From 5c345b6a0cd34a8c853aa274b081e70589b44da3 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Tue, 16 Jul 2013 14:05:53 +0200 Subject: create DB Config and legacy config parser Split MOASession database from config database --- .../moa/id/auth/MOAIDAuthInitializer.java | 3 + .../id/config/auth/AuthConfigurationProvider.java | 100 ++- .../id/config/legacy/BuildFromLegacyConfig.java | 504 +++++++++++ .../gv/egovernment/moa/id/moduls/SSOManager.java | 7 +- .../moa/id/storage/AssertionStorage.java | 12 +- .../id/storage/AuthenticationSessionStoreage.java | 20 +- id/server/moa-id-commons/.classpath | 1 + id/server/moa-id-commons/pom.xml | 58 +- .../moa/id/commons/db/ConfigurationDBUtils.java | 42 + .../moa/id/commons/db/ConfigurationUtil.java | 201 +++++ .../gv/egovernment/moa/id/commons/db/DBUtils.java | 33 - .../moa/id/commons/db/HibernateUtil.java | 166 ---- .../moa/id/commons/db/MOASessionUtil.java | 170 ++++ .../id/commons/db/dao/session/AssertionStore.java | 19 +- .../db/dao/session/AuthenticatedSessionStore.java | 10 +- .../src/main/resources/config/bindings.xjb | 10 + .../src/main/resources/config/hibernate.cfg.xml | 14 + .../src/main/resources/config/moaid_config_2.0.xsd | 943 +++++++++++++++++++++ .../main/resources/config/persistence_template.xml | 10 + .../src/main/resources/hibernate.cfg.xml | 14 - 20 files changed, 2059 insertions(+), 278 deletions(-) create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java create mode 100644 id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBUtils.java create mode 100644 id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationUtil.java delete mode 100644 id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/DBUtils.java delete mode 100644 id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/HibernateUtil.java create mode 100644 id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/MOASessionUtil.java create mode 100644 id/server/moa-id-commons/src/main/resources/config/bindings.xjb create mode 100644 id/server/moa-id-commons/src/main/resources/config/hibernate.cfg.xml create mode 100644 id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd create mode 100644 id/server/moa-id-commons/src/main/resources/config/persistence_template.xml delete mode 100644 id/server/moa-id-commons/src/main/resources/hibernate.cfg.xml diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java index cef9f9ff9..e23b26417 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java @@ -143,6 +143,7 @@ public class MOAIDAuthInitializer { // Loads the configuration AuthConfigurationProvider authConf = AuthConfigurationProvider.reload(); + ConnectionParameter moaSPConnParam = authConf .getMoaSpConnectionParameter(); @@ -175,6 +176,8 @@ public class MOAIDAuthInitializer { AxisSecureSocketFactory.initialize(ssf); } + + //TODO: Set TimeOuts!!! // sets the authentication session and authentication data time outs String param = authConf .getGenericConfigurationParameter(AuthConfigurationProvider.AUTH_SESSION_TIMEOUT_PROPERTY); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java index d85d61bc7..6f1af9842 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java @@ -38,7 +38,10 @@ import org.hibernate.cfg.Configuration; import org.w3c.dom.Element; import org.w3c.dom.Node; -import at.gv.egovernment.moa.id.commons.db.HibernateUtil; +import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; +import at.gv.egovernment.moa.id.commons.db.ConfigurationUtil; +import at.gv.egovernment.moa.id.commons.db.MOASessionUtil; +import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; import at.gv.egovernment.moa.id.commons.db.dao.session.AssertionStore; import at.gv.egovernment.moa.id.commons.db.dao.session.AuthenticatedSessionStore; import at.gv.egovernment.moa.id.commons.db.dao.session.OASessionStore; @@ -276,37 +279,69 @@ public class AuthConfigurationProvider extends ConfigurationProvider { } catch (IOException e) { } } - try { - // determine the directory of the root config file - rootConfigFileDir = new File(fileName).getParent(); - try { - rootConfigFileDir = new File(rootConfigFileDir).toURL().toString(); - } catch (MalformedURLException t) { - throw new ConfigurationException("config.03", null, t); - } - + try { + //Initial Hibernate Framework - //TODO: Full update to new MOA-ID configuration!!! Logger.trace("Initializing Hibernate framework."); - + + //Load MOAID-2.0 properties file String propertiesFileLocation = System.getProperty("moa.id.config"); MiscUtil.assertNotNull(propertiesFileLocation, "propertiesFileName"); File propertiesFile = new File(propertiesFileLocation); FileInputStream fis; Properties props = new Properties(); + + //TODO: determine from new config file path + // determine the directory of the root config file + rootConfigFileDir = new File(fileName).getParent(); + + try { + rootConfigFileDir = new File(rootConfigFileDir).toURL().toString(); + + } catch (MalformedURLException t) { + throw new ConfigurationException("config.03", null, t); + } + try { fis = new FileInputStream(propertiesFile); props.load(fis); + + // read MOAID Session Hibernate properties + Properties moaSessionProp = new Properties(); + for (Object key : props.keySet()) { + String propPrefix = "moasession."; + if (key.toString().startsWith(propPrefix)) { + String propertyName = key.toString().substring(propPrefix.length()); + moaSessionProp.put(propertyName, props.get(key.toString())); + } + } + + // read Config Hibernate properties + Properties configProp = new Properties(); + for (Object key : props.keySet()) { + String propPrefix = "configuration."; + if (key.toString().startsWith(propPrefix)) { + String propertyName = key.toString().substring(propPrefix.length()); + configProp.put(propertyName, props.get(key.toString())); + } + } + // initialize hibernate synchronized (AuthConfigurationProvider.class) { - Configuration hibernateConfig = new Configuration(); - hibernateConfig.addAnnotatedClass(AssertionStore.class); - hibernateConfig.addAnnotatedClass(AuthenticatedSessionStore.class); - hibernateConfig.addAnnotatedClass(OASessionStore.class); - hibernateConfig.addAnnotatedClass(OldSSOSessionIDStore.class); - hibernateConfig.addProperties(props); - HibernateUtil.initHibernate(hibernateConfig, props); + + //Initial config Database + ConfigurationUtil.initHibernate(configProp); + + //initial MOAID Session Database + Configuration config = new Configuration(); + config.addAnnotatedClass(AssertionStore.class); + config.addAnnotatedClass(AuthenticatedSessionStore.class); + config.addAnnotatedClass(OASessionStore.class); + config.addAnnotatedClass(OldSSOSessionIDStore.class); + config.addProperties(moaSessionProp); + MOASessionUtil.initHibernate(config, moaSessionProp); + } Logger.trace("Hibernate initialization finished."); @@ -327,8 +362,19 @@ public class AuthConfigurationProvider extends ConfigurationProvider { Logger.debug("OpenSAML successfully initialized"); + //TODO: load from Legacy if legacy.xml.configuration != null +// MOAIDConfiguration moaconfig = BuildFromLegacyConfig.build(fileName, rootConfigFileDir); +// ConfigurationUtil.save(moaconfig); + + //TODO: Save MOAID 2.0 config to XML +// JAXBContext jc = JAXBContext.newInstance("at.gv.egovernment.moa.id.commons.db.dao.config"); +// Marshaller m = jc.createMarshaller(); +// m.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, true); +// File test = new File("D:/moa2.0_config.xml"); +// m.marshal(moaconfig, test); + - // build the internal datastructures +// // build the internal datastructures builder = new ConfigurationBuilder(configElem, rootConfigFileDir); bKUConnectionParameter = builder.buildAuthBKUConnectionParameter(); bKUSelectable = (bKUConnectionParameter!=null); @@ -399,14 +445,17 @@ public class AuthConfigurationProvider extends ConfigurationProvider { // } // return transformsInfos; // } + + /** * Return a string array with all filenames leading * to the Transforms Information for the Security Layer * @return String[] of filenames to the Security Layer Transforms Information */ - public String[] getTransformsInfoFileNames() { - return transformsInfoFileNames; - } + //TODO: only for testing +// public String[] getTransformsInfoFileNames() { +// return transformsInfoFileNames; +// } /** * Build an array of the OnlineApplication Parameters containing information @@ -428,7 +477,10 @@ public class AuthConfigurationProvider extends ConfigurationProvider { * if none is applicable */ public OAAuthParameter getOnlineApplicationParameter(String oaURL) { - OAAuthParameter[] oaParams = getOnlineApplicationParameters(); + +// return ConfigurationDBUtils.getOnlineApplication(oaURL); + + OAAuthParameter[] oaParams = getOnlineApplicationParameters(); for (int i = 0; i < oaParams.length; i++) { OAAuthParameter oaParam = oaParams[i]; if (oaURL.indexOf(oaParam.getPublicURLPrefix()) == 0) diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java new file mode 100644 index 000000000..62f85fa3c --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java @@ -0,0 +1,504 @@ +package at.gv.egovernment.moa.id.config.legacy; + +import iaik.util.logging.Log; + +import java.io.BufferedInputStream; +import java.io.FileInputStream; +import java.io.IOException; +import java.io.InputStream; +import java.math.BigInteger; +import java.util.ArrayList; +import java.util.Arrays; +import java.util.Collections; +import java.util.List; +import java.util.Map; +import java.util.Set; + +import org.opensaml.saml2.metadata.RequestedAttribute; +import org.opensaml.xml.XMLObject; +import org.w3c.dom.Element; + +import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentGeneral; +import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA; +import at.gv.egovernment.moa.id.commons.db.dao.config.BKUURLS; +import at.gv.egovernment.moa.id.commons.db.dao.config.CPEPS; +import at.gv.egovernment.moa.id.commons.db.dao.config.ChainingModeType; +import at.gv.egovernment.moa.id.commons.db.dao.config.ChainingModes; +import at.gv.egovernment.moa.id.commons.db.dao.config.ClientKeyStore; +import at.gv.egovernment.moa.id.commons.db.dao.config.ConnectionParameterClientAuthType; +import at.gv.egovernment.moa.id.commons.db.dao.config.Contact; +import at.gv.egovernment.moa.id.commons.db.dao.config.DefaultBKUs; +import at.gv.egovernment.moa.id.commons.db.dao.config.ForeignIdentities; +import at.gv.egovernment.moa.id.commons.db.dao.config.GeneralConfiguration; +import at.gv.egovernment.moa.id.commons.db.dao.config.IdentificationNumber; +import at.gv.egovernment.moa.id.commons.db.dao.config.IdentityLinkSigners; +import at.gv.egovernment.moa.id.commons.db.dao.config.KeyName; +import at.gv.egovernment.moa.id.commons.db.dao.config.KeyStore; +import at.gv.egovernment.moa.id.commons.db.dao.config.LegacyAllowed; +import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration; +import at.gv.egovernment.moa.id.commons.db.dao.config.MOAKeyBoxSelector; +import at.gv.egovernment.moa.id.commons.db.dao.config.MOASP; +import at.gv.egovernment.moa.id.commons.db.dao.config.Mandates; +import at.gv.egovernment.moa.id.commons.db.dao.config.OAPVP2; +import at.gv.egovernment.moa.id.commons.db.dao.config.OASAML1; +import at.gv.egovernment.moa.id.commons.db.dao.config.OASSO; +import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; +import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineMandates; +import at.gv.egovernment.moa.id.commons.db.dao.config.Organization; +import at.gv.egovernment.moa.id.commons.db.dao.config.PVP2; +import at.gv.egovernment.moa.id.commons.db.dao.config.Protocols; +import at.gv.egovernment.moa.id.commons.db.dao.config.RequestedAttributeType; +import at.gv.egovernment.moa.id.commons.db.dao.config.SAMLSigningParameter; +import at.gv.egovernment.moa.id.commons.db.dao.config.SLRequestTemplates; +import at.gv.egovernment.moa.id.commons.db.dao.config.SSO; +import at.gv.egovernment.moa.id.commons.db.dao.config.STORK; +import at.gv.egovernment.moa.id.commons.db.dao.config.SecurityLayer; +import at.gv.egovernment.moa.id.commons.db.dao.config.SignatureCreationParameterType; +import at.gv.egovernment.moa.id.commons.db.dao.config.SignatureVerificationParameterType; +import at.gv.egovernment.moa.id.commons.db.dao.config.TemplateType; +import at.gv.egovernment.moa.id.commons.db.dao.config.TemplatesType; +import at.gv.egovernment.moa.id.commons.db.dao.config.TimeOuts; +import at.gv.egovernment.moa.id.commons.db.dao.config.TransformsInfoType; +import at.gv.egovernment.moa.id.commons.db.dao.config.TrustAnchor; +import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyAuthBlock; +import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyIdentityLink; +import at.gv.egovernment.moa.id.config.ConfigurationBuilder; +import at.gv.egovernment.moa.id.config.ConfigurationException; +import at.gv.egovernment.moa.id.config.ConfigurationProvider; +import at.gv.egovernment.moa.id.config.ConnectionParameter; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; +import at.gv.egovernment.moa.id.config.auth.VerifyInfoboxParameters; +import at.gv.egovernment.moa.id.config.stork.STORKConfig; +import at.gv.egovernment.moa.id.data.IssuerAndSerial; +import at.gv.egovernment.moa.util.Base64Utils; +import at.gv.egovernment.moa.util.DOMUtils; +import at.gv.egovernment.moa.util.MiscUtil; + +public class BuildFromLegacyConfig { + + private static final String GENERIC_CONFIG_PARAM_SOURCEID = "AuthenticationServer.SourceID"; + + public static MOAIDConfiguration build(String fileName, String rootConfigFileDir) throws ConfigurationException { + InputStream stream = null; + Element configElem; + ConfigurationBuilder builder; + + Log.info("Load Legacy-Configuration from file=" + fileName); + + try { + // load the main config file + stream = new BufferedInputStream(new FileInputStream(fileName)); + configElem = DOMUtils.parseXmlValidating(stream); + + } catch (Throwable t) { + throw new ConfigurationException("config.03", null, t); + } + + finally { + try { + if (stream != null) { + stream.close(); + } + } catch (IOException e) { + + } + } + + try { + // build the internal datastructures + builder = new ConfigurationBuilder(configElem, rootConfigFileDir); + + + MOAIDConfiguration moaIDConfig = new MOAIDConfiguration(); + + AuthComponentGeneral generalAuth = new AuthComponentGeneral(); + moaIDConfig.setAuthComponentGeneral(generalAuth); + + + //not supported by MOA-ID 2.0 + //ConnectionParameter bKUConnectionParameter = builder.buildAuthBKUConnectionParameter(); + //bKUSelectable = (bKUConnectionParameter!=null); + //bKUSelectionType = builder.buildAuthBKUSelectionType(); + + + //Load generic Config + Map genericConfiguration = builder.buildGenericConfiguration(); + GeneralConfiguration authGeneral = new GeneralConfiguration(); + if (genericConfiguration.containsKey(GENERIC_CONFIG_PARAM_SOURCEID)) + authGeneral.setAlternativeSourceID( + (String)genericConfiguration.get(GENERIC_CONFIG_PARAM_SOURCEID)); + + if (genericConfiguration.containsKey(ConfigurationProvider.TRUST_MANAGER_REVOCATION_CHECKING)) + authGeneral.setTrustManagerRevocationChecking( + Boolean.valueOf((String)genericConfiguration.get(ConfigurationProvider.TRUST_MANAGER_REVOCATION_CHECKING))); + + if (genericConfiguration.containsKey(ConfigurationProvider.DIRECTORY_CERTSTORE_PARAMETER_PROPERTY)) + authGeneral.setCertStoreDirectory( + (String)genericConfiguration.get(ConfigurationProvider.DIRECTORY_CERTSTORE_PARAMETER_PROPERTY)); + + + //Load Assertion and Session timeouts + TimeOuts timeOuts = new TimeOuts(); + if (genericConfiguration.containsKey(AuthConfigurationProvider.AUTH_DATA_TIMEOUT_PROPERTY)) + timeOuts.setAssertion(BigInteger.valueOf(Long.valueOf((String)genericConfiguration.get(AuthConfigurationProvider.AUTH_DATA_TIMEOUT_PROPERTY)))); + else + timeOuts.setAssertion(BigInteger.valueOf(2*60)); //default 2min + + if (genericConfiguration.containsKey(AuthConfigurationProvider.AUTH_SESSION_TIMEOUT_PROPERTY)) + timeOuts.setAssertion(BigInteger.valueOf(Long.valueOf((String)genericConfiguration.get(AuthConfigurationProvider.AUTH_SESSION_TIMEOUT_PROPERTY)))); + else + timeOuts.setAssertion(BigInteger.valueOf(30*60)); //default 30min + + timeOuts.setMOASessionUpdated(BigInteger.valueOf(15*60)); //default 15min + authGeneral.setTimeOuts(timeOuts); + generalAuth.setGeneralConfiguration(authGeneral); + + + //TODO: set Protocols!!!! + Protocols auth_protocols = new Protocols(); + generalAuth.setProtocols(auth_protocols); + + LegacyAllowed prot_legacy = new LegacyAllowed(); + auth_protocols.setLegacyAllowed(prot_legacy); + final List PROTOCOLS_LEGACY_ALLOWED = Arrays.asList("id_saml1","id_pvp2x"); //TODO: set default values + prot_legacy.setProtocolName(PROTOCOLS_LEGACY_ALLOWED); + + //TODO: remove beta test values + PVP2 prot_pvp2 = new PVP2(); + auth_protocols.setPVP2(prot_pvp2); + prot_pvp2.setPublicURLPrefix("https://labda.iaik.tugraz.at:8443/moa-id-auth/"); + + Organization pvp2_org = new Organization(); + prot_pvp2.setOrganization(pvp2_org); + pvp2_org.setDisplayName("OrganisationDisplayName"); + pvp2_org.setName("OrganisatioName"); + pvp2_org.setURL("http://www.egiz.gv.at"); + + Contact pvp2_contact = new Contact(); + prot_pvp2.setContact(pvp2_contact); + pvp2_contact.setCompany("OrganisationDisplayName"); + pvp2_contact.setGivenName("Max"); + pvp2_contact.setMail("max@muster.mann"); + pvp2_contact.setPhone("01 5555 5555"); + pvp2_contact.setSurName("Mustermann"); + pvp2_contact.setType("technical"); + + + //SSO + SSO auth_sso = new SSO(); + generalAuth.setSSO(auth_sso); + auth_sso.setTarget("BF"); + auth_sso.setFriendlyName("EGIZ MOAID 2.0 Beta"); + + + //set SecurityLayer Transformations + String[] transformsInfoFileNames = builder.buildTransformsInfoFileNames(builder.getConfigElem(), ConfigurationBuilder.AUTH_SECLAYER_TRANSFORMS_INFO_FILENAME_XPATH); + String[] transformsInfos = builder.loadTransformsInfos(transformsInfoFileNames); + + List auth_transformInfos = new ArrayList(); + for (String transformInfo : transformsInfos) { + TransformsInfoType transforminfotype = new TransformsInfoType(); + transforminfotype.setFilename(""); + //TODO: Transformation is stored in BASE64 + transforminfotype.setTransformation(Base64Utils.encode(transformInfo.getBytes()).getBytes()); + auth_transformInfos.add(transforminfotype); + } + SecurityLayer auth_securityLayer = new SecurityLayer(); + auth_securityLayer.setTransformsInfo(auth_transformInfos); + generalAuth.setSecurityLayer(auth_securityLayer); + + + //set MOASP configuration + MOASP auth_moaSP = new MOASP(); + generalAuth.setMOASP(auth_moaSP); + + //set MOASP connection + ConnectionParameter moaSpConnectionParameter = builder.buildMoaSpConnectionParameter(); + if (moaSpConnectionParameter != null) { + ConnectionParameterClientAuthType auth_moaSP_connection = + parseConnectionParameterClientAuth(moaSpConnectionParameter); + auth_moaSP.setConnectionParameter(auth_moaSP_connection); + } + + //set VerifyIdentityLink + String moaSpIdentityLinkTrustProfileID = builder.getMoaSpIdentityLinkTrustProfileID(); + VerifyIdentityLink auth_moaSP_verifyIdentityLink = new VerifyIdentityLink(); + auth_moaSP_verifyIdentityLink.setTrustProfileID(moaSpIdentityLinkTrustProfileID); + auth_moaSP.setVerifyIdentityLink(auth_moaSP_verifyIdentityLink); + + //set VerifyAuthBlock + String moaSpAuthBlockTrustProfileID = builder.getMoaSpAuthBlockTrustProfileID(); + VerifyAuthBlock auth_moaSP_verifyAuthBlock = new VerifyAuthBlock(); + auth_moaSP_verifyAuthBlock.setTrustProfileID(moaSpAuthBlockTrustProfileID); + String[] moaSpAuthBlockVerifyTransformsInfoIDs = builder.buildMoaSpAuthBlockVerifyTransformsInfoIDs(); + List transformlist = new ArrayList(); + Collections.addAll(transformlist, moaSpAuthBlockVerifyTransformsInfoIDs); + auth_moaSP_verifyAuthBlock.setVerifyTransformsInfoProfileID(transformlist); + auth_moaSP.setVerifyAuthBlock(auth_moaSP_verifyAuthBlock); + + + //TODO: check correctness!!! + //set IdentityLinkSigners + IdentityLinkSigners auth_idsigners = new IdentityLinkSigners(); + generalAuth.setIdentityLinkSigners(auth_idsigners); + List identityLinkX509SubjectNames = builder.getIdentityLink_X509SubjectNames(); + auth_idsigners.setX509SubjectName(identityLinkX509SubjectNames); + + + //not supported by MOA-ID 2.0 + VerifyInfoboxParameters defaultVerifyInfoboxParameters = null; +// Node defaultVerifyInfoboxParamtersElem = XPathUtils.selectSingleNode(configElem, ConfigurationBuilder.AUTH_VERIFY_INFOBOXES_XPATH); +// if (defaultVerifyInfoboxParamtersElem != null) { +// defaultVerifyInfoboxParameters = +// builder.buildVerifyInfoboxParameters((Element)defaultVerifyInfoboxParamtersElem, null, moaSpIdentityLinkTrustProfileID); +// } + + + //Set ForeignIdentities + ForeignIdentities auth_foreign = new ForeignIdentities(); + generalAuth.setForeignIdentities(auth_foreign); + + //set Connection parameters + ConnectionParameter foreignIDConnectionParameter = builder.buildForeignIDConnectionParameter(); + ConnectionParameterClientAuthType auth_foreign_connection = + parseConnectionParameterClientAuth(foreignIDConnectionParameter); + auth_foreign.setConnectionParameter(auth_foreign_connection); + + //set STORK configuration + STORKConfig storkConfig = new STORKConfig(builder.buildSTORKSignatureCreationParameter(),builder.buildSTORKSignatureVerificationParameter(), builder.buildSTORKcPEPSMap()); + STORK auth_foreign_stork = new STORK(); + auth_foreign.setSTORK(auth_foreign_stork); + + //set CPEPS + Map map = storkConfig.getCpepsMap(); + Set map_keys = map.keySet(); + List auth_foreign_stork_cpeps = new ArrayList(); + for (String key : map_keys) { + CPEPS cpep = new CPEPS(); + cpep.setCountryCode(map.get(key).getCountryCode()); + cpep.setURL(map.get(key).getPepsURL().toExternalForm()); //check correctness!!!! + + List cpep_reqs = new ArrayList(); + List map1 = map.get(key).getCountrySpecificRequestedAttributes(); + for (RequestedAttribute e1 : map1) { + RequestedAttributeType cpep_req = new RequestedAttributeType(); + cpep_req.setIsRequired(e1.isRequired()); + cpep_req.setFriendlyName(e1.getFriendlyName()); + cpep_req.setNameFormat(e1.getNameFormat()); + cpep_req.setName(e1.getName()); + + List e2s = e1.getAttributeValues(); + List cpep_req_attr = new ArrayList(); + for (XMLObject e2 : e2s) { + cpep_req_attr.add(e2); + } + cpep_req.setAttributeValue(cpep_req_attr); + } + cpep.setRequestedAttribute(cpep_reqs); + auth_foreign_stork_cpeps.add(cpep); + } + auth_foreign_stork.setCPEPS(auth_foreign_stork_cpeps); + + //set SAMLSigningParameter + SAMLSigningParameter auth_foreign_stork_samlSign = new SAMLSigningParameter(); + auth_foreign_stork.setSAMLSigningParameter(auth_foreign_stork_samlSign); + + SignatureCreationParameterType stork_saml_creat = new SignatureCreationParameterType(); + auth_foreign_stork_samlSign.setSignatureCreationParameter(stork_saml_creat); + KeyStore stork_saml_creat_keystore = new KeyStore(); + stork_saml_creat.setKeyStore(stork_saml_creat_keystore); + stork_saml_creat_keystore.setPassword(storkConfig.getSignatureCreationParameter().getKeyStorePassword()); + stork_saml_creat_keystore.setValue(storkConfig.getSignatureCreationParameter().getKeyStorePath()); + KeyName stork_saml_creat_keyname = new KeyName(); + stork_saml_creat.setKeyName(stork_saml_creat_keyname); + stork_saml_creat_keyname.setValue(storkConfig.getSignatureCreationParameter().getKeyName()); + stork_saml_creat_keyname.setPassword(storkConfig.getSignatureCreationParameter().getKeyPassword()); + + SignatureVerificationParameterType stork_saml_verify = new SignatureVerificationParameterType(); + auth_foreign_stork_samlSign.setSignatureVerificationParameter(stork_saml_verify); + stork_saml_verify.setTrustProfileID(storkConfig.getSignatureVerificationParameter().getTrustProfileID()); + + //TODO: check correctness + //set QualityAuthenticationAssurance + //set RequestedAttbutes + + + //set OnlineMandates config + ConnectionParameter onlineMandatesConnectionParameter = builder.buildOnlineMandatesConnectionParameter(); + OnlineMandates auth_mandates = new OnlineMandates(); + generalAuth.setOnlineMandates(auth_mandates); + auth_mandates.setConnectionParameter( + parseConnectionParameterClientAuth(onlineMandatesConnectionParameter)); + + + //TODO: add auth template configuration!!! + + + //set OnlineApplications + OAAuthParameter[] onlineApplicationAuthParameters = builder.buildOnlineApplicationAuthParameters(defaultVerifyInfoboxParameters, moaSpIdentityLinkTrustProfileID); + ArrayList moa_oas = new ArrayList(); + moaIDConfig.setOnlineApplication(moa_oas); + for (OAAuthParameter oa : onlineApplicationAuthParameters) { + OnlineApplication moa_oa = new OnlineApplication(); + + //set general OA configuration + moa_oa.setCalculateHPI(false); //TODO: Bernd fragen warum das nicht direkt über den Bereichsidentifyer definert wird + moa_oa.setFriendlyName(oa.getFriendlyName()); + moa_oa.setKeyBoxIdentifier(MOAKeyBoxSelector.fromValue(oa.getKeyBoxIdentifier())); //TODO: check correctness + moa_oa.setPublicURLPrefix(oa.getPublicURLPrefix()); + moa_oa.setTarget(oa.getTarget()); + moa_oa.setTargetFriendlyName(oa.getTargetFriendlyName()); + moa_oa.setType(oa.getOaType()); + + + AuthComponentOA oa_auth = new AuthComponentOA(); + moa_oa.setAuthComponentOA(oa_auth); + + //SLLayer Version / useIframe + oa_auth.setSlVersion(oa.getSlVersion()); + oa_auth.setUseIFrame(false); + + + //BKUURLs + BKUURLS bkuurls = new BKUURLS(); + bkuurls.setOnlineBKU("https://labda.iaik.tugraz.at:8843/bkuonline/https-security-layer-request"); + bkuurls.setHandyBKU("https://www.handy-signatur.at/mobile/https-security-layer-request/default.aspx"); + bkuurls.setLocalBKU("https://127.0.0.1:3496/https-security-layer-request"); + oa_auth.setBKUURLS(bkuurls); + + //IdentificationNumber + IdentificationNumber idnumber = new IdentificationNumber(); + idnumber.setValue(oa.getIdentityLinkDomainIdentifier()); + idnumber.setType(oa.getIdentityLinkDomainIdentifierType()); + oa_auth.setIdentificationNumber(idnumber); + + //set Templates + TemplatesType templates = new TemplatesType(); + oa_auth.setTemplates(templates); + templates.setAditionalAuthBlockText(""); + TemplateType template = new TemplateType(); + template.setURL(oa.getTemplateURL()); + templates.setTemplate(template); + + //set TransformsInfo + String[] transforminfos = oa.getTransformsInfos(); + ArrayList oa_transforminfos = new ArrayList(); + for (String e1 : transforminfos) { + TransformsInfoType transforminfo = new TransformsInfoType(); + transforminfo.setFilename(e1); + oa_transforminfos.add(transforminfo); + } + oa_auth.setTransformsInfo(oa_transforminfos); + + //VerifyInfoBoxes not supported by MOAID 2.0 + + //set Mandates + Mandates oa_mandates = new Mandates(); + oa_auth.setMandates(oa_mandates); + oa_mandates.setProfiles(oa.getMandateProfiles()); + + //STORK + //TODO: OA specific STORK config is deactivated in MOA 1.5.2 + + //SSO + OASSO oa_sso = new OASSO(); + oa_auth.setOASSO(oa_sso); + oa_sso.setUseSSO(true); + oa_sso.setSingleLogOutURL(""); + + //OA_SAML1 + OASAML1 oa_saml1 = new OASAML1(); + oa_auth.setOASAML1(oa_saml1); + oa_saml1.setConditionLength(BigInteger.valueOf(oa.getConditionLength())); + oa_saml1.setProvideAUTHBlock(oa.getProvideAuthBlock()); + oa_saml1.setProvideCertificate(oa.getProvideCertifcate()); + oa_saml1.setProvideFullMandatorData(oa.getProvideFullMandatorData()); + oa_saml1.setProvideIdentityLink(oa.getProvideIdentityLink()); + oa_saml1.setProvideStammzahl(oa.getProvideStammzahl()); + oa_saml1.setUseCondition(oa.getUseCondition()); + oa_saml1.setUseUTC(oa.getUseUTC()); + + //OA_PVP2 + OAPVP2 oa_pvp2 = new OAPVP2(); + oa_auth.setOAPVP2(oa_pvp2); + oa_pvp2.setMetadataURL("TODO!!!"); + oa_pvp2.setCertificate("TODO!!!".getBytes()); + + moa_oas.add(moa_oa); + } + + //removed from MOAID 2.0 config + //identityLinkX509SubjectNames = builder.getIdentityLink_X509SubjectNames(); + + + //set chaining modes + ChainingModes moa_chainingModes = new ChainingModes(); + moaIDConfig.setChainingModes(moa_chainingModes); + + ChainingModeType type = ChainingModeType.fromValue(builder.getDefaultChainingMode()); + moa_chainingModes.setSystemDefaultMode(type); + + Map chainingModes = builder.buildChainingModes(); + List chaining_anchor = new ArrayList(); + Set chaining_anchor_map = chainingModes.keySet(); + for (IssuerAndSerial e1 : chaining_anchor_map) { + TrustAnchor trustanchor = new TrustAnchor(); + + ChainingModeType type1 = ChainingModeType.fromValue(chainingModes.get(e1)); + trustanchor.setMode(type1); + + trustanchor.setX509IssuerName(e1.getIssuerDN()); + trustanchor.setX509SerialNumber(e1.getSerial()); + chaining_anchor.add(trustanchor); + } + moa_chainingModes.setTrustAnchor(chaining_anchor); + + + //set trustedCACertificate path + moaIDConfig.setTrustedCACertificates(builder.getTrustedCACertificates()); + + + //TODO: move to read config functionality + //trustedCACertificates = FileUtils.makeAbsoluteURL(trustedCACertificates, rootConfigFileDir); + + + //Not required in MOAID 2.0 config (DefaultBKUs & SLRequestTemplates) + //trustedBKUs = builder.getTrustedBKUs(); + //trustedTemplateURLs = builder.getTrustedTemplateURLs(); + + + //set DefaultBKUs + DefaultBKUs moa_defaultbkus = new DefaultBKUs(); + moaIDConfig.setDefaultBKUs(moa_defaultbkus); + moa_defaultbkus.setOnlineBKU("https://labda.iaik.tugraz.at:8843/bkuonline/https-security-layer-request"); + moa_defaultbkus.setHandyBKU("https://www.handy-signatur.at/mobile/https-security-layer-request/default.aspx"); + moa_defaultbkus.setLocalBKU("https://127.0.0.1:3496/https-security-layer-request"); + + + //set SLRequest Templates + SLRequestTemplates moa_slrequesttemp = new SLRequestTemplates(); + moaIDConfig.setSLRequestTemplates(moa_slrequesttemp); + moa_slrequesttemp.setOnlineBKU("http://localhost:8080/moa-id-auth/template_onlineBKU.html"); + moa_slrequesttemp.setHandyBKU("http://localhost:8080/moa-id-auth/template_handyBKU.html"); + moa_slrequesttemp.setLocalBKU("http://127.0.0.1:8080/moa-id-auth/template_localBKU.html"); + + return moaIDConfig; + + } catch (Throwable t) { + throw new ConfigurationException("config.02", null, t); + } + } + + private static ConnectionParameterClientAuthType parseConnectionParameterClientAuth( + ConnectionParameter old) { + ConnectionParameterClientAuthType auth_moaSP_connection = new ConnectionParameterClientAuthType(); + auth_moaSP_connection.setURL(old.getUrl()); + auth_moaSP_connection.setAcceptedServerCertificates(old.getAcceptedServerCertificates()); + ClientKeyStore auth_moaSP_connection_keyStore = new ClientKeyStore(); + auth_moaSP_connection_keyStore.setValue(old.getClientKeyStore()); + auth_moaSP_connection_keyStore.setPassword(old.getClientKeyStorePassword()); + auth_moaSP_connection.setClientKeyStore(auth_moaSP_connection_keyStore); + return auth_moaSP_connection; + } +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java index d55482e95..eeb0afae2 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java @@ -1,9 +1,6 @@ package at.gv.egovernment.moa.id.moduls; import java.util.List; -import java.util.Set; - -import iaik.util.logging.Log; import javax.servlet.http.Cookie; import javax.servlet.http.HttpServletRequest; @@ -13,7 +10,7 @@ import org.hibernate.Query; import org.hibernate.Session; import at.gv.egovernment.moa.id.AuthenticationException; -import at.gv.egovernment.moa.id.commons.db.HibernateUtil; +import at.gv.egovernment.moa.id.commons.db.MOASessionUtil; import at.gv.egovernment.moa.id.commons.db.dao.session.AuthenticatedSessionStore; import at.gv.egovernment.moa.id.commons.db.dao.session.OldSSOSessionIDStore; import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; @@ -60,7 +57,7 @@ public class SSOManager { public String existsOldSSOSession(String ssoId) { Logger.trace("Check that the SSOID has already been used"); - Session session = HibernateUtil.getCurrentSession(); + Session session = MOASessionUtil.getCurrentSession(); List result; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AssertionStorage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AssertionStorage.java index b5de788af..9933142e3 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AssertionStorage.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AssertionStorage.java @@ -11,7 +11,7 @@ import org.hibernate.HibernateException; import org.hibernate.Query; import org.hibernate.Session; -import at.gv.egovernment.moa.id.commons.db.HibernateUtil; +import at.gv.egovernment.moa.id.commons.db.MOASessionUtil; import at.gv.egovernment.moa.id.commons.db.dao.session.AssertionStore; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; import at.gv.egovernment.moa.logging.Logger; @@ -52,7 +52,7 @@ public class AssertionStorage { //store AssertionStore element to Database try { - HibernateUtil.saveOrUpdate(element); + MOASessionUtil.saveOrUpdate(element); Log.info("Assertion with Artifact=" + artifact + " is stored in Database"); } catch (MOADatabaseException e) { @@ -85,7 +85,7 @@ public class AssertionStorage { Date expioredate = new Date(now - authDataTimeOut); List results; - Session session = HibernateUtil.getCurrentSession(); + Session session = MOASessionUtil.getCurrentSession(); synchronized (session) { session.beginTransaction(); @@ -98,7 +98,7 @@ public class AssertionStorage { if (results.size() != 0) { for(AssertionStore result : results) { try { - HibernateUtil.delete(result); + MOASessionUtil.delete(result); Logger.info("Remove Assertion with Artifact=" + result.getArtifact() + " after assertion timeout."); @@ -115,7 +115,7 @@ public class AssertionStorage { try { AssertionStore element = searchInDatabase(artifact); - HibernateUtil.delete(element); + MOASessionUtil.delete(element); } catch (MOADatabaseException e) { Logger.info("Assertion not removed! (Assertion with Artifact=" + artifact @@ -130,7 +130,7 @@ public class AssertionStorage { private AssertionStore searchInDatabase(String artifact) throws MOADatabaseException { MiscUtil.assertNotNull(artifact, "artifact"); Logger.trace("Getting Assertion with Artifact " + artifact + " from database."); - Session session = HibernateUtil.getCurrentSession(); + Session session = MOASessionUtil.getCurrentSession(); List result; synchronized (session) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java index 8ea6a6633..faff2955b 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java @@ -18,7 +18,7 @@ import org.hibernate.Transaction; import at.gv.egovernment.moa.id.AuthenticationException; import at.gv.egovernment.moa.id.MOAIDException; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; -import at.gv.egovernment.moa.id.commons.db.HibernateUtil; +import at.gv.egovernment.moa.id.commons.db.MOASessionUtil; import at.gv.egovernment.moa.id.commons.db.dao.session.AssertionStore; import at.gv.egovernment.moa.id.commons.db.dao.session.AuthenticatedSessionStore; import at.gv.egovernment.moa.id.commons.db.dao.session.OASessionStore; @@ -62,7 +62,7 @@ public class AuthenticationSessionStoreage { //store AssertionStore element to Database try { - HibernateUtil.saveOrUpdate(dbsession); + MOASessionUtil.saveOrUpdate(dbsession); Log.info("MOASession with sessionID=" + id + " is stored in Database"); } catch (MOADatabaseException e) { @@ -83,7 +83,7 @@ public class AuthenticationSessionStoreage { //set Timestamp in this state, because automated timestamp generation is buggy in Hibernate 4.2.1 dbsession.setUpdated(new Date()); - HibernateUtil.saveOrUpdate(dbsession); + MOASessionUtil.saveOrUpdate(dbsession); Log.info("MOASession with sessionID=" + session.getSessionID() + " is stored in Database"); } catch (MOADatabaseException e) { @@ -96,7 +96,7 @@ public class AuthenticationSessionStoreage { public static void destroySession(String moaSessionID) throws MOADatabaseException { - Session session = HibernateUtil.getCurrentSession(); + Session session = MOASessionUtil.getCurrentSession(); List result; @@ -168,7 +168,7 @@ public class AuthenticationSessionStoreage { //set Timestamp in this state, because automated timestamp generation is buggy in Hibernate 4.2.1 dbsession.setUpdated(new Date()); - HibernateUtil.saveOrUpdate(dbsession); + MOASessionUtil.saveOrUpdate(dbsession); return id; @@ -203,7 +203,7 @@ public class AuthenticationSessionStoreage { try { - Session session = HibernateUtil.getCurrentSession(); + Session session = MOASessionUtil.getCurrentSession(); List result; synchronized (session) { @@ -288,7 +288,7 @@ public class AuthenticationSessionStoreage { MiscUtil.assertNotNull(SSOId, "moasessionID"); Logger.trace("Get authenticated session with SSOID " + SSOId + " from database."); - Session session = HibernateUtil.getCurrentSession(); + Session session = MOASessionUtil.getCurrentSession(); List result; @@ -331,7 +331,7 @@ public class AuthenticationSessionStoreage { Date expioredate = new Date(now - authDataTimeOut); List results; - Session session = HibernateUtil.getCurrentSession(); + Session session = MOASessionUtil.getCurrentSession(); synchronized (session) { session.beginTransaction(); @@ -344,7 +344,7 @@ public class AuthenticationSessionStoreage { if (results.size() != 0) { for(AuthenticatedSessionStore result : results) { try { - HibernateUtil.delete(result); + MOASessionUtil.delete(result); Logger.info("Authenticated session with sessionID=" + result.getSessionid() + " after session timeout."); @@ -361,7 +361,7 @@ public class AuthenticationSessionStoreage { private static AuthenticatedSessionStore searchInDatabase(String sessionID) throws MOADatabaseException { MiscUtil.assertNotNull(sessionID, "moasessionID"); Logger.trace("Get authenticated session with sessionID " + sessionID + " from database."); - Session session = HibernateUtil.getCurrentSession(); + Session session = MOASessionUtil.getCurrentSession(); List result; diff --git a/id/server/moa-id-commons/.classpath b/id/server/moa-id-commons/.classpath index f903134e9..88431cf04 100644 --- a/id/server/moa-id-commons/.classpath +++ b/id/server/moa-id-commons/.classpath @@ -17,6 +17,7 @@ + diff --git a/id/server/moa-id-commons/pom.xml b/id/server/moa-id-commons/pom.xml index e2189372b..540bd7b89 100644 --- a/id/server/moa-id-commons/pom.xml +++ b/id/server/moa-id-commons/pom.xml @@ -15,6 +15,17 @@ hibernate-core 4.2.1.Final + + org.hibernate + hibernate-c3p0 + 4.2.1.Final + + + org.hibernate + hibernate-entitymanager + 4.2.1.Final + + org.apache.commons commons-lang3 @@ -25,17 +36,19 @@ moa-common jar - - org.hibernate - hibernate-c3p0 - 4.2.1.Final - - + + + org.hibernate.javax.persistence hibernate-jpa-2.0-api - 1.0.0.Final + 1.0.1.Final + org.jvnet.hyperjaxb3 hyperjaxb3-ejb-runtime @@ -50,7 +63,24 @@ - + install + + + + src/main/resources/config + + **/*.java + + + + target/generated-sources/xjc + + **/*.java + + + + + org.apache.maven.plugins maven-compiler-plugin @@ -76,14 +106,13 @@ - + org.jvnet.hyperjaxb3 maven-hyperjaxb3-plugin 0.5.6 - generate-sources generate @@ -91,8 +120,13 @@ true - RoundtripTest - + src/main/resources/config + src/main/resources/config + + at.gv.egovernment.moa.id.commons.db.dao.config + + + true diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBUtils.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBUtils.java new file mode 100644 index 000000000..183fcda65 --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBUtils.java @@ -0,0 +1,42 @@ +package at.gv.egovernment.moa.id.commons.db; + +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +import javax.persistence.EntityManager; + +import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; + +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.MiscUtil; + +public class ConfigurationDBUtils { + + private static Map QUERIES = new HashMap(); + static { + QUERIES.put("getOnlineApplicationWithID", "select onlineapplication from OnlineApplication onlineapplication where onlineapplication.publicURLPrefix LIKE :id"); + } + + @SuppressWarnings("rawtypes") + public static OnlineApplication getOnlineApplication(String id) { + MiscUtil.assertNotNull(id, "OnlineApplictionID"); + Logger.trace("Getting OnlineApplication with ID " + id + " from database."); + + List result; + EntityManager session = ConfigurationUtil.getCurrentSession(); + + javax.persistence.Query query = session.createQuery(QUERIES.get("getOnlineApplicationWithID")); + query.setParameter("id", id+"%"); + result = query.getResultList(); + + Logger.trace("Found entries: " + result.size()); + + if (result.size() == 0) { + Logger.trace("No entries found."); + return null; + } + return (OnlineApplication) result.get(0); + } + +} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationUtil.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationUtil.java new file mode 100644 index 000000000..695bf4028 --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationUtil.java @@ -0,0 +1,201 @@ +package at.gv.egovernment.moa.id.commons.db; + +import java.util.Properties; + +import javax.persistence.EntityManager; +import javax.persistence.EntityManagerFactory; +import javax.persistence.EntityTransaction; +import javax.persistence.Persistence; + +import org.hibernate.HibernateException; +import org.hibernate.Session; + +import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; +import at.gv.egovernment.moa.logging.Logger; + +public final class ConfigurationUtil { + + private static EntityManagerFactory entitymanagerfactory; + + @SuppressWarnings("rawtypes") + private static final ThreadLocal THREAD_LOCAL = new ThreadLocal(); + private static boolean automaticSessionHandling = false; + + protected ConfigurationUtil() { } + + public static void initHibernate(Properties props) { + + try { + + //add Hibernate annotations +// Configuration hibernateConfig = new Configuration(); +// hibernateConfig.addAnnotatedClass(AssertionStore.class); +// hibernateConfig.addAnnotatedClass(AuthenticatedSessionStore.class); +// hibernateConfig.addAnnotatedClass(OASessionStore.class); +// hibernateConfig.addAnnotatedClass(OldSSOSessionIDStore.class); +// hibernateConfig.addProperties(props); + + + Logger.debug("Creating initial session factory..."); +// entitymanagerfactory = +// Persistence.createEntityManagerFactory("at.gv.egovernment.moa.id.commons.db.dao.config", +// hibernateConfig.getProperties()); + + entitymanagerfactory = + Persistence.createEntityManagerFactory("at.gv.egovernment.moa.id.commons.db.dao.config", + props); + + Logger.debug("Initial session factory successfully created."); + + + } catch (Throwable ex) { + Logger.error("Initial session factory creation failed: " + ex.getMessage()); + throw new ExceptionInInitializerError(ex); + } + } + + + /** + * Checks if a session factory is currently available. If necessary a new + * session factory is created. + * + * @return current (or new) session factory + * @throws HibernateException + * thrown if a hibernate error occurs + */ + public static EntityManager getCurrentSession() { + if (automaticSessionHandling) { + + return entitymanagerfactory.createEntityManager(); + } + + EntityManager session = (EntityManager) THREAD_LOCAL.get(); + // Open a new Session, if this Thread has none yet + if (session == null) { + session = getNewSession(); + } + return session; + } + + @SuppressWarnings("unchecked") + public static EntityManager getNewSession() { + if (automaticSessionHandling) { + Logger.warn("Session is being automatically handled by hibernate. Therefore this session maybe not being newly created. Use HibernateUtil.getCurrentSession() instead."); + //return sessionFactory.getCurrentSession(); + return entitymanagerfactory.createEntityManager(); + } + EntityManager session = (EntityManager) THREAD_LOCAL.get(); + if (session != null) { + Logger.warn("Previous session has not been closed; closing session now."); + closeSession(); + } + Logger.debug("Opening new hibernate session..."); + try { + session = entitymanagerfactory.createEntityManager(); + THREAD_LOCAL.set(session); + } catch (HibernateException hex) { + Logger.error(hex.getMessage()); + } + return session; + } + + /** + * Closes the current session. + * + * @throws HibernateException + * thrown if session is already closed or a hibernate error + * occurs. + */ + @SuppressWarnings("unchecked") + public static void closeSession() { + if (automaticSessionHandling) { + Logger.warn("Session is being automatically handled by hibernate. Therefore the current session cannot be closed on demand."); + return; + } + Logger.debug("Closing current hibernate session..."); + Session session = (Session) THREAD_LOCAL.get(); + THREAD_LOCAL.set(null); + if (session != null) { + try { + session.close(); + + } catch (HibernateException hex) { + Logger.error(hex.getMessage()); + } + } + } + + public static boolean save(Object dbo) throws MOADatabaseException { + EntityTransaction tx = null; + + try { + EntityManager session = ConfigurationUtil.getCurrentSession(); + tx = session.getTransaction(); + + synchronized (session) { + tx.begin(); + session.persist(dbo); + tx.commit(); + + session.clear(); + } + return true; + + } catch(HibernateException e) { + Logger.warn("Error during database saveOrUpdate. Rollback.", e); + tx.rollback(); + throw new MOADatabaseException(e); + } + } + + + public static boolean saveOrUpdate(Object dbo) throws MOADatabaseException { + EntityTransaction tx = null; + + try { + EntityManager session = ConfigurationUtil.getCurrentSession(); + tx = session.getTransaction(); + + synchronized (session) { + tx.begin(); + + session.merge(dbo); + session.flush(); + + tx.commit(); + + session.clear(); + } + return true; + + } catch(HibernateException e) { + Logger.warn("Error during database saveOrUpdate. Rollback.", e); + tx.rollback(); + throw new MOADatabaseException(e); + } + } + + public static boolean delete(Object dbo) { + EntityTransaction tx = null; + try { + EntityManager session = ConfigurationUtil.getCurrentSession(); + tx = session.getTransaction(); + + synchronized (session) { + tx.begin(); + session.remove(session.contains(dbo) ? dbo : session.merge(dbo)); + tx.commit(); + + session.clear(); + } + + return true; + + } catch(HibernateException e) { + Logger.warn("Error during database delete. Rollback.", e); + tx.rollback(); + return false; + } + } + +} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/DBUtils.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/DBUtils.java deleted file mode 100644 index d60c5ef45..000000000 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/DBUtils.java +++ /dev/null @@ -1,33 +0,0 @@ -package at.gv.egovernment.moa.id.commons.db; - -import java.util.List; - -import org.hibernate.Query; -import org.hibernate.Session; - -import at.gv.egovernment.moa.id.commons.db.dao.session.AssertionStore; -import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.MiscUtil; - -public class DBUtils { - -// @SuppressWarnings("rawtypes") -// public static AssertionStore getAssertion(String artifact) { -// MiscUtil.assertNotNull(artifact, "artifact"); -// Logger.trace("Getting Assertion with Artifact " + artifact + " from database."); -// -// Session session = HibernateUtil.getCurrentSession(); -// session.beginTransaction(); -// Query query = session.getNamedQuery("getAssertionWithArtifact"); -// query.setString("artifact", artifact); -// List result = query.list(); -// Logger.trace("Found entries: " + result.size()); -// -// if (result.size() == 0) { -// Logger.trace("No entries found."); -// return null; -// } -// return (AssertionStore) result.get(0); -// } - -} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/HibernateUtil.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/HibernateUtil.java deleted file mode 100644 index 1fa5a20fd..000000000 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/HibernateUtil.java +++ /dev/null @@ -1,166 +0,0 @@ -package at.gv.egovernment.moa.id.commons.db; - -import java.util.Properties; - -import org.apache.commons.lang3.StringUtils; -import org.hibernate.HibernateException; -import org.hibernate.Session; -import org.hibernate.SessionFactory; -import org.hibernate.Transaction; -import org.hibernate.cfg.Configuration; -import org.hibernate.service.ServiceRegistry; -import org.hibernate.service.ServiceRegistryBuilder; - -import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; -import at.gv.egovernment.moa.logging.Logger; - -public final class HibernateUtil { - - private static SessionFactory sessionFactory; - private static ServiceRegistry serviceRegistry; - - @SuppressWarnings("rawtypes") - private static final ThreadLocal THREAD_LOCAL = new ThreadLocal(); - private static boolean automaticSessionHandling = false; - - private static final String[] AUTOMATIC_SESSION_HANDLING_VALUES = new String[] { "jta", "thread" }; - private static final String SESSION_HANDLING_KEY = "hibernate.current_session_context_class"; - - private static Configuration configuration; - - protected HibernateUtil() { } - - public static void initHibernate(Configuration config, Properties hibernateProperties) { - - String scm = StringUtils.trimToNull(hibernateProperties.getProperty(SESSION_HANDLING_KEY)); - if (scm != null) { - automaticSessionHandling = scm.indexOf(AUTOMATIC_SESSION_HANDLING_VALUES[0]) != -1 || scm.indexOf(AUTOMATIC_SESSION_HANDLING_VALUES[1]) != -1; - } - Logger.debug("Evaluating hibernate property \"" + SESSION_HANDLING_KEY + "\"."); - if (automaticSessionHandling) { - Logger.info("Hibernate is automatically handling session context management."); - } else { - Logger.info("Hibernate is NOT automatically handling session context management. Using build-in ThreadLocal session handling."); - } - try { - //Create the SessionFactory - Logger.debug("Creating initial session factory..."); - - config.configure(); - serviceRegistry = new ServiceRegistryBuilder().applySettings(config.getProperties()).buildServiceRegistry(); - sessionFactory = config.buildSessionFactory(serviceRegistry); - Logger.debug("Initial session factory successfully created."); - - } catch (Throwable ex) { - Logger.error("Initial session factory creation failed: " + ex.getMessage()); - throw new ExceptionInInitializerError(ex); - } - } - - /** - * Checks if a session factory is currently available. If necessary a new - * session factory is created. - * - * @return current (or new) session factory - * @throws HibernateException - * thrown if a hibernate error occurs - */ - public static Session getCurrentSession() { - if (automaticSessionHandling) { - return sessionFactory.getCurrentSession(); - } - Session session = (Session) THREAD_LOCAL.get(); - // Open a new Session, if this Thread has none yet - if (session == null || !session.isConnected()) { - session = getNewSession(); - } - return session; - } - - @SuppressWarnings("unchecked") - public static Session getNewSession() { - if (automaticSessionHandling) { - Logger.warn("Session is being automatically handled by hibernate. Therefore this session maybe not being newly created. Use HibernateUtil.getCurrentSession() instead."); - return sessionFactory.getCurrentSession(); - } - Session session = (Session) THREAD_LOCAL.get(); - if (session != null) { - Logger.warn("Previous session has not been closed; closing session now."); - closeSession(); - } - Logger.debug("Opening new hibernate session..."); - try { - session = sessionFactory.openSession(); - THREAD_LOCAL.set(session); - } catch (HibernateException hex) { - Logger.error(hex.getMessage()); - } - return session; - } - - /** - * Closes the current session. - * - * @throws HibernateException - * thrown if session is already closed or a hibernate error - * occurs. - */ - @SuppressWarnings("unchecked") - public static void closeSession() { - if (automaticSessionHandling) { - Logger.warn("Session is being automatically handled by hibernate. Therefore the current session cannot be closed on demand."); - return; - } - Logger.debug("Closing current hibernate session..."); - Session session = (Session) THREAD_LOCAL.get(); - THREAD_LOCAL.set(null); - if (session != null) { - try { - session.close(); - - } catch (HibernateException hex) { - Logger.error(hex.getMessage()); - } - } - } - - public static boolean saveOrUpdate(Object dbo) throws MOADatabaseException { - Transaction tx = null; - try { - Session session = HibernateUtil.getCurrentSession(); - - synchronized (session) { - tx = session.beginTransaction(); - session.saveOrUpdate(dbo); - tx.commit(); - } - return true; - - } catch(HibernateException e) { - Logger.warn("Error during database saveOrUpdate. Rollback.", e); - tx.rollback(); - throw new MOADatabaseException(e); - } - } - - public static boolean delete(Object dbo) { - Transaction tx = null; - try { - Session session = HibernateUtil.getCurrentSession(); - - synchronized (session) { - tx = session.beginTransaction(); - session.delete(dbo); - tx.commit(); - } - - return true; - - } catch(HibernateException e) { - Logger.warn("Error during database delete. Rollback.", e); - tx.rollback(); - return false; - } - } - -} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/MOASessionUtil.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/MOASessionUtil.java new file mode 100644 index 000000000..ccc4e9589 --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/MOASessionUtil.java @@ -0,0 +1,170 @@ +package at.gv.egovernment.moa.id.commons.db; + +import java.util.Properties; + +import org.apache.commons.lang3.StringUtils; +import org.hibernate.HibernateException; +import org.hibernate.Session; +import org.hibernate.SessionFactory; +import org.hibernate.Transaction; +import org.hibernate.cfg.Configuration; +import org.hibernate.service.ServiceRegistry; +import org.hibernate.service.ServiceRegistryBuilder; + +import at.gv.egovernment.moa.id.commons.db.dao.session.AssertionStore; +import at.gv.egovernment.moa.id.commons.db.dao.session.AuthenticatedSessionStore; +import at.gv.egovernment.moa.id.commons.db.dao.session.OASessionStore; +import at.gv.egovernment.moa.id.commons.db.dao.session.OldSSOSessionIDStore; +import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; +import at.gv.egovernment.moa.logging.Logger; + +public final class MOASessionUtil { + + private static SessionFactory sessionFactory; + private static ServiceRegistry serviceRegistry; + + @SuppressWarnings("rawtypes") + private static final ThreadLocal THREAD_LOCAL = new ThreadLocal(); + private static boolean automaticSessionHandling = false; + + private static final String[] AUTOMATIC_SESSION_HANDLING_VALUES = new String[] { "jta", "thread" }; + private static final String SESSION_HANDLING_KEY = "hibernate.current_session_context_class"; + + private static Configuration configuration; + + protected MOASessionUtil() { } + + public static void initHibernate(Configuration config, Properties hibernateProperties) { + + String scm = StringUtils.trimToNull(hibernateProperties.getProperty(SESSION_HANDLING_KEY)); + if (scm != null) { + automaticSessionHandling = scm.indexOf(AUTOMATIC_SESSION_HANDLING_VALUES[0]) != -1 || scm.indexOf(AUTOMATIC_SESSION_HANDLING_VALUES[1]) != -1; + } + Logger.debug("Evaluating hibernate property \"" + SESSION_HANDLING_KEY + "\"."); + if (automaticSessionHandling) { + Logger.info("Hibernate is automatically handling session context management."); + } else { + Logger.info("Hibernate is NOT automatically handling session context management. Using build-in ThreadLocal session handling."); + } + try { + //Create the SessionFactory + Logger.debug("Creating initial session factory..."); + + config.configure(); + serviceRegistry = new ServiceRegistryBuilder().applySettings(config.getProperties()).buildServiceRegistry(); + sessionFactory = config.buildSessionFactory(serviceRegistry); + Logger.debug("Initial session factory successfully created."); + + } catch (Throwable ex) { + Logger.error("Initial session factory creation failed: " + ex.getMessage()); + throw new ExceptionInInitializerError(ex); + } + } + + /** + * Checks if a session factory is currently available. If necessary a new + * session factory is created. + * + * @return current (or new) session factory + * @throws HibernateException + * thrown if a hibernate error occurs + */ + public static Session getCurrentSession() { + if (automaticSessionHandling) { + return sessionFactory.getCurrentSession(); + } + Session session = (Session) THREAD_LOCAL.get(); + // Open a new Session, if this Thread has none yet + if (session == null || !session.isConnected()) { + session = getNewSession(); + } + return session; + } + + @SuppressWarnings("unchecked") + public static Session getNewSession() { + if (automaticSessionHandling) { + Logger.warn("Session is being automatically handled by hibernate. Therefore this session maybe not being newly created. Use HibernateUtil.getCurrentSession() instead."); + return sessionFactory.getCurrentSession(); + } + Session session = (Session) THREAD_LOCAL.get(); + if (session != null) { + Logger.warn("Previous session has not been closed; closing session now."); + closeSession(); + } + Logger.debug("Opening new hibernate session..."); + try { + session = sessionFactory.openSession(); + THREAD_LOCAL.set(session); + } catch (HibernateException hex) { + Logger.error(hex.getMessage()); + } + return session; + } + + /** + * Closes the current session. + * + * @throws HibernateException + * thrown if session is already closed or a hibernate error + * occurs. + */ + @SuppressWarnings("unchecked") + public static void closeSession() { + if (automaticSessionHandling) { + Logger.warn("Session is being automatically handled by hibernate. Therefore the current session cannot be closed on demand."); + return; + } + Logger.debug("Closing current hibernate session..."); + Session session = (Session) THREAD_LOCAL.get(); + THREAD_LOCAL.set(null); + if (session != null) { + try { + session.close(); + + } catch (HibernateException hex) { + Logger.error(hex.getMessage()); + } + } + } + + public static boolean saveOrUpdate(Object dbo) throws MOADatabaseException { + Transaction tx = null; + try { + Session session = MOASessionUtil.getCurrentSession(); + + synchronized (session) { + tx = session.beginTransaction(); + session.saveOrUpdate(dbo); + tx.commit(); + } + return true; + + } catch(HibernateException e) { + Logger.warn("Error during database saveOrUpdate. Rollback.", e); + tx.rollback(); + throw new MOADatabaseException(e); + } + } + + public static boolean delete(Object dbo) { + Transaction tx = null; + try { + Session session = MOASessionUtil.getCurrentSession(); + + synchronized (session) { + tx = session.beginTransaction(); + session.delete(dbo); + tx.commit(); + } + + return true; + + } catch(HibernateException e) { + Logger.warn("Error during database delete. Rollback.", e); + tx.rollback(); + return false; + } + } + +} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/AssertionStore.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/AssertionStore.java index a0898efc1..50c156c4e 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/AssertionStore.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/AssertionStore.java @@ -5,13 +5,16 @@ import java.util.Date; import javax.persistence.Column; import javax.persistence.Entity; +import javax.persistence.GeneratedValue; +import javax.persistence.GenerationType; import javax.persistence.Id; import javax.persistence.Lob; +import javax.persistence.NamedQueries; +import javax.persistence.NamedQuery; import javax.persistence.Table; import org.hibernate.annotations.DynamicUpdate; -import org.hibernate.annotations.NamedQueries; -import org.hibernate.annotations.NamedQuery; + @Entity @@ -27,6 +30,10 @@ public class AssertionStore implements Serializable{ private static final long serialVersionUID = 1L; @Id + @GeneratedValue(strategy = GenerationType.IDENTITY) + @Column(name = "id", unique=true, nullable=false) + private long id; + @Column(name = "artifact", unique=true, nullable=false) private String artifact; @@ -72,6 +79,14 @@ public class AssertionStore implements Serializable{ public void setDatatime(Date datatime) { this.timestamp = datatime; } + + public long getId() { + return id; + } + + public void setId(long id) { + this.id = id; + } } diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/AuthenticatedSessionStore.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/AuthenticatedSessionStore.java index 4ed42175e..98c2d7461 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/AuthenticatedSessionStore.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/AuthenticatedSessionStore.java @@ -4,7 +4,6 @@ import java.io.Serializable; import java.util.ArrayList; import java.util.Date; import java.util.List; -import java.util.Set; import javax.persistence.CascadeType; import javax.persistence.Column; @@ -12,7 +11,6 @@ import javax.persistence.Entity; import javax.persistence.GeneratedValue; import javax.persistence.GenerationType; import javax.persistence.Id; -import javax.persistence.JoinColumn; import javax.persistence.Lob; import javax.persistence.OneToMany; import javax.persistence.PrePersist; @@ -20,11 +18,11 @@ import javax.persistence.PreUpdate; import javax.persistence.Table; import javax.persistence.Temporal; import javax.persistence.TemporalType; +import javax.persistence.NamedQueries; +import javax.persistence.NamedQuery; import org.hibernate.annotations.DynamicUpdate; -import org.hibernate.annotations.IndexColumn; -import org.hibernate.annotations.NamedQueries; -import org.hibernate.annotations.NamedQuery; + @Entity @DynamicUpdate(value=true) @@ -40,7 +38,7 @@ public class AuthenticatedSessionStore implements Serializable{ private static final long serialVersionUID = 1L; @Id - @GeneratedValue(strategy = GenerationType.IDENTITY) + @GeneratedValue(strategy = GenerationType.AUTO) @Column(name = "id", unique=true, nullable=false) private long id; diff --git a/id/server/moa-id-commons/src/main/resources/config/bindings.xjb b/id/server/moa-id-commons/src/main/resources/config/bindings.xjb new file mode 100644 index 000000000..6269e2dbc --- /dev/null +++ b/id/server/moa-id-commons/src/main/resources/config/bindings.xjb @@ -0,0 +1,10 @@ + + + + + + + + \ No newline at end of file diff --git a/id/server/moa-id-commons/src/main/resources/config/hibernate.cfg.xml b/id/server/moa-id-commons/src/main/resources/config/hibernate.cfg.xml new file mode 100644 index 000000000..4841481b6 --- /dev/null +++ b/id/server/moa-id-commons/src/main/resources/config/hibernate.cfg.xml @@ -0,0 +1,14 @@ + + + + + + + + + + + + \ No newline at end of file diff --git a/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd b/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd new file mode 100644 index 000000000..136e49154 --- /dev/null +++ b/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd @@ -0,0 +1,943 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + possibility to include common austrian primary + keys in human readable way, english translation not available + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + enthält Parameter der + Authentisierungs-Komponente + + + + + + + + + + + enthält Konfigurationsparameter der + Proxy-Komponente + + + + + + + enthält Parameter für die Kommunikation zw. + Proxykomponente und Authenttisierungskomponente + + + + + + + enthält Parameter für die SOAP-Verbindung + von der Proxy-Komponente zur Auth-Komponente (vgl. + AuthComponent/MOA-SP/ConnectionParameter) + + + + + + + + + + + + enthält Parameter für die OA + + + + + + + + + + + + + + + + + + + + + + + + + + spezifiziert den Algorithmus ("pkix" oder + "chaining") für die Zertifikatspfadvalidierung + + + + + + + ein vom SystemDefaultMode abweichender + ChiningMode kann für jeden TrustAnchor gesetzt werden + + + + + + + + + + + + + + + + + verweist auf ein Verzeichnis, das + vertrauenswürdige CA (Zwischen-CA, Wurzel-CA) Zertifikate + enthält. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + enthält Parameter für die Kommunikation mit dem + Security-Layer + + + + + + + + + + + enthaelt Konfiguratiosnparameter für die + Kommunikation mit dem MOA SP Modul + + + + + + + enthält Parameter für die SOAP-Verbindung von + der AUTH-Komponente zu MOA-SP; das Attribut URL enthält den + Endpunkt des Server; wird das Schema "https" verwendet müssen + die Kind-Elemente angegeben werden; wird das Schema "http" + verwendet dürfen keine Kind-Elemente angegeben werden; wird das + Element nicht verwendet dann wird MOA-SP über das API + aufgerufen + + + + + + enthält Parameter für die Überprüfung der + Personenbindung + + + + + + + + + + + enthält Parameter für die Überprüfung des + AUTH-Blocks + + + + + + + + + + + + + + + enthält Informationen über akzeptierte Signers + des IdentityLinks + + + + + + + akzeptierte Signer des IdentityLinks werden + per X509SubjectName (Kodierung nach RFC 2253) identifiziert + + + + + + + + + + + + Verbindungsparameter zum SZR-Gateway + (GetIdentityLink) + + + + + + Verbindungsparameter zu den Country-PEPS + (C-PEPS) + + + + + + + + + + + + Verbindungsparameter zum + Online-Vollmachten-Service + + + + + + + + + + + + + + + + + + + + das Attribut filename verweist auf eine Datei mit + globalem Element TransformsInfo vom Typ sl10:TransformsInfo; diese + TransformsInfo werden in den CreateXMLSignatureRequest fuer die + Signatur des AUTH-Blocks inkludiert + + + + + + + + + + + + + + + + das Attribut URL spezifiziert die Lage des + Templates + + + + + + + Verifikation zusaetzlicher Infoboxen + + + + + + Optionales DefaultTrustprofil für die + Überprüfung aller weiteren Infoboxen + + + + + + + + + + + + + Spezifiziert die Lage von XML Schemas + + + + + + + + + + + + + + + + + enthält Parameter über die OA, die die + Authentisierungs-Komponente betreffen + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + enthält Parameter über die OA, die die + Proxy-Komponente betreffen + + + + + + + enthält Parameter über die OA, die die + Proxy-Komponente betreffen + + + + + + + + + + + + + + + + + + URL zu einem Verzeichnis, das akzeptierte + Server-Zertifikate der TLS-Verbindung enthält (keine + CA-Zertifikate) + + + + + + + + + + + + + URL zu einem KeyStore, der den privaten + Schlüssel, der für die TLS-Client-Authentisierung verwendet + wird, enthält + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + Soll nicht nur bei leerer oder standardisierter + Vollmacht mit unvollständigen Daten, sondern beispielsweise zu + Kontrollzwecken das Eingabeformular immer angezeigt werden, wenn ein + Einschreiten durch berufliche Parteienvertretung geschieht so kann + dies mittels dieses Schalters veranlasst werden + + + + + + + + + + + + Das Attribut spezifiziert die Lage des + Templates, welches der InputProcessor zur Darstellung des + Eingabeformulars nutzen soll + + + + + + + + + + + Default InputProcessor. Konfiguration eines vom + Standardprozess abweichenden Verarbeitungsvorgangs bei der + beruflichen Parteienvertretung. Der Wert dieses Elements ist der + vollständige Klassenname des InputProzessors + + + + + + Default Wert fuer Formularanzeige. Soll nicht nur + bei leerer oder standardisierter Vollmacht mit unvollstaendigen + Daten, sondern beispielsweise zu Kontrollzwecken das + Eingabeformular zur vervollstaendigung der Vertretenendaten immer + angezeigt werden, wenn ein Einschreiten durch berufliche + Parteienvertretung geschieht so kann dies mittels dieses Schalters + veranlasst werden + + + + + + Default Verbindungsparameter zum SZR-Gateway + (für den EGIZ-Demonstrator im internen Netzwerk: + https://129.27.142.5:8443/szr-gateway/services/MandateCreation) + + + + + + Falls keine speziellen beruflichen + ParteienvertreterInnen definiert sind (Element kommt nicht vor), + werden ausschließlich standardisierte Vollmachten mit einer + MandateID="*" akzeptiert + + + + + + + + + + Konfiguration eines vom Standardprozess + abweichenden Verarbeitungsvorgangs bei der beruflichen + Parteienvertretung. Der Wert dieses Elements ist der vollständige + Klassenname des InputProzessors + + + + + + + Optionale Verbindungsparameter zu speziellem + (SZR-)Gateway + + + + + + + OID der Parteienvertretung lt. "Object Identifier + der öffentlichen Verwaltung" - Konvention, Empfehlung. Diese ID + muss mit der MandateID der übermittelten standardisierten Vollmacht + übereinstimmen. Eine Parteienvertretung für standardisierte + Vollmachten mit der MandateID "*" muss nicht definiert werden und + erlaubt eine allgemeine berufliche Parteienvertretung mit + Standardtexten. In anderen Fällen ist eine erlaubte OID mitttels + dieses Attributs zu definieren + + + + + + Legt fest, ob berufliche Parteienvertretung für + natürliche Personen erlaubt ist + + + + + + + + + Legt fest, ob berufliche Parteienvertretung für + juristische Personen erlaubt ist (welche z.B. ein Organwalter nicht + vertreten darf und dieser Wert aus diesem Grund dort false sein + muss) + + + + + + + + + Beschreibender Text, der an Stelle des + Standardtexts bei der Signatur der Anmeldedaten im Falle einer + vorliegenden beruflichen Parteienvertretung zur Signatur vorgelegt + wird + + + + + + + Enthaelt Informationen zu einem KeyStore bzw. Key + zur STORK SAML AuthnRequest Signaturerstellung + + + + + + + + + + Enthaelt Informationen zur Verfikation von + Signaturen einer STORK SAML Response + + + + + + + + + Enthält Informationen zur Erstellung und + Verifikation von STORK SAML Messages + + + + + + + + + + + + URL zu einem KeyStore, der den privaten Schlüssel + zum Erstellen einer Signatur enthält + + + + + + + + + + + + + Name zum Key eines KeyStores, der den privaten + Schlüssel zum Erstellen einer Signatur darstellt + + + + + + + + + + + + + Enthält Informationen zu einem Citizen Country + PEPS (C-PEPS) + + + + + + + + + + + + + Contains STORK related information + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/id/server/moa-id-commons/src/main/resources/config/persistence_template.xml b/id/server/moa-id-commons/src/main/resources/config/persistence_template.xml new file mode 100644 index 000000000..d7ec8c625 --- /dev/null +++ b/id/server/moa-id-commons/src/main/resources/config/persistence_template.xml @@ -0,0 +1,10 @@ + + + + at.gv.egovernment.moa.id.commons.db.dao.session.AssertionStore + at.gv.egovernment.moa.id.commons.db.dao.session.AuthenticatedSessionStore + at.gv.egovernment.moa.id.commons.db.dao.session.OASessionStore + at.gv.egovernment.moa.id.commons.db.dao.session.OldSSOSessionIDStore + + diff --git a/id/server/moa-id-commons/src/main/resources/hibernate.cfg.xml b/id/server/moa-id-commons/src/main/resources/hibernate.cfg.xml deleted file mode 100644 index 4841481b6..000000000 --- a/id/server/moa-id-commons/src/main/resources/hibernate.cfg.xml +++ /dev/null @@ -1,14 +0,0 @@ - - - - - - - - - - - - \ No newline at end of file -- cgit v1.2.3