- a/id.server/data/abnahme-test/xmldata/A300/A302/Configuration.xml +++ b/id.server/data/abnahme-test/xmldata/A300/A302/Configuration.xml @@ -40,7 +40,7 @@ - + url:AcceptedServerCertificates2 diff --git a/id.server/data/abnahme-test/xmldata/A300/A303/Configuration.xml b/id.server/data/abnahme-test/xmldata/A300/A303/Configuration.xml index 2067a40c7..1ec231dff 100644 --- a/id.server/data/abnahme-test/xmldata/A300/A303/Configuration.xml +++ b/id.server/data/abnahme-test/xmldata/A300/A303/Configuration.xml @@ -40,7 +40,7 @@ - + url:AcceptedServerCertificates2 diff --git a/id.server/data/abnahme-test/xmldata/A300/A304/Configuration.xml b/id.server/data/abnahme-test/xmldata/A300/A304/Configuration.xml index bc1bc17ce..3325577ec 100644 --- a/id.server/data/abnahme-test/xmldata/A300/A304/Configuration.xml +++ b/id.server/data/abnahme-test/xmldata/A300/A304/Configuration.xml @@ -40,7 +40,7 @@ - + url:AcceptedServerCertificates2 diff --git a/id.server/data/abnahme-test/xmldata/A300/A305/Configuration.xml b/id.server/data/abnahme-test/xmldata/A300/A305/Configuration.xml index 7a2ed2017..10ab7fd96 100644 --- a/id.server/data/abnahme-test/xmldata/A300/A305/Configuration.xml +++ b/id.server/data/abnahme-test/xmldata/A300/A305/Configuration.xml @@ -40,7 +40,7 @@ - + url:AcceptedServerCertificates2 diff --git a/id.server/data/abnahme-test/xmldata/A300/A306/Configuration.xml b/id.server/data/abnahme-test/xmldata/A300/A306/Configuration.xml index 3750de781..908f64dd9 100644 --- a/id.server/data/abnahme-test/xmldata/A300/A306/Configuration.xml +++ b/id.server/data/abnahme-test/xmldata/A300/A306/Configuration.xml @@ -40,7 +40,7 @@ - + url:AcceptedServerCertificates2 diff --git a/id.server/data/abnahme-test/xmldata/A300/A307/Configuration.xml b/id.server/data/abnahme-test/xmldata/A300/A307/Configuration.xml index 7400f791a..a784e4a7f 100644 --- a/id.server/data/abnahme-test/xmldata/A300/A307/Configuration.xml +++ b/id.server/data/abnahme-test/xmldata/A300/A307/Configuration.xml @@ -40,7 +40,7 @@ - + url:AcceptedServerCertificates2 diff --git a/id.server/data/abnahme-test/xmldata/A300/A308/Configuration.xml b/id.server/data/abnahme-test/xmldata/A300/A308/Configuration.xml index b6b42f267..0a8505c42 100644 --- a/id.server/data/abnahme-test/xmldata/A300/A308/Configuration.xml +++ b/id.server/data/abnahme-test/xmldata/A300/A308/Configuration.xml @@ -40,7 +40,7 @@ - + url:AcceptedServerCertificates2 diff --git a/id.server/data/abnahme-test/xmldata/A300/A309/Configuration.xml b/id.server/data/abnahme-test/xmldata/A300/A309/Configuration.xml index 9e523773a..8a673cb6c 100644 --- a/id.server/data/abnahme-test/xmldata/A300/A309/Configuration.xml +++ b/id.server/data/abnahme-test/xmldata/A300/A309/Configuration.xml @@ -40,7 +40,7 @@ - + url:AcceptedServerCertificates2 diff --git a/id.server/data/abnahme-test/xmldata/A300/A310/Configuration.xml b/id.server/data/abnahme-test/xmldata/A300/A310/Configuration.xml index 9e523773a..8a673cb6c 100644 --- a/id.server/data/abnahme-test/xmldata/A300/A310/Configuration.xml +++ b/id.server/data/abnahme-test/xmldata/A300/A310/Configuration.xml @@ -40,7 +40,7 @@ - + url:AcceptedServerCertificates2 diff --git a/id.server/data/abnahme-test/xmldata/A300/A311/Configuration.xml b/id.server/data/abnahme-test/xmldata/A300/A311/Configuration.xml index 9e523773a..8a673cb6c 100644 --- a/id.server/data/abnahme-test/xmldata/A300/A311/Configuration.xml +++ b/id.server/data/abnahme-test/xmldata/A300/A311/Configuration.xml @@ -40,7 +40,7 @@ - + url:AcceptedServerCertificates2 diff --git a/id.server/data/abnahme-test/xmldata/A300/A366/Configuration.xml b/id.server/data/abnahme-test/xmldata/A300/A366/Configuration.xml index 9a358e434..b3fb62200 100644 --- a/id.server/data/abnahme-test/xmldata/A300/A366/Configuration.xml +++ b/id.server/data/abnahme-test/xmldata/A300/A366/Configuration.xml @@ -35,7 +35,7 @@ - + url:AcceptedServerCertificates @@ -44,7 +44,7 @@ - + url:AcceptedServerCertificates2 diff --git a/id.server/data/abnahme-test/xmldata/A300/A367/Configuration.xml b/id.server/data/abnahme-test/xmldata/A300/A367/Configuration.xml index 5aade8185..cf4e839ea 100644 --- a/id.server/data/abnahme-test/xmldata/A300/A367/Configuration.xml +++ b/id.server/data/abnahme-test/xmldata/A300/A367/Configuration.xml @@ -35,7 +35,7 @@ - + url:AcceptedServerCertificates @@ -44,7 +44,7 @@ - + url:AcceptedServerCertificates2 diff --git a/id.server/data/abnahme-test/xmldata/A700/A703/Configuration.xml b/id.server/data/abnahme-test/xmldata/A700/A703/Configuration.xml index f38dc9ee0..d440c61ab 100644 --- a/id.server/data/abnahme-test/xmldata/A700/A703/Configuration.xml +++ b/id.server/data/abnahme-test/xmldata/A700/A703/Configuration.xml @@ -26,7 +26,7 @@ - + diff --git a/id.server/data/abnahme-test/xmldata/A700/Configuration.xml b/id.server/data/abnahme-test/xmldata/A700/Configuration.xml index 44cc09196..e9d18ea89 100644 --- a/id.server/data/abnahme-test/xmldata/A700/Configuration.xml +++ b/id.server/data/abnahme-test/xmldata/A700/Configuration.xml @@ -26,7 +26,7 @@ - + diff --git a/id.server/data/abnahme-test/xmldata/C000/C001/Configuration.xml b/id.server/data/abnahme-test/xmldata/C000/C001/Configuration.xml index e125e2c38..bb4bfdd62 100644 --- a/id.server/data/abnahme-test/xmldata/C000/C001/Configuration.xml +++ b/id.server/data/abnahme-test/xmldata/C000/C001/Configuration.xml @@ -39,7 +39,7 @@ - + url:AcceptedServerCertificates2 diff --git a/id.server/data/abnahme-test/xmldata/C000/C002/Configuration.xml b/id.server/data/abnahme-test/xmldata/C000/C002/Configuration.xml index 7a75d85f8..cc4b33faa 100644 --- a/id.server/data/abnahme-test/xmldata/C000/C002/Configuration.xml +++ b/id.server/data/abnahme-test/xmldata/C000/C002/Configuration.xml @@ -19,6 +19,6 @@ - + diff --git a/id.server/data/abnahme-test/xmldata/Configuration.xml b/id.server/data/abnahme-test/xmldata/Configuration.xml index e3f1bd8b4..157798e85 100644 --- a/id.server/data/abnahme-test/xmldata/Configuration.xml +++ b/id.server/data/abnahme-test/xmldata/Configuration.xml @@ -36,7 +36,7 @@ - + url:AcceptedServerCertificates @@ -45,7 +45,7 @@ - + url:AcceptedServerCertificates2 @@ -54,7 +54,7 @@ - + url:AcceptedServerCertificates2 @@ -63,7 +63,7 @@ - + url:AcceptedServerCertificates2 @@ -72,25 +72,25 @@ - + - + - + - + - + - + - + @@ -102,4 +102,4 @@ - + \ No newline at end of file diff --git a/id.server/data/abnahme-test/xmldata/L000/Configuration.xml b/id.server/data/abnahme-test/xmldata/L000/Configuration.xml index e3f1bd8b4..b282548dc 100644 --- a/id.server/data/abnahme-test/xmldata/L000/Configuration.xml +++ b/id.server/data/abnahme-test/xmldata/L000/Configuration.xml @@ -36,7 +36,7 @@ - + url:AcceptedServerCertificates @@ -45,7 +45,7 @@ - + url:AcceptedServerCertificates2 @@ -54,7 +54,7 @@ - + url:AcceptedServerCertificates2 @@ -63,7 +63,7 @@ - + url:AcceptedServerCertificates2 @@ -72,25 +72,25 @@ - + - + - + - + - + - + - + diff --git a/id.server/data/deploy/conf/moa-id/SampleMOAIDConfiguration.xml b/id.server/data/deploy/conf/moa-id/SampleMOAIDConfiguration.xml index e55e32679..12366b5ac 100644 --- a/id.server/data/deploy/conf/moa-id/SampleMOAIDConfiguration.xml +++ b/id.server/data/deploy/conf/moa-id/SampleMOAIDConfiguration.xml @@ -1,6 +1,6 @@ - + @@ -17,13 +17,14 @@ --> - + MOAIDBuergerkartePersonenbindung - - + + MOAIDBuergerkarteAuthentisierungsDaten MOAIDTransformAuthBlock @@ -34,7 +35,7 @@ CN=zmr,OU=BMI-IV-2,O=BMI,C=AT - + @@ -48,7 +49,7 @@ - + @@ -66,13 +67,13 @@ 536 - - + certs/ca-certs - + diff --git a/id.server/data/deploy/tomcat/server.mod_jk.xml b/id.server/data/deploy/tomcat/server.mod_jk.xml index 61100b260..b32cf7844 100644 --- a/id.server/data/deploy/tomcat/server.mod_jk.xml +++ b/id.server/data/deploy/tomcat/server.mod_jk.xml @@ -1,7 +1,6 @@ - - - - - - + - - - - - - - - + + - - - - - + + - - - - - + + - - - - - - - - - - + + + + - - - - - + + - - - - - - - - - - - - + - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + \ No newline at end of file diff --git a/id.server/data/deploy/tomcat/server.xml b/id.server/data/deploy/tomcat/server.xml index c99136fa2..2fd7b6439 100644 --- a/id.server/data/deploy/tomcat/server.xml +++ b/id.server/data/deploy/tomcat/server.xml @@ -50,18 +50,22 @@ IP address of the remote client. --> - - + + - - - + + + + + --> - + - + - + - + - + @@ -145,13 +155,17 @@ --> - + - + - + - + \ No newline at end of file diff --git a/id.server/data/test/conf/ConfigurationTest.xml b/id.server/data/test/conf/ConfigurationTest.xml index 5c18e35cc..8e18c0802 100644 --- a/id.server/data/test/conf/ConfigurationTest.xml +++ b/id.server/data/test/conf/ConfigurationTest.xml @@ -19,7 +19,7 @@ - CN=MOA Test CA - Signaturdienste,OU=IKT-Stabsstelle des Bundes,O=Bundesministerium für öffentliche Leistung und Sport,C=AT + CN=MOA Test CA - Signaturdienste,OU=IKT-Stabsstelle des Bundes,O=Bundesministerium für öffentliche Leistung und Sport,C=AT @@ -31,7 +31,7 @@ - + url:AcceptedServerCertificates @@ -40,7 +40,7 @@ - + file:data/test/certs/server-certs @@ -48,7 +48,7 @@ - + file:data/test/certs/server-certs @@ -56,7 +56,7 @@ - + file:data/test/certs/server-certs @@ -64,7 +64,7 @@ - + file:data/test/certs/server-certs @@ -72,7 +72,7 @@ - + url:AcceptedServerCertificates2 @@ -81,7 +81,7 @@ - + url:AcceptedServerCertificates3 diff --git a/id.server/data/test/conf/OAConfHeaderAuth.xml b/id.server/data/test/conf/OAConfHeaderAuth.xml index c92e055e9..c084410b4 100644 --- a/id.server/data/test/conf/OAConfHeaderAuth.xml +++ b/id.server/data/test/conf/OAConfHeaderAuth.xml @@ -7,7 +7,7 @@
-
+
diff --git a/id.server/doc/MOA-ID-Configuration-1.1.xsd b/id.server/doc/MOA-ID-Configuration-1.1.xsd deleted file mode 100644 index bb5021ed6..000000000 --- a/id.server/doc/MOA-ID-Configuration-1.1.xsd +++ /dev/null @@ -1,306 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - enthält Parameter der Authentisierungs-Komponente - - - - - enthält Konfigurationsparameter der Proxy-Komponente - - - - - - enthält Parameter für die Kommunikation zw. Proxykomponente und Authenttisierungskomponente - - - - - - enthält Parameter für die SOAP-Verbindung von der Proxy-Komponente zur Auth-Komponente (vgl. AuthComponent/MOA-SP/ConnectionParameter) - - - - - - - - - - - enthält Parameter für die OA - - - - - - - - - - - - spezifiziert den Algorithmus ("pkix" oder "chaining") für die Zertifikatspfadvalidierung - - - - - - ein vom SystemDefaultMode abweichender ChiningMode kann für jeden TrustAnchor gesetzt werden - - - - - - - - - - - - - - - - verweist auf ein Verzeichnis, das vertrauenswürdige CA (Zwischen-CA, Wurzel-CA) Zertifikate enthält. - - - - - - - - - - - - - - - - - - - - - - - - enthält Parameter für die Kommunikation mit dem Security-Layer - - - - - - das Attribut filename verweist auf eine Datei mit globalem Element TransformsInfo vom Typ sl10:TransformsInfo; diese TransformsInfo werden in den CreateXMLSignatureRequest für die Signatur des AUTH-Blocks inkludiert - - - - - - - - - - - enthält Konfiguratiosnparameter für die Kommunikation mit dem MOA SP Modul - - - - - - enthält Parameter für die SOAP-Verbindung von der AUTH-Komponente zu MOA-SP; das Attribut URL enthält den Endpunkt des Server; wird das Schema "https" verwendet müssen die Kind-Elemente angegeben werden; wird das Schema "http" verwendet dürfen keine Kind-Elemente angegeben werden; wird das Element nicht verwendet dann wird MOA-SP über das API aufgerufen - - - - - enthält Parameter für die Überprüfung der Personenbindung - - - - - - - - - - enthält Parameter für die Überprüfung des AUTH-Blocks - - - - - - - - - - - - - - enthält Informationen über akzeptierte Signers des IdentityLinks - - - - - - akzeptierte Signer des IdentityLinks werden per X509SubjectName (Kodierung nach RFC 2253) identifiziert - - - - - - - - - - - - - enthält Parameter über die OA, die die Authentisierungs-Komponente betreffen - - - - - - - - - - enthält Parameter über die OA, die die Proxy-Komponente betreffen - - - - - - enthält Parameter über die OA, die die Proxy-Komponente betreffen - - - - - - - - - - - - - - - - - URL zu einem Verzeichnis, das akzeptierte Server-Zertifikate der TLS-Verbindung enthält (keine CA-Zertifikate) - - - - - - - - - - - - URL zu einem KeyStore, der den privaten Schlüssel, der für die TLS-Client-Authentisierung verwendetwird, enthält - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/id.server/doc/MOA-ID-Configuration-1.2.xsd b/id.server/doc/MOA-ID-Configuration-1.2.xsd new file mode 100644 index 000000000..20316ec76 --- /dev/null +++ b/id.server/doc/MOA-ID-Configuration-1.2.xsd @@ -0,0 +1,341 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + enthält Parameter der + Authentisierungs-Komponente + + + + + enthält Konfigurationsparameter der + Proxy-Komponente + + + + + + enthält Parameter für die Kommunikation zw. + Proxykomponente und Authenttisierungskomponente + + + + + + enthält Parameter für die SOAP-Verbindung von der + Proxy-Komponente zur Auth-Komponente (vgl. + AuthComponent/MOA-SP/ConnectionParameter) + + + + + + + + + + + enthält Parameter für die OA + + + + + + + + + + + + + spezifiziert den Algorithmus ("pkix" oder "chaining") für die + Zertifikatspfadvalidierung + + + + + + ein vom SystemDefaultMode abweichender ChiningMode kann + für jeden TrustAnchor gesetzt werden + + + + + + + + + + + + + + + + verweist auf ein Verzeichnis, das vertrauenswürdige CA + (Zwischen-CA, Wurzel-CA) Zertifikate enthält. + + + + + + + + + + + + + + + + + + + + + + + + enthält Parameter für die Kommunikation mit dem + Security-Layer + + + + + + das Attribut filename verweist auf eine Datei mit globalem + Element TransformsInfo vom Typ sl10:TransformsInfo; diese TransformsInfo + werden in den CreateXMLSignatureRequest für die Signatur des AUTH-Blocks + inkludiert + + + + + + + + + + + enthält Konfiguratiosnparameter für die Kommunikation mit dem MOA + SP Modul + + + + + + enthält Parameter für die SOAP-Verbindung von der + AUTH-Komponente zu MOA-SP; das Attribut URL enthält den Endpunkt des Server; + wird das Schema "https" verwendet müssen die Kind-Elemente angegeben werden; + wird das Schema "http" verwendet dürfen keine Kind-Elemente angegeben + werden; wird das Element nicht verwendet dann wird MOA-SP über das API + aufgerufen + + + + + enthält Parameter für die Überprüfung der + Personenbindung + + + + + + + + + + enthält Parameter für die Überprüfung des + AUTH-Blocks + + + + + + + + + + + + + + enthält Informationen über akzeptierte Signers des + IdentityLinks + + + + + + akzeptierte Signer des IdentityLinks werden per + X509SubjectName (Kodierung nach RFC 2253) identifiziert + + + + + + + + + + + + + enthält Parameter über die OA, die die + Authentisierungs-Komponente betreffen + + + + + + + + + + enthält Parameter über die OA, die die Proxy-Komponente + betreffen + + + + + + enthält Parameter über die OA, die die Proxy-Komponente + betreffen + + + + + + + + + + + + + + + + + URL zu einem Verzeichnis, das akzeptierte Server-Zertifikate der + TLS-Verbindung enthält (keine CA-Zertifikate) + + + + + + + + + + + + URL zu einem KeyStore, der den privaten Schlüssel, der für + die TLS-Client-Authentisierung verwendetwird, enthält + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/id.server/doc/MOA_ID_1.2_20040315.pdf b/id.server/doc/MOA_ID_1.2_20040315.pdf new file mode 100644 index 000000000..0c89c2730 Binary files /dev/null and b/id.server/doc/MOA_ID_1.2_20040315.pdf differ diff --git a/id.server/doc/moa_id/api-doc/allclasses-frame.html b/id.server/doc/moa_id/api-doc/allclasses-frame.html new file mode 100644 index 000000000..9e051d7b1 --- /dev/null +++ b/id.server/doc/moa_id/api-doc/allclasses-frame.html @@ -0,0 +1,44 @@ + + + + + + +All Classes (MOA ID API) + + + + + + + + + + +All Classes +
+ + + + + +
AuthenticationData +
+AuthenticationException +
+AuthenticationServer +
+ConnectionBuilder +
+LoginParameterResolver +
+LoginParameterResolverException +
+NotAllowedException +
+OAConfiguration +
+
+ + + diff --git a/id.server/doc/moa_id/api-doc/allclasses-noframe.html b/id.server/doc/moa_id/api-doc/allclasses-noframe.html new file mode 100644 index 000000000..dc5c0fb5f --- /dev/null +++ b/id.server/doc/moa_id/api-doc/allclasses-noframe.html @@ -0,0 +1,44 @@ + + + + + + +All Classes (MOA ID API) + + + + + + + + + + +All Classes +
+ + + + + +
AuthenticationData +
+AuthenticationException +
+AuthenticationServer +
+ConnectionBuilder +
+LoginParameterResolver +
+LoginParameterResolverException +
+NotAllowedException +
+OAConfiguration +
+
+ + + diff --git a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/AuthenticationException.html b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/AuthenticationException.html new file mode 100644 index 000000000..a11ad6242 --- /dev/null +++ b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/AuthenticationException.html @@ -0,0 +1,251 @@ + + + + + + +AuthenticationException (MOA ID API) + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+ +
+ + + +
+ +

+ +at.gv.egovernment.moa.id +
+Class AuthenticationException

+
+java.lang.Object
+  extended byMOAIDException
+      extended byat.gv.egovernment.moa.id.AuthenticationException
+
+
+
+
public class AuthenticationException
extends MOAIDException
+ +

+Exception thrown during handling of AuthenticationSession +

+ +

+

+
See Also:
Serialized Form
+
+ +

+ + + + + + + + + + + + + + + + + + + +
+Constructor Summary
AuthenticationException(String messageId, + Object[] parameters) + +
+          Constructor for AuthenticationException.
AuthenticationException(String messageId, + Object[] parameters, + Throwable wrapped) + +
+          Constructor for AuthenticationException.
+  + + + + + + + + + + +
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
+  +

+ + + + + + + + + + + +
+Constructor Detail
+ +

+AuthenticationException

+
+public AuthenticationException(String messageId,
+                               Object[] parameters)
+
+
Constructor for AuthenticationException. +

+

Parameters:
messageId -
+
+ +

+AuthenticationException

+
+public AuthenticationException(String messageId,
+                               Object[] parameters,
+                               Throwable wrapped)
+
+
Constructor for AuthenticationException. +

+

Parameters:
messageId -
parameters -
wrapped -
+ + + + +
+ + + + + + + + + + + + + + + + + + + +
+ +
+ + + +
+ + + diff --git a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/auth/AuthenticationServer.html b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/auth/AuthenticationServer.html new file mode 100644 index 000000000..b5be8a054 --- /dev/null +++ b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/auth/AuthenticationServer.html @@ -0,0 +1,631 @@ + + + + + + +AuthenticationServer (MOA ID API) + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+ +
+ + + +
+ +

+ +at.gv.egovernment.moa.id.auth +
+Class AuthenticationServer

+
+java.lang.Object
+  extended byat.gv.egovernment.moa.id.auth.AuthenticationServer
+
+
+
+
public class AuthenticationServer
extends Object
+ +

+API for MOA ID Authentication Service.
+ AuthenticationSession is stored in a session store and retrieved + by giving the session ID. +

+ +

+


+ +

+ + + + + + + + + + + + + + + + +
+Constructor Summary
AuthenticationServer() + +
+          Constructor for AuthenticationServer.
+  + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+Method Summary
+ voidcleanup() + +
+          Cleans up expired session and authentication data stores.
+static voiddebugOutputXMLFile(String filename, + org.w3c.dom.Element rootElem) + +
+          Writes an XML structure to file for debugging purposes, encoding UTF-8.
+static voiddebugOutputXMLFile(String filename, + String xmlString) + +
+          Writes an XML structure to file for debugging purposes, encoding UTF-8.
+ AuthenticationDatagetAuthenticationData(String samlArtifact) + +
+          Retrieves AuthenticationData indexed by the SAML artifact. +
+static AuthenticationServergetInstance() + +
+          Returns the single instance of AuthenticationServer.
+static AuthenticationSessiongetSession(String id) + +
+          Retrieves a session from the session store.
+ StringselectBKU(String authURL, + String target, + String oaURL, + String bkuSelectionTemplateURL, + String templateURL) + +
+          Processes request to select a BKU. +
+ voidsetSecondsAuthDataTimeOut(long seconds) + +
+          Sets the authDataTimeOut.
+ voidsetSecondsSessionTimeOut(long seconds) + +
+          Sets the sessionTimeOut.
+ StringstartAuthentication(String authURL, + String target, + String oaURL, + String templateURL, + String bkuURL, + String sessionID) + +
+          Processes the beginning of an authentication session. +
+ StringverifyAuthenticationBlock(String sessionID, + String xmlCreateXMLSignatureReadResponse) + +
+          Processes a <CreateXMLSignatureResponse> sent by the + security layer implementation.
+ StringverifyIdentityLink(String sessionID, + String xmlInfoboxReadResponse) + +
+          Processes an <InfoboxReadResponse> sent by the + security layer implementation.
+ + + + + + + +
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
+  +

+ + + + + + + + + + + +
+Constructor Detail
+ +

+AuthenticationServer

+
+public AuthenticationServer()
+
+
Constructor for AuthenticationServer. +

+

+ + + + + + + + +
+Method Detail
+ +

+getInstance

+
+public static AuthenticationServer getInstance()
+
+
Returns the single instance of AuthenticationServer. +

+

+ +
Returns:
the single instance of AuthenticationServer
+
+
+
+ +

+selectBKU

+
+public String selectBKU(String authURL,
+                        String target,
+                        String oaURL,
+                        String bkuSelectionTemplateURL,
+                        String templateURL)
+                 throws WrongParametersException,
+                        AuthenticationException,
+                        ConfigurationException,
+                        BuildException
+
+
Processes request to select a BKU. +
Processing depends on value of AuthConfigurationProvider#getBKUSelectionType. +
For bkuSelectionType==HTMLComplete, a returnURI for the + "BKU Auswahl" service is returned. +
For bkuSelectionType==HTMLSelect, an HTML form for BKU selection is returned. +

+

+
Parameters:
authURL - base URL of MOA-ID Auth component
target - "Geschäftsbereich"
oaURL - online application URL requested
bkuSelectionTemplateURL - template for BKU selection form to be used + in case of HTMLSelect; may be null
templateURL - URL providing an HTML template for the HTML form to be used + for call startAuthentication +
Returns:
for bkuSelectionType==HTMLComplete, the returnURI for the + "BKU Auswahl" service; + for bkuSelectionType==HTMLSelect, an HTML form for BKU selection +
Throws: +
WrongParametersException - upon missing parameters +
AuthenticationException - when the configured BKU selection service cannot be reached, + and when the given bkuSelectionTemplateURL cannot be reached +
ConfigurationException - on missing configuration data +
BuildException - while building the HTML form
+
+
+
+ +

+startAuthentication

+
+public String startAuthentication(String authURL,
+                                  String target,
+                                  String oaURL,
+                                  String templateURL,
+                                  String bkuURL,
+                                  String sessionID)
+                           throws WrongParametersException,
+                                  AuthenticationException,
+                                  ConfigurationException,
+                                  BuildException
+
+
Processes the beginning of an authentication session. +
    +
  • Starts an authentication session
  • +
  • Creates an <InfoboxReadRequest>
  • +
  • Creates an HTML form for querying the identity link from the + security layer implementation. +
    Form parameters include +
      +
    • the <InfoboxReadRequest>
    • +
    • the data URL where the security layer implementation sends it response to
    • +
    +
+

+

+
Parameters:
authURL - URL of the servlet to be used as data URL
target - "Geschäftsbereich" of the online application requested
oaURL - online application URL requested
bkuURL - URL of the "Bürgerkartenumgebung" to be used; + may be null; in this case, the default location will be used
templateURL - URL providing an HTML template for the HTML form generated +
Returns:
HTML form +
Throws: +
AuthenticationException +
WrongParametersException +
ConfigurationException +
BuildException
See Also:
GetIdentityLinkFormBuilder, +InfoboxReadRequestBuilder
+
+
+
+ +

+verifyIdentityLink

+
+public String verifyIdentityLink(String sessionID,
+                                 String xmlInfoboxReadResponse)
+                          throws AuthenticationException,
+                                 ParseException,
+                                 ConfigurationException,
+                                 ValidateException,
+                                 ServiceException
+
+
Processes an <InfoboxReadResponse> sent by the + security layer implementation.
+
    +
  • Validates given <InfoboxReadResponse>
  • +
  • Parses identity link enclosed in <InfoboxReadResponse>
  • +
  • Verifies identity link by calling the MOA SP component
  • +
  • Checks certificate authority of identity link
  • +
  • Stores identity link in the session
  • +
  • Creates an authentication block to be signed by the user
  • +
  • Creates and returns a <CreateXMLSignatureRequest> + containg the authentication block, meant to be returned to the + security layer implementation
  • +
+

+

+
Parameters:
sessionID - ID of associated authentication session data
xmlInfoboxReadResponse - String representation of the + <InfoboxReadResponse> +
Returns:
String representation of the <CreateXMLSignatureRequest> +
Throws: +
AuthenticationException +
ParseException +
ConfigurationException +
ValidateException +
ServiceException
+
+
+
+ +

+verifyAuthenticationBlock

+
+public String verifyAuthenticationBlock(String sessionID,
+                                        String xmlCreateXMLSignatureReadResponse)
+                                 throws AuthenticationException,
+                                        BuildException,
+                                        ParseException,
+                                        ConfigurationException,
+                                        ServiceException,
+                                        ValidateException
+
+
Processes a <CreateXMLSignatureResponse> sent by the + security layer implementation.
+
    +
  • Validates given <CreateXMLSignatureResponse>
  • +
  • Parses <CreateXMLSignatureResponse> for error codes
  • +
  • Parses authentication block enclosed in + <CreateXMLSignatureResponse>
  • +
  • Verifies authentication block by calling the MOA SP component
  • +
  • Creates authentication data
  • +
  • Creates a corresponding SAML artifact
  • +
  • Stores authentication data in the authentication data store + indexed by the SAML artifact
  • +
  • Deletes authentication session
  • +
  • Returns the SAML artifact, encoded BASE64
  • +
+

+

+
Parameters:
sessionID - session ID of the running authentication session
xmlCreateXMLSignatureReadResponse - String representation of the + <CreateXMLSignatureResponse> +
Returns:
SAML artifact needed for retrieving authentication data, encoded BASE64 +
Throws: +
AuthenticationException +
BuildException +
ParseException +
ConfigurationException +
ServiceException +
ValidateException
+
+
+
+ +

+getAuthenticationData

+
+public AuthenticationData getAuthenticationData(String samlArtifact)
+                                         throws AuthenticationException
+
+
Retrieves AuthenticationData indexed by the SAML artifact. + The AuthenticationData is deleted from the store upon end of this call. +

+

+ +
Returns:
AuthenticationData +
Throws: +
AuthenticationException
+
+
+
+ +

+getSession

+
+public static AuthenticationSession getSession(String id)
+                                        throws AuthenticationException
+
+
Retrieves a session from the session store. +

+

+
Parameters:
id - session ID +
Returns:
AuthenticationSession stored with given session ID, + null if session ID unknown +
Throws: +
AuthenticationException
+
+
+
+ +

+cleanup

+
+public void cleanup()
+
+
Cleans up expired session and authentication data stores. +

+

+
+
+
+
+ +

+setSecondsSessionTimeOut

+
+public void setSecondsSessionTimeOut(long seconds)
+
+
Sets the sessionTimeOut. +

+

+
+
+
+
+ +

+setSecondsAuthDataTimeOut

+
+public void setSecondsAuthDataTimeOut(long seconds)
+
+
Sets the authDataTimeOut. +

+

+
+
+
+
+ +

+debugOutputXMLFile

+
+public static void debugOutputXMLFile(String filename,
+                                      org.w3c.dom.Element rootElem)
+
+
Writes an XML structure to file for debugging purposes, encoding UTF-8. +

+

+
Parameters:
filename - file name
rootElem - root element in DOM tree
+
+
+
+ +

+debugOutputXMLFile

+
+public static void debugOutputXMLFile(String filename,
+                                      String xmlString)
+
+
Writes an XML structure to file for debugging purposes, encoding UTF-8. +

+

+
Parameters:
filename - file name
xmlString - XML string
+
+
+ +
+ + + + + + + + + + + + + + + + + + + +
+ +
+ + + +
+ + + diff --git a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/auth/class-use/AuthenticationServer.html b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/auth/class-use/AuthenticationServer.html new file mode 100644 index 000000000..53f0912b1 --- /dev/null +++ b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/auth/class-use/AuthenticationServer.html @@ -0,0 +1,172 @@ + + + + + + +Uses of Class at.gv.egovernment.moa.id.auth.AuthenticationServer (MOA ID API) + + + + + + + + + + + + + + + + + + + + + + + + + +
+ +
+ + + +
+
+

+Uses of Class
at.gv.egovernment.moa.id.auth.AuthenticationServer

+
+ + + + + + + + + +
+Packages that use AuthenticationServer
at.gv.egovernment.moa.id.auth  
+  +

+ + + + + +
+Uses of AuthenticationServer in at.gv.egovernment.moa.id.auth
+  +

+ + + + + + + + + +
Methods in at.gv.egovernment.moa.id.auth that return AuthenticationServer
+static AuthenticationServerAuthenticationServer.getInstance() + +
+          Returns the single instance of AuthenticationServer.
+  +

+


+ + + + + + + + + + + + + + + +
+ +
+ + + +
+ + + diff --git a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/auth/package-frame.html b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/auth/package-frame.html new file mode 100644 index 000000000..013ac6e16 --- /dev/null +++ b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/auth/package-frame.html @@ -0,0 +1,32 @@ + + + + + + +at.gv.egovernment.moa.id.auth (MOA ID API) + + + + + + + + + + + +at.gv.egovernment.moa.id.auth + + + + +
+Classes  + +
+AuthenticationServer
+ + + + diff --git a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/auth/package-summary.html b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/auth/package-summary.html new file mode 100644 index 000000000..1fadccfd1 --- /dev/null +++ b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/auth/package-summary.html @@ -0,0 +1,148 @@ + + + + + + +at.gv.egovernment.moa.id.auth (MOA ID API) + + + + + + + + + + + + + + + + + + + + + + + + + + +
+ +
+ + + +
+

+Package at.gv.egovernment.moa.id.auth +

+ + + + + + + + + +
+Class Summary
AuthenticationServerAPI for MOA ID Authentication Service.
+  + +

+


+ + + + + + + + + + + + + + + +
+ +
+ + + +
+ + + diff --git a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/auth/package-tree.html b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/auth/package-tree.html new file mode 100644 index 000000000..ed050ad9e --- /dev/null +++ b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/auth/package-tree.html @@ -0,0 +1,145 @@ + + + + + + +at.gv.egovernment.moa.id.auth Class Hierarchy (MOA ID API) + + + + + + + + + + + + + + + + + + + + + + + + + +
+ +
+ + + +
+
+

+Hierarchy For Package at.gv.egovernment.moa.id.auth +

+
+
+
Package Hierarchies:
All Packages
+
+

+Class Hierarchy +

+ +
+ + + + + + + + + + + + + + + +
+ +
+ + + +
+ + + diff --git a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/auth/package-use.html b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/auth/package-use.html new file mode 100644 index 000000000..54bd8b9fb --- /dev/null +++ b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/auth/package-use.html @@ -0,0 +1,162 @@ + + + + + + +Uses of Package at.gv.egovernment.moa.id.auth (MOA ID API) + + + + + + + + + + + + + + + + + + + + + + + + + +
+ +
+ + + +
+
+

+Uses of Package
at.gv.egovernment.moa.id.auth

+
+ + + + + + + + + +
+Packages that use at.gv.egovernment.moa.id.auth
at.gv.egovernment.moa.id.auth  
+  +

+ + + + + + + + +
+Classes in at.gv.egovernment.moa.id.auth used by at.gv.egovernment.moa.id.auth
AuthenticationServer + +
+          API for MOA ID Authentication Service.
+  +

+


+ + + + + + + + + + + + + + + +
+ +
+ + + +
+ + + diff --git a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/class-use/AuthenticationException.html b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/class-use/AuthenticationException.html new file mode 100644 index 000000000..d844f1ac0 --- /dev/null +++ b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/class-use/AuthenticationException.html @@ -0,0 +1,228 @@ + + + + + + +Uses of Class at.gv.egovernment.moa.id.AuthenticationException (MOA ID API) + + + + + + + + + + + + + + + + + + + + + + + + + +
+ +
+ + + +
+
+

+Uses of Class
at.gv.egovernment.moa.id.AuthenticationException

+
+ + + + + + + + + +
+Packages that use AuthenticationException
at.gv.egovernment.moa.id.auth  
+  +

+ + + + + +
+Uses of AuthenticationException in at.gv.egovernment.moa.id.auth
+  +

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Methods in at.gv.egovernment.moa.id.auth that throw AuthenticationException
+ StringAuthenticationServer.selectBKU(String authURL, + String target, + String oaURL, + String bkuSelectionTemplateURL, + String templateURL) + +
+          Processes request to select a BKU. +
+ StringAuthenticationServer.startAuthentication(String authURL, + String target, + String oaURL, + String templateURL, + String bkuURL, + String sessionID) + +
+          Processes the beginning of an authentication session. +
+ StringAuthenticationServer.verifyIdentityLink(String sessionID, + String xmlInfoboxReadResponse) + +
+          Processes an <InfoboxReadResponse> sent by the + security layer implementation.
+ StringAuthenticationServer.verifyAuthenticationBlock(String sessionID, + String xmlCreateXMLSignatureReadResponse) + +
+          Processes a <CreateXMLSignatureResponse> sent by the + security layer implementation.
+ AuthenticationDataAuthenticationServer.getAuthenticationData(String samlArtifact) + +
+          Retrieves AuthenticationData indexed by the SAML artifact. +
+static AuthenticationSessionAuthenticationServer.getSession(String id) + +
+          Retrieves a session from the session store.
+  +

+


+ + + + + + + + + + + + + + + +
+ +
+ + + +
+ + + diff --git a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/config/proxy/OAConfiguration.html b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/config/proxy/OAConfiguration.html new file mode 100644 index 000000000..afeb1a482 --- /dev/null +++ b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/config/proxy/OAConfiguration.html @@ -0,0 +1,613 @@ + + + + + + +OAConfiguration (MOA ID API) + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+ +
+ + + +
+ +

+ +at.gv.egovernment.moa.id.config.proxy +
+Class OAConfiguration

+
+java.lang.Object
+  extended byat.gv.egovernment.moa.id.config.proxy.OAConfiguration
+
+
+
+
public class OAConfiguration
extends Object
+ +

+Holds configuration data concerning an online application for use by the MOA-ID Proxy component. + These include the login type (stateful or stateless), the HTTP authentication type, + and information needed to add authentication parameters or headers for a URL connection + to the remote online application. +

+ +

+

+
See Also:
MOAIDConfiguration-1.1.xsd, element Configuration
+
+ +

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+Field Summary
+static StringBASIC_AUTH + +
+          Constant for an auth method
+static StringHEADER_AUTH + +
+          Constant for an auth method
+static StringLOGINTYPE_STATEFUL + +
+          Constant for an login method
+static StringLOGINTYPE_STATELESS + +
+          Constant for an login method
+static StringPARAM_AUTH + +
+          Constant for an auth method
+  + + + + + + + + + + +
+Constructor Summary
OAConfiguration() + +
+           
+  + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+Method Summary
+ StringgetAuthType() + +
+          Returns the authType.
+ StringgetBasicAuthPasswordMapping() + +
+          Returns the basicAuthPasswordMapping.
+ StringgetBasicAuthUserIDMapping() + +
+          Returns the basicAuthUserIDMapping.
+ MapgetHeaderAuthMapping() + +
+          Returns the headerAuthMapping.
+ StringgetLoginType() + +
+          Returns the loginType.
+ MapgetParamAuthMapping() + +
+          Returns the paramAuthMapping.
+ voidsetAuthType(String authLoginType) + +
+          Sets the authType.
+ voidsetBasicAuthPasswordMapping(String basicAuthPassword) + +
+          Sets the basicAuthPasswordMapping.
+ voidsetBasicAuthUserIDMapping(String basicAuthUserID) + +
+          Sets the basicAuthUserIDMapping.
+ voidsetHeaderAuthMapping(HashMap headerAuth) + +
+          Sets the headerAuthMapping.
+ voidsetLoginType(String loginType) + +
+          Sets the loginType.
+ voidsetParamAuthMapping(HashMap paramAuth) + +
+          Sets the paramAuthMapping.
+ + + + + + + +
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
+  +

+ + + + + + + + +
+Field Detail
+ +

+LOGINTYPE_STATEFUL

+
+public static final String LOGINTYPE_STATEFUL
+
+
Constant for an login method +

+

+
See Also:
Constant Field Values
+
+
+ +

+LOGINTYPE_STATELESS

+
+public static final String LOGINTYPE_STATELESS
+
+
Constant for an login method +

+

+
See Also:
Constant Field Values
+
+
+ +

+BASIC_AUTH

+
+public static final String BASIC_AUTH
+
+
Constant for an auth method +

+

+
See Also:
Constant Field Values
+
+
+ +

+HEADER_AUTH

+
+public static final String HEADER_AUTH
+
+
Constant for an auth method +

+

+
See Also:
Constant Field Values
+
+
+ +

+PARAM_AUTH

+
+public static final String PARAM_AUTH
+
+
Constant for an auth method +

+

+
See Also:
Constant Field Values
+
+ + + + + + + + +
+Constructor Detail
+ +

+OAConfiguration

+
+public OAConfiguration()
+
+
+ + + + + + + + +
+Method Detail
+ +

+getBasicAuthPasswordMapping

+
+public String getBasicAuthPasswordMapping()
+
+
Returns the basicAuthPasswordMapping. +

+

+ +
Returns:
String
+
+
+
+ +

+getBasicAuthUserIDMapping

+
+public String getBasicAuthUserIDMapping()
+
+
Returns the basicAuthUserIDMapping. +

+

+ +
Returns:
String
+
+
+
+ +

+getHeaderAuthMapping

+
+public Map getHeaderAuthMapping()
+
+
Returns the headerAuthMapping. +

+

+ +
Returns:
HashMap
+
+
+
+ +

+getLoginType

+
+public String getLoginType()
+
+
Returns the loginType. +

+

+ +
Returns:
String
+
+
+
+ +

+getParamAuthMapping

+
+public Map getParamAuthMapping()
+
+
Returns the paramAuthMapping. +

+

+ +
Returns:
HashMap
+
+
+
+ +

+setBasicAuthPasswordMapping

+
+public void setBasicAuthPasswordMapping(String basicAuthPassword)
+
+
Sets the basicAuthPasswordMapping. +

+

+
+
+
+
+ +

+setBasicAuthUserIDMapping

+
+public void setBasicAuthUserIDMapping(String basicAuthUserID)
+
+
Sets the basicAuthUserIDMapping. +

+

+
+
+
+
+ +

+setHeaderAuthMapping

+
+public void setHeaderAuthMapping(HashMap headerAuth)
+
+
Sets the headerAuthMapping. +

+

+
+
+
+
+ +

+setLoginType

+
+public void setLoginType(String loginType)
+
+
Sets the loginType. +

+

+
Parameters:
loginType - The loginType to set
+
+
+
+ +

+setParamAuthMapping

+
+public void setParamAuthMapping(HashMap paramAuth)
+
+
Sets the paramAuthMapping. +

+

+
+
+
+
+ +

+getAuthType

+
+public String getAuthType()
+
+
Returns the authType. +

+

+ +
Returns:
String
+
+
+
+ +

+setAuthType

+
+public void setAuthType(String authLoginType)
+
+
Sets the authType. +

+

+
+
+
+ +
+ + + + + + + + + + + + + + + + + + + +
+ +
+ + + +
+ + + diff --git a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/config/proxy/class-use/OAConfiguration.html b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/config/proxy/class-use/OAConfiguration.html new file mode 100644 index 000000000..5e33084ad --- /dev/null +++ b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/config/proxy/class-use/OAConfiguration.html @@ -0,0 +1,184 @@ + + + + + + +Uses of Class at.gv.egovernment.moa.id.config.proxy.OAConfiguration (MOA ID API) + + + + + + + + + + + + + + + + + + + + + + + + + +
+ +
+ + + +
+
+

+Uses of Class
at.gv.egovernment.moa.id.config.proxy.OAConfiguration

+
+ + + + + + + + + +
+Packages that use OAConfiguration
at.gv.egovernment.moa.id.proxy  
+  +

+ + + + + +
+Uses of OAConfiguration in at.gv.egovernment.moa.id.proxy
+  +

+ + + + + + + + + + + + + +
Methods in at.gv.egovernment.moa.id.proxy with parameters of type OAConfiguration
+ MapLoginParameterResolver.getAuthenticationHeaders(OAConfiguration oaConf, + AuthenticationData authData, + String clientIPAddress) + +
+          Returns authentication headers to be added to a URLConnection.
+ MapLoginParameterResolver.getAuthenticationParameters(OAConfiguration oaConf, + AuthenticationData authData, + String clientIPAddress) + +
+          Returns request parameters to be added to a URLConnection.
+  +

+


+ + + + + + + + + + + + + + + +
+ +
+ + + +
+ + + diff --git a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/config/proxy/package-frame.html b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/config/proxy/package-frame.html new file mode 100644 index 000000000..442356ce1 --- /dev/null +++ b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/config/proxy/package-frame.html @@ -0,0 +1,32 @@ + + + + + + +at.gv.egovernment.moa.id.config.proxy (MOA ID API) + + + + + + + + + + + +at.gv.egovernment.moa.id.config.proxy + + + + +
+Classes  + +
+OAConfiguration
+ + + + diff --git a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/config/proxy/package-summary.html b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/config/proxy/package-summary.html new file mode 100644 index 000000000..482aecc48 --- /dev/null +++ b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/config/proxy/package-summary.html @@ -0,0 +1,149 @@ + + + + + + +at.gv.egovernment.moa.id.config.proxy (MOA ID API) + + + + + + + + + + + + + + + + + + + + + + + + + + +
+ +
+ + + +
+

+Package at.gv.egovernment.moa.id.config.proxy +

+ + + + + + + + + +
+Class Summary
OAConfigurationHolds configuration data concerning an online application for use by the MOA-ID Proxy component. +
+  + +

+


+ + + + + + + + + + + + + + + +
+ +
+ + + +
+ + + diff --git a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/config/proxy/package-tree.html b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/config/proxy/package-tree.html new file mode 100644 index 000000000..e66568757 --- /dev/null +++ b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/config/proxy/package-tree.html @@ -0,0 +1,145 @@ + + + + + + +at.gv.egovernment.moa.id.config.proxy Class Hierarchy (MOA ID API) + + + + + + + + + + + + + + + + + + + + + + + + + +
+ +
+ + + +
+
+

+Hierarchy For Package at.gv.egovernment.moa.id.config.proxy +

+
+
+
Package Hierarchies:
All Packages
+
+

+Class Hierarchy +

+ +
+ + + + + + + + + + + + + + + +
+ +
+ + + +
+ + + diff --git a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/config/proxy/package-use.html b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/config/proxy/package-use.html new file mode 100644 index 000000000..184fcb226 --- /dev/null +++ b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/config/proxy/package-use.html @@ -0,0 +1,163 @@ + + + + + + +Uses of Package at.gv.egovernment.moa.id.config.proxy (MOA ID API) + + + + + + + + + + + + + + + + + + + + + + + + + +
+ +
+ + + +
+
+

+Uses of Package
at.gv.egovernment.moa.id.config.proxy

+
+ + + + + + + + + +
+Packages that use at.gv.egovernment.moa.id.config.proxy
at.gv.egovernment.moa.id.proxy  
+  +

+ + + + + + + + +
+Classes in at.gv.egovernment.moa.id.config.proxy used by at.gv.egovernment.moa.id.proxy
OAConfiguration + +
+          Holds configuration data concerning an online application for use by the MOA-ID Proxy component. +
+  +

+


+ + + + + + + + + + + + + + + +
+ +
+ + + +
+ + + diff --git a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/data/AuthenticationData.html b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/data/AuthenticationData.html new file mode 100644 index 000000000..d6bc30647 --- /dev/null +++ b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/data/AuthenticationData.html @@ -0,0 +1,906 @@ + + + + + + +AuthenticationData (MOA ID API) + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+ +
+ + + +
+ +

+ +at.gv.egovernment.moa.id.data +
+Class AuthenticationData

+
+java.lang.Object
+  extended byat.gv.egovernment.moa.id.data.AuthenticationData
+
+
+
+
public class AuthenticationData
extends Object
+ +

+Encapsulates authentication data contained in a <saml:Assertion>. +

+ +

+


+ +

+ + + + + + + + + + + + + + + + +
+Constructor Summary
AuthenticationData() + +
+          Constructor for AuthenticationData.
+  + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+Method Summary
+ StringgetAssertionID() + +
+          Returns the assertionID.
+ StringgetDateOfBirth() + +
+          Returns the dateOfBirth.
+ StringgetFamilyName() + +
+          Returns the familyName.
+ StringgetGivenName() + +
+          Returns the givenName.
+ StringgetIdentificationType() + +
+          Returns the identificationType
+ StringgetIdentificationValue() + +
+          Returns the identificationValue.
+ StringgetIssueInstant() + +
+          Returns the issueInstant.
+ StringgetIssuer() + +
+          Returns the issuer.
+ intgetMajorVersion() + +
+          Returns the majorVersion.
+ intgetMinorVersion() + +
+          Returns the minorVersion.
+ StringgetPBK() + +
+          Returns the bPK.
+ StringgetPublicAuthorityCode() + +
+          Returns the publicAuthorityCode.
+ StringgetSamlAssertion() + +
+          Returns the samlAssertion.
+ DategetTimestamp() + +
+          Returns the timestamp.
+ booleanisPublicAuthority() + +
+          Returns the publicAuthority.
+ booleanisQualifiedCertificate() + +
+          Returns the qualifiedCertificate.
+ voidsetAssertionID(String assertionID) + +
+          Sets the assertionID.
+ voidsetDateOfBirth(String dateOfBirth) + +
+          Sets the dateOfBirth.
+ voidsetFamilyName(String gamilyName) + +
+          Sets the familyName.
+ voidsetGivenName(String givenName) + +
+          Sets the givenName.
+ voidsetIdentificationType(String identificationType) + +
+          Sets the identificationType.
+ voidsetIdentificationValue(String identificationValue) + +
+          Sets the identificationValue.
+ voidsetIssueInstant(String issueInstant) + +
+          Sets the issueInstant.
+ voidsetIssuer(String issuer) + +
+          Sets the issuer.
+ voidsetMajorVersion(int majorVersion) + +
+          Sets the majorVersion.
+ voidsetMinorVersion(int minorVersion) + +
+          Sets the minorVersion.
+ voidsetPBK(String bPK) + +
+          Sets the bPK.
+ voidsetPublicAuthority(boolean publicAuthority) + +
+          Sets the publicAuthority.
+ voidsetPublicAuthorityCode(String publicAuthorityIdentification) + +
+          Sets the publicAuthorityCode.
+ voidsetQualifiedCertificate(boolean qualifiedCertificate) + +
+          Sets the qualifiedCertificate.
+ voidsetSamlAssertion(String samlAssertion) + +
+          Sets the samlAssertion.
+ + + + + + + +
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
+  +

+ + + + + + + + + + + +
+Constructor Detail
+ +

+AuthenticationData

+
+public AuthenticationData()
+
+
Constructor for AuthenticationData. +

+

+ + + + + + + + +
+Method Detail
+ +

+getMinorVersion

+
+public int getMinorVersion()
+
+
Returns the minorVersion. +

+

+ +
Returns:
int
+
+
+
+ +

+isPublicAuthority

+
+public boolean isPublicAuthority()
+
+
Returns the publicAuthority. +

+

+ +
Returns:
boolean
+
+
+
+ +

+getPublicAuthorityCode

+
+public String getPublicAuthorityCode()
+
+
Returns the publicAuthorityCode. +

+

+ +
Returns:
String
+
+
+
+ +

+isQualifiedCertificate

+
+public boolean isQualifiedCertificate()
+
+
Returns the qualifiedCertificate. +

+

+ +
Returns:
boolean
+
+
+
+ +

+getPBK

+
+public String getPBK()
+
+
Returns the bPK. +

+

+ +
Returns:
String
+
+
+
+ +

+setMinorVersion

+
+public void setMinorVersion(int minorVersion)
+
+
Sets the minorVersion. +

+

+
Parameters:
minorVersion - The minorVersion to set
+
+
+
+ +

+setPublicAuthority

+
+public void setPublicAuthority(boolean publicAuthority)
+
+
Sets the publicAuthority. +

+

+
Parameters:
publicAuthority - The publicAuthority to set
+
+
+
+ +

+setPublicAuthorityCode

+
+public void setPublicAuthorityCode(String publicAuthorityIdentification)
+
+
Sets the publicAuthorityCode. +

+

+
+
+
+
+ +

+setQualifiedCertificate

+
+public void setQualifiedCertificate(boolean qualifiedCertificate)
+
+
Sets the qualifiedCertificate. +

+

+
Parameters:
qualifiedCertificate - The qualifiedCertificate to set
+
+
+
+ +

+setPBK

+
+public void setPBK(String bPK)
+
+
Sets the bPK. +

+

+
Parameters:
bPK - The bPK to set
+
+
+
+ +

+getAssertionID

+
+public String getAssertionID()
+
+
Returns the assertionID. +

+

+ +
Returns:
String
+
+
+
+ +

+getDateOfBirth

+
+public String getDateOfBirth()
+
+
Returns the dateOfBirth. +

+

+ +
Returns:
String
+
+
+
+ +

+getFamilyName

+
+public String getFamilyName()
+
+
Returns the familyName. +

+

+ +
Returns:
String
+
+
+
+ +

+getGivenName

+
+public String getGivenName()
+
+
Returns the givenName. +

+

+ +
Returns:
String
+
+
+
+ +

+getIdentificationValue

+
+public String getIdentificationValue()
+
+
Returns the identificationValue. +

+

+ +
Returns:
String
+
+
+
+ +

+getIdentificationType

+
+public String getIdentificationType()
+
+
Returns the identificationType +

+

+ +
Returns:
String
+
+
+
+ +

+getIssueInstant

+
+public String getIssueInstant()
+
+
Returns the issueInstant. +

+

+ +
Returns:
String
+
+
+
+ +

+getIssuer

+
+public String getIssuer()
+
+
Returns the issuer. +

+

+ +
Returns:
String
+
+
+
+ +

+getMajorVersion

+
+public int getMajorVersion()
+
+
Returns the majorVersion. +

+

+ +
Returns:
int
+
+
+
+ +

+setAssertionID

+
+public void setAssertionID(String assertionID)
+
+
Sets the assertionID. +

+

+
Parameters:
assertionID - The assertionID to set
+
+
+
+ +

+setDateOfBirth

+
+public void setDateOfBirth(String dateOfBirth)
+
+
Sets the dateOfBirth. +

+

+
Parameters:
dateOfBirth - The dateOfBirth to set
+
+
+
+ +

+setFamilyName

+
+public void setFamilyName(String gamilyName)
+
+
Sets the familyName. +

+

+
+
+
+
+ +

+setGivenName

+
+public void setGivenName(String givenName)
+
+
Sets the givenName. +

+

+
Parameters:
givenName - The givenName to set
+
+
+
+ +

+setIdentificationValue

+
+public void setIdentificationValue(String identificationValue)
+
+
Sets the identificationValue. +

+

+
Parameters:
identificationValue - The identificationValue to set
+
+
+
+ +

+setIdentificationType

+
+public void setIdentificationType(String identificationType)
+
+
Sets the identificationType. +

+

+
Parameters:
identificationType - The identificationType to set
+
+
+
+ +

+setIssueInstant

+
+public void setIssueInstant(String issueInstant)
+
+
Sets the issueInstant. +

+

+
Parameters:
issueInstant - The issueInstant to set
+
+
+
+ +

+setIssuer

+
+public void setIssuer(String issuer)
+
+
Sets the issuer. +

+

+
Parameters:
issuer - The issuer to set
+
+
+
+ +

+setMajorVersion

+
+public void setMajorVersion(int majorVersion)
+
+
Sets the majorVersion. +

+

+
Parameters:
majorVersion - The majorVersion to set
+
+
+
+ +

+getSamlAssertion

+
+public String getSamlAssertion()
+
+
Returns the samlAssertion. +

+

+ +
Returns:
String
+
+
+
+ +

+setSamlAssertion

+
+public void setSamlAssertion(String samlAssertion)
+
+
Sets the samlAssertion. +

+

+
Parameters:
samlAssertion - The samlAssertion to set
+
+
+
+ +

+getTimestamp

+
+public Date getTimestamp()
+
+
Returns the timestamp. +

+

+ +
Returns:
Date
+
+
+ +
+ + + + + + + + + + + + + + + + + + + +
+ +
+ + + +
+ + + diff --git a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/data/class-use/AuthenticationData.html b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/data/class-use/AuthenticationData.html new file mode 100644 index 000000000..44c47942a --- /dev/null +++ b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/data/class-use/AuthenticationData.html @@ -0,0 +1,214 @@ + + + + + + +Uses of Class at.gv.egovernment.moa.id.data.AuthenticationData (MOA ID API) + + + + + + + + + + + + + + + + + + + + + + + + + +
+ +
+ + + +
+
+

+Uses of Class
at.gv.egovernment.moa.id.data.AuthenticationData

+
+ + + + + + + + + + + + + +
+Packages that use AuthenticationData
at.gv.egovernment.moa.id.auth  
at.gv.egovernment.moa.id.proxy  
+  +

+ + + + + +
+Uses of AuthenticationData in at.gv.egovernment.moa.id.auth
+  +

+ + + + + + + + + +
Methods in at.gv.egovernment.moa.id.auth that return AuthenticationData
+ AuthenticationDataAuthenticationServer.getAuthenticationData(String samlArtifact) + +
+          Retrieves AuthenticationData indexed by the SAML artifact. +
+  +

+ + + + + +
+Uses of AuthenticationData in at.gv.egovernment.moa.id.proxy
+  +

+ + + + + + + + + + + + + +
Methods in at.gv.egovernment.moa.id.proxy with parameters of type AuthenticationData
+ MapLoginParameterResolver.getAuthenticationHeaders(OAConfiguration oaConf, + AuthenticationData authData, + String clientIPAddress) + +
+          Returns authentication headers to be added to a URLConnection.
+ MapLoginParameterResolver.getAuthenticationParameters(OAConfiguration oaConf, + AuthenticationData authData, + String clientIPAddress) + +
+          Returns request parameters to be added to a URLConnection.
+  +

+


+ + + + + + + + + + + + + + + +
+ +
+ + + +
+ + + diff --git a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/data/package-frame.html b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/data/package-frame.html new file mode 100644 index 000000000..b3be4f39a --- /dev/null +++ b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/data/package-frame.html @@ -0,0 +1,32 @@ + + + + + + +at.gv.egovernment.moa.id.data (MOA ID API) + + + + + + + + + + + +at.gv.egovernment.moa.id.data + + + + +
+Classes  + +
+AuthenticationData
+ + + + diff --git a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/data/package-summary.html b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/data/package-summary.html new file mode 100644 index 000000000..28b8dd351 --- /dev/null +++ b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/data/package-summary.html @@ -0,0 +1,148 @@ + + + + + + +at.gv.egovernment.moa.id.data (MOA ID API) + + + + + + + + + + + + + + + + + + + + + + + + + + +
+ +
+ + + +
+

+Package at.gv.egovernment.moa.id.data +

+ + + + + + + + + +
+Class Summary
AuthenticationDataEncapsulates authentication data contained in a <saml:Assertion>.
+  + +

+


+ + + + + + + + + + + + + + + +
+ +
+ + + +
+ + + diff --git a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/data/package-tree.html b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/data/package-tree.html new file mode 100644 index 000000000..6911edcdb --- /dev/null +++ b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/data/package-tree.html @@ -0,0 +1,145 @@ + + + + + + +at.gv.egovernment.moa.id.data Class Hierarchy (MOA ID API) + + + + + + + + + + + + + + + + + + + + + + + + + +
+ +
+ + + +
+
+

+Hierarchy For Package at.gv.egovernment.moa.id.data +

+
+
+
Package Hierarchies:
All Packages
+
+

+Class Hierarchy +

+ +
+ + + + + + + + + + + + + + + +
+ +
+ + + +
+ + + diff --git a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/data/package-use.html b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/data/package-use.html new file mode 100644 index 000000000..c90a703c9 --- /dev/null +++ b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/data/package-use.html @@ -0,0 +1,181 @@ + + + + + + +Uses of Package at.gv.egovernment.moa.id.data (MOA ID API) + + + + + + + + + + + + + + + + + + + + + + + + + +
+ +
+ + + +
+
+

+Uses of Package
at.gv.egovernment.moa.id.data

+
+ + + + + + + + + + + + + +
+Packages that use at.gv.egovernment.moa.id.data
at.gv.egovernment.moa.id.auth  
at.gv.egovernment.moa.id.proxy  
+  +

+ + + + + + + + +
+Classes in at.gv.egovernment.moa.id.data used by at.gv.egovernment.moa.id.auth
AuthenticationData + +
+          Encapsulates authentication data contained in a <saml:Assertion>.
+  +

+ + + + + + + + +
+Classes in at.gv.egovernment.moa.id.data used by at.gv.egovernment.moa.id.proxy
AuthenticationData + +
+          Encapsulates authentication data contained in a <saml:Assertion>.
+  +

+


+ + + + + + + + + + + + + + + +
+ +
+ + + +
+ + + diff --git a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/package-frame.html b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/package-frame.html new file mode 100644 index 000000000..9c4352356 --- /dev/null +++ b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/package-frame.html @@ -0,0 +1,32 @@ + + + + + + +at.gv.egovernment.moa.id (MOA ID API) + + + + + + + + + + + +at.gv.egovernment.moa.id + + + + +
+Classes  + +
+AuthenticationException
+ + + + diff --git a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/package-summary.html b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/package-summary.html new file mode 100644 index 000000000..3750976f2 --- /dev/null +++ b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/package-summary.html @@ -0,0 +1,148 @@ + + + + + + +at.gv.egovernment.moa.id (MOA ID API) + + + + + + + + + + + + + + + + + + + + + + + + + + +
+ +
+ + + +
+

+Package at.gv.egovernment.moa.id +

+ + + + + + + + + +
+Class Summary
AuthenticationExceptionException thrown during handling of AuthenticationSession
+  + +

+


+ + + + + + + + + + + + + + + +
+ +
+ + + +
+ + + diff --git a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/package-tree.html b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/package-tree.html new file mode 100644 index 000000000..ebf3b1498 --- /dev/null +++ b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/package-tree.html @@ -0,0 +1,147 @@ + + + + + + +at.gv.egovernment.moa.id Class Hierarchy (MOA ID API) + + + + + + + + + + + + + + + + + + + + + + + + + +
+ +
+ + + +
+
+

+Hierarchy For Package at.gv.egovernment.moa.id +

+
+
+
Package Hierarchies:
All Packages
+
+

+Class Hierarchy +

+ +
+ + + + + + + + + + + + + + + +
+ +
+ + + +
+ + + diff --git a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/package-use.html b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/package-use.html new file mode 100644 index 000000000..bc895c974 --- /dev/null +++ b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/package-use.html @@ -0,0 +1,162 @@ + + + + + + +Uses of Package at.gv.egovernment.moa.id (MOA ID API) + + + + + + + + + + + + + + + + + + + + + + + + + +
+ +
+ + + +
+
+

+Uses of Package
at.gv.egovernment.moa.id

+
+ + + + + + + + + +
+Packages that use at.gv.egovernment.moa.id
at.gv.egovernment.moa.id.auth  
+  +

+ + + + + + + + +
+Classes in at.gv.egovernment.moa.id used by at.gv.egovernment.moa.id.auth
AuthenticationException + +
+          Exception thrown during handling of AuthenticationSession
+  +

+


+ + + + + + + + + + + + + + + +
+ +
+ + + +
+ + + diff --git a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/ConnectionBuilder.html b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/ConnectionBuilder.html new file mode 100644 index 000000000..398be7e71 --- /dev/null +++ b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/ConnectionBuilder.html @@ -0,0 +1,249 @@ + + + + + + +ConnectionBuilder (MOA ID API) + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+ +
+ + + +
+ +

+ +at.gv.egovernment.moa.id.proxy +
+Interface ConnectionBuilder

+
+
+
public interface ConnectionBuilder
+ +

+Builder for URLConnection objects used to forward requests + to the remote online application. +

+ +

+


+ +

+ + + + + + + + + + + + + + + + + + + + +
+Method Summary
+ HttpURLConnectionbuildConnection(javax.servlet.http.HttpServletRequest request, + String publicURLPrefix, + String realURLPrefix, + javax.net.ssl.SSLSocketFactory sslSocketFactory, + Map parameters) + +
+          Builds an HttpURLConnection to a URL which is derived + from an HttpServletRequest URL, by substitution of a + public URL prefix for the real URL prefix.
+  +

+ + + + + + + + + + + + + + +
+Method Detail
+ +

+buildConnection

+
+public HttpURLConnection buildConnection(javax.servlet.http.HttpServletRequest request,
+                                         String publicURLPrefix,
+                                         String realURLPrefix,
+                                         javax.net.ssl.SSLSocketFactory sslSocketFactory,
+                                         Map parameters)
+                                  throws IOException
+
+
Builds an HttpURLConnection to a URL which is derived + from an HttpServletRequest URL, by substitution of a + public URL prefix for the real URL prefix.
+ The HttpURLConnection has been created by URL.openConnection(), but + it has not yet been connected to by URLConnection.connect().
+ The field settings of the HttpURLConnection are: +
    +
  • allowUserInteraction = false
  • +
  • doInput = true
  • +
  • doOutput = true
  • +
  • requestMethod = request.getMethod()
  • +
  • useCaches = false
  • +
+

+

+
Parameters:
request - the incoming request which shall be forwarded
publicURLPrefix - the public URL prefix to be substituted by the real URL prefix
realURLPrefix - the URL prefix to substitute the public URL prefix
sslSocketFactory - factory to be used for creating an SSL socket in case + of a URL for scheme "https:"; +
if null, the default SSL socket factory would be used
parameters - parameters to be forwarded +
Returns:
a URLConnection created by URL.openConnection(), connecting to + the requested URL with publicURLPrefix substituted by realURLPrefix +
Throws: +
IOException - if an I/O exception occurs during opening the connection
See Also:
URL.openConnection(), +com.sun.net.ssl.HttpsURLConnection#getDefaultSSLSocketFactory()
+
+
+ +
+ + + + + + + + + + + + + + + + + + + +
+ +
+ + + +
+ + + diff --git a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/LoginParameterResolver.html b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/LoginParameterResolver.html new file mode 100644 index 000000000..0b2926e55 --- /dev/null +++ b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/LoginParameterResolver.html @@ -0,0 +1,506 @@ + + + + + + +LoginParameterResolver (MOA ID API) + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+ +
+ + + +
+ +

+ +at.gv.egovernment.moa.id.proxy +
+Interface LoginParameterResolver

+
+
+
public interface LoginParameterResolver
+ +

+Determines authentication parameters and headers to be added to a URLConnection + to the remote online application. + Utilizes OAConfiguration and AuthenticationData. +

+ +

+


+ +

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+Field Summary
+static StringMOABKZ + +
+          Constant used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType
+static StringMOABPK + +
+          Constant used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType
+static StringMOADateOfBirth + +
+          Constant used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType
+static StringMOAFamilyName + +
+          Constant used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType
+static StringMOAGivenName + +
+          Constants used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType, + naming predicates used by the LoginParameterResolver.
+static StringMOAIdentificationValueType + +
+          Constant used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType
+static StringMOAIPAddress + +
+          Constant used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType
+static StringMOAPublicAuthority + +
+          Constant used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType
+static StringMOAQualifiedCertificate + +
+          Constant used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType
+static StringMOAStammzahl + +
+          Constant used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType
+  + + + + + + + + + + + + + + + + + + + + + + +
+Method Summary
+ voidconfigure(String configuration) + +
+           
+ MapgetAuthenticationHeaders(OAConfiguration oaConf, + AuthenticationData authData, + String clientIPAddress) + +
+          Returns authentication headers to be added to a URLConnection.
+ MapgetAuthenticationParameters(OAConfiguration oaConf, + AuthenticationData authData, + String clientIPAddress) + +
+          Returns request parameters to be added to a URLConnection.
+  +

+ + + + + + + + +
+Field Detail
+ +

+MOAGivenName

+
+public static final String MOAGivenName
+
+
Constants used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType, + naming predicates used by the LoginParameterResolver. +

+

+
See Also:
Constant Field Values
+
+
+ +

+MOAFamilyName

+
+public static final String MOAFamilyName
+
+
Constant used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType +

+

+
See Also:
Constant Field Values
+
+
+ +

+MOADateOfBirth

+
+public static final String MOADateOfBirth
+
+
Constant used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType +

+

+
See Also:
Constant Field Values
+
+
+ +

+MOABPK

+
+public static final String MOABPK
+
+
Constant used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType +

+

+
See Also:
Constant Field Values
+
+
+ +

+MOAPublicAuthority

+
+public static final String MOAPublicAuthority
+
+
Constant used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType +

+

+
See Also:
Constant Field Values
+
+
+ +

+MOABKZ

+
+public static final String MOABKZ
+
+
Constant used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType +

+

+
See Also:
Constant Field Values
+
+
+ +

+MOAQualifiedCertificate

+
+public static final String MOAQualifiedCertificate
+
+
Constant used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType +

+

+
See Also:
Constant Field Values
+
+
+ +

+MOAStammzahl

+
+public static final String MOAStammzahl
+
+
Constant used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType +

+

+
See Also:
Constant Field Values
+
+
+ +

+MOAIdentificationValueType

+
+public static final String MOAIdentificationValueType
+
+
Constant used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType +

+

+
See Also:
Constant Field Values
+
+
+ +

+MOAIPAddress

+
+public static final String MOAIPAddress
+
+
Constant used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType +

+

+
See Also:
Constant Field Values
+
+ + + + + + + + + + + +
+Method Detail
+ +

+getAuthenticationHeaders

+
+public Map getAuthenticationHeaders(OAConfiguration oaConf,
+                                    AuthenticationData authData,
+                                    String clientIPAddress)
+                             throws LoginParameterResolverException,
+                                    NotAllowedException
+
+
Returns authentication headers to be added to a URLConnection. +

+

+
Parameters:
oaConf - configuration data
authData - authentication data
clientIPAddress - client IP address +
Returns:
A map, the keys being header names and values being corresponding header values. +
In case of authentication type "basic-auth", header fields + username and password. +
In case of authentication type "header-auth", header fields + derived from parameter mapping and authentication data provided. +
Otherwise, an empty map. +
Throws: +
LoginParameterResolverException +
NotAllowedException
+
+
+
+ +

+getAuthenticationParameters

+
+public Map getAuthenticationParameters(OAConfiguration oaConf,
+                                       AuthenticationData authData,
+                                       String clientIPAddress)
+                                throws LoginParameterResolverException
+
+
Returns request parameters to be added to a URLConnection. +

+

+
Parameters:
oaConf - configuration data
authData - authentication data
clientIPAddress - client IP address +
Returns:
A map, the keys being parameter names and values being corresponding parameter values. +
In case of authentication type "param-auth", parameters + derived from parameter mapping and authentication data provided. +
Otherwise, an empty map. +
Throws: +
LoginParameterResolverException
+
+
+
+ +

+configure

+
+public void configure(String configuration)
+               throws LoginParameterResolverException,
+                      NotAllowedException
+
+
+ +
Throws: +
LoginParameterResolverException +
NotAllowedException
+
+
+ +
+ + + + + + + + + + + + + + + + + + + +
+ +
+ + + +
+ + + diff --git a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/LoginParameterResolverException.html b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/LoginParameterResolverException.html new file mode 100644 index 000000000..fd4dd84d2 --- /dev/null +++ b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/LoginParameterResolverException.html @@ -0,0 +1,251 @@ + + + + + + +LoginParameterResolverException (MOA ID API) + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+ +
+ + + +
+ +

+ +at.gv.egovernment.moa.id.proxy +
+Class LoginParameterResolverException

+
+java.lang.Object
+  extended byMOAIDException
+      extended byat.gv.egovernment.moa.id.proxy.LoginParameterResolverException
+
+
+
+
public class LoginParameterResolverException
extends MOAIDException
+ +

+Exception thrown while proxying a request to the online application +

+ +

+

+
See Also:
Serialized Form
+
+ +

+ + + + + + + + + + + + + + + + + + + +
+Constructor Summary
LoginParameterResolverException(String messageId, + Object[] parameters) + +
+          Constructor for LoginParameterResolverException.
LoginParameterResolverException(String messageId, + Object[] parameters, + Throwable wrapped) + +
+          Constructor for LoginParameterResolverException.
+  + + + + + + + + + + +
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
+  +

+ + + + + + + + + + + +
+Constructor Detail
+ +

+LoginParameterResolverException

+
+public LoginParameterResolverException(String messageId,
+                                       Object[] parameters)
+
+
Constructor for LoginParameterResolverException. +

+

Parameters:
messageId -
parameters -
+
+ +

+LoginParameterResolverException

+
+public LoginParameterResolverException(String messageId,
+                                       Object[] parameters,
+                                       Throwable wrapped)
+
+
Constructor for LoginParameterResolverException. +

+

Parameters:
messageId -
parameters -
wrapped -
+ + + + +
+ + + + + + + + + + + + + + + + + + + +
+ +
+ + + +
+ + + diff --git a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/NotAllowedException.html b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/NotAllowedException.html new file mode 100644 index 000000000..7c01bd12f --- /dev/null +++ b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/NotAllowedException.html @@ -0,0 +1,253 @@ + + + + + + +NotAllowedException (MOA ID API) + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+ +
+ + + +
+ +

+ +at.gv.egovernment.moa.id.proxy +
+Class NotAllowedException

+
+java.lang.Object
+  extended byMOAIDException
+      extended byat.gv.egovernment.moa.id.proxy.NotAllowedException
+
+
+
+
public class NotAllowedException
extends MOAIDException
+ +

+Exception thrown while proxying a request to the online application + Reason for this exception: the dedicated LoginParameterResolver does + not allow access to the desired ressource. +

+ +

+

+
See Also:
Serialized Form
+
+ +

+ + + + + + + + + + + + + + + + + + + +
+Constructor Summary
NotAllowedException(String messageId, + Object[] parameters) + +
+          Constructor for NotAllowedException.
NotAllowedException(String messageId, + Object[] parameters, + Throwable wrapped) + +
+          Constructor for NotAllowedException.
+  + + + + + + + + + + +
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
+  +

+ + + + + + + + + + + +
+Constructor Detail
+ +

+NotAllowedException

+
+public NotAllowedException(String messageId,
+                           Object[] parameters)
+
+
Constructor for NotAllowedException. +

+

Parameters:
messageId -
parameters -
+
+ +

+NotAllowedException

+
+public NotAllowedException(String messageId,
+                           Object[] parameters,
+                           Throwable wrapped)
+
+
Constructor for NotAllowedException. +

+

Parameters:
messageId -
parameters -
wrapped -
+ + + + +
+ + + + + + + + + + + + + + + + + + + +
+ +
+ + + +
+ + + diff --git a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/class-use/ConnectionBuilder.html b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/class-use/ConnectionBuilder.html new file mode 100644 index 000000000..69af13810 --- /dev/null +++ b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/class-use/ConnectionBuilder.html @@ -0,0 +1,136 @@ + + + + + + +Uses of Interface at.gv.egovernment.moa.id.proxy.ConnectionBuilder (MOA ID API) + + + + + + + + + + + + + + + + + + + + + + + + + +
+ +
+ + + +
+
+

+Uses of Interface
at.gv.egovernment.moa.id.proxy.ConnectionBuilder

+
+No usage of at.gv.egovernment.moa.id.proxy.ConnectionBuilder +

+


+ + + + + + + + + + + + + + + +
+ +
+ + + +
+ + + diff --git a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/class-use/LoginParameterResolver.html b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/class-use/LoginParameterResolver.html new file mode 100644 index 000000000..aca06fa02 --- /dev/null +++ b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/class-use/LoginParameterResolver.html @@ -0,0 +1,136 @@ + + + + + + +Uses of Interface at.gv.egovernment.moa.id.proxy.LoginParameterResolver (MOA ID API) + + + + + + + + + + + + + + + + + + + + + + + + + +
+ +
+ + + +
+
+

+Uses of Interface
at.gv.egovernment.moa.id.proxy.LoginParameterResolver

+
+No usage of at.gv.egovernment.moa.id.proxy.LoginParameterResolver +

+


+ + + + + + + + + + + + + + + +
+ +
+ + + +
+ + + diff --git a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/class-use/LoginParameterResolverException.html b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/class-use/LoginParameterResolverException.html new file mode 100644 index 000000000..ccd7d50cf --- /dev/null +++ b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/class-use/LoginParameterResolverException.html @@ -0,0 +1,192 @@ + + + + + + +Uses of Class at.gv.egovernment.moa.id.proxy.LoginParameterResolverException (MOA ID API) + + + + + + + + + + + + + + + + + + + + + + + + + +
+ +
+ + + +
+
+

+Uses of Class
at.gv.egovernment.moa.id.proxy.LoginParameterResolverException

+
+ + + + + + + + + +
+Packages that use LoginParameterResolverException
at.gv.egovernment.moa.id.proxy  
+  +

+ + + + + +
+Uses of LoginParameterResolverException in at.gv.egovernment.moa.id.proxy
+  +

+ + + + + + + + + + + + + + + + + +
Methods in at.gv.egovernment.moa.id.proxy that throw LoginParameterResolverException
+ MapLoginParameterResolver.getAuthenticationHeaders(OAConfiguration oaConf, + AuthenticationData authData, + String clientIPAddress) + +
+          Returns authentication headers to be added to a URLConnection.
+ MapLoginParameterResolver.getAuthenticationParameters(OAConfiguration oaConf, + AuthenticationData authData, + String clientIPAddress) + +
+          Returns request parameters to be added to a URLConnection.
+ voidLoginParameterResolver.configure(String configuration) + +
+           
+  +

+


+ + + + + + + + + + + + + + + +
+ +
+ + + +
+ + + diff --git a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/class-use/NotAllowedException.html b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/class-use/NotAllowedException.html new file mode 100644 index 000000000..fa0e1f24e --- /dev/null +++ b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/class-use/NotAllowedException.html @@ -0,0 +1,182 @@ + + + + + + +Uses of Class at.gv.egovernment.moa.id.proxy.NotAllowedException (MOA ID API) + + + + + + + + + + + + + + + + + + + + + + + + + +
+ +
+ + + +
+
+

+Uses of Class
at.gv.egovernment.moa.id.proxy.NotAllowedException

+
+ + + + + + + + + +
+Packages that use NotAllowedException
at.gv.egovernment.moa.id.proxy  
+  +

+ + + + + +
+Uses of NotAllowedException in at.gv.egovernment.moa.id.proxy
+  +

+ + + + + + + + + + + + + +
Methods in at.gv.egovernment.moa.id.proxy that throw NotAllowedException
+ MapLoginParameterResolver.getAuthenticationHeaders(OAConfiguration oaConf, + AuthenticationData authData, + String clientIPAddress) + +
+          Returns authentication headers to be added to a URLConnection.
+ voidLoginParameterResolver.configure(String configuration) + +
+           
+  +

+


+ + + + + + + + + + + + + + + +
+ +
+ + + +
+ + + diff --git a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/package-frame.html b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/package-frame.html new file mode 100644 index 000000000..a8afe874e --- /dev/null +++ b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/package-frame.html @@ -0,0 +1,47 @@ + + + + + + +at.gv.egovernment.moa.id.proxy (MOA ID API) + + + + + + + + + + + +at.gv.egovernment.moa.id.proxy + + + + +
+Interfaces  + +
+ConnectionBuilder +
+LoginParameterResolver
+ + + + + + +
+Classes  + +
+LoginParameterResolverException +
+NotAllowedException
+ + + + diff --git a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/package-summary.html b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/package-summary.html new file mode 100644 index 000000000..9c6f09843 --- /dev/null +++ b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/package-summary.html @@ -0,0 +1,175 @@ + + + + + + +at.gv.egovernment.moa.id.proxy (MOA ID API) + + + + + + + + + + + + + + + + + + + + + + + + + + +
+ +
+ + + +
+

+Package at.gv.egovernment.moa.id.proxy +

+ + + + + + + + + + + + + +
+Interface Summary
ConnectionBuilderBuilder for URLConnection objects used to forward requests + to the remote online application.
LoginParameterResolverDetermines authentication parameters and headers to be added to a URLConnection + to the remote online application. +
+  + +

+ + + + + + + + + + + + + +
+Class Summary
LoginParameterResolverExceptionException thrown while proxying a request to the online application
NotAllowedExceptionException thrown while proxying a request to the online application + Reason for this exception: the dedicated LoginParameterResolver does + not allow access to the desired ressource.
+  + +

+


+ + + + + + + + + + + + + + + +
+ +
+ + + +
+ + + diff --git a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/package-tree.html b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/package-tree.html new file mode 100644 index 000000000..90e057ebc --- /dev/null +++ b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/package-tree.html @@ -0,0 +1,154 @@ + + + + + + +at.gv.egovernment.moa.id.proxy Class Hierarchy (MOA ID API) + + + + + + + + + + + + + + + + + + + + + + + + + +
+ +
+ + + +
+
+

+Hierarchy For Package at.gv.egovernment.moa.id.proxy +

+
+
+
Package Hierarchies:
All Packages
+
+

+Class Hierarchy +

+ +

+Interface Hierarchy +

+ +
+ + + + + + + + + + + + + + + +
+ +
+ + + +
+ + + diff --git a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/package-use.html b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/package-use.html new file mode 100644 index 000000000..a8c6c026b --- /dev/null +++ b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/package-use.html @@ -0,0 +1,170 @@ + + + + + + +Uses of Package at.gv.egovernment.moa.id.proxy (MOA ID API) + + + + + + + + + + + + + + + + + + + + + + + + + +
+ +
+ + + +
+
+

+Uses of Package
at.gv.egovernment.moa.id.proxy

+
+ + + + + + + + + +
+Packages that use at.gv.egovernment.moa.id.proxy
at.gv.egovernment.moa.id.proxy  
+  +

+ + + + + + + + + + + +
+Classes in at.gv.egovernment.moa.id.proxy used by at.gv.egovernment.moa.id.proxy
LoginParameterResolverException + +
+          Exception thrown while proxying a request to the online application
NotAllowedException + +
+          Exception thrown while proxying a request to the online application + Reason for this exception: the dedicated LoginParameterResolver does + not allow access to the desired ressource.
+  +

+


+ + + + + + + + + + + + + + + +
+ +
+ + + +
+ + + diff --git a/id.server/doc/moa_id/api-doc/constant-values.html b/id.server/doc/moa_id/api-doc/constant-values.html new file mode 100644 index 000000000..bc145c359 --- /dev/null +++ b/id.server/doc/moa_id/api-doc/constant-values.html @@ -0,0 +1,262 @@ + + + + + + +Constant Field Values (MOA ID API) + + + + + + + + + + + + + + + + + + + + + + + + + +
+ +
+ + + +
+
+

+Constant Field Values

+
+
+Contents + + + + + + +
+at.gv.*
+ +

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
at.gv.egovernment.moa.id.config.proxy.OAConfiguration
+public static final StringBASIC_AUTH"basic"
+public static final StringHEADER_AUTH"header"
+public static final StringLOGINTYPE_STATEFUL"stateful"
+public static final StringLOGINTYPE_STATELESS"stateless"
+public static final StringPARAM_AUTH"param"
+ +

+ +

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
at.gv.egovernment.moa.id.proxy.LoginParameterResolver
+public static final StringMOABKZ"MOABKZ"
+public static final StringMOABPK"MOABPK"
+public static final StringMOADateOfBirth"MOADateOfBirth"
+public static final StringMOAFamilyName"MOAFamilyName"
+public static final StringMOAGivenName"MOAGivenName"
+public static final StringMOAIdentificationValueType"MOAIdentificationValueType"
+public static final StringMOAIPAddress"MOAIPAddress"
+public static final StringMOAPublicAuthority"MOAPublicAuthority"
+public static final StringMOAQualifiedCertificate"MOAQualifiedCertificate"
+public static final StringMOAStammzahl"MOAStammzahl"
+ +

+ +

+


+ + + + + + + + + + + + + + + +
+ +
+ + + +
+ + + diff --git a/id.server/doc/moa_id/api-doc/deprecated-list.html b/id.server/doc/moa_id/api-doc/deprecated-list.html new file mode 100644 index 000000000..d760f28ee --- /dev/null +++ b/id.server/doc/moa_id/api-doc/deprecated-list.html @@ -0,0 +1,134 @@ + + + + + + +Deprecated List (MOA ID API) + + + + + + + + + + + + + + + + + + + + + + + + + +
+ +
+ + + +
+
+

+Deprecated API

+
+
+ + + + + + + + + + + + + + + +
+ +
+ + + +
+ + + diff --git a/id.server/doc/moa_id/api-doc/help-doc.html b/id.server/doc/moa_id/api-doc/help-doc.html new file mode 100644 index 000000000..bbdccd6b5 --- /dev/null +++ b/id.server/doc/moa_id/api-doc/help-doc.html @@ -0,0 +1,193 @@ + + + + + + +API Help (MOA ID API) + + + + + + + + + + + + + + + + + + + + + + + + + +
+ +
+ + + +
+
+

+How This API Document Is Organized

+
+This API (Application Programming Interface) document has pages corresponding to the items in the navigation bar, described as follows.

+Overview

+
+ +

+The Overview page is the front page of this API document and provides a list of all packages with a summary for each. This page can also contain an overall description of the set of packages.

+

+Package

+
+ +

+Each package has a page that contains a list of its classes and interfaces, with a summary for each. This page can contain four categories:

    +
  • Interfaces (italic)
  • Classes
  • Exceptions
  • Errors
+
+

+Class/Interface

+
+ +

+Each class, interface, nested class and nested interface has its own separate page. Each of these pages has three sections consisting of a class/interface description, summary tables, and detailed member descriptions:

    +
  • Class inheritance diagram
  • Direct Subclasses
  • All Known Subinterfaces
  • All Known Implementing Classes
  • Class/interface declaration
  • Class/interface description +

    +

  • Nested Class Summary
  • Field Summary
  • Constructor Summary
  • Method Summary +

    +

  • Field Detail
  • Constructor Detail
  • Method Detail
+Each summary entry contains the first sentence from the detailed description for that item. The summary entries are alphabetical, while the detailed descriptions are in the order they appear in the source code. This preserves the logical groupings established by the programmer.
+

+Use

+
+Each documented package, class and interface has its own Use page. This page describes what packages, classes, methods, constructors and fields use any part of the given class or package. Given a class or interface A, its Use page includes subclasses of A, fields declared as A, methods that return A, and methods and constructors with parameters of type A. You can access this page by first going to the package, class or interface, then clicking on the "Use" link in the navigation bar.
+

+Tree (Class Hierarchy)

+
+There is a Class Hierarchy page for all packages, plus a hierarchy for each package. Each hierarchy page contains a list of classes and a list of interfaces. The classes are organized by inheritance structure starting with java.lang.Object. The interfaces do not inherit from java.lang.Object.
    +
  • When viewing the Overview page, clicking on "Tree" displays the hierarchy for all packages.
  • When viewing a particular package, class or interface page, clicking "Tree" displays the hierarchy for only that package.
+
+

+Deprecated API

+
+The Deprecated API page lists all of the API that have been deprecated. A deprecated API is not recommended for use, generally due to improvements, and a replacement API is usually given. Deprecated APIs may be removed in future implementations.
+

+Index

+
+The Index contains an alphabetic list of all classes, interfaces, constructors, methods, and fields.
+

+Prev/Next

+These links take you to the next or previous class, interface, package, or related page.

+Frames/No Frames

+These links show and hide the HTML frames. All pages are available with or without frames. +

+

+Serialized Form

+Each serializable or externalizable class has a description of its serialization fields and methods. This information is of interest to re-implementors, not to developers using the API. While there is no link in the navigation bar, you can get to this information by going to any serialized class and clicking "Serialized Form" in the "See also" section of the class description. +

+ + +This help file applies to API documentation generated using the standard doclet. + +
+


+ + + + + + + + + + + + + + + +
+ +
+ + + +
+ + + diff --git a/id.server/doc/moa_id/api-doc/index-all.html b/id.server/doc/moa_id/api-doc/index-all.html new file mode 100644 index 000000000..b6ccf5c68 --- /dev/null +++ b/id.server/doc/moa_id/api-doc/index-all.html @@ -0,0 +1,462 @@ + + + + + + +Index (MOA ID API) + + + + + + + + + + + + + + + + + + + + + + + + + +
+ +
+ + + +A B C D G H I L M N O P S V
+

+A

+
+
AuthenticationData - class at.gv.egovernment.moa.id.data.AuthenticationData.
Encapsulates authentication data contained in a <saml:Assertion>.
AuthenticationData() - +Constructor for class at.gv.egovernment.moa.id.data.AuthenticationData +
Constructor for AuthenticationData. +
AuthenticationException - class at.gv.egovernment.moa.id.AuthenticationException.
Exception thrown during handling of AuthenticationSession
AuthenticationException(String, Object[]) - +Constructor for class at.gv.egovernment.moa.id.AuthenticationException +
Constructor for AuthenticationException. +
AuthenticationException(String, Object[], Throwable) - +Constructor for class at.gv.egovernment.moa.id.AuthenticationException +
Constructor for AuthenticationException. +
AuthenticationServer - class at.gv.egovernment.moa.id.auth.AuthenticationServer.
API for MOA ID Authentication Service.
AuthenticationServer() - +Constructor for class at.gv.egovernment.moa.id.auth.AuthenticationServer +
Constructor for AuthenticationServer. +
at.gv.egovernment.moa.id - package at.gv.egovernment.moa.id
 
at.gv.egovernment.moa.id.auth - package at.gv.egovernment.moa.id.auth
 
at.gv.egovernment.moa.id.config.proxy - package at.gv.egovernment.moa.id.config.proxy
 
at.gv.egovernment.moa.id.data - package at.gv.egovernment.moa.id.data
 
at.gv.egovernment.moa.id.proxy - package at.gv.egovernment.moa.id.proxy
 
+
+

+B

+
+
BASIC_AUTH - +Static variable in class at.gv.egovernment.moa.id.config.proxy.OAConfiguration +
Constant for an auth method +
buildConnection(HttpServletRequest, String, String, SSLSocketFactory, Map) - +Method in interface at.gv.egovernment.moa.id.proxy.ConnectionBuilder +
Builds an HttpURLConnection to a URL which is derived + from an HttpServletRequest URL, by substitution of a + public URL prefix for the real URL prefix. +
+
+

+C

+
+
ConnectionBuilder - interface at.gv.egovernment.moa.id.proxy.ConnectionBuilder.
Builder for URLConnection objects used to forward requests + to the remote online application.
cleanup() - +Method in class at.gv.egovernment.moa.id.auth.AuthenticationServer +
Cleans up expired session and authentication data stores. +
configure(String) - +Method in interface at.gv.egovernment.moa.id.proxy.LoginParameterResolver +
  +
+
+

+D

+
+
debugOutputXMLFile(String, Element) - +Static method in class at.gv.egovernment.moa.id.auth.AuthenticationServer +
Writes an XML structure to file for debugging purposes, encoding UTF-8. +
debugOutputXMLFile(String, String) - +Static method in class at.gv.egovernment.moa.id.auth.AuthenticationServer +
Writes an XML structure to file for debugging purposes, encoding UTF-8. +
+
+

+G

+
+
getAssertionID() - +Method in class at.gv.egovernment.moa.id.data.AuthenticationData +
Returns the assertionID. +
getAuthType() - +Method in class at.gv.egovernment.moa.id.config.proxy.OAConfiguration +
Returns the authType. +
getAuthenticationData(String) - +Method in class at.gv.egovernment.moa.id.auth.AuthenticationServer +
Retrieves AuthenticationData indexed by the SAML artifact. + +
getAuthenticationHeaders(OAConfiguration, AuthenticationData, String) - +Method in interface at.gv.egovernment.moa.id.proxy.LoginParameterResolver +
Returns authentication headers to be added to a URLConnection. +
getAuthenticationParameters(OAConfiguration, AuthenticationData, String) - +Method in interface at.gv.egovernment.moa.id.proxy.LoginParameterResolver +
Returns request parameters to be added to a URLConnection. +
getBasicAuthPasswordMapping() - +Method in class at.gv.egovernment.moa.id.config.proxy.OAConfiguration +
Returns the basicAuthPasswordMapping. +
getBasicAuthUserIDMapping() - +Method in class at.gv.egovernment.moa.id.config.proxy.OAConfiguration +
Returns the basicAuthUserIDMapping. +
getDateOfBirth() - +Method in class at.gv.egovernment.moa.id.data.AuthenticationData +
Returns the dateOfBirth. +
getFamilyName() - +Method in class at.gv.egovernment.moa.id.data.AuthenticationData +
Returns the familyName. +
getGivenName() - +Method in class at.gv.egovernment.moa.id.data.AuthenticationData +
Returns the givenName. +
getHeaderAuthMapping() - +Method in class at.gv.egovernment.moa.id.config.proxy.OAConfiguration +
Returns the headerAuthMapping. +
getIdentificationType() - +Method in class at.gv.egovernment.moa.id.data.AuthenticationData +
Returns the identificationType +
getIdentificationValue() - +Method in class at.gv.egovernment.moa.id.data.AuthenticationData +
Returns the identificationValue. +
getInstance() - +Static method in class at.gv.egovernment.moa.id.auth.AuthenticationServer +
Returns the single instance of AuthenticationServer. +
getIssueInstant() - +Method in class at.gv.egovernment.moa.id.data.AuthenticationData +
Returns the issueInstant. +
getIssuer() - +Method in class at.gv.egovernment.moa.id.data.AuthenticationData +
Returns the issuer. +
getLoginType() - +Method in class at.gv.egovernment.moa.id.config.proxy.OAConfiguration +
Returns the loginType. +
getMajorVersion() - +Method in class at.gv.egovernment.moa.id.data.AuthenticationData +
Returns the majorVersion. +
getMinorVersion() - +Method in class at.gv.egovernment.moa.id.data.AuthenticationData +
Returns the minorVersion. +
getPBK() - +Method in class at.gv.egovernment.moa.id.data.AuthenticationData +
Returns the bPK. +
getParamAuthMapping() - +Method in class at.gv.egovernment.moa.id.config.proxy.OAConfiguration +
Returns the paramAuthMapping. +
getPublicAuthorityCode() - +Method in class at.gv.egovernment.moa.id.data.AuthenticationData +
Returns the publicAuthorityCode. +
getSamlAssertion() - +Method in class at.gv.egovernment.moa.id.data.AuthenticationData +
Returns the samlAssertion. +
getSession(String) - +Static method in class at.gv.egovernment.moa.id.auth.AuthenticationServer +
Retrieves a session from the session store. +
getTimestamp() - +Method in class at.gv.egovernment.moa.id.data.AuthenticationData +
Returns the timestamp. +
+
+

+H

+
+
HEADER_AUTH - +Static variable in class at.gv.egovernment.moa.id.config.proxy.OAConfiguration +
Constant for an auth method +
+
+

+I

+
+
isPublicAuthority() - +Method in class at.gv.egovernment.moa.id.data.AuthenticationData +
Returns the publicAuthority. +
isQualifiedCertificate() - +Method in class at.gv.egovernment.moa.id.data.AuthenticationData +
Returns the qualifiedCertificate. +
+
+

+L

+
+
LOGINTYPE_STATEFUL - +Static variable in class at.gv.egovernment.moa.id.config.proxy.OAConfiguration +
Constant for an login method +
LOGINTYPE_STATELESS - +Static variable in class at.gv.egovernment.moa.id.config.proxy.OAConfiguration +
Constant for an login method +
LoginParameterResolver - interface at.gv.egovernment.moa.id.proxy.LoginParameterResolver.
Determines authentication parameters and headers to be added to a URLConnection + to the remote online application. +
LoginParameterResolverException - class at.gv.egovernment.moa.id.proxy.LoginParameterResolverException.
Exception thrown while proxying a request to the online application
LoginParameterResolverException(String, Object[]) - +Constructor for class at.gv.egovernment.moa.id.proxy.LoginParameterResolverException +
Constructor for LoginParameterResolverException. +
LoginParameterResolverException(String, Object[], Throwable) - +Constructor for class at.gv.egovernment.moa.id.proxy.LoginParameterResolverException +
Constructor for LoginParameterResolverException. +
+
+

+M

+
+
MOABKZ - +Static variable in interface at.gv.egovernment.moa.id.proxy.LoginParameterResolver +
Constant used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType +
MOABPK - +Static variable in interface at.gv.egovernment.moa.id.proxy.LoginParameterResolver +
Constant used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType +
MOADateOfBirth - +Static variable in interface at.gv.egovernment.moa.id.proxy.LoginParameterResolver +
Constant used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType +
MOAFamilyName - +Static variable in interface at.gv.egovernment.moa.id.proxy.LoginParameterResolver +
Constant used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType +
MOAGivenName - +Static variable in interface at.gv.egovernment.moa.id.proxy.LoginParameterResolver +
Constants used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType, + naming predicates used by the LoginParameterResolver. +
MOAIPAddress - +Static variable in interface at.gv.egovernment.moa.id.proxy.LoginParameterResolver +
Constant used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType +
MOAIdentificationValueType - +Static variable in interface at.gv.egovernment.moa.id.proxy.LoginParameterResolver +
Constant used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType +
MOAPublicAuthority - +Static variable in interface at.gv.egovernment.moa.id.proxy.LoginParameterResolver +
Constant used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType +
MOAQualifiedCertificate - +Static variable in interface at.gv.egovernment.moa.id.proxy.LoginParameterResolver +
Constant used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType +
MOAStammzahl - +Static variable in interface at.gv.egovernment.moa.id.proxy.LoginParameterResolver +
Constant used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType +
+
+

+N

+
+
NotAllowedException - class at.gv.egovernment.moa.id.proxy.NotAllowedException.
Exception thrown while proxying a request to the online application + Reason for this exception: the dedicated LoginParameterResolver does + not allow access to the desired ressource.
NotAllowedException(String, Object[]) - +Constructor for class at.gv.egovernment.moa.id.proxy.NotAllowedException +
Constructor for NotAllowedException. +
NotAllowedException(String, Object[], Throwable) - +Constructor for class at.gv.egovernment.moa.id.proxy.NotAllowedException +
Constructor for NotAllowedException. +
+
+

+O

+
+
OAConfiguration - class at.gv.egovernment.moa.id.config.proxy.OAConfiguration.
Holds configuration data concerning an online application for use by the MOA-ID Proxy component. +
OAConfiguration() - +Constructor for class at.gv.egovernment.moa.id.config.proxy.OAConfiguration +
  +
+
+

+P

+
+
PARAM_AUTH - +Static variable in class at.gv.egovernment.moa.id.config.proxy.OAConfiguration +
Constant for an auth method +
+
+

+S

+
+
selectBKU(String, String, String, String, String) - +Method in class at.gv.egovernment.moa.id.auth.AuthenticationServer +
Processes request to select a BKU. + +
setAssertionID(String) - +Method in class at.gv.egovernment.moa.id.data.AuthenticationData +
Sets the assertionID. +
setAuthType(String) - +Method in class at.gv.egovernment.moa.id.config.proxy.OAConfiguration +
Sets the authType. +
setBasicAuthPasswordMapping(String) - +Method in class at.gv.egovernment.moa.id.config.proxy.OAConfiguration +
Sets the basicAuthPasswordMapping. +
setBasicAuthUserIDMapping(String) - +Method in class at.gv.egovernment.moa.id.config.proxy.OAConfiguration +
Sets the basicAuthUserIDMapping. +
setDateOfBirth(String) - +Method in class at.gv.egovernment.moa.id.data.AuthenticationData +
Sets the dateOfBirth. +
setFamilyName(String) - +Method in class at.gv.egovernment.moa.id.data.AuthenticationData +
Sets the familyName. +
setGivenName(String) - +Method in class at.gv.egovernment.moa.id.data.AuthenticationData +
Sets the givenName. +
setHeaderAuthMapping(HashMap) - +Method in class at.gv.egovernment.moa.id.config.proxy.OAConfiguration +
Sets the headerAuthMapping. +
setIdentificationType(String) - +Method in class at.gv.egovernment.moa.id.data.AuthenticationData +
Sets the identificationType. +
setIdentificationValue(String) - +Method in class at.gv.egovernment.moa.id.data.AuthenticationData +
Sets the identificationValue. +
setIssueInstant(String) - +Method in class at.gv.egovernment.moa.id.data.AuthenticationData +
Sets the issueInstant. +
setIssuer(String) - +Method in class at.gv.egovernment.moa.id.data.AuthenticationData +
Sets the issuer. +
setLoginType(String) - +Method in class at.gv.egovernment.moa.id.config.proxy.OAConfiguration +
Sets the loginType. +
setMajorVersion(int) - +Method in class at.gv.egovernment.moa.id.data.AuthenticationData +
Sets the majorVersion. +
setMinorVersion(int) - +Method in class at.gv.egovernment.moa.id.data.AuthenticationData +
Sets the minorVersion. +
setPBK(String) - +Method in class at.gv.egovernment.moa.id.data.AuthenticationData +
Sets the bPK. +
setParamAuthMapping(HashMap) - +Method in class at.gv.egovernment.moa.id.config.proxy.OAConfiguration +
Sets the paramAuthMapping. +
setPublicAuthority(boolean) - +Method in class at.gv.egovernment.moa.id.data.AuthenticationData +
Sets the publicAuthority. +
setPublicAuthorityCode(String) - +Method in class at.gv.egovernment.moa.id.data.AuthenticationData +
Sets the publicAuthorityCode. +
setQualifiedCertificate(boolean) - +Method in class at.gv.egovernment.moa.id.data.AuthenticationData +
Sets the qualifiedCertificate. +
setSamlAssertion(String) - +Method in class at.gv.egovernment.moa.id.data.AuthenticationData +
Sets the samlAssertion. +
setSecondsAuthDataTimeOut(long) - +Method in class at.gv.egovernment.moa.id.auth.AuthenticationServer +
Sets the authDataTimeOut. +
setSecondsSessionTimeOut(long) - +Method in class at.gv.egovernment.moa.id.auth.AuthenticationServer +
Sets the sessionTimeOut. +
startAuthentication(String, String, String, String, String, String) - +Method in class at.gv.egovernment.moa.id.auth.AuthenticationServer +
Processes the beginning of an authentication session. + +
+
+

+V

+
+
verifyAuthenticationBlock(String, String) - +Method in class at.gv.egovernment.moa.id.auth.AuthenticationServer +
Processes a <CreateXMLSignatureResponse> sent by the + security layer implementation. +
verifyIdentityLink(String, String) - +Method in class at.gv.egovernment.moa.id.auth.AuthenticationServer +
Processes an <InfoboxReadResponse> sent by the + security layer implementation. +
+
+A B C D G H I L M N O P S V + + + + + + + + + + + + + + +
+ +
+ + + +
+ + + diff --git a/id.server/doc/moa_id/api-doc/index.html b/id.server/doc/moa_id/api-doc/index.html new file mode 100644 index 000000000..61c644160 --- /dev/null +++ b/id.server/doc/moa_id/api-doc/index.html @@ -0,0 +1,26 @@ + + + + + + +MOA ID API + + + + + + + + + +<H2> +Frame Alert</H2> + +<P> +This document is designed to be viewed using the frames feature. If you see this message, you are using a non-frame-capable web client. +<BR> +Link to<A HREF="overview-summary.html">Non-frame version.</A> + + + diff --git a/id.server/doc/moa_id/api-doc/overview-frame.html b/id.server/doc/moa_id/api-doc/overview-frame.html new file mode 100644 index 000000000..58e79621c --- /dev/null +++ b/id.server/doc/moa_id/api-doc/overview-frame.html @@ -0,0 +1,50 @@ + + + + + + +Overview (MOA ID API) + + + + + + + + + + + + + + + +
+
+ + + + + +
All Classes +

+ +Packages +
+at.gv.egovernment.moa.id +
+at.gv.egovernment.moa.id.auth +
+at.gv.egovernment.moa.id.config.proxy +
+at.gv.egovernment.moa.id.data +
+at.gv.egovernment.moa.id.proxy +
+

+ +

+  + + diff --git a/id.server/doc/moa_id/api-doc/overview-summary.html b/id.server/doc/moa_id/api-doc/overview-summary.html new file mode 100644 index 000000000..0d16ca82c --- /dev/null +++ b/id.server/doc/moa_id/api-doc/overview-summary.html @@ -0,0 +1,165 @@ + + + + + + +Overview (MOA ID API) + + + + + + + + + + + + + + + + + + + + + + + + + + +
+ +
+ + + +


+
+

+

MOA ID API

+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + +
+Packages
at.gv.egovernment.moa.id 
at.gv.egovernment.moa.id.auth 
at.gv.egovernment.moa.id.config.proxy 
at.gv.egovernment.moa.id.data 
at.gv.egovernment.moa.id.proxy 
+ +


+ + + + + + + + + + + + + + + +
+ +
+ + + +
+ + + diff --git a/id.server/doc/moa_id/api-doc/overview-tree.html b/id.server/doc/moa_id/api-doc/overview-tree.html new file mode 100644 index 000000000..583aeddde --- /dev/null +++ b/id.server/doc/moa_id/api-doc/overview-tree.html @@ -0,0 +1,155 @@ + + + + + + +Class Hierarchy (MOA ID API) + + + + + + + + + + + + + + + + + + + + + + + + + +
+ +
+ + + +
+
+

+Hierarchy For All Packages

+
+
+
Package Hierarchies:
at.gv.egovernment.moa.id, at.gv.egovernment.moa.id.auth, at.gv.egovernment.moa.id.config.proxy, at.gv.egovernment.moa.id.data, at.gv.egovernment.moa.id.proxy
+
+

+Class Hierarchy +

+ +

+Interface Hierarchy +

+ +
+ + + + + + + + + + + + + + + +
+ +
+ + + +
+ + + diff --git a/id.server/doc/moa_id/api-doc/package-list b/id.server/doc/moa_id/api-doc/package-list new file mode 100644 index 000000000..4cafbedb3 --- /dev/null +++ b/id.server/doc/moa_id/api-doc/package-list @@ -0,0 +1,5 @@ +at.gv.egovernment.moa.id +at.gv.egovernment.moa.id.auth +at.gv.egovernment.moa.id.config.proxy +at.gv.egovernment.moa.id.data +at.gv.egovernment.moa.id.proxy diff --git a/id.server/doc/moa_id/api-doc/packages.html b/id.server/doc/moa_id/api-doc/packages.html new file mode 100644 index 000000000..dc4a5e004 --- /dev/null +++ b/id.server/doc/moa_id/api-doc/packages.html @@ -0,0 +1,37 @@ + + + + + + + (MOA ID API) + + + + + + + + + + + +
+ +
+ +
+
+The front page has been relocated.Please see: +
+          Frame version +
+          Non-frame version.
+ + + diff --git a/id.server/doc/moa_id/api-doc/resources/inherit.gif b/id.server/doc/moa_id/api-doc/resources/inherit.gif new file mode 100644 index 000000000..c814867a1 Binary files /dev/null and b/id.server/doc/moa_id/api-doc/resources/inherit.gif differ diff --git a/id.server/doc/moa_id/api-doc/serialized-form.html b/id.server/doc/moa_id/api-doc/serialized-form.html new file mode 100644 index 000000000..feb57f861 --- /dev/null +++ b/id.server/doc/moa_id/api-doc/serialized-form.html @@ -0,0 +1,169 @@ + + + + + + +Serialized Form (MOA ID API) + + + + + + + + + + + + + + + + + + + + + + + + + +
+ +
+ + + +
+
+

+Serialized Form

+
+ + + + + +
+Class at.gv.egovernment.moa.id.AuthenticationException extends MOAIDException implements Serializable
+ +

+ +

+


+ + + + + +
+Class at.gv.egovernment.moa.id.proxy.LoginParameterResolverException extends MOAIDException implements Serializable
+ +

+ +

+


+ + + + + +
+Class at.gv.egovernment.moa.id.proxy.NotAllowedException extends MOAIDException implements Serializable
+ +

+ +

+


+ + + + + + + + + + + + + + + +
+ +
+ + + +
+ + + diff --git a/id.server/doc/moa_id/api-doc/stylesheet.css b/id.server/doc/moa_id/api-doc/stylesheet.css new file mode 100644 index 000000000..14c3737e8 --- /dev/null +++ b/id.server/doc/moa_id/api-doc/stylesheet.css @@ -0,0 +1,29 @@ +/* Javadoc style sheet */ + +/* Define colors, fonts and other style attributes here to override the defaults */ + +/* Page background color */ +body { background-color: #FFFFFF } + +/* Headings */ +h1 { font-size: 145% } + +/* Table colors */ +.TableHeadingColor { background: #CCCCFF } /* Dark mauve */ +.TableSubHeadingColor { background: #EEEEFF } /* Light mauve */ +.TableRowColor { background: #FFFFFF } /* White */ + +/* Font used in left-hand frame lists */ +.FrameTitleFont { font-size: 100%; font-family: Helvetica, Arial, sans-serif } +.FrameHeadingFont { font-size: 90%; font-family: Helvetica, Arial, sans-serif } +.FrameItemFont { font-size: 90%; font-family: Helvetica, Arial, sans-serif } + +/* Navigation bar fonts and colors */ +.NavBarCell1 { background-color:#EEEEFF;} /* Light mauve */ +.NavBarCell1Rev { background-color:#00008B;} /* Dark Blue */ +.NavBarFont1 { font-family: Arial, Helvetica, sans-serif; color:#000000;} +.NavBarFont1Rev { font-family: Arial, Helvetica, sans-serif; color:#FFFFFF;} + +.NavBarCell2 { font-family: Arial, Helvetica, sans-serif; background-color:#FFFFFF;} +.NavBarCell3 { font-family: Arial, Helvetica, sans-serif; background-color:#FFFFFF;} + diff --git a/id.server/doc/moa_id/examples/conf/MOA-ID-Configuration.xml b/id.server/doc/moa_id/examples/conf/MOA-ID-Configuration.xml index 26898f754..ffece2e5f 100644 --- a/id.server/doc/moa_id/examples/conf/MOA-ID-Configuration.xml +++ b/id.server/doc/moa_id/examples/conf/MOA-ID-Configuration.xml @@ -47,7 +47,7 @@ - + diff --git a/id.server/doc/moa_id/examples/conf/OAConfHeaderAuth.xml b/id.server/doc/moa_id/examples/conf/OAConfHeaderAuth.xml index c1a1964bf..f6d3945ad 100644 --- a/id.server/doc/moa_id/examples/conf/OAConfHeaderAuth.xml +++ b/id.server/doc/moa_id/examples/conf/OAConfHeaderAuth.xml @@ -5,7 +5,7 @@ - + @@ -13,5 +13,5 @@ Name:Mustermann Vorname:Hermann Geburtsdatum:1985-12-01 -VPK:kp6hOq6LRAkLtrqm6EvDm6bMwJw= +BPK:kp6hOq6LRAkLtrqm6EvDm6bMwJw= --> \ No newline at end of file diff --git a/id.server/doc/moa_id/examples/conf/OAConfParamAuth.xml b/id.server/doc/moa_id/examples/conf/OAConfParamAuth.xml index 18e0a109c..b730a25ba 100644 --- a/id.server/doc/moa_id/examples/conf/OAConfParamAuth.xml +++ b/id.server/doc/moa_id/examples/conf/OAConfParamAuth.xml @@ -5,10 +5,10 @@ - + \ No newline at end of file diff --git a/id.server/doc/moa_id/id-admin_2.htm b/id.server/doc/moa_id/id-admin_2.htm index 3bf2a6892..313db3da8 100644 --- a/id.server/doc/moa_id/id-admin_2.htm +++ b/id.server/doc/moa_id/id-admin_2.htm @@ -111,11 +111,11 @@ Projekt moa  -
Konfiguration von MOA ID v.1.1
+
Konfiguration von MOA ID v.1.2
-

Konfiguration von MOA ID v.1.1

+

Konfiguration von MOA ID v.1.2

Die Konfiguration von MOA ID wird mittels einer XML-basierten - Konfigurationsdatei, die dem Schema MOA-ID-Configuration-1.1.xsd + Konfigurationsdatei, die dem Schema MOA-ID-Configuration-1.2.xsd entspricht, durchgeführt.

Der Ort der Konfigurationsdatei wird im Abschnitt Deployment der Web-Applikation in Tomcat beschrieben. @@ -326,8 +326,12 @@ Projekt moa  der wirklichen Domäne (Attribut OnlineApplication/ProxyComponent/ConnectionParameter/@URL) ersetzt wird. Es dient als Schlüssel zum Auffinden der Konfigurationsparameter zur Online-Applikation. -
-
+

+

Das Attribut OnlineApplication/@keyBoxIdentifier + gibt das Schlüsselpaar an, welches von der Bürgerkartenumgebung + zum Signieren des Auth Blocks verwendet wird. Mögliche + Werte: CertifiedKeyPair sowie SecureSignatureKeypair.
+

Das Element OnlineApplication hat optional zwei Kind-Elemente: AuthComponent und ProxyComponent.

@@ -340,10 +344,11 @@ Projekt moa  das Verhalten der Authentisierungskomponente bezüglich der Online-Applikation konfiguriert.

- Das Attribut provideZMRZahl bestimmt, ob - die ZMR-Zahl in den Anmeldedaten aufscheint. Analog - steuern die Attribute provideAUTHBlock - und provideIdentityLink, ob die Anmeldedaten + Das Attribut provideStammzahl bestimmt, + ob die Stammzahl in den Anmeldedaten aufscheint + oder ob der Wert ausgeblendet (d.h. auf den Leerstring) + wird. Die Attribute provideAUTHBlock und + provideIdentityLink steuern ob die Anmeldedaten den Auth-Block bzw. die Personenbindung enthalten. Alle Attribute sind optional und haben den Default-Wert false.
@@ -358,7 +363,7 @@ Projekt moa 
Das optionale Attribut configFileURL verweist auf eine Konfigurationsdatei die dem - Schema MOA-ID-Configuration-1.1.xsd + Schema MOA-ID-Configuration-1.2.xsd entspricht mit Dokument-Element Configuration. Die Angabe erfolgt relativ zur verwendeten MOA-ID Konfigurationsdatei. Beispiel für das Element @@ -618,7 +623,7 @@ Der Name der Konfigurationsdatei wird in der Konfiguration von MOA-ID als Wert d wobei <realURLPrefix> dem Konfigurationswert OnlineApplication/ProxyComponent/ConnectionParameter/@URL entspricht.

Die Konfigurationsdatei ist eine XML-Datei, die dem Schema -MOA-ID-Configuration-1.1.xsd mit dem Wurzelelement +MOA-ID-Configuration-1.2.xsd mit dem Wurzelelement Configuration entspricht.
@@ -655,7 +660,7 @@ Werte annehmen. Gültige Werte von MOAAuthDataType sind:
  • MOAGivenName - der Vorname des Benutzers, wie in der Personenbindung enthalten
  • MOAFamilyName - der Nachname des Benutzers, wie in der Personenbindung enthalten
  • MOADateOfBirth - das Geburtsdatum des Benutzers, wie in der Personenbindung enthalten -
  • MOAVPK - die verfahrensspezifische Personenkennzeichnung des Benutzers, wie von der +
  • MOABPK - die bereichsspezifische Personenkennzeichnung des Benutzers, wie von der Authentisierungskomponente berechnet
  • MOAPublicAuthority - wird durch true ersetzt, falls der Benutzer mit einem Zertifikat signierte, welches eine Behördenerweiterung beinhaltet. Andernfalls wird false gesetzt @@ -663,8 +668,8 @@ welches eine Behördenerweiterung ergibt)
  • MOAQualifiedCertificate - wird durch true ersetzt, falls das Zertifikat des Benutzers qualifiziert ist, andernfalls wird false gesetzt -
  • MOAZMRZahl - die ZMR-Zahl des Benutzers; diese ist nur dann verfügbar, wenn die Online-Applikation -die ZMR-Zahl bekommen darf (und daher in der Personenbindung enthalten ist) +
  • MOAStammzahl - die Stammzahl des Benutzers; diese ist nur dann verfügbar, wenn die Online-Applikation +die Stammzahl bekommen darf (und daher in der Personenbindung enthalten ist)
  • MOAIPAddress - IP-Adresse des Client des Benutzers. diff --git a/id.server/doc/moa_id/moa.htm b/id.server/doc/moa_id/moa.htm index 4ffab01d5..54bcf951d 100644 --- a/id.server/doc/moa_id/moa.htm +++ b/id.server/doc/moa_id/moa.htm @@ -168,7 +168,7 @@ einen Aufruf von MOA-SP überprüft.
  • URL und Geschäftsbereich der Online-Applikation,
  • die aktuelle Zeit.
  • -Anschließend wird +Anschließend wird eine XML Antwortseite, die das Kommando zum Signieren (<CreateXMLSignatureRequest>) des generierten AUTH-Blocks enthält, an den ausgewählten Security-Layer gesendet. @@ -184,7 +184,7 @@ MOA-ID-AUTH zurückgesendet. MOA-ID-AUTH überprüft den signierten AUTH-Block und legt für den Benutzer die Anmeldedaten an. Die Anmeldedaten enthalten
      -
    • die verfahrensspezifische Personenkennzeichnung (VPK),
    • +
    • die bereichsspezifische Personenkennzeichen (bPK),
    • den signierten AUTH-Block (optional),
    • die Personenbindung (optional),
    • die PersonData-Struktur aus der Personenbindung (optional),
    • diff --git a/id.server/html/auth/WEB-INF/web.xml b/id.server/html/auth/WEB-INF/web.xml index 9f713408c..85fc3d87a 100644 --- a/id.server/html/auth/WEB-INF/web.xml +++ b/id.server/html/auth/WEB-INF/web.xml @@ -41,6 +41,25 @@ org.apache.axis.transport.http.AxisServlet + + + + jspservlet + org.apache.jasper.servlet.JspServlet + + + + + + jspservlet + /errorpage-auth.jsp + + + + jspservlet + /message-auth.jsp + + SelectBKU /SelectBKU diff --git a/id.server/html/auth/errorpage-auth.jsp b/id.server/html/auth/errorpage-auth.jsp new file mode 100644 index 000000000..afb4b2281 --- /dev/null +++ b/id.server/html/auth/errorpage-auth.jsp @@ -0,0 +1,41 @@ + +<%@ page contentType="text/html; charset=UTF-8" %> + + +Ein Fehler ist aufgetreten + +<% Throwable exceptionThrown = (Throwable)request.getAttribute("ExceptionThrown"); + String errorMessage = (String)request.getAttribute("ErrorMessage"); + String wrongParameters = (String)request.getAttribute("WrongParameters"); +%> + + +

      Fehler bei der Anmeldung

      +

      Bei der Anmeldung ist ein Fehler aufgetreten.

      + +<% if (errorMessage != null) { %> +

      +<%= errorMessage%>
      +

      +<% } %> +<% if (exceptionThrown != null) { %> +

      +<%= exceptionThrown.getMessage()%> +

      +<% } %> +<% if (wrongParameters != null) { %> +

      Die Angabe der Parameter ist unvollständig.

      + <%= wrongParameters %>
      +

      + Beispiele für korrekte Links zur MOA-ID Authentisierung sind: +

      +

      +<a href="https://<MOA-URL>/StartAuthentication?Target=<Geschäftsbereich>&OA=<OA-URL>&Template=<Template-URL>"> +

      +

      +<a href="https://<MOA-URL>/SelectBKU?Target=<Geschäftsbereich>&OA=<OA-URL>&Template=<Template-URL>&BKUSelectionTemplate=<BKU-Template-URL>"> +

      +

      Die Angabe der Parameter "Template" und "BKUSelectionTemplate" ist optional.

      +<% } %> + + \ No newline at end of file diff --git a/id.server/html/auth/errorpage.jsp b/id.server/html/auth/errorpage.jsp deleted file mode 100644 index ee8c88028..000000000 --- a/id.server/html/auth/errorpage.jsp +++ /dev/null @@ -1,41 +0,0 @@ - -<%@ page contentType="text/html; charset=UTF-8" %> - - -Fehler - -<% Throwable exceptionThrown = (Throwable)request.getAttribute("ExceptionThrown"); - String errorMessage = (String)request.getAttribute("ErrorMessage"); - String wrongParameters = (String)request.getAttribute("WrongParameters"); -%> - - -

      Fehler bei der Anmeldung

      -

      Bei der Anmeldung ist ein Fehler aufgetreten.

      - -<% if (errorMessage != null) { %> -

      -<%= errorMessage%>
      -

      -<% } %> -<% if (exceptionThrown != null) { %> -

      -<%= exceptionThrown.getMessage()%> -

      -<% } %> -<% if (wrongParameters != null) { %> -

      Die Angabe der Parameter ist unvollständig.

      - <%= wrongParameters %>
      -

      - Beispiele für korrekte Links zur MOA-ID Authentisierung sind: -

      -

      -<a href="https://<MOA-URL>/StartAuthentication?Target=<Geschäftsbereich>&OA=<OA-URL>&Template=<Template-URL>"> -

      -

      -<a href="https://<MOA-URL>/SelectBKU?Target=<Geschäftsbereich>&OA=<OA-URL>&Template=<Template-URL>&BKUSelectionTemplate=<BKU-Template-URL>"> -

      -

      Die Angabe der Parameter "Template" und "BKUSelectionTemplate" ist optional.

      -<% } %> - - \ No newline at end of file diff --git a/id.server/html/auth/index.jsp b/id.server/html/auth/index.jsp index cb9dde3d9..733ba317f 100644 --- a/id.server/html/auth/index.jsp +++ b/id.server/html/auth/index.jsp @@ -10,13 +10,13 @@ + request.getContextPath() + "/"; String params = "Target=gb&" + - "OA=https://10.16.126.28:9443/moa-id-proxy/index.jsp"; + "OA=https://localhost:8443/moa-id-proxy/index.jsp"; String urlStartAuth = urlPath + "StartAuthentication?" + params; String templateParam = - "&Template=http://10.16.46.108:18080/oa/AuthTemplate.jsp"; + "&Template=http://localhost:18080/oa/AuthTemplate.jsp"; String urlStartAuthCustom = urlStartAuth + templateParam; @@ -27,7 +27,7 @@ String urlSelectBKUCustom = urlSelectBKU + templateParam + - "&BKUSelectionTemplate=http://10.16.46.108:18080/oa/BKUSelectionTemplate.jsp"; + "&BKUSelectionTemplate=http://localhost:18080/oa/BKUSelectionTemplate.jsp"; %> Log in to sample application
      diff --git a/id.server/html/auth/message-auth.jsp b/id.server/html/auth/message-auth.jsp new file mode 100644 index 000000000..0c28c1ba7 --- /dev/null +++ b/id.server/html/auth/message-auth.jsp @@ -0,0 +1,20 @@ + +<%@ page contentType="text/html; charset=UTF-8" %> + + +MOA-ID AUTH + +<% String message = (String)request.getAttribute("Message"); +%> + + +

      MOA-ID AUTH

      + +<% if (message != null) { %> +

      +<%= message%>
      +

      +<% } %> + + + \ No newline at end of file diff --git a/id.server/html/proxy/WEB-INF/web.xml b/id.server/html/proxy/WEB-INF/web.xml index 9145a48d6..ab67855c2 100644 --- a/id.server/html/proxy/WEB-INF/web.xml +++ b/id.server/html/proxy/WEB-INF/web.xml @@ -16,6 +16,25 @@ Update MOA-ID Proxy configuration from the configuration file at.gv.egovernment.moa.id.proxy.servlet.ConfigurationServlet + + + + jspservlet + org.apache.jasper.servlet.JspServlet + + + + + + jspservlet + /errorpage-proxy.jsp + + + + jspservlet + /message-proxy.jsp + + ConfigurationUpdate /ConfigurationUpdate @@ -27,6 +46,10 @@ 30 + + 500 + /errorpage.jsp + ConfigurationUpdate diff --git a/id.server/html/proxy/errorpage-proxy.jsp b/id.server/html/proxy/errorpage-proxy.jsp new file mode 100644 index 000000000..afb4b2281 --- /dev/null +++ b/id.server/html/proxy/errorpage-proxy.jsp @@ -0,0 +1,41 @@ + +<%@ page contentType="text/html; charset=UTF-8" %> + + +Ein Fehler ist aufgetreten + +<% Throwable exceptionThrown = (Throwable)request.getAttribute("ExceptionThrown"); + String errorMessage = (String)request.getAttribute("ErrorMessage"); + String wrongParameters = (String)request.getAttribute("WrongParameters"); +%> + + +

      Fehler bei der Anmeldung

      +

      Bei der Anmeldung ist ein Fehler aufgetreten.

      + +<% if (errorMessage != null) { %> +

      +<%= errorMessage%>
      +

      +<% } %> +<% if (exceptionThrown != null) { %> +

      +<%= exceptionThrown.getMessage()%> +

      +<% } %> +<% if (wrongParameters != null) { %> +

      Die Angabe der Parameter ist unvollständig.

      + <%= wrongParameters %>
      +

      + Beispiele für korrekte Links zur MOA-ID Authentisierung sind: +

      +

      +<a href="https://<MOA-URL>/StartAuthentication?Target=<Geschäftsbereich>&OA=<OA-URL>&Template=<Template-URL>"> +

      +

      +<a href="https://<MOA-URL>/SelectBKU?Target=<Geschäftsbereich>&OA=<OA-URL>&Template=<Template-URL>&BKUSelectionTemplate=<BKU-Template-URL>"> +

      +

      Die Angabe der Parameter "Template" und "BKUSelectionTemplate" ist optional.

      +<% } %> + + \ No newline at end of file diff --git a/id.server/html/proxy/message-proxy.jsp b/id.server/html/proxy/message-proxy.jsp new file mode 100644 index 000000000..0d970898a --- /dev/null +++ b/id.server/html/proxy/message-proxy.jsp @@ -0,0 +1,20 @@ + +<%@ page contentType="text/html; charset=UTF-8" %> + + +MOA-ID Proxy + +<% String message = (String)request.getAttribute("Message"); +%> + + +

      MOA-ID Proxy

      + +<% if (message != null) { %> +

      +<%= message%>
      +

      +<% } %> + + + \ No newline at end of file diff --git a/id.server/lib/moa-spss-1.2d01/moa-common.jar b/id.server/lib/moa-spss-1.2d01/moa-common.jar index 8f202dd05..cff5be7c8 100644 Binary files a/id.server/lib/moa-spss-1.2d01/moa-common.jar and b/id.server/lib/moa-spss-1.2d01/moa-common.jar differ diff --git a/id.server/lib/moa-spss-1.2d01/moa-spss.jar b/id.server/lib/moa-spss-1.2d01/moa-spss.jar index c426c4a39..7c39571fc 100644 Binary files a/id.server/lib/moa-spss-1.2d01/moa-spss.jar and b/id.server/lib/moa-spss-1.2d01/moa-spss.jar differ diff --git a/id.server/res/resources/properties/id_messages_de.properties b/id.server/res/resources/properties/id_messages_de.properties index 558816954..51c34c5d9 100644 --- a/id.server/res/resources/properties/id_messages_de.properties +++ b/id.server/res/resources/properties/id_messages_de.properties @@ -36,7 +36,7 @@ init.02=Fehler beim Starten des Service MOA ID Authentisierung config.00=MOA ID Konfiguration erfolgreich geladen: {0} config.01=Umgebungsvariable "moa.id.configuration" nicht gesetzt config.02=Nicht klassifizierter Fehler in der Konfiguration (siehe Log-Datei für Details) -config.03=Fehler beim Einlesen der Konfiguration +config.03=Fehler beim Einlesen der Konfiguration (siehe Log-Datei für Details) config.04=Fehler beim Lesen der MOA ID Konfiguration; es wird weiterhin die ursprüngliche Konfiguration verwendet config.05=Fehlerhafter Wert für "{0}" in der MOA ID Konfiguration config.06=Doppelter Eintrag in der Konfiguration für die Online-Applikation gefunden: {0} @@ -72,16 +72,16 @@ proxy.02=Unbekannter URL {0}.
      Es wurde keine proxy.04=URL {0} : {1} proxy.05=Fehler beim Aufbauen der SSLSocketFactory für {0} : {1} proxy.06=Fehler beim Starten des Service MOA ID Proxy -proxy.07=Sie sind nicht angemeldet. Melden Sie sich erneut an. +proxy.07=Sie sind nicht bzw. nicht mehr angemeldet. Melden Sie sich bitte erneut an. proxy.08=Kein URL-Mapping in der HttpSession verfügbar (URL {0}) proxy.09=Fehler beim Aufruf des MOA-ID Auth API: {0} proxy.10=Fehler beim Weiterleiten (MOA-ID Proxy) -proxy.11=Beim Weiterleiten des Request ist ein Fehler aufgetreten. +proxy.11=Beim Weiterleiten der Verbindung zur Anwendung ist ein Fehler aufgetreten. proxy.12=Fehler bei der Anmeldung.
      Eine Anmeldung an der Anwendung {0} war nicht möglich.
      Prüfen Sie bitte ihre Berechtigung. proxy.13=Fehler beim Aufruf des LoginParameterResolvers zu URL-Präfix: {0} - - - +proxy.14=

      Folgende Ursachen können zu dem Fehler geführt haben:

      1. Sie sind nicht mehr angemeldet (Verbindungen werden aus Sicherheitsgründen bei längerer Inaktivität beendet.)
        Melden Sie sich bitte erneut an.
      2. Die Kommunikation mit dem Server schlug fehl.
      +proxy.15=Auf die gewünschte Seite kann nicht zugegriffen werden, Sie besitzen nicht die benötigte Berechtigung. + validator.00=Kein SAML:Assertion Objekt gefunden {0} validator.01=Im Subject kommt mehr als ein Element des Typs PhysicalPersonType vor {0} validator.02=Das verwendete Schlüsselformat eines öffentlichen Schlüssels ist unbekannt {0} diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id.server/src/at/gv/egovernment/moa/id/auth/AuthenticationServer.java index bc3e075be..9cb473d4f 100644 --- a/id.server/src/at/gv/egovernment/moa/id/auth/AuthenticationServer.java +++ b/id.server/src/at/gv/egovernment/moa/id/auth/AuthenticationServer.java @@ -28,7 +28,7 @@ import at.gv.egovernment.moa.id.auth.builder.InfoboxReadRequestBuilder; import at.gv.egovernment.moa.id.auth.builder.PersonDataBuilder; import at.gv.egovernment.moa.id.auth.builder.SAMLArtifactBuilder; import at.gv.egovernment.moa.id.auth.builder.SelectBKUFormBuilder; -import at.gv.egovernment.moa.id.auth.builder.VPKBuilder; +import at.gv.egovernment.moa.id.auth.builder.BPKBuilder; import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse; @@ -379,8 +379,13 @@ public class AuthenticationServer implements MOAIDAuthConstants { session.setAuthBlock(authBlock); // builds the String[] transformInfos = authConf.getTransformsInfos(); + + OAAuthParameter oaParam = + AuthConfigurationProvider.getInstance().getOnlineApplicationParameter( + session.getPublicOAURLPrefix()); + String createXMLSignatureRequest = - new CreateXMLSignatureRequestBuilder().build(authBlock, transformInfos); + new CreateXMLSignatureRequestBuilder().build(authBlock, oaParam.getKeyBoxIdentifier(), transformInfos); return createXMLSignatureRequest; } /** @@ -502,12 +507,12 @@ public class AuthenticationServer implements MOAIDAuthConstants { authData.setAssertionID(Random.nextRandom()); authData.setIssuer(session.getAuthURL()); authData.setIssueInstant(DateTimeUtils.buildDateTime(Calendar.getInstance())); - String vpkBase64 = - new VPKBuilder().buildVPK( + String bpkBase64 = + new BPKBuilder().buildBPK( identityLink.getIdentificationValue(), - identityLink.getDateOfBirth(), session.getTarget()); - authData.setVPK(vpkBase64); + authData.setIdentificationType(identityLink.getIdentificationType()); + authData.setPBK(bpkBase64); authData.setGivenName(identityLink.getGivenName()); authData.setFamilyName(identityLink.getFamilyName()); authData.setDateOfBirth(identityLink.getDateOfBirth()); @@ -517,7 +522,7 @@ public class AuthenticationServer implements MOAIDAuthConstants { OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter( session.getPublicOAURLPrefix()); - String prPerson = new PersonDataBuilder().build(identityLink, oaParam.getProvideZMRZahl()); + String prPerson = new PersonDataBuilder().build(identityLink, oaParam.getProvideStammzahl()); try { String ilAssertion = diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java b/id.server/src/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java index fd7cb1a9d..ed2c863d2 100644 --- a/id.server/src/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java +++ b/id.server/src/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java @@ -19,13 +19,14 @@ public class AuthenticationDataAssertionBuilder implements Constants { /** * XML template for the <saml:Assertion> to be built */ + //TODO MOA-ID check if NameQualifier NameQualifier urn:publicid:gv.at:cdid+ "is stable" in specification private static final String AUTH_DATA = "" + NL + "" + NL + " " + NL + " " + NL + - " {3}" + NL + + " {3}" + NL + " " + NL + " " + MOA_NS_URI + "cm" + NL + " {4}{5}" + NL + @@ -64,7 +65,7 @@ public class AuthenticationDataAssertionBuilder implements Constants { * @param xmlPersonData lt;pr:Person> element as a String * @param xmlAuthBlock authentication block to be included in a * lt;saml:SubjectConfirmationData> element; may include - * the "ZMR-Zahl" or not; may be empty + * the "Stammzahl" or not; may be empty * @param xmlIdentityLink the IdentityLink * @return the <saml:Assertion> * @throws BuildException if an error occurs during the build process @@ -89,7 +90,7 @@ public class AuthenticationDataAssertionBuilder implements Constants { authData.getAssertionID(), authData.getIssuer(), authData.getIssueInstant(), - authData.getVPK(), + authData.getPBK(), removeXMLDeclaration(xmlAuthBlock), removeXMLDeclaration(xmlIdentityLink), removeXMLDeclaration(xmlPersonData), diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java b/id.server/src/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java new file mode 100644 index 000000000..706d0a39a --- /dev/null +++ b/id.server/src/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java @@ -0,0 +1,50 @@ +package at.gv.egovernment.moa.id.auth.builder; + +import java.security.MessageDigest; + +import at.gv.egovernment.moa.id.BuildException; +import at.gv.egovernment.moa.util.Base64Utils; + +/** + * Builder for the BPK, as defined in + * "Ableitung f¨r die bereichsspezifische Personenkennzeichnung" + * version 1.0.1 from "reference.e-government.gv.at". + * + * @author Paul Ivancsics + * @version $Id$ + */ +public class BPKBuilder { + + /** + * Builds the BPK from given parameters. + * @param identificationValue Base64 encoded "Stammzahl" + * @param target "Verfahrensname"; will be transformed to lower case + * @return PBK in a BASE64 encoding + * @throws BuildException while building the BPK + */ + public String buildBPK(String identificationValue, String target) + throws BuildException { + + if (identificationValue == null || identificationValue.length() == 0 + || target == null || target.length() == 0) + throw new BuildException( + "builder.00", + new Object[] {"BPK", + "Unvollständige Parameterangaben: identificationValue=" + identificationValue + + ",target=" + target}); + String basisbegriff = identificationValue + "+" + target; + try { + MessageDigest md = MessageDigest.getInstance("SHA-1"); + byte[] hash = md.digest(basisbegriff.getBytes("ISO-8859-1")); + String hashBase64 = Base64Utils.encode(hash); + return hashBase64; + } + catch (Exception ex) { + throw new BuildException( + "builder.00", + new Object[] {"BPK", ex.toString()}, + ex); + } + } + +} diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java b/id.server/src/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java index f8c287cb6..961a40303 100644 --- a/id.server/src/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java +++ b/id.server/src/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java @@ -21,12 +21,10 @@ public class CreateXMLSignatureRequestBuilder implements Constants { private static final String CREATE_XML_SIGNATURE_REQUEST = "" + nl + "" + nl + - " SecureSignatureKeypair" + nl + - //TODO RS Lsg Switch SecureSignatureKeypair / CertifiedKeyPair - //" CertifiedKeypair" + nl + + " {1}" + nl + " " + nl + " " + nl + - "{1}" + + "{2}" + " " + nl + " " + nl + " " + nl + @@ -47,14 +45,15 @@ public class CreateXMLSignatureRequestBuilder implements Constants { * Builds the <CreateXMLSignatureRequest>. * * @param authBlock String representation of XML authentication block + * @param keyBoxIdentfier the key box identifier which will be used (e.g. CertifiedKeyPair) * @return String representation of <CreateXMLSignatureRequest> */ - public String build(String authBlock, String[] dsigTransformInfos) { + public String build(String authBlock, String keyBoxIdentifier, String[] dsigTransformInfos) { String dsigTransformInfosString = ""; for (int i = 0; i < dsigTransformInfos.length; i++) dsigTransformInfosString += dsigTransformInfos[i]; String request = MessageFormat.format( - CREATE_XML_SIGNATURE_REQUEST, new Object[] { authBlock, dsigTransformInfosString }); + CREATE_XML_SIGNATURE_REQUEST, new Object[] { authBlock, keyBoxIdentifier, dsigTransformInfosString }); return request; } } diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilder.java b/id.server/src/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilder.java index 85ec1cb7f..819ed79bb 100644 --- a/id.server/src/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilder.java +++ b/id.server/src/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilder.java @@ -26,24 +26,25 @@ public class PersonDataBuilder { /** * Builds the <pr:Person> element.
      * Utilizes the parsed <prPerson> from the identity link - * and the information regarding inclusion of "ZMR-Zahl" in the + * and the information regarding inclusion of "Stammzahl" in the * <pr:Person> data. * * @param identityLink IdentityLink containing the * attribute prPerson - * @param provideZMRZahl true if "ZMR-Zahl" is to be included; + * @param provideStammzahl true if "Stammzahl" is to be included; * false otherwise * @return the <pr:Person> element as a String * @throws BuildException on any error */ - public String build(IdentityLink identityLink, boolean provideZMRZahl) + public String build(IdentityLink identityLink, boolean provideStammzahl) throws BuildException { try { Element prPerson = (Element)identityLink.getPrPerson().cloneNode(true); - if (! provideZMRZahl) { - Node prIdentification = XPathUtils.selectSingleNode(prPerson, "pr:Identification"); - prPerson.removeChild(prIdentification); + if (! provideStammzahl) { + Node prIdentification = XPathUtils.selectSingleNode(prPerson, "pr:Identification/pr:Value"); + //remove IdentificationValue + prIdentification.getFirstChild().setNodeValue(""); } String xmlString = DOMUtils.serializeNode(prPerson); return xmlString; diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/builder/VPKBuilder.java b/id.server/src/at/gv/egovernment/moa/id/auth/builder/VPKBuilder.java deleted file mode 100644 index c18156a01..000000000 --- a/id.server/src/at/gv/egovernment/moa/id/auth/builder/VPKBuilder.java +++ /dev/null @@ -1,52 +0,0 @@ -package at.gv.egovernment.moa.id.auth.builder; - -import java.security.MessageDigest; - -import at.gv.egovernment.moa.id.BuildException; -import at.gv.egovernment.moa.util.Base64Utils; - -/** - * Builder for the VPK, as defined in - * "Ableitung f¨r die verfahrensspezifische Personenkennzeichnung" - * version 1.0.1 from "reference.e-government.gv.at". - * - * @author Paul Ivancsics - * @version $Id$ - */ -public class VPKBuilder { - - /** - * Builds the VPK from given parameters. - * @param identificationValue "ZMR-Zahl" - * @param dateOfBirth "Geburtsdatum" - * @param target "Verfahrensname"; will be transformed to lower case - * @return VPK in a BASE64 encoding - * @throws BuildException while building the VPK - */ - public String buildVPK(String identificationValue, String dateOfBirth, String target) - throws BuildException { - - if (identificationValue == null || identificationValue.length() == 0 - || dateOfBirth == null || dateOfBirth.length() == 0 - || target == null || target.length() == 0) - throw new BuildException( - "builder.00", - new Object[] {"VPK", - "Unvollständige Parameterangaben: identificationValue=" + identificationValue + - ",dateOfBirth=" + dateOfBirth + ",target=" + target}); - String basisbegriff = identificationValue + "+" + dateOfBirth + "+" + target.toLowerCase(); - try { - MessageDigest md = MessageDigest.getInstance("SHA-1"); - byte[] hash = md.digest(basisbegriff.getBytes()); - String hashBase64 = Base64Utils.encode(hash); - return hashBase64; - } - catch (Exception ex) { - throw new BuildException( - "builder.00", - new Object[] {"VPK", ex.toString()}, - ex); - } - } - -} diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/data/IdentityLink.java b/id.server/src/at/gv/egovernment/moa/id/auth/data/IdentityLink.java index e2ad2625a..cc58db916 100644 --- a/id.server/src/at/gv/egovernment/moa/id/auth/data/IdentityLink.java +++ b/id.server/src/at/gv/egovernment/moa/id/auth/data/IdentityLink.java @@ -14,9 +14,13 @@ import org.w3c.dom.Element; */ public class IdentityLink { /** - * "identificationValue" is the translation of "ZMR-Zahl". + * "identificationValue" is the translation of "Stammzahl". */ private String identificationValue; + /** + * "identificationType" type of the identificationValue in the IdentityLink. + */ + private String identificationType; /** * first name */ @@ -82,13 +86,22 @@ public class IdentityLink { /** * Returns the identificationValue. - * "identificationValue" is the translation of "ZMR-Zahl". + * "identificationValue" is the translation of "Stammzahl". * @return String */ public String getIdentificationValue() { return identificationValue; } + /** + * Returns the identificationType. + * "identificationType" type of the identificationValue in the IdentityLink. + * @return String + */ + public String getIdentificationType() { + return identificationType; + } + /** * Sets the dateOfBirth. * @param dateOfBirth The dateOfBirth to set @@ -115,12 +128,20 @@ public class IdentityLink { /** * Sets the identificationValue. - * "identificationValue" is the translation of "ZMR-Zahl". + * "identificationValue" is the translation of "Stammzahl". * @param identificationValue The identificationValue to set */ public void setIdentificationValue(String identificationValue) { this.identificationValue = identificationValue; } + + /** + * Sets the Type of the identificationValue. + * @param identificationType The type of identificationValue to set + */ + public void setIdentificationType(String identificationType) { + this.identificationType = identificationType; + } /** * Returns the samlAssertion. diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParser.java b/id.server/src/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParser.java index f9ef54884..49baf1bf5 100644 --- a/id.server/src/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParser.java +++ b/id.server/src/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParser.java @@ -97,6 +97,16 @@ public class IdentityLinkAssertionParser { + "Identification/" + PDATA + "Value"; + + /** Xpath expression to the Identification Value element */ + private static final String PERSON_IDENT_TYPE_XPATH = + PERSON_XPATH + + "/" + + PDATA + + "Identification/" + + PDATA + + "Type"; + /** Xpath expression to the RSAKeyValue element */ private static final String RSA_KEY_VALUE_XPATH = ROOT @@ -179,12 +189,13 @@ public class IdentityLinkAssertionParser { IdentityLink identityLink; try { identityLink = new IdentityLink(); - //ÄNDERN: NUR der Identification-Teil identityLink.setSamlAssertion(assertionElem); identityLink.setPrPerson((Element) XPathUtils.selectSingleNode(assertionElem, PERSON_XPATH)); identityLink.setIdentificationValue( XPathUtils.getElementValue(assertionElem, PERSON_IDENT_VALUE_XPATH, "")); + identityLink.setIdentificationType( + XPathUtils.getElementValue(assertionElem, PERSON_IDENT_TYPE_XPATH, "")); identityLink.setGivenName( XPathUtils.getElementValue(assertionElem, PERSON_GIVEN_NAME_XPATH, "")); identityLink.setFamilyName( diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java b/id.server/src/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java index 6ff52bc4a..95878007e 100644 --- a/id.server/src/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java +++ b/id.server/src/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java @@ -35,7 +35,7 @@ public class AuthServlet extends HttpServlet implements MOAIDAuthConstants { *
        *
      • Logs the error
      • *
      • Places error message and exception thrown into the request - * as request attributes (to be used by "/errorpage.jsp")
      • + * as request attributes (to be used by "/errorpage-auth.jsp") *
      • Sets HTTP status 500 (internal server error)
      • *
      * @@ -59,9 +59,9 @@ public class AuthServlet extends HttpServlet implements MOAIDAuthConstants { req.setAttribute("ExceptionThrown", exceptionThrown); } - //forward this to errorpage.jsp wher the HTML error page is generated + //forward this to errorpage-auth.jsp where the HTML error page is generated ServletContext context = getServletContext(); - RequestDispatcher dispatcher = context.getRequestDispatcher("/errorpage.jsp"); + RequestDispatcher dispatcher = context.getRequestDispatcher("/errorpage-auth.jsp"); try { dispatcher.forward(req, resp); } catch (ServletException e) { @@ -80,9 +80,9 @@ public class AuthServlet extends HttpServlet implements MOAIDAuthConstants { Logger.error(ex.toString()); req.setAttribute("WrongParameters", ex.getMessage()); - // forward this to errorpage.jsp where the HTML error page is generated + // forward this to errorpage-auth.jsp where the HTML error page is generated ServletContext context = getServletContext(); - RequestDispatcher dispatcher = context.getRequestDispatcher("/errorpage.jsp"); + RequestDispatcher dispatcher = context.getRequestDispatcher("/errorpage-auth.jsp"); try { dispatcher.forward(req, resp); } catch (ServletException e) { diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/servlet/ConfigurationServlet.java b/id.server/src/at/gv/egovernment/moa/id/auth/servlet/ConfigurationServlet.java index 1dc1897b2..f33377547 100644 --- a/id.server/src/at/gv/egovernment/moa/id/auth/servlet/ConfigurationServlet.java +++ b/id.server/src/at/gv/egovernment/moa/id/auth/servlet/ConfigurationServlet.java @@ -1,17 +1,18 @@ package at.gv.egovernment.moa.id.auth.servlet; import java.io.IOException; -import java.io.PrintWriter; import java.text.DateFormat; import java.util.Date; import java.util.Locale; +import javax.servlet.ServletConfig; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import at.gv.egovernment.moa.id.auth.MOAIDAuthInitializer; +import at.gv.egovernment.moa.id.util.HTTPRequestJSPForwarder; import at.gv.egovernment.moa.id.util.MOAIDMessageProvider; import at.gv.egovernment.moa.logging.Logger; @@ -22,9 +23,6 @@ import at.gv.egovernment.moa.logging.Logger; * @version $Id$ */ public class ConfigurationServlet extends HttpServlet { - /** Constant for the DTD-Doc type */ - private static final String DOC_TYPE = - "\n"; /** * Handle a HTTP GET request, used to indicated that the MOA @@ -36,13 +34,7 @@ public class ConfigurationServlet extends HttpServlet { throws ServletException, IOException { MOAIDMessageProvider msg = MOAIDMessageProvider.getInstance(); - PrintWriter out; - response.setContentType("text/html"); - out = response.getWriter(); - out.println(DOC_TYPE); - out.println("MOA configuration update"); - out.println(""); try { MOAIDAuthInitializer.initialized=false; MOAIDAuthInitializer.initialize(); @@ -50,21 +42,13 @@ public class ConfigurationServlet extends HttpServlet { { DateFormat.getTimeInstance(DateFormat.MEDIUM, Locale.GERMAN).format(new Date())} ); Logger.info(message); - //TODO low-priority: change to ErrorPage - out.println("

      "); - out.println(message); - out.println("

      "); + HTTPRequestJSPForwarder.forwardNamed(message, "/message-auth.jsp", getServletContext(), request, response); + } catch (Throwable t) { String errorMessage = msg.getMessage("config.04", null); Logger.error(errorMessage, t); - out.println("

      "); - out.println(errorMessage); - out.println("

      "); + HTTPRequestJSPForwarder.forwardNamed(errorMessage, "/message-auth.jsp", getServletContext(), request, response); } - out.println(""); - - out.flush(); - out.close(); } /** @@ -77,4 +61,15 @@ public class ConfigurationServlet extends HttpServlet { doGet(request, response); } + /** + * Calls the web application initializer. + * + * @see javax.servlet.Servlet#init(ServletConfig) + */ + public void init(ServletConfig servletConfig) throws ServletException { + super.init(servletConfig); + } + } + + diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java b/id.server/src/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java index 8de475f95..ec8cb7b1a 100644 --- a/id.server/src/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java +++ b/id.server/src/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java @@ -53,7 +53,7 @@ public class VerifyXMLSignatureResponseValidator { if (verifyXMLSignatureResponse.getSignatureCheckCode() != 0) throw new ValidateException("validator.06", null); - //TODO enhance error messages (reason why check failed) + //TODO MOA-ID enhance error messages (reason why check failed) if (verifyXMLSignatureResponse.getCertificateCheckCode() != 0) if (whatToCheck.equals(CHECK_IDENTITY_LINK)) throw new ValidateException("validator.07", null); diff --git a/id.server/src/at/gv/egovernment/moa/id/config/ConfigurationBuilder.java b/id.server/src/at/gv/egovernment/moa/id/config/ConfigurationBuilder.java index 6d3e05c29..53f763630 100644 --- a/id.server/src/at/gv/egovernment/moa/id/config/ConfigurationBuilder.java +++ b/id.server/src/at/gv/egovernment/moa/id/config/ConfigurationBuilder.java @@ -355,10 +355,12 @@ public class ConfigurationBuilder { OAAuthParameter oap = new OAAuthParameter(); oap.setPublicURLPrefix(oAElem.getAttribute("publicURLPrefix")); + oap.setKeyBoxIdentier(oAElem.getAttribute("keyBoxIdentifier")); + //Check if there is an Auth-Block to read from configuration if (authComponent!=null) { - oap.setProvideZMRZahl(BoolUtils.valueOf(authComponent.getAttribute("provideZMRZahl"))); + oap.setProvideStammzahl(BoolUtils.valueOf(authComponent.getAttribute("provideStammzahl"))); oap.setProvideAuthBlock(BoolUtils.valueOf(authComponent.getAttribute("provideAUTHBlock"))); oap.setProvideIdentityLink(BoolUtils.valueOf(authComponent.getAttribute("provideIdentityLink"))); } diff --git a/id.server/src/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java b/id.server/src/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java index 9ee1ec606..512d571ab 100644 --- a/id.server/src/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java +++ b/id.server/src/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java @@ -13,10 +13,15 @@ public class OAAuthParameter { * public URL prefix of the online application */ private String publicURLPrefix; + /** - * determines whether "ZMR-Zahl" is to be included in the authentication data + * key box Identifier (e.g. CertifiedKeyPair, SecureSignatureKeyPair) + */ + private String keyBoxIdentifier; + /** + * determines whether "Stammzahl" is to be included in the authentication data */ - private boolean provideZMRZahl; + private boolean provideStammzahl; /** * determines whether AUTH block is to be included in the authentication data */ @@ -43,11 +48,11 @@ public class OAAuthParameter { } /** - * Returns the provideZMRZahl. + * Returns the provideStammzahl. * @return String */ - public boolean getProvideZMRZahl() { - return provideZMRZahl; + public boolean getProvideStammzahl() { + return provideStammzahl; } /** @@ -58,6 +63,14 @@ public class OAAuthParameter { return publicURLPrefix; } + /** + * Returns the key box identifier. + * @return String + */ + public String getKeyBoxIdentifier() { + return keyBoxIdentifier; + } + /** * Sets the provideAuthBlock. * @param provideAuthBlock The provideAuthBlock to set @@ -75,11 +88,11 @@ public class OAAuthParameter { } /** - * Sets the provideZMRZahl. - * @param provideZMRZahl The provideZMRZahl to set + * Sets the provideStammzahl. + * @param provideStammzahl The provideStammzahl to set */ - public void setProvideZMRZahl(boolean provideZMRZahl) { - this.provideZMRZahl = provideZMRZahl; + public void setProvideStammzahl(boolean provideStammzahl) { + this.provideStammzahl = provideStammzahl; } /** @@ -90,4 +103,13 @@ public class OAAuthParameter { this.publicURLPrefix = publicURLPrefix; } + /** + * Sets the key box identifier. + * @param keyBoxIdentifier to set + */ + public void setKeyBoxIdentier(String keyBoxIdentifier) { + this.keyBoxIdentifier = keyBoxIdentifier; + } + + } diff --git a/id.server/src/at/gv/egovernment/moa/id/config/proxy/ProxyConfigurationProvider.java b/id.server/src/at/gv/egovernment/moa/id/config/proxy/ProxyConfigurationProvider.java index 5859d2ae9..fdb7e6f55 100644 --- a/id.server/src/at/gv/egovernment/moa/id/config/proxy/ProxyConfigurationProvider.java +++ b/id.server/src/at/gv/egovernment/moa/id/config/proxy/ProxyConfigurationProvider.java @@ -129,8 +129,6 @@ public class ProxyConfigurationProvider extends ConfigurationProvider { throw new ConfigurationException("config.03", null, t); } - //TODO enhance: use the getter method in makeAbsoluteURL - // build the internal datastructures builder = new ConfigurationBuilder(configElem, rootConfigFileDir); authComponentConnectionParameter = builder.buildAuthComponentConnectionParameter(); diff --git a/id.server/src/at/gv/egovernment/moa/id/data/AuthenticationData.java b/id.server/src/at/gv/egovernment/moa/id/data/AuthenticationData.java index aac1dc422..65fe9047d 100644 --- a/id.server/src/at/gv/egovernment/moa/id/data/AuthenticationData.java +++ b/id.server/src/at/gv/egovernment/moa/id/data/AuthenticationData.java @@ -31,14 +31,18 @@ public class AuthenticationData { */ private String issueInstant; /** - * user identification (ZMR-Zahl); null, + * user identification value (Stammzahl); null, * if the authentication module is configured not to return this data */ private String identificationValue; + /** + * user identification type + */ + private String identificationType; /** - * application specific user identifier (VPK) + * application specific user identifier (bPK) */ - private String vpk; + private String bPK; /** * given name of the user */ @@ -112,11 +116,11 @@ public class AuthenticationData { } /** - * Returns the vpk. + * Returns the bPK. * @return String */ - public String getVPK() { - return vpk; + public String getPBK() { + return bPK; } /** @@ -152,11 +156,11 @@ public class AuthenticationData { } /** - * Sets the vpk. - * @param vpk The vpk to set + * Sets the bPK. + * @param bPK The bPK to set */ - public void setVPK(String vpk) { - this.vpk = vpk; + public void setPBK(String bPK) { + this.bPK = bPK; } /** @@ -199,6 +203,14 @@ public class AuthenticationData { return identificationValue; } + /** + * Returns the identificationType + * @return String + */ + public String getIdentificationType() { + return identificationType; + } + /** * Returns the issueInstant. * @return String @@ -263,6 +275,14 @@ public class AuthenticationData { this.identificationValue = identificationValue; } + /** + * Sets the identificationType. + * @param identificationType The identificationType to set + */ + public void setIdentificationType(String identificationType) { + this.identificationType = identificationType; + } + /** * Sets the issueInstant. * @param issueInstant The issueInstant to set diff --git a/id.server/src/at/gv/egovernment/moa/id/iaik/config/PKIConfigurationImpl.java b/id.server/src/at/gv/egovernment/moa/id/iaik/config/PKIConfigurationImpl.java index 8d09e2bc9..b41de3c44 100644 --- a/id.server/src/at/gv/egovernment/moa/id/iaik/config/PKIConfigurationImpl.java +++ b/id.server/src/at/gv/egovernment/moa/id/iaik/config/PKIConfigurationImpl.java @@ -29,6 +29,7 @@ public class PKIConfigurationImpl implements PKIConfiguration { * @throws ConfigurationException for any config error */ public PKIConfigurationImpl(ConfigurationProvider conf) throws ConfigurationException { + certStoreConfiguration = new CertStoreConfigurationImpl(conf); revocationConfiguration = new RevocationConfigurationImpl(); validationConfiguration = new ValidationConfigurationImpl(conf); diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/DefaultConnectionBuilder.java b/id.server/src/at/gv/egovernment/moa/id/proxy/DefaultConnectionBuilder.java index 2ac8fe28e..bdadcbb81 100644 --- a/id.server/src/at/gv/egovernment/moa/id/proxy/DefaultConnectionBuilder.java +++ b/id.server/src/at/gv/egovernment/moa/id/proxy/DefaultConnectionBuilder.java @@ -36,7 +36,7 @@ public class DefaultConnectionBuilder implements ConnectionBuilder { disableHostnameVerification = BoolUtils.valueOf( ProxyConfigurationProvider.getInstance().getGenericConfigurationParameter( "ProxyComponent.DisableHostnameVerification")); - //TODO undocumented feature + //TODO MOA-ID BRZ undocumented feature if (disableHostnameVerification) Logger.warn("ProxyComponent.DisableHostnameVerification: " + disableHostnameVerification); } diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/DefaultLoginParameterResolver.java b/id.server/src/at/gv/egovernment/moa/id/proxy/DefaultLoginParameterResolver.java index 033a74934..77f6652f3 100644 --- a/id.server/src/at/gv/egovernment/moa/id/proxy/DefaultLoginParameterResolver.java +++ b/id.server/src/at/gv/egovernment/moa/id/proxy/DefaultLoginParameterResolver.java @@ -1,6 +1,7 @@ package at.gv.egovernment.moa.id.proxy; import java.io.IOException; +import java.io.UnsupportedEncodingException; import java.util.HashMap; import java.util.Iterator; import java.util.Map; @@ -8,6 +9,7 @@ import java.util.Map; import at.gv.egovernment.moa.id.config.proxy.OAConfiguration; import at.gv.egovernment.moa.id.data.AuthenticationData; import at.gv.egovernment.moa.util.Base64Utils; +import at.gv.egovernment.moa.util.URLEncoder; /** * Implementation of interface LoginParameterResolver @@ -79,7 +81,14 @@ public class DefaultLoginParameterResolver implements LoginParameterResolver { for (Iterator iter = oaConf.getParamAuthMapping().keySet().iterator(); iter.hasNext();) { String key = (String) iter.next(); String predicate = (String) oaConf.getParamAuthMapping().get(key); - String resolvedValue = resolveValue(predicate, authData, clientIPAddress); + String resolvedValue; + try { + resolvedValue = + URLEncoder.encode(resolveValue(predicate, authData, clientIPAddress), "ISO-8859-1"); + } catch (UnsupportedEncodingException e) { + //ISO-8859-1 is supported + resolvedValue = null; + } result.put(key, resolvedValue); } } @@ -97,27 +106,29 @@ public class DefaultLoginParameterResolver implements LoginParameterResolver { private static String resolveValue(String predicate, AuthenticationData authData, String clientIPAddress) { if (predicate.equals(MOAGivenName)) return authData.getGivenName(); - else if (predicate.equals(MOAFamilyName)) + if (predicate.equals(MOAFamilyName)) return authData.getFamilyName(); - else if (predicate.equals(MOADateOfBirth)) + if (predicate.equals(MOADateOfBirth)) return authData.getDateOfBirth(); - else if (predicate.equals(MOAVPK)) - return authData.getVPK(); - else if (predicate.equals(MOAPublicAuthority)) + if (predicate.equals(MOABPK)) + return authData.getPBK(); + if (predicate.equals(MOAPublicAuthority)) if (authData.isPublicAuthority()) return "true"; else return "false"; - else if (predicate.equals(MOABKZ)) + if (predicate.equals(MOABKZ)) return authData.getPublicAuthorityCode(); - else if (predicate.equals(MOAQualifiedCertificate)) + if (predicate.equals(MOAQualifiedCertificate)) if (authData.isQualifiedCertificate()) return "true"; else return "false"; - else if (predicate.equals(MOAZMRZahl)) + if (predicate.equals(MOAStammzahl)) return authData.getIdentificationValue(); - else if (predicate.equals(MOAIPAddress)) + if (predicate.equals(MOAIdentificationValueType)) + return authData.getIdentificationType(); + if (predicate.equals(MOAIPAddress)) return clientIPAddress; else return null; } diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/LoginParameterResolver.java b/id.server/src/at/gv/egovernment/moa/id/proxy/LoginParameterResolver.java index 434a4f674..c391fc16f 100644 --- a/id.server/src/at/gv/egovernment/moa/id/proxy/LoginParameterResolver.java +++ b/id.server/src/at/gv/egovernment/moa/id/proxy/LoginParameterResolver.java @@ -15,25 +15,27 @@ import at.gv.egovernment.moa.id.data.AuthenticationData; */ public interface LoginParameterResolver { - /** Constants used in MOAIDConfiguration-1.1.xsd, type MOAAuthDataType, + /** Constants used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType, * naming predicates used by the LoginParameterResolver. */ public static final String MOAGivenName = "MOAGivenName"; - /** Constant used in MOAIDConfiguration-1.1.xsd, type MOAAuthDataType */ + /** Constant used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType */ public static final String MOAFamilyName = "MOAFamilyName"; - /** Constant used in MOAIDConfiguration-1.1.xsd, type MOAAuthDataType */ + /** Constant used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType */ public static final String MOADateOfBirth = "MOADateOfBirth"; - /** Constant used in MOAIDConfiguration-1.1.xsd, type MOAAuthDataType */ - public static final String MOAVPK = "MOAVPK"; - /** Constant used in MOAIDConfiguration-1.1.xsd, type MOAAuthDataType */ + /** Constant used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType */ + public static final String MOABPK = "MOABPK"; + /** Constant used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType */ public static final String MOAPublicAuthority = "MOAPublicAuthority"; - /** Constant used in MOAIDConfiguration-1.1.xsd, type MOAAuthDataType */ + /** Constant used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType */ public static final String MOABKZ = "MOABKZ"; - /** Constant used in MOAIDConfiguration-1.1.xsd, type MOAAuthDataType */ + /** Constant used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType */ public static final String MOAQualifiedCertificate = "MOAQualifiedCertificate"; - /** Constant used in MOAIDConfiguration-1.1.xsd, type MOAAuthDataType */ - public static final String MOAZMRZahl = "MOAZMRZahl"; - /** Constant used in MOAIDConfiguration-1.1.xsd, type MOAAuthDataType */ + /** Constant used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType */ + public static final String MOAStammzahl = "MOAStammzahl"; + /** Constant used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType */ + public static final String MOAIdentificationValueType = "MOAIdentificationValueType"; + /** Constant used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType */ public static final String MOAIPAddress = "MOAIPAddress"; /** @@ -52,7 +54,7 @@ public interface LoginParameterResolver { public Map getAuthenticationHeaders( OAConfiguration oaConf, AuthenticationData authData, - String clientIPAddress) throws LoginParameterResolverException; + String clientIPAddress) throws LoginParameterResolverException, NotAllowedException; /** * Returns request parameters to be added to a URLConnection. @@ -70,6 +72,6 @@ public interface LoginParameterResolver { AuthenticationData authData, String clientIPAddress) throws LoginParameterResolverException; - public void configure(String configuration) throws LoginParameterResolverException; + public void configure(String configuration) throws LoginParameterResolverException, NotAllowedException; } diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/NotAllowedException.java b/id.server/src/at/gv/egovernment/moa/id/proxy/NotAllowedException.java new file mode 100644 index 000000000..849160a7b --- /dev/null +++ b/id.server/src/at/gv/egovernment/moa/id/proxy/NotAllowedException.java @@ -0,0 +1,39 @@ +package at.gv.egovernment.moa.id.proxy; + +import at.gv.egovernment.moa.id.MOAIDException; + +/** + * Exception thrown while proxying a request to the online application + * Reason for this exception: the dedicated LoginParameterResolver does + * not allow access to the desired ressource. + * + * @author Rudolf Schamberger + * @version $Id$ + */ +public class NotAllowedException extends MOAIDException { + + /** + * Constructor for NotAllowedException. + * @param messageId + * @param parameters + */ + public NotAllowedException( + String messageId, + Object[] parameters) { + super(messageId, parameters); + } + + /** + * Constructor for NotAllowedException. + * @param messageId + * @param parameters + * @param wrapped + */ + public NotAllowedException( + String messageId, + Object[] parameters, + Throwable wrapped) { + super(messageId, parameters, wrapped); + } + +} diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/OldXMLLoginParameterResolver.java b/id.server/src/at/gv/egovernment/moa/id/proxy/OldXMLLoginParameterResolver.java index c53ed30a6..9766ef57b 100644 --- a/id.server/src/at/gv/egovernment/moa/id/proxy/OldXMLLoginParameterResolver.java +++ b/id.server/src/at/gv/egovernment/moa/id/proxy/OldXMLLoginParameterResolver.java @@ -11,9 +11,9 @@ import org.w3c.dom.*; // Referenced classes of package at.gv.egovernment.moa.id.proxy: // LoginParameterResolver -// Old Implementation of XMLLoginParameterResolver (used to migrate old labs applications rapidely to -// version 1.1.1 of MOA-ID -// TODO RS migrate this to XMLLoginParameterResolver +// Old Implementation of XMLLoginParameterResolver +// +// TODO MOA-ID CIO internal: migrate this to XMLLoginParameterResolver public class OldXMLLoginParameterResolver @@ -98,7 +98,7 @@ public class OldXMLLoginParameterResolver { String famName = resolveValue("MOAFamilyName", authData, clientIPAddress); String givenName = resolveValue("MOAGivenName", authData, clientIPAddress); - String bPK = resolveValue("MOAVPK", authData, clientIPAddress); + String bPK = resolveValue("MOABPK", authData, clientIPAddress); String userid = ""; String password = ""; LPRParams params = null; @@ -193,8 +193,8 @@ public class OldXMLLoginParameterResolver return authData.getFamilyName(); if(predicate.equals("MOADateOfBirth")) return authData.getDateOfBirth(); - if(predicate.equals("MOAVPK")) - return authData.getVPK(); + if(predicate.equals("MOABPK")) + return authData.getPBK(); if(predicate.equals("MOAPublicAuthority")) if(authData.isPublicAuthority()) return "true"; @@ -207,8 +207,10 @@ public class OldXMLLoginParameterResolver return "true"; else return "false"; - if(predicate.equals("MOAZMRZahl")) + if(predicate.equals("MOAStammzahl")) return authData.getIdentificationValue(); + if (predicate.equals(MOAIdentificationValueType)) + return authData.getIdentificationType(); if(predicate.equals("MOAIPAddress")) return clientIPAddress; else diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/XMLLoginParameterResolver.java b/id.server/src/at/gv/egovernment/moa/id/proxy/XMLLoginParameterResolver.java index 3f7a6872c..3958bb206 100644 --- a/id.server/src/at/gv/egovernment/moa/id/proxy/XMLLoginParameterResolver.java +++ b/id.server/src/at/gv/egovernment/moa/id/proxy/XMLLoginParameterResolver.java @@ -184,7 +184,7 @@ public class XMLLoginParameterResolver implements LoginParameterResolver { String famName = resolveValue("MOAFamilyName", authData, clientIPAddress); String givenName = resolveValue("MOAGivenName", authData, clientIPAddress); String dateOfBirth = resolveValue("MOADateOfBirth", authData, clientIPAddress); - String bPK = resolveValue("MOAVPK", authData, clientIPAddress); + String bPK = resolveValue("MOABPK", authData, clientIPAddress); String userid = ""; String password = ""; LPRParams params = null; @@ -247,7 +247,7 @@ public class XMLLoginParameterResolver implements LoginParameterResolver { String famName = resolveValue("MOAFamilyName", authData, clientIPAddress); String givenName = resolveValue("MOAGivenName", authData, clientIPAddress); String dateOfBirth = resolveValue("MOADateOfBirth", authData, clientIPAddress); - String bPK = resolveValue("MOAVPK", authData, clientIPAddress); + String bPK = resolveValue("MOABPK", authData, clientIPAddress); String userid = ""; String password = ""; LPRParams params = null; @@ -293,8 +293,8 @@ public class XMLLoginParameterResolver implements LoginParameterResolver { return authData.getFamilyName(); if (predicate.equals("MOADateOfBirth")) return authData.getDateOfBirth(); - if (predicate.equals("MOAVPK")) - return authData.getVPK(); + if (predicate.equals("MOABPK")) + return authData.getPBK(); if (predicate.equals("MOAPublicAuthority")) if (authData.isPublicAuthority()) return "true"; @@ -307,8 +307,10 @@ public class XMLLoginParameterResolver implements LoginParameterResolver { return "true"; else return "false"; - if (predicate.equals("MOAZMRZahl")) + if (predicate.equals("MOAStammzahl")) return authData.getIdentificationValue(); + if (predicate.equals(MOAIdentificationValueType)) + return authData.getIdentificationType(); if (predicate.equals("MOAIPAddress")) return clientIPAddress; else diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/parser/AuthenticationDataAssertionParser.java b/id.server/src/at/gv/egovernment/moa/id/proxy/parser/AuthenticationDataAssertionParser.java index ce0743b3d..a78a8d587 100644 --- a/id.server/src/at/gv/egovernment/moa/id/proxy/parser/AuthenticationDataAssertionParser.java +++ b/id.server/src/at/gv/egovernment/moa/id/proxy/parser/AuthenticationDataAssertionParser.java @@ -40,7 +40,7 @@ public class AuthenticationDataAssertionParser implements Constants { private static String ATTRIBUTESTATEMENT_XPATH = SAML + "AttributeStatement/"; /** Prefix for Element NameIdentifier in an Xpath-expression */ - private static String VPK_XPATH = + private static String BPK_XPATH = ATTRIBUTESTATEMENT_XPATH + SAML + "Subject/" + SAML + "NameIdentifier"; @@ -51,10 +51,15 @@ public class AuthenticationDataAssertionParser implements Constants { SAML + "AttributeValue/" + PR + "Person/"; /** Prefix for Element Value in an Xpath-expression */ - private static String ZMRZAHL_XPATH = + private static String IDENTIFICATION_VALUE_XPATH = PERSONDATA_XPATH + PR + "Identification/" + PR + "Value"; + private static String IDENTIFICATION_TYPE_XPATH = + PERSONDATA_XPATH + + PR + "Identification/" + + PR + "Type"; + /** Prefix for Element GivenName in an Xpath-expression */ private static String GIVEN_NAME_XPATH = PERSONDATA_XPATH + @@ -112,10 +117,12 @@ public class AuthenticationDataAssertionParser implements Constants { XPathUtils.getAttributeValue(samlAssertion, ISSUER_XPATH, "")); authData.setIssueInstant( XPathUtils.getAttributeValue(samlAssertion, ISSUE_INSTANT_XPATH, "")); - authData.setVPK( - XPathUtils.getElementValue(samlAssertion, VPK_XPATH, "")); + authData.setPBK( + XPathUtils.getElementValue(samlAssertion, BPK_XPATH, "")); authData.setIdentificationValue( - XPathUtils.getElementValue(samlAssertion, ZMRZAHL_XPATH, "")); + XPathUtils.getElementValue(samlAssertion, IDENTIFICATION_VALUE_XPATH, "")); + authData.setIdentificationType( + XPathUtils.getElementValue(samlAssertion, IDENTIFICATION_TYPE_XPATH, "")); authData.setGivenName( XPathUtils.getElementValue(samlAssertion, GIVEN_NAME_XPATH, "")); authData.setFamilyName( diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ConfigurationServlet.java b/id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ConfigurationServlet.java index d6ec4951b..4ab2e2cf7 100644 --- a/id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ConfigurationServlet.java +++ b/id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ConfigurationServlet.java @@ -1,17 +1,18 @@ package at.gv.egovernment.moa.id.proxy.servlet; import java.io.IOException; -import java.io.PrintWriter; import java.text.DateFormat; import java.util.Date; import java.util.Locale; +import javax.servlet.ServletConfig; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import at.gv.egovernment.moa.id.proxy.MOAIDProxyInitializer; +import at.gv.egovernment.moa.id.util.HTTPRequestJSPForwarder; import at.gv.egovernment.moa.id.util.MOAIDMessageProvider; import at.gv.egovernment.moa.logging.Logger; @@ -22,9 +23,6 @@ import at.gv.egovernment.moa.logging.Logger; * @version $Id$ */ public class ConfigurationServlet extends HttpServlet { - /** The standard String for DTD Doc-type */ - private static final String DOC_TYPE = - "\n"; /** * Handle a HTTP GET request, used to indicated that the MOA @@ -36,13 +34,6 @@ public class ConfigurationServlet extends HttpServlet { throws ServletException, IOException { MOAIDMessageProvider msg = MOAIDMessageProvider.getInstance(); - PrintWriter out; - - response.setContentType("text/html"); - out = response.getWriter(); - out.println(DOC_TYPE); - out.println("MOA configuration update"); - out.println(""); try { MOAIDProxyInitializer.initialize(); @@ -50,21 +41,12 @@ public class ConfigurationServlet extends HttpServlet { { DateFormat.getTimeInstance(DateFormat.MEDIUM, Locale.GERMAN).format(new Date())} ); Logger.info(message); - //TODO low-priority: change to ErrorPage - out.println("

      "); - out.println(message); - out.println("

      "); + HTTPRequestJSPForwarder.forwardNamed(message, "/message-proxy.jsp", getServletContext(), request, response); } catch (Throwable t) { String errorMessage = msg.getMessage("config.04", null); Logger.error(errorMessage, t); - out.println("

      "); - out.println(errorMessage); - out.println("

      "); + HTTPRequestJSPForwarder.forwardNamed(errorMessage, "/message-proxy.jsp", getServletContext(), request, response); } - out.println(""); - - out.flush(); - out.close(); } /** @@ -77,4 +59,13 @@ public class ConfigurationServlet extends HttpServlet { doGet(request, response); } +/** + * Calls the web application initializer. + * + * @see javax.servlet.Servlet#init(ServletConfig) + */ +public void init(ServletConfig servletConfig) throws ServletException { + super.init(servletConfig); } + +} \ No newline at end of file diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ProxyServlet.java b/id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ProxyServlet.java index 362849fb1..7980778d9 100644 --- a/id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ProxyServlet.java +++ b/id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ProxyServlet.java @@ -3,7 +3,6 @@ package at.gv.egovernment.moa.id.proxy.servlet; import java.io.BufferedInputStream; import java.io.BufferedOutputStream; import java.io.IOException; -import java.io.OutputStream; import java.io.PrintWriter; import java.io.StringWriter; import java.net.HttpURLConnection; @@ -14,7 +13,9 @@ import java.util.Iterator; import java.util.Map; import javax.net.ssl.SSLSocketFactory; +import javax.servlet.RequestDispatcher; import javax.servlet.ServletConfig; +import javax.servlet.ServletContext; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; @@ -39,6 +40,7 @@ import at.gv.egovernment.moa.id.proxy.LoginParameterResolver; import at.gv.egovernment.moa.id.proxy.LoginParameterResolverException; import at.gv.egovernment.moa.id.proxy.LoginParameterResolverFactory; import at.gv.egovernment.moa.id.proxy.MOAIDProxyInitializer; +import at.gv.egovernment.moa.id.proxy.NotAllowedException; import at.gv.egovernment.moa.id.proxy.invoke.GetAuthenticationDataInvoker; import at.gv.egovernment.moa.id.util.MOAIDMessageProvider; import at.gv.egovernment.moa.id.util.SSLUtils; @@ -67,6 +69,8 @@ public class ProxyServlet extends HttpServlet { private static final String ATT_LOGIN_HEADERS = "LoginHeaders"; /** Name of the Attribute for the LoginParameters */ private static final String ATT_LOGIN_PARAMETERS = "LoginParameters"; + /** Name of the Attribute for the SAMLARTIFACT */ + private static final String ATT_SAML_ARTIFACT = "SamlArtifact"; /** * @see javax.servlet.http.HttpServlet#service(HttpServletRequest, HttpServletResponse) @@ -75,17 +79,25 @@ public class ProxyServlet extends HttpServlet { Logger.debug("getRequestURL:" + req.getRequestURL().toString()); try { - if (req.getParameter(PARAM_SAMLARTIFACT) != null && req.getParameter(PARAM_TARGET) != null) - login(req, resp); + if (req.getParameter(PARAM_SAMLARTIFACT) != null && req.getParameter(PARAM_TARGET) != null) { + + // check if SAML Artifact was already used in this session (in case of page reload) + HttpSession session = req.getSession(); + if(null != session && req.getParameter(PARAM_SAMLARTIFACT).equals(session.getAttribute(ATT_SAML_ARTIFACT))) { + tunnelRequest(req, resp); + } else + // it is the first time that the SAML Artifact was used + login(req, resp); + } else tunnelRequest(req, resp); } catch (MOAIDException ex) { - handleError(resp, ex.toString(), ex); + handleError(ex.getMessage(), ex, req, resp); } catch (Throwable ex) { - handleError(resp, ex.toString(), ex); - } + handleError(ex.getMessage(), ex, req, resp); + } } /** @@ -113,8 +125,15 @@ public class ProxyServlet extends HttpServlet { // String target = req.getParameter(PARAM_TARGET); parameter given but not processed // get authentication data from the MOA-ID Auth component - AuthenticationData authData = new GetAuthenticationDataInvoker().getAuthenticationData(samlArtifact); - + AuthenticationData authData; + try { + authData = new GetAuthenticationDataInvoker().getAuthenticationData(samlArtifact); + } catch (ServiceException ex) { + throw new ProxyException("proxy.14", new Object[] {ex}); + } catch (ProxyException ex) { + throw new ProxyException("proxy.14", new Object[] {ex}); + } + String urlRequested = req.getRequestURL().toString(); // read configuration data @@ -129,29 +148,34 @@ public class ProxyServlet extends HttpServlet { ConnectionParameter oaConnParam = oaParam.getConnectionParameter(); String realURLPrefix = oaConnParam.getUrl(); - // resolve login parameters to be forwarded to online application - LoginParameterResolver lpr = LoginParameterResolverFactory.getLoginParameterResolver(publicURLPrefix); + // resolve login parameters to be forwarded to online application + LoginParameterResolver lpr = + LoginParameterResolverFactory.getLoginParameterResolver(publicURLPrefix); String clientIPAddress = req.getRemoteAddr(); Map loginHeaders = null; Map loginParameters = null; try { - if (oaConf.getAuthType().equals(OAConfiguration.PARAM_AUTH)) - loginParameters = lpr.getAuthenticationParameters(oaConf, authData, clientIPAddress); - else - loginHeaders = lpr.getAuthenticationHeaders(oaConf, authData, clientIPAddress); - - } catch (LoginParameterResolverException ex) { - throw new ProxyException("proxy.13", new Object[] { publicURLPrefix }); - } + if (oaConf.getAuthType().equals(OAConfiguration.PARAM_AUTH)) + loginParameters = lpr.getAuthenticationParameters(oaConf, authData, clientIPAddress); + else + loginHeaders = lpr.getAuthenticationHeaders(oaConf, authData, clientIPAddress); + + } catch (LoginParameterResolverException ex) { + throw new ProxyException("proxy.13", new Object[] { publicURLPrefix }); + } catch (NotAllowedException e) { + throw new ProxyException("proxy.15", new Object[] { }); + } // setup SSLSocketFactory for communication with the online application SSLSocketFactory ssf = null; if (oaConnParam.isHTTPSURL()) { try { ssf = SSLUtils.getSSLSocketFactory(proxyConf, oaConnParam); - } - catch (Throwable ex) { - throw new ProxyException("proxy.05", new Object[] { oaConnParam.getUrl(), ex.toString()}, ex); + } catch (Throwable ex) { + throw new ProxyException( + "proxy.05", + new Object[] { oaConnParam.getUrl(), ex.toString()}, + ex); } } @@ -160,6 +184,7 @@ public class ProxyServlet extends HttpServlet { String loginType = oaConf.getLoginType(); Logger.debug("Login type: " + loginType); if (loginType.equals(OAConfiguration.LOGINTYPE_STATELESS)) { + HttpSession session = req.getSession(); int sessionTimeOut = oaParam.getSessionTimeOut(); if (sessionTimeOut == 0) @@ -170,24 +195,40 @@ public class ProxyServlet extends HttpServlet { session.setAttribute(ATT_SSL_SOCKET_FACTORY, ssf); session.setAttribute(ATT_LOGIN_HEADERS, loginHeaders); session.setAttribute(ATT_LOGIN_PARAMETERS, loginParameters); + session.setAttribute(ATT_SAML_ARTIFACT, samlArtifact); Logger.debug("moa-id-proxy: HTTPSession angelegt"); } - - // tunnel request to the online application - int respcode = tunnelRequest(req, resp, loginHeaders, loginParameters, publicURLPrefix, realURLPrefix, ssf); - if (respcode == 401) - { - Logger.debug("Got 401, trying again"); - respcode = tunnelRequest(req, resp, loginHeaders, loginParameters, publicURLPrefix, realURLPrefix, ssf); - if (respcode == 401) - throw new ProxyException("proxy.12", new Object[] { realURLPrefix}); - } - } - catch (ProxyException ex) { - throw new ProxyException("proxy.12", new Object[] { realURLPrefix}); - } - catch (Throwable ex) { + + // tunnel request to the online application + int respcode = + tunnelRequest( + req, + resp, + loginHeaders, + loginParameters, + publicURLPrefix, + realURLPrefix, + ssf); + if (respcode == 401) { + Logger.debug("Got 401, trying again"); + + respcode = + tunnelRequest( + req, + resp, + loginHeaders, + loginParameters, + publicURLPrefix, + realURLPrefix, + ssf); + if (respcode == 401) + throw new ProxyException("proxy.12", new Object[] { realURLPrefix }); + } + } catch (ProxyException ex) { + throw new ProxyException("proxy.12", new Object[] { realURLPrefix }); + + } catch (Throwable ex) { throw new ProxyException("proxy.04", new Object[] { urlRequested, ex.toString()}, ex); } } @@ -202,9 +243,15 @@ public class ProxyServlet extends HttpServlet { Logger.debug("Tunnel request (stateless)"); HttpSession session = req.getSession(false); + if (session == null) throw new ProxyException("proxy.07", null); String publicURLPrefix = (String) session.getAttribute(ATT_PUBLIC_URLPREFIX); + //A sesssion is automatically created when forwarded 1st time to errorpage-proxy.jsp (with the handleError method) + //additional check if publicURLPrefix is OK, if not throw an Exception + if (publicURLPrefix == null) + throw new ProxyException("proxy.07", null); + String realURLPrefix = (String) session.getAttribute(ATT_REAL_URLPREFIX); SSLSocketFactory ssf = (SSLSocketFactory) session.getAttribute(ATT_SSL_SOCKET_FACTORY); Map loginHeaders = (Map) session.getAttribute(ATT_LOGIN_HEADERS); @@ -487,6 +534,7 @@ private boolean isTransferEncodingChunkedHeader(String headerKey, String headerV * @see javax.servlet.Servlet#init(ServletConfig) */ public void init(ServletConfig servletConfig) throws ServletException { + super.init(servletConfig); try { MOAIDProxyInitializer.initialize(); Logger.info(MOAIDMessageProvider.getInstance().getMessage("proxy.00", null)); @@ -496,42 +544,47 @@ public void init(ServletConfig servletConfig) throws ServletException { throw new ServletException(ex); } } + /** - * Handles an error in proxying the request. + * Handles an error.
      *
        - *
      • Logs the error.
      • - *
      • Outputs an HTML error page.
      • + *
      • Logs the error
      • + *
      • Places error message and exception thrown into the request + * as request attributes (to be used by "/errorpage-proxy.jsp")
      • + *
      • Sets HTTP status 500 (internal server error)
      • *
      - * @param resp the HttpServletResponse - * @param errorMessage error message to be used - * @param ex the exception to be logged + * + * @param errorMessage error message + * @param exceptionThrown exception thrown + * @param req servlet request + * @param resp servlet response */ -private void handleError(HttpServletResponse resp, String errorMessage, Throwable ex) { - Logger.error(errorMessage, ex); - String htmlCode = - "" - + "" - + MOAIDMessageProvider.getInstance().getMessage("proxy.10", null) - + "" - + "

      " - + MOAIDMessageProvider.getInstance().getMessage("proxy.10", null) - + "

      " - + "

      " - + MOAIDMessageProvider.getInstance().getMessage("proxy.11", null) - + "

      " - + "

      " - + errorMessage - + "

      " - + ""; - resp.setContentType("text/html"); - try { - OutputStream respOut = resp.getOutputStream(); - respOut.write(htmlCode.getBytes()); - respOut.flush(); - } - catch (IOException ioex) { - Logger.error("", ioex); - } +protected void handleError( + String errorMessage, Throwable exceptionThrown, HttpServletRequest req, HttpServletResponse resp) { + + + if(null != errorMessage) { + Logger.error(errorMessage); + req.setAttribute("ErrorMessage", errorMessage ); + } + + if (null != exceptionThrown) { + if(null == errorMessage) errorMessage = exceptionThrown.getMessage(); + Logger.error(errorMessage, exceptionThrown); + //req.setAttribute("ExceptionThrown", exceptionThrown); + } + + //forward this to errorpage-proxy.jsp wher the HTML error page is generated + ServletContext context = getServletContext(); + RequestDispatcher dispatcher = context.getRequestDispatcher("/errorpage-proxy.jsp"); + try { + dispatcher.forward(req, resp); + } catch (ServletException e) { + Logger.error(e); + } catch (IOException e) { + Logger.error(e); + } + } } diff --git a/id.server/src/at/gv/egovernment/moa/id/util/HTTPRequestJSPForwarder.java b/id.server/src/at/gv/egovernment/moa/id/util/HTTPRequestJSPForwarder.java new file mode 100644 index 000000000..7c4731555 --- /dev/null +++ b/id.server/src/at/gv/egovernment/moa/id/util/HTTPRequestJSPForwarder.java @@ -0,0 +1,76 @@ +/* + * Created on 17.02.2004 + * + * To change the template for this generated file go to + * Window>Preferences>Java>Code Generation>Code and Comments + */ +package at.gv.egovernment.moa.id.util; + +import java.io.IOException; +import javax.servlet.ServletContext; +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import at.gv.egovernment.moa.logging.Logger; + +/** + * @author rschamberger + * + * To change the template for this generated type comment go to + * Window>Preferences>Java>Code Generation>Code and Comments + */ +public class HTTPRequestJSPForwarder { + + /** + * Forwards the HttpServletRequest to a customizable JSP Page and serves the Response.
      + *
        + *
      • Logs the message
      • + *
      + * + * @param message message text + * @param jspPageURI URI of the JSP page + * @param context the servlet context of the servlet belonging to the req, resp + * @param req servlet request + * @param resp servlet response + */ + public static void forwardNamed( + String message, + String jspPageURI, + ServletContext context, + HttpServletRequest req, + HttpServletResponse resp) { + + if (null != message) { + Logger.info(message); + req.setAttribute("Message", message); + } + + //forward this to the given jsp page where the HTML response is generated + try { + context.getRequestDispatcher(jspPageURI).forward(req, resp); + } catch (IOException e) { + Logger.error(e); + } catch (ServletException e) { + Logger.error(e); + } + } + + /** + * Forwards the HttpServletRequest to the customizable JSP Page 'message.jsp' and serves the Response.
      + *
        + *
      • Logs the message
      • + *
      + * + * @param message message text + * @param context the servlet context of the servlet belonging to the req, resp + * @param req servlet request + * @param resp servlet response + */ + public static void forwardDefault( + String message, + ServletContext context, + HttpServletRequest req, + HttpServletResponse resp) { + forwardNamed(message, "/message.jsp", context, req, resp); + } +} \ No newline at end of file diff --git a/id.server/src/at/gv/egovernment/moa/id/util/SSLUtils.java b/id.server/src/at/gv/egovernment/moa/id/util/SSLUtils.java index e0739d941..276f126c6 100644 --- a/id.server/src/at/gv/egovernment/moa/id/util/SSLUtils.java +++ b/id.server/src/at/gv/egovernment/moa/id/util/SSLUtils.java @@ -119,7 +119,7 @@ public class SSLUtils { String boolString = conf.getGenericConfigurationParameter(ConfigurationProvider.TRUST_MANAGER_REVOCATION_CHECKING); //not using BoolUtils because default value hast to be true! boolean checkRevocation = !("false".equals(boolString) || "0".equals(boolString)); - //TODO RS verify SSL Revocation handling + //TODO MOA-ID verify SSL Revocation handling PKIProfile profile = new PKIProfileImpl(trustStoreURL, checkRevocation); // This call fixes a bug occuring when PKIConfiguration is // initialized by the MOA-SP initialization code, in case diff --git a/id.server/src/test/abnahme/A/Test300VerifyAuthBlock.java b/id.server/src/test/abnahme/A/Test300VerifyAuthBlock.java index d9e69eba4..de4fe8fbf 100644 --- a/id.server/src/test/abnahme/A/Test300VerifyAuthBlock.java +++ b/id.server/src/test/abnahme/A/Test300VerifyAuthBlock.java @@ -11,7 +11,7 @@ import at.gv.egovernment.moa.id.ParseException; import at.gv.egovernment.moa.id.auth.AuthenticationServer; import at.gv.egovernment.moa.id.auth.builder.AuthenticationDataAssertionBuilder; import at.gv.egovernment.moa.id.auth.builder.PersonDataBuilder; -import at.gv.egovernment.moa.id.auth.builder.VPKBuilder; +import at.gv.egovernment.moa.id.auth.builder.BPKBuilder; import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse; @@ -563,9 +563,9 @@ public class Test300VerifyAuthBlock extends AbnahmeTestCase { authData.setAssertionID(Random.nextRandom()); authData.setIssuer(session.getAuthURL()); authData.setIssueInstant(DateTimeUtils.buildDateTime(Calendar.getInstance())); - String vpkBase64 = new VPKBuilder().buildVPK( - identityLink.getIdentificationValue(), identityLink.getDateOfBirth(), session.getTarget()); - authData.setVPK(vpkBase64); + String vpkBase64 = new BPKBuilder().buildBPK( + identityLink.getIdentificationValue(), session.getTarget()); + authData.setPBK(vpkBase64); authData.setGivenName(identityLink.getGivenName()); authData.setFamilyName(identityLink.getFamilyName()); authData.setDateOfBirth(identityLink.getDateOfBirth()); @@ -576,7 +576,7 @@ public class Test300VerifyAuthBlock extends AbnahmeTestCase { AuthConfigurationProvider.getInstance().getOnlineApplicationParameter( session.getPublicOAURLPrefix()); String prPerson = new PersonDataBuilder().build( - identityLink, oaParam.getProvideZMRZahl()); + identityLink, oaParam.getProvideStammzahl()); try { String ilAssertion = diff --git a/id.server/src/test/abnahme/P/Test100LoginParameterResolver.java b/id.server/src/test/abnahme/P/Test100LoginParameterResolver.java index 8b7b2002f..ede69dd8b 100644 --- a/id.server/src/test/abnahme/P/Test100LoginParameterResolver.java +++ b/id.server/src/test/abnahme/P/Test100LoginParameterResolver.java @@ -84,7 +84,7 @@ public class Test100LoginParameterResolver extends AbnahmeTestCase { String DATE_OF_BIRTH = "1963-12-29"; String VPK = "kp6hOq6LRAkLtrqm6EvDm6bMwJw="; authData.setDateOfBirth(DATE_OF_BIRTH); - authData.setVPK(VPK); + authData.setPBK(VPK); // resolve login parameters Map loginParameters = lpr.getAuthenticationParameters(oaConf, authData, CLIENT_IP_ADDRESS); @@ -115,11 +115,11 @@ public class Test100LoginParameterResolver extends AbnahmeTestCase { boolean PUBLIC_AUTH = true; String BKZ = "FinanzamtWien23Leitstelle"; boolean QUAL_CERT = false; - String ZMR_ZAHL = "3456789012"; + String STAMMZAHL = "3456789012"; authData.setPublicAuthority(PUBLIC_AUTH); authData.setPublicAuthorityCode(BKZ); authData.setQualifiedCertificate(QUAL_CERT); - authData.setIdentificationValue(ZMR_ZAHL); + authData.setIdentificationValue(STAMMZAHL); // resolve login headers Map loginHeaders = lpr.getAuthenticationHeaders(oaConf, authData, CLIENT_IP_ADDRESS); @@ -134,7 +134,7 @@ public class Test100LoginParameterResolver extends AbnahmeTestCase { assertEquals(String.valueOf(PUBLIC_AUTH), loginHeaders.get("Param1")); assertEquals(BKZ, loginHeaders.get("Param2")); assertEquals(String.valueOf(QUAL_CERT), loginHeaders.get("Param3")); - assertEquals(ZMR_ZAHL, loginHeaders.get("Param4")); + assertEquals(STAMMZAHL, loginHeaders.get("Param4")); assertEquals(CLIENT_IP_ADDRESS, loginHeaders.get("Param5")); System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); } diff --git a/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureBuilderTest.java b/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureBuilderTest.java index 13f86efee..ebc61e5c4 100644 --- a/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureBuilderTest.java +++ b/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureBuilderTest.java @@ -51,7 +51,7 @@ TRANSFORMS_INFO + public void testBuild() throws Exception { String request = new CreateXMLSignatureRequestBuilder().build( - AuthenticationBlockAssertionBuilderTest.ASSERTION_SHOULD, + AuthenticationBlockAssertionBuilderTest.ASSERTION_SHOULD, "SecureSignatureKeypair", new String[] {TRANSFORMS_INFO}); assertXmlEquals(REQUEST_SHOULD, request); } diff --git a/id.server/src/test/at/gv/egovernment/moa/id/config/auth/MOAIDAuthConfigurationProviderTest.java b/id.server/src/test/at/gv/egovernment/moa/id/config/auth/MOAIDAuthConfigurationProviderTest.java index 7935c5179..655c33fd9 100644 --- a/id.server/src/test/at/gv/egovernment/moa/id/config/auth/MOAIDAuthConfigurationProviderTest.java +++ b/id.server/src/test/at/gv/egovernment/moa/id/config/auth/MOAIDAuthConfigurationProviderTest.java @@ -77,12 +77,12 @@ public class MOAIDAuthConfigurationProviderTest extends UnitTestCase { OAAuthParameter[] result = provider.getOnlineApplicationParameters(); assertEquals(result[0].getPublicURLPrefix(),"StringOALoginURL"); - assertEquals(result[0].getProvideZMRZahl(),false); + assertEquals(result[0].getProvideStammzahl(),false); assertEquals(result[0].getProvideAuthBlock(),false); assertEquals(result[0].getProvideIdentityLink(),false); assertEquals(result[1].getPublicURLPrefix(),"StringOALoginURL2"); - assertEquals(result[1].getProvideZMRZahl(),true); + assertEquals(result[1].getProvideStammzahl(),true); assertEquals(result[1].getProvideAuthBlock(),true); assertEquals(result[1].getProvideIdentityLink(),true); @@ -90,7 +90,7 @@ public class MOAIDAuthConfigurationProviderTest extends UnitTestCase { /* for (int i = 0; i < result.length; i++) { System.out.println(); System.out.println("getOnlineApplicationParameters Url: " + result[i].getUrl()); - System.out.println("getOnlineApplicationParameters ProvideZMRZahl: " + result[i].getProvideZMRZahl()); + System.out.println("getOnlineApplicationParameters ProvideStammzahl: " + result[i].getProvideStammzahl()); System.out.println("getOnlineApplicationParameters ProvideAuthBlock: " + result[i].getProvideAuthBlock()); System.out.println("getOnlineApplicationParameters ProvideIdentityLink: " + result[i].getProvideIdentityLink()); }*/ diff --git a/id.server/src/test/at/gv/egovernment/moa/id/config/proxy/MOAIDProxyConfigurationProviderTest.java b/id.server/src/test/at/gv/egovernment/moa/id/config/proxy/MOAIDProxyConfigurationProviderTest.java index 12eddf8c3..ec6a65581 100644 --- a/id.server/src/test/at/gv/egovernment/moa/id/config/proxy/MOAIDProxyConfigurationProviderTest.java +++ b/id.server/src/test/at/gv/egovernment/moa/id/config/proxy/MOAIDProxyConfigurationProviderTest.java @@ -105,14 +105,14 @@ public class MOAIDProxyConfigurationProviderTest extends UnitTestCase { OAConfiguration oac1 = result[0].getOaConfiguration(); assertEquals(OAConfiguration.PARAM_AUTH, oac1.getAuthType()); assertEquals("MOADateOfBirth", oac1.getParamAuthMapping().get("Param1")); - assertEquals("MOAVPK", oac1.getParamAuthMapping().get("Param2")); + assertEquals("MOABPK", oac1.getParamAuthMapping().get("Param2")); // sollte HeaderAuth sein OAConfiguration oac2 = result[1].getOaConfiguration(); assertEquals(OAConfiguration.HEADER_AUTH, oac2.getAuthType()); assertEquals("MOAPublicAuthority", oac2.getHeaderAuthMapping().get("Param1")); assertEquals("MOABKZ", oac2.getHeaderAuthMapping().get("Param2")); assertEquals("MOAQualifiedCertificate", oac2.getHeaderAuthMapping().get("Param3")); - assertEquals("MOAZMRZahl", oac2.getHeaderAuthMapping().get("Param4")); + assertEquals("MOAStammzahl", oac2.getHeaderAuthMapping().get("Param4")); assertEquals("MOAIPAddress", oac2.getHeaderAuthMapping().get("Param5")); // sollte BasicAuth sein diff --git a/id.server/src/test/at/gv/egovernment/moa/id/proxy/parser/SAMLResponseParserTest.java b/id.server/src/test/at/gv/egovernment/moa/id/proxy/parser/SAMLResponseParserTest.java index 39e7240d1..69e5958bf 100644 --- a/id.server/src/test/at/gv/egovernment/moa/id/proxy/parser/SAMLResponseParserTest.java +++ b/id.server/src/test/at/gv/egovernment/moa/id/proxy/parser/SAMLResponseParserTest.java @@ -170,7 +170,7 @@ public class SAMLResponseParserTest extends UnitTestCase { assertEquals("http://localhost:8080/moa-id-auth/", authData.getIssuer()); assertEquals("2003-04-02T14:55:42+02:00", authData.getIssueInstant()); assertEquals("123456789012", authData.getIdentificationValue()); - assertEquals("MTk2OC0xMC0yMmdi", authData.getVPK()); + assertEquals("MTk2OC0xMC0yMmdi", authData.getPBK()); assertEquals("Hermann", authData.getGivenName()); assertEquals("Muster", authData.getFamilyName()); assertEquals("1968-10-22", authData.getDateOfBirth()); -- cgit v1.2.3