From a0f9ce4fcc9860acdf5fa0a4c23728c0bd0e1077 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Thu, 30 Oct 2014 09:16:20 +0100 Subject: set PVP SP metadata wantAssertionSigned=false --- .../java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java index dbf54951f..0a8a6a581 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java @@ -194,7 +194,7 @@ public class MetadataAction implements IAction { .createSAMLObject(SPSSODescriptor.class); spSSODescriptor.setAuthnRequestsSigned(true); - spSSODescriptor.setWantAssertionsSigned(true); + spSSODescriptor.setWantAssertionsSigned(false); //Set AuthRequest Signing certificate -- cgit v1.2.3 From 915aaa6beeb1ca911ab8d557a6c162b84e107f9e Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Thu, 30 Oct 2014 09:17:58 +0100 Subject: if no PVP EID-SECTOR-FOR-IDENTIFIER attribute is found, parse target from bPK attribute value prefix --- .../id/auth/builder/AuthenticationDataBuilder.java | 24 ++++++++++++++++++++-- 1 file changed, 22 insertions(+), 2 deletions(-) diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java index 48933d5c9..5c0e497a3 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java @@ -364,8 +364,28 @@ public class AuthenticationDataBuilder implements MOAIDAuthConstants { authData.setIdentificationType(extractor.getSingleAttributeValue(PVPConstants.EID_SOURCE_PIN_TYPE_NAME)); if (extractor.containsAttribute(PVPConstants.BPK_NAME)) { - String pvpbPK = extractor.getSingleAttributeValue(PVPConstants.BPK_NAME); - authData.setBPK(pvpbPK.split(":")[1]); + String pvpbPK = extractor.getSingleAttributeValue(PVPConstants.BPK_NAME); + String[] spitted = pvpbPK.split(":"); + authData.setBPK(spitted[1]); + if (MiscUtil.isEmpty(authData.getBPKType())) { + Logger.debug("PVP assertion contains NO bPK/wbPK target attribute. " + + "Starting target extraction from bPK/wbPK prefix ..."); + //exract bPK/wbPK type from bpk attribute value prefix if type is + //not transmitted as single attribute + Pattern pattern = Pattern.compile("[a-zA-Z]{2}(-[a-zA-Z]+)?"); + Matcher matcher = pattern.matcher(spitted[0]); + if (matcher.matches()) { + //find public service bPK + authData.setBPKType(Constants.URN_PREFIX_CDID + "+" + spitted[0]); + Logger.debug("Found bPK prefix. Set target to " + authData.getBPKType()); + + } else { + //find business service wbPK + authData.setBPKType(Constants.URN_PREFIX_WBPK+ "+" + spitted[0]); + Logger.debug("Found wbPK prefix. Set target to " + authData.getBPKType()); + + } + } } boolean foundEncryptedbPKForOA = false; -- cgit v1.2.3 From 1dd834817623fec5d7cb4055627ba86ed057f9f7 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Thu, 30 Oct 2014 09:18:25 +0100 Subject: update PVPRole to ECRole mapping --- .../resources/resources/properties/pvp-stork_role_mapping.properties | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/id/server/idserverlib/src/main/resources/resources/properties/pvp-stork_role_mapping.properties b/id/server/idserverlib/src/main/resources/resources/properties/pvp-stork_role_mapping.properties index 5bcfc7bd2..91a19f272 100644 --- a/id/server/idserverlib/src/main/resources/resources/properties/pvp-stork_role_mapping.properties +++ b/id/server/idserverlib/src/main/resources/resources/properties/pvp-stork_role_mapping.properties @@ -1,2 +1,2 @@ -xxpvprole=CIRCABC/viewer -yypvprole=CIRCABC/admin \ No newline at end of file +viewer=CIRCABC/viewer +CIRCABC/viewer=CIRCABC/viewer \ No newline at end of file -- cgit v1.2.3 From 3529603a9c841f5554f390bab02032e2950cf2d6 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Thu, 30 Oct 2014 09:18:59 +0100 Subject: remove unused depentencies --- id/ConfigWebTool/pom.xml | 24 ++++++++++++++++++++++-- 1 file changed, 22 insertions(+), 2 deletions(-) diff --git a/id/ConfigWebTool/pom.xml b/id/ConfigWebTool/pom.xml index ec027b497..18bd1306b 100644 --- a/id/ConfigWebTool/pom.xml +++ b/id/ConfigWebTool/pom.xml @@ -83,16 +83,20 @@ at.gv.util egovutils - 1.0.7 + 2.0.0 - com.sun + org.apache.cxf * org.slf4j * + + bcprov-jdk16 + bouncycastle + - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/spss/server/serverws/resources/wsdl/MOA-SPSS-1.5.2.xsd b/spss/server/serverws/resources/wsdl/MOA-SPSS-1.5.2.xsd deleted file mode 100644 index cc0a7c882..000000000 --- a/spss/server/serverws/resources/wsdl/MOA-SPSS-1.5.2.xsd +++ /dev/null @@ -1,564 +0,0 @@ - - - - - - - - - - - - - - - - - - - - Ermöglichung der Stapelsignatur durch wiederholte Angabe dieses Elements - - - - - - - - - - - - - - - - - - - - - - Kardinalität 1..oo erlaubt die Antwort auf eine Stapelsignatur-Anfrage - - - - Resultat, falls die Signaturerstellung erfolgreich war - - - - - - - - - - - - - - - - - - - - Ermöglichung der Stapelsignatur durch wiederholte Angabe dieses Elements - - - - - - - - - - - - - - - - - - - Auswahl: Entweder explizite Angabe des Signaturorts sowie ggf. sinnvoller Supplements im Zshg. mit der Signaturumgebung, oder Verweis auf ein benanntes Profil - - - - - - - - - - - - - - - - - - Kardinalität 1..oo erlaubt die Antwort auf eine Stapelsignatur-Anfrage - - - - Resultat, falls die Signaturerstellung erfolgreich war - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - mit diesem Profil wird eine Menge von vertrauenswürdigen Wurzelzertifikaten spezifiziert - - - - - - - - - - - only ds:X509Data and RetrievalMethod is supported; QualifiedCertificate is included as X509Data/any;publicAuthority is included as X509Data/any; SecureSignatureCreationDevice is included as X509Data/any, IssuingCountry is included as X509Data/any - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Pro dsig:Reference-Element in der zu überprüfenden XML-Signatur muss hier ein ReferenceInfo-Element erscheinen. Die Reihenfolge der einzelnen ReferenceInfo Elemente entspricht jener der dsig:Reference Elemente in der XML-Signatur. - - - - - - - - - - mit diesem Profil wird eine Menge von vertrauenswürdigen Wurzelzertifikaten spezifiziert - - - - - - - - - - - only ds:X509Data and ds:RetrievalMethod is supported; QualifiedCertificate is included as X509Data/any; PublicAuthority is included as X509Data/any; SecureSignatureCreationDevice is included as X509Data/any, IssuingCountry is included as X509Data/any - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Auswahl: Entweder explizite Angabe EINER Transformationskette inklusive ggf. sinnvoller Supplements oder Verweis auf ein benanntes Profil - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Resultat, falls die Signaturerstellung gescheitert ist - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Ein oder mehrere Transformationswege können von der Applikation an MOA mitgeteilt werden. Die zu prüfende Signatur hat zumindest einem dieser Transformationswege zu entsprechen. Die Angabe kann explizit oder als Profilbezeichner erfolgen. - - - - - Profilbezeichner für einen Transformationsweg - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Die Angabe des Transformationsparameters (explizit oder als Hashwert) kann unterlassen werden, wenn die Applikation von der Unveränderlichkeit des Inhalts der in "Transformationsparamter", Attribut "URI" angegebenen URI ausgehen kann. - - - - Der Transformationsparameter explizit angegeben. - - - - - Der Hashwert des Transformationsparameters. - - - - - - - - - - - - - - - - - - - - - - Explizite Angabe des Transformationswegs - - - - - - - Alle impliziten Transformationsparameter, die zum Durchlaufen der oben angeführten Transformationskette bekannt sein müssen, müssen hier angeführt werden. Das Attribut "URI" bezeichnet den Transformationsparameter in exakt jener Weise, wie er in der zu überprüfenden Signatur gebraucht wird. - - - - - - - - - - - - - - - - diff --git a/spss/server/serverws/resources/wsdl/MOA-SPSS-2.0.0.wsdl b/spss/server/serverws/resources/wsdl/MOA-SPSS-2.0.0.wsdl new file mode 100644 index 000000000..4f9deee38 --- /dev/null +++ b/spss/server/serverws/resources/wsdl/MOA-SPSS-2.0.0.wsdl @@ -0,0 +1,128 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/spss/server/serverws/resources/wsdl/MOA-SPSS-2.0.0.xsd b/spss/server/serverws/resources/wsdl/MOA-SPSS-2.0.0.xsd new file mode 100644 index 000000000..cc0a7c882 --- /dev/null +++ b/spss/server/serverws/resources/wsdl/MOA-SPSS-2.0.0.xsd @@ -0,0 +1,564 @@ + + + + + + + + + + + + + + + + + + + + Ermöglichung der Stapelsignatur durch wiederholte Angabe dieses Elements + + + + + + + + + + + + + + + + + + + + + + Kardinalität 1..oo erlaubt die Antwort auf eine Stapelsignatur-Anfrage + + + + Resultat, falls die Signaturerstellung erfolgreich war + + + + + + + + + + + + + + + + + + + + Ermöglichung der Stapelsignatur durch wiederholte Angabe dieses Elements + + + + + + + + + + + + + + + + + + + Auswahl: Entweder explizite Angabe des Signaturorts sowie ggf. sinnvoller Supplements im Zshg. mit der Signaturumgebung, oder Verweis auf ein benanntes Profil + + + + + + + + + + + + + + + + + + Kardinalität 1..oo erlaubt die Antwort auf eine Stapelsignatur-Anfrage + + + + Resultat, falls die Signaturerstellung erfolgreich war + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + mit diesem Profil wird eine Menge von vertrauenswürdigen Wurzelzertifikaten spezifiziert + + + + + + + + + + + only ds:X509Data and RetrievalMethod is supported; QualifiedCertificate is included as X509Data/any;publicAuthority is included as X509Data/any; SecureSignatureCreationDevice is included as X509Data/any, IssuingCountry is included as X509Data/any + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + Pro dsig:Reference-Element in der zu überprüfenden XML-Signatur muss hier ein ReferenceInfo-Element erscheinen. Die Reihenfolge der einzelnen ReferenceInfo Elemente entspricht jener der dsig:Reference Elemente in der XML-Signatur. + + + + + + + + + + mit diesem Profil wird eine Menge von vertrauenswürdigen Wurzelzertifikaten spezifiziert + + + + + + + + + + + only ds:X509Data and ds:RetrievalMethod is supported; QualifiedCertificate is included as X509Data/any; PublicAuthority is included as X509Data/any; SecureSignatureCreationDevice is included as X509Data/any, IssuingCountry is included as X509Data/any + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + Auswahl: Entweder explizite Angabe EINER Transformationskette inklusive ggf. sinnvoller Supplements oder Verweis auf ein benanntes Profil + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + Resultat, falls die Signaturerstellung gescheitert ist + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + Ein oder mehrere Transformationswege können von der Applikation an MOA mitgeteilt werden. Die zu prüfende Signatur hat zumindest einem dieser Transformationswege zu entsprechen. Die Angabe kann explizit oder als Profilbezeichner erfolgen. + + + + + Profilbezeichner für einen Transformationsweg + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + Die Angabe des Transformationsparameters (explizit oder als Hashwert) kann unterlassen werden, wenn die Applikation von der Unveränderlichkeit des Inhalts der in "Transformationsparamter", Attribut "URI" angegebenen URI ausgehen kann. + + + + Der Transformationsparameter explizit angegeben. + + + + + Der Hashwert des Transformationsparameters. + + + + + + + + + + + + + + + + + + + + + + Explizite Angabe des Transformationswegs + + + + + + + Alle impliziten Transformationsparameter, die zum Durchlaufen der oben angeführten Transformationskette bekannt sein müssen, müssen hier angeführt werden. Das Attribut "URI" bezeichnet den Transformationsparameter in exakt jener Weise, wie er in der zu überprüfenden Signatur gebraucht wird. + + + + + + + + + + + + + + + + -- cgit v1.2.3 From def91ef4b2e19c18aa1f17de391fe08f165292a8 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Thu, 30 Oct 2014 14:40:28 +0100 Subject: fix problems with non-admin user --- .../moa/id/configuration/struts/action/BasicOAAction.java | 9 ++++++--- .../moa/id/configuration/struts/action/EditOAAction.java | 5 ++++- id/ConfigWebTool/src/main/resources/struts.xml | 2 +- id/ConfigWebTool/src/main/webapp/jsp/openadminrequests.jsp | 4 +++- 4 files changed, 14 insertions(+), 6 deletions(-) diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicOAAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicOAAction.java index 9c1cb90e0..415e1c957 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicOAAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicOAAction.java @@ -401,9 +401,7 @@ public class BasicOAAction extends BasicAction { form.store(dboa, authUser, request); try { - if (dboa.isIsNew()) { - ConfigurationDBUtils.save(dboa); - + if (dboa.isIsNew()) { if (!authUser.isAdmin()) { UserDatabase user = ConfigurationDBRead.getUserWithID(authUser.getUserID()); @@ -412,7 +410,12 @@ public class BasicOAAction extends BasicAction { useroas.add(dboa); ConfigurationDBUtils.saveOrUpdate(user); + + } else { + ConfigurationDBUtils.save(dboa); + } + } else ConfigurationDBUtils.saveOrUpdate(dboa); diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java index 1893b0f60..4cd556b75 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java @@ -346,8 +346,11 @@ public class EditOAAction extends BasicOAAction { ConfigurationDBUtils.saveOrUpdate(moaconfig); } + } catch (NullPointerException e) { + log.debug("Found no MetadataURL in OA-Databaseconfig"); + } catch (Throwable e) { - log.info("Found no MetadataURL in OA-Databaseconfig!", e); + log.info("Set metadata refresh flag FAILED.", e); } if (ConfigurationDBUtils.delete(onlineapplication)) { diff --git a/id/ConfigWebTool/src/main/resources/struts.xml b/id/ConfigWebTool/src/main/resources/struts.xml index 31f3889de..39c38ae43 100644 --- a/id/ConfigWebTool/src/main/resources/struts.xml +++ b/id/ConfigWebTool/src/main/resources/struts.xml @@ -155,7 +155,7 @@ /jsp/editOAGeneral.jsp - main + /jsp/mainpage.jsp /error.jsp logout diff --git a/id/ConfigWebTool/src/main/webapp/jsp/openadminrequests.jsp b/id/ConfigWebTool/src/main/webapp/jsp/openadminrequests.jsp index 954bf9b8b..0cd861884 100644 --- a/id/ConfigWebTool/src/main/webapp/jsp/openadminrequests.jsp +++ b/id/ConfigWebTool/src/main/webapp/jsp/openadminrequests.jsp @@ -38,7 +38,9 @@

<%=LanguageHelper.getGUIString("webpages.openadminrequests.oas.header", request) %>

- + + loadOA +
-- cgit v1.2.3 From f875f9fbca20f5be3ec5a18ef905ae6e68091b7d Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Thu, 30 Oct 2014 14:40:58 +0100 Subject: update PVPRole to ECRole mapping --- .../resources/resources/properties/pvp-stork_role_mapping.properties | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/id/server/idserverlib/src/main/resources/resources/properties/pvp-stork_role_mapping.properties b/id/server/idserverlib/src/main/resources/resources/properties/pvp-stork_role_mapping.properties index 91a19f272..295d381cd 100644 --- a/id/server/idserverlib/src/main/resources/resources/properties/pvp-stork_role_mapping.properties +++ b/id/server/idserverlib/src/main/resources/resources/properties/pvp-stork_role_mapping.properties @@ -1,2 +1,2 @@ viewer=CIRCABC/viewer -CIRCABC/viewer=CIRCABC/viewer \ No newline at end of file +CIRCABC-viewer=CIRCABC/viewer \ No newline at end of file -- cgit v1.2.3 From 0a2bc8013cc6dc737bd653a4ec8a221d35d9538f Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Thu, 30 Oct 2014 16:46:31 +0100 Subject: update log messages --- .../at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java | 3 +-- .../moa/id/protocols/pvp2x/builder/PVPAttributeBuilder.java | 4 ++-- .../pvp2x/builder/assertion/PVP2AssertionBuilder.java | 13 +++++++++++++ 3 files changed, 16 insertions(+), 4 deletions(-) diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java index a2570ed7e..063d7d8e4 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java @@ -277,11 +277,10 @@ public class BPKBuilder { MessageDigest md = MessageDigest.getInstance("SHA-1"); byte[] hash = md.digest(basisbegriff.getBytes("ISO-8859-1")); String hashBase64 = Base64Utils.encode(hash); - Logger.debug("STORK identification defined as: " + hashBase64); return hashBase64; } catch (Exception ex) { - throw new BuildException("builder.00", new Object[]{"storkid", ex.toString()}, ex); + throw new BuildException("builder.00", new Object[]{"bPK/wbPK", ex.toString()}, ex); } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/PVPAttributeBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/PVPAttributeBuilder.java index 8b6e71e6b..3d8661143 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/PVPAttributeBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/PVPAttributeBuilder.java @@ -150,14 +150,14 @@ public class PVPAttributeBuilder { } public static Attribute buildAttribute(String name, OAAuthParameter oaParam, - IAuthData authData) throws PVP2Exception { + IAuthData authData) throws PVP2Exception, AttributeException { if (builders.containsKey(name)) { try { return builders.get(name).build(oaParam, authData, generator); } catch (AttributeException e) { if (e instanceof UnavailableAttributeException) { - throw new UnprovideableAttributeException(((UnavailableAttributeException) e).getAttributeName()); + throw e; } else if (e instanceof InvalidDateFormatAttributeException) { throw new InvalidDateFormatException(); } else if (e instanceof NoMandateDataAttributeException) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java index 3b01e91ad..7c2476b3d 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java @@ -70,6 +70,8 @@ import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.data.SLOInformationImpl; import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.PVPAttributeBuilder; +import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException; +import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.UnavailableAttributeException; import at.gv.egovernment.moa.id.protocols.pvp2x.config.PVPConfiguration; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.MandateAttributesNotHandleAbleException; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.NoMandateDataAvailableException; @@ -251,6 +253,17 @@ public class PVP2AssertionBuilder implements PVPConstants { } else { attrList.add(attr); } + + } catch (UnavailableAttributeException e) { + Logger.info( + "Attribute generation for " + + reqAttribut.getFriendlyName() + " not possible."); + if (reqAttribut.isRequired()) { + throw new UnprovideableAttributeException( + reqAttribut.getName()); + } + + } catch (PVP2Exception e) { Logger.error( "Attribute generation failed! for " -- cgit v1.2.3 From 5202dc81fd956baac83e0b6551faa455e3de0797 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Thu, 30 Oct 2014 16:48:14 +0100 Subject: fix dependency problems --- id/server/idserverlib/pom.xml | 12 ++++++++++++ .../protocols/saml1/SAML1AuthenticationServer.java | 18 ++++++++---------- .../at/gv/util/egovutils/2.0.0/egovutils-2.0.0.jar | Bin 3869909 -> 3879829 bytes 3 files changed, 20 insertions(+), 10 deletions(-) diff --git a/id/server/idserverlib/pom.xml b/id/server/idserverlib/pom.xml index 32c8f5705..52e064d3f 100644 --- a/id/server/idserverlib/pom.xml +++ b/id/server/idserverlib/pom.xml @@ -75,6 +75,10 @@ axis-wsdl4j axis + + jaxb-impl + com.sun.xml.bind + @@ -115,6 +119,14 @@ bcprov-jdk16 bouncycastle + + jaxb-impl + com.sun.xml.bind + + + jaxb-core + com.sun.xml.bind + diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java index 7d3c72630..65e520cc3 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java @@ -36,8 +36,6 @@ import javax.xml.transform.TransformerException; import org.w3c.dom.Element; import org.xml.sax.SAXException; -import com.sun.xml.bind.marshaller.NamespacePrefixMapper; - import at.gv.egovernment.moa.id.auth.AuthenticationServer; import at.gv.egovernment.moa.id.auth.builder.AuthenticationDataAssertionBuilder; import at.gv.egovernment.moa.id.auth.builder.BPKBuilder; @@ -235,14 +233,14 @@ public class SAML1AuthenticationServer extends AuthenticationServer { Marshaller m = jc.createMarshaller(); m.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, Boolean.TRUE); - m.setProperty("com.sun.xml.bind.namespacePrefixMapper", new NamespacePrefixMapper() { - public String getPreferredPrefix(String arg0, String arg1, boolean arg2) { - if (Constants.PD_NS_URI.equals(arg0)) - return Constants.PD_PREFIX; - else - return arg1; - } - }); +// m.setProperty("com.sun.xml.bind.namespacePrefixMapper", new NamespacePrefixMapper() { +// public String getPreferredPrefix(String arg0, String arg1, boolean arg2) { +// if (Constants.PD_NS_URI.equals(arg0)) +// return Constants.PD_PREFIX; +// else +// return arg1; +// } +// }); ByteArrayOutputStream stream = new ByteArrayOutputStream(); m.marshal( diff --git a/repository/at/gv/util/egovutils/2.0.0/egovutils-2.0.0.jar b/repository/at/gv/util/egovutils/2.0.0/egovutils-2.0.0.jar index c045d89a3..29ce1fcbf 100644 Binary files a/repository/at/gv/util/egovutils/2.0.0/egovutils-2.0.0.jar and b/repository/at/gv/util/egovutils/2.0.0/egovutils-2.0.0.jar differ -- cgit v1.2.3 From e0d39d0b27baf321aa93fa6fbfc5a3f9a266e47c Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Thu, 30 Oct 2014 16:48:38 +0100 Subject: change version in handbook and mainpage --- id/server/auth/src/main/webapp/index.html | 2 +- id/server/doc/handbook/index.html | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/id/server/auth/src/main/webapp/index.html b/id/server/auth/src/main/webapp/index.html index 968f211bc..391195def 100644 --- a/id/server/auth/src/main/webapp/index.html +++ b/id/server/auth/src/main/webapp/index.html @@ -14,7 +14,7 @@
-

MOA-ID 2.1.1

+

MOA-ID 2.1.2


Inhalt

    diff --git a/id/server/doc/handbook/index.html b/id/server/doc/handbook/index.html index 892a82484..c3b25b390 100644 --- a/id/server/doc/handbook/index.html +++ b/id/server/doc/handbook/index.html @@ -15,7 +15,7 @@

    MOA-ID (Identifikation)

    -

    Übersicht zur Dokumentation der Version 2.1.1

    +

    Übersicht zur Dokumentation der Version 2.1.2


    Einführung
    -- cgit v1.2.3 From b04fbacb74bfcf4addaf16d72a819afd7161fd6f Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Fri, 31 Oct 2014 07:10:11 +0100 Subject: add .gitignore files --- .gitignore | 5 +++++ DocumentService/.gitignore | 1 + common/.gitignore | 1 + id/ConfigWebTool/.gitignore | 2 ++ id/oa/.gitignore | 2 ++ id/server/auth/.gitignore | 2 ++ id/server/idserverlib/.gitignore | 1 + id/server/idserverlib/bin/.gitignore | 2 ++ id/server/moa-id-commons/.gitignore | 1 + id/server/proxy/.gitignore | 2 ++ id/server/stork2-commons/.gitignore | 1 + id/server/stork2-saml-engine/.gitignore | 1 + spss/handbook/clients/api/.gitignore | 2 ++ spss/handbook/clients/referencedData/.gitignore | 2 ++ spss/handbook/clients/webservice/.gitignore | 2 ++ spss/server/serverlib/.gitignore | 1 + spss/server/serverws/.gitignore | 2 ++ spss/server/tools/.gitignore | 1 + 18 files changed, 31 insertions(+) create mode 100644 .gitignore create mode 100644 DocumentService/.gitignore create mode 100644 common/.gitignore create mode 100644 id/ConfigWebTool/.gitignore create mode 100644 id/oa/.gitignore create mode 100644 id/server/auth/.gitignore create mode 100644 id/server/idserverlib/.gitignore create mode 100644 id/server/idserverlib/bin/.gitignore create mode 100644 id/server/moa-id-commons/.gitignore create mode 100644 id/server/proxy/.gitignore create mode 100644 id/server/stork2-commons/.gitignore create mode 100644 id/server/stork2-saml-engine/.gitignore create mode 100644 spss/handbook/clients/api/.gitignore create mode 100644 spss/handbook/clients/referencedData/.gitignore create mode 100644 spss/handbook/clients/webservice/.gitignore create mode 100644 spss/server/serverlib/.gitignore create mode 100644 spss/server/serverws/.gitignore create mode 100644 spss/server/tools/.gitignore diff --git a/.gitignore b/.gitignore new file mode 100644 index 000000000..bb7e57f31 --- /dev/null +++ b/.gitignore @@ -0,0 +1,5 @@ +/target +/bin +.settings +.project +.classpath \ No newline at end of file diff --git a/DocumentService/.gitignore b/DocumentService/.gitignore new file mode 100644 index 000000000..ea8c4bf7f --- /dev/null +++ b/DocumentService/.gitignore @@ -0,0 +1 @@ +/target diff --git a/common/.gitignore b/common/.gitignore new file mode 100644 index 000000000..ea8c4bf7f --- /dev/null +++ b/common/.gitignore @@ -0,0 +1 @@ +/target diff --git a/id/ConfigWebTool/.gitignore b/id/ConfigWebTool/.gitignore new file mode 100644 index 000000000..4dc009173 --- /dev/null +++ b/id/ConfigWebTool/.gitignore @@ -0,0 +1,2 @@ +/target +/bin diff --git a/id/oa/.gitignore b/id/oa/.gitignore new file mode 100644 index 000000000..4dc009173 --- /dev/null +++ b/id/oa/.gitignore @@ -0,0 +1,2 @@ +/target +/bin diff --git a/id/server/auth/.gitignore b/id/server/auth/.gitignore new file mode 100644 index 000000000..4dc009173 --- /dev/null +++ b/id/server/auth/.gitignore @@ -0,0 +1,2 @@ +/target +/bin diff --git a/id/server/idserverlib/.gitignore b/id/server/idserverlib/.gitignore new file mode 100644 index 000000000..ea8c4bf7f --- /dev/null +++ b/id/server/idserverlib/.gitignore @@ -0,0 +1 @@ +/target diff --git a/id/server/idserverlib/bin/.gitignore b/id/server/idserverlib/bin/.gitignore new file mode 100644 index 000000000..e2c1dc811 --- /dev/null +++ b/id/server/idserverlib/bin/.gitignore @@ -0,0 +1,2 @@ +/src +/src diff --git a/id/server/moa-id-commons/.gitignore b/id/server/moa-id-commons/.gitignore new file mode 100644 index 000000000..ea8c4bf7f --- /dev/null +++ b/id/server/moa-id-commons/.gitignore @@ -0,0 +1 @@ +/target diff --git a/id/server/proxy/.gitignore b/id/server/proxy/.gitignore new file mode 100644 index 000000000..4dc009173 --- /dev/null +++ b/id/server/proxy/.gitignore @@ -0,0 +1,2 @@ +/target +/bin diff --git a/id/server/stork2-commons/.gitignore b/id/server/stork2-commons/.gitignore new file mode 100644 index 000000000..ea8c4bf7f --- /dev/null +++ b/id/server/stork2-commons/.gitignore @@ -0,0 +1 @@ +/target diff --git a/id/server/stork2-saml-engine/.gitignore b/id/server/stork2-saml-engine/.gitignore new file mode 100644 index 000000000..ea8c4bf7f --- /dev/null +++ b/id/server/stork2-saml-engine/.gitignore @@ -0,0 +1 @@ +/target diff --git a/spss/handbook/clients/api/.gitignore b/spss/handbook/clients/api/.gitignore new file mode 100644 index 000000000..934e0e06f --- /dev/null +++ b/spss/handbook/clients/api/.gitignore @@ -0,0 +1,2 @@ +/bin +/target diff --git a/spss/handbook/clients/referencedData/.gitignore b/spss/handbook/clients/referencedData/.gitignore new file mode 100644 index 000000000..934e0e06f --- /dev/null +++ b/spss/handbook/clients/referencedData/.gitignore @@ -0,0 +1,2 @@ +/bin +/target diff --git a/spss/handbook/clients/webservice/.gitignore b/spss/handbook/clients/webservice/.gitignore new file mode 100644 index 000000000..934e0e06f --- /dev/null +++ b/spss/handbook/clients/webservice/.gitignore @@ -0,0 +1,2 @@ +/bin +/target diff --git a/spss/server/serverlib/.gitignore b/spss/server/serverlib/.gitignore new file mode 100644 index 000000000..ea8c4bf7f --- /dev/null +++ b/spss/server/serverlib/.gitignore @@ -0,0 +1 @@ +/target diff --git a/spss/server/serverws/.gitignore b/spss/server/serverws/.gitignore new file mode 100644 index 000000000..4dc009173 --- /dev/null +++ b/spss/server/serverws/.gitignore @@ -0,0 +1,2 @@ +/target +/bin diff --git a/spss/server/tools/.gitignore b/spss/server/tools/.gitignore new file mode 100644 index 000000000..ea8c4bf7f --- /dev/null +++ b/spss/server/tools/.gitignore @@ -0,0 +1 @@ +/target -- cgit v1.2.3 From bf13ac04e47f615ac0de207ee991c241d310419d Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Fri, 31 Oct 2014 08:56:43 +0100 Subject: add SZR Client configuration to handbook and default config --- .../data/deploy/conf/moa-id/moa-id.properties | 28 +++++ id/server/doc/handbook/config/config.html | 124 +++++++++++++++++++++ 2 files changed, 152 insertions(+) diff --git a/id/server/data/deploy/conf/moa-id/moa-id.properties b/id/server/data/deploy/conf/moa-id/moa-id.properties index 4290b1985..9d1e931e9 100644 --- a/id/server/data/deploy/conf/moa-id/moa-id.properties +++ b/id/server/data/deploy/conf/moa-id/moa-id.properties @@ -125,3 +125,31 @@ advancedlogging.hibernate.c3p0.timeout=300 advancedlogging.hibernate.c3p0.max_size=20 advancedlogging.hibernate.c3p0.max_statements=0 advancedlogging.hibernate.c3p0.min_size=3 + + +################SZR Client configuration#################################### +## The SZR client is only required if MOA-ID-Auth should be +## use as STORK <-> PVP Gateway. +######## +service.egovutil.szr.test=true +service.egovutil.szr.test.url=https://pvawp.bmi.gv.at/bmi.gv.at/soap/SZ2Services-T/services/SZR +service.egovutil.szr.prod.url=https://pvawp.bmi.gv.at/bmi.gv.at/soap/SZ2Services/services/SZR +service.egovutil.szr.token.version=1.8 +service.egovutil.szr.token.participantid= +service.egovutil.szr.token.gvoudomain= +service.egovutil.szr.token.userid= +service.egovutil.szr.token.cn= +service.egovutil.szr.token.gvouid= +service.egovutil.szr.token.ou= +service.egovutil.szr.token.gvsecclass= +service.egovutil.szr.token.gvfunction= +service.egovutil.szr.token.gvgid= +service.egovutil.szr.roles= +service.egovutil.szr.ssl.keystore.file= +service.egovutil.szr.ssl.keystore.password= +service.egovutil.szr.ssl.keystore.type= +service.egovutil.szr.ssl.truststore.file= +service.egovutil.szr.ssl.truststore.password= +service.egovutil.szr.ssl.truststore.type= +service.egovutil.szr.ssl.trustall=false +service.egovutil.szr.ssl.laxhostnameverification=false \ No newline at end of file diff --git a/id/server/doc/handbook/config/config.html b/id/server/doc/handbook/config/config.html index 2d2709bcc..9b4190035 100644 --- a/id/server/doc/handbook/config/config.html +++ b/id/server/doc/handbook/config/config.html @@ -74,6 +74,7 @@
  • Testing
  • +
  • SZR Client für STORK <-> PVP Gateway Betrieb
  • @@ -904,7 +905,130 @@ https://<host>:<port>/moa-id-auth/MonitoringServlet

    Defaultwert: true

    +

    2.2.2.6 SZR Client für STORK <-> PVP Gateway Betrieb

    +

    Die Konfiguration des Stammzahlenregister (SZR) Clients ist nur erforderlich wenn das Modul MOA-ID-Auth als STORK <-> PVP Gateway betrieben wird. Da in diesem Fall die Benutzerin oder der Benutzer über ein PVP Stammportal authentifiziert wird ist eine direkte Generierung der STORK eID während des Anmeldevorgangs nicht möglich. Somit erfolgt für diese Personen einen Stammzahlenregisterabfrage zur Bestimmung der STORK eID.

    +

    Für den in MOA-ID-Auth verwendeten SZR Client sind folgende Konfigurationsparameter erforderlich.

    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    NameBeispielwertBeschreibung
    service.egovutil.szr.testfalseDefiniert ob das Produktivsystem oder das Testsystem des SZR Webservice verwendet werden soll
    service.egovutil.szr.test.url URL auf das Test SZR Webservice
    service.egovutil.szr.prod.url URL auf das produktive SZR Webservice
    service.egovutil.szr.token.version1.8

    Verwendete PVP Version

    +

    Hinweis: der Client implementiert die PVP Version 1.8

    service.egovutil.szr.token.participantid Org-ID des Portalverbund-Teilnehmers bei dem der Benutzer registriert ist.
    service.egovutil.szr.token.gvoudomain Organisations-Domäne des Benutzers
    service.egovutil.szr.token.userid UserID, mit dem der Benutzer am Stammportal authentifiziert ist
    service.egovutil.szr.token.cn Name des Benutzers oder des System-Principals in der Form Anwendung.Subsystem
    service.egovutil.szr.token.gvouid Stammdienststelle: Eindeutige Kennung für die Organisation des Benutzers
    service.egovutil.szr.token.ou Stammdienststelle: Verwaltungskennzeichen der mit gvouid bezeichneten Organisation
    service.egovutil.szr.token.gvsecclass Sicherheitsklasse
    service.egovutil.szr.token.gvfunction Entspricht Funktion in gvPersonenFunktion.
    service.egovutil.szr.token.gvgid Globaler Identifier des Benutzers
    service.egovutil.szr.rolesszr-bpk-abfrage,szr-stammzahl-abfrage

    PVP Rolle für den Zugriff auf das SZR

    +

    Hinweis: mehrere Rollen werden mittels ',' getrennt.

    service.egovutil.szr.ssl.keystore.filekeys/szr-key.p12Dateiname des Java Keystore oder PKCS12 Keystore zur Authentifizierung mittels Client Zertifikat am SZR Webservice.
    service.egovutil.szr.ssl.keystore.passwordpasswordPasswort für den Keystore mit dem Client Zertifikat
    service.egovutil.szr.ssl.keystore.typePKCS12Typ des Keystore mit dem Client Zertifikat (PKCS12 oder JKS)
    service.egovutil.szr.ssl.truststore.filekeys/truststore.jksDateiname des Truststores zur Validierung von SSL Servicerzertifikaten
    service.egovutil.szr.ssl.truststore.passwordpasswordPasswort für den Truststore
    service.egovutil.szr.ssl.truststore.typeJKSTyp des TrustStore (PKCS12 oder JKS)
    service.egovutil.szr.ssl.trustallfalseDeaktiviert die SSL Serverzertifikatsvalidierung
    service.egovutil.szr.ssl.laxhostnameverificationfalseDeaktiviert die Validierung des Hostname mit dem SSL Serverzertifikat

     

    +

    Hinweis: Detaillierte Informationen zu den einzelnen PVP spezifischen Konfigurationsparametern finden Sie in der entsprechenden PVP Spezifikation.

    2.3 Konfiguration des Loggings

    Die Module MOA-ID-Auth und MOA-ID-Configuration verwendet als Framework für Logging-Information die Open Source Software log4j. Die Konfiguration der Logging-Information erfolgt nicht direkt durch die einzelnen Module, sondern über eine eigene Konfigurationsdatei, die der Java Virtual Machine durch eine System Property mitgeteilt wird. Der Name der System Property lautet log4j.configuration; als Wert der System Property ist eine URL anzugeben, die auf die log4j-Konfigurationsdatei verweist, z.B.

    log4j.configuration=file:/C:/Programme/apache/tomcat-4.1.30/conf/moa-id/log4j.properties
    -- cgit v1.2.3 From a3f530aa7637f3be6c67653f63fbedb4d6bd16d3 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Fri, 31 Oct 2014 09:42:48 +0100 Subject: add depentency jaxrpc-impl for MOA-SPSS API calls --- id/server/idserverlib/pom.xml | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/id/server/idserverlib/pom.xml b/id/server/idserverlib/pom.xml index 52e064d3f..65004490b 100644 --- a/id/server/idserverlib/pom.xml +++ b/id/server/idserverlib/pom.xml @@ -135,6 +135,14 @@ jaxb-api + + + com.sun.xml.rpc + jaxrpc-impl + 1.1.3_01 + + + javax.mail mail @@ -382,6 +390,10 @@ bcprov-jdk16 org.bouncycastle + + jaxws-tools + com.sun.xml.ws + -- cgit v1.2.3 From 1d17cc2cb30c5ad9f419b7d619805e3823283acc Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Fri, 31 Oct 2014 10:23:40 +0100 Subject: fix STORK DateFormat --- .../main/java/at/gv/egovernment/moa/util/DateTimeUtils.java | 1 + .../moa/id/protocols/stork2/MOAAttributeProvider.java | 11 +++++++++-- 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/common/src/main/java/at/gv/egovernment/moa/util/DateTimeUtils.java b/common/src/main/java/at/gv/egovernment/moa/util/DateTimeUtils.java index dbc9faba6..a2e0965d4 100644 --- a/common/src/main/java/at/gv/egovernment/moa/util/DateTimeUtils.java +++ b/common/src/main/java/at/gv/egovernment/moa/util/DateTimeUtils.java @@ -491,6 +491,7 @@ public class DateTimeUtils { fmt = DateTimeFormat.forPattern("yyyyMMdd"); break; default: + fmt = DateTimeFormat.forPattern("yyyy-MM-dd"); break; } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java index 021eaee37..88c0e3245 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java @@ -36,12 +36,17 @@ import eu.stork.peps.auth.commons.STORKStatusCode; import java.lang.reflect.InvocationTargetException; import java.lang.reflect.Method; +import java.text.DateFormat; +import java.text.SimpleDateFormat; import java.util.ArrayList; import java.util.Collections; import java.util.HashMap; import java.util.List; import java.util.Map; +import org.joda.time.format.DateTimeFormat; +import org.joda.time.format.DateTimeFormatter; + import javassist.expr.Instanceof; /** @@ -132,9 +137,11 @@ public class MOAAttributeProvider { } private String getFormatedDateOfBirth() { - if (authData.getDateOfBirth() != null) - return authData.getFormatedDateOfBirth(); + if (authData.getDateOfBirth() != null) { + DateFormat fmt = new SimpleDateFormat("yyyyMMdd"); + return fmt.format(authData.getDateOfBirth()); + } else return null; -- cgit v1.2.3 From a12bbb135540bd2b62e4a8d6f4614dd1dbe5ea12 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Fri, 31 Oct 2014 10:36:06 +0100 Subject: change PVP attribute provider logging --- .../id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java index 7c2476b3d..b301b6e5e 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java @@ -265,9 +265,9 @@ public class PVP2AssertionBuilder implements PVPConstants { } catch (PVP2Exception e) { - Logger.error( + Logger.warn( "Attribute generation failed! for " - + reqAttribut.getFriendlyName(), e); + + reqAttribut.getFriendlyName()); if (reqAttribut.isRequired()) { throw new UnprovideableAttributeException( reqAttribut.getName()); -- cgit v1.2.3 From d624a3ec33b8e3a4e80aa64f05caa8df5d1fcb42 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Fri, 31 Oct 2014 11:11:29 +0100 Subject: fix MOA-IDP stored twince --- .../moa/id/configuration/struts/action/BasicOAAction.java | 12 +++++++----- .../moa/id/configuration/struts/action/EditOAAction.java | 2 +- .../struts/action/InterfederationIDPAction.java | 2 +- 3 files changed, 9 insertions(+), 7 deletions(-) diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicOAAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicOAAction.java index 415e1c957..5a9787069 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicOAAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicOAAction.java @@ -142,7 +142,7 @@ public class BasicOAAction extends BasicAction { session.setAttribute(Constants.SESSION_BKUFORMPREVIEW, null); } - protected OnlineApplication postProcessSaveOnlineApplication(OnlineApplication onlineapplication ) throws BasicOAActionException { + protected OnlineApplication postProcessSaveOnlineApplication(OnlineApplication onlineapplication, boolean persistOA) throws BasicOAActionException { if (onlineapplication == null) { onlineapplication = new OnlineApplication(); onlineapplication.setIsNew(true); @@ -186,7 +186,7 @@ public class BasicOAAction extends BasicAction { } //save OA configuration - String error = saveOAConfigToDatabase(onlineapplication); + String error = saveOAConfigToDatabase(onlineapplication, persistOA); if (MiscUtil.isNotEmpty(error)) { log.warn("OA configuration can not be stored!"); addActionError(error); @@ -395,7 +395,7 @@ public class BasicOAAction extends BasicAction { } } - private String saveOAConfigToDatabase(OnlineApplication dboa) { + private String saveOAConfigToDatabase(OnlineApplication dboa, boolean persistOA) { for (IOnlineApplicationData form : formList.values()) form.store(dboa, authUser, request); @@ -412,12 +412,14 @@ public class BasicOAAction extends BasicAction { ConfigurationDBUtils.saveOrUpdate(user); } else { - ConfigurationDBUtils.save(dboa); + if (persistOA) + ConfigurationDBUtils.save(dboa); } } else - ConfigurationDBUtils.saveOrUpdate(dboa); + if (persistOA) + ConfigurationDBUtils.saveOrUpdate(dboa); } catch (MOADatabaseException e) { log.warn("Online-Application can not be stored.", e); diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java index 4cd556b75..1da948eec 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java @@ -217,7 +217,7 @@ public class EditOAAction extends BasicOAAction { } else { try { - onlineapplication = postProcessSaveOnlineApplication(onlineapplication); + onlineapplication = postProcessSaveOnlineApplication(onlineapplication, true); } catch (BasicOAActionException e) { addActionError(e.getStrutsError()); diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/InterfederationIDPAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/InterfederationIDPAction.java index 89dce3200..b92b17217 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/InterfederationIDPAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/InterfederationIDPAction.java @@ -265,7 +265,7 @@ public class InterfederationIDPAction extends BasicOAAction { return Constants.STRUTS_ERROR_VALIDATION; } else { - onlineapplication = postProcessSaveOnlineApplication(onlineapplication); + onlineapplication = postProcessSaveOnlineApplication(onlineapplication, false); //set default Target interfederated nameID caluclation if (getPvp2OA() != null) { -- cgit v1.2.3 From b42d6aae70054772610da6b2d8d11d3377bed340 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Fri, 31 Oct 2014 12:10:53 +0100 Subject: fix problem with MOA-IDP database updates --- .../moa/id/configuration/struts/action/InterfederationIDPAction.java | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/InterfederationIDPAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/InterfederationIDPAction.java index b92b17217..eead280be 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/InterfederationIDPAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/InterfederationIDPAction.java @@ -263,9 +263,10 @@ public class InterfederationIDPAction extends BasicOAAction { formID = Random.nextRandom(); session.setAttribute(Constants.SESSION_FORMID, formID); return Constants.STRUTS_ERROR_VALIDATION; - + } else { - onlineapplication = postProcessSaveOnlineApplication(onlineapplication, false); + onlineapplication = postProcessSaveOnlineApplication(onlineapplication, + !(this instanceof MOAIDPAction)); //set default Target interfederated nameID caluclation if (getPvp2OA() != null) { -- cgit v1.2.3 From 13de12ab236a552e40a5b429d584d1e928d98fea Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Fri, 31 Oct 2014 12:49:46 +0100 Subject: exclude log4j-over-slf4j --- id/oa/pom.xml | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/id/oa/pom.xml b/id/oa/pom.xml index d5b3de522..93993c8a4 100644 --- a/id/oa/pom.xml +++ b/id/oa/pom.xml @@ -79,10 +79,22 @@ org.opensaml opensaml + + + org.slf4j + log4j-over-slf4j + + org.opensaml xmltooling + + + org.slf4j + log4j-over-slf4j + + javax.servlet -- cgit v1.2.3 From c669d1660fc96dd797929daeb23ec5dd9c44ee3c Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Fri, 31 Oct 2014 13:01:56 +0100 Subject: remove debug code --- .../at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java index 88c0e3245..5dcff3707 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java @@ -121,7 +121,7 @@ public class MOAAttributeProvider { private List getECApplicationRole() { List storkRoles = null; - if (true || authData.getAuthenticationRoles() != null + if (authData.getAuthenticationRoles() != null && authData.getAuthenticationRoles().size() > 0) { storkRoles = new ArrayList(); -- cgit v1.2.3 From 2886006ba2ca141377e66a330df5fc52797c2755 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Fri, 31 Oct 2014 13:56:47 +0100 Subject: fix STORK dateOfBirth attribute --- .../at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java index 5dcff3707..aaded0ce6 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java @@ -70,7 +70,7 @@ public class MOAAttributeProvider { Map tempFunctionMap = new HashMap(); tempFunctionMap.put("eIdentifier", "geteIdentifier"); tempFunctionMap.put("ECApplicationRole","getECApplicationRole"); - tempSimpleMap.put("dateOfBirth", "getFormatedDateOfBirth"); + tempFunctionMap.put("dateOfBirth", "getFormatedDateOfBirth"); storkAttributeFunctionMapping = Collections.unmodifiableMap(tempFunctionMap); } -- cgit v1.2.3