From 92709b7a3e7c18583e127d2160cfd96361ac035b Mon Sep 17 00:00:00 2001 From: kstranacher Date: Thu, 16 Feb 2012 19:03:20 +0000 Subject: =?UTF-8?q?*=20Update=20sourceID=20Parameter=20*=20Blacklist-?= =?UTF-8?q?=C3=9Cbergabe=20an=20iaik-moa=20*=20iaik-moa.jar=20zu=20reposit?= =?UTF-8?q?ory=20hinzugef=C3=BCgt?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/trunk@1250 d688527b-c9ab-4aba-bd8d-4036d912da1d --- id/server/doc/moa_id/id-anwendung_1.htm | 2 +- .../moa/id/auth/AuthenticationServer.java | 8 ++-- .../builder/AuthenticationAssertionBuilder.java | 22 +-------- .../AuthenticationDataAssertionBuilder.java | 5 --- .../moa/id/auth/builder/SAMLArtifactBuilder.java | 49 +++++++++++++++++---- .../test/abnahme/A/Test300VerifyAuthBlock.java | 2 +- .../id/auth/builder/SAMLArtifactBuilderTest.java | 8 ++-- .../moa/id/auth/parser/SAMLArtifactParserTest.java | 12 ++--- .../id/proxy/builder/SAMLRequestBuilderTest.java | 2 +- pom.xml | 6 ++- .../iaik/prod/iaik_moa/1.32/iaik_moa-1.32.jar | Bin 0 -> 729266 bytes .../iaik/prod/iaik_moa/1.32/iaik_moa-1.32.pom | 6 +++ .../iaik/prod/iaik_moa/maven-metadata-MOA.xml | 2 +- .../iaik/prod/iaik_moa/maven-metadata-local.xml | 4 +- .../server/config/ConfigurationPartsBuilder.java | 33 +++++++++++--- .../spss/server/config/ConfigurationProvider.java | 3 +- .../spss/server/invoke/IaikExceptionMapper.java | 2 +- 17 files changed, 100 insertions(+), 66 deletions(-) create mode 100644 repository/iaik/prod/iaik_moa/1.32/iaik_moa-1.32.jar create mode 100644 repository/iaik/prod/iaik_moa/1.32/iaik_moa-1.32.pom diff --git a/id/server/doc/moa_id/id-anwendung_1.htm b/id/server/doc/moa_id/id-anwendung_1.htm index ad45ff7e1..561f3f556 100644 --- a/id/server/doc/moa_id/id-anwendung_1.htm +++ b/id/server/doc/moa_id/id-anwendung_1.htm @@ -94,7 +94,7 @@ StartAuthentication?Target=<geschäftsbereich> sourceID=<sourceID> - optional; Gibt eine sourceID an, die (wenn sie gesetzt ist) in der SAML-Assertion aufscheint + optional; Gibt eine sourceID an, die (wenn sie gesetzt ist) zur Berechnung des SAML-Artifacts herangezogen wird. diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java index 5eb23cabc..093d22732 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java @@ -1538,7 +1538,6 @@ public class AuthenticationServer implements MOAIDAuthConstants { session.getBkuURL(), session.getAssertionSignerCertificateBase64(), session.getAssertionBusinessService(), - session.getSourceID(), session.getExtendedSAMLAttributesOA()); authData.setSamlAssertion(samlAssertion); @@ -1554,7 +1553,7 @@ public class AuthenticationServer implements MOAIDAuthConstants { } String samlArtifact = - new SAMLArtifactBuilder().build(session.getAuthURL(), session.getSessionID()); + new SAMLArtifactBuilder().build(session.getAuthURL(), session.getSessionID(), session.getSourceID()); storeAuthenticationData(samlArtifact, authData); // invalidates the authentication session @@ -1717,7 +1716,7 @@ public class AuthenticationServer implements MOAIDAuthConstants { } String samlArtifact = - new SAMLArtifactBuilder().build(session.getAuthURL(), session.getSessionID()); + new SAMLArtifactBuilder().build(session.getAuthURL(), session.getSessionID(), session.getSourceID()); storeAuthenticationData(samlArtifact, authData); // invalidates the authentication session @@ -1816,7 +1815,6 @@ public class AuthenticationServer implements MOAIDAuthConstants { session.getBkuURL(), session.getAssertionSignerCertificateBase64(), session.getAssertionBusinessService(), - session.getSourceID(), session.getExtendedSAMLAttributesOA()); authData.setSamlAssertion(samlAssertion); @@ -1832,7 +1830,7 @@ public class AuthenticationServer implements MOAIDAuthConstants { } String samlArtifact = - new SAMLArtifactBuilder().build(session.getAuthURL(), session.getSessionID()); + new SAMLArtifactBuilder().build(session.getAuthURL(), session.getSessionID(), session.getSourceID()); storeAuthenticationData(samlArtifact, authData); // invalidates the authentication session diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationAssertionBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationAssertionBuilder.java index 410d045f0..bcad65eed 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationAssertionBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationAssertionBuilder.java @@ -114,25 +114,5 @@ public class AuthenticationAssertionBuilder { return sb.toString(); } - /** - * Builds the SAML attributes to be appended to the AUTHBlock or to the SAML assertion - * delivered to the online application. - * The method traverses through the list of given SAML attribute objects and builds an - * XML structure (String representation) for each of the attributes. - * - * @param extendedSAMLAttributes The SAML attributes to be appended to the AUTHBlock or - * to the SAML assertion delivered to the online application. - * @return A string representation including the XML structures of - * the SAML attributes. - * - * @throws ParseException If an error occurs on serializing an SAML attribute. - */ - protected String buildSourceIDSAMLAttributes(String sourceID) throws ParseException { - StringBuffer sb = new StringBuffer(); - if (sourceID!=null) - sb.append(MessageFormat.format( SAML_ATTRIBUTE_NO_NAMESPACE, new Object[] {"SourceID", sourceID})); - - return sb.toString(); - } - + } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java index 7032e09eb..b9e44544d 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java @@ -72,7 +72,6 @@ public class AuthenticationDataAssertionBuilder extends AuthenticationAssertionB "{10}" + "{11}" + "{12}" + - "{13}" + " " + NL + ""; @@ -107,7 +106,6 @@ public class AuthenticationDataAssertionBuilder extends AuthenticationAssertionB "{11}" + "{12}" + "{13}" + - "{14}" + " " + NL + ""; /** @@ -158,7 +156,6 @@ public class AuthenticationDataAssertionBuilder extends AuthenticationAssertionB String bkuURL, String signerCertificateBase64, boolean businessService, - String sourceID, List extendedSAMLAttributes) throws BuildException { @@ -210,7 +207,6 @@ public class AuthenticationDataAssertionBuilder extends AuthenticationAssertionB StringUtils.removeXMLDeclaration(xmlPersonData), isQualifiedCertificate, bkuURL, - buildSourceIDSAMLAttributes(sourceID), publicAuthorityAttribute, signerCertificateAttribute, buildExtendedSAMLAttributes(extendedSAMLAttributes)}); @@ -301,7 +297,6 @@ public class AuthenticationDataAssertionBuilder extends AuthenticationAssertionB StringUtils.removeXMLDeclaration(xmlMandateData), isQualifiedCertificate, bkuURL, - buildSourceIDSAMLAttributes(sourceID), publicAuthorityAttribute, signerCertificateAttribute, buildExtendedSAMLAttributes(extendedSAMLAttributes)}); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilder.java index 41e4cd37d..145664a2b 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilder.java @@ -67,7 +67,7 @@ public class SAMLArtifactBuilder { * of AssertionHandle * @return the 42-byte SAML artifact, encoded BASE64 */ - public String build(String authURL, String sessionID) throws BuildException { + public String build(String authURL, String sessionID, String sourceIdParam) throws BuildException { try { MessageDigest md = MessageDigest.getInstance("SHA-1"); byte[] sourceID; @@ -77,16 +77,45 @@ public class SAMLArtifactBuilder { //System.out.println("alternativeSourceID: " + alternativeSourceID); //System.out.println("authURL: " + authURL); - if (!ParepUtils.isEmpty(alternativeSourceID)) { - // if generic config parameter "AuthenticationServer.SourceID" is given, use that sourceID instead of authURL; - sourceID = md.digest(alternativeSourceID.getBytes()); - Logger.info("Building SAMArtifact from sourceID \"" + alternativeSourceID + "\" instead of authURL \"" + authURL + "\"."); - } else { - sourceID = md.digest(authURL.getBytes()); + // if sourceID is given in GET/POST param - use this as source id + if (!ParepUtils.isEmpty(sourceIdParam)) { + // if GET/POST parameter sourceID is set, use that sourceID instead of authURL; + sourceID = md.digest(sourceIdParam.getBytes()); + Logger.info("Building SAMArtifact from sourceID \"" + sourceIdParam + "\" instead of authURL \"" + authURL + "\"."); + + byte[] assertionHandle = md.digest(sessionID.getBytes()); + ByteArrayOutputStream out = new ByteArrayOutputStream(42); + out.write(0); + out.write(1); + out.write(sourceID, 0, 20); + out.write(assertionHandle, 0, 20); + byte[] samlArtifact = out.toByteArray(); + //System.out.println("samlArtifact: " + new String(samlArtifact)); + String samlArtifactBase64 = Base64Utils.encode(samlArtifact); + //System.out.println("samlArtifact Base64: " + samlArtifactBase64); + return samlArtifactBase64; } - //System.out.println("sourceID: " + new String(sourceID)); + // if generic config parameter "AuthenticationServer.SourceID" is given, use that sourceID instead of authURL; + if (!ParepUtils.isEmpty(alternativeSourceID)) { + sourceID = md.digest(alternativeSourceID.getBytes()); + Logger.info("Building SAMArtifact from sourceID \"" + alternativeSourceID + "\" instead of authURL \"" + authURL + "\"."); + + byte[] assertionHandle = md.digest(sessionID.getBytes()); + ByteArrayOutputStream out = new ByteArrayOutputStream(42); + out.write(0); + out.write(1); + out.write(sourceID, 0, 20); + out.write(assertionHandle, 0, 20); + byte[] samlArtifact = out.toByteArray(); + System.out.println("samlArtifact: " + new String(samlArtifact)); + String samlArtifactBase64 = Base64Utils.encode(samlArtifact); + System.out.println("samlArtifact Base64: " + samlArtifactBase64); + return samlArtifactBase64; + } + // default: sourecID from authURL + sourceID = md.digest(authURL.getBytes()); byte[] assertionHandle = md.digest(sessionID.getBytes()); ByteArrayOutputStream out = new ByteArrayOutputStream(42); out.write(0); @@ -98,6 +127,10 @@ public class SAMLArtifactBuilder { String samlArtifactBase64 = Base64Utils.encode(samlArtifact); //System.out.println("samlArtifact Base64: " + samlArtifactBase64); return samlArtifactBase64; + + //System.out.println("sourceID: " + new String(sourceID)); + + } catch (Throwable ex) { throw new BuildException( diff --git a/id/server/idserverlib/src/test/java/test/abnahme/A/Test300VerifyAuthBlock.java b/id/server/idserverlib/src/test/java/test/abnahme/A/Test300VerifyAuthBlock.java index d9cd13259..a71fe0181 100644 --- a/id/server/idserverlib/src/test/java/test/abnahme/A/Test300VerifyAuthBlock.java +++ b/id/server/idserverlib/src/test/java/test/abnahme/A/Test300VerifyAuthBlock.java @@ -619,7 +619,7 @@ public class Test300VerifyAuthBlock extends AbnahmeTestCase { oaParam.getProvideIdentityLink() ? DOMUtils.serializeNode(identityLink.getSamlAssertion()) : ""; String authBlock = oaParam.getProvideAuthBlock() ? session.getAuthBlock() : ""; String samlAssertion = new AuthenticationDataAssertionBuilder().build( - authData, prPerson, authBlock, ilAssertion, session.getBkuURL(), "", false, null, null); + authData, prPerson, authBlock, ilAssertion, session.getBkuURL(), "", false, null); authData.setSamlAssertion(samlAssertion); return authData; } diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilderTest.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilderTest.java index 979a4aa24..915dc540c 100644 --- a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilderTest.java +++ b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilderTest.java @@ -51,9 +51,9 @@ public class SAMLArtifactBuilderTest extends UnitTestCase { } protected void setUp() throws Exception { builder = new SAMLArtifactBuilder(); - artifact1 = Base64Utils.decode(builder.build(AUTH_URL, SESSION_ID_1), false); - artifact2 = Base64Utils.decode(builder.build(AUTH_URL, SESSION_ID_2), false); - artifact3 = Base64Utils.decode(builder.build(AUTH_URL, SESSION_ID_3), false); + artifact1 = Base64Utils.decode(builder.build(AUTH_URL, SESSION_ID_1, null), false); + artifact2 = Base64Utils.decode(builder.build(AUTH_URL, SESSION_ID_2, null), false); + artifact3 = Base64Utils.decode(builder.build(AUTH_URL, SESSION_ID_3, null), false); } public void testBuildArtifactLength() throws BuildException { @@ -62,7 +62,7 @@ public class SAMLArtifactBuilderTest extends UnitTestCase { assertEquals(42, artifact3.length); } public void testBuildSameArtifact() throws Exception { - byte[] artifact1Clone = Base64Utils.decode(builder.build(AUTH_URL, SESSION_ID_1), false); + byte[] artifact1Clone = Base64Utils.decode(builder.build(AUTH_URL, SESSION_ID_1, null), false); assertEquals(new String(artifact1), new String(artifact1Clone)); } public void testBuildDifferentArtifacts() throws BuildException { diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParserTest.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParserTest.java index 1dab28dea..d34678f0c 100644 --- a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParserTest.java +++ b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParserTest.java @@ -44,7 +44,7 @@ public class SAMLArtifactParserTest extends UnitTestCase { public void testParseTypeCode() throws Exception { String sessionID = Random.nextRandom(); - String samlArtifact = new SAMLArtifactBuilder().build(URL1, sessionID); + String samlArtifact = new SAMLArtifactBuilder().build(URL1, sessionID, null); byte[] typeCode = new SAMLArtifactParser(samlArtifact).parseTypeCode(); assertEquals(typeCode[0], 0); assertEquals(typeCode[1], 1); @@ -52,8 +52,8 @@ public class SAMLArtifactParserTest extends UnitTestCase { public void testParseAssertionHandleSameSessionID() throws Exception { // SAML artifacts for different authURL's but same sessionID MUST give same assertion handle String sessionID = Random.nextRandom(); - String samlArtifact1 = new SAMLArtifactBuilder().build(URL1, sessionID); - String samlArtifact2 = new SAMLArtifactBuilder().build(URL2, sessionID); + String samlArtifact1 = new SAMLArtifactBuilder().build(URL1, sessionID, null); + String samlArtifact2 = new SAMLArtifactBuilder().build(URL2, sessionID, null); String assertionHandle1 = new SAMLArtifactParser(samlArtifact1).parseAssertionHandle(); String assertionHandle2 = new SAMLArtifactParser(samlArtifact2).parseAssertionHandle(); assertEquals(assertionHandle1, assertionHandle2); @@ -62,8 +62,8 @@ public class SAMLArtifactParserTest extends UnitTestCase { // SAML artifacts for same authURL but different sessionID's MUST give different assertion handles String sessionID1 = Random.nextRandom(); String sessionID2 = Random.nextRandom(); - String samlArtifact1 = new SAMLArtifactBuilder().build(URL1, sessionID1); - String samlArtifact2 = new SAMLArtifactBuilder().build(URL1, sessionID2); + String samlArtifact1 = new SAMLArtifactBuilder().build(URL1, sessionID1, null); + String samlArtifact2 = new SAMLArtifactBuilder().build(URL1, sessionID2, null); String assertionHandle1 = new SAMLArtifactParser(samlArtifact1).parseAssertionHandle(); String assertionHandle2 = new SAMLArtifactParser(samlArtifact2).parseAssertionHandle(); assertFalse(assertionHandle1.equals(assertionHandle2)); @@ -71,7 +71,7 @@ public class SAMLArtifactParserTest extends UnitTestCase { public void testParseAssertionHandleSameSAMLArtifact() throws Exception { // SAML artifact parsed twice MUST give same assertion handle each time String sessionID = Random.nextRandom(); - String samlArtifact = new SAMLArtifactBuilder().build(URL1, sessionID); + String samlArtifact = new SAMLArtifactBuilder().build(URL1, sessionID, null); String assertionHandle1 = new SAMLArtifactParser(samlArtifact).parseAssertionHandle(); String assertionHandle2 = new SAMLArtifactParser(samlArtifact).parseAssertionHandle(); assertEquals(assertionHandle1, assertionHandle2); diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/proxy/builder/SAMLRequestBuilderTest.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/proxy/builder/SAMLRequestBuilderTest.java index 73085270f..467c6520e 100644 --- a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/proxy/builder/SAMLRequestBuilderTest.java +++ b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/proxy/builder/SAMLRequestBuilderTest.java @@ -43,7 +43,7 @@ public class SAMLRequestBuilderTest extends UnitTestCase { public void testBuild() throws Exception { String requestID = "123"; - String samlArtifact = new SAMLArtifactBuilder().build("https://moa.gv.at/auth/", "12345678901234567890"); + String samlArtifact = new SAMLArtifactBuilder().build("https://moa.gv.at/auth/", "12345678901234567890", null); String REQUEST_SHOULD = "" + "" + samlArtifact + "" + diff --git a/pom.xml b/pom.xml index f2a67a02e..d4a0c387a 100644 --- a/pom.xml +++ b/pom.xml @@ -248,7 +248,7 @@ iaik.prod iaik_moa - 1.31 + 1.32 compile @@ -266,7 +266,9 @@ iaik.prod iaik_ixsil - 1.2.2.4 + + + 1.2.2.4_prop compile diff --git a/repository/iaik/prod/iaik_moa/1.32/iaik_moa-1.32.jar b/repository/iaik/prod/iaik_moa/1.32/iaik_moa-1.32.jar new file mode 100644 index 000000000..13725f801 Binary files /dev/null and b/repository/iaik/prod/iaik_moa/1.32/iaik_moa-1.32.jar differ diff --git a/repository/iaik/prod/iaik_moa/1.32/iaik_moa-1.32.pom b/repository/iaik/prod/iaik_moa/1.32/iaik_moa-1.32.pom new file mode 100644 index 000000000..c3de037f4 --- /dev/null +++ b/repository/iaik/prod/iaik_moa/1.32/iaik_moa-1.32.pom @@ -0,0 +1,6 @@ + + 4.0.0 + iaik.prod + iaik_moa + 1.32 + \ No newline at end of file diff --git a/repository/iaik/prod/iaik_moa/maven-metadata-MOA.xml b/repository/iaik/prod/iaik_moa/maven-metadata-MOA.xml index 32e4aad37..6190bccb0 100644 --- a/repository/iaik/prod/iaik_moa/maven-metadata-MOA.xml +++ b/repository/iaik/prod/iaik_moa/maven-metadata-MOA.xml @@ -1,7 +1,7 @@ iaik.prod iaik_moa - 1.28 + 1.32 1.23 diff --git a/repository/iaik/prod/iaik_moa/maven-metadata-local.xml b/repository/iaik/prod/iaik_moa/maven-metadata-local.xml index ced753edc..44703a321 100644 --- a/repository/iaik/prod/iaik_moa/maven-metadata-local.xml +++ b/repository/iaik/prod/iaik_moa/maven-metadata-local.xml @@ -2,10 +2,10 @@ iaik.prod iaik_moa - 1.29 + 1.32 - 1.29 + 1.32 20100618102247 diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java index 40416f121..2a2427bbb 100644 --- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java +++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java @@ -29,6 +29,8 @@ import iaik.ixsil.exceptions.URIException; import iaik.ixsil.util.URI; import iaik.pki.pathvalidation.ChainingModes; import iaik.pki.revocation.RevocationSourceTypes; +import iaik.server.modules.xml.BlackListEntry; +import iaik.server.modules.xml.ExternalReferenceChecker; import iaik.utils.RFC2253NameParser; import iaik.utils.RFC2253NameParserException; @@ -385,11 +387,16 @@ public class ConfigurationPartsBuilder { Element permitExtUris = (Element)XPathUtils.selectSingleNode(getConfigElem(), PERMIT_EXTERNAL_URIS_XPATH); // if PermitExternalUris element does not exist - don't allow external uris - if (permitExtUris == null) - return false; - else + if (permitExtUris == null) { + // set permitExtUris for iaik-moa + ExternalReferenceChecker.setPermitExternalURLs(false); + return false; + } + else { + // set permitExtUris for iaik-moa + ExternalReferenceChecker.setPermitExternalURLs(true); return true; - + } } /** @@ -401,6 +408,7 @@ public class ConfigurationPartsBuilder { info("config.33", null); List blacklist = new ArrayList(); + List blackListIaikMoa = new ArrayList(); NodeIterator permitExtIter = XPathUtils.selectNodeIterator( getConfigElem(), @@ -411,11 +419,19 @@ public class ConfigurationPartsBuilder { String host = getElementValue(permitExtElem, CONF + "IP", null); String port = getElementValue(permitExtElem, CONF + "Port", null); - - if (port == null) + BlackListEntry entry =null; + if (port == null) { + entry = new BlackListEntry(host, -1); info("config.34", new Object[]{host}); - else + } + else { + entry = new BlackListEntry(host, new Integer(port).intValue()); info("config.34", new Object[]{host + ":" + port}); + } + + // add entry to iaik-moa blacklist + blackListIaikMoa.add(entry); + String array[] = new String[2]; array[0] = host; @@ -424,6 +440,9 @@ public class ConfigurationPartsBuilder { } + // set blacklist for iaik-moa + ExternalReferenceChecker.setBlacklist(blackListIaikMoa); + if(blacklist.isEmpty()) // no blacklisted uris given info("config.36", null); diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java index a5f861c52..cae1497d6 100644 --- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java +++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java @@ -367,7 +367,7 @@ public class ConfigurationProvider allowExternalUris_= builder.allowExternalUris(); - if (allowExternalUris_) + if (allowExternalUris_) blackListedUris_ = builder.buildPermitExternalUris(); else { info("config.35", null); @@ -375,6 +375,7 @@ public class ConfigurationProvider } + // Set set = crlRetentionIntervals.entrySet(); // Iterator i = set.iterator(); // while(i.hasNext()){ diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/IaikExceptionMapper.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/IaikExceptionMapper.java index 722d5350c..dd5436827 100644 --- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/IaikExceptionMapper.java +++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/IaikExceptionMapper.java @@ -83,7 +83,7 @@ public class IaikExceptionMapper { { iaik.server.modules.xmlverify.SignerCertificateUnavailableException.class, "2243", MOAApplicationException.class }, { iaik.server.modules.xmlverify.SupplementException.class, "2230", MOAApplicationException.class }, { iaik.server.modules.xmlverify.TransformationException.class, "2265", MOAApplicationException.class }, - { iaik.server.modules.xmlverify.TransformationParsingException.class, "2269", MOAApplicationException.class } + { iaik.server.modules.xmlverify.TransformationParsingException.class, "2269", MOAApplicationException.class }, }; /** The single instance of this class. */ -- cgit v1.2.3