From 74a42b6128f6f8d21a65dddb9405cd52ebbc0520 Mon Sep 17 00:00:00 2001 From: Thomas Knall Date: Wed, 4 Feb 2015 15:37:10 +0100 Subject: Create exemplary AuthServlet module (MOAID-68) - Create new module moa-id-module-monitoring. - Move MonitoringServlet, DatabaseTestModule, IdentityLinkTestModule, TestManager and TestModuleInterface to new module. - Update pom.xml, adding new module dependency. - Update web.xml, disabling static servlet registration. - Add @WebServlet servlet registration for MonitoringServlet. --- id/server/auth/pom.xml | 8 ++ id/server/auth/src/main/webapp/WEB-INF/web.xml | 3 + .../moa/id/auth/servlet/MonitoringServlet.java | 126 ------------------ .../moa/id/monitoring/DatabaseTestModule.java | 142 --------------------- .../moa/id/monitoring/IdentityLinkTestModule.java | 109 ---------------- .../egovernment/moa/id/monitoring/TestManager.java | 111 ---------------- .../moa/id/monitoring/TestModuleInterface.java | 34 ----- id/server/modules/module-monitoring/pom.xml | 22 ++++ .../moa/id/auth/servlet/MonitoringServlet.java | 132 +++++++++++++++++++ .../moa/id/monitoring/DatabaseTestModule.java | 142 +++++++++++++++++++++ .../moa/id/monitoring/IdentityLinkTestModule.java | 109 ++++++++++++++++ .../egovernment/moa/id/monitoring/TestManager.java | 111 ++++++++++++++++ .../moa/id/monitoring/TestModuleInterface.java | 34 +++++ id/server/modules/pom.xml | 1 + pom.xml | 5 + 15 files changed, 567 insertions(+), 522 deletions(-) delete mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/MonitoringServlet.java delete mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/monitoring/DatabaseTestModule.java delete mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/monitoring/IdentityLinkTestModule.java delete mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/monitoring/TestManager.java delete mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/monitoring/TestModuleInterface.java create mode 100644 id/server/modules/module-monitoring/pom.xml create mode 100644 id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/auth/servlet/MonitoringServlet.java create mode 100644 id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/DatabaseTestModule.java create mode 100644 id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/IdentityLinkTestModule.java create mode 100644 id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/TestManager.java create mode 100644 id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/TestModuleInterface.java diff --git a/id/server/auth/pom.xml b/id/server/auth/pom.xml index df45568dc..cf394b7ad 100644 --- a/id/server/auth/pom.xml +++ b/id/server/auth/pom.xml @@ -137,10 +137,18 @@ oasis-dss-api 1.0.0-RELEASE + + MOA.id.server.modules moa-id-module-stork + + + + MOA.id.server.modules + moa-id-module-monitoring + diff --git a/id/server/auth/src/main/webapp/WEB-INF/web.xml b/id/server/auth/src/main/webapp/WEB-INF/web.xml index 930b10f43..5afc0dee7 100644 --- a/id/server/auth/src/main/webapp/WEB-INF/web.xml +++ b/id/server/auth/src/main/webapp/WEB-INF/web.xml @@ -67,6 +67,8 @@ /RedirectServlet + + SSOSendAssertionServlet diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/MonitoringServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/MonitoringServlet.java deleted file mode 100644 index e04f97e6e..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/MonitoringServlet.java +++ /dev/null @@ -1,126 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ -package at.gv.egovernment.moa.id.auth.servlet; - -import java.io.IOException; -import java.io.PrintWriter; -import java.util.Arrays; -import java.util.List; - -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; -import at.gv.egovernment.moa.id.monitoring.TestManager; -import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.MiscUtil; - -public class MonitoringServlet extends AuthServlet { - - private static final long serialVersionUID = 1L; - private static final String REQUEST_ATTR_MODULE = "module"; - - - protected void doGet(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException { - - try { - AuthConfigurationProvider config = AuthConfigurationProvider.getInstance(); - - if (config.isMonitoringActive()) { - Logger.debug("Monitoring Servlet received request"); - - TestManager tests = TestManager.getInstance(); - - String modulename = req.getParameter(REQUEST_ATTR_MODULE); - if (MiscUtil.isEmpty(modulename)) { - - List error = tests.executeTests(); - if (error != null && error.size() > 0) { - createErrorMessage(req, resp, error); - - } else { - resp.setStatus(HttpServletResponse.SC_OK); - resp.setContentType("text/html;charset=UTF-8"); - resp.getWriter().write(getHtml(config.getMonitoringMessageSuccess())); - Logger.info("Monitoring Servlet finished without errors"); - } - - } else { - if (tests.existsModule(modulename)) { - List errors = tests.executeTest(modulename); - if (errors != null && errors.size() > 0) { - createErrorMessage(req, resp, errors); - - } else { - resp.setStatus(HttpServletResponse.SC_OK); - resp.setContentType("text/html;charset=UTF-8"); - resp.getWriter().write(getHtml(config.getMonitoringMessageSuccess())); - Logger.info("Monitoring Servlet finished without errors"); - } - - } else { - Logger.warn("NO Testmodule exists with modulename " + modulename); - resp.setStatus(HttpServletResponse.SC_NOT_FOUND); - resp.setContentType("text/html;charset=UTF-8"); - PrintWriter out; - try { - out = new PrintWriter(resp.getOutputStream()); - out.write("NO Testmodule exists with modulename " + modulename); - out.flush(); - - } catch (IOException e) { - Logger.warn("Internal Monitoring Servlet Error. ", e); - } - } - - } - } - - } catch (ConfigurationException e) { - createErrorMessage(req, resp, Arrays.asList(e.getMessage())); - } - } - - private void createErrorMessage(HttpServletRequest req, HttpServletResponse resp, List errorMessage) { - Logger.warn("Monitoring Servlet found some Error: " + errorMessage); - resp.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); - resp.setContentType("text/html;charset=UTF-8"); - PrintWriter out; - try { - out = new PrintWriter(resp.getOutputStream()); - for (String error : errorMessage) - out.write(error + "
"); - out.flush(); - - } catch (IOException e) { - Logger.warn("Internal Monitoring Servlet Error. ", e); - } - } - - private String getHtml(String text) { - return "Reponse" + text +""; - } -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/monitoring/DatabaseTestModule.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/monitoring/DatabaseTestModule.java deleted file mode 100644 index a08ef5f0c..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/monitoring/DatabaseTestModule.java +++ /dev/null @@ -1,142 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.monitoring; - -import java.util.ArrayList; -import java.util.Date; -import java.util.List; - -import org.hibernate.Query; -import org.hibernate.Session; - -import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead; -import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; -import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils; -import at.gv.egovernment.moa.id.commons.db.StatisticLogDBUtils; -import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration; -import at.gv.egovernment.moa.id.commons.db.dao.session.AssertionStore; -import at.gv.egovernment.moa.id.commons.db.dao.statistic.StatisticLog; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; -import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.MiscUtil; - -public class DatabaseTestModule implements TestModuleInterface{ - - public List performTests() throws Exception { - Logger.trace("Start MOA-ID Database Test."); - - List errors = new ArrayList(); - - AuthConfigurationProvider config = AuthConfigurationProvider.getInstance(); - - String error = testMOAConfigurationDatabase(); - if (MiscUtil.isNotEmpty(error)) - errors.add(error); - - error = testMOASessionDatabase(); - if (MiscUtil.isNotEmpty(error)) - errors.add(error); - - if (config.isAdvancedLoggingActive()) { - error = testMOAAdvancedLoggingDatabase(); - if (MiscUtil.isNotEmpty(error)) - errors.add(error); - } - - return errors; - } - - - private String testMOASessionDatabase() throws Exception{ - Logger.trace("Start Test: MOASessionDatabase"); - - Date expioredate = new Date(new Date().getTime() - 120); - - try { - List results; - Session session = MOASessionDBUtils.getCurrentSession(); - - synchronized (session) { - session.beginTransaction(); - Query query = session.getNamedQuery("getAssertionWithTimeOut"); - query.setTimestamp("timeout", expioredate); - results = query.list(); - session.getTransaction().commit(); - } - - Logger.trace("Finish Test: MOASessionDatabase"); - return null; - - } catch (Throwable e) { - Logger.warn("Failed Test: MOASessionDatabase", e); - return "MOASessionDatabase: " + e.getMessage(); - } - } - - private String testMOAConfigurationDatabase() throws Exception{ - - MOAIDConfiguration moaidconfig = ConfigurationDBRead.getMOAIDConfiguration(); - ConfigurationDBUtils.closeSession(); - - if (moaidconfig == null) - return ("MOA-ID 2.x configuration can not be loaded from Database."); - - return null; - } - - private String testMOAAdvancedLoggingDatabase() { - - Date expioredate = new Date(new Date().getTime() - 120); - try { - Session session = StatisticLogDBUtils.getCurrentSession(); - - List results; - - synchronized (session) { - session.beginTransaction(); - Query query = session.getNamedQuery("getAllEntriesNotBeforeTimeStamp"); - query.setTimestamp("timeout", expioredate); - results = query.list(); - session.getTransaction().commit(); - } - - Logger.trace("Finish Test: AdvancedLoggingDataBase"); - return null; - - } catch (Throwable e) { - Logger.warn("Failed Test: AdvancedLoggingDataBase", e); - return "AdvancedLoggingDataBase: " + e.getMessage(); - } - } - - - public String getName() { - return "DatabaseTest"; - } - - - public void initializeTest(long delayParam, String url) throws Exception { - // TODO Auto-generated method stub - - } -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/monitoring/IdentityLinkTestModule.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/monitoring/IdentityLinkTestModule.java deleted file mode 100644 index b5220914c..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/monitoring/IdentityLinkTestModule.java +++ /dev/null @@ -1,109 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.monitoring; - -import java.io.InputStream; -import java.net.URL; -import java.util.List; - -import org.w3c.dom.Element; - -import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder; -import at.gv.egovernment.moa.id.auth.data.IdentityLink; -import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse; -import at.gv.egovernment.moa.id.auth.exception.ValidateException; -import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker; -import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser; -import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser; -import at.gv.egovernment.moa.id.auth.validator.IdentityLinkValidator; -import at.gv.egovernment.moa.id.auth.validator.VerifyXMLSignatureResponseValidator; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; -import at.gv.egovernment.moa.id.config.auth.data.DynamicOAAuthParameters; -import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.MiscUtil; - -public class IdentityLinkTestModule implements TestModuleInterface { - - private static IdentityLink identityLink = null; - - public void initializeTest(long delayParam, String url) throws Exception{ - - if (MiscUtil.isNotEmpty(url)) { - - URL keystoreURL = new URL(url); - InputStream idlstream = keystoreURL.openStream(); - identityLink = new IdentityLinkAssertionParser(idlstream).parseIdentityLink(); - } - - } - - public List performTests() throws Exception{ - Logger.trace("Start MOA-ID IdentityLink Test"); - - AuthConfigurationProvider config = AuthConfigurationProvider.getInstance(); - - IdentityLinkValidator.getInstance().validate(identityLink); - // builds a for a call of MOA-SP - Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder() - .build(identityLink, config - .getMoaSpIdentityLinkTrustProfileID()); - - // invokes the call - Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker() - .verifyXMLSignature(domVerifyXMLSignatureRequest); - // parses the - try { - VerifyXMLSignatureResponse verifyXMLSignatureResponse = new VerifyXMLSignatureResponseParser( - domVerifyXMLSignatureResponse).parseData(); - - DynamicOAAuthParameters oaParam = new DynamicOAAuthParameters(); - oaParam.setBusinessService(true); - - VerifyXMLSignatureResponseValidator.getInstance().validate( - verifyXMLSignatureResponse, - config.getIdentityLinkX509SubjectNames(), - VerifyXMLSignatureResponseValidator.CHECK_IDENTITY_LINK, - oaParam); - - } catch (ValidateException e) { - //check if default Monitoring IDL is used then error is ignored - if ("validator.07".equals(e.getMessageId()) - && e.getMessage().contains("Das Zertifikat der Personenbindung ist")) - return null; - - else - throw e; - - } - - Logger.trace("Finished MOA-ID IdentityLink Test without errors"); - - return null; - } - - public String getName() { - return "IdentityLinkTest"; - } - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/monitoring/TestManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/monitoring/TestManager.java deleted file mode 100644 index 84581abe8..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/monitoring/TestManager.java +++ /dev/null @@ -1,111 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.monitoring; - -import java.util.Arrays; -import java.util.HashMap; -import java.util.List; -import java.util.Map; - -import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; -import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.FileUtils; - -public class TestManager { - - private static TestManager instance; - - private Map tests = new HashMap(); - - public static TestManager getInstance() throws ConfigurationException { - if (instance == null) - instance = new TestManager(); - - return instance; - } - - private TestManager() throws ConfigurationException { - - AuthConfigurationProvider config = AuthConfigurationProvider.getInstance(); - - //add Database test - DatabaseTestModule test1 = new DatabaseTestModule(); - tests.put(test1.getName(), test1); - - //add IdentityLink verification test - IdentityLinkTestModule test2 = new IdentityLinkTestModule(); - String idlurl = FileUtils.makeAbsoluteURL(config.getMonitoringTestIdentityLinkURL(), config.getRootConfigFileDir()); - try { - test2.initializeTest(0, idlurl); - tests.put(test2.getName(), test2);; - - } catch (Exception e) { - Logger.warn("MOA-ID IdentityLink Test can not performed without IdentityLink. Insert IdentityLink file to MOA-ID configuration", e); - } - } - - public List executeTests() { - Logger.debug("Start MOA-ID-Auth testing"); - - - List errors; - - for (TestModuleInterface test : tests.values()) { - try { - errors = test.performTests(); - if (errors != null && errors.size() > 0) - return errors; - - } catch (Exception e) { - Logger.warn("General Testing Eception during Test " + test.getClass() + ": ", e); - return Arrays.asList(e.getMessage()); - } - } - - return null; - } - - public List executeTest(String testname) { - - TestModuleInterface test = tests.get(testname); - - if (test != null) { - try { - return test.performTests(); - - } catch (Exception e) { - Logger.warn("General Testing Eception during Test " + test.getName() + ": ", e); - return Arrays.asList(e.getMessage()); - } - - } else { - Logger.info("TestModule with Name " + testname + " is not implemented"); - return null; - } - } - - public boolean existsModule(String modulename) { - return tests.containsKey(modulename); - } -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/monitoring/TestModuleInterface.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/monitoring/TestModuleInterface.java deleted file mode 100644 index 4e26b1ce8..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/monitoring/TestModuleInterface.java +++ /dev/null @@ -1,34 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.monitoring; - -import java.util.List; - -public interface TestModuleInterface { - - public List performTests() throws Exception; - - public void initializeTest(long delayParam, String url) throws Exception; - - public String getName(); -} diff --git a/id/server/modules/module-monitoring/pom.xml b/id/server/modules/module-monitoring/pom.xml new file mode 100644 index 000000000..60ab6b6c0 --- /dev/null +++ b/id/server/modules/module-monitoring/pom.xml @@ -0,0 +1,22 @@ + + 4.0.0 + + + MOA.id.server.modules + moa-id-modules + ${moa-id-version} + + + MOA.id.server.modules + moa-id-module-monitoring + ${moa-id-version} + jar + + MOA ID-Module Monitoring + + + ${basedir}/../../../../repository + + + diff --git a/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/auth/servlet/MonitoringServlet.java b/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/auth/servlet/MonitoringServlet.java new file mode 100644 index 000000000..1c1cbb723 --- /dev/null +++ b/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/auth/servlet/MonitoringServlet.java @@ -0,0 +1,132 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ +package at.gv.egovernment.moa.id.auth.servlet; + +import java.io.IOException; +import java.io.PrintWriter; +import java.util.Arrays; +import java.util.List; + +import javax.servlet.ServletException; +import javax.servlet.annotation.WebServlet; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import at.gv.egovernment.moa.id.config.ConfigurationException; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.monitoring.TestManager; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.MiscUtil; + +@WebServlet(name = "MonitoringServlet", value = "/MonitoringServlet") +public class MonitoringServlet extends AuthServlet { + + private static final long serialVersionUID = 1L; + private static final String REQUEST_ATTR_MODULE = "module"; + + public MonitoringServlet() { + super(); + Logger.debug("Registering servlet " + getClass().getName() + " with mapping '/MonitoringServlet'."); + } + + protected void doGet(HttpServletRequest req, HttpServletResponse resp) + throws ServletException, IOException { + + try { + AuthConfigurationProvider config = AuthConfigurationProvider.getInstance(); + + if (config.isMonitoringActive()) { + Logger.debug("Monitoring Servlet received request"); + + TestManager tests = TestManager.getInstance(); + + String modulename = req.getParameter(REQUEST_ATTR_MODULE); + if (MiscUtil.isEmpty(modulename)) { + + List error = tests.executeTests(); + if (error != null && error.size() > 0) { + createErrorMessage(req, resp, error); + + } else { + resp.setStatus(HttpServletResponse.SC_OK); + resp.setContentType("text/html;charset=UTF-8"); + resp.getWriter().write(getHtml(config.getMonitoringMessageSuccess())); + Logger.info("Monitoring Servlet finished without errors"); + } + + } else { + if (tests.existsModule(modulename)) { + List errors = tests.executeTest(modulename); + if (errors != null && errors.size() > 0) { + createErrorMessage(req, resp, errors); + + } else { + resp.setStatus(HttpServletResponse.SC_OK); + resp.setContentType("text/html;charset=UTF-8"); + resp.getWriter().write(getHtml(config.getMonitoringMessageSuccess())); + Logger.info("Monitoring Servlet finished without errors"); + } + + } else { + Logger.warn("NO Testmodule exists with modulename " + modulename); + resp.setStatus(HttpServletResponse.SC_NOT_FOUND); + resp.setContentType("text/html;charset=UTF-8"); + PrintWriter out; + try { + out = new PrintWriter(resp.getOutputStream()); + out.write("NO Testmodule exists with modulename " + modulename); + out.flush(); + + } catch (IOException e) { + Logger.warn("Internal Monitoring Servlet Error. ", e); + } + } + + } + } + + } catch (ConfigurationException e) { + createErrorMessage(req, resp, Arrays.asList(e.getMessage())); + } + } + + private void createErrorMessage(HttpServletRequest req, HttpServletResponse resp, List errorMessage) { + Logger.warn("Monitoring Servlet found some Error: " + errorMessage); + resp.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + resp.setContentType("text/html;charset=UTF-8"); + PrintWriter out; + try { + out = new PrintWriter(resp.getOutputStream()); + for (String error : errorMessage) + out.write(error + "
"); + out.flush(); + + } catch (IOException e) { + Logger.warn("Internal Monitoring Servlet Error. ", e); + } + } + + private String getHtml(String text) { + return "Reponse" + text +""; + } +} diff --git a/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/DatabaseTestModule.java b/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/DatabaseTestModule.java new file mode 100644 index 000000000..a08ef5f0c --- /dev/null +++ b/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/DatabaseTestModule.java @@ -0,0 +1,142 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + *******************************************************************************/ +package at.gv.egovernment.moa.id.monitoring; + +import java.util.ArrayList; +import java.util.Date; +import java.util.List; + +import org.hibernate.Query; +import org.hibernate.Session; + +import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead; +import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; +import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils; +import at.gv.egovernment.moa.id.commons.db.StatisticLogDBUtils; +import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration; +import at.gv.egovernment.moa.id.commons.db.dao.session.AssertionStore; +import at.gv.egovernment.moa.id.commons.db.dao.statistic.StatisticLog; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.MiscUtil; + +public class DatabaseTestModule implements TestModuleInterface{ + + public List performTests() throws Exception { + Logger.trace("Start MOA-ID Database Test."); + + List errors = new ArrayList(); + + AuthConfigurationProvider config = AuthConfigurationProvider.getInstance(); + + String error = testMOAConfigurationDatabase(); + if (MiscUtil.isNotEmpty(error)) + errors.add(error); + + error = testMOASessionDatabase(); + if (MiscUtil.isNotEmpty(error)) + errors.add(error); + + if (config.isAdvancedLoggingActive()) { + error = testMOAAdvancedLoggingDatabase(); + if (MiscUtil.isNotEmpty(error)) + errors.add(error); + } + + return errors; + } + + + private String testMOASessionDatabase() throws Exception{ + Logger.trace("Start Test: MOASessionDatabase"); + + Date expioredate = new Date(new Date().getTime() - 120); + + try { + List results; + Session session = MOASessionDBUtils.getCurrentSession(); + + synchronized (session) { + session.beginTransaction(); + Query query = session.getNamedQuery("getAssertionWithTimeOut"); + query.setTimestamp("timeout", expioredate); + results = query.list(); + session.getTransaction().commit(); + } + + Logger.trace("Finish Test: MOASessionDatabase"); + return null; + + } catch (Throwable e) { + Logger.warn("Failed Test: MOASessionDatabase", e); + return "MOASessionDatabase: " + e.getMessage(); + } + } + + private String testMOAConfigurationDatabase() throws Exception{ + + MOAIDConfiguration moaidconfig = ConfigurationDBRead.getMOAIDConfiguration(); + ConfigurationDBUtils.closeSession(); + + if (moaidconfig == null) + return ("MOA-ID 2.x configuration can not be loaded from Database."); + + return null; + } + + private String testMOAAdvancedLoggingDatabase() { + + Date expioredate = new Date(new Date().getTime() - 120); + try { + Session session = StatisticLogDBUtils.getCurrentSession(); + + List results; + + synchronized (session) { + session.beginTransaction(); + Query query = session.getNamedQuery("getAllEntriesNotBeforeTimeStamp"); + query.setTimestamp("timeout", expioredate); + results = query.list(); + session.getTransaction().commit(); + } + + Logger.trace("Finish Test: AdvancedLoggingDataBase"); + return null; + + } catch (Throwable e) { + Logger.warn("Failed Test: AdvancedLoggingDataBase", e); + return "AdvancedLoggingDataBase: " + e.getMessage(); + } + } + + + public String getName() { + return "DatabaseTest"; + } + + + public void initializeTest(long delayParam, String url) throws Exception { + // TODO Auto-generated method stub + + } +} diff --git a/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/IdentityLinkTestModule.java b/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/IdentityLinkTestModule.java new file mode 100644 index 000000000..b5220914c --- /dev/null +++ b/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/IdentityLinkTestModule.java @@ -0,0 +1,109 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + *******************************************************************************/ +package at.gv.egovernment.moa.id.monitoring; + +import java.io.InputStream; +import java.net.URL; +import java.util.List; + +import org.w3c.dom.Element; + +import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder; +import at.gv.egovernment.moa.id.auth.data.IdentityLink; +import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse; +import at.gv.egovernment.moa.id.auth.exception.ValidateException; +import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker; +import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser; +import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser; +import at.gv.egovernment.moa.id.auth.validator.IdentityLinkValidator; +import at.gv.egovernment.moa.id.auth.validator.VerifyXMLSignatureResponseValidator; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; +import at.gv.egovernment.moa.id.config.auth.data.DynamicOAAuthParameters; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.MiscUtil; + +public class IdentityLinkTestModule implements TestModuleInterface { + + private static IdentityLink identityLink = null; + + public void initializeTest(long delayParam, String url) throws Exception{ + + if (MiscUtil.isNotEmpty(url)) { + + URL keystoreURL = new URL(url); + InputStream idlstream = keystoreURL.openStream(); + identityLink = new IdentityLinkAssertionParser(idlstream).parseIdentityLink(); + } + + } + + public List performTests() throws Exception{ + Logger.trace("Start MOA-ID IdentityLink Test"); + + AuthConfigurationProvider config = AuthConfigurationProvider.getInstance(); + + IdentityLinkValidator.getInstance().validate(identityLink); + // builds a for a call of MOA-SP + Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder() + .build(identityLink, config + .getMoaSpIdentityLinkTrustProfileID()); + + // invokes the call + Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker() + .verifyXMLSignature(domVerifyXMLSignatureRequest); + // parses the + try { + VerifyXMLSignatureResponse verifyXMLSignatureResponse = new VerifyXMLSignatureResponseParser( + domVerifyXMLSignatureResponse).parseData(); + + DynamicOAAuthParameters oaParam = new DynamicOAAuthParameters(); + oaParam.setBusinessService(true); + + VerifyXMLSignatureResponseValidator.getInstance().validate( + verifyXMLSignatureResponse, + config.getIdentityLinkX509SubjectNames(), + VerifyXMLSignatureResponseValidator.CHECK_IDENTITY_LINK, + oaParam); + + } catch (ValidateException e) { + //check if default Monitoring IDL is used then error is ignored + if ("validator.07".equals(e.getMessageId()) + && e.getMessage().contains("Das Zertifikat der Personenbindung ist")) + return null; + + else + throw e; + + } + + Logger.trace("Finished MOA-ID IdentityLink Test without errors"); + + return null; + } + + public String getName() { + return "IdentityLinkTest"; + } + +} diff --git a/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/TestManager.java b/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/TestManager.java new file mode 100644 index 000000000..84581abe8 --- /dev/null +++ b/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/TestManager.java @@ -0,0 +1,111 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + *******************************************************************************/ +package at.gv.egovernment.moa.id.monitoring; + +import java.util.Arrays; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +import at.gv.egovernment.moa.id.config.ConfigurationException; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.FileUtils; + +public class TestManager { + + private static TestManager instance; + + private Map tests = new HashMap(); + + public static TestManager getInstance() throws ConfigurationException { + if (instance == null) + instance = new TestManager(); + + return instance; + } + + private TestManager() throws ConfigurationException { + + AuthConfigurationProvider config = AuthConfigurationProvider.getInstance(); + + //add Database test + DatabaseTestModule test1 = new DatabaseTestModule(); + tests.put(test1.getName(), test1); + + //add IdentityLink verification test + IdentityLinkTestModule test2 = new IdentityLinkTestModule(); + String idlurl = FileUtils.makeAbsoluteURL(config.getMonitoringTestIdentityLinkURL(), config.getRootConfigFileDir()); + try { + test2.initializeTest(0, idlurl); + tests.put(test2.getName(), test2);; + + } catch (Exception e) { + Logger.warn("MOA-ID IdentityLink Test can not performed without IdentityLink. Insert IdentityLink file to MOA-ID configuration", e); + } + } + + public List executeTests() { + Logger.debug("Start MOA-ID-Auth testing"); + + + List errors; + + for (TestModuleInterface test : tests.values()) { + try { + errors = test.performTests(); + if (errors != null && errors.size() > 0) + return errors; + + } catch (Exception e) { + Logger.warn("General Testing Eception during Test " + test.getClass() + ": ", e); + return Arrays.asList(e.getMessage()); + } + } + + return null; + } + + public List executeTest(String testname) { + + TestModuleInterface test = tests.get(testname); + + if (test != null) { + try { + return test.performTests(); + + } catch (Exception e) { + Logger.warn("General Testing Eception during Test " + test.getName() + ": ", e); + return Arrays.asList(e.getMessage()); + } + + } else { + Logger.info("TestModule with Name " + testname + " is not implemented"); + return null; + } + } + + public boolean existsModule(String modulename) { + return tests.containsKey(modulename); + } +} diff --git a/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/TestModuleInterface.java b/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/TestModuleInterface.java new file mode 100644 index 000000000..4e26b1ce8 --- /dev/null +++ b/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/TestModuleInterface.java @@ -0,0 +1,34 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + *******************************************************************************/ +package at.gv.egovernment.moa.id.monitoring; + +import java.util.List; + +public interface TestModuleInterface { + + public List performTests() throws Exception; + + public void initializeTest(long delayParam, String url) throws Exception; + + public String getName(); +} diff --git a/id/server/modules/pom.xml b/id/server/modules/pom.xml index 64b1b57b4..e9234a62f 100644 --- a/id/server/modules/pom.xml +++ b/id/server/modules/pom.xml @@ -21,6 +21,7 @@ module-stork + module-monitoring diff --git a/pom.xml b/pom.xml index 95a3f1155..8bcbe8154 100644 --- a/pom.xml +++ b/pom.xml @@ -329,6 +329,11 @@ moa-id-module-stork ${moa-id-version}
+ + MOA.id.server.modules + moa-id-module-monitoring + ${moa-id-version} + MOA.spss.server moa-spss-lib -- cgit v1.2.3